marrahi
Frequent Visitor
Joined 5 years ago
User Profile
User Widgets
Contributions
Security annotation does not seem to prevent the controller action from being executed
Hello there, Just copied and pasted from documentation: nelmio_api_doc: documentation: info: title: My App version: 1.0.0 components: securitySchemes: Bearer: type: http scheme: bearer bearerFormat: JWT security: - Bearer: [] areas: # to filter documented areas path_patterns: - ^/api(?!/doc$) # Accepts routes under /api except /api/doc Controller: namespace App\Controller; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\Routing\Annotation\Route; use Nelmio\ApiDocBundle\Annotation\Security; class TestController { /** * Test * @Route("/api/test", name="issue", methods={"POST"}) * @Security(name="Bearer") */ public function test() { return new JsonResponse(["status" => "OK"]); } } I see the resource "POST /api/test" in swagger UI, click on "Try it out", then "Execute", and the controller runs without a problem. Shouldn't the security prevent the execution of that controller action unless an authorization jwt token is passed? I would expect something like "Unauthorized"... Thanks AntonioSolved1.1KViews0likes1Comment