security: Mechanism to get parameter name used within "apiKey" security schemes.
jmalloc opened this issue · comments
Description
I'd like to be able to access the parameter name (cookie name, for example) defined in security schemes in my OpenAPI specification.
For example, I have the following sections in my spec:
components:
securitySchemes:
AuthenticatedSession:
type: apiKey
in: cookie
name: auth_tokenI also have a /login endpoint that sets the auth_token cookie. As it stands, I have hardcoded the name of the cookie in my login implementation, but it would be preferable to use a constant generated by ogen so that the YAML file is the single source of truth. I've had a release fail due to a mismatch between my code and the spec which was not caught by tests because when using the generated SecurityHandler and SecuritySource interfaces because they both refer to the cookie name in the spec.