From ec05e073580d3254bf893d1ce31e3e9906f6e520 Mon Sep 17 00:00:00 2001
From: Vladimir Gorej <vladimir.gorej@gmail.com>
Date: Mon, 6 Jan 2025 21:58:02 +0100
Subject: [PATCH] fix(execute): serialize req.cookies into valid cookie-string

---
 src/execute/index.js               | 24 ++++++++++--------------
 test/oas3/execute/authorization.js | 11 ++++++++++-
 2 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/src/execute/index.js b/src/execute/index.js
index b654038b4..c856f35dc 100755
--- a/src/execute/index.js
+++ b/src/execute/index.js
@@ -299,20 +299,16 @@ export function buildRequest(options) {
   // If the cookie convenience object exists in our request,
   // serialize its content and then delete the cookie object.
   if (req.cookies && Object.keys(req.cookies).length) {
-    const cookieString = Object.keys(req.cookies).reduce((prev, cookieName) => {
-      const cookieValue = req.cookies[cookieName];
-      const prefix = prev ? '&' : '';
-      const stringified = serializeCookie([[cookieName, cookieValue]], {
-        encoders: {
-          value: cookieValueLenientEncoder,
-        },
-        validators: {
-          name: cookieNameLenientValidator,
-          value: cookieValueLenientValidator,
-        },
-      });
-      return prev + prefix + stringified;
-    }, '');
+    const cookieString = serializeCookie(req.cookies, {
+      encoders: {
+        value: cookieValueLenientEncoder,
+      },
+      validators: {
+        name: cookieNameLenientValidator,
+        value: cookieValueLenientValidator,
+      },
+    });
+
     req.headers.Cookie = cookieString;
   }
 
diff --git a/test/oas3/execute/authorization.js b/test/oas3/execute/authorization.js
index 72440822f..ae34fefeb 100644
--- a/test/oas3/execute/authorization.js
+++ b/test/oas3/execute/authorization.js
@@ -474,6 +474,11 @@ describe('Authorization - OpenAPI Specification 3.0', () => {
               name: 'MyApiKeyCookie',
               in: 'cookie',
             },
+            myApiKey1: {
+              type: 'apiKey',
+              name: 'MyApiKeyCookie1',
+              in: 'cookie',
+            },
           },
         },
         paths: {
@@ -483,6 +488,7 @@ describe('Authorization - OpenAPI Specification 3.0', () => {
               security: [
                 {
                   myApiKey: [],
+                  myApiKey1: [],
                 },
               ],
             },
@@ -499,6 +505,9 @@ describe('Authorization - OpenAPI Specification 3.0', () => {
             myApiKey: {
               value: 'MyToken',
             },
+            myApiKey1: {
+              value: 'MyToken1',
+            },
           },
         },
       });
@@ -508,7 +517,7 @@ describe('Authorization - OpenAPI Specification 3.0', () => {
         url: '/',
         credentials: 'same-origin',
         headers: {
-          Cookie: 'MyApiKeyCookie=MyToken',
+          Cookie: 'MyApiKeyCookie=MyToken; MyApiKeyCookie1=MyToken1',
         },
       });
     });