Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

volos-swagger

Package Overview
Dependencies
Maintainers
1
Versions
26
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

volos-swagger

Middleware for bridging swagger (via swagger-tools) and volos

  • 0.7.5
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
164
increased by1722.22%
Maintainers
1
Weekly downloads
 
Created
Source

volos-swagger

This module adds support for driving Volos middleware functions entirely though configuration and the Apigee 127 Swagger Tools swagger-metadata middleware.

All Volos modules including Cache, Quota, and OAuth may be configured and tied to Swagger operations using configuration similar to the code that you would use to programmatically drive the Volos middleware.

This can be included in an Apigee-127 project as simply as this:

var a127 = require('a127-magic');
app.use(a127.middleware());

Configuration

The Volos Swagger Configuration is done directly in the Swagger 2.x document:

The following sections discuss examples from this swagger yaml file.

Important: Be sure to include any referenced Volos modules in your package.json and run npm install.

Services

The "x-a127-services" vendors extension section defines how the modules that will be referenced in the other sections of this file will be instantiated and configured. The basic idea is that you simply define the array of parameters that would have been passed in to create the Volos module had you done it programmatically.

For example, volos-cache-memory requires a name and a hash of options. If we want to create and use a cache named "memCache" that has a time-to-live (ttl) of 1000ms, we'd do so like this:

x-a127-services:
  cache:
    provider: "volos-cache-memory"
    options:
      name: "memCache"
      ttl: 10000

Note: The key (name) for this resource is "cache". This is the name that will be used later to refer to this cache, not "memCache" - which the provider's name for the cache.

Similarly, we create a volos-quota-memory ("quota") and volos-oauth-redis ("oauth2") reference in this example:

quota:
  provider: "volos-quota-memory"
  options:
    timeUnit: "minute"
    interval: 1
    allow: 2
oauth2:
  provider: "volos-oauth-apigee"
  options:
    encryptionKey: "This is the key to encrypt/decrypt stored credentials"
  

Paths & Operations

Cache & Quota middleware

Volos modules are applied in a Swagger path or operation with the "x-a127-apply" extension. In the example below, we have examples of applying a cache ("cache") and a quota ("quota"). In each case, we're applying with the Volos defaults.

paths:
  /cached:
    x-a127-apply:
      cache: {}
  /quota:
    x-a127-apply: 
      quota: {}
OAuth authorization

Once you've defined a Volos OAuth provider in x-a127-services, you may use standard Swagger 2.0 authorization constructs to delegate to it. This is done by creating a SecurityDefinition like so:

securityDefinitions:
  oauth2:
    type: oauth2
    scopes: []
    flow: accessCode
    authorizationUrl: ignored
    tokenUrl: ignored

SecurityDefinition Notes:

  • The SecurityDefinition name (in this case, "oauth2") MUST match the name of the x-a127-service name.
  • "type" MUST be "oauth2"
  • The remainder of the fields do not affect operation and are for documentation only.

Once you've defined the SecurityDefinition, you can apply it to your operations. The following will require a valid OAuth token for the scope "scope1" on the "GET /secured" operation using the provider called "oauth2":

/secured:
  get:
  security:
    -
      oauth2:
        - scope1

Deprecated: Volos authorization may also applied in a Swagger path or operation with the "x-a127-authorizations" extension. The example below performs the same function as above: It requires that the request is using an OAuth Token validated by the "oauth2" resource requiring the "scope1" scope. (Additional scopes could be required
by space-delimiting them or using an array.)

/secured:
  x-a127-authorizations: 
    oauth2: 
      scope: "scope1"

Keywords

FAQs

Package last updated on 09 Mar 2015

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc