[BUG][typescript-angular] Security definition collision in API key lookup
Created by: djnalluri
Bug Report Checklist
-
Have you provided a full/minimal spec to reproduce the issue? -
Have you validated the input using an OpenAPI validator (example)? -
What's the version of OpenAPI Generator used? -
Have you search for related issues/PRs? -
What's the actual output vs expected output? -
[Optional] Bounty to sponsor the fix (example)
Description
When searching for credentials to use for API key authentication, the client searches the configuration object using the name of the header. It is possible for two different security definitions to use the same header name and still provide a valid OpenAPI spec. This behaviour can be problematic when an API provides a set of endpoints that are split between one or the other and the nature of the definitions do not allow interchangeability. The correct key needs to be inserted into the configuration object prior to each request.
openapi-generator version
4.2.x
OpenAPI declaration file content or url
https://gist.github.com/djnalluri/afbf899e7d730257b2c02a9a157f99de
Command line used for generation
java -jar openapi-generator-cli.jar generate -g typescript-angular -i example.yaml -o example
Steps to reproduce
Use the spec file and command provided above to generate a client.
Related issues/PRs
None for Typescript
Suggest a fix
Since security definitions cannot share a name, I suggest looking up the key using the definition name instead of the header.
When using the provided example, instead of the following code:
if (this.configuration.apiKeys && this.configuration.apiKeys["Authorization"]) {
headers = headers.set('Authorization', this.configuration.apiKeys["Authorization"]);
}this code or similar should be generated:
if (this.configuration.apiKeys && this.configuration.apiKeys["ExampleA"]) {
headers = headers.set('Authorization', this.configuration.apiKeys["ExampleA"]);
}