Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Blocker
Component/s: MP OpenAPI
Labels:
None

Steps to Reproduce:
Hide

1. Build the WildFly snapshot based on the feature branch:

git clone git@github.com:pferraro/wildfly.git

cd wildfly

git checkout openapi

mvn clean install -DskipTests

2. Run the tests

git clone git@github.com:fabiobrz/eap-microprofile-test-suite.git

cd eap-microprofile-test-suite

git checkout issue-344.mp-openapi-multi-war

mvn clean verify -pl microprofile-open-api -am -Djboss.dist=<WILDFLY_SNAPSHOT_BUILD_DIRECTORY> -Dtest=MultipleWarsAffectingGlobalPropertiesAndReferencesTest#testConflictingSecurityRequirements
Show
1. Build the WildFly snapshot based on the feature branch: git clone git@github.com:pferraro/wildfly.git cd wildfly git checkout openapi mvn clean install -DskipTests 2. Run the tests git clone git@github.com:fabiobrz/eap-microprofile-test-suite.git cd eap-microprofile-test-suite git checkout issue-344.mp-openapi-multi-war mvn clean verify -pl microprofile-open-api -am -Djboss.dist=<WILDFLY_SNAPSHOT_BUILD_DIRECTORY> -Dtest=MultipleWarsAffectingGlobalPropertiesAndReferencesTest#testConflictingSecurityRequirements
Affects:

User Experience

Have a localServicesRouterDeployment.war, defining a root level security element, e.g.:

security:
  # a global security requirement declaration, must match a .components.securityScheme
  api_key:
  - admins
...
components:
  ...
  securitySchemes:
    api_key:
      type: apiKey
      name: api_key
      in: header
...

Then, have a anotherLocalServicesRouterDeployment.war, defining a root level security element, with the same name, but different attributes, e.g.:

security:
  # a global security requirement declaration, must match a .components.securityScheme
  api_key:
  - root
...
components:
  securitySchemes:
    api_key:
      type: apiKey
      name: apiKey
      in: cookie
...

When deploying both the applications, the resulting OpenAPI document components element holds the result of what has been defined, and at the operation level (and conflicting names are resolved):

---
components:
  schemas:
    ...
  securitySchemes:
    anotherLocalServicesRouterDeploymentapi_key:
      in: cookie
      name: apiKey
      type: apiKey
    localServicesRouterDeploymentapi_key:
      in: header
      name: api_key
      type: apiKey
...

but the root level security element is not present.

blocks

WFLY-20567 MicroProfile OpenAPI subsystem does not allow multiple deployments to use the same endpoint

Pull Request Sent

clones

WFWIP-694 MicroProfile OpenAPI and multiple deployments: conflicting @SecurityScheme occurrences generate wrong OpenAPI documentation

Open

is cloned by

WFWIP-697 MicroProfile OpenAPI and multiple deployments: conflicting root level ".tags" definitions appear in the final OpenAPI document with the same name

Closed

Assignee:: Paul Ferraro

Reporter:: Fabio Burzigotti

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/10/29 6:19 PM

Updated:: 2025/10/29 6:34 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates