Error: Operation /paths/~1secure/get references security scheme "sessionKey" but no authenticator was provided.

[ilife5]

Version Info

• node: 10.15.1
• exegesis-express: 1.0.0
• exegesis: 1.3.0
• express: 4.16.3

Problem

My openAPI.yaml is:

openapi: "3.0.1"
info:
  version: 1.0.0
  title: Exegesis Integration Test
  license:
    name: MIT
paths:
  /greet:
    get:
      summary: List all pets
      x-exegesis-controller: greetController
      operationId: greetGet
      parameters:
        - name: name
          in: query
          description: Name of user to greet
          required: true
          schema:
            type: string
      responses:
        '200':
          description: Greet message.
          content:
            application/json:
              schema:
                type: object
                required:
                  - greeting
                properties:
                  greeting: {type: string}
        default:
          description: unexpected error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /secure:
    get:
      summary: A secure operation
      x-exegesis-controller: secureController
      operationId: secureGet
      security:
        - sessionKey: []
      responses:
        '200':
          description: Greet message.
          content:
            application/json:
              schema: {type: 'object'}
components:
  securitySchemes:
    sessionKey:
      type: 'apiKey'
      name: 'session'
      in: 'header'
  schemas:
    Error:
      required:
        - message
      properties:
        message: {type: string}

copy from 'https://github.com/exegesis-js/exegesis-express/blob/master/test/integrationSample/openapi.yaml'.

Main is index.js:

import express from 'express';
import path from 'path';
import http from 'http';
import * as exegesisExpress from 'exegesis-express';

async function createServer() {
    // See https://github.com/exegesis-js/exegesis/blob/master/docs/Options.md
    const options = {
        controllers: path.resolve(__dirname, './controllers')
    };

    const exegesisMiddleware = await exegesisExpress.middleware(
        path.resolve(__dirname, './openApi.yaml'),
        options
    );

    const app = express();

    // If you have any body parsers, this should go before them.
    app.use(exegesisMiddleware);

    app.use((req, res) => {
        res.status(404).json({message: `Not found`});
    });

    app.use((err, req, res, next) => {
        res.status(500).json({message: `Internal error: ${err.message}`});
    });

    const server = http.createServer(app);
    server.listen(3000);
}

createServer();

when I run babel-node index.js, then I get:

➜  exegesis babel-node index.js
(node:6771) UnhandledPromiseRejectionWarning: Error: Operation /paths/~1secure/get references security scheme "sessionKey" but no authenticator was provided.
    at new Operation (/Users/yaojifeng/WebstormProjects/exegesis/node_modules/exegesis/src/oas3/Operation.ts:133:27)
    at Path._operations.HTTP_METHODS.map.filter.reduce (/Users/yaojifeng/WebstormProjects/exegesis/node_modules/exegesis/src/oas3/Path.ts:36:38)
    at Array.reduce (<anonymous>)
    at new Path (/Users/yaojifeng/WebstormProjects/exegesis/node_modules/exegesis/src/oas3/Path.ts:34:14)
    at new Paths (/Users/yaojifeng/WebstormProjects/exegesis/node_modules/exegesis/src/oas3/Paths/index.ts:17:32)
    at new OpenApi (/Users/yaojifeng/WebstormProjects/exegesis/node_modules/exegesis/src/oas3/OpenApi.ts:50:23)
    at Object.<anonymous> (/Users/yaojifeng/WebstormProjects/exegesis/node_modules/exegesis/src/oas3/index.ts:16:12)
    at Generator.next (<anonymous>)
    at /Users/yaojifeng/WebstormProjects/exegesis/node_modules/exegesis/lib/oas3/index.js:7:71
    at new Promise (<anonymous>)
(node:6771) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 2)
(node:6771) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

[jwalton]

Kind of annoying that this in an unhandled promise rejection. But, the root of the problem is that your OpenAPI document has a path called "secure" that references a security scheme:

      security:
        - sessionKey: []

In order for Exegesis to authenticate this user, you need to specify an authenticator. See the docs here: https://github.com/exegesis-js/exegesis/blob/master/docs/OAS3%20Security.md#authenticators.