OpenApi spec securitySchema keys fix (#3811)

Co-authored-by: maksim.khramtsov <maksim.khramtsov@btsdigital.kz> Co-authored-by: Tim <hello@timsmart.co>
Effect-TS · Oct 22, 2024 · 02d413e · 02d413e
1 parent 1eb2c30
commit 02d413e
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 20 deletions.
diff --git a/.changeset/tender-spoons-play.md b/.changeset/tender-spoons-play.md
@@ -0,0 +1,5 @@
+---
+"@effect/platform": patch
+---
+
+A bug related to the format of the security schema keys has been fixed. According to the OpenAPI specification, it must match the regular expression` ^[a-zA-Z0-9.-_]+$`
diff --git a/packages/platform-node/test/fixtures/openapi.json b/packages/platform-node/test/fixtures/openapi.json
@@ -21,7 +21,7 @@
         ],
         "security": [
           {
-            "Authorization/cookie": []
+            "cookie": []
           }
         ],
         "responses": {
@@ -96,7 +96,7 @@
         ],
         "security": [
           {
-            "Authorization/cookie": []
+            "cookie": []
           }
         ],
         "responses": {
@@ -153,7 +153,7 @@
         "parameters": [],
         "security": [
           {
-            "Authorization/cookie": []
+            "cookie": []
           }
         ],
         "responses": {
@@ -242,7 +242,7 @@
         ],
         "security": [
           {
-            "Authorization/cookie": []
+            "cookie": []
           }
         ],
         "responses": {
@@ -538,7 +538,7 @@
       }
     },
     "securitySchemes": {
-      "Authorization/cookie": {
+      "cookie": {
         "type": "apiKey",
         "name": "token",
         "in": "cookie"

diff --git a/packages/platform/src/OpenApi.ts b/packages/platform/src/OpenApi.ts
@@ -152,17 +152,14 @@ export const fromApi = <A extends HttpApi.HttpApi.Any>(self: A): OpenAPISpec =>
     })
   }
   function registerSecurity(
-    tag: HttpApiMiddleware.TagClassSecurityAny,
     name: string,
     security: HttpApiSecurity
-  ): string {
-    const id = `${tag.key}/${name}`
-    if (spec.components!.securitySchemes![id]) {
-      return id
+  ) {
+    if (spec.components!.securitySchemes![name]) {
+      return
     }
     const scheme = makeSecurityScheme(security)
-    spec.components!.securitySchemes![id] = scheme
-    return id
+    spec.components!.securitySchemes![name] = scheme
   }
   Option.map(Context.getOption(api.annotations, Description), (description) => {
     spec.info.description = description
@@ -181,10 +178,8 @@ export const fromApi = <A extends HttpApi.HttpApi.Any>(self: A): OpenAPISpec =>
       return
     }
     for (const [name, security] of Object.entries(middleware.security)) {
-      const id = registerSecurity(middleware, name, security)
-      spec.security!.push({
-        [id]: []
-      })
+      registerSecurity(name, security)
+      spec.security!.push({ [name]: [] })
     }
   })
   HttpApi.reflect(api as any, {
@@ -228,10 +223,8 @@ export const fromApi = <A extends HttpApi.HttpApi.Any>(self: A): OpenAPISpec =>
           return
         }
         for (const [name, security] of Object.entries(middleware.security)) {
-          const id = registerSecurity(middleware, name, security)
-          op.security!.push({
-            [id]: []
-          })
+          registerSecurity(name, security)
+          op.security!.push({ [name]: [] })
         }
       })
       endpoint.payloadSchema.pipe(