Let's say I want to obtain cookie security scheme like in OpenSpec example
openapi: 3.0.0
...
# 1) Define the cookie name
components:
securitySchemes:
cookieAuth: # arbitrary name for the security scheme; will be used in the "security" key later
type: apiKey
in: cookie
name: JSESSIONID # cookie name
# 2) Apply cookie auth globally to all operations
security:
- cookieAuth: []
Problem
Let's say I want to obtain cookie security scheme like in OpenSpec example
If I'll create such description with the code:
It will create such definition in swagger:![image](https://user-images.githubusercontent.com/10308233/137910670-1b415883-565c-456f-9652-6ec8b2b9d0f2.png)
As you see there is no
name
field inside security scheme, which make spec invalid.Expected
At least name should appear INSIDE security scheme as well for spec to be valid.
Research
The problem is in these lines of code https://github.com/papsign/Ktor-OpenAPI-Generator/blob/f7e7048c945c65526a38efe655fa60e88d0fc19a/src/main/kotlin/com/papsign/ktor/openapigen/model/security/SecuritySchemeModel.kt#L21-L23
First of all, it uses
name
field as security scheme reference name Second, it stripsname
field from serializing to resulted spec.Therefore there is no way to set up
name
field, and currentname
field is used as security scheme arbitrary reference name.Proposal
Add another field to separate reference name from
name
field