Fix: oauth implicit flow should generate none authentication (#6479)

thewahome · web-flow · commit dbb30850579d · 2025-04-17T16:11:53.000Z
diff --git a/src/Kiota.Builder/Plugins/PluginsGenerationService.cs b/src/Kiota.Builder/Plugins/PluginsGenerationService.cs
@@ -611,6 +611,7 @@ private static Auth GetAuthFromSecuritySchemeReference(OpenApiSecuritySchemeRefe
             {
                 ReferenceId = string.IsNullOrEmpty(authenticationReferenceId) ? $"{{{name}_REGISTRATION_ID}}" : authenticationReferenceId
             },
+            SecuritySchemeType.OAuth2 when securityScheme.Flows?.Implicit != null => new AnonymousAuth(),
             SecuritySchemeType.OAuth2 => new OAuthPluginVault
             {
                 ReferenceId = string.IsNullOrEmpty(authenticationReferenceId) ? $"{{{name}_REGISTRATION_ID}}" : authenticationReferenceId
diff --git a/tests/Kiota.Builder.Tests/Plugins/PluginsGenerationServiceTests.cs b/tests/Kiota.Builder.Tests/Plugins/PluginsGenerationServiceTests.cs
@@ -551,6 +551,18 @@ public static TheoryData<string, string, string, PluginAuthConfiguration, Action
                     Assert.Equal("{oauth2_0_REGISTRATION_ID}", ((OAuthPluginVault)auth0!).ReferenceId);
                 }
             },
+            // OAuth2 with implicit flow should return (None)
+            {
+                "{securitySchemes: {oauth2_implicit: {type: oauth2, flows: {implicit: {authorizationUrl: 'https://example.com/auth'}}}}}",
+                string.Empty, "security: [oauth2_implicit: []]", null, resultingManifest =>
+                {
+                    Assert.NotNull(resultingManifest.Document);
+                    Assert.Empty(resultingManifest.Problems);
+                    Assert.NotEmpty(resultingManifest.Document.Runtimes);
+                    var auth = resultingManifest.Document.Runtimes[0].Auth;
+                    Assert.IsType<AnonymousAuth>(auth);
+                }
+            },
             // should be anonymous
             {
                 "{}", string.Empty, "security: [invalid: []]", null, resultingManifest =>
diff --git a/vscode/npm-package/tests/integration/integrationGeneratePlugin.spec.ts b/vscode/npm-package/tests/integration/integrationGeneratePlugin.spec.ts
@@ -65,8 +65,7 @@ describe("GeneratePlugin", () => {
       descriptionPath: actual?.aiPlugin
     });
     expect(actualPluginManifest).toBeDefined();
-    expect(actualPluginManifest?.runtime[0].auth.type).toEqual('OAuthPluginVault');
-    expect(actualPluginManifest?.runtime[0].auth.reference_id).toEqual('{oAuth2AuthCode_REGISTRATION_ID}');
+    expect(actualPluginManifest?.runtime[0].auth.type).toEqual('None');
     expect(actualPluginManifest?.runtime[0].run_for_functions[0]).toEqual('listRepairs');
     expect(actualPluginManifest?.runtime[0].run_for_functions[1]).toEqual('repairs_post');
     expect(actualPluginManifest?.functions[0].name).toEqual('listRepairs');
@@ -86,7 +85,7 @@ describe("GeneratePlugin", () => {
     }
     const actualSecurityScheme = actualSecuritySchemes['oAuth2AuthCode'];
     expect(actualSecurityScheme).toBeDefined();
-    expect(actualSecurityScheme.referenceId).toEqual('{oAuth2AuthCode_REGISTRATION_ID}');
+    expect(actualSecurityScheme.referenceId).toEqual('');
   });
 
   

Original file line number	Diff line number	Diff line change
`@@ -611,6 +611,7 @@ private static Auth GetAuthFromSecuritySchemeReference(OpenApiSecuritySchemeRefe`
`611`	`611`	`{`
`612`	`612`	`ReferenceId = string.IsNullOrEmpty(authenticationReferenceId) ? $"{{{name}_REGISTRATION_ID}}" : authenticationReferenceId`
`613`	`613`	`},`
	`614`	`+ SecuritySchemeType.OAuth2 when securityScheme.Flows?.Implicit != null => new AnonymousAuth(),`
`614`	`615`	`SecuritySchemeType.OAuth2 => new OAuthPluginVault`
`615`	`616`	`{`
`616`	`617`	`ReferenceId = string.IsNullOrEmpty(authenticationReferenceId) ? $"{{{name}_REGISTRATION_ID}}" : authenticationReferenceId`