search

OpenAPITools / openapi-generator

OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec (v2, v3)
https://openapi-generator.tech
Apache License 2.0
21.3k stars 6.45k forks source link

[BUG][ALL] HTTP Auth scheme names are (incorrectly) case-sensitive #6184

Open asazernik opened 4 years ago

asazernik commented 4 years ago
Description

The API generator does not generate authorization/authentication code when the user inserts a security scheme like so:

components:
  securitySchemes:
    bearerToken:
      type: http
      scheme: Bearer

Note that "Bearer" is title-cased. It works if the scheme is instead lowercase "bearer".

Even though the spec is not clear on the subject, according to the spec author HTTP auth schemes should be case-insensitive. Even if the schemes were case-sensitive, the IANA registry's canonical cases for the two most common schemes are "Bearer" and "Basic".

openapi-generator version

4.3.0

OpenAPI declaration file content or url

See yaml snippet in description above

Command line used for generation

openapi-generator generate -i $OAS3_YAML_FILE -g scala-akka -o /tmp/apiclient-test

I have also tested this with ruby and bash generators

Suggest a fix

I've opened a PR in swagger-api/swagger-js#1531; I don't know where the relevant code is in this project, though.

auto-labeler[bot] commented 4 years ago

šŸ‘ Thanks for opening this issue! šŸ· I have applied any labels matching special text in your issue.

The team will review the labels and make any necessary changes.

l0gicgate commented 4 years ago

Using the following security schemes:

components:
  securitySchemes:
    bearerToken:
      type: http
      scheme: bearer

security:
  - bearerToken: []

I'm getting this when generating HTML2 docs:

curl -X GET -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]"

No matter what the case is. What am I doing wrong?

Edit: I fixed my issue with #6579