Add bearer security definition (#1100)

parser.go

@@ -63,6 +63,7 @@ const (
 	secImplicitAttr          = "@securitydefinitions.oauth2.implicit"
 	secPasswordAttr          = "@securitydefinitions.oauth2.password"
 	secAccessCodeAttr        = "@securitydefinitions.oauth2.accesscode"
+	secBearerAttr            = "@securitydefinitions.bearer"
 	tosAttr                  = "@termsofservice"
 	extDocsDescAttr          = "@externaldocs.description"
 	extDocsURLAttr           = "@externaldocs.url"

parserv3.go

@@ -128,7 +128,7 @@ func (p *Parser) parseGeneralAPIInfoV3(comments []string) error {
 			}
 
 			tag.Spec.ExternalDocs.Spec.Description = value
-		case secBasicAttr, secAPIKeyAttr, secApplicationAttr, secImplicitAttr, secPasswordAttr, secAccessCodeAttr:
+		case secBasicAttr, secAPIKeyAttr, secApplicationAttr, secImplicitAttr, secPasswordAttr, secAccessCodeAttr, secBearerAttr:
 			key, scheme, err := parseSecAttributesV3(attribute, comments, &line)
 			if err != nil {
 				return err
@@ -331,9 +331,11 @@ func parseSecAttributesV3(context string, lines []string, index *int) (string, *
 		descriptionAttr  = "@description"
 		tokenURL         = "@tokenurl"
 		authorizationURL = "@authorizationurl"
+		bearerFormat     = "@bearerformat"
 	)
 
 	var search []string
+	var optionalSearсh []string
 
 	attribute := strings.ToLower(FieldsByAnySpace(lines[*index], 2)[0])
 	switch attribute {
@@ -351,6 +353,8 @@ func parseSecAttributesV3(context string, lines []string, index *int) (string, *
 		search = []string{authorizationURL, in}
 	case secAccessCodeAttr:
 		search = []string{tokenURL, authorizationURL, in}
+	case secBearerAttr:
+		optionalSearсh = []string{bearerFormat}
 	}
 
 	// For the first line we get the attributes in the context parameter, so we skip to the next one
@@ -380,6 +384,13 @@ func parseSecAttributesV3(context string, lines []string, index *int) (string, *
 			}
 		}
 
+		for _, optFindTerm := range optionalSearсh {
+			if securityAttr == optFindTerm {
+				attrMap[securityAttr] = value
+				break
+			}
+		}
+
 		isExists, err := isExistsScope(securityAttr)
 		if err != nil {
 			return "", nil, err
@@ -408,7 +419,7 @@ func parseSecAttributesV3(context string, lines []string, index *int) (string, *
 		}
 	}
 
-	if len(attrMap) != len(search) {
+	if len(attrMap) < len(search) {
 		return "", nil, fmt.Errorf("%s is %v required", context, search)
 	}
 
@@ -460,6 +471,11 @@ func parseSecAttributesV3(context string, lines []string, index *int) (string, *
 		scheme.Flows.Spec.AuthorizationCode = spec.NewOAuthFlow()
 		scheme.Flows.Spec.AuthorizationCode.Spec.AuthorizationURL = attrMap[authorizationURL]
 		scheme.Flows.Spec.AuthorizationCode.Spec.TokenURL = attrMap[tokenURL]
+
+	case secBearerAttr:
+		scheme.Type = "http"
+		scheme.Scheme = "bearer"
+		scheme.BearerFormat = attrMap[bearerFormat]
 	}
 
 	scheme.Description = description

parserv3_test.go

@@ -136,7 +136,7 @@ func TestParserParseGeneralApiInfoV3(t *testing.T) {
 	assert.Equal(t, "OpenAPI", p.openAPI.ExternalDocs.Spec.Description)
 	assert.Equal(t, "https://swagger.io/resources/open-api", p.openAPI.ExternalDocs.Spec.URL)
 
-	assert.Equal(t, 6, len(p.openAPI.Components.Spec.SecuritySchemes))
+	assert.Equal(t, 7, len(p.openAPI.Components.Spec.SecuritySchemes))
 
 	security := p.openAPI.Components.Spec.SecuritySchemes
 	assert.Equal(t, "basic", security["basic"].Spec.Spec.Scheme)
@@ -164,6 +164,10 @@ func TestParserParseGeneralApiInfoV3(t *testing.T) {
 	assert.Equal(t, "oauth2", security["OAuth2AccessCode"].Spec.Spec.Type)
 	assert.Equal(t, "header", security["OAuth2AccessCode"].Spec.Spec.In)
 	assert.Equal(t, "https://example.com/oauth/token", security["OAuth2AccessCode"].Spec.Spec.Flows.Spec.AuthorizationCode.Spec.TokenURL)
+
+	assert.Equal(t, "http", security["BearerToken"].Spec.Spec.Type)
+	assert.Equal(t, "bearer", security["BearerToken"].Spec.Spec.Scheme)
+	assert.Equal(t, "JWT", security["BearerToken"].Spec.Spec.BearerFormat)
 }
 
 func TestParser_ParseGeneralApiInfoExtensionsV3(t *testing.T) {

testdata/v3/main.go

@@ -54,6 +54,9 @@ package main
 // @in header
 // @name name
 
+// @securitydefinitions.bearer BearerToken
+// @bearerFormat JWT
+
 // @externalDocs.description OpenAPI
 // @externalDocs.url https://swagger.io/resources/open-api