Do not allow empty string in upstream auth configuration strings

TykTechnologies · Nov 8, 2024 · dc55397 · dc55397
1 parent 36afb48
commit dc55397
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 15 deletions.
diff --git a/apidef/oas/schema/x-tyk-api-gateway.json b/apidef/oas/schema/x-tyk-api-gateway.json
@@ -96,7 +96,7 @@
           "type": "boolean"
         },
         "name": {
-          "type": "string"
+          "$ref": "#/definitions/X-Tyk-NonEmptyString"
         }
       },
       "required": [
@@ -2026,10 +2026,10 @@
           "$ref": "#/definitions/X-Tyk-AuthSource"
         },
         "username": {
-          "type": "string"
+          "$ref": "#/definitions/X-Tyk-NonEmptyString"
         },
         "password": {
-          "type": "string"
+          "$ref": "#/definitions/X-Tyk-NonEmptyString"
         }
       },
       "required": [
@@ -2062,13 +2062,13 @@
           "type": "object",
           "properties": {
             "clientId": {
-              "type": "string"
+              "$ref": "#/definitions/X-Tyk-NonEmptyString"
             },
             "clientSecret": {
-              "type": "string"
+              "$ref": "#/definitions/X-Tyk-NonEmptyString"
             },
             "tokenUrl": {
-              "type": "string"
+              "$ref": "#/definitions/X-Tyk-NonEmptyString"
             },
             "scopes": {
               "type": [
@@ -2096,13 +2096,13 @@
           "type": "object",
           "properties": {
             "clientId": {
-              "type": "string"
+              "$ref": "#/definitions/X-Tyk-NonEmptyString"
             },
             "clientSecret": {
-              "type": "string"
+              "$ref": "#/definitions/X-Tyk-NonEmptyString"
             },
             "tokenUrl": {
-              "type": "string"
+              "$ref": "#/definitions/X-Tyk-NonEmptyString"
             },
             "scopes": {
               "type": [
@@ -2111,10 +2111,10 @@
               ]
             },
             "username": {
-              "type": "string"
+              "$ref": "#/definitions/X-Tyk-NonEmptyString"
             },
             "password": {
-              "type": "string"
+              "$ref": "#/definitions/X-Tyk-NonEmptyString"
             },
             "header": {
               "$ref": "#/definitions/X-Tyk-AuthSource"
@@ -2139,7 +2139,10 @@
         "enabled",
         "allowedAuthorizeTypes"
       ]
+    },
+    "X-Tyk-NonEmptyString": {
+      "type": "string",
+      "pattern": "\\S+"
     }
-
   }
 }
diff --git a/apidef/oas/upstream.go b/apidef/oas/upstream.go
@@ -694,9 +694,6 @@ type ClientCredentials struct {
 	TokenURL string `bson:"tokenUrl" json:"tokenUrl"`
 	// Scopes specifies optional requested permissions.
 	Scopes []string `bson:"scopes,omitempty" json:"scopes,omitempty"`
-	// HeaderName is the custom header name to be used for OAuth client credential flow authentication.
-	// Defaults to `Authorization`.
-	HeaderName string `bson:"headerName" json:"headerName"`
 	// ExtraMetadata holds the keys that we want to extract from the token and pass to the upstream.
 	ExtraMetadata []string `bson:"extraMetadata" json:"extraMetadata,omitempty"`
 }