-
-
Notifications
You must be signed in to change notification settings - Fork 6.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Java] support for bearer authentication #457
Comments
Welcome here! Thank you for this issue. There is no problem to mention Swagger-Codegen. The codebase are similar, Swagger-Codegen v3 and OpenAPI-Generator are both evolutions of Swagger-Codegen You have located the correct section in the template. In this code base it is here: openapi-generator/modules/openapi-generator/src/main/resources/Java/ApiClient.mustache Lines 103 to 106 in 020883f
My take is that there is no support for Could you please post in this issue a full OAS3 example, you can adapt the very ping.yaml example, where you put the values for From your post I understood that you generate a java client, but can you post the command you are using (cli, maven, gradle or java integration of the core)? The base library you are using is the important point... |
I cloned/checked out 020883f and ran
I do not understand why you categorized this to affect the Java compilation target specifically. From my limited understanding of the codebase here, it seems that the error is actually in the frontend, i.e. in the shared Java code that underpins generation and the issue therefore affects all targets. In the issue for the Swagger implementation I mention that I think the error is in their
openapi: 3.0.1
info:
title: ping test
version: '1.0'
servers:
- url: 'http://localhost:8000/'
paths:
/ping:
get:
operationId: pingGet
responses:
'201':
description: OK
# Modifications are below this line. Above is ping.yaml.
components:
securitySchemes:
bearer:
type: http
scheme: bearer
security:
- bearer: [] |
You are right, I did not investigate it yet, but one part of the fix will be in the Codegen-layer ( Or I have missed something and I will be happy to change that. |
I see. Thanks. |
+1 on this. I came across exactly the same issue this week trying to generate a client with a Bearer JWT token:
|
@jmini has there been any further development into this issue? Like you pointed out, it's not exactly an issue with the mustache templates. It primarily arises from the DefaultGenerator assuming HTTP security type implies BASIC Auth, without any further investigation as to the scheme provided. A simple minimal solution might be to replace (DefaultCodegen.java line 2953):
with
However I haven't investigated as to the implications of having |
@jason-cohen Just hijacking the OAuth security scheme is a bad idea. For example, the spec requires an OAuth flow to be set on security schemes of this type, which is something that cannot be inferred (and might even not apply) in the case of a different HTTP authentication scheme. What you suggest as a solution here is a workaround that will immediately fail as soon as someone wants to use a different scheme than Bearer... I strongly urge @jmini to not further follow this proposal. |
@lorenzleutgeb Very good point. I agree, hijacking the OAuth scheme is a bad idea as it couples them, when the very point of the http-bearer scheme was to have an authorization bearer header not coupled with OAuth. Maybe a more viable option would be to add a new field |
I am running into the same issue with BearerAuth. It looks like the recent commit 80ca67c took care of the changes to DefaultGenerator to correctly set the existing BasicBasic and BasicBearer variables. In response to @jason-cohen's concerns about highjacking OAuth, my pull request #1930 adds a new BearerAuth object and uses it if the BasicBearer is set to true. |
See OpenAPITools#457 Also OpenAPITools#1446 for typescript, OpenAPITools#1577 for python Specs defined as follows currently generate BasicAuth and send "Authorization: Basic [base64Encode(username + ":" + password)]" components: securitySchemes: bearer: type: http scheme: bearer This change will generate an OAuth header, which will send a "Authorization: Bearer [accessToken]" This is a smaller, less-impactful change than introducing a BearerAuth object, but this change doesn't support scheme values other than bearer See also OpenAPITools#1930
