[Feature Req] Init auth from OpenAPI spec

[byted]

Started using Restish recently and while I enjoy many things about it I'm surprised that I need to manually configure auth (e.g. OAuth2 Client Credentials flow) even though it is described via security schemas in the OpenAPI spec.

Is there a reason this was not added so far beyond simply nobody asking for it? :D If not I'm open to help out here.

[danielgtaylor]

@byted there is some missing information in the OpenAPI so you would still need to fill things in, but I agree that this can certainly be improved.

Also take a look at https://rest.sh/#/openapi?id=autoconfiguration. A typical configuration I've used might look like this in the OpenAPI document (assuming Azure auth, but could also be Auth0 or other providers):

{
  "components": {
    "securitySchemes": {
      "oauth2": {
        "flows": {
          "authorizationCode": {
            "authorizationUrl": "https://login.microsoftonline.com/your-app-uuid/oauth2/v2.0/authorize",
            "scopes": {
              "api://your-app-uuid/.default": "API access",
              "email": "Allows access to the user's email.",
              "offline_access": "Allows access to the user's offline data.",
              "openid": "Allows access to the user's identity.",
              "profile": "Allows access to the user's profile."
            },
            "tokenUrl": "https://login.microsoftonline.com/your-app-uuid/oauth2/v2.0/token",
            "x-usePkce": "SHA-256"
          }
        },
        "type": "oauth2"
      }
    }
  },
  "x-cli-config": {
    "security": "oauth2",
    "params": {
      "client_id": "your-client-uuid",
      "scopes": "openid profile email offline_access api://your-app-uuid/.default"
    }
  }
}

Then Restish will auto-configure itself for e.g. OAuth 2 Authorization Code with PKCE for user logins and you don't have to do anything except save & quit after the restish api configure $NAME $URL command.