Skip to content

Endpoint should be 'no auth' when empty JSON object specified for security #332

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jez9999 opened this issue Feb 11, 2021 · 3 comments · Fixed by #349
Closed

Endpoint should be 'no auth' when empty JSON object specified for security #332

jez9999 opened this issue Feb 11, 2021 · 3 comments · Fixed by #349

Comments

@jez9999
Copy link

jez9999 commented Feb 11, 2021

I've been talking to the maintainer of OpenAPI.NET on Github, and he says that the way I should override an operation to indicate "anonymous" is to get OpenAPI.NET to render a new security section with an empty JSON object in; for example:

  "paths": {
    "/api/v8/apiInfo/buildinfo": {
      "get": {
        "tags": [
          "ApiInfo"
        ],
        [...]
        "security": [
          { }
        ]
      }
    },

In addition, this has been brought to the attention of the swagger-ui project, and they've agreed with this behaviour and modified swagger-ui to display no padlock for such a security override, indicating "no authorization".

At the moment, when I generate a collection from an API definition in Postman, such an override still results in an "inherit from parent" security setting for that endpoint. It should be generated with "no auth".
@pcgamer1
Copy link
Contributor

@VShingala can I work on this?

@pcgamer1 pcgamer1 mentioned this issue Mar 28, 2021
Merged
@VShingala
Copy link
Member

@pcgamer1 Sure, and thanks for the contribution. I have reviewed your PR and have added few comments.

@VShingala
Copy link
Member

@jez9999 @pcgamer1 I've merged raised PR and this will be available with next release of app.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added a check for an empty object for no authorization pcgamer1/openapi-to-postman
3 participants
@jez9999 @VShingala @pcgamer1