[BUG][typescript-fetch] OAuth header should start with "Bearer"
Created by: jbreton
Bug Report Checklist
-
Have you provided a full/minimal spec to reproduce the issue? -
Have you validated the input using an OpenAPI validator (example)? -
Have you tested with the latest master to confirm the issue still exists? -
Have you searched for related issues/PRs? -
What's the actual output vs expected output? -
[Optional] Sponsorship to speed up the bug fix or feature request (example)
Description
The OAuth support of api clients for typescript-fetch does not include the "Bearer" prefix.
Base on RFC-6750, the authentication header value should start with "Bearer". If we compare typescript-fetch (OAuth support with basic bearer (lines 170-178) and also other OAuth implementations, the "Bearer" prefix should be added by the API client.
openapi-generator version
Affects 6.0.0 and is present since at least 5.2.1
OpenAPI declaration file content or url
openapi: "3.0.0"
info:
version: 1.0.0
title: Swagger Petstore
license:
name: MIT
paths:
/pets/{petId}:
get:
summary: Info for a specific pet
operationId: showPetById
tags:
- pets
parameters:
- name: petId
in: path
required: true
description: The id of the pet to retrieve
schema:
type: string
responses:
'200':
description: Expected response to a valid request
content:
application/json:
schema:
$ref: "#/components/schemas/Pet"
default:
description: unexpected error
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
security:
- OAuth2:
- requiredscope
components:
schemas:
Pet:
type: object
required:
- id
- name
properties:
id:
type: integer
format: int64
name:
type: string
tag:
type: string
Error:
type: object
required:
- code
- message
properties:
code:
type: integer
format: int32
message:
type: string
securitySchemes:
OAuth2:
type: oauth2
flows:
authorizationCode:
authorizationUrl: https://example.com/oauth/authorize
tokenUrl: https://example.com/oauth/token
scopes:
requiredscope: Description
Generation Details
I generated the client using
java -jar modules/openapi-generator-cli/target/openapi-generator-cli.jar generate -i typescript-fetch-oauth.yml -g typescript-fetch -o output
Steps to reproduce
- Store the API definition from above in a file named
typescript-fetch-oauth.yml
- Run the above mentioned command line
- Check the file
output/apis/PetsApi.ts
The generated code looks like this :
if (tokenString) {
headerParameters["Authorization"] = await this.configuration.accessToken("OAuth2", ["requiredscope"]);
}
It should look like this :
if (this.configuration && this.configuration.accessToken) {
// oauth required
const token = this.configuration.accessToken;
const tokenString = await token("OAuth2", ["requiredscope"]);
if (tokenString) {
headerParameters["Authorization"] = `Bearer ${tokenString}`;
}
}
Suggest a fix
diff --git a/modules/openapi-generator/src/main/resources/typescript-fetch/apis.mustache b/modules/openapi-generator/src/main/resources/typescript-fetch/apis.mustache
index 3249eb97708..eb4e41e947e 100644
--- a/modules/openapi-generator/src/main/resources/typescript-fetch/apis.mustache
+++ b/modules/openapi-generator/src/main/resources/typescript-fetch/apis.mustache
@@ -195,7 +195,12 @@ export class {{classname}} extends runtime.BaseAPI {
{{#isOAuth}}
if (this.configuration && this.configuration.accessToken) {
// oauth required
- headerParameters["Authorization"] = await this.configuration.accessToken("{{name}}", [{{#scopes}}"{{{scope}}}"{{^-last}}, {{/-last}}{{/scopes}}]);
+ const token = this.configuration.accessToken;
+ const tokenString = await token("{{name}}", [{{#scopes}}"{{{scope}}}"{{^-last}}, {{/-last}}{{/scopes}}]);
+
+ if (tokenString) {
+ headerParameters["Authorization"] = `Bearer ${tokenString}`;
+ }
}
{{/isOAuth}}