feat(AsyncAPI 2.6.0): Components

securitySchemes

asyncapi#126

asyncapi-core/src/main/java/com/asyncapi/v2/_6_0/jackson/model/component/ComponentsSecuritySchemesDeserializer.java

@@ -0,0 +1,13 @@
+package com.asyncapi.v2._6_0.jackson.model.component;
+
+import com.asyncapi.v2._6_0.jackson.MapOfReferencesOrObjectsDeserializer;
+import com.asyncapi.v2._6_0.model.security_scheme.SecurityScheme;
+
+public class ComponentsSecuritySchemesDeserializer extends MapOfReferencesOrObjectsDeserializer<SecurityScheme> {
+
+    @Override
+    public Class<SecurityScheme> objectTypeClass() {
+        return SecurityScheme.class;
+    }
+
+}

asyncapi-core/src/main/java/com/asyncapi/v2/_6_0/model/component/Components.java

@@ -4,13 +4,8 @@
 import com.asyncapi.v2._6_0.jackson.binding.message.MessageBindingsDeserializer;
 import com.asyncapi.v2._6_0.jackson.binding.operation.OperationBindingsDeserializer;
 import com.asyncapi.v2._6_0.jackson.binding.server.ServerBindingsDeserializer;
-import com.asyncapi.v2._6_0.jackson.model.channel.ChannelParametersDeserializer;
-import com.asyncapi.v2._6_0.jackson.model.channel.message.MessagesDeserializer;
 import com.asyncapi.v2._6_0.jackson.model.component.*;
-import com.asyncapi.v2._6_0.jackson.model.server.ServerVariablesDeserializer;
-import com.asyncapi.v2._6_0.jackson.model.server.ServersDeserializer;
 import com.asyncapi.v2._6_0.model.channel.ChannelItem;
-import com.asyncapi.v2._6_0.model.channel.operation.OperationTrait;
 import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -93,7 +88,7 @@ public class Components {
     private Map<String, Object> messages;
 
     /**
-     * An object to hold reusable {@link com.asyncapi.v2.model.security_scheme.SecurityScheme} Objects.
+     * An object to hold reusable {@link com.asyncapi.v2._6_0.model.security_scheme.SecurityScheme} Objects.
      * <p>
      * MUST BE:
      * <ul>
@@ -102,7 +97,7 @@ public class Components {
      * </ul>
      */
     @CheckForNull
-//    @JsonDeserialize(using = ComponentsSecuritySchemesDeserializer.class)
+    @JsonDeserialize(using = ComponentsSecuritySchemesDeserializer.class)
     private Map<String, Object> securitySchemes;
 
     /**

asyncapi-core/src/main/java/com/asyncapi/v2/_6_0/model/security_scheme/ApiKeySecurityScheme.java

@@ -0,0 +1,45 @@
+package com.asyncapi.v2._6_0.model.security_scheme;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.*;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+/**
+ * @version 2.6.0
+ * @see <a href="https://www.asyncapi.com/docs/reference/specification/v2.6.0#securitySchemeObject">SecurityScheme</a>
+ * @author Pavel Bodiachevskii
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@EqualsAndHashCode(callSuper = false)
+public class ApiKeySecurityScheme extends SecurityScheme {
+
+    /**
+     * REQUIRED.
+     * <p>
+     * The location of the API key.
+     */
+    @Nonnull
+    private ApiKeyLocation in;
+
+    @Builder(builderMethodName = "apiKeySecuritySchemeBuilder")
+    public ApiKeySecurityScheme(@Nonnull Type type,
+                                @Nullable String description,
+                                @Nonnull ApiKeyLocation in) {
+        super(type, description);
+        this.in = in;
+    }
+
+    public enum ApiKeyLocation {
+
+        @JsonProperty("user")
+        USER,
+        @JsonProperty("password")
+        PASSWORD
+
+    }
+
+}

asyncapi-core/src/main/java/com/asyncapi/v2/_6_0/model/security_scheme/OpenIdConnectSecurityScheme.java

@@ -0,0 +1,35 @@
+package com.asyncapi.v2._6_0.model.security_scheme;
+
+import lombok.*;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+/**
+ * @version 2.6.0
+ * @see <a href="https://www.asyncapi.com/docs/reference/specification/v2.6.0#securitySchemeObject">SecurityScheme</a>
+ * @author Pavel Bodiachevskii
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@EqualsAndHashCode(callSuper = true)
+public class OpenIdConnectSecurityScheme extends SecurityScheme {
+
+    /**
+     * REQUIRED.
+     * <p>
+     * OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.
+     */
+    @Nonnull
+    private String openIdConnectUrl;
+
+    @Builder(builderMethodName = "openIdConnectSecurityScheme")
+    public OpenIdConnectSecurityScheme(@Nonnull Type type,
+                                       @Nullable String description,
+                                       @Nonnull String openIdConnectUrl) {
+        super(type, description);
+        this.openIdConnectUrl = openIdConnectUrl;
+    }
+
+}

asyncapi-core/src/main/java/com/asyncapi/v2/_6_0/model/security_scheme/SecurityScheme.java

