swaggo · ubogdan · Mar 8, 2022 · Feb 28, 2022 · Mar 4, 2022 · Mar 7, 2022
diff --git a/README.md b/README.md
@@ -813,6 +813,14 @@ Make it AND condition
 // @Security OAuth2Application[write, admin]
 ```
 
+Make it OR condition
+
+```go
+// @Security ApiKeyAuth || firebase
+// @Security OAuth2Application[write, admin] || APIKeyAuth
+```
+
+
 ### Add a description for enum items
 
 ```go

diff --git a/operation.go b/operation.go
@@ -631,27 +631,29 @@ func (operation *Operation) ParseRouterComment(commentLine string) error {
 
 // ParseSecurityComment parses comment for given `security` comment string.
 func (operation *Operation) ParseSecurityComment(commentLine string) error {
+	//var securityMap map[string][]string = map[string][]string{}
+
+	var securityMap = make(map[string][]string)
 	securitySource := commentLine[strings.Index(commentLine, "@Security")+1:]
-	l := strings.Index(securitySource, "[")
-	r := strings.Index(securitySource, "]")
-	// exists scope
-	if !(l == -1 && r == -1) {
-		scopes := securitySource[l+1 : r]
-		var s []string
-		for _, scope := range strings.Split(scopes, ",") {
-			s = append(s, strings.TrimSpace(scope))
+	for _, securityOption := range strings.Split(securitySource, "||") {
+		securityOption = strings.TrimSpace(securityOption)
+		l := strings.Index(securityOption, "[")
+		r := strings.Index(securityOption, "]")
+		if !(l == -1 && r == -1) {
+			scopes := securityOption[l+1 : r]
+			var s []string
+			for _, scope := range strings.Split(scopes, ",") {
+				s = append(s, strings.TrimSpace(scope))
+			}
+			securityKey := securityOption[0:l]
+			securityMap[securityKey] = append(securityMap[securityKey], s...)
+
+		} else {
+			securityKey := strings.TrimSpace(securityOption)
+			securityMap[securityKey] = []string{}
 		}
-		securityKey := securitySource[0:l]
-		securityMap := map[string][]string{}
-		securityMap[securityKey] = append(securityMap[securityKey], s...)
-		operation.Security = append(operation.Security, securityMap)
-	} else {
-		securityKey := strings.TrimSpace(securitySource)
-		securityMap := map[string][]string{}
-		securityMap[securityKey] = []string{}
-		operation.Security = append(operation.Security, securityMap)
 	}
-
+	operation.Security = append(operation.Security, securityMap)
 	return nil
 }
 

diff --git a/operation_test.go b/operation_test.go
@@ -2036,6 +2036,39 @@ func TestParseSecurityComment(t *testing.T) {
 	})
 }
 
+func TestParseSecurityCommentSimple(t *testing.T) {
+	t.Parallel()
+
+	comment := `@Security ApiKeyAuth`
+	operation := NewOperation(nil)
+
+	err := operation.ParseComment(comment, nil)
+	assert.NoError(t, err)
+
+	assert.Equal(t, operation.Security, []map[string][]string{
+		{
+			"ApiKeyAuth": {},
+		},
+	})
+}
+
+func TestParseSecurityCommentOr(t *testing.T) {
+	t.Parallel()
+
+	comment := `@Security OAuth2Implicit[read, write] || Firebase[]`
+	operation := NewOperation(nil)
+
+	err := operation.ParseComment(comment, nil)
+	assert.NoError(t, err)
+
+	assert.Equal(t, operation.Security, []map[string][]string{
+		{
+			"OAuth2Implicit": {"read", "write"},
+			"Firebase":       {""},
+		},
+	})
+}
+
 func TestParseMultiDescription(t *testing.T) {
 	t.Parallel()