apiKey securityScheme support

[jrobbins-LiveData]

I'm using a third-party API which has this securityScheme:

components:
  securitySchemes:
    jwtAuth:
      type: apiKey
      in: header
      name: Auth

and this path (redacted as it is not my API):

  /auth/login:
    put:
      security:
        - {}
      tags:
        - Authentication
      requestBody:
        content:
           .
           .
           .

      responses:
        '200':
          headers:
            auth:
              schema:
                type: string
                description: 
                format: jwt

The generated code for this API is:

@attr.s(auto_attribs=True)
class AuthenticatedClient(Client):
    """A Client which has been authenticated for use on secured endpoints"""

    token: str

    def get_headers(self) -> Dict[str, str]:
        """Get headers to be used in authenticated endpoints"""
        return {"Authorization": f"Bearer {self.token}", **self.headers}

The desired code is:

@attr.s(auto_attribs=True)
class AuthenticatedClient(Client):
    """A Client which has been authenticated for use on secured endpoints"""

    token: str

    def get_headers(self) -> Dict[str, str]:
        """Get headers to be used in authenticated endpoints"""
        return {"Auth": self.token, **self.headers}

[scorgn]

I also am dealing with openapi docs that use Basic HTTP Authentication

  securitySchemes:
    basicAuth:
      type: http
      scheme: basic

I'm then adding to my request...

      security:
        - basicAuth: []

openapi-python-client does understand that the request should be an authenticated request, since it defines client parameter in the signature of sync/async/sync_detailed/async_detailed methods to be of the type AuthenticatedClient as opposed to just Client. But, the AuthenticatedClient seems to default to a bearer token (as @jrobbins-LiveData shows).

[Nov1kov]

Is it posible to fix by templates?

[Nov1kov]

Yes, it is.

Workaround:

Please follow this https://github.com/openapi-generators/openapi-python-client#using-custom-templates
Edit this line in your custom template as you want.

openapi-python-client/openapi_python_client/templates/client.py.jinja

Line 45 in 5861c7c

return {"Authorization": f"Bearer {self.token}", **self.headers}

[dbanty]

Awesome, thanks for providing a workaround @Nov1kov !

[philnagel]

Maybe it would be a good idea to just pass through the auth parameter to httpx. This would allow one to easily customize authentication, or use existing "plugins", without modifying the client or template.
Here's the documentation on what is possible using that parameter, and an example of a plugin would be httpx-ntlm

[dbanty]

Sounds like another +1 for #202