@@ -0,0 +1,120 @@
+package com.asyncapi.v2._6_0.model.security_scheme;
+
+import com.asyncapi.v2._6_0.model.security_scheme.http.HttpApiKeySecurityScheme;
+import com.asyncapi.v2._6_0.model.security_scheme.http.HttpSecurityScheme;
+import com.asyncapi.v2._6_0.model.security_scheme.oauth2.OAuth2SecurityScheme;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonSubTypes;
+import com.fasterxml.jackson.annotation.JsonTypeInfo;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+
+/**
+ * Defines a security scheme that can be used by the operations. Supported schemes are:
+ * <ul>
+ *     <li>User/Password.</li>
+ *     <li>API key (either as user or as password).</li>
+ *     <li>X.509 certificate.</li>
+ *     <li>End-to-end encryption (either symmetric or asymmetric).</li>
+ *     <li>HTTP authentication.</li>
+ *     <li>HTTP API key.</li>
+ *     <li>OAuth2’s common flows (Implicit, Resource Owner Protected Credentials, Client Credentials and Authorization Code) as defined in <a href="https://tools.ietf.org/html/rfc6749">RFC6749</a>.</li>
+ *     <li><a href="https://tools.ietf.org/html/draft-ietf-oauth-discovery-06">OpenID Connect Discovery.</a></li>
+ *     <li>SASL (Simple Authentication and Security Layer) as defined in <a href="https://tools.ietf.org/html/rfc4422">RFC4422</a>.</li>
+ * </ul>
+ *
+ * This object MAY be extended with <a href="https://www.asyncapi.com/docs/reference/specification/v2.6.0#specificationExtensions">Specification Extensions</a>.
+ *
+ * @version 2.6.0
+ * @see <a href="https://www.asyncapi.com/docs/reference/specification/v2.6.0#securitySchemeObject">Security Scheme Object</a>
+ * @author Pavel Bodiachevskii
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@JsonTypeInfo(
+        use = JsonTypeInfo.Id.NAME,
+        include = JsonTypeInfo.As.PROPERTY,
+        property = "type",
+        visible = true
+)
+@JsonSubTypes({
+        @JsonSubTypes.Type(value = SecurityScheme.class, name = "userPassword"),
+        @JsonSubTypes.Type(value = ApiKeySecurityScheme.class, name = "apiKey"),
+        @JsonSubTypes.Type(value = SecurityScheme.class, name = "X509"),
+        @JsonSubTypes.Type(value = SecurityScheme.class, name = "symmetricEncryption"),
+        @JsonSubTypes.Type(value = SecurityScheme.class, name = "asymmetricEncryption"),
+        @JsonSubTypes.Type(value = HttpApiKeySecurityScheme.class, name = "httpApiKey"),
+        @JsonSubTypes.Type(value = HttpSecurityScheme.class, name = "http"),
+        @JsonSubTypes.Type(value = OAuth2SecurityScheme.class, name = "oauth2"),
+        @JsonSubTypes.Type(value = OpenIdConnectSecurityScheme.class, name = "openIdConnect"),
+        @JsonSubTypes.Type(value = SecurityScheme.class, name = "plain"),
+        @JsonSubTypes.Type(value = SecurityScheme.class, name = "scramSha256"),
+        @JsonSubTypes.Type(value = SecurityScheme.class, name = "scramSha512"),
+        @JsonSubTypes.Type(value = SecurityScheme.class, name = "gssapi"),
+})
+public class SecurityScheme {
+
+    /**
+     * REQUIRED.
+     * <p>
+     * The type of the security scheme. Valid values are:
+     * <ul>
+     *     <li>userPassword</li>
+     *     <li>apiKey</li>
+     *     <li>X509</li>
+     *     <li>symmetricEncryption</li>
+     *     <li>asymmetricEncryption</li>
+     *     <li>httpApiKey</li>
+     *     <li>http</li>
+     *     <li>oauth2</li>
+     *     <li>openIdConnect</li>
+     * </ul>
+     */
+    @Nonnull
+    private Type type;
+
+    /**
+     * A short description for security scheme. <a href="http://spec.commonmark.org/">CommonMark syntax</a> MAY be used for rich text representation.
+     */
+    @CheckForNull
+    private String description;
+
+    public enum Type {
+
+        @JsonProperty("userPassword")
+        USER_PASSWORD,
+        @JsonProperty("apiKey")
+        API_KEY,
+        @JsonProperty("X509")
+        X509,
+        @JsonProperty("symmetricEncryption")
+        SYMMETRIC_ENCRYPTION,
+        @JsonProperty("asymmetricEncryption")
+        ASYMMETRIC_ENCRYPTION,
+        @JsonProperty("httpApiKey")
+        HTTP_API_KEY,
+        @JsonProperty("http")
+        HTTP,
+        @JsonProperty("oauth2")
+        OAUTH2,
+        @JsonProperty("openIdConnect")
+        OPENID_CONNECT,
+        @JsonProperty("plain")
+        PLAIN,
+        @JsonProperty("scramSha256")
+        SCRAM_SHA256,
+        @JsonProperty("scramSha512")
+        SCRAM_SHA512,
+        @JsonProperty("gssapi")
+        GSSAPI
+
+    }
+
+}

asyncapi-core/src/main/java/com/asyncapi/v2/_6_0/model/security_scheme/http/HttpApiKeySecurityScheme.java

@@ -0,0 +1,59 @@
+package com.asyncapi.v2._6_0.model.security_scheme.http;
+
+import com.asyncapi.v2._6_0.model.security_scheme.SecurityScheme;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.*;
+
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+/**
+ * @version 2.6.0
+ * @see <a href="https://www.asyncapi.com/docs/reference/specification/v2.6.0#securitySchemeObject">SecurityScheme</a>
+ * @author Pavel Bodiachevskii
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@EqualsAndHashCode(callSuper = false)
+public class HttpApiKeySecurityScheme extends SecurityScheme {
+
+    /**
+     * REQUIRED.
+     * <p>
+     * The name of the header, query or cookie parameter to be used.
+     */
+    @Nonnull
+    private String name;
+
+    /**
+     * REQUIRED.
+     * <p>
+     * The location of the API key.
+     */
+    @CheckForNull
+    private ApiKeyLocation in;
+
+    @Builder(builderMethodName = "httpApiKeySecuritySchemeBuilder")
+    public HttpApiKeySecurityScheme(@Nonnull Type type,
+                                    @Nullable String description,
+                                    @Nonnull String name,
+                                    @Nullable ApiKeyLocation in) {
+        super(type, description);
+        this.name = name;
+        this.in = in;
+    }
+
+    public enum ApiKeyLocation {
+
+        @JsonProperty("query")
+        QUERY,
+        @JsonProperty("header")
+        HEADER,
+        @JsonProperty("cookie")
+        COOKIE
+
+    }
+
+}

asyncapi-core/src/main/java/com/asyncapi/v2/_6_0/model/security_scheme/http/HttpSecurityScheme.java

@@ -0,0 +1,46 @@
+package com.asyncapi.v2._6_0.model.security_scheme.http;
+
+import com.asyncapi.v2._6_0.model.security_scheme.SecurityScheme;
+import lombok.*;
+
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+/**
+ * @version 2.6.0
+ * @see <a href="https://www.asyncapi.com/docs/reference/specification/v2.6.0#securitySchemeObject">SecurityScheme</a>
+ * @author Pavel Bodiachevskii
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@EqualsAndHashCode(callSuper = false)
+public class HttpSecurityScheme extends SecurityScheme {
+
+    /**
+     * REQUIRED.
+     * <p>
+     * The name of the HTTP Authorization scheme to be used in the <a href="https://tools.ietf.org/html/rfc7235#section-5.1">Authorization header as defined in RFC7235</a>.
+     */
+    @Nonnull
+    private String scheme;
+
+    /**
+     * A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated
+     * by an authorization server, so this information is primarily for documentation purposes.
+     */
+    @CheckForNull
+    private String bearerFormat;
+
+    @Builder(builderMethodName = "httpSecuritySchemeBuilder")
+    public HttpSecurityScheme(@Nonnull Type type,
+                              @Nullable String description,
+                              @Nonnull String scheme,
+                              @Nullable String bearerFormat) {
+        super(type, description);
+        this.scheme = scheme;
+        this.bearerFormat = bearerFormat;
+    }
+
+}

asyncapi-core/src/main/java/com/asyncapi/v2/_6_0/model/security_scheme/oauth2/OAuth2SecurityScheme.java

@@ -0,0 +1,36 @@
+package com.asyncapi.v2._6_0.model.security_scheme.oauth2;
+
+import com.asyncapi.v2._6_0.model.security_scheme.SecurityScheme;
+import lombok.*;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+/**
+ * @version 2.6.0
+ * @see <a href="https://www.asyncapi.com/docs/reference/specification/v2.6.0#securitySchemeObject">SecurityScheme</a>
+ * @author Pavel Bodiachevskii
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@EqualsAndHashCode(callSuper = false)
+public class OAuth2SecurityScheme extends SecurityScheme {
+
+    /**
+     * REQUIRED.
+     * <p>
+     * An object containing configuration information for the flow types supported.
+     */
+    @Nonnull
+    private OAuthFlows flows;
+
+    @Builder(builderMethodName = "oauth2SecuritySchemeBuilder")
+    public OAuth2SecurityScheme(@Nonnull Type type,
+                                @Nullable String description,
+                                @Nonnull OAuthFlows flows) {
+        super(type, description);
+        this.flows = flows;
+    }
+
+}