IBM Support

OpenAPI Security Schemes in OpenAPI3.0 in Rational Software Architect Designer

General Page

Rational Software Architect Designer and Rational Software Architect Designer for WebSphere Software v9.7.1.1 onward support OpenAPI Security Schemes in RestToOpenAPI3.0 transformations.
OpenAPI 3.0 uses the term security scheme for authentication and authorization schemes. OpenAPI 3.0 lets the user describe APIs protected using the following security schemes:
  1. HTTP authentication schemes (they use the Authorization header):
    • Modeled by using OpenAPISecurityBasic element available in OpenAPI3 palette drawer
  2. API keys in headers, query string or cookies
    • Modeled by using OpenAPISecurityApiKey element available in OpenAPI3 palette drawer
  3. OAuth2
    • Modeled by using OpenAPISecurityOAuth2 element available in OpenAPI3 palette drawer

Steps to use OpenAPI Security Schemes in REST Service Model -to-OpenAPI3.0 transformations of Rational Software Architect Designer are as follows:

Create required OpenAPI Security Scheme type in REST Service Model:

  1. Define OpenAPISecurityApiKey (named api_key) as shown below:image-20220617112929-2
  2. Define OpenAPISecurityOAuth2 (named petstore_auth) as shown below:image-20220617113004-3
    • Add two attributes read_pets and write_pets under petstore_auth (OpenAPISecurityOAuth2) class.
  3. Define OpenAPISecurityBasic (named petstore_basic) as shown below:image-20220617113119-4

Add Dependency:

OPENAPI Security Schemes can be added at Operation level and Application level as well.

User needs to create appropriate dependency relationships between Operation/Application and corresponding OpenAPI Security Schemes.

Security scheme support at Operation level:

To add OpenAPISecurityOAuth2 Security Scheme at Operation level (e.g. for addPet() API)

In order to support OpenAPISecurityOAuth2 at an operation level, user needs to create a dependency from the API operation to the corresponding OpenAPISecurityOAuth2’s attribute.

For example, write_pets needs to be added as a dependency from addPet() API.

  1. Select addPet() API in Project Explorer.
  2. Right click on addPet() and select Add UML -> Relationship -> Advanced
  3. Go to the Browse tab and select Security Schemes -> petstore_auth -> write_pets
  4. Go to the Relationship Type and select Dependency
  5. Click on the OK button to add this dependency.
image-20220617114157-13

To add OpenAPISecurityApiKey Security Scheme at Operation level (e.g. for placeOrder() API)

api_key needs to be added as dependency to placeOrder()

  1. Select placeOrder() API in Project Explorer.
  2. Right click on placeOrder() and select Add UML -> Relationship -> Advanced
  3. Go to the Browse tab and select Security Schemes -> api_key
  4. Go to the Relationship Type and select Dependency
  5. Click on the OK button to add this dependency.
image-20220617114302-14

To add OpenAPISecurityBasic Security Scheme at Operation level (e.g. for placeOrder() API)

petstore_basic needs to be added as dependency to placeOrder()

  1. Select placeOrder() API in Project Explorer.
  2. Right click on placeOrder() and select Add UML -> Relationship -> Advanced
  3. Go to the Browse tab and select Security Schemes -> petstore_basic
  4. Go to the Relationship Type and select Dependency
  5. Click on the OK button to add this dependency.
image-20220617114346-15

Security scheme support at Application level:

To add OpenAPISecurityOAuth2 Security Scheme at Application level (e.g. for OpenAPI Petstore OpenAPIApp)

In order to support OpenAPISecurityOAuth2 at an Application level, user needs to create a dependency from the Application to the corresponding OpenAPISecurityOAuth2’s attribute.

For example, read_pets needs to be added as dependency to OpenAPI Petstore Application

  1. Select OpenAPI Petstore OpenAPI Application in Project Explorer.
  2. Right click on OpenAPI Petstore OpenAPI Application and select Add UML -> Relationship -> Advanced
  3. Go to the browse tab and select Security Schemes -> petstore_auth -> read_pets
  4. Go to the Relationship Type and select Dependency
  5. Click on the OK button to add this dependency.
image-20220617114432-16

NoteSimilarly, we can add OpenAPISecurityApiKey and  OpenAPISecurityBasic Security Schemes at Application level  by creating the dependency from OpenAPI Petstore Application to the corresponding security scheme element.

Preference of Security Schemes:

Since we can add OpenAPI Security Schemes at Operation and Application level as well. There are two possible scenarios as follows:

  1. If OpenAPI Security Schemes are added at Application level and there are no OpenAPI Security Schemes at Operation level, then Application level security rule will apply to Operation level as well.
  2. If OpenAPI Security Schemes is added at Application and Operation level, then OpenAPI Security Schemes applied at Operation level will override the OpenAPI Security Schemes applied at Application level for the respective Operation.

Run Transformation:

When REST Service Model to OpenAPI3.0 Transformation is run successfully, the generated OpenAPI3.0 output should be expected as shown below:

image-20220617114835-17

image-20220617114835-18

image-20220617114835-19

image-20220617114835-20

[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYK2S","label":"Rational Software Architect Designer"},"ARM Category":[{"code":"a8m50000000L1nBAAS","label":"Rational Software Architect"}],"Platform":[{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"}],"Version":"9.7.1"},{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYKBQ","label":"Rational Software Architect Designer for WebSphere Software"},"ARM Category":[{"code":"a8m50000000L1nBAAS","label":"Rational Software Architect"}],"Platform":[{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"}],"Version":"9.7.1"}]

Document Information

Modified date:
01 July 2022

UID

ibm16595985

Page Feedback