Marking a service or method as requiring bearer authentication in proto/grpc definition #308
Comments
|
Currently there is no custom annotations, but what you can do, is to use gnostic for the conversion, then have another step in your build process, where you read the generated OpenAPI, add e.g. security descriptions and then save it again. |
|
Thank you for the reply @morphar, I know that this is a feature request rather than bug report so appreciate your time. I'm very keen to be able to use the protobuf definitions as the source of truth for all aspects of our services (data contracts but also documentation, including the Swagger UI, etc), and not all of our endpoints would require authentication. Is what you are proposing to have some other type of annotation in the protos to tag a service as requiring authentication and then to selectively post-process the openapi output to update the security descriptions for these? |
|
You're very welcome :) I personally use protobuf as source of truth for everything and generate all else from there.
This helps me generate documentation that works across environments - e.g. local dev, test envrionments and live. Hope that helps :) |
I'm comparing the grcp-gateway protoc plugin for openapi (v2) with the one from here for openapi v3. While the built in functionality seems to "just work", I'm not sure how to customise the openapi output further, such as for specifying the security schemes.
I have seen examples of this in the grpc-gateway plugin using custom annotations, e.g. grpc-ecosystem/grpc-gateway#1089
Is there something similar for using the gnostic openapi codegen plugin?
The text was updated successfully, but these errors were encountered: