Skip to content

Digest Authorization header have bigger priority despite it described before another authorization #2124

New issue
New issue
Open
Bug
Open
Digest Authorization header have bigger priority despite it described before another authorization#2124
Bug
Labels
RespectRelated to the `respect` command which works with Arazzo specificationType: BugSomething isn't workingp2
@DmitryAnansky

Description

@DmitryAnansky
DmitryAnansky
opened on Jun 3, 2025

Describe the bug

Digest Authorization header has higher priority despite being described before another authorization type.
So if this type of Authorization is used, it always overrides the last Authorization header.

To Reproduce

Steps to reproduce the behavior:

  1. Given this x-security description:
   x-security:
     - scheme:
         type: http
         scheme: digest
       values:
         username: $inputs.name
         password: secret
     - scheme:
         type: apiKey
         name: Authorization
         in: header
       values:
         value: $inputs.secret
  1. When respect executed, digest auth header override API-Key header, although it should have bigger priority

Expected behavior

x-security header resolution should follow top-to-bottom order, with the bottom entry having higher priority.

Metadata

Metadata

Assignees

No one assigned

    Labels

    RespectRelated to the `respect` command which works with Arazzo specificationType: BugSomething isn't workingp2

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions