Provide custom SecurityScheme for a specific endpoint

[nikto-b]

Is there any way to provide SecurityScheme to a specific API endpoint? Looks like its only used in a global options and there is no way to provide custom auth for a single endpoint even with custom header because ParameterLocation.Header is not used anywhere

[hunyadi]

There is limited support for overriding the default security scheme. The decorator @webmethod takes a Boolean parameter called public, which can make an endpoint publicly accessible, requiring no prior authentication. This is one of the last examples in the sample code:

class Endpoint(JobManagement, PeopleCatalog, Protocol):
    @webmethod(route="/auth", public=True)
    def do_authenticate(self, credentials: Credentials) -> TokenProperties:
        ...

Other than this bare-bone support for disabling authentication, I don't think the library exposes any per-endpoint override capabilities. If there is support for this in OpenAPI, integrating this feature would likely require extending @webmethod with new arguments to pass the per-endpoint security scheme.

[nikto-b]

Looks like OpenAPI 3.0.0 provides security requirement for a specific operation

Anyway, is there any way to provide header option in a request schema? Greping whole library sources gives no results
kinda so:

@dataclass
class AuthSchema:
    x_token: Annotated[str, ParameterLocation.Header]

[hunyadi]

You would want to create a SecuritySchemeAPI object (meant for specifying authentication via an API key) and use its in_ parameter to set one of the ParameterLocation enumeration values. ParameterLocation is defined in specification.py.