See OpenAPITools#457 Also OpenAPITools#1446 for typescript, OpenAPITools#1577 for python Specs defined as follows currently generate BasicAuth and send an "Authorization: Basic [base64Encode(username + ":" + password)]" header components: securitySchemes: bearer: type: http scheme: bearer This change will generate code which uses a new HttpBearerAuth class, which will send a "Authorization: [scheme] [accessToken]" header. This change is slightly larger and more impactful than simply using OAuth for bearerBearer, but it allows for scheme values other than bearer. This fix was enabled by the recent commit of OpenAPITools@80ca67c This PR is an alternative to OpenAPITools#1972
#1972 by @davidwcarlson has been merged into master. Please give it a try with the latest master. |
* fix OpenAPITools#457 by introducing an HttpBearerAuth object See OpenAPITools#457 Also OpenAPITools#1446 for typescript, OpenAPITools#1577 for python Specs defined as follows currently generate BasicAuth and send an "Authorization: Basic [base64Encode(username + ":" + password)]" header components: securitySchemes: bearer: type: http scheme: bearer This change will generate code which uses a new HttpBearerAuth class, which will send a "Authorization: [scheme] [accessToken]" header. This change is slightly larger and more impactful than simply using OAuth for bearerBearer, but it allows for scheme values other than bearer. This fix was enabled by the recent commit of OpenAPITools@80ca67c This PR is an alternative to OpenAPITools#1972 * update petstore samples * Update HttpBearerAuth mustache templates and samples * correct the expected number of generated java client files * update the retrofit2 HttpBearerAuth template and samples * Add resttemplate-specific HttpBearerAuth mustache and samples * add vertx-specific HttpBearerAuth template and samples * add java webclient-specific HttpBearerAuth template and samples
* fix #457 by introducing an HttpBearerAuth object See OpenAPITools/openapi-generator#457 Also OpenAPITools/openapi-generator#1446 for typescript, OpenAPITools/openapi-generator#1577 for python Specs defined as follows currently generate BasicAuth and send an "Authorization: Basic [base64Encode(username + ":" + password)]" header components: securitySchemes: bearer: type: http scheme: bearer This change will generate code which uses a new HttpBearerAuth class, which will send a "Authorization: [scheme] [accessToken]" header. This change is slightly larger and more impactful than simply using OAuth for bearerBearer, but it allows for scheme values other than bearer. This fix was enabled by the recent commit of OpenAPITools/openapi-generator@80ca67c This PR is an alternative to OpenAPITools/openapi-generator#1972 * update petstore samples * Update HttpBearerAuth mustache templates and samples * correct the expected number of generated java client files * update the retrofit2 HttpBearerAuth template and samples * Add resttemplate-specific HttpBearerAuth mustache and samples * add vertx-specific HttpBearerAuth template and samples * add java webclient-specific HttpBearerAuth template and samples
* fix #457 by introducing an HttpBearerAuth object See OpenAPITools/openapi-generator#457 Also OpenAPITools/openapi-generator#1446 for typescript, OpenAPITools/openapi-generator#1577 for python Specs defined as follows currently generate BasicAuth and send an "Authorization: Basic [base64Encode(username + ":" + password)]" header components: securitySchemes: bearer: type: http scheme: bearer This change will generate code which uses a new HttpBearerAuth class, which will send a "Authorization: [scheme] [accessToken]" header. This change is slightly larger and more impactful than simply using OAuth for bearerBearer, but it allows for scheme values other than bearer. This fix was enabled by the recent commit of OpenAPITools/openapi-generator@80ca67c This PR is an alternative to OpenAPITools/openapi-generator#1972 * update petstore samples * Update HttpBearerAuth mustache templates and samples * correct the expected number of generated java client files * update the retrofit2 HttpBearerAuth template and samples * Add resttemplate-specific HttpBearerAuth mustache and samples * add vertx-specific HttpBearerAuth template and samples * add java webclient-specific HttpBearerAuth template and samples
Please see swagger-api/swagger-codegen-generators#113
The output that OpenAPI generator 020883f produces suffers from the same defect. However I did not look into your codebase. I understand that referring to the Swagger Codegen project might not be the most sensible thing to do, and if you rather do not want to look at it, I could look for the cause in this codebase.
The text was updated successfully, but these errors were encountered: