jchannon
commented
4 years ago Hi,
In the sample app we show how to add multiple security schemes https://github.com/CarterCommunity/Carter/blob/master/samples/CarterSample/Startup.cs#L28 and you would specify which scheme to use on your route metadata https://github.com/CarterCommunity/Carter/blob/master/samples/CarterSample/Features/Actors/OpenApi/GetActors.cs#L24
However, you'll see that is a string and should be a list of string so you define all possible security schemes so this seems a bug.
We would have to loop over the list here to make the openapi doc write out the correct data https://github.com/CarterCommunity/Carter/blob/master/src/Carter/OpenApi/CarterOpenApi.cs#L500
If you'd like to give it a go and send a PR, please feel free to do so otherwise we'll try and get this fixed at some point.
Thanks
On Sun, 5 Apr 2020 at 03:00, Adrie notifications@github.com wrote:
According to Swagger docs: https://swagger.io/docs/specification/authentication/#multiple
A security scheme can require multiple OpenApiSecurity. Say I have defined both (in options.OpenApi.Securities):
{ "userBearer", new OpenApiSecurity {Type = OpenApiSecurityType.http, Scheme = "bearer"} }, { "apikey", new OpenApiSecurity {Type = OpenApiSecurityType.apiKey, In = openApiIn.header, Name = "X-Api-Key"} }
How do I specify that I want both securities (logical AND) in options.OpenApi.GlobalSecurityDefinitions?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/CarterCommunity/Carter/issues/246, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAZVJUYN3AEP4K34G5JLATRK7Q4RANCNFSM4L7WTGOA .
According to Swagger docs: https://swagger.io/docs/specification/authentication/#multiple
A security scheme can require multiple
OpenApiSecurity. Say I have defined both (inoptions.OpenApi.Securities):How do I specify that I want both securities (logical AND) in
options.OpenApi.GlobalSecurityDefinitions?