Fix #242 (comment)

SOHELAHMED7 · SOHELAHMED7 · commit 7b5f3dabd8a9 · 2025-05-17T12:59:25.000+05:30
diff --git a/src/spec/SecurityRequirements.php b/src/spec/SecurityRequirements.php
@@ -24,14 +24,17 @@ public function __construct(array $data)
         parent::__construct($data);
 
         foreach ($data as $index => $value) {
-            if (is_numeric($index)) { // read
-                if ($value === []) { # empty Security Requirement Object (`{}`) = anonymous access https://github.com/cebe/php-openapi/issues/238
-                    $this->_securityRequirements[$index] = $value;
-                } else {
-                    $this->_securityRequirements[array_keys($value)[0]] = new SecurityRequirement(array_values($value)[0]);
+            if (is_numeric($index) && $value === []) { # empty Security Requirement Object (`{}`) = anonymous access
+                $this->_securityRequirements[$index] = [];
+                continue;
+            }
+
+            if (is_string($index)) {
+                $this->_securityRequirements[] = [$index => $value instanceof SecurityRequirement ? $value : new SecurityRequirement($value)];
+            } elseif (is_numeric($index)) {
+                foreach ($value as $innerIndex => $subValue) {
+                    $this->_securityRequirements[$index][$innerIndex] = $subValue instanceof SecurityRequirement ? $subValue : new SecurityRequirement($subValue);
                 }
-            } else { // write
-                $this->_securityRequirements[$index] = $value;
             }
         }
 
@@ -64,25 +67,51 @@ protected function performValidation()
     public function getSerializableData()
     {
         $data = [];
-        foreach ($this->_securityRequirements ?? [] as $name => $securityRequirement) {
-            /** @var SecurityRequirement $securityRequirement */
 
-            if (is_numeric($name)) {
-                $data[$name] = (object) $securityRequirement; # case https://github.com/cebe/php-openapi/issues/238
-            } else {
-                $data[] = (object) [$name => $securityRequirement->getSerializableData()];
+        foreach ($this->_securityRequirements ?? [] as $outerIndex => $content) {
+
+            if (is_string($outerIndex)) {
+                $data[] = [$outerIndex => $content->getSerializableData()];
+            } elseif (is_numeric($outerIndex)) {
+                if ($content === []) {
+                    $data[$outerIndex] = (object)$content;
+                    continue;
+                }
+                $innerResult = [];
+                foreach ($content as $innerIndex => $innerContent) {
+                    $result = is_object($innerContent) && method_exists($innerContent, 'getSerializableData') ? $innerContent->getSerializableData() : $innerContent;
+                    $innerResult[$innerIndex] = $result;
+                }
+                $data[$outerIndex] = (object)$innerResult;
             }
         }
         return $data;
     }
 
     public function getRequirement(string $name)
     {
-        return $this->_securityRequirements[$name] ?? null;
+        return static::searchKey($this->_securityRequirements, $name);
     }
 
     public function getRequirements()
     {
         return $this->_securityRequirements;
     }
+
+    private static function searchKey(array $array, string $searchKey)
+    {
+        foreach ($array as $key => $value) {
+            if ($key === $searchKey) {
+                return $value;
+            }
+            if (is_array($value)) {
+                $mt = __METHOD__;
+                $result = $mt($value, $searchKey);
+                if ($result !== null) {
+                    return $result; // key found in deeply nested/associative array
+                }
+            }
+        }
+        return null; // key not found
+    }
 }
diff --git a/tests/data/issue/242/spec2.yml b/tests/data/issue/242/spec2.yml
@@ -0,0 +1,30 @@
+openapi: 3.0.0
+info:
+  title: API Documentation
+  description: All API endpoints are presented here.
+  version: 1.0.0
+servers:
+  - url: http://127.0.0.1:8080/
+
+paths:
+
+  /endpoint:
+    get:
+      responses:
+        '200':
+          description: OK
+      security:
+        - apiKey: []
+          bearerAuth: []
+components:
+  securitySchemes:
+    apiKey:
+      type: apiKey
+      in: header
+      name: X-APi-Key
+    bearerAuth:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+      description: JWT Authorization header using the Bearer scheme.
+
diff --git a/tests/issues/242/Issue242Test.php b/tests/issues/242/Issue242Test.php
@@ -1,19 +1,18 @@
 <?php
 
 use cebe\openapi\Reader;
-use cebe\openapi\spec\OpenApi;
-use cebe\openapi\spec\SecurityRequirements;
-use cebe\openapi\Writer;
+use cebe\openapi\SpecObjectInterface;
+use PHPUnit\Framework\TestCase;
 
 // https://github.com/cebe/php-openapi/issues/242
-class Issue242Test extends \PHPUnit\Framework\TestCase
+class Issue242Test extends TestCase
 {
     public function test242CliCallToOpenapiSpecWithSecurityInPathFails()
     {
-        $openapi = Reader::readFromJsonFile(dirname(__DIR__, 2) . '/data/issue/242/spec.json');
-        $this->assertInstanceOf(\cebe\openapi\SpecObjectInterface::class, $openapi);
-
         $file = dirname(__DIR__, 2) . '/data/issue/242/spec.json';
+        $openapi = Reader::readFromJsonFile($file);
+        $this->assertInstanceOf(SpecObjectInterface::class, $openapi);
+
         $dirSep = DIRECTORY_SEPARATOR;
         $cmd = 'php ' . dirname(__DIR__, 3) . "{$dirSep}bin{$dirSep}php-openapi validate " . $file . " 2>&1";
         exec($cmd, $op, $ec);
@@ -26,4 +25,21 @@ private function removeCliFormatting($string)
         // Regex to remove ANSI escape codes
         return preg_replace('/\e\[[0-9;]*m/', '', $string);
     }
-}
+
+    public function test242Case2()
+    {
+        // read in yml
+        $openapi = Reader::readFromYamlFile(dirname(__DIR__, 2) . '/data/issue/242/spec2.yml');
+        $this->assertInstanceOf(SpecObjectInterface::class, $openapi);
+        $this->assertSame(json_decode(json_encode($openapi->paths['/endpoint']->get->security->getSerializableData()), true), [
+            [
+                'apiKey' => [],
+                'bearerAuth' => []
+            ]
+        ]);
+
+        // write in yml # TODO
+        // read in json # TODO
+        // write in json # TODO
+    }
+}
