Closed
Description
I have an example of contract that has the following structure (summerized to highlight the relevant):
# [...]
paths:
/path/one:
post:
# [...]
security: []
/path/two:
post:
# [...]
# No security entry defined there
components:
securitySchemes:
Bearer:
type: http
scheme: bearer
bearerFormat: JWT
security:
- Bearer: []
Theoreticaly, I expect:
- In
/path/one
:__isset()
in theOperation
object returnstrue
, and__get()
returns empty array.
- In
/path/two
:__isset()
in theOperation
object returnsfalse
, and__get()
returns either empty array ornull
.- Alternativelly, I also might expect
__isset()
to returnfalse
, but__get()
return the defaultsecurity
defined at contract root level. I consider this possibility as it is a solution similar like how references work in the scope of this library.
However, the problem is that what I actually get in both paths, is __isset()
= true
and __get()
= empty array. As I get the same result in both, there is no way to determine that /path/one
does not have at all security (and therefore, could be called directly), and that /path/two
has default security.