diff --git a/modules/openapi-generator/src/main/resources/python/api_client.mustache b/modules/openapi-generator/src/main/resources/python/api_client.mustache index 5325a63cfac..84f67161314 100644 --- a/modules/openapi-generator/src/main/resources/python/api_client.mustache +++ b/modules/openapi-generator/src/main/resources/python/api_client.mustache @@ -523,6 +523,8 @@ class ApiClient(object): if auth_setting: if not auth_setting['value']: continue + elif auth_setting['in'] == 'cookie': + headers['Cookie'] = auth_setting['value'] elif auth_setting['in'] == 'header': headers[auth_setting['key']] = auth_setting['value'] elif auth_setting['in'] == 'query': diff --git a/modules/openapi-generator/src/main/resources/python/configuration.mustache b/modules/openapi-generator/src/main/resources/python/configuration.mustache index 2aaf9851d79..25eb5dd0545 100644 --- a/modules/openapi-generator/src/main/resources/python/configuration.mustache +++ b/modules/openapi-generator/src/main/resources/python/configuration.mustache @@ -218,7 +218,7 @@ class Configuration(six.with_metaclass(TypeWithDefault, object)): '{{name}}': { 'type': 'api_key', - 'in': {{#isKeyInHeader}}'header'{{/isKeyInHeader}}{{#isKeyInQuery}}'query'{{/isKeyInQuery}}, + 'in': {{#isKeyInCookie}}'cookie'{{/isKeyInCookie}}{{#isKeyInHeader}}'header'{{/isKeyInHeader}}{{#isKeyInQuery}}'query'{{/isKeyInQuery}}, 'key': '{{keyParamName}}', 'value': self.get_api_key_with_prefix('{{keyParamName}}') }, diff --git a/modules/openapi-generator/src/test/resources/3_0/petstore.yaml b/modules/openapi-generator/src/test/resources/3_0/petstore.yaml index 255b325a1f2..b931ddc0302 100644 --- a/modules/openapi-generator/src/test/resources/3_0/petstore.yaml +++ b/modules/openapi-generator/src/test/resources/3_0/petstore.yaml @@ -374,6 +374,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] requestBody: content: application/json: @@ -391,6 +393,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] requestBody: $ref: '#/components/requestBodies/UserArray' /user/createWithList: @@ -403,6 +407,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] requestBody: $ref: '#/components/requestBodies/UserArray' /user/login: @@ -430,6 +436,13 @@ paths: '200': description: successful operation headers: + Set-Cookie: + description: >- + Cookie authentication key for use with the `auth_cookie` + apiKey authentication. + schema: + type: string + example: AUTH_KEY=abcde12345; Path=/; HttpOnly X-Rate-Limit: description: calls per hour allowed by the user schema: @@ -459,6 +472,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] '/user/{username}': get: tags: @@ -505,6 +520,8 @@ paths: description: Invalid user supplied '404': description: User not found + security: + - auth_cookie: [] requestBody: content: application/json: @@ -530,6 +547,8 @@ paths: description: Invalid username supplied '404': description: User not found + security: + - auth_cookie: [] externalDocs: description: Find out more about Swagger url: 'http://swagger.io' @@ -567,6 +586,10 @@ components: type: apiKey name: api_key in: header + auth_cookie: + type: apiKey + name: AUTH_KEY + in: cookie schemas: Order: title: Pet Order diff --git a/samples/client/petstore-security-test/python/petstore_api/api_client.py b/samples/client/petstore-security-test/python/petstore_api/api_client.py index 6132154e1b1..149de58cf16 100644 --- a/samples/client/petstore-security-test/python/petstore_api/api_client.py +++ b/samples/client/petstore-security-test/python/petstore_api/api_client.py @@ -517,6 +517,8 @@ class ApiClient(object): if auth_setting: if not auth_setting['value']: continue + elif auth_setting['in'] == 'cookie': + headers['Cookie'] = auth_setting['value'] elif auth_setting['in'] == 'header': headers[auth_setting['key']] = auth_setting['value'] elif auth_setting['in'] == 'query': diff --git a/samples/client/petstore/python-asyncio/petstore_api/api_client.py b/samples/client/petstore/python-asyncio/petstore_api/api_client.py index d10ef76ce17..f5f0a3ca0a4 