[BUG] Hidden body schema appears in OpenAPI specs

Question

[BUG] Hidden body schema appears in OpenAPI specs

kciesielski opened this issue 3 months ago · comments

Krzysztof Ciesielski commented 3 months ago

As reported in https://softwaremill.community/t/hiding-input-body-in-openapi-generation/380

I have custom security authenticating, which require many fields from (original) request. The problem I’m now facing is that security part is affecting OpenAPI schema. I’m using Tapir 1.9.11.
Input for security looks like this:

  val securityIn: EndpointInput[TapirHmacRequestParts] = authorizationHeaders
    .and(extractFromRequest[(String, Map[String, String], String, String)] { request =>
      (
        request.method.method,
        request.headers.map(h => h.name -> h.value).toMap,
        request.underlying.asInstanceOf[RequestContext].request.uri.path.toString(),
        request.underlying.asInstanceOf[RequestContext].request.uri.rawQueryString.getOrElse(""),
      )
    })
    .and(byteArrayBody.schema(_.hidden(true)))
    .mapTo[TapirHmacRequestParts]

In endpoints it’s used like this

    .in(jsonBody[SearchApiQuery])
    .securityIn(TapirAuthorization.securityIn)

Adding this to endpoint, results in “application/octet-stream” instead of describing case classes SearchApiQuery.

      requestBody:
        content:
          application/octet-stream:
            schema:
              type: string
              format: binary

It seems like byteArrayBody.schema(_.hidden(true)) is not working as I would expect.