search

eclipse / microprofile-open-api

Microprofile open api
Apache License 2.0
131 stars 81 forks source link

HeaderParam not generating parameter in spec #572

Closed DaanA32 closed 9 months ago

DaanA32 commented 9 months ago

Hi all,

I cannot seem to generate a parameter for a HeaderParam. It does work for query and cookie parameters:

    public Response getUsers(
        @HeaderParam("Authorization") String authorizationHeader,
        @QueryParam("stringParam") String stringParam,
        @CookieParam("cookieParam") String cookieParam
    ) {

Generates:

      parameters:
      -
        in: query
        name: stringParam
        schema:
          type: string
      -
        in: cookie
        name: cookieParam
        schema:
          type: string

It also does not generate when using @Parameters:

    @Parameters({
            @Parameter(
                name = "Authorization",
                description = "Bearer token",
                required = true,
                schema = @Schema(type = SchemaType.STRING),
                in = ParameterIn.HEADER
            ),
            @Parameter(
                name = "stringParam",
                description = "String param",
                required = true,
                schema = @Schema(type = SchemaType.STRING),
                in = ParameterIn.QUERY
            ),
            @Parameter(
                name = "cookie",
                description = "COOKIE param",
                required = true,
                schema = @Schema(type = SchemaType.STRING),
                in = ParameterIn.COOKIE
            )
        })

Results in:

      parameters:
      -
        description: String param
        in: query
        name: stringParam
        required: true
        schema:
          type: string
      -
        description: COOKIE param
        in: cookie
        name: cookie
        required: true
        schema:
          type: string

I'm using the following version:

build.date               2023-08-03 16:22:57 UTC
build.version            3.0.6
build.revision           0c0d6790
project.version          1.0-SNAPSHOT
project.helidon.version  3.2.2
project.flavor           MP
latest.helidon.version   4.0.0-RC1
default.helidon.version  3.2.2
MikeEdgar commented 9 months ago

Hi @DaanA32 , the Authorization header is explicitly ignored by the OpenAPI spec [1] and the annotation [2]. You likely want to use a security scheme + security requirements [3] to describe this aspect of your API.

[1] https://spec.openapis.org/oas/v3.0.3.html#fixed-fields-9 [2] https://download.eclipse.org/microprofile/microprofile-open-api-3.1.1/apidocs/org/eclipse/microprofile/openapi/annotations/parameters/Parameter.html#name() [3] https://swagger.io/docs/specification/authentication/bearer-authentication/

DaanA32 commented 9 months ago

Hi Mike,

Thanks for informing me about this :smile:

It would be good to generate a warning in the case where it is specified using the @Parameter as that is an explicit request.