open-api icon indicating copy to clipboard operation
open-api copied to clipboard

Published 20 hours ago verified publisher icon kogosoftwarellc

Quick question: [express-openapi]: is validation done for securitySchemes?

Open baslr opened this issue 2 years ago • 0 comments

I have the openapi version 3 security scheme

securitySchemes:
  ApiKeyAuth:
    type: apiKey
    in: header
    name: sessionid

Is validation done prior to calling the handler function in securityHandlers? For example checking that the header contains sessionid and rejecting the request if nothing was found?

In my case the security handler is called even when nothing to check is supplied. (Header field is not set).

baslr avatar Jan 28 '22 00:01 baslr