fix(openapi): hide auth header when set in securityScheme

[aheckmann]

Treat the http bearer auth security scheme the same as other security schemes by removing the authorization header.

Fixes #734

Checklist

• [x] run npm run test and npm run benchmark <== benchmark doesn't exist so skipped that one.
• [x] tests and/or benchmarks are included
• [x] documentation is changed or added <== N/A
• [x] commit message and code follows the Developer's Certification of Origin and the Code of conduct

[aheckmann]

It's possible. I haven't been using it so didn't check it out.

[aheckmann]

@mcollina From what I could find, this lib already handles swagger properly b/c bearer auth does not have special handling in the spec - only OpenAPI 3 has the special bearer declaration where in is not specified.