100644 --- a/samples/client/petstore/python-asyncio/petstore_api/api_client.py +++ b/samples/client/petstore/python-asyncio/petstore_api/api_client.py @@ -516,6 +516,8 @@ class ApiClient(object): if auth_setting: if not auth_setting['value']: continue + elif auth_setting['in'] == 'cookie': + headers['Cookie'] = auth_setting['value'] elif auth_setting['in'] == 'header': headers[auth_setting['key']] = auth_setting['value'] elif auth_setting['in'] == 'query': diff --git a/samples/client/petstore/python-tornado/petstore_api/api_client.py b/samples/client/petstore/python-tornado/petstore_api/api_client.py index debb463cf16..681deec4be7 100644 --- a/samples/client/petstore/python-tornado/petstore_api/api_client.py +++ b/samples/client/petstore/python-tornado/petstore_api/api_client.py @@ -518,6 +518,8 @@ class ApiClient(object): if auth_setting: if not auth_setting['value']: continue + elif auth_setting['in'] == 'cookie': + headers['Cookie'] = auth_setting['value'] elif auth_setting['in'] == 'header': headers[auth_setting['key']] = auth_setting['value'] elif auth_setting['in'] == 'query': diff --git a/samples/client/petstore/python/petstore_api/api_client.py b/samples/client/petstore/python/petstore_api/api_client.py index a8f86aecf39..27c3f81329b 100644 --- a/samples/client/petstore/python/petstore_api/api_client.py +++ b/samples/client/petstore/python/petstore_api/api_client.py @@ -516,6 +516,8 @@ class ApiClient(object): if auth_setting: if not auth_setting['value']: continue + elif auth_setting['in'] == 'cookie': + headers['Cookie'] = auth_setting['value'] elif auth_setting['in'] == 'header': headers[auth_setting['key']] = auth_setting['value'] elif auth_setting['in'] == 'query': diff --git a/samples/openapi3/client/petstore/python/petstore_api/api_client.py b/samples/openapi3/client/petstore/python/petstore_api/api_client.py index a8f86aecf39..27c3f81329b 100644 --- a/samples/openapi3/client/petstore/python/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python/petstore_api/api_client.py @@ -516,6 +516,8 @@ class ApiClient(object): if auth_setting: if not auth_setting['value']: continue + elif auth_setting['in'] == 'cookie': + headers['Cookie'] = auth_setting['value'] elif auth_setting['in'] == 'header': headers[auth_setting['key']] = auth_setting['value'] elif auth_setting['in'] == 'query': diff --git a/samples/server/openapi3/petstore/python-flask-python2/openapi_server/controllers/security_controller_.py b/samples/server/openapi3/petstore/python-flask-python2/openapi_server/controllers/security_controller_.py index 1db7a68f466..b4bd85dd1a7 100644 --- a/samples/server/openapi3/petstore/python-flask-python2/openapi_server/controllers/security_controller_.py +++ b/samples/server/openapi3/petstore/python-flask-python2/openapi_server/controllers/security_controller_.py @@ -17,6 +17,22 @@ def info_from_api_key(api_key, required_scopes): return {'uid': 'user_id'} +def info_from_auth_cookie(api_key, required_scopes): + """ + Check and retrieve authentication information from api_key. + Returned value will be passed in 'token_info' parameter of your operation function, if there is one. + 'sub' or 'uid' will be set in 'user' parameter of your operation function, if there is one. + + :param api_key API key provided by Authorization header + :type api_key: str + :param required_scopes Always None. Used for other authentication method + :type required_scopes: None + :return: Information attached to provided api_key or None if api_key is invalid or does not allow access to called API + :rtype: dict | None + """ + return {'uid': 'user_id'} + + def info_from_petstore_auth(token): """ Validate and decode token. diff --git a/samples/server/openapi3/petstore/python-flask-python2/openapi_server/openapi/openapi.yaml b/samples/server/openapi3/petstore/python-flask-python2/openapi_server/openapi/openapi.yaml index db646b96cb5..78023b8964c 100644 --- a/samples/server/openapi3/petstore/python-flask-python2/openapi_server/openapi/openapi.yaml +++ b/samples/server/openapi3/petstore/python-flask-python2/openapi_server/openapi/openapi.yaml @@ -395,6 +395,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] summary: Create user tags: - user @@ -407,6 +409,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] summary: Creates list of users with given input array tags: - user @@ -419,6 +423,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] summary: Creates list of users with given input array tags: - user @@ -455,6 +461,13 @@ paths: type: string description: successful operation headers: + Set-Cookie: + description: Cookie authentication key for use with the `auth_cookie` apiKey authentication. + explode: false + schema: + example: AUTH_KEY=abcde12345; Path=/; HttpOnly + type: string + style: simple X-Rate-Limit: description: calls per hour allowed by the user explode: false @@ -481,6 +494,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] summary: Logs out current logged in user session tags: - user @@ -503,6 +518,8 @@ paths: description: Invalid username supplied 404: description: User not found + security: + - auth_cookie: [] summary: Delete user tags: - user @@ -560,6 +577,8 @@ paths: description: Invalid user supplied 404: description: User not found + security: + - auth_cookie: [] summary: Updated user tags: - user @@ -803,3 +822,8 @@ components: name: api_key type: apiKey x-apikeyInfoFunc: openapi_server.controllers.security_controller_.info_from_api_key + auth_cookie: + in: cookie + name: AUTH_KEY + type: apiKey + x-apikeyInfoFunc: openapi_server.controllers.security_controller_.info_from_auth_cookie diff --git a/samples/server/openapi3/petstore/python-flask-python2/openapi_server/test/test_user_controller.py b/samples/server/openapi3/petstore/python-flask-python2/openapi_server/test/test_user_controller.py index c71f332d0de..0675b6d294e 100644 --- a/samples/server/openapi3/petstore/python-flask-python2/openapi_server/test/test_user_controller.py +++ b/samples/server/openapi3/petstore/python-flask-python2/openapi_server/test/test_user_controller.py @@ -30,6 +30,7 @@ class TestUserController(BaseTestCase): } headers = { 'Content-Type': 'application/json', + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user', @@ -48,6 +49,7 @@ class TestUserController(BaseTestCase): user = [] headers = { 'Content-Type': 'application/json', + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/createWithArray', @@ -66,6 +68,7 @@ class TestUserController(BaseTestCase): user = [] headers = { 'Content-Type': 'application/json', + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/createWithList', @@ -82,6 +85,7 @@ class TestUserController(BaseTestCase): Delete user """ headers = { + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/{username}'.format(username='username_example'), @@ -129,6 +133,7 @@ class TestUserController(BaseTestCase): Logs out current logged in user session """ headers = { + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/logout', @@ -154,6 +159,7 @@ class TestUserController(BaseTestCase): } headers = { 'Content-Type': 'application/json', + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/{username}'.format(username='username_example'), diff --git a/samples/server/openapi3/petstore/python-flask/openapi_server/controllers/security_controller_.py b/samples/server/openapi3/petstore/python-flask/openapi_server/controllers/security_controller_.py index 1db7a68f466..b4bd85dd1a7 100644 --- a/samples/server/openapi3/petstore/python-flask/openapi_server/controllers/security_controller_.py +++ b/samples/server/openapi3/petstore/python-flask/openapi_server/controllers/security_controller_.py @@ -17,6 +17,22 @@ def info_from_api_key(api_key, required_scopes): return {'uid': 'user_id'} +def info_from_auth_cookie(api_key, required_scopes): + """ + Check and retrieve authentication information from api_key. + Returned value will be passed in 'token_info' parameter of your operation function, if there is one. + 'sub' or 'uid' will be set in 