litestar icon indicating copy to clipboard operation
litestar copied to clipboard
verified publisher icon litestar-org

Bug: OpenAPI Security Scheme Override

Open Forceres opened this issue 1 year ago • 0 comments

Description

Is it possible to override Bearer Security Scheme header in specific route?

URL to code causing the issue

No response

MCVE

async def check_access_token(
            self,
            request: Request,
            access_token: Annotated[str, Parameter(header="Authorization")],
            async_client: Annotated[AsyncClient, Depends(Component.HTTP)],
            settings: Annotated[Settings, Depends(Component.SHARED)],
    ) -> Response[AuthStatusDto]:
    pass

something like that doesn't work, swagger doesn't send specific header, but when I use global security option - everything is ok. That's a Litestar code with some DI features, I'm looking to override how the security works for a route (I have access_token variable from Authorization header at the route level, and I have global Security Schema that works with Authorization header, but the route level Authorization header doesn't override global)

Steps to reproduce

1. Go to Swagger docs
2. Try to pass Authorization header via endpoint header form
3. Send a request
4. See error

Screenshots

"![SCREENSHOT_DESCRIPTION](SCREENSHOT_LINK.png)"

Logs

No response

Litestar Version

2.12.1

Platform

  • [X] Linux
  • [ ] Mac
  • [ ] Windows
  • [ ] Other (Please specify in the description above)

Forceres avatar Oct 01 '24 20:10 Forceres