Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement Request: Provide a fixed order for OpenAPI security responses #40222

Closed
dgf opened this issue Apr 23, 2024 · 1 comment · Fixed by #40228
Closed

Enhancement Request: Provide a fixed order for OpenAPI security responses #40222

dgf opened this issue Apr 23, 2024 · 1 comment · Fixed by #40228
Labels
area/openapi area/security area/smallrye kind/enhancement New feature or request
Milestone
3.11.0.CR1

Comments

@dgf
Copy link
Contributor

dgf commented Apr 23, 2024

Description

We've encountered some challenges while using OpenAPI definitions generated by Quarkus in our CI workflow. Constantly/randomly it changes the order of the default security responses in the generated OpenAPI JSON and YML files. This has various side effects and requires manual reviews in our processes.

Cause: the function io.quarkus.smallrye.openapi.deployment.filter.AutoRolesAllowedFilter#getSecurityResponses uses currently an unsorted hash map to add the 401 and 403 response.

We fixed it for now in our local env by deploying a SNAPSHOT that uses a LinkedHashMap to add the responses.
Its tested and running well already for some builds and we would like to see the stabilization for the export in one of the next LTS bugfixes.

Thanks in advance.

PS: references to the earlier discussion in the SmallRye OpenAPI project

smallrye/smallrye-open-api#1802
smallrye/smallrye-open-api#1803

Implementation ideas

using a LinkedHashMap
@dgf dgf added the kind/enhancement New feature or request label Apr 23, 2024
@quarkus-bot
Copy link

quarkus-bot bot commented Apr 23, 2024

/cc @EricWittmann (openapi), @MikeEdgar (openapi), @phillip-kruger (openapi), @sberyozkin (security)

This was referenced Apr 23, 2024
Closed
Merged
@quarkus-bot quarkus-bot bot added this to the 3.11 - main milestone Apr 24, 2024
@dgf dgf mentioned this issue Apr 24, 2024
Closed
@MikeEdgar MikeEdgar mentioned this issue Apr 24, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/openapi area/security area/smallrye kind/enhancement New feature or request
Projects
None yet
Milestone
3.11.0.CR1
Development

Successfully merging a pull request may close this issue.

Fixed order for default OpenAPI security responses dgf/quarkus
1 participant
@dgf