smithy-lang · mtdowling · Mar 27, 2020 · Mar 27, 2020
diff --git a/.../main/java/software/amazon/smithy/aws/apigateway/openapi/AddCorsPreflightIntegration.java b/.../main/java/software/amazon/smithy/aws/apigateway/openapi/AddCorsPreflightIntegration.java
@@ -111,7 +111,7 @@ private static Map<CorsHeader, String> deduceCorsHeaders(
 
         // Add all headers generated by security schemes.
         for (SecuritySchemeConverter<? extends Trait> converter : context.getSecuritySchemeConverters()) {
-            headerNames.addAll(converter.getAuthRequestHeaders());
+            headerNames.addAll(getSecuritySchemeRequestHeaders(context, converter));
         }
 
         LOGGER.fine(() -> String.format(
@@ -121,6 +121,14 @@ private static Map<CorsHeader, String> deduceCorsHeaders(
         return corsHeaders;
     }
 
+    private static <T extends Trait> Set<String> getSecuritySchemeRequestHeaders(
+            Context<? extends Trait> context,
+            SecuritySchemeConverter<T> converter
+    ) {
+        T t = context.getService().expectTrait(converter.getAuthSchemeType());
+        return converter.getAuthRequestHeaders(t);
+    }
+
     private static Collection<String> findAllHeaders(String path, PathItem pathItem) {
         // Get all "in" = "header" parameters and gather up their "name" properties.
         return pathItem.getOperations().values().stream()

diff --git a/...rc/main/java/software/amazon/smithy/aws/apigateway/openapi/CognitoUserPoolsConverter.java b/...rc/main/java/software/amazon/smithy/aws/apigateway/openapi/CognitoUserPoolsConverter.java
@@ -60,7 +60,7 @@ public SecurityScheme createSecurityScheme(Context<? extends Trait> context, Cog
     }
 
     @Override
-    public Set<String> getAuthRequestHeaders() {
+    public Set<String> getAuthRequestHeaders(CognitoUserPoolsTrait trait) {
         return REQUEST_HEADERS;
     }
 }
diff --git a/...teway-openapi/src/main/java/software/amazon/smithy/aws/apigateway/openapi/CorsHeader.java b/...teway-openapi/src/main/java/software/amazon/smithy/aws/apigateway/openapi/CorsHeader.java
@@ -53,10 +53,19 @@ static <T extends Trait> Set<String> deduceOperationHeaders(
         // and any headers explicitly modeled on the operation.
         Set<String> result = new TreeSet<>(cors.getAdditionalExposedHeaders());
         result.addAll(context.getOpenApiProtocol().getProtocolResponseHeaders(context, shape));
+
         for (SecuritySchemeConverter<? extends Trait> converter : context.getSecuritySchemeConverters()) {
-            result.addAll(converter.getAuthResponseHeaders());
+            result.addAll(getSecuritySchemeResponseHeaders(context, converter));
         }
 
         return result;
     }
+
+    private static <T extends Trait> Set<String> getSecuritySchemeResponseHeaders(
+            Context<? extends Trait> context,
+            SecuritySchemeConverter<T> converter
+    ) {
+        T t = context.getService().expectTrait(converter.getAuthSchemeType());
+        return converter.getAuthResponseHeaders(t);
+    }
 }
diff --git a/...napi/src/main/java/software/amazon/smithy/openapi/fromsmithy/SecuritySchemeConverter.java b/...napi/src/main/java/software/amazon/smithy/openapi/fromsmithy/SecuritySchemeConverter.java
@@ -91,9 +91,10 @@ default List<String> createSecurityRequirements(Context<? extends Trait> context
      *
      * <p>This is useful when integrating with things like CORS.</p>
      *
+     * @param authTrait The auth trait that is being used.
      * @return A set of header names.
      */
-    default Set<String> getAuthRequestHeaders() {
+    default Set<String> getAuthRequestHeaders(T authTrait) {
         return SetUtils.of();
     }
 
@@ -103,9 +104,10 @@ default Set<String> getAuthRequestHeaders() {
      *
      * <p>This is useful when integrating with things like CORS.</p>
      *
+     * @param authTrait The auth trait that is being used.
      * @return A set of header names.
      */
-    default Set<String> getAuthResponseHeaders() {
+    default Set<String> getAuthResponseHeaders(T authTrait) {
         return SetUtils.of();
     }
 

diff --git a/...napi/src/main/java/software/amazon/smithy/openapi/fromsmithy/security/AwsV4Converter.java b/...napi/src/main/java/software/amazon/smithy/openapi/fromsmithy/security/AwsV4Converter.java
@@ -49,7 +49,7 @@ public SecurityScheme createSecurityScheme(Context<? extends Trait> context, Sig
     }
 
