swagger authorization does not display schemas in AND scenario

asarver commented 1 year ago

using 4.5.0

when there is a route that requires more than one security schema (using AND), the schema does not appear as an option (OR works though)

{
  openapi: '3.0.0',
  info: {
    title: 'Example'
    version: '1.0.0'
  },
  components: {
    schemas: {
      Version: {
        type: 'object',
        properties: {
          version: {
            type: 'string',
            description: 'Semantic version number for the application',
            example: '0.1.0'
          }
        }
      }
    },
    securitySchemes: {
      BearerSchema: {
        type: 'http',
        scheme: 'bearer'
      },
      HeaderSchema: {
        type: 'apikey',
        name: 'apikey',
        in: 'header'
      }
    }
  },
  paths: {
    '/': {
      get: {
        operationId: 'getVersion',
        tags: ['version'],
        summary: 'Check the running version of the API',
        security: [{ BearerSchema: [], HeaderSchema: [] }],
        responses: {
          200: {
            description: 'success',
            content: {
              'application/json': {
                schema: {
                  $ref: '#/components/schemas/Version'
                }
              }
            }
          }
        }
      }
    }
  }
}

asarver commented 1 year ago

it looks like the reason the second security schema isn't showing up is because swagger is case sensitive on apikey

      HeaderSchema: {
        type: 'apikey',
        name: 'apikey',
        in: 'header'
      }

it really should be apiKey

mriedem commented 1 year ago

It's funny that the schema didn't catch that given it's defined here:

https://swagger.io/specification/?sbsearch=security-schemes#security-scheme-object

So should this issue be re-opened about that?

scottie1984 / swagger-ui-express

swagger authorization does not display schemas in AND scenario #309