Global apiKey query param not detected #92

comino · 2019-10-25T10:01:34Z

When using a top level defined apiKey as query parameter, the apiKey is not recognized in requests.

$ curl localhost:8000/v1/check?apiKey=testtest

{"message":"query parameter 'apiKey' required","errors":[{"path":"/v1/check","message":"query parameter 'apiKey' required"}]}

Reson is that we are looking in the headers, not in the query param ;)

            else if (scheme.in === 'query') {
                if (!req.headers[scheme.name]) {
                    throw Error(`query parameter '${scheme.name}' required`);
                }
            }

Will send a PR

The text was updated successfully, but these errors were encountered:

cdimascio#92

comino · 2019-10-25T10:17:39Z

Send PR: #93

cdimascio · 2019-10-25T11:46:25Z

@comino. Thanks for the PR. I'll get this merged in and published. Thank you!

comino added a commit to comino/express-openapi-validator that referenced this issue Oct 25, 2019

fix apiKey as query parameters not picked up by security middleware Fix

c52e571

cdimascio#92

comino mentioned this issue Oct 25, 2019

ApiKey as query parameters now picked up by security middleware #93

Merged

cdimascio closed this as completed in #93 Oct 25, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Global apiKey query param not detected #92

Global apiKey query param not detected #92

comino commented Oct 25, 2019 •

edited

comino commented Oct 25, 2019

cdimascio commented Oct 25, 2019

Global apiKey query param not detected #92

Global apiKey query param not detected #92

Comments

comino commented Oct 25, 2019 • edited

comino commented Oct 25, 2019

cdimascio commented Oct 25, 2019

comino commented Oct 25, 2019 •

edited