Skip to content

[PHP] Username checks null default value is empty string #1408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
phiamo opened this issue Nov 9, 2018 · 8 comments
Closed

[PHP] Username checks null default value is empty string #1408

phiamo opened this issue Nov 9, 2018 · 8 comments
Labels
Client: PHP Issue: Bug
Milestone
4.0.0

Comments

@phiamo
Copy link

phiamo commented Nov 9, 2018

The php generator checks username and password for null, but default values are empty string ''

openapi-generator/modules/openapi-generator/src/main/resources/php/api.mustache

Line 510 in 1522855

if ($this->config->getUsername() !== null || $this->config->getPassword() !== null) {

openapi-generator/modules/openapi-generator/src/main/resources/php/Configuration.mustache

Line 60 in 1522855

protected $username = '';

When using e.g. an API which supports Bearer and http auth, the bearer Auth header gets replaced by:
Basic Og==
@wing328
Copy link
Member

wing328 commented Nov 12, 2018

@phiamo thanks for reporting the issue. May I know if you've time to contribute a fix to the issue?

@phiamo
Copy link
Author

phiamo commented Nov 12, 2018

yes, sure, i am just not sure if it would be better to change default values from '' to null, or checking for empty instead would be better? any suggestions?

@wing328
Copy link
Member

wing328 commented Nov 13, 2018

I suggest checking for empty as if I remember correctly, that's the approach taken by other clients (e.g. ruby)

To be clear, both username and password must be empty in that condition. (there're use cases in which an empty password is sent to the server)

@phiamo
Copy link
Author

phiamo commented Nov 13, 2018 via email

@wing328
Copy link
Member

wing328 commented Nov 13, 2018

Right. Ping me in https://gitter.im if you need any help on the PR. Thanks in advance.

@jfastnacht jfastnacht mentioned this issue Jan 11, 2019
Merged
4 tasks
wing328 pushed a commit that referenced this issue Mar 7, 2019
@jfastnacht @wing328
[PHP] Username checks #1408 (#1892)
c00a439 
* Reverted path changes. Removed additional files in php petstore-security-test folder. Generated new samples.

* Batch and Shell scripts modified to use the same specification files for sample generation. Sample files generated.

* Input file path in PHP client batch file equalized with the input path in the shell script file. Samples generated.

* Added a missing bracket in the PHP client mustache template.

* AbstractPhpCodegen apiDocPath and modelDocPath creation adjusted to always use slash instead of system seperator, since the values will just be used in Markdown files.

* Unnecessary samples removed.

* Fixed unnecessary diversions between Windows and Linux/Mac paths in PHP codegen.

* New samples generated after rebase.

* Fixed a sample in TypeScript Angular v2 which caused CI to break.
@wing328
Copy link
Member

wing328 commented Mar 7, 2019

Closed via #1892

@phiamo please give the latest a try when you've time.

@wing328 wing328 closed this as completed Mar 7, 2019
@wing328 wing328 added this to the 4.0.0 milestone Mar 7, 2019
jimschubert added a commit to jimschubert/openapi-generator that referenced this issue Mar 9, 2019
@jimschubert
Merge branch 'master' into rienafairefr-templating
a55eee6 
* master: (758 commits)
  Add support for free form requests (OpenAPITools#2288)
  [typescript-rxjs] drop unneeded function wrapping  (OpenAPITools#2332)
  [typescript-fetch] Guard array mapping against undefined on optional array model properties (OpenAPITools#2324)
  Fix regex in Python server model code (OpenAPITools#2314)
  Add .travis.yml and Gemfile.lock to ruby security test folder (OpenAPITools#2330)
  Add a link to CSDN article (OpenAPITools#2331)
  [Maven] fix Spaces in Windows user path breaks build on test goal (OpenAPITools#2318)
  [PHP] fix bad links in Model docs (OpenAPITools#2316)
  [java]: fix datatype for non-multipart file request body (OpenAPITools#2271)
  Removed JFCote from core team (OpenAPITools#2315)
  [R sample] fix CircleCI error of outdated sample (OpenAPITools#2313)
  [Java] Bean Validation for decimalmin/max incorrect when exclusive set (OpenAPITools#2115)
  Java Spring : fix defaultValue annotation double quoted in api operation (OpenAPITools#2267)
  Java RESTEASY : fix defaultValue annotation double quoted in api operation (OpenAPITools#2268)
  [PHP] Username checks OpenAPITools#1408 (OpenAPITools#1892)
  [typescript-fetch] remove namespaces in enums (OpenAPITools#2123)
  [java-server-msf4j] fix and upgrade (OpenAPITools#2303)
  fix test script path in CONTRIBUTING.md (OpenAPITools#2290)
  Dart queryargs (OpenAPITools#2250)
  add Blueplanet language (OpenAPITools#2184)
  ...
@apprme
Copy link

apprme commented Nov 8, 2021

Shouldn't this be also applied to the accessToken?

Its default value is empty string as well; when the endpoint supports both bearer and basic auth, first Authorization: Basic ... is added, but then we overwrite it with Authorization: Bearer with empty bearer token.

@wing328
Copy link
Member

wing328 commented Nov 9, 2021

@apprme right, please kindly submit a PR to fix the accessToken as well if you've time. Thank you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Client: PHP Issue: Bug
Projects
None yet
Milestone
4.0.0
Development

No branches or pull requests
3 participants
@phiamo @apprme @wing328