@SecurityScheme with OpenAPI

[Phillip Krüger]

Hi All.

I am using MicroProfile OpenAPI to document my JAX-RS REST endpoint.

I am running PayaraMicro 5.182.

I am trying to define the Security Scheme with this annotation:

@ApplicationPath("/api")
@OpenAPIDefinition(info = @Info(
        title = "Membership service",
        version = "1.0.0",
        contact = @Contact(
                name = "Phillip Kruger",
                email = "****@****.com",
                url = "http://www.phillip-kruger.com")
        ),
        servers = {
            @Server(url = "/membership",description = "localhost"),
            @Server(url = "http://yellow:8080/membership",description = "Yellow Pi")        
        }
)
@SecurityScheme(description = "The JWT from User service",
        ref = "Authorization",
        in = SecuritySchemeIn.HEADER,
        type = SecuritySchemeType.HTTP,
        scheme = "bearer",
        bearerFormat = "JWT")
@LoginConfig(authMethod = "MP-JWT")
@DeclareRoles({"user", "admin"})
public class ApplicationConfig extends Application {

}

However, no security scheme is generated in the OpenApi yaml ??

I have tested this on wildfly-swarm, and it seems to work there. Does anyone have an example of @SecurityScheme that is working in Payara-micro.

Thanks in advance.

Phillip

[Matt Gill]

Hi Philip,

Each security scheme is added to a map with the key being it's `securitySchemeName`, which isn't being specified here. I believe that Wildfly is interpreting a 'default' security scheme name, although this is not specification defined. Can you confirm the output you're expecting?

Kind regards,

Matt