Skip to content
GitLab
Closed
Issue created by Administrator@rootContributor5 of 6 checklist items completed5/6 checklist items

[BUG][Python] Bug in Cookie authentication

Created by: tomghyselinck

Bug Report Checklist

  • Have you provided a full/minimal spec to reproduce the issue?
  • Have you validated the input using an OpenAPI validator (example)?
  • What's the version of OpenAPI Generator used?
  • Have you search for related issues/PRs?
  • What's the actual output vs expected output?
  • [Optional] Bounty to sponsor the fix
Description

We use apiKey authentication via cookie in an OpenAPI 3.0 spec file.

We generate Python client code.

The generated openapi_client/configuration.py contains invalid code: The 'in' key in the auth_settings() map misses a value.

    def auth_settings(self):
        """Gets Auth Settings dict for api client.

        :return: The Auth Settings information dict.
        """
        return {
            'FullAccessAuth':
                {
                    'type': 'api_key',
                    'in': ,
                    'key': 'FULL_ACCESS_TOKEN',
                    'value': self.get_api_key_with_prefix('FULL_ACCESS_TOKEN')
                },
        }

We expect it to be either:

    def auth_settings(self):
        """Gets Auth Settings dict for api client.

        :return: The Auth Settings information dict.
        """
        return {
            'FullAccessAuth':
                {
                    'type': 'api_key',
                    'in': 'cookie',
                    'key': 'FULL_ACCESS_TOKEN',
                    'value': self.get_api_key_with_prefix('FULL_ACCESS_TOKEN')
                },
        }

or

    def auth_settings(self):
        """Gets Auth Settings dict for api client.

        :return: The Auth Settings information dict.
        """
        return {}
openapi-generator version

4.0.0-SNAPSHOT: https://oss.sonatype.org/content/repositories/snapshots/org/openapitools/openapi-generator-cli/4.0.0-SNAPSHOT/openapi-generator-cli-4.0.0-20190206.074014-271.jar

OpenAPI declaration file content or url

python-cookie-auth.yaml:

openapi: '3.0.1'
info:
        title: Test REST API
        version: "1.0"
servers:
- url: http://localhost:8080/
paths:
        /data:
                get:
                        summary: Get the Data
                        responses:
                                200:
                                        description: The Data
                                        content:
                                                application/json:
                                                        schema:
                                                                type: string
                        security:
                        - FullAccessAuth: []
components:
        securitySchemes:
                FullAccessAuth:
                        type: apiKey
                        in: cookie
                        name: FULL_ACCESS_TOKEN
Command line used for generation
java -jar openapi-generator-cli-4.x.jar generate -i ./python-cookie-auth.yaml -g python -o ./python-cookie-auth/
Steps to reproduce
wget \
    'https://oss.sonatype.org/content/repositories/snapshots/org/openapitools/openapi-generator-cli/4.0.0-SNAPSHOT/openapi-generator-cli-4.0.0-20190206.074014-271.jar' \
    -O 'openapi-generator-cli-4.x.jar'
rm -rf python-cookie-auth/
java -jar openapi-generator-cli-4.x.jar generate -i ./python-cookie-auth.yaml -g python -o ./python-cookie-auth/

You can also use the files in attachment: python-cookie-auth.zip

Related issues/PRs
Suggest a fix

When cookie authentication is used, we actually don't need the item (i.e. 'FullAccessAuth') in the dict. The cookie should be set to the ApiClient.cookie object when the Set-Cookie HTTP header is received by the ApiClient object (see also #2077 (closed)).