diff --git a/openapi.yaml b/openapi.yaml
index bf8b646..d12abf5 100644
--- a/openapi.yaml
+++ b/openapi.yaml
@@ -61,7 +61,6 @@ paths:
operationId: sessionValidate
tags:
- Session
- security: []
responses:
"200":
description: Successful response
diff --git a/pkg/api/oas_client_gen.go b/pkg/api/oas_client_gen.go
index 12466d7..ae66da5 100644
--- a/pkg/api/oas_client_gen.go
+++ b/pkg/api/oas_client_gen.go
@@ -2947,6 +2947,39 @@ func (c *Client) sendSessionValidate(ctx context.Context) (res bool, err error)
return res, errors.Wrap(err, "create request")
}
+ {
+ type bitset = [1]uint8
+ var satisfied bitset
+ {
+ stage = "Security:CookieAuth"
+ switch err := c.securityCookieAuth(ctx, SessionValidateOperation, r); {
+ case err == nil: // if NO error
+ satisfied[0] |= 1 << 0
+ case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
+ // Skip this security.
+ default:
+ return res, errors.Wrap(err, "security \"CookieAuth\"")
+ }
+ }
+
+ if ok := func() bool {
+ nextRequirement:
+ for _, requirement := range []bitset{
+ {0b00000001},
+ } {
+ for i, mask := range requirement {
+ if satisfied[i]&mask != mask {
+ continue nextRequirement
+ }
+ }
+ return true
+ }
+ return false
+ }(); !ok {
+ return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
+ }
+ }
+
stage = "SendRequest"
resp, err := c.cfg.Client.Do(r)
if err != nil {
diff --git a/pkg/api/oas_handlers_gen.go b/pkg/api/oas_handlers_gen.go
index 6527f61..f237b03 100644
--- a/pkg/api/oas_handlers_gen.go
+++ b/pkg/api/oas_handlers_gen.go
@@ -4138,8 +4138,58 @@ func (s *Server) handleSessionValidateRequest(args [0]string, argsEscaped bool,
s.errors.Add(ctx, 1, metric.WithAttributes(attrs...))
}
- err error
+ err error
+ opErrContext = ogenerrors.OperationContext{
+ Name: SessionValidateOperation,
+ ID: "sessionValidate",
+ }
)
+ {
+ type bitset = [1]uint8
+ var satisfied bitset
+ {
+ sctx, ok, err := s.securityCookieAuth(ctx, SessionValidateOperation, r)
+ if err != nil {
+ err = &ogenerrors.SecurityError{
+ OperationContext: opErrContext,
+ Security: "CookieAuth",
+ Err: err,
+ }
+ if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
+ defer recordError("Security:CookieAuth", err)
+ }
+ return
+ }
+ if ok {
+ satisfied[0] |= 1 << 0
+ ctx = sctx
+ }
+ }
+
+ if ok := func() bool {
+ nextRequirement:
+ for _, requirement := range []bitset{
+ {0b00000001},
+ } {
+ for i, mask := range requirement {
+ if satisfied[i]&mask != mask {
+ continue nextRequirement
+ }
+ }
+ return true
+ }
+ return false
+ }(); !ok {
+ err = &ogenerrors.SecurityError{
+ OperationContext: opErrContext,
+ Err: ogenerrors.ErrSecurityRequirementIsNotSatisfied,
+ }
+ if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
+ defer recordError("Security", err)
+ }
+ return
+ }
+ }
var response bool
if m := s.cfg.Middleware; m != nil {
diff --git a/pkg/service/security.go b/pkg/service/security.go
index 7c8ffe3..08e44e1 100644
--- a/pkg/service/security.go
+++ b/pkg/service/security.go
@@ -159,16 +159,6 @@ func (svc SecurityHandler) HandleCookieAuth(ctx context.Context, operationName a
return nil, ErrMissingSessionID
}
- validate, err := svc.Client.ValidateSession(ctx, &auth.IdMessage{
- SessionID: sessionId,
- })
- if err != nil {
- return nil, err
- }
- if !validate.Valid {
- return nil, ErrInvalidSession
- }
-
newCtx := context.WithValue(ctx, "UserInfo", UserInfoHandle{
svc: &svc,
ctx: &ctx,