swagger OpenAPI:为所有API网关请求添加授权头

jecbmhm3  于 2023-10-18  发布在  其他
关注(0)|答案(1)|浏览(233)

我目前正在使用Google云平台设置第一个API网关,但我现在有点困惑如何向所有请求添加标头,是否可以在.yaml文件中?这是目前为止的情况。其中它说my_API_key是我的真实的key所在的位置,我想将其作为头发送到所有即将到来的端点。有可能吗?

x-cg-pro-api-key: my_api_key

swagger: "2.0"
info:
  title: Crypto API
  description: API Gateway with Cloud Run backend.
  version: 1.0.0
schemes:
  - https
produces:
  - application/json
paths:

  /new:
    get:
      summary: Returns a list of new coins.
      operationId: new
      x-google-backend:
        address: https://pro-api.coingecko.com/api/v3/coins/list/new
      parameters:
          - in: header
            name: x-cg-pro-api-key
            type: string
      responses:
        '200':
           description: OK
           schema:
             type: string

谷歌了很多,尝试不同的东西

swagger

1条答案

按热度按时间
km0tfn4u

km0tfn4u1#

我强烈建议使用最新版本的OpenAPI 3.1.0Swagger:2.0很老了。
我在components集合中定义了securitySchemes,然后您需要将security添加到根或单个端点,如下面的示例所示。

openapi: 3.1.0
info:
  title: Crypto API
  description: API Gateway with Cloud Run backend.
  version: 1.0.0
servers:
  - url: https://pro-api.coingecko.com/api
    description: PROD Server
paths:
  /v3/coins:
    get:
      summary: Returns a list of new coins
      operationId: getCoins
      x-google-backend:
        address: https://pro-api.coingecko.com/api/v3/coins
      security:
        - apiKey: []
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/coins'
        '400':
          $ref: '#/components/responses/400'
        '401':
          $ref: '#/components/responses/401'
        '403':
          $ref: '#/components/responses/403'
        '500':
          $ref: '#/components/responses/500'

components:
  securitySchemes:
    apiKey:
      type: 'apiKey'
      description: '<apikey>'
      name: 'x-cg-pro-api-key'
      in: 'header'
  schemas:
    problem_json:
      description: Problem Details for HTTP APIs - RFC9457
      type: object
      properties:
        type:
          type: string
          format: uri-reference
        status:
          type: number
        title:
          type: string
        detail:
          type: string
        instance:
          type: string
          format: uri-reference
    coins:
      type: object
      properties:
        coins:
          type: array
          uniqueItems: true
          items:
            type: string
  responses:
    400:
      description: Bad Request
      content:
        application/problem+json:
          schema:
            $ref: '#/components/schemas/problem_json'
    401:
      description: Unauthorized
      content:
        application/problem+json:
          schema:
            $ref: '#/components/schemas/problem_json'
    403:
      description: Forbidden
      content:
        application/problem+json:
          schema:
            $ref: '#/components/schemas/problem_json'
    500:
      description: Internal Server Error
      content:
        application/problem+json:
          schema:
            $ref: '#/components/schemas/problem_json'
  • 奖励内容:* RFC9457定义了problem+json模式,推荐作为HTTP API的常见错误报告模式。

编辑:
由于Google API Gateway不支持OAS 3.x.x,因此需要使用Swagger 2.0。
下面是使用security的示例。

swagger: "2.0"
info:
  title: Crypto API
  description: API Gateway with Cloud Run backend.
  version: 1.0.0
schemes:
  - https
produces:
  - application/json
  - application/problem+json
host: pro-api.coingecko.com
basePath: /api/v3
securityDefinitions:
  apiKey:
    description: `<apiKey>`
    in: header
    name: 'x-cg-pro-api-key'
    type: apiKey
paths:
  /coins:
    get:
      summary: Returns a list of new coins.
      operationId: new
      security:
        - apiKey: []
      x-google-backend:
        address: https://pro-api.coingecko.com/api/v3/coins
      responses:
        "200":
          description: OK
          schema:
            $ref: "#/definitions/coins"
        "400":
          description: Bad Request
          schema: 
            $ref: "#/definitions/400"
        "401":
          description: Unauthorized
          schema: 
            $ref: "#/definitions/401"
        "403":
          description: Forbidden
          schema: 
            $ref: "#/definitions/403"
        "404":
          description: Not Found
          schema: 
            $ref: "#/definitions/404"
        "500":
          description: Internal Server Error
          schema: 
            $ref: "#/definitions/500"
definitions:
  problem_json:
    description: Problem Details for HTTP APIs - RFC9457
    type: object
    properties:
      type:
        type: string
        format: uri-reference
      status:
        type: number
      title:
        type: string
      detail:
        type: string
      instance:
        type: string
        format: uri-reference
  coins:
    type: object
    properties:
      coins:
        type: array
        uniqueItems: true
        items:
          type: string
  '400':
    $ref: "#/definitions/problem_json"
  '401':
    $ref: "#/definitions/problem_json"
  '403':
    $ref: "#/definitions/problem_json"
  '500':
    $ref: "#/definitions/problem_json"
赞(0)分享  回复(0)举报  2023-10-18
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com