search

swagger-api / swagger-codegen

swagger-codegen contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition.
http://swagger.io
Apache License 2.0
17.05k stars 6.03k forks source link

[Go] Authentication with multiple API keys doesn't work in generated Go client #8824

Open sharkwouter opened 6 years ago

sharkwouter commented 6 years ago
Description

When using a spec file with multiple API keys defined, authentication can't be done in the generated Go code. The README.md file will state that you should set the same variable twice and that is exactly how the go code is set up as well. The authentication code found within every function in files like server_api.go and it looks like this:

    // body params
    localVarPostBody = &payload
    if ctx != nil {
        // API Key Authentication
        if auth, ok := ctx.Value(ContextAPIKey).(APIKey); ok {
            var key string
            if auth.Prefix != "" {
                key = auth.Prefix + " " + auth.Key
            } else {
                key = auth.Key
            }
            localVarHeaderParams["X-Auth-Token"] = key
        }
    }
    if ctx != nil {
        // API Key Authentication
        if auth, ok := ctx.Value(ContextAPIKey).(APIKey); ok {
            var key string
            if auth.Prefix != "" {
                key = auth.Prefix + " " + auth.Key
            } else {
                key = auth.Key
            }
            localVarHeaderParams["X-Auth-UserId"] = key
        }
    }

As expected, this doesn't work. This is what the readme looks like:

ApiKeyAuth

Example

    auth := context.WithValue(context.Background(), sw.ContextAPIKey, sw.APIKey{
        Key: "APIKEY",
        Prefix: "Bearer", // Omit if not necessary.
    })
    r, err := client.Service.Operation(auth, args)

ApiUserID

Example

    auth := context.WithValue(context.Background(), sw.ContextAPIKey, sw.APIKey{
        Key: "APIKEY",
        Prefix: "Bearer", // Omit if not necessary.
    })
    r, err := client.Service.Operation(auth, args)
Swagger-codegen version

2.3.1.

I haven't tried other versions.

Swagger declaration file content or url

This is the relevant part:

swagger: '2.0'
schemes:
- https
host: api.host
info:
  description: example API
  version: 1.0.0
  title: API specification
securityDefinitions:
  ApiKeyAuth:
    type: apiKey
    in: header
    name: X-Auth-Token
  ApiUserID:
    type: apiKey
    in: header
    name: X-Auth-UserId
security:
  - ApiKeyAuth: []
    ApiUserID: []
Command line used for generation

swagger-codegen generate -l go -i spec.yaml -o swagger

Steps to reproduce

Add more than one API key to a a swagger file and generate a go client.

Related issues/PRs

None that I know of.

Suggest a fix/enhancement

I think changes are required to the mustache template for go to solve this, but I don't have the skill yet to do this.

pashaosipyants commented 5 years ago

:+1: Only can add that other versions so far don't solve a problem. Bug remains till 2.4.1. v3 still don't have golang support