Support Multiple API Keys #3450
Conversation
|
So just to make sure that I understand this PR correctly, it allows adding multiple keys by removing the assumption that there is just one |
|
@bkabrda yes, I think the goal is to support multiple API keys as the current approach only supports one API key. I was expecting the PR to use maps somehow similar to other generators, e.g.: but there could be other approaches to support multiple API key. |
|
Right, so I think the potential problem with the current approach of this PR is that the names of the API keys, which are given in the OpenAPI spec, could potentially conflict with other names in the context. These are currently Putting a map with API keys in the context would prevent these collisions, so I think this is a good suggestion. This map would have a reserved keyname there, much like the previously used |
| @@ -61,7 +61,7 @@ Class | Method | HTTP request | Description | |||
| Example | |||
|
|
|||
| ```golang | |||
| auth := context.WithValue(context.Background(), sw.ContextAPIKey, sw.APIKey{ | |||
| auth := context.WithValue(context.Background(), sw.ContextAPIKeys, sw.APIKey{ | |||
There was a problem hiding this comment.
This doesn't look right. It sets the context value to be the APIKey, but in fact it should be the map, right?
There was a problem hiding this comment.
Good catch! This was indeed outdated. I couldn't find a way to only show the example once and only if there was an API Key auth present in the list of authMethods, so I followed the approach of the other languages READMEs, which was to remove the example and just list each type of key.
Ex:
Python - https://github.com/OpenAPITools/openapi-generator/tree/5956569e7a0d423521168f894bd1ac7b56ad35f1/samples/openapi3/client/petstore/python#documentation-for-authorization
Kotlin - https://github.com/OpenAPITools/openapi-generator/tree/5956569e7a0d423521168f894bd1ac7b56ad35f1/samples/openapi3/client/petstore/kotlin#documentation-for-authorization
(There are other examples for this as well)
There was a problem hiding this comment.
So how about adding an example to each entry of the list? I do understand the issue with not being able to implement document this really good, but there should be some example of how to put the map in the context.
There was a problem hiding this comment.
Talked about this offline a bit. I'm hesitant to leave example code because the example will not work if there are multiple API keys required. (Because each example will setup a context with a different one-element map) I assume thats why the other client README templates don't have an example.
I did though, add a note that says you have to add this key to a map[string]APIKey inside each APIKey section. What do you think?
There was a problem hiding this comment.
Yeah, looks much better now 👍
|
Hey, just wanted to follow up and see if there was anything else I could do here to get this merged? Thanks 🙇 |
| }) | ||
| r, err := client.Service.Operation(auth, args) | ||
| ``` | ||
| Note, each API key must be added to a map of `map[string]APIKey` where the key is: {{keyParamName}} and passed in as the auth context for each request. |
There was a problem hiding this comment.
@nmuesch minor feedback. Is there a way we can keep the sample code?
It would be great to show the code to use the API key (single or multiple)
There was a problem hiding this comment.
Hey, thanks for the feedback. There was a brief discussion of this here #3450 (review) interested in your thoughts. The main reason I changed it was because it made the example code incorrect for any apps that have multiple keys. I couldn't figure out a way to show the full multi-key example using the template variables.
There was a problem hiding this comment.
We can do it in the actual code sample instead and we can do it in another PR instead of this one as I don't want this PR to be opened for too long
| key = auth.Key | ||
| } | ||
| {{#isKeyInHeader}} | ||
| localVarHeaderParams["{{keyParamName}}"] = key |
There was a problem hiding this comment.
@nmuesch can we check to see if the key is not empty before adding to localVarHeaderParams or localVarQueryParams?
There was a problem hiding this comment.
The reason is that sometimes the key can either be put in the header or the URL query string so the goal is to skip the API key in header or URL query string if the value is not set. We can address it in another PR later when someone reports the issue.
|
@nmuesch thanks for the PR, which has been included in the v4.1.3 release: https://twitter.com/oas_generator/status/1180123829626003456 |
PR checklist
./bin/to update Petstore sample so that CIs can verify the change. (For instance, only need to run./bin/{LANG}-petstore.sh,./bin/openapi3/{LANG}-petstore.shif updating the {LANG} (e.g. php, ruby, python, etc) code generator or {LANG} client's mustache templates). Windows batch files can be found in.\bin\windows\. If contributing template-only or documentation-only changes which will change sample output, be sure to build the project first.master,4.1.x,5.0.x. Default:master.Description of the PR
Follow up to #3210