'user' parameter of your operation function, if there is one. + + :param api_key API key provided by Authorization header + :type api_key: str + :param required_scopes Always None. Used for other authentication method + :type required_scopes: None + :return: Information attached to provided api_key or None if api_key is invalid or does not allow access to called API + :rtype: dict | None + """ + return {'uid': 'user_id'} + + def info_from_petstore_auth(token): """ Validate and decode token. diff --git a/samples/server/openapi3/petstore/python-flask/openapi_server/openapi/openapi.yaml b/samples/server/openapi3/petstore/python-flask/openapi_server/openapi/openapi.yaml index db646b96cb5..78023b8964c 100644 --- a/samples/server/openapi3/petstore/python-flask/openapi_server/openapi/openapi.yaml +++ b/samples/server/openapi3/petstore/python-flask/openapi_server/openapi/openapi.yaml @@ -395,6 +395,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] summary: Create user tags: - user @@ -407,6 +409,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] summary: Creates list of users with given input array tags: - user @@ -419,6 +423,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] summary: Creates list of users with given input array tags: - user @@ -455,6 +461,13 @@ paths: type: string description: successful operation headers: + Set-Cookie: + description: Cookie authentication key for use with the `auth_cookie` apiKey authentication. + explode: false + schema: + example: AUTH_KEY=abcde12345; Path=/; HttpOnly + type: string + style: simple X-Rate-Limit: description: calls per hour allowed by the user explode: false @@ -481,6 +494,8 @@ paths: responses: default: description: successful operation + security: + - auth_cookie: [] summary: Logs out current logged in user session tags: - user @@ -503,6 +518,8 @@ paths: description: Invalid username supplied 404: description: User not found + security: + - auth_cookie: [] summary: Delete user tags: - user @@ -560,6 +577,8 @@ paths: description: Invalid user supplied 404: description: User not found + security: + - auth_cookie: [] summary: Updated user tags: - user @@ -803,3 +822,8 @@ components: name: api_key type: apiKey x-apikeyInfoFunc: openapi_server.controllers.security_controller_.info_from_api_key + auth_cookie: + in: cookie + name: AUTH_KEY + type: apiKey + x-apikeyInfoFunc: openapi_server.controllers.security_controller_.info_from_auth_cookie diff --git a/samples/server/openapi3/petstore/python-flask/openapi_server/test/test_user_controller.py b/samples/server/openapi3/petstore/python-flask/openapi_server/test/test_user_controller.py index c71f332d0de..0675b6d294e 100644 --- a/samples/server/openapi3/petstore/python-flask/openapi_server/test/test_user_controller.py +++ b/samples/server/openapi3/petstore/python-flask/openapi_server/test/test_user_controller.py @@ -30,6 +30,7 @@ class TestUserController(BaseTestCase): } headers = { 'Content-Type': 'application/json', + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user', @@ -48,6 +49,7 @@ class TestUserController(BaseTestCase): user = [] headers = { 'Content-Type': 'application/json', + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/createWithArray', @@ -66,6 +68,7 @@ class TestUserController(BaseTestCase): user = [] headers = { 'Content-Type': 'application/json', + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/createWithList', @@ -82,6 +85,7 @@ class TestUserController(BaseTestCase): Delete user """ headers = { + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/{username}'.format(username='username_example'), @@ -129,6 +133,7 @@ class TestUserController(BaseTestCase): Logs out current logged in user session """ headers = { + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/logout', @@ -154,6 +159,7 @@ class TestUserController(BaseTestCase): } headers = { 'Content-Type': 'application/json', + 'auth_cookie': 'special-key', } response = self.client.open( '/v2/user/{username}'.format(username='username_example'),