DO NOT SUBMIT SECURITY REPORTS HERE
If you have a security vulnerability, please report it following our security policy.
Bug Report
Amazing GitHub Template version:
2.4.0
Current behavior:
When the OpenAPI spec defines a security scheme with type: apiKey, o2p crashes
and no collection is generated:
TypeError: Cannot read properties of undefined (reading 'authorizationCode')
at parseUrl (openapiAuthorizationDefinition.js:95)
The parser assumes OAuth2 and tries to access flow properties that don't exist
for apiKey schemes.
Expected behavior:
apiKey is a valid OpenAPI 3.0 security scheme type. o2p should handle it
gracefully (skip the OAuth2 token request generation) instead of crashing.
Steps to reproduce:
- Use an OpenAPI spec with securitySchemes containing type: apiKey
- Run o2p with any config
- o2p crashes before generating any output
Related code:
src/parser/openapiAuthorizationDefinition.js:95
DO NOT SUBMIT SECURITY REPORTS HERE
If you have a security vulnerability, please report it following our security policy.
Bug Report
Amazing GitHub Template version:
2.4.0
Current behavior:
When the OpenAPI spec defines a security scheme with type: apiKey, o2p crashes
and no collection is generated:
TypeError: Cannot read properties of undefined (reading 'authorizationCode')
at parseUrl (openapiAuthorizationDefinition.js:95)
The parser assumes OAuth2 and tries to access flow properties that don't exist
for apiKey schemes.
Expected behavior:
apiKey is a valid OpenAPI 3.0 security scheme type. o2p should handle it
gracefully (skip the OAuth2 token request generation) instead of crashing.
Steps to reproduce:
Related code:
src/parser/openapiAuthorizationDefinition.js:95