Fallback to regular HttpContext if context is not an AuthorizationFilterContext

alec-petersen · alec-petersen · commit a38a54fa328b · 2026-01-04T12:51:56.000-07:00
diff --git a/modules/openapi-generator/src/main/resources/aspnetcore/3.0/Authentication/ApiAuthentication.mustache b/modules/openapi-generator/src/main/resources/aspnetcore/3.0/Authentication/ApiAuthentication.mustache
@@ -3,6 +3,7 @@ using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc.Filters;
 
 namespace {{packageName}}.Authentication
@@ -48,24 +49,29 @@ namespace {{packageName}}.Authentication
 
         private void SucceedRequirementIfApiKeyPresentAndValid(AuthorizationHandlerContext context, ApiKeyRequirement requirement)
         {
-{{#authMethods}}{{#isApiKey}}
-            if (context.Resource is AuthorizationFilterContext authorizationFilterContext)
-            {
+{{#authMethods}}
+{{#isApiKey}}
+            var httpContext = (context.Resource as AuthorizationFilterContext)?.HttpContext
+                ?? context.Resource as HttpContext;
+
+            if (httpContext == null)
+                return;
+
 {{#isKeyInHeader}}
-                var apiKey = authorizationFilterContext.HttpContext.Request.Headers["{{keyParamName}}"].FirstOrDefault();
+            var apiKey = httpContext.Request.Headers["{{keyParamName}}"].FirstOrDefault();
 {{/isKeyInHeader}}
 {{#isKeyInQuery}}
-                var apiKey = authorizationFilterContext.HttpContext.Request.Query["{{keyParamName}}"].FirstOrDefault