diff --git a/apidef/api_definitions.go b/apidef/api_definitions.go index 53a536c0807..d8bc35864ec 100644 --- a/apidef/api_definitions.go +++ b/apidef/api_definitions.go @@ -849,7 +849,7 @@ type ClientAuthData struct { // ClientID is the application's ID. ClientID string `bson:"client_id" json:"client_id"` // ClientSecret is the application's secret. - ClientSecret string `bson:"client_secret" json:"client_secret"` + ClientSecret string `bson:"client_secret,omitempty" json:"client_secret,omitempty"` // client secret is optional for password flow } // ClientCredentials holds the client credentials for upstream OAuth2 authentication. diff --git a/apidef/api_definitions_test.go b/apidef/api_definitions_test.go index b3408b7ec98..8b488c9b2cc 100644 --- a/apidef/api_definitions_test.go +++ b/apidef/api_definitions_test.go @@ -15,6 +15,17 @@ func TestSchema(t *testing.T) { schemaLoader := schema.NewBytesLoader([]byte(Schema)) spec := DummyAPI() + spec.UpstreamAuth = UpstreamAuth{ + Enabled: true, + OAuth: UpstreamOAuth{ + Enabled: true, + ClientCredentials: ClientCredentials{ + ClientAuthData: ClientAuthData{ + ClientSecret: "dummy", // workaround to fix schema error + }, + }, + }, + } goLoader := schema.NewGoLoader(spec) result, err := schema.Validate(schemaLoader, goLoader) if err != nil { @@ -100,6 +111,17 @@ func TestSchemaGraphqlConfig(t *testing.T) { schemaLoader := schema.NewBytesLoader([]byte(Schema)) spec := DummyAPI() + spec.UpstreamAuth = UpstreamAuth{ + Enabled: true, + OAuth: UpstreamOAuth{ + Enabled: true, + ClientCredentials: ClientCredentials{ + ClientAuthData: ClientAuthData{ + ClientSecret: "dummy", // workaround to fix schema error + }, + }, + }, + } spec.GraphQL.ExecutionMode = "" goLoader := schema.NewGoLoader(spec) diff --git a/apidef/oas/upstream.go b/apidef/oas/upstream.go index 84e503a6061..6a5505a8cf8 100644 --- a/apidef/oas/upstream.go +++ b/apidef/oas/upstream.go @@ -681,7 +681,7 @@ type ClientAuthData struct { // ClientID is the application's ID. ClientID string `bson:"clientId" json:"clientId"` // ClientSecret is the application's secret. - ClientSecret string `bson:"clientSecret" json:"clientSecret"` + ClientSecret string `bson:"clientSecret,omitempty" json:"clientSecret,omitempty"` // client secret is optional for password flow } // ClientCredentials holds the configuration for OAuth2 Client Credentials flow. diff --git a/apidef/schema.go b/apidef/schema.go index 34c48674e61..f3c62b8576b 100644 --- a/apidef/schema.go +++ b/apidef/schema.go @@ -1107,7 +1107,6 @@ const Schema = `{ }, "required": [ "client_id", - "client_secret", "token_url", "username", "password"