You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
The request.param is shown as an empty object if accessed from inside the security handler, while param values are correctly shown from inside the API code.
To Reproduce
Define a parametric route and secure the API (no matter the security type).
define a security handler
print the request.param object from inside the API and from inside the security handler
Actual behavior
The API can see the param values, while the security handler sees only an empty object.
Expected behavior
See the same object both from inside the API code and from inside the security handler.
Examples and context
Express app code
"use strict";
const express = require("express");
const bodyParser = require("body-parser");
const cors = require("cors");
const app = express();
const openapi_validator_middleware = require("../middleware/openapi_validator_middleware");
app.use(bodyParser.json());
app.use(cors());
app.use(express.text());
app.use(express.urlencoded({extended: false}));
app.use(openapi_validator_middleware.OpenApiValidatorMiddleware);
app.use(openapi_validator_middleware.error_handler);
module.exports = () => {
/**
* @openapi
* /test/{value}:
* post:
* summary: Perform an Action
* description: Perform a specific action based on the provided value.
* security:
* - operatorOrUserToken: []
* parameters:
* - name: value
* in: path
* required: true
* description: The value to be used for the action.
* schema:
* type: string
* responses:
* '200':
* description: Action performed successfully
* content:
* application/json:
* schema:
* type: object
* properties:
* code:
* type: string
* example: OK
* status:
* type: integer
* example: 200
* message:
* type: string
* example: action performed
* data:
* type: object
* example: {}
*/
app.post("/test/:value", async (request, response) => {
console.log(request.params); // <<-- prints {value: "the_value"}
try {
response.status(200).send({
code: "OK", status: 200, message: "action performed", data: request.params,
});
} catch (e) {
openapi_validator_middleware.error_handler(e, request, response);
}
});
return app;
};
Describe the bug
The
request.param
is shown as an empty object if accessed from inside the security handler, while param values are correctly shown from inside the API code.To Reproduce
Actual behavior
The API can see the param values, while the security handler sees only an empty object.
Expected behavior
See the same object both from inside the API code and from inside the security handler.
Examples and context
Express app code
Middleware code
The text was updated successfully, but these errors were encountered: