New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Java] [Kotlin] (#14876) fix use of isBasic conditions - do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes) #15220

Merged

wing328 merged 4 commits into OpenAPITools:master from tiffmaelite:fix/align_use-HttpBearerAuth_import-HttpBearerAuth

May 22, 2023

Contributor

tiffmaelite commented Apr 14, 2023 •

edited

Loading

First small replacement for #14878 to fix #14876

PR checklist

Read the contribution guidelines.
Pull Request title clearly describes the work in the pull request and Pull Request description provides details about how to validate the work. Missing information here may result in delayed response from the community.
Run the following to build the project and update samples:
```
./mvnw clean package 
./bin/generate-samples.sh
./bin/utils/export_docs_generators.sh
```
Commit all changed files.
This is important, as CI jobs will verify all generator outputs of your HEAD commit as it would merge with master.
These must match the expectations made by your contribution.
You may regenerate an individual generator by passing the relevant config(s) as an argument to the script, for example ./bin/generate-samples.sh bin/configs/java*.
For Windows users, please run the script in Git BASH.
File the PR against the correct branch: master (6.3.0) (minor release - breaking changes with fallbacks), 7.0.x (breaking changes without fallbacks)
If your PR is targeting a particular programming language, @mention the technical committee members, so they are more likely to review the pull request.

@bbdouglas @sreeshas @jfiala @lukoyanov @cbornet @jeff9finger @karismann @Zomzog @lwlee2608

from previous PR: @borsch @wing328

tiffmaelite changed the title ~~import HttpBearerAuth only when relevant + not use HttpBearerAuth for…~~ do not use HttpBearerAuth for signature auth when it is not supported or for other unsupported http auth methods

tiffmaelite force-pushed the fix/align_use-HttpBearerAuth_import-HttpBearerAuth branch 3 times, most recently from c6315a6 to 516d5f5 Compare

April 14, 2023 12:36

tiffmaelite mentioned this pull request

remove http_signature_test from samples when not supported #15221

Closed

17 tasks

tiffmaelite changed the title ~~do not use HttpBearerAuth for signature auth when it is not supported or for other unsupported http auth methods~~ do not use HttpBearerAuth (or HttpBaisAuth) for other http auth methods (such as http signature auth or custom schemes)

tiffmaelite changed the title ~~do not use HttpBearerAuth (or HttpBaisAuth) for other http auth methods (such as http signature auth or custom schemes)~~ do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)

tiffmaelite changed the title ~~do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)~~ [fix #14876] do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)

tiffmaelite changed the title ~~[fix #14876] do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)~~ [Java] [Kotlin] [fix #14876] do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)

tiffmaelite changed the title ~~[Java] [Kotlin] [fix #14876] do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)~~ [Java] [Kotlin] [fix 14876] do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)

tiffmaelite closed this

tiffmaelite reopened this

tiffmaelite changed the title ~~[Java] [Kotlin] [fix 14876] do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)~~ [Java] [Kotlin] [fix issue 14876] do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)

borsch approved these changes

View reviewed changes

Contributor Author

tiffmaelite commented Apr 20, 2023 •

edited

Loading

Additional precision regarding target of this PR: some projects might rely on this bug if their openapi.yaml file contains a valid authorization scheme unsupported by the used generator in order to have these auth methods included in the generated code and then have custom workarounds implemented in their project to replace the way the authentication is handled.

Because I was not sure of how much this fix could disrupt projects misusing the authorization part, I decided to go against 7.x rather than master.

In any case, as I mentioned in the linked issue, I initially observed the bug with version 4.2.3 and it probably existed for a long time already, so it looks like it does not affect a lot of people and can wait a little longer and be marked as "potential breaking change without fallback" in the next major release.

borsch added the Breaking change (without fallback) label

borsch added this to the 7.0.0 milestone

tiffmaelite mentioned this pull request

[JAVA/Kotlin] Bug invalid code for ApiClient generated when ONLY using an http authentication which is neither basic nor bearer #14876

Closed

tiffmaelite changed the title ~~[Java] [Kotlin] [fix issue 14876] do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)~~ [Java] [Kotlin] (#14876) do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)

tiffmaelite mentioned this pull request

fix use of isBasic and isBasicBasic and isBasicBearer and isHttpSignature in documentation #15443

Merged

5 tasks

tiffmaelite changed the base branch from 7.0.x to master

May 11, 2023 06:50

tiffmaelite force-pushed the fix/align_use-HttpBearerAuth_import-HttpBearerAuth branch from 516d5f5 to 928c086 Compare

May 11, 2023 07:00

tiffmaelite closed this

tiffmaelite reopened this

This was referenced May 16, 2023

[Ruby] add missing scheme description in README file #15519

Closed

[PHP] fix use of isBasic condition #15520

Merged

[bash] fix use of isBasic condition #15521

Merged

[javascript] fix use of isBasicBasic and isBasicBearer conditions #15522

Merged

[dart] fix use of isBasic condition #15523

Merged

[perl] fix use of isBasic condition #15524

Merged

This was referenced May 16, 2023

[powershell] fix use of isBasic condition #15525

Merged

[xojo] fix use of isBasic condition #15526

Merged

tiffmaelite force-pushed the fix/align_use-HttpBearerAuth_import-HttpBearerAuth branch from 928c086 to 97a7d50 Compare

May 16, 2023 07:51

tiffmaelite commented

View reviewed changes

modules/openapi-generator/src/main/resources/Java/libraries/feign/ApiClient.mustache

    
                      auth = new HttpBearerAuth("{{scheme}}");

                    {{/isBasicBearer}}

                    {{^isBasicBearer}}

                      throw new RuntimeException("auth name \"" + authName + "\" does not have a supported http scheme type");

Contributor Author

tiffmaelite May 16, 2023 •

edited

Loading

note: that part might be a breaking change for those relying on the bug

tiffmaelite commented

View reviewed changes

modules/openapi-generator/src/main/resources/Java/libraries/retrofit/ApiClient.mustache

    
                              auth = new HttpBearerAuth("{{scheme}}");

                          {{/isBasicBearer}}

                          {{^isBasicBearer}}

                              throw new RuntimeException("auth name \"" + authName + "\" does not have a supported http scheme type");

Contributor Author

tiffmaelite May 16, 2023 •

edited

Loading

note: that part might be a breaking change for those relying on the bug

tiffmaelite commented

View reviewed changes

modules/openapi-generator/src/main/resources/Java/libraries/retrofit2/ApiClient.mustache

    
                      auth = new HttpBearerAuth("{{scheme}}");

                      {{/isBasicBasic}}{{/isBasic}}

                      {{/isBasicBearer}}{{^isBasicBearer}}

                      throw new RuntimeException("auth name \"" + authName + "\" does not have a supported http scheme type");

Contributor Author

tiffmaelite May 16, 2023 •

edited

Loading

note: that part might be a breaking change for those relying on the bug

tiffmaelite commented

View reviewed changes

...rc/main/resources/kotlin-client/libraries/jvm-retrofit2/infrastructure/ApiClient.kt.mustache

    
            @@ -128,7 +128,7 @@ import okhttp3.MediaType.Companion.toMediaType
          
                  ) : this(baseUrl, okHttpClientBuilder{{^kotlinx_serialization}}, serializerBuilder{{/kotlinx_serialization}}) {

                      authNames.forEach { authName ->

                          val auth = when (authName) {

                              {{#authMethods}}"{{name}}" -> {{#isBasic}}{{#isBasicBasic}}HttpBasicAuth(){{/isBasicBasic}}{{#isBasicBearer}}HttpBearerAuth("{{scheme}}"){{/isBasicBearer}}{{/isBasic}}{{#isApiKey}}ApiKeyAuth({{#isKeyInHeader}}"header"{{/isKeyInHeader}}{{#isKeyInQuery}}"query"{{/isKeyInQuery}}{{#isKeyInCookie}}"cookie"{{/isKeyInCookie}}, "{{keyParamName}}"){{/isApiKey}}{{#isOAuth}}OAuth(OAuthFlow.{{flow}}, "{{authorizationUrl}}", "{{tokenUrl}}", "{{#scopes}}{{scope}}{{^-last}}, {{/-last}}{{/scopes}}"){{/isOAuth}}{{/authMethods}}

