Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

enable empty security definition #1075

Merged
merged 1 commit into from
Jan 6, 2020

Conversation

mblaettler
Copy link
Contributor

This allows to use optional authentication and provide different
responses to authenticated users via the same API-Endpoint.

Fixes #1036

Changes proposed in this pull request:

  • Enable optimal authentication
  • Provide different information to logged in customers via the same API endpoint

Copy link
Contributor

@cognifloyd cognifloyd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple of typos.
Also, can you point me to a section in the OpenAPI or Swagger spec that talks about empty security definitions?

tests/fixtures/secure_endpoint/openapi.yaml Outdated Show resolved Hide resolved
tests/fixtures/secure_endpoint/swagger.yaml Outdated Show resolved Hide resolved
This allows to use optional authentication and provide different
responses to authenticated users via the same API-Endpoint.

Co-Authored-By: Jacob Floyd <cognifloyd@gmail.com>
@mblaettler mblaettler force-pushed the feat/enable-empty-security branch from 96cb9ad to b14e235 Compare December 18, 2019 07:15
@mblaettler
Copy link
Contributor Author

Thanks for fixing my typos. I squashed them into my commit.

An empty security definition is not explicitly defined within the OpenAPI specification. But according to a comment in the OpenAPI-Secification Repo it should be possible.

i also found support within the go server library as of this discussion.

It would be great to see this feature within connexion, because there are a lot of use cases for optional auth. E.g. providing demo data for unauthenticated users or provide publicly available data (e.g. OpenData) without authorization and protected data via the same API endpoint.

@bilalshaikh42
Copy link

bilalshaikh42 commented Jan 2, 2020

Hello,
I just wanted to add my support for this. This would be incredibly helpful for us.
Is there any eta on when this might be merged in?

@hjacobs
Copy link
Contributor

hjacobs commented Jan 6, 2020

👍

@hjacobs hjacobs merged commit f55cb1c into spec-first:master Jan 6, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Optional security for webservice not working
4 participants