     @Override
-    public Set<String> getAuthRequestHeaders() {
+    public Set<String> getAuthRequestHeaders(SigV4Trait trait) {
         return REQUEST_HEADERS;
     }
 }
diff --git a/...main/java/software/amazon/smithy/openapi/fromsmithy/security/HttpApiKeyAuthConverter.java b/...main/java/software/amazon/smithy/openapi/fromsmithy/security/HttpApiKeyAuthConverter.java
@@ -15,11 +15,13 @@
 
 package software.amazon.smithy.openapi.fromsmithy.security;
 
+import java.util.Set;
 import software.amazon.smithy.model.traits.HttpApiKeyAuthTrait;
 import software.amazon.smithy.model.traits.Trait;
 import software.amazon.smithy.openapi.fromsmithy.Context;
 import software.amazon.smithy.openapi.fromsmithy.SecuritySchemeConverter;
 import software.amazon.smithy.openapi.model.SecurityScheme;
+import software.amazon.smithy.utils.SetUtils;
 
 /**
  * Uses an HTTP header named X-Api-Key that contains an API key.
@@ -42,4 +44,9 @@ public SecurityScheme createSecurityScheme(Context<? extends Trait> context, Htt
                 .in(trait.getIn().toString())
                 .build();
     }
+
+    @Override
+    public Set<String> getAuthRequestHeaders(HttpApiKeyAuthTrait trait) {
+        return SetUtils.of(trait.getName());
+    }
 }
diff --git a/.../java/software/amazon/smithy/openapi/fromsmithy/security/HttpApiKeyAuthConverterTest.java b/.../java/software/amazon/smithy/openapi/fromsmithy/security/HttpApiKeyAuthConverterTest.java
@@ -1,9 +1,13 @@
 package software.amazon.smithy.openapi.fromsmithy.security;
 
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.containsInAnyOrder;
+
 import org.junit.jupiter.api.Test;
 import software.amazon.smithy.model.Model;
 import software.amazon.smithy.model.node.Node;
 import software.amazon.smithy.model.shapes.ShapeId;
+import software.amazon.smithy.model.traits.HttpApiKeyAuthTrait;
 import software.amazon.smithy.openapi.fromsmithy.OpenApiConverter;
 import software.amazon.smithy.openapi.model.OpenApi;
 import software.amazon.smithy.utils.IoUtils;
@@ -22,4 +26,15 @@ public void addsCustomApiKeyAuth() {
 
         Node.assertEquals(result, expectedNode);
     }
+
+    @Test
+    public void returnsTraitHeader() {
+        HttpApiKeyAuthConverter converter = new HttpApiKeyAuthConverter();
+        HttpApiKeyAuthTrait trait = HttpApiKeyAuthTrait.builder()
+                .name("x-api-key")
+                .in(HttpApiKeyAuthTrait.Location.HEADER)
+                .build();
+
+        assertThat(converter.getAuthRequestHeaders(trait), containsInAnyOrder("x-api-key"));
+    }
 }
diff --git a/...t/resources/software/amazon/smithy/openapi/fromsmithy/security/http-api-key-security.json b/...t/resources/software/amazon/smithy/openapi/fromsmithy/security/http-api-key-security.json
@@ -12,7 +12,7 @@
             "traits": {
                 "aws.protocols#restJson1": true,
                 "smithy.api#httpApiKeyAuth": {
-                    "name": "X-Api-Key",
+                    "name": "x-api-key",
                     "in": "header"
                 }
             }

diff --git a/...ces/software/amazon/smithy/openapi/fromsmithy/security/http-api-key-security.openapi.json b/...ces/software/amazon/smithy/openapi/fromsmithy/security/http-api-key-security.openapi.json
@@ -20,7 +20,7 @@
         "securitySchemes": {
             "smithy.api#httpApiKeyAuth": {
                 "type": "apiKey",
-                "name": "X-Api-Key",
+                "name": "x-api-key",
                 "in": "header"
             }
         }