Support authentication on OAS with multiple servers

[Miladiir]

Tell us the extension to which you'd like to add the feature.

Client

What kind of feature would you like to add?

Currently the generated AuthenticationProviders are limited to supporting path matching based on the first entry in the servers array. For example given:

---
openapi: 3.0.3
info:
  title: Test API
  version: 1.0.0-SNAPSHOT
tags:
  - name: TestApi
security:
  - api-key-auth: [ ]
servers:
  - url: "https://test.example.com/test123"
  - url: "https://test.example.com/testabc"

The AuthenticationProvider will generate operations for each endpoint and method using the path /test123 and will only match against this path. Therefore the authentication will only be injected for the first server. If we switch to the second server, e.g. test123 for development, testabc for production, the authentication will not be injected.

We currently face this issue not with two basepaths on the same server, but different basepaths on different servers. We also observed that the host part of the server is not the issue, but the path portion of the url.

Proposal(s):

Multiple possibilities:

• Generate permutations of operations and servers such that each server has the operations as advertised in the spec. Operations multiply in their number by the amount of servers - possibly only the basepaths without host?
• Generate operations that can match multiple paths. All distinct base paths are matched when filtering.
• Allow users to override paths for a generated client.

Alternative(s):

No response

Additional info:

Currently a workaround could be to write our own authentication provider. In my humble opinion, this would be error prone. If possible we want to leave all authentication to some library or generator like this awesome one. No need to reinvent the wheel even when the already existing wheel is slightly more complicated to use 😉

Community Notes

• Please vote by adding a 👍 reaction to the feature to help us prioritize.
• If you want to work on this feature, please leave a comment.

[ricardozanini]

@Miladiir, many thanks for reporting this issue. I think in this use case, you should use the URL server property in your app's property. So, in case you use test123, you tweak the property to that server, same otherwise. I don't think generating multiple providers is the right pattern to solve this use case.

See https://docs.quarkiverse.io/quarkus-openapi-generator/dev/client.html#dynamic-url