Authorization header is required while being set

nick-berilov commented 1 year ago

Prerequisites

[X] I have written a descriptive issue title
[X] I have searched existing issues to ensure the bug has not already been reported

Fastify version

4.18.0

Plugin version

8.6.0

Node.js version

16

Operating system

Linux

Operating system version (i.e. 20.04, 11.3, 10)

22.04

Description

Is there a way to hide authorization header from OpenAPI 3.1.0 UI, so that I would not need to set a dummy unused value every time?

alt text

Steps to Reproduce

import { fastify } from "fastify";
import fs from "@fastify/swagger";
import fsu from "@fastify/swagger-ui";

const app = fastify();

await app.register(fs, {
  openapi: {
    openapi: "3.1.0",
    components: {
      securitySchemes: {
        bearerAuth: {
          type: "http",
          scheme: "bearer",
        },
      },
    },
  },
});

await app.register(fsu);

app.get(
  "/",
  {
    schema: {
      headers: {
        type: "object",
        properties: { authorization: { type: "string" } },
        required: ["authorization"],
      },
      security: [{ bearerAuth: [] }],
    },
  },
  async (request, reply) => {
    return { hello: "world" };
  }
);

app
  .listen({ port: 3001 })
  .then(() => {
    console.log("listening");
  })
  .catch((err) => console.log(err));

Expected Behavior

Authorization valued should not be required if already set or authorization property should be hidden in UI

Uzlopak commented 1 year ago

You are configuring it wrong. You have to define the security schema globally when initializing fastify-swagger.

nick-berilov commented 1 year ago

@Uzlopak even if I move security: [{ bearerAuth: [] }], from routes to swagger coonfig it doesn't change anything

alexey-sh commented 8 months ago

Any chance to fix it?

fastify / fastify-swagger