Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

securityDefinitions are not added to the headers #25

Open
chathudan opened this issue Apr 15, 2019 · 3 comments
Open

securityDefinitions are not added to the headers #25

chathudan opened this issue Apr 15, 2019 · 3 comments
Labels
enhancement New feature or request

Comments

@chathudan
Copy link

Thank you for the great plugin.

It seems security definitions are not added to the headers and generated code has empty headers which giving runtime errors. Please see below swagger example.

"/login": {
            "post": {

                "security": [
                    {
                        "apiKey": []
                    }
                ] 
            }
        }
"securityDefinitions": {
        "apiKey": {
            "type": "apiKey",
            "name": "x-api-key",
            "in": "header"
        },
        "accessToken": {
            "type": "apiKey",
            "name": "x-access-token",
            "in": "header",
            "description": "Unique user authentication token"
        }
    }
@cortinico
Copy link
Collaborator

Hey @chathudan
(Sorry for the late answer but I missed this issue)

That's intentional.

We decided to strip out all the securityDefinitions and handle the auth at the OkHttp/Interceptor level. This works really well when you have hundreds on authenticated endpoints and you don't want to pass the x-access-token every time.

I'll keep this as a feature request and would love to be know if someone else is interested in having this feature.

@cortinico cortinico added the enhancement New feature or request label Jun 4, 2019
@chathudan
Copy link
Author

@cortinico Thank you for your message and awesome plugin, I already added Interceptor and did the job. Please consider a callback for Authenticator to handle 401 and interact user to re-authenticate.

@cortinico
Copy link
Collaborator

Please consider a callback for Authenticator to handle 401 and interact user to re-authenticate.

I don't think this is in the scope of the Gradle plugin but should be configured on the OkHttpClient.
It's up to the client to take care of authentication (either with an Interceptor or with an Authenticator). The Gradle plugin is just generating Retrofit interfaces.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants