swagger: "2.0"
info:
title: A Goa Example Service
description: HTTP service for test
version: ""
host: localhost:8088
consumes:
- application/json
- application/xml
- application/gob
produces:
- application/json
- application/xml
- application/gob
paths:
/secure:
get:
tags:
- Service1
summary: secure Service1
description: 这是一个需要JWT认证的接口
operationId: Service1#secure
parameters:
- name: Authorization
in: header
description: JWT used for authentication
required: true
type: string
- name: SecureRequestBody
in: body
required: true
schema:
$ref: '#/definitions/Service1SecureRequestBody'
responses:
"200":
description: OK response.
schema:
type: string
"401":
description: Unauthorized response.
schema:
type: string
schemes:
- http
security:
- jwt_header_Authorization: []
/signin:
post:
tags:
- Service1
summary: signin Service1
operationId: Service1#signin
parameters:
- name: Authorization
in: header
description: Basic Auth security using Basic scheme (https://tools.ietf.org/html/rfc7617)
required: true
type: string
responses:
"200":
description: OK response.
schema:
$ref: '#/definitions/Service1SigninOKResponseBody'
required:
- jwt
- api_key
- oauth_token
"400":
description: Bad Request response.
schema:
$ref: '#/definitions/Service1SigninBadRequestResponseBody'
required:
- jwt
- api_key
- oauth_token
"401":
description: Unauthorized response.
schema:
type: string
schemes:
- http
security:
- basic_header_Authorization: []
definitions:
Service1SecureRequestBody:
title: Service1SecureRequestBody
type: object
properties:
fail:
type: boolean
description: Whether to force auth failure even with a valid JWT
example: false
example:
fail: false
Service1SigninBadRequestResponseBody:
title: Service1SigninBadRequestResponseBody
type: object
properties:
api_key:
type: string
description: API Key
example: abcdef12345
jwt:
type: string
description: JWT token
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
oauth_token:
type: string
description: OAuth2 token
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
example:
api_key: abcdef12345
jwt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
oauth_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
required:
- jwt
- api_key
- oauth_token
Service1SigninOKResponseBody:
title: Service1SigninOKResponseBody
type: object
properties:
api_key:
type: string
description: API Key
example: abcdef12345
jwt:
type: string
description: JWT token
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
oauth_token:
type: string
description: OAuth2 token
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
example:
api_key: abcdef12345
jwt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
oauth_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
required:
- jwt
- api_key
- oauth_token
securityDefinitions:
basic_header_Authorization:
type: basic
description: Basic authentication used to authenticate security principal during
signin
jwt_header_Authorization:
type: apiKey
description: Secures endpoint by requiring a valid JWT token retrieved via the
signin endpoint. Supports scopes "api:read" and "api:write".
name: Authorization
in: header