loafle/openapi-generator
3
0
Fork 0
forked from loafle/openapi-generator-original
Code Pull Requests Activity

Compare security schema names case-insensitive (#10989)

Browse Source 
According to RFC 7235 (HTTP/1.1: Authentication), schema tokens are
handled case-insensitive (Section 2.1: Challenge and Response). This
change compares the known token values basic, bearer, and signature
case-insensitive.

- https://datatracker.ietf.org/doc/html/rfc7235#section-2.1
This commit is contained in:
jzorn
2021-12-04 06:18:06 +01:00
committed by GitHub
parent 8fc6172c6d
commit 8bc069778f
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
modules/openapi-generator/src/main/java/org/openapitools/codegen/DefaultCodegen.java
View File

@@ -4774,12 +4774,12 @@ public class DefaultCodegen implements CodegenConfig {
final CodegenSecurity cs = defaultCodegenSecurity(key, securityScheme);
cs.isKeyInHeader = cs.isKeyInQuery = cs.isKeyInCookie = cs.isApiKey = cs.isOAuth = false;
cs.isBasic = true;
if ("basic".equals(securityScheme.getScheme())) {
if ("basic".equalsIgnoreCase(securityScheme.getScheme())) {
cs.isBasicBasic = true;
} else if ("bearer".equals(securityScheme.getScheme())) {
} else if ("bearer".equalsIgnoreCase(securityScheme.getScheme())) {
cs.isBasicBearer = true;
cs.bearerFormat = securityScheme.getBearerFormat();
} else if ("signature".equals(securityScheme.getScheme())) {
} else if ("signature".equalsIgnoreCase(securityScheme.getScheme())) {
// HTTP signature as defined in https://datatracker.ietf.org/doc/draft-cavage-http-signatures/
// The registry of security schemes is maintained by IANA.
// https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml