From 904a9d77bcea2d3b84582723d84667eb39fe0aed Mon Sep 17 00:00:00 2001 From: Emmanuel Gautier Date: Mon, 11 Nov 2024 19:45:21 +0100 Subject: [PATCH] feat(vulnapi): add new security scheme properties and values --- .../2024-10/operation-report.schema.json | 2 +- .../draft/2024-10/scan-report.schema.json | 3 +-- .../security-scheme-report.schema.json | 24 +++++++++++++------ 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/schemas/vulnapi/draft/2024-10/operation-report.schema.json b/schemas/vulnapi/draft/2024-10/operation-report.schema.json index cfcd9af..abbac9c 100644 --- a/schemas/vulnapi/draft/2024-10/operation-report.schema.json +++ b/schemas/vulnapi/draft/2024-10/operation-report.schema.json @@ -27,7 +27,7 @@ "type": "string" }, "body": { - "type": "object" + "type": "string" }, "cookies": { "type": "array", diff --git a/schemas/vulnapi/draft/2024-10/scan-report.schema.json b/schemas/vulnapi/draft/2024-10/scan-report.schema.json index 616ed28..86b78c4 100644 --- a/schemas/vulnapi/draft/2024-10/scan-report.schema.json +++ b/schemas/vulnapi/draft/2024-10/scan-report.schema.json @@ -57,8 +57,7 @@ } }, "error": { - "type": "object", - "required": [] + "type": "object" } } } \ No newline at end of file diff --git a/schemas/vulnapi/draft/2024-10/security-scheme-report.schema.json b/schemas/vulnapi/draft/2024-10/security-scheme-report.schema.json index 7e393fa..1035b13 100644 --- a/schemas/vulnapi/draft/2024-10/security-scheme-report.schema.json +++ b/schemas/vulnapi/draft/2024-10/security-scheme-report.schema.json @@ -13,31 +13,41 @@ "type": { "type": "string", "enum": [ - "apiKey", "http", "oauth2", "openIdConnect", + "apiKey", + "mutualTLS", "none" ] }, "scheme": { "type": "string", + "description": "Value are registered in IANA Security Scheme Name Registry", "enum": [ - "basic", - "bearer", - "digest", - "oauth", - "privateToken", - "none" + "Basic", + "Bearer", + "Digest", + "OAuth", + "PrivateToken", + "None" ] }, "in": { "type": "string", "enum": [ + "query", "header", "cookie" ] }, + "token_format": { + "type": "string", + "enum": [ + "jwt", + "none" + ] + }, "name": { "type": "string" }