I'm trying to generate client code with swagger-codegen from a Micronaut server. The problem arises with authenticated POST and PUT routes (it works fine for GET an DELETE).
When I have a method like this in a controller:
@Override
@Post("/")
public Single<? extends HttpResponse> updateStatus(Authentication authentication, GameReference gameReference) {
// ...
}
The resulting swagger for that method looks like this:
post:
tags:
- /presence
description: Updates status
operationId: updateStatus
parameters: []
requestBody:
content:
application/json:
schema:
type: object
properties:
authentication:
$ref: '#/components/schemas/Authentication'
gameReference:
$ref: '#/components/schemas/GameReference'
required: true
responses:
default:
description: HTTP 204 for successful updates.
content:
application/json: {}
So the Authentication Principal has been built into the request body and in generated client code the parameters to that method would be an object with both Authentication and GameReference.
What I have tried to work around this problem:
- Add @Parameter(hidden = true) before Authentication parameter. Did not change anything.
- Playing around with swagger annotations for authentication, like @SecuritySchema and @SecurityDefention. Authentication Principle still gets generated into the swagger yaml.
Is this a bug in Micronauts Swagger implementation or is there a way to work-around this? Note that this works well for GET and DELETE. There the Authentication Principle is ignored.
