Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions car-sharing/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -443,10 +443,11 @@ The committed `openapi/*.yaml` is the showcase output — regenerate with
`pnpm openapi` after changing the proto or its auth options.

> **Notes.** Streaming RPCs (`ListVehicles`) are omitted from the base spec
> unless the plugin's `with-streaming` opt is set. The overlay works on the
> published `@connectum/auth` 1.0.0; once 1.1.0 is out, methods marked
> `internal` in the proto also get `x-internal: true` (the resolver then
> exposes that marker).
> unless the plugin's `with-streaming` opt is set. The overlay targets the
> `@connectum/auth` 1.0.0 API this example pins. `@connectum/auth` 1.1.0 adds an
> `internal` method marker that the resolver exposes as `x-internal: true`;
> migrating this example onto that marker is tracked in
> [examples#36](https://github.com/Connectum-Framework/examples/issues/36).

## Build the image

Expand Down
8 changes: 5 additions & 3 deletions car-sharing/scripts/openapi-authz.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,9 @@
// Run via `pnpm openapi` (generates the base from buf.gen.openapi.yaml, then this
// overlay). NOTE: streaming RPCs (e.g. ListVehicles) are omitted from the base
// unless the plugin's `with-streaming` opt is set, so they get no operation here.
// A method marked `internal` (1.1.0) would also add `x-internal: true` once the
// resolver exposes that field.
// `@connectum/auth` 1.1.0 adds an `internal` method marker; this example targets
// the 1.0.0 API (no `internal` field on the resolver), so only `public` is mapped.
// On 1.1.0 a method marked `internal` would also add `x-internal: true`.

import { readFileSync, rmSync, writeFileSync } from "node:fs";
import { fileURLToPath } from "node:url";
Expand Down Expand Up @@ -60,7 +61,8 @@ for (const { svc, file } of SPECS) {
op.security = [{ bearerAuth: [] }];
if (auth.requires && auth.requires.roles.length > 0) op["x-connectum-required-roles"] = [...auth.requires.roles];
if (auth.requires && auth.requires.scopes.length > 0) op["x-connectum-required-scopes"] = [...auth.requires.scopes];
// A method marked `internal` (1.1.0) would add `op["x-internal"] = true` here.
// On `@connectum/auth` 1.1.0, a method marked `internal` would add
// `op["x-internal"] = true` here (this example targets 1.0.0, so it does not).
securedCount += 1;
}

Expand Down