Add support for normalizing bearerAuth

cbascom · cbascom · commit 15e8e6bb9322 · 2025-03-12T14:15:00.000-04:00
The openapi 2.0 spec did not support bearer authentication but it was
added in openapi 3.0. In order to support client generation that
includes support for bearerAuth, this change adds a new feature to the
OpenapiNormalizer so that it can be configured to look for a specific
securityDefinition name and convert it to bearerAuth.
diff --git a/modules/openapi-generator/src/main/java/org/openapitools/codegen/OpenAPINormalizer.java b/modules/openapi-generator/src/main/java/org/openapitools/codegen/OpenAPINormalizer.java
@@ -26,6 +26,7 @@
 import io.swagger.v3.oas.models.parameters.RequestBody;
 import io.swagger.v3.oas.models.responses.ApiResponse;
 import io.swagger.v3.oas.models.responses.ApiResponses;
+import io.swagger.v3.oas.models.security.SecurityScheme;
 import org.apache.commons.lang3.StringUtils;
 import org.openapitools.codegen.utils.ModelUtils;
 import org.slf4j.Logger;
@@ -101,6 +102,10 @@ public class OpenAPINormalizer {
     String fixDuplicatedOperationId;
     HashSet<String> operationIdSet = new HashSet<>();
 
+    // when set to true, if a securityScheme is found with the specified name, it will be converted to bearerAuth
+    final String DETECT_BEARER_AUTH_FROM_NAME = "DETECT_BEARER_AUTH_FROM_NAME";
+    String bearerAuthSecuritySchemeName;
+
     // when set to true, auto fix integer with maximum value 4294967295 (2^32-1) or long with 18446744073709551615 (2^64-1)
     // by adding x-unsigned to the schema
     final String ADD_UNSIGNED_TO_INTEGER_WITH_INVALID_MAX_VALUE = "ADD_UNSIGNED_TO_INTEGER_WITH_INVALID_MAX_VALUE";
@@ -167,6 +172,7 @@ public OpenAPINormalizer(OpenAPI openAPI, Map<String, String> inputRules) {
         ruleNames.add(SET_TAGS_TO_OPERATIONID);
         ruleNames.add(SET_TAGS_TO_VENDOR_EXTENSION);
         ruleNames.add(FIX_DUPLICATED_OPERATIONID);
+        ruleNames.add(DETECT_BEARER_AUTH_FROM_NAME);
         ruleNames.add(ADD_UNSIGNED_TO_INTEGER_WITH_INVALID_MAX_VALUE);
         ruleNames.add(REFACTOR_ALLOF_WITH_PROPERTIES_ONLY);
         ruleNames.add(NORMALIZE_31SPEC);
@@ -301,6 +307,11 @@ public void processRules(Map<String, String> inputRules) {
                 LOGGER.error("SET_PRIMITIVE_TYPES_TO_NULLABLE rule must be in the form of `string|integer|number|boolean`, e.g. `string`, `integer|number`: {}", inputRules.get(SET_PRIMITIVE_TYPES_TO_NULLABLE));
             }
         }
+
+        bearerAuthSecuritySchemeName = inputRules.get(DETECT_BEARER_AUTH_FROM_NAME);
+        if (bearerAuthSecuritySchemeName != null) {
+            rules.put(DETECT_BEARER_AUTH_FROM_NAME, true);
+        }
     }
 
     /**
@@ -322,6 +333,7 @@ void normalize() {
 
         normalizeInfo();
         normalizePaths();
+        normalizeComponentsSecuritySchemes();
         normalizeComponentsSchemas();
         normalizeComponentsResponses();
     }
@@ -547,6 +559,31 @@ private void normalizeHeaders(Map<String, Header> headers) {
         }
     }
 
+    /**
+     * Normalizes securitySchemes in components
+     */
+    private void normalizeComponentsSecuritySchemes() {
+         if (StringUtils.isEmpty(bearerAuthSecuritySchemeName)) {
+             return;
+         }
+
+        Map<String, SecurityScheme> schemes = openAPI.getComponents().getSecuritySchemes();
+        if (schemes == null) {
+            return;
+        }
+
+        for (String schemeKey : schemes.keySet()) {
+            if (schemeKey.equals(bearerAuthSecuritySchemeName)) {
+                SecurityScheme scheme = schemes.get(schemeKey);
+                scheme.setType(SecurityScheme.Type.HTTP);
+                scheme.setScheme("bearer");
+                scheme.setIn(null);
+                scheme.setName(null);
+                schemes.put(schemeKey, scheme);
+            }
+        }
+    }
+
     /**
      * Normalizes schemas in components
      */
@@ -560,7 +597,7 @@ private void normalizeComponentsSchemas() {
         for (String schemaName : schemaNames) {
             Schema schema = schemas.get(schemaName);
             if (schema == null) {
-                LOGGER.warn("{} not fount found in openapi/components/schemas.", schemaName);
+                LOGGER.warn("{} not found in openapi/components/schemas.", schemaName);
             } else {
                 // remove x-internal if needed
                 if (schema.getExtensions() != null && getRule(REMOVE_X_INTERNAL)) {
@@ -1053,7 +1090,6 @@ private void processFixDuplicatedOperationId(Operation operation) {
         }
     }
 
-
     /**
      * If the schema contains anyOf/oneOf and properties, remove oneOf/anyOf as these serve as rules to
      * ensure inter-dependency between properties. It's a workaround as such validation is not supported at the moment.
