Package org.eclipse.microprofile.openapi.annotations.security

Annotation Type SecurityScheme


  • @Target({METHOD,TYPE})
@Retention(RUNTIME)
@Repeatable(SecuritySchemes.class)
@Inherited
public @interface SecurityScheme
    Defines a security scheme that can be used by the operations. Supported schemes are HTTP authentication, an API key (either as a header or as a query parameter), OAuth2's common flows (implicit, password, application and access code) as defined in RFC6749, and OpenID Connect Discovery.
    See Also:
    "https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#security-scheme-object"

    • Optional Element Summary

      Optional Elements 
      Modifier and Type Optional Element Description
      java.lang.String apiKeyName
      Applies to and is REQUIRED for SecurityScheme of apiKey type.
      java.lang.String bearerFormat
      Applies to http ("bearer") type.
      java.lang.String description
      A short description for security scheme.
      OAuthFlows flows
      Applies to and is REQUIRED for SecurityScheme of oauth2 type.
      SecuritySchemeIn in
      Applies to and is REQUIRED for SecurityScheme of apiKey type.
      java.lang.String openIdConnectUrl
      Applies to and is REQUIRED for SecurityScheme of openIdConnect type.
      java.lang.String ref
      Reference value to a SecurityScheme object.
      java.lang.String scheme
      Applies to and is REQUIRED for SecurityScheme of http type.
      java.lang.String securitySchemeName
      The name of this SecurityScheme.
      SecuritySchemeType type
      The type of the security scheme.

    • Element Detail

      • securitySchemeName

        java.lang.String securitySchemeName
        The name of this SecurityScheme. Used as the key to add this security scheme to the 'securitySchemes' map under Components object.

        It is a REQUIRED property unless this is only a reference to a security scheme instance.

        Returns:
        the name of this SecurityScheme instance
        Default:
        ""

      • type

        SecuritySchemeType type
        The type of the security scheme. Valid values are defined by SecuritySchemeType enum. Ignored when empty string.

        Type is a REQUIRED property unless this is only a reference to a SecuirtyScheme instance.

        Returns:
        the type of this SecuirtyScheme instance
        Default:
        org.eclipse.microprofile.openapi.annotations.enums.SecuritySchemeType.DEFAULT

      • description

        java.lang.String description
        A short description for security scheme. CommonMark syntax can be used for rich text representation.
        Returns:
        description of this SecurityScheme instance
        Default:
        ""

      • apiKeyName

        java.lang.String apiKeyName
        Applies to and is REQUIRED for SecurityScheme of apiKey type.

        The name of the header, query or cookie parameter to be used.

        Returns:
        the name of this apiKey type SecurityScheme instance
        Default:
        ""

      • in

        SecuritySchemeIn in
        Applies to and is REQUIRED for SecurityScheme of apiKey type.

        The location of the API key. Valid values are defined by SecuritySchemeIn enum. Ignored when empty string.

        Returns:
        the location of the API key
        Default:
        org.eclipse.microprofile.openapi.annotations.enums.SecuritySchemeIn.DEFAULT

      • scheme

        java.lang.String scheme
        Applies to and is REQUIRED for SecurityScheme of http type.

        The name of the HTTP Authorization scheme to be used in the Authorization header as defined in RFC 7235.

        Returns:
        the name of the HTTP Authorization scheme
        Default:
        ""

      • bearerFormat

        java.lang.String bearerFormat
        Applies to http ("bearer") type.

        A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.

        Returns:
        the format of the bearer token
        Default:
        ""

      • flows

        OAuthFlows flows
        Applies to and is REQUIRED for SecurityScheme of oauth2 type.

        An object containing configuration information for the flow types supported.

        Returns:
        flow types supported by this SecurityScheme instance
        Default:
        @org.eclipse.microprofile.openapi.annotations.security.OAuthFlows

      • openIdConnectUrl

        java.lang.String openIdConnectUrl
        Applies to and is REQUIRED for SecurityScheme of openIdConnect type.

        OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.

        Returns:
        URL where OAuth2 configuration values are stored
        Default:
        ""

      • ref

        java.lang.String ref
        Reference value to a SecurityScheme object.

        This property provides a reference to an object defined elsewhere. This property and all other properties are mutually exclusive. If other properties are defined in addition to the ref property then the result is undefined.

        Returns:
        reference to a security scheme
        Default:
        ""