Description
In our organization we have multiple securitySchemes to define different types of tokens required for different paths and services:
components:
securitySchemes:
bearerAuth: { type: http, scheme: bearer }
refreshAuth: { type: http, scheme: bearer }
paths:
/data:
get:
operationId: getData
security: [{ bearerAuth: [] }]
responses: { '200': { description: ok } }
/refresh:
get:
operationId: refresh
security: [{ refreshAuth: [] }]
responses: { '200': { description: ok } }
However in such a scheme, the auth callback can't distinguish between the security schemes relevant
to the call — Auth only carries the resolved scheme body, not the securitySchemes key:
auth: (auth) => {
// auth === { type: 'http', scheme: 'bearer', name: 'Authorization' }
// for both endpoints — no way to pick the right token.
}
So there is no way for a client to determine which token to provide.
Would you be open to me making a PR to resolve this? My proposal would be to add an optional key?: string to Auth carrying the securitySchemes key ('bearerAuth', 'refreshAuth').
I've looked at some related PRs (#231, #1768) but nothing seems to directly discuss this issue.
Thanks!
Description
In our organization we have multiple securitySchemes to define different types of tokens required for different paths and services:
However in such a scheme, the auth callback can't distinguish between the security schemes relevant
to the call — Auth only carries the resolved scheme body, not the
securitySchemeskey:So there is no way for a client to determine which token to provide.
Would you be open to me making a PR to resolve this? My proposal would be to add an optional
key?: stringto Auth carrying thesecuritySchemeskey ('bearerAuth', 'refreshAuth').I've looked at some related PRs (#231, #1768) but nothing seems to directly discuss this issue.
Thanks!