+
+ {t(context.translation, 'required_scopes_description')}
+
+
+ {alternatives.map((scopes, index) => (
+
+
+ {index < alternatives.length - 1 ? (
+
+ {t(context.translation, 'or')}
+
+ ) : null}
+
+ ))}
+
+
-
- {t(
- context.translation,
- isOAuth2 ? 'available_scopes' : 'required_scopes_description'
- )}
-
+ {!hideDescription ? (
+
+ {t(
+ context.translation,
+ isOAuth2 ? 'available_scopes' : 'required_scopes_description'
+ )}
+
+ ) : null}
- {scopes.map((scope) => (
+ {scopes?.map((scope) => (
))}
@@ -116,3 +163,18 @@ function OpenAPIScopeItemKey(props: {
);
}
+
+function dedupeScopes(scopes: OpenAPISecurityScope[]) {
+ const seen = new Set
();
+ const deduped: OpenAPISecurityScope[] = [];
+
+ for (const scope of scopes) {
+ if (seen.has(scope[0])) {
+ continue;
+ }
+ seen.add(scope[0]);
+ deduped.push(scope);
+ }
+
+ return deduped;
+}
diff --git a/packages/react-openapi/src/resolveOpenAPIOperation.ts b/packages/react-openapi/src/resolveOpenAPIOperation.ts
index 9a7c1567db..561b61ae9d 100644
--- a/packages/react-openapi/src/resolveOpenAPIOperation.ts
+++ b/packages/react-openapi/src/resolveOpenAPIOperation.ts
@@ -50,7 +50,7 @@ export async function resolveOpenAPIOperation(
const flatSecurities = flattenSecurities(security);
// Resolve securities
- const securities: OpenAPIOperationData['securities'] = [];
+ const securitiesMap = new Map();
for (const entry of flatSecurities) {
const [securityKey, operationScopes] = Object.entries(entry)[0] ?? [];
if (securityKey) {
@@ -59,14 +59,13 @@ export async function resolveOpenAPIOperation(
securityScheme,
operationScopes,
});
- securities.push([
- securityKey,
- {
- ...securityScheme,
- required: !isOptionalSecurity,
- scopes,
- },
- ]);
+ const existing = securitiesMap.get(securityKey);
+ const mergedScopes = mergeSecurityScopes(existing?.scopes ?? null, scopes);
+ securitiesMap.set(securityKey, {
+ ...securityScheme,
+ required: !isOptionalSecurity,
+ scopes: mergedScopes,
+ });
}
}
@@ -75,7 +74,7 @@ export async function resolveOpenAPIOperation(
operation: { ...operation, security },
method,
path,
- securities,
+ securities: Array.from(securitiesMap.entries()),
'x-codeSamples':
typeof schema['x-codeSamples'] === 'boolean' ? schema['x-codeSamples'] : undefined,
'x-hideTryItPanel':
@@ -176,6 +175,31 @@ function resolveSecurityScopes({
return operationScopes.map((scope) => [scope, undefined]);
}
+function mergeSecurityScopes(
+ existing: OpenAPISecurityScope[] | null,
+ incoming: OpenAPISecurityScope[] | null
+): OpenAPISecurityScope[] | null {
+ if (!existing?.length) {
+ return incoming;
+ }
+ if (!incoming?.length) {
+ return existing;
+ }
+
+ const seen = new Set();
+ const merged: OpenAPISecurityScope[] = [];
+
+ for (const scope of [...existing, ...incoming]) {
+ if (seen.has(scope[0])) {
+ continue;
+ }
+ seen.add(scope[0]);
+ merged.push(scope);
+ }
+
+ return merged;
+}
+
/**
* Check if a security scheme is an OAuth or OpenID Connect security scheme.
*/
diff --git a/packages/react-openapi/src/utils.ts b/packages/react-openapi/src/utils.ts
index 72b3ca60b4..3d35d080f8 100644
--- a/packages/react-openapi/src/utils.ts
+++ b/packages/react-openapi/src/utils.ts
@@ -2,7 +2,11 @@ import type { AnyObject, OpenAPIV3, OpenAPIV3_1 } from '@gitbook/openapi-parser'
import type { OpenAPIUniversalContext } from './context';
import { stringifyOpenAPI } from './stringifyOpenAPI';
import { tString } from './translate';
-import type { OpenAPICustomSecurityScheme, OpenAPIOperationData } from './types';
+import type {
+ OpenAPICustomSecurityScheme,
+ OpenAPIOperationData,
+ OpenAPISecurityScope,
+} from './types';
export function checkIsReference(input: unknown): input is OpenAPIV3.ReferenceObject {
return typeof input === 'object' && !!input && '$ref' in input;
@@ -327,6 +331,7 @@ export type OperationSecurityInfo = {
key: string;
label: string;
schemes: OpenAPICustomSecurityScheme[];
+ scopeAlternatives: OpenAPISecurityScope[][];
};
/**
@@ -345,18 +350,61 @@ export function extractOperationSecurityInfo(args: {
key,
label: key,
schemes: [security],
+ scopeAlternatives: security.scopes?.length ? [security.scopes] : [],
}));
}
- return securityRequirement.map((requirement, idx) => {
- const schemeKeys = Object.keys(requirement);
+ const grouped = new Map();
- return {
- key: `security-${idx}`,
- label: schemeKeys.join(' & '),
- schemes: schemeKeys
- .map((schemeKey) => securitiesMap.get(schemeKey))
- .filter((s): s is OpenAPICustomSecurityScheme => s !== undefined),
- };
+ securityRequirement.forEach((requirement) => {
+ const schemeKeys = Object.keys(requirement);
+ const label = schemeKeys.join(' & ');
+ const existing = grouped.get(label);
+ const schemes = schemeKeys
+ .map((schemeKey) => securitiesMap.get(schemeKey))
+ .filter((s): s is OpenAPICustomSecurityScheme => s !== undefined);
+ const scopesForRequirement = schemeKeys.flatMap((schemeKey) =>
+ resolveRequiredScopesForScheme(securitiesMap.get(schemeKey), requirement[schemeKey])
+ );
+
+ if (existing) {
+ existing.scopeAlternatives.push(scopesForRequirement);
+ if (!existing.schemes.length && schemes.length) {
+ existing.schemes = schemes;
+ }
+ } else {
+ grouped.set(label, {
+ key: `security-${grouped.size}`,
+ label,
+ schemes,
+ scopeAlternatives: [scopesForRequirement],
+ });
+ }
});
+
+ return Array.from(grouped.values());
+}
+
+function resolveRequiredScopesForScheme(
+ security: OpenAPICustomSecurityScheme | undefined,
+ operationScopes: string[] | undefined
+): OpenAPISecurityScope[] {
+ if (!security || !operationScopes?.length) {
+ return [];
+ }
+
+ if (security.type === 'oauth2') {
+ const flows = security.flows ? Object.entries(security.flows) : [];
+ const resolved = flows.flatMap(([_, flow]) => {
+ return Object.entries(flow.scopes ?? {}).filter(([scope]) =>
+ operationScopes.includes(scope)
+ );
+ });
+
+ if (resolved.length) {
+ return resolved;
+ }
+ }
+
+ return operationScopes.map((scope) => [scope, undefined]);
}