CustomCredentialsProvider does not consider path in base URLΒ #1322
Description
Tell us the extension you're using
Client
I tried this:
Not sure if this is a bug or a missing feature.
My use case:
To enhance the generated client API with a "fresh" Authorization header, one would need to
- configure Bearer auth
- implement a custom credentials provider (a class implementing
io.quarkiverse.openapi.generator.providers.CredentialsProvider)
and have the custom credentials providertriggered by the framework
This happened:
This fails in my case, because the framework checks the whole URI path against the API spec, and we have path parts in the configured base URL . It would just skip our custom credentials provider.
See code in io.quarkiverse.openapi.generator.providers.BaseCompositeAuthenticationProvider#canFilter
This is the URL I configured:
quarkus.rest-client.search_service_yml.url=https://REDACTED.execute-api.eu-west-1.amazonaws.com/my-apigwstage-with-changing-name-per-deploy-environment/v1
This is what is in my yml spec:
(we left the "servers" as-is, while using different servers in practice
servers:
- url: https://example.com/v1
paths:
/myapp/search:
The BaseCompositeAuthenticationProvider checks the configured path ("/v1/myapp/search") against the actual URL path ("/my-apigwstage-with-changing-name-per-deploy-environment/v1/myapp/search") - and this evaluates false in BaseCompositeAuthenticationProvider#canFilter
I expected this:
The BaseCompositeAuthenticationProvider checks the configured path ("/v1/myapp/search") combiden with the configured base URL's path ("/my-apigwstage-with-changing-name-per-deploy-environment/v1") against the actual URL path ("/my-apigwstage-with-changing-name-per-deploy-environment/v1/myapp/search") - and this evaluates true in BaseCompositeAuthenticationProvider#canFilter
Is there a workaround?
In the end, as a workaround, we switched the approach and had the API generated with an additional parameter instead.
quarkus.openapi-generator.codegen.spec.search_service_yml.additional-request-args=@jakarta.ws.rs.HeaderParam("Authorization") String authHeaderAsAParam
How can we try to reproduce the issue?
I mentioned the crucial code / config bits above.
If you need me to provide more, I'll gladly reproduce the issue (after 2025-10-12 as I'll be on leave for a bit).
But it could be easy to create something that fits by adjusting quarkus-openapi-generator/client/integration-tests/override-credential-provider/src/test/java/io/quarkiverse/openapi/generator/it/creds/CustomCredentialsProviderTest.java
Anything else?
Thank you for providing + maintaining this software!!!
Output of uname -a or ver
Linux ap-536 5.15.0-40-generic #43-Ubuntu SMP Wed Jun 15 12:54:21 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Output of java -version
openjdk 21.0.7 2025-04-15 LTS
Quarkus OpenApi version or git rev
2.12.1-lts
Build tool (ie. output of mvnw --version or gradlew --version)
Apache Maven 3.9.11 (3e54c93a704957b63ee3494413a2b544fd3d825b)
Additional information
No response
Community Notes
- Please vote by adding a π reaction to the issue to help us prioritize.
- If you are interested to work on this issue, please leave a comment.name: Bug Report π