openapi: 3.0.3 info: title: A Goa Example Service description: HTTP service for test version: "1.0" servers: - url: http://localhost:8088 - url: http://localhost:8088 paths: /secure: get: tags: - Service1 summary: secure Service1 description: 这是一个需要JWT认证的接口 operationId: Service1#secure requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/SecureRequestBody' example: fail: true responses: "200": description: OK response. content: application/json: schema: type: string example: Commodi earum ut dolorem qui. example: Aliquid corrupti facere voluptate. "401": description: Unauthorized response. content: application/json: schema: type: string example: Alias placeat est tenetur ad distinctio nesciunt. example: Odit qui ut culpa est. security: - jwt_header_Authorization: [] /signin: post: tags: - Service1 summary: signin Service1 operationId: Service1#signin responses: "200": description: OK response. content: application/json: schema: $ref: '#/components/schemas/Creds' example: api_key: abcdef12345 jwt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ oauth_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ "400": description: Bad Request response. content: application/json: schema: $ref: '#/components/schemas/Creds' example: api_key: abcdef12345 jwt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ oauth_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ "401": description: Unauthorized response. content: application/json: schema: type: string example: Voluptate non dolore autem ipsam omnis. example: Et necessitatibus cupiditate repudiandae iste. security: - basic_header_Authorization: [] components: schemas: Creds: type: object properties: api_key: type: string description: API Key example: abcdef12345 jwt: type: string description: JWT token example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ oauth_token: type: string description: OAuth2 token example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ example: api_key: abcdef12345 jwt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ oauth_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ required: - jwt - api_key - oauth_token SecureRequestBody: type: object properties: fail: type: boolean description: Whether to force auth failure even with a valid JWT example: false example: fail: false securitySchemes: basic_header_Authorization: type: http description: Basic authentication used to authenticate security principal during signin scheme: basic jwt_header_Authorization: type: http description: Secures endpoint by requiring a valid JWT token retrieved via the signin endpoint. Supports scopes "api:read" and "api:write". scheme: bearer tags: - name: Service1 description: The secured service exposes endpoints that require valid authorization credentials.