Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Question on the bearer aurhorisation / apikeys

See original GitHub issue

Description

I am writing a website generator for a game Brawlstars, their API is defined and they use bearer auth with api keys limited to IP addresses. If I make a manual get request the response is OK. Via the generated code and some tests the response is “Missing Authorisation” The api url format is:

curl -X GET --header 'Accept: application/json' --header "authorization: Bearer <API token>" 'https://api.brawlstars.com/v1/players/<Player id>'

openapi-generator version

version 3.0.0 and tried also with 3.0.3 format, latest 5.0.0 beta and the 4.3.1 stable

OpenAPI declaration file content or url

the part which is relevant:

servers:
  - url: 'https://api.brawlstars.com/v1'
security:
  - JWT: []

Wrong:

components:         
  securitySchemes:
    JWT:
      type: apiKey
      description: JSON Web Token used as an API key
      in: header
      name: authorisation

Correct:

components:         
  securitySchemes:

    JWT:
        type: http
        scheme: bearer
        bearerFormat: JWT

Command line used for generation

java -jar openapi-generator-cli.jar generate -g python -i ../brawlstars-swagger/bs_swagger.yaml --config ../brawlstars-swagger/bs_config.yaml

Config:

generatorName: python
outputDir: .
inputSpec: bs_swagger.yaml
templateDir: ../brawlstars-swagger/python
additionalProperties:
  packageName: pybrawl

Suggest a fix/enhancement

Any help would be appreciated! Thanks for this wonderful toolset

Issue Analytics

State:
Created 3 years ago
Comments:5

Top GitHub Comments

1reaction

heyududecommented, Aug 9, 2020

Found the solution… no replies unfortunately o a valid question: why?

0reactions

heyududecommented, Aug 16, 2020

@GabeL7r Sure. Anytime here to help, this piece of yaml generated the correct code in my API module I had to check also for old and floating modules: I cleaned them all before I build a new one with this change. Just to double check. My yaml can be found at https://github.com/heyudude/brawlstars-swagger I figured out the above question by hard coding the value for access_token in the configuration.py Now the api call succeeds! And the API code is called pybrawl. Good luck with the solution and if I need to peek and help, let me know.

security:
  - JWT: []

components:
  securitySchemes:
    JWT:
        type: http
        scheme: bearer
        bearerFormat: JWT

Top Results From Across the Web

API Keys: API Authentication Methods & Examples

Some APIs use the Authorization header to handle the API key, usually with the Bearer keyword. This method is also used for other...

OAuth2 Access Tokens vs API Keys — Using JWTs - Medium

As a Bearer Token, the API Key may be an opaque token (randomly generated sequence of characters) or some type of spec-defined token...

How can I use an apikey or bearer token with App service ...

I just want to be able to put a key in the HTTP Header of the post request on this client to authorize...

Why and when to use API keys | Cloud Endpoints with OpenAPI

API keys provide project authorization To decide which scheme is most appropriate, it's important to understand what API keys and authentication can provide....

API keys vs JWT authorization: Which is best? | Algolia Blog

API keys authenticate and authorize using the same API key. JWT Authorization requires an initial authentication process before it generates the ...