Skip to content

Bug: Defining security_schemes enforces the security on all endpoints #4767

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
rafaljanicki opened this issue Jul 16, 2024 · 4 comments
Closed

Bug: Defining security_schemes enforces the security on all endpoints #4767

rafaljanicki opened this issue Jul 16, 2024 · 4 comments
Assignees
@leandrodamascena
Labels
event_handlers not-a-bug openapi-schema

Comments

@rafaljanicki
Copy link

Expected Behaviour

When specifying security_schemes alone in the enable_swagger method along with enable_validation for APIGatewayRestResolver, the security shouldn't be required on all endpoints as long as security is not defined

Current Behaviour

Currently, when specifying security_schemes alone in the enable_swagger method along with enable_validation for APIGatewayRestResolver, the security is enforced on all endpoints, including the Swagger endpoint

Code snippet

app = APIGatewayRestResolver(enable_validation=True)
app.enable_swagger(
    path="/_swagger",
    security_schemes={
        "apikey": APIKey(
            _in=APIKeyIn.header,
            name="X-Api-Key",
        )
    },
    security=[{"apikey": []}],
    title="<redacted>",
)

Possible Solution

No response

Steps to Reproduce

Use the code snippet and start the local API via sam build && sam local start-api

Powertools for AWS Lambda (Python) version

latest

AWS Lambda function runtime

3.11

Packaging format used

PyPi

Debugging logs

Invalid lambda response received: Invalid API Gateway Response Keys: {'errorMessage', 'errorType', 'stackTrace', 'requestId'} in {'errorMessage': "1 validation error for APIKey\nin\n  Field required [type=missing, input_value={'_in':
<APIKeyIn.header:...'>, 'name': 'X-Api-Key'}, input_type=dict]\n    For further information visit https://errors.pydantic.dev/2.8/v/missing", 'errorType': 'ValidationError', 'requestId': '', 'stackTrace': ['  File
"/var/lang/lib/python3.11/importlib/__init__.py", line 126, in import_module\n    return _bootstrap._gcd_import(name[level:], package, level)\n', '  File "<frozen importlib._bootstrap>", line 1204, in _gcd_import\n', '  File "<frozen
importlib._bootstrap>", line 1176, in _find_and_load\n', '  File "<frozen importlib._bootstrap>", line 1147, in _find_and_load_unlocked\n', '  File "<frozen importlib._bootstrap>", line 690, in _load_unlocked\n', '  File "<frozen
importlib._bootstrap_external>", line 940, in exec_module\n', '  File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed\n', '  File "/var/task/app.py", line 14, in <module>\n    "apikey": APIKey(\n', '  File
"/var/task/pydantic/main.py", line 193, in __init__\n    self.__pydantic_validator__.validate_python(data, self_instance=self)\n']}
@rafaljanicki rafaljanicki added bug Something isn't working triage Pending triage from maintainers labels Jul 16, 2024
@boring-cyborg boring-cyborg
Copy link

boring-cyborg bot commented Jul 16, 2024

Thanks for opening your first issue here! We'll come back to you as soon as we can.
In the meantime, check out the #python channel on our Powertools for AWS Lambda Discord: Invite link

@leandrodamascena
Copy link
Contributor

Hey @rafaljanicki! Thanks for opening this issue.

I think there is a typo in your code. The field name is in_ instead of _in. Can you please try with the code provided below?

app = APIGatewayRestResolver(enable_validation=True)
app.enable_swagger(
    path="/_swagger",
    security_schemes={
        "apikey": APIKey(
            in_=APIKeyIn.header, # This line
            name="X-Api-Key",
        )
    },
    security=[{"apikey": []}],
    title="<redacted>",
)

@leandrodamascena leandrodamascena added event_handlers not-a-bug openapi-schema and removed bug Something isn't working triage Pending triage from maintainers labels Jul 16, 2024
@leandrodamascena leandrodamascena moved this from Triage to Pending customer in Powertools for AWS Lambda (Python) Jul 16, 2024
@leandrodamascena leandrodamascena self-assigned this Jul 16, 2024
@rafaljanicki
Copy link
Author

That worked, thanks! I have no idea how I've missed that

@github-project-automation github-project-automation bot moved this from Pending customer to Coming soon in Powertools for AWS Lambda (Python) Jul 16, 2024
@github-actions GitHub Actions
Copy link
Contributor

⚠️COMMENT VISIBILITY WARNING⚠️

This issue is now closed. Please be mindful that future comments are hard for our team to see.

If you need more assistance, please either tag a team member or open a new issue that references this one.

If you wish to keep having a conversation with other community members under this issue feel free to do so.

@leandrodamascena leandrodamascena moved this from Coming soon to Closed in Powertools for AWS Lambda (Python) Jan 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@leandrodamascena leandrodamascena

Labels
event_handlers not-a-bug openapi-schema
Projects
Powertools for AWS Lambda (Python)
Status: Closed
Milestone
No milestone
Development

No branches or pull requests
2 participants
@leandrodamascena @rafaljanicki