feat(openapi): http authentication support

add support for http authentication (for example http basic or bearer tokens)

Closes: #6664

src/Laravel/ApiPlatformProvider.php

@@ -736,6 +736,7 @@ public function register(): void
                 oAuthRefreshUrl: $config->get('api-platform.swagger_ui.oauth.refreshUrl', null),
                 oAuthScopes: $config->get('api-platform.swagger_ui.oauth.scopes', []),
                 apiKeys: $config->get('api-platform.swagger_ui.apiKeys', []),
+                httpAuth: $config->get('api-platform.swagger_ui.http_auth', []),
             );
         });
 

src/Laravel/config/api-platform.php

@@ -87,6 +87,12 @@
         //    'refreshUrl' => '',
         //    'scopes' => ['scope1' => 'Description scope 1'],
         //    'pkce' => true
+        //],
+        //'http_auth' => [
+        //    'Personal Access Token' => [
+        //        'scheme' => 'bearer',
+        //        'bearerFormat' => 'JWT'
+        //    ]
         //]
     ],
 

src/OpenApi/Factory/OpenApiFactory.php

@@ -687,6 +687,11 @@ private function getSecuritySchemes(): array
             $securitySchemes[$key] = new SecurityScheme('apiKey', $description, $apiKey['name'], $apiKey['type']);
         }
 
+        foreach ($this->openApiOptions->getHttpAuth() as $key => $httpAuth) {
+            $description = \sprintf('Value for the http %s parameter.', $httpAuth['scheme']);
+            $securitySchemes[$key] = new SecurityScheme('http', $description, null, null, $httpAuth['scheme'], $httpAuth['bearerFormat'] ?? null);
+        }
+
         return $securitySchemes;
     }
 

src/OpenApi/Options.php

@@ -15,7 +15,7 @@
 
 final class Options
 {
-    public function __construct(private readonly string $title, private readonly string $description = '', private readonly string $version = '', private readonly bool $oAuthEnabled = false, private readonly ?string $oAuthType = null, private readonly ?string $oAuthFlow = null, private readonly ?string $oAuthTokenUrl = null, private readonly ?string $oAuthAuthorizationUrl = null, private readonly ?string $oAuthRefreshUrl = null, private readonly array $oAuthScopes = [], private readonly array $apiKeys = [], private readonly ?string $contactName = null, private readonly ?string $contactUrl = null, private readonly ?string $contactEmail = null, private readonly ?string $termsOfService = null, private readonly ?string $licenseName = null, private readonly ?string $licenseUrl = null, private bool $overrideResponses = true)
+    public function __construct(private readonly string $title, private readonly string $description = '', private readonly string $version = '', private readonly bool $oAuthEnabled = false, private readonly ?string $oAuthType = null, private readonly ?string $oAuthFlow = null, private readonly ?string $oAuthTokenUrl = null, private readonly ?string $oAuthAuthorizationUrl = null, private readonly ?string $oAuthRefreshUrl = null, private readonly array $oAuthScopes = [], private readonly array $apiKeys = [], private readonly ?string $contactName = null, private readonly ?string $contactUrl = null, private readonly ?string $contactEmail = null, private readonly ?string $termsOfService = null, private readonly ?string $licenseName = null, private readonly ?string $licenseUrl = null, private bool $overrideResponses = true, private readonly array $httpAuth = [])
     {
     }
 
@@ -74,6 +74,11 @@ public function getApiKeys(): array
         return $this->apiKeys;
     }
 
+    public function getHttpAuth(): array
+    {
+        return $this->httpAuth;
+    }
+
     public function getContactName(): ?string
     {
         return $this->contactName;

src/OpenApi/Tests/Factory/OpenApiFactoryTest.php

@@ -521,6 +521,14 @@ public function testInvoke(): void
                     'type' => 'query',
                     'name' => 'key',
                 ],
+            ], null, null, null, null, null, null, true, [
+                'bearer' => [
+                    'scheme' => 'bearer',
+                    'bearerFormat' => 'JWT',
+                ],
+                'basic' => [
+                    'scheme' => 'basic',
+                ],
             ]),
             new PaginationOptions(true, 'page', true, 'itemsPerPage', true, 'pagination')
         );
@@ -622,12 +630,16 @@ public function testInvoke(): void
             'oauth' => new SecurityScheme('oauth2', 'OAuth 2.0 authorization code Grant', null, null, null, null, new OAuthFlows(null, null, null, new OAuthFlow('/oauth/v2/auth', '/oauth/v2/token', '/oauth/v2/refresh', new \ArrayObject(['scope param'])))),
             'header' => new SecurityScheme('apiKey', 'Value for the Authorization header parameter.', 'Authorization', 'header'),
             'query' => new SecurityScheme('apiKey', 'Value for the key query parameter.', 'key', 'query'),
+            'bearer' => new SecurityScheme('http', 'Value for the http bearer parameter.', null, null, 'bearer', 'JWT'),
+            'basic' => new SecurityScheme('http', 'Value for the http basic parameter.', null, null, 'basic', null),
         ]));
 
         $this->assertEquals([
             ['oauth' => []],
             ['header' => []],
             ['query' => []],
+            ['bearer' => []],
+            ['basic' => []],
         ], $openApi->getSecurity());
 
         $paths = $openApi->getPaths();