部分回答问题:
1.能的范围限定和使用招摇文件进行分配?
是的。您需要首先在“x-wso2-security”下全局定义它们,并使用“x-scope”元素将它们分配给资源。
请看下面的例子。
swagger: '2.0'
paths:
/*:
get:
responses:
'200':
description: ''
x-auth-type: Application & Application User
x-throttling-tier: Unlimited
x-scope: api1_read
post:
responses:
'200':
description: ''
parameters:
- name: Payload
description: Request Body
required: false
in: body
schema:
type: object
properties:
payload:
type: string
x-auth-type: Application & Application User
x-throttling-tier: Unlimited
info:
title: api1
version: '1.2'
x-wso2-security:
apim:
x-wso2-scopes:
- name: read api name
description: ''
key: api1_read
roles: admin
您是否在添加资源前使用“添加范围”按钮正确添加范围..? – Malintha