Swagger Codegen Authorisation for Python-Flask

Question

I have build a swagger doc, generated the swagger client (python-flask with python2 support).

I've built my code up, tested, happy with what I've got. Now I want to secure my API endpoints using https and Basic Auth.

This is v2 of the Open Api Specification (OAS) so I'm setting up as follows (described https://swagger.io/docs/specification/2-0/authentication/basic-authentication/)

swagger: "2.0"
securityDefinitions:
  basicAuth:
    type: "basic"

Whether I specify that my endpoint have individual security settings or whether I specify this at the root level in the YAML for all endpoints, it makes no difference.

      security:
      - basicAuth: []

I take my YAML, export to JSON, then run the following to rebuild the swagger_server code:

java -jar swagger-codegen-cli-2.3.1.jar generate -l python-flask - 
DsupportPython2=true -i swagger.json -a "Authorization: Basic 
Base64encodedstring"

What I'm expecting is for the controller or model code to validate that a basic auth header has been passed that matches the authrization specified in the generation code but I see no references anywhere. Not sure if I've just read this wrong or if there's an issue with the way I'm doing it or some of the options I'm using?

Answer 1

Python server generated by Swagger Codegen uses Connexion, and Connexion only supports OAuth 2 out of the box. As explained in the linked issue,

users always can add custom mechanisms by decorating their handler functions (see https://github.com/zalando/connexion/blob/master/examples/basicauth/app.py)