                              {{#authMethods}}"{{name}}" -> {{#isBasic}}{{#isBasicBasic}}HttpBasicAuth(){{/isBasicBasic}}{{^isBasicBasic}}{{#isBasicBearer}}HttpBearerAuth("{{scheme}}"){{/isBasicBearer}}{{^isBasicBearer}}throw RuntimeException("auth name $authName does not have a supported http scheme type"){{/isBasicBearer}}{{/isBasicBasic}}{{/isBasic}}{{#isApiKey}}ApiKeyAuth({{#isKeyInHeader}}"header"{{/isKeyInHeader}}{{#isKeyInQuery}}"query"{{/isKeyInQuery}}{{#isKeyInCookie}}"cookie"{{/isKeyInCookie}}, "{{keyParamName}}"){{/isApiKey}}{{#isOAuth}}OAuth(OAuthFlow.{{flow}}, "{{authorizationUrl}}", "{{tokenUrl}}", "{{#scopes}}{{scope}}{{^-last}}, {{/-last}}{{/scopes}}"){{/isOAuth}}{{/authMethods}}

Contributor Author

tiffmaelite May 16, 2023 •

edited

Loading

note: that part might be a breaking change for those relying on the bug

tiffmaelite commented

View reviewed changes

samples/client/petstore/java/feign/src/main/java/org/openapitools/client/ApiClient.java

    
            @@ -70,7 +70,7 @@ public ApiClient(String[] authNames) {
          
                    } else if ("bearer_test".equals(authName)) {

                      auth = new HttpBearerAuth("bearer");

                    } else if ("http_signature_test".equals(authName)) {

                      auth = new HttpBearerAuth("signature");

                      throw new RuntimeException("auth name \"" + authName + "\" does not have a supported http scheme type");

Contributor Author

tiffmaelite May 16, 2023

note: that part might be a breaking change for those relying on the bug

This was referenced May 16, 2023

[android] fix use of isBasic condition #15528

Merged

[lua] fix use of isBasic condition #15529

Merged

[Spring] fix use of isBasic condition #15530

Merged

[typescript] fix use of isBasic condition #15531

Merged

[rust] fix use of isBasic condition #15532

Merged

[eiffel] fix use of isBasic condition #15533

Merged

[C] fix use of isBasic condition #15534

Merged

[cpp C++] fix use of isBasic condition #15535

Merged

tiffmaelite added 4 commits

May 22, 2023 08:38


          remove http signature from test yaml when not supported

3e5c423


          do not use HttpBearerAuth for signature auth or other unsupported htt…

a5c464b

…p auth method

ignore unsupported http auth method unless generated code would not compile (in which case, an exception is thrown)


          [Java] fix use of isBasic condition

3b6a065


          [kotlin] fix use of isBasic condition

97ea4e2

tiffmaelite force-pushed the fix/align_use-HttpBearerAuth_import-HttpBearerAuth branch from 97a7d50 to 97ea4e2 Compare

May 22, 2023 06:39

tiffmaelite changed the title ~~[Java] [Kotlin] (#14876) do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)~~ [Java] [Kotlin] (#14876) fix use of isBasic conditions - do not use HttpBearerAuth (or HttpBasicAuth) for other http auth methods (such as http signature auth or custom schemes)

wing328 added the Client: Java label

wing328 merged commit cbcf3d3 into OpenAPITools:master

tiffmaelite deleted the fix/align_use-HttpBearerAuth_import-HttpBearerAuth branch

May 22, 2023 08:15

This was referenced May 23, 2023

[Haskell] fix use of isBasic condition #15612

Merged

[swift5] fix use of isBasic condition #15613

Merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Breaking change (without fallback) Client: Java