wiretap icon indicating copy to clipboard operation
wiretap copied to clipboard

Published 20 hours ago verified publisher icon pb33f

Proxy logs violation for request with multiple or optional security schemes

Open richjyoung opened this issue 1 year ago • 0 comments

This looks like the same issue as https://github.com/pb33f/wiretap/issues/80, except this affects the proxy mode rather than the mock server.

Given the following securitySchemes:

securitySchemes:
  Session:
    type: apiKey
    in: cookie
    name: session
  APIKey:
    type: apiKey
    in: header
    name: "X-API-Key"

In both of the following cases a request with the given security section will log a violation of "API Key X-API-Key not found in header":

# Optional security
security:
  - {}
  - APIKey: []

# Either Cookie or API Key security required
security:
  - Session: []
  - APIKey: []

No violation is logged for the cookie authentication which is present in the request in both cases.

richjyoung avatar Oct 23 '24 12:10 richjyoung