Define required scopes per Path #1014
Description
Hello,
Description of the feature
Would it be possible to have the ability to define required scopes per Path/Endpoint?
For example, define the scopes at the level of #[oai] like this:
#[oai(
path = "/secure",
method = "get",
scopes = ["read", "write"]]
)]
async fn secure_endpoint(&self) -> PlainText<String>And have a Swagger definition like this:
openapi: 3.0.3
info:
title: Example API with Scopes per Path
version: 1.0.0
components:
securitySchemes:
oauth2:
type: oauth2
flows:
clientCredentials:
tokenUrl: https://example.com/oauth/token
scopes:
read: Read permission
write: Write permission
admin: Administration permission
paths:
/secure:
get:
summary: Secure Endpoint
security:
- oauth2: [read, write] # Requires ALL scopes "read" AND "write"
responses:
'200':
description: Success
/flexible:
get:
summary: Flexible Endpoint
security:
- oauth2: [read] # Option 1: Requires "read"
- oauth2: [write] # Option 2: Requires "write" (OR logic)
responses:
'200':
description: Success
/admin:
get:
summary: Admin Endpoint
security:
- oauth2: [admin] # Requires only "admin"
responses:
'200':
description: SuccessThis is a very important feature, especially if we want to create enterprise-grade APIs.
Thank you in advance 🥇