Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jersey2: Move setting of authentication parameters before generating target URL to consider API keys in URL parameters #20688

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Jersey2: Move setting of authentication parameters before generating target URL to consider API keys in URL parameters #20688

wants to merge 1 commit into from

Conversation

jheyens
Copy link

@jheyens jheyens commented Feb 19, 2025

A bug in ApiClient.musache causes API-keys to be ignored when generating from an OpenAPI-specification file with an ApiKey securityScheme:

{
  "openapi" : "3.0.0",
  "security" : [ {
    "ApiKey" : [ ]
  } ],
[...]
  "components" : {
    "securitySchemes" : {
      "ApiKey" : {
        "type" : "apiKey",
        "description" : "Description",
        "name" : "apiKey",
        "in" : "query"
      }
    }
  }
}

The generated code applies the query parameters to the WebTarget at ApiClient.mustache:1235, but the query parameters do not yet contain the API-key parameter, which is only added afterwards in ApiClient.mustache:1271.
The fix proposed in this PR is to apply all authentication settings before adding query parameters, resulting in query-parameter-based authentication schemes being added to the target URL.

PR checklist

  • Read the contribution guidelines.
  • Pull Request title clearly describes the work in the pull request and Pull Request description provides details about how to validate the work. Missing information here may result in delayed response from the community.
  • Run the following to build the project and update samples: 
    ./mvnw clean package || exit
./bin/generate-samples.sh ./bin/configs/*.yaml || exit
./bin/utils/export_docs_generators.sh || exit
    (For Windows users, please run the script in Git BASH)
    Commit all changed files.
    This is important, as CI jobs will verify all generator outputs of your HEAD commit as it would merge with master.
    These must match the expectations made by your contribution.
    You may regenerate an individual generator by passing the relevant config(s) as an argument to the script, for example ./bin/generate-samples.sh bin/configs/java*.
    IMPORTANT: Do NOT purge/delete any folders/files (e.g. tests) when regenerating the samples as manually written tests may be removed.
  • File the PR against the correct branch: master (upcoming 7.x.0 minor release - breaking changes with fallbacks), 8.0.x (breaking changes without fallbacks)
  • If your PR is targeting a particular programming language, @mention the technical committee members, so they are more likely to review the pull request.

@bbdouglas @sreeshas @jfiala @lukoyanov @cbornet @jeff9finger @karismann @Zomzog @lwlee2608 @martin-mfg

@jheyens jheyens force-pushed the fixJersey2QueryParams branch from 3c4d925 to 790bc5e Compare February 19, 2025 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jheyens