securityDefinitions are not parsed

[adrian-sturm]

I have added securityDefinitions.apikey to my api doc annotations and used the security definition on a route.

What I expected: The route will have the lock-symbol-button rendered on its right side, where I can click on to fill out auth data for the protected route. Additionally, a green "Authorize" Button is rendered at the top of the swaggerUI page where I can configure auth methods as well.

What I got: The little lock-symbol is rendered on my route, but there is no action when I click on it. There is no "Authorize" Button neither.
When I check the generated swagger.json, I can see that there is an empty security entry on my route:

"security": [
                    {
                        "ApiKeyAuth": []
                    }
                ],

But no security config whatsoever at the root level (where host, info etc are defined).
My guess is therefore that swaggo did not parse my securityDefinition annotation at all.

You can see a minimum setup to reproduce this issue in this repository: https://github.com/adrian-sturm/swaggo-test

[adrian-sturm]

Update:
I was able to resolve the problem by running swag fmt and then swag init again to rebuild the docs.
So in the end it was an error on my side - but I think more people might run into this because the issue was just me having too much whitespace in the annotations: see this commit in my sample repo.
To prevent this it would be good to:

a) Make the swaggo parser more resilient to additional whitespaces
b) Clearly document that swag fmt is mandatory before generating the docs
c) Make swag fmt automatically run on swag init (maybe with a flag to disable it)