Merge pull request #807 from OAI/dm/security

fehguy · web-flow · commit 1b2b6409f38f · 2016-10-07T10:22:59.000-07:00
Added bearer/JWT support and OpenIdConnect
diff --git a/versions/3.0.md b/versions/3.0.md
@@ -3000,10 +3000,13 @@ Supported schemes are basic authentication, an API key (either as a header or as
 ##### Fixed Fields
 Field Name | Type | Validity | Description
 ---|:---:|---|---
-<a name="securitySchemeType"></a>type | `string` | Any | **Required.** The type of the security scheme. Valid values are `"basic"`, `"apiKey"` or `"oauth2"`.
+<a name="securitySchemeType"></a>type | `string` | Any | **Required.** The type of the security scheme. Valid values are `"apiKey"`, `"http"`, `"oauth2"`, `"openIdConnect"`.
 <a name="securitySchemeDescription"></a>description | `string` | Any | A short description for security scheme.
 <a name="securitySchemeName"></a>name | `string` | `apiKey` | **Required.** The name of the header or query parameter to be used.
 <a name="securitySchemeIn"></a>in | `string` | `apiKey` | **Required** The location of the API key. Valid values are `"query"` or `"header"`.
+<a name="securitySchemeScheme"></a>scheme | `string` | `http` | **Required.** The name of the HTTP Authorization scheme to be used in the Authorization header as per RFC 7234.
+<a name="securitySchemeBearerFormat"></a>bearerFormat | `string` | `http` (`"bearer"`) | A hint to the client to identify how the bearer token should be formatted.
+<a name="securitySchemeOpenIdConnectUrl"></a>openIdConnectUrl | `string` | `openIdConnect` | **Required.** OpenId Connect URL to discover OAuth2 configuration values. 
 <a name="securitySchemeFlow"></a>flow | `string` | `oauth2` | **Required.** The flow used by the OAuth2 security scheme. Valid values are `"implicit"`, `"password"`, `"application"` or `"accessCode"`.
 <a name="securitySchemeAuthorizationUrl"></a>authorizationUrl | `string` | `oauth2` (`"implicit"`, `"accessCode"`) | **Required.** The authorization URL to be used for this flow. This SHOULD be in the form of a URL.
 <a name="securitySchemeTokenUrl"></a>tokenUrl | `string` | `oauth2` (`"password"`, `"application"`, `"accessCode"`) | **Required.** The token URL to be used for this flow. This SHOULD be in the form of a URL.
@@ -3017,12 +3020,14 @@ This object can be extended with [Specification Extensions](#specificationExtens
 
 ```json
 {
-  "type": "basic"
+  "type": "scheme",
+  "scheme" : "basic"
 }
 ```
 
 ```yaml
-type: basic
+type: http
+scheme: basic
 ```
 
 ###### API Key Sample
@@ -3041,6 +3046,22 @@ name: api_key
 in: header
 ```
 
+###### JWT Bearer Sample
+
+```json
+{
+  "type": "scheme",
+  "scheme" : "bearer",
+  "bearerFormat" : "JWT",
+}
+```
+
+```yaml
+type: http
+scheme: bearer
+bearerFormat: JWT
+```
+
 ###### Implicit OAuth2 Sample
 
 ```json
