Skip to content

Proxy logs violation for request with multiple or optional security schemes #141

New issue
New issue
Open
Open
Proxy logs violation for request with multiple or optional security schemes#141
Labels
bugSomething isn't working
@richjyoung

Description

@richjyoung
richjyoung
opened on Oct 23, 2024

This looks like the same issue as #80, except this affects the proxy mode rather than the mock server.

Given the following securitySchemes:

securitySchemes:
  Session:
    type: apiKey
    in: cookie
    name: session
  APIKey:
    type: apiKey
    in: header
    name: "X-API-Key"

In both of the following cases a request with the given security section will log a violation of "API Key X-API-Key not found in header":

# Optional security
security:
  - {}
  - APIKey: []

# Either Cookie or API Key security required
security:
  - Session: []
  - APIKey: []

No violation is logged for the cookie authentication which is present in the request in both cases.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions