diff --git a/kogito-build/kogito-dependencies-bom/pom.xml b/kogito-build/kogito-dependencies-bom/pom.xml
index 4173d8cd807..7257ecc1b3c 100644
--- a/kogito-build/kogito-dependencies-bom/pom.xml
+++ b/kogito-build/kogito-dependencies-bom/pom.xml
@@ -29,7 +29,7 @@
2.4.10
1.0.0-preview.20220705
1.1.0
- 1.2.1
+ 1.3.8
0.0.3
1.1.5
0.0.8
diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties
index 3a44e388c24..195a91c0bc9 100644
--- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties
+++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties
@@ -10,7 +10,10 @@ quarkus.openapi-generator.swagger2_0_security_yaml.auth.client_id.api-key=12345
quarkus.openapi-generator.swagger2_0_security_yaml.auth.basicAuth.username=javierito
quarkus.openapi-generator.swagger2_0_security_yaml.auth.basicAuth.password=fulanito
+quarkus.openapi-generator.swagger2_0_security_no_auth_yaml.auth.client_id.api-key=12345
+
quarkus.openapi-generator.openapi3_0_security_yaml.auth.client_id.api-key=12345
+quarkus.openapi-generator.openapi3_0_security_no_auth_yaml.auth.client_id.api-key=12345
# Configured by the tests
#quarkus.rest-client.openapi3_0_security_yaml.url=http://localhost:8382
#quarkus.oidc-client.oauth.auth-server-url=http://localhost:8382
diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi2-sec-no-auth.sw.json b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi2-sec-no-auth.sw.json
new file mode 100644
index 00000000000..43e07be3d8c
--- /dev/null
+++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi2-sec-no-auth.sw.json
@@ -0,0 +1,26 @@
+{
+ "id": "sec20noAuth",
+ "version": "1.0",
+ "name": "Create a thing in the third-party API",
+ "start": "DoAppCreate",
+ "functions": [
+ {
+ "name": "create",
+ "operation": "specs/swagger2.0-security-no-auth.yaml#myapp.create"
+ }
+ ],
+ "states": [
+ {
+ "name": "DoAppCreate",
+ "type": "operation",
+ "actions": [
+ {
+ "functionRef": {
+ "refName": "create"
+ }
+ }
+ ],
+ "end": true
+ }
+ ]
+}
diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi3-sec-no-auth.sw.json b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi3-sec-no-auth.sw.json
new file mode 100644
index 00000000000..5346d56841a
--- /dev/null
+++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi3-sec-no-auth.sw.json
@@ -0,0 +1,26 @@
+{
+ "id": "sec30noAuth",
+ "version": "1.0",
+ "name": "Create a thing in the third-party API",
+ "start": "DoAppCreate",
+ "functions": [
+ {
+ "name": "create",
+ "operation": "specs/openapi3.0-security-no-auth.yaml#doOperation"
+ }
+ ],
+ "states": [
+ {
+ "name": "DoAppCreate",
+ "type": "operation",
+ "actions": [
+ {
+ "functionRef": {
+ "refName": "create"
+ }
+ }
+ ],
+ "end": true
+ }
+ ]
+}
diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/openapi3.0-security-no-auth.yaml b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/openapi3.0-security-no-auth.yaml
new file mode 100644
index 00000000000..c7005366c12
--- /dev/null
+++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/openapi3.0-security-no-auth.yaml
@@ -0,0 +1,31 @@
+---
+openapi: 3.0.3
+info:
+ title: Generated API
+ version: "1.0"
+paths:
+ /unprotected:
+ post:
+ operationId: doOperation
+ security:
+ - client_id: [ ]
+ - oauth: [ read, write ]
+ - bearerAuth: [ ]
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/MultiplicationOperation'
+ responses:
+ "200":
+ description: OK
+components:
+ schemas:
+ MultiplicationOperation:
+ type: object
+ securitySchemes:
+ client_id:
+ type: apiKey
+ in: header
+ name: X-Client-Id
+ x-key-type: clientId
diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/swagger2.0-security-no-auth.yaml b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/swagger2.0-security-no-auth.yaml
new file mode 100644
index 00000000000..d4bcb31e98e
--- /dev/null
+++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/swagger2.0-security-no-auth.yaml
@@ -0,0 +1,51 @@
+swagger: '2.0'
+info:
+ title: myapp
+ version: 2.0.0
+basePath: /
+paths:
+ /unprotected:
+ post:
+ tags:
+ - myapp
+ summary: Create a new instance of the model and persist it into the data source.
+ operationId: myapp.create
+ parameters:
+ - name: data
+ in: body
+ #description: Model instance data
+ required: false
+ schema:
+ #description: Model instance data
+ $ref: '#/definitions/myapp'
+ responses:
+ '201':
+ description: Request was successful
+ schema:
+ $ref: '#/definitions/myapp'
+ deprecated: false
+definitions:
+ myapp:
+ #description: ''
+ properties:
+ userid:
+ type: string
+ required:
+ - userid
+ additionalProperties: false
+schemes:
+ - https
+consumes:
+ - application/json
+produces:
+ - application/json
+securityDefinitions:
+ client_id:
+ type: apiKey
+ in: header
+ name: X-Client-Id
+ x-key-type: clientId
+security:
+ - client_id: [ ]
+tags:
+ - name: myapp
diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java
index 79683e48905..07d9e85546e 100644
--- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java
+++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java
@@ -41,6 +41,8 @@ class ApiWithSecurityContextIT {
// injected by quarkus
WireMockServer authWithApiKeyServer2;
WireMockServer authWithApiKeyServer3;
+ WireMockServer authWithApiKeyServer2NoAuth;
+ WireMockServer authWithApiKeyServer3NoAuth;
@BeforeAll
static void init() {
@@ -64,10 +66,30 @@ void verifyAuthHeadersOpenApi2_0() {
// verify if the headers were correctly sent
authWithApiKeyServer2
.verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_20.getPath()))
- .withHeader("X-Client-Id", matching("12345"))
+ .withHeader("X-Client-Id", matching("Basic amF2aWVyaXRvOmZ1bGFuaXRv"))
.withHeader("Authorization", matching("Basic amF2aWVyaXRvOmZ1bGFuaXRv")));
}
+ @Test
+ void verifyAuthHeadersOpenApi2_0NoAuth() {
+ given()
+ .contentType(ContentType.JSON)
+ .when()
+ .body(
+ Collections
+ .singletonMap(
+ "workflowdata",
+ Collections.singletonMap("foo", "bar")))
+ .post("/sec20noAuth")
+ .then()
+ .statusCode(201);
+
+ // verify if the headers were correctly sent
+ authWithApiKeyServer2NoAuth
+ .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_20_NO_AUTH.getPath()))
+ .withHeader("X-Client-Id", matching("12345")));
+ }
+
@Test
void verifyAuthHeadersOpenApi3_0() {
given()
@@ -84,8 +106,27 @@ void verifyAuthHeadersOpenApi3_0() {
authWithApiKeyServer3
.verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_30.getPath()))
- .withHeader("X-Client-Id", matching("12345"))
+ .withHeader("X-Client-Id", matching("Bearer mytoken,Bearer mytoken,Bearer"))
.withHeader("Authorization", matching("Bearer mytoken")));
}
+ @Test
+ void verifyAuthHeadersOpenApi3_0NoAuth() {
+ given()
+ .contentType(ContentType.JSON)
+ .when()
+ .body(
+ Collections
+ .singletonMap(
+ "workflowdata",
+ Collections.singletonMap("foo", "bar")))
+ .post("/sec30noAuth")
+ .then()
+ .statusCode(201);
+
+ authWithApiKeyServer3NoAuth
+ .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_30_NO_AUTH.getPath()))
+ .withHeader("X-Client-Id", matching("12345")));
+ }
+
}
diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java
index 6254478a7e2..cdce19434e8 100644
--- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java
+++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java
@@ -29,8 +29,14 @@ public class AuthSecurityMockService extends MockServiceConfigurer {
public static final MockServerConfig SEC_30 =
new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/", "authWithApiKeyServer3");
+ public static final MockServerConfig SEC_20_NO_AUTH =
+ new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/unprotected", "authWithApiKeyServer2NoAuth");
+
+ public static final MockServerConfig SEC_30_NO_AUTH =
+ new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/unprotected", "authWithApiKeyServer3NoAuth");
+
public AuthSecurityMockService() {
- super(SEC_20, SEC_30);
+ super(SEC_20, SEC_30, SEC_20_NO_AUTH, SEC_30_NO_AUTH);
}
}
diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java
index 9ba6d30a1e3..fdbb29b3617 100644
--- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java
+++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java
@@ -62,8 +62,11 @@ public final Map start() {
});
final Map properties = new HashMap<>();
properties.put("quarkus.rest-client.swagger2_0_security_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_20.getPort() + "/iq9MzY");
+ properties.put("quarkus.rest-client.swagger2_0_security_no_auth_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_20_NO_AUTH.getPort());
+
properties.put("quarkus.rest-client.openapi3_0_security_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_30.getPort());
properties.put("quarkus.oidc-client.oauth.auth-server-url", "http://localhost:" + AuthSecurityMockService.SEC_30.getPort());
+ properties.put("quarkus.rest-client.openapi3_0_security_no_auth_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_30_NO_AUTH.getPort());
return properties;
}