search

meshapi / grpc-api-gateway

Flexible and fast gRPC to HTTP and OpenAPI interface
https://meshapi.github.io/grpc-api-gateway/
GNU General Public License v3.0
11 stars 0 forks source link

BUG: output format JSON generates invalid security scope for empty array #17

Open WizMe-M opened 1 week ago

WizMe-M commented 1 week ago

Reproduce

Minimal repro structure ![image](https://github.com/user-attachments/assets/46b2f0d7-5163-4fb4-a77e-a26be69646a1)
  1. Create foo.proto: 
    
syntax = "proto3";
package foo;

option go_package = 'example.com/example/foo';

service FooService { rpc FooBar(FooRequest) returns (FooResponse); }

message FooRequest { }

message FooResponse { }


2. Add `api_openapi.yaml`:
```yaml
openapi:
  document:
    components:
      security_schemes:
        MyJwtBearer:
          type: http
          name: Authorization
          in: header
          scheme: bearer
          bearer_format: JWT

  services:
    - selector: 'foo.FooService'
      methods:
        FooBar:
          security:
            - name: MyJwtBearer
              scopes: [ ] # core setting

gateway:
  endpoints:
    - selector: 'foo.FooService.FooBar'
      post: '/foo'
      body: '*'
  1. Add buf.gen.yaml: 
    
version: v2

plugins:

Actual behavior

Generated files ### YAML ```yaml paths: /foo: post: ... security: - MyJwtBearer: [] ``` ### JSON ```json "paths": { "/foo": { "post": { .... "security": [ { "MyJwtBearer": null } ] } ```

If we take a look into gemerated apidocs we will see that:

If we check them out in Swagger Editor we will see, that json spec (with null scope) is invalid and editor misses auth for the endpoint.

Broken auth img ![image](https://github.com/user-attachments/assets/47e31cca-7165-42c7-a502-66a0973467fd)

Expected behavior

Both yaml and json specs (output formats) will have the same identical scope value (empty array [])

peymanmortazavi commented 1 week ago

@WizMe-M nice find, yeah we should definitely resolve this. I'll take a look this weekend, I imagine we'd have to use custom types and encode differently based on the value but it's been a while so I might be off here.