openapi-python-client icon indicating copy to clipboard operation
openapi-python-client copied to clipboard

Published 20 hours ago verified publisher icon openapi-generators

apiKey securityScheme support

Open jrobbins-LiveData opened this issue 2 years ago • 4 comments

I'm using a third-party API which has this securityScheme:

components:
  securitySchemes:
    jwtAuth:
      type: apiKey
      in: header
      name: Auth

and this path (redacted as it is not my API):

  /auth/login:
    put:
      security:
        - {}
      tags:
        - Authentication
      requestBody:
        content:
           .
           .
           .

      responses:
        '200':
          headers:
            auth:
              schema:
                type: string
                description: 
                format: jwt

The generated code for this API is:

@attr.s(auto_attribs=True)
class AuthenticatedClient(Client):
    """A Client which has been authenticated for use on secured endpoints"""

    token: str

    def get_headers(self) -> Dict[str, str]:
        """Get headers to be used in authenticated endpoints"""
        return {"Authorization": f"Bearer {self.token}", **self.headers}

The desired code is:

@attr.s(auto_attribs=True)
class AuthenticatedClient(Client):
    """A Client which has been authenticated for use on secured endpoints"""

    token: str

    def get_headers(self) -> Dict[str, str]:
        """Get headers to be used in authenticated endpoints"""
        return {"Auth": self.token, **self.headers}

jrobbins-LiveData avatar Apr 20 '22 10:04 jrobbins-LiveData

I also am dealing with openapi docs that use Basic HTTP Authentication

  securitySchemes:
    basicAuth:
      type: http
      scheme: basic

I'm then adding to my request...

      security:
        - basicAuth: []

openapi-python-client does understand that the request should be an authenticated request, since it defines client parameter in the signature of sync/async/sync_detailed/async_detailed methods to be of the type AuthenticatedClient as opposed to just Client. But, the AuthenticatedClient seems to default to a bearer token (as @jrobbins-LiveData shows).

scorgn avatar May 15 '22 17:05 scorgn

Is it posible to fix by templates?

Nov1kov avatar Aug 15 '22 21:08 Nov1kov

Yes, it is.

Workaround:

Please follow this https://github.com/openapi-generators/openapi-python-client#using-custom-templates Edit this line in your custom template as you want. https://github.com/openapi-generators/openapi-python-client/blob/5861c7c307a94e8cd2a8645172681c322cc9fb45/openapi_python_client/templates/client.py.jinja#L45

Nov1kov avatar Aug 15 '22 22:08 Nov1kov

Awesome, thanks for providing a workaround @Nov1kov !

dbanty avatar Aug 17 '22 18:08 dbanty

Maybe it would be a good idea to just pass through the auth parameter to httpx. This would allow one to easily customize authentication, or use existing "plugins", without modifying the client or template. Here's the documentation on what is possible using that parameter, and an example of a plugin would be httpx-ntlm

philnagel avatar Feb 06 '23 21:02 philnagel

Sounds like another +1 for #202

dbanty avatar Feb 06 '23 21:02 dbanty