Skip to content
GitLab
Open
Issue created by Administrator@rootContributor5 of 6 checklist items completed5/6 checklist items

[BUG][C#][csharp-netcore] Authentication doesn't work if there are multiple security definitions

Created by: 414004738

Bug Report Checklist

  • Have you provided a full/minimal spec to reproduce the issue?
  • Have you validated the input using an OpenAPI validator (example)?
  • What's the version of OpenAPI Generator used?
  • Have you search for related issues/PRs?
  • What's the actual output vs expected output?
  • [Optional] Bounty to sponsor the fix (example)
Description

When generating a client using the csharp-netcore generator with a targetFramework of netcoreapp2.0, if there are multiple security definitions in the input json:

    "securityDefinitions": {
        "Authorization Code": {
            "flow": "accessCode",
            "authorizationUrl": "http://localhost:8080/uaa/oauth/authorize",
            "tokenUrl": "http://localhost:8080/uaa/oauth/token",
            "scopes": {
                "default": "Default oauth2 scope."
            },
            "type": "oauth2"
        },
        "Client Credentials": {
            "flow": "application",
            "tokenUrl": "http://localhost:8080/uaa/oauth/token",
            "scopes": {
                "default": "Default oauth2 scope."
            },
            "type": "oauth2"
        },
        "Resource Owner Password Credentials": {
            "flow": "password",
            "tokenUrl": "http://localhost:8080/uaa/oauth/token",
            "scopes": {
                "default": "Default oauth2 scope."
            },
            "type": "oauth2"
        },
        "Implicit": {
            "flow": "implicit",
            "authorizationUrl": "http://localhost:8080/uaa/oauth/authorize",
            "scopes": {
                "default": "Default oauth2 scope."
            },
            "type": "oauth2"
        }
    },
    "security": [
        {
            "Authorization Code": []
        },
        {
            "Client Credentials": []
        },
        {
            "Resource Owner Password Credentials": []
        },
        {
            "Implicit": []
        }
    ]

Then the generated code looks like this:

      if (!string.IsNullOrEmpty(this.Configuration.AccessToken))
        options.HeaderParameters.Add("Authorization", "Bearer " + this.Configuration.AccessToken);
      if (!string.IsNullOrEmpty(this.Configuration.AccessToken))
        options.HeaderParameters.Add("Authorization", "Bearer " + this.Configuration.AccessToken);
      if (!string.IsNullOrEmpty(this.Configuration.AccessToken))
        options.HeaderParameters.Add("Authorization", "Bearer " + this.Configuration.AccessToken);
      if (!string.IsNullOrEmpty(this.Configuration.AccessToken))
        options.HeaderParameters.Add("Authorization", "Bearer " + this.Configuration.AccessToken);

Since the Authorization header is multivalued, the authentication fails with the service and it returns 401.

openapi-generator version

4.1.0

OpenAPI declaration file content or url

See description

Command line used for generation

openapi-generator generate -g csharp-netcore -i ./api.json --additional-properties targetFramework=netcoreapp2.0 -o ./netcoreapp2.0

Steps to reproduce

Run the command line above where api.json is a version 2.0 open api spec that includes the provided security definitions. Look at the generated code and see that it sets multiple values for the Authorization header. The expected behavior is for the Authorization header to be single valued.

Related issues/PRs
Suggest a fix

I think it should just set the Authorization header with a single value based on the configured access token.