New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
implement and/or logic in security validator #393
Conversation
@balazssoltesz Thanks a lot for the PR! There appears to be one test that needs attention
in addition to investigating this error, it will be good to add additional tests to exercise the new and/or capabilities thanks so much! |
@cdimascio i not rly understand this. why should return 200 if not api_key supplied? That is the point, we should return 401 when any of the security check is failed (when AND logic is used). |
@balazssoltesz openapi allows one to declare anonymous access explicitly. this particular test checks that if ApiKey and anonymous access are declared for an api endpoint using OR semantics, then it should return Here is the spec for the test that sets this up. Note that
all in all, its possible the new code is not considering the |
note that in my example above (which the test exercises), it states A OR B where A is |
ok, i modified my fork. now all test is passed |
@balazssoltesz Would u mind adding a test or two. |
@all-contributors add @balazssoltesz for code and test |
I've put up a pull request to add @balazssoltesz! 🎉 |
No description provided.