Security Scheme Analyzer

Build a TypeScript utility that analyzes security scheme definitions from OpenAPI 2.0 (Swagger) specification documents.

Requirements

Create a module that exports functions to:

1. Check if a security scheme is a basic authentication type
2. Check if a security scheme is an API key type and extract its location (header, query, etc.)
3. Check if a security scheme is OAuth2 and identify its flow type (implicit, password, application, or accessCode)
4. Extract security scheme names from a security requirement object

All function parameters should be properly typed using OpenAPI 2.0 type definitions to ensure type safety.

Test Cases

• When given a security scheme with type "basic", isBasicAuth returns true @test
• When given an API key security scheme with in="header", getApiKeyLocation returns "header" @test
• When given an OAuth2 security scheme with flow="implicit", getOAuth2Flow returns "implicit" @test
• When given a security requirement object {"api_key": [], "oauth": ["read", "write"]}, getSchemeNames returns ["api_key", "oauth"] @test

Implementation

@generates

API

/**
 * Checks if a security scheme is basic authentication type
 */
export function isBasicAuth(scheme: unknown): boolean;

/**
 * Gets the location (in) of an API key security scheme
 * Returns undefined if not an API key scheme
 */
export function getApiKeyLocation(scheme: unknown): string | undefined;

/**
 * Gets the OAuth2 flow type
 * Returns undefined if not an OAuth2 scheme
 */
export function getOAuth2Flow(scheme: unknown): string | undefined;

/**
 * Extracts all security scheme names from a security requirement object
 */
export function getSchemeNames(requirement: unknown): string[];

Dependencies { .dependencies }

openapi-types { .dependency }

Provides TypeScript type definitions for OpenAPI 2.0 security schemes.

@satisfied-by