securityDefinitions are not added to the headers

[chathudan]

Thank you for the great plugin.

It seems security definitions are not added to the headers and generated code has empty headers which giving runtime errors. Please see below swagger example.

"/login": {
            "post": {

                "security": [
                    {
                        "apiKey": []
                    }
                ] 
            }
        }

"securityDefinitions": {
        "apiKey": {
            "type": "apiKey",
            "name": "x-api-key",
            "in": "header"
        },
        "accessToken": {
            "type": "apiKey",
            "name": "x-access-token",
            "in": "header",
            "description": "Unique user authentication token"
        }
    }

[cortinico]

Hey @chathudan
(Sorry for the late answer but I missed this issue)

That's intentional.

We decided to strip out all the securityDefinitions and handle the auth at the OkHttp/Interceptor level. This works really well when you have hundreds on authenticated endpoints and you don't want to pass the x-access-token every time.

I'll keep this as a feature request and would love to be know if someone else is interested in having this feature.

[chathudan]

@cortinico Thank you for your message and awesome plugin, I already added Interceptor and did the job. Please consider a callback for Authenticator to handle 401 and interact user to re-authenticate.

[cortinico]

Please consider a callback for Authenticator to handle 401 and interact user to re-authenticate.

I don't think this is in the scope of the Gradle plugin but should be configured on the OkHttpClient.
It's up to the client to take care of authentication (either with an Interceptor or with an Authenticator). The Gradle plugin is just generating Retrofit interfaces.