8 个仓库
Support for various standard authentication methods like Basic, OAuth, and Digital Certificates.
Distinct from Secure HTTP Authentication: Covers a broad set of authentication schemes rather than just the combination of Basic and Certificates.
Explore 8 awesome GitHub repositories matching security & cryptography · API Authentication Schemes. Refine with filters or upvote what's useful.
Rest-assured is a Java-based REST API testing framework and HTTP client library designed for automating web service tests. It provides a fluent domain-specific language and assertion library to send HTTP requests and validate response metadata, including status codes, headers, cookies, and bodies. The framework is distinguished by a method-chaining DSL that creates readable specifications for API interactions. It features a filter-based request interception pipeline, object-mapping serialization for converting Java objects to JSON or XML, and a path-based parsing system to isolate specific fi
Supports multiple security schemes including Basic, OAuth, and Certificates to secure outgoing API calls.
This is a Visual Studio Code extension that lets developers compose, send, and inspect HTTP requests directly from within the editor. It uses .http and .rest files as executable request definitions, parsing each block of text into a complete HTTP request that is dispatched via Node.js built-in HTTP modules without requiring a separate server process. The extension renders full HTTP responses with syntax-highlighted body, status line, and headers in a dedicated editor tab or side panel. The extension supports multiple authentication schemes including Basic, Digest, SSL certificates, Azure
Supports multiple authentication schemes including Basic, Digest, SSL, Azure AD, and AWS Signature v4.
TypeSpec is a language for defining cloud API shapes and generating OpenAPI, JSON Schema, and client/server code from a single source of truth. It functions as a protocol-agnostic API designer that models REST, gRPC, and other API protocols using a unified, extensible syntax, with a decorator-based metadata system for attaching metadata, validation rules, and lifecycle visibility to API models and operations. The compiler produces OpenAPI 3.0 specifications and other artifacts, and the tool supports declaring API versions and tracking changes to models, properties, and operations across releas
Declares which security mechanism protects each API endpoint in the service definition.
本项目是一个 .NET 身份栈与服务器框架,用于构建经过认证的 OpenID Connect 与 OAuth 2.0 身份提供商。它提供了签发与验证安全令牌,以及跨各种授权类型与协议流管理用户认证所需的核心逻辑。 该框架包含一个协议转换层,连接 OpenID Connect 与 SAML,以实现不同身份提供商间的互操作性。它还支持无状态运行模式,该模式移除了内置验证与存储,以允许对令牌与客户端验证进行手动控制。 该系统涵盖了广泛的能力,包括通过令牌验证中间件实现的 API 访问控制,以及针对桌面与移动应用的跨平台身份集成。它具备一个可自定义的请求处理流水线,带有用于存储身份数据与缓存授权请求的可插拔持久化提供商。
Associates specific provider names with security schemes to trigger correct authentication operations during login.
Connexion 是一个规范驱动的框架,用于构建自动将 OpenAPI 规范映射到应用逻辑的 API。它使用这些规范来自动化路由、请求验证和响应序列化,并通过操作 ID 将 API 操作链接到后端处理函数。 该项目通过提供一个模式驱动的 Mock 服务器来区分开来,该服务器使用规范中的示例响应来模拟 API 行为,而无需后端逻辑。它还包括一个动态文档托管系统,将 API 规范转换为实时交互式控制台,用于探索和测试端点。 该框架涵盖了广泛的功能领域,包括通过基于中间件的身份验证和作用域验证实施安全性、可插拔的请求和响应验证逻辑,以及向类型化函数参数自动注入参数。它还提供了用于应用生命周期管理、自定义中间件集成和请求模拟测试的实用工具。 该项目可用于引导独立 Web 应用,或包装在现有框架周围以添加规范驱动的功能。
Supports complex security requirements by combining multiple authentication schemes using logical AND operations.
RAML is a declarative YAML-based specification language used for modeling RESTful interfaces and data structures. It functions as a contract-first API framework and modeling standard, establishing a formal agreement for service communication and a single source of truth before implementation begins. The specification enables the automation of functional mock servers and the generation of language-specific client SDKs directly from the definition files. It supports a modular approach to API design through the use of external libraries, overlays for extending contracts, and reusable traits and
Defines standard authentication mechanisms including Basic and OAuth to be applied globally or per resource.
This is a desktop HTTP client application used for constructing, sending, and analyzing HTTP and GraphQL requests. It provides a graphical interface for API development and testing, including a dedicated GraphQL client with schema-driven autocomplete and validation. The project features an integrated AI assistant that generates API requests from natural language prompts. It supports a complex organization system of spaces and collections with hierarchical authentication inheritance and recursive variable resolution for dynamic request values. The tool covers a broad range of capabilities, in
Sets security credentials using Basic, Bearer token, or API key schemes.
utoipa is a Rust API documentation tool used to generate machine-readable OpenAPI specifications. It functions as a specification generator and schema mapper that converts Rust structs and enums into compliant OpenAPI schemas. The project distinguishes itself by using procedural macros and traits to automate metadata extraction from code. It supports complex data modeling, including generics, polymorphism, and recursive type resolution, while synchronizing field renaming and tagging from serialization attributes. It also enables the composition of modular specifications, allowing multiple sma
Defines authentication schemes such as OAuth2 and API keys within the service specification.