swagger-api · shockey · Jan 15, 2020 · Apr 19, 2019 · Apr 19, 2019 · Apr 21, 2019
diff --git a/src/core/components/auth/auths.jsx b/src/core/components/auth/auths.jsx
@@ -38,6 +38,11 @@ export default class Auths extends React.Component {
       return key
     }).toArray()
 
+    this.setState(auths.reduce((prev, auth) => {
+      prev[auth] = ""
+      return prev
+    }, {}))
+
     authActions.logout(auths)
   }
 

diff --git a/test/e2e-cypress/static/documents/bugs/4641.yaml b/test/e2e-cypress/static/documents/bugs/4641.yaml
@@ -0,0 +1,34 @@
+openapi: 3.0.0
+info:
+  title: Demo API
+  description: First test
+  termsOfService: 'http://demo.io/terms-of-service/'
+  contact:
+    name: Demo Support
+    email: support@demo.io
+  version: 1.0.0
+servers:
+  - url: 'https://httpstat.us/'
+
+paths:
+  /200:
+    get:
+      summary: Returns a 200
+      tags:
+        - 200
+      security:
+        - api_key: []
+      responses:
+        '200':
+          description: A 200
+          content:
+            application/text:
+              schema:
+                type: string
+
+components:
+  securitySchemes:
+    api_key:
+      type: apiKey
+      name: api_key
+      in: header
diff --git a/test/e2e-cypress/tests/bugs/4641.js b/test/e2e-cypress/tests/bugs/4641.js
@@ -0,0 +1,49 @@
+describe("#4641: The Logout button in Authorize popup not clearing API Key", () => {
+  it("should include the given api key in requests", () => {
+    cy
+      .visit("/?url=/documents/bugs/4641.yaml")
+      .get("button.btn.authorize") // open authorize popup
+      .click()
+      .get("section>input") // type api key into input
+      .type("my_api_key")
+      .get(".auth-btn-wrapper > .authorize") // authorise button
+      .click()
+      .get(".close-modal") // close authorise popup button
+      .click()
+      .get(".opblock-summary") // expand the route details
+      .click()
+      .get(".try-out > .btn") // expand "try it out"
+      .click()
+      .get(".execute-wrapper > .btn") // excecute request
+      .click()
+      .wait(2000) // wait for response
+      .get(".curl")
+      .should("contain", "api_key: my_api_key")
+  })
+
+  it("should not remember the previous auth value when you logout and reauthorise", () => {
+    cy
+      .visit("/?url=/documents/bugs/4641.yaml")
+      .get("button.btn.authorize") // open authorize popup
+      .click()
+      .get("section>input") // type api key into input
+      .type("my_api_key")
+      .get(".auth-btn-wrapper > .authorize") // authorise button
+      .click()
+      .get(".auth-btn-wrapper button:nth-child(1)") // logout button
+      .click()
+      .get(".auth-btn-wrapper > .authorize") // authorise button
+      .click()
+      .get(".close-modal") // close authorise popup button
+      .click()
+      .get(".opblock-summary") // expand the route details
+      .click()
+      .get(".try-out > .btn") // expand "try it out"
+      .click()
+      .get(".execute-wrapper > .btn") // excecute request
+      .click()
+      .wait(2000) // wait for response
+      .get(".curl")
+      .should("not.contain", "api_key: my_api_key")
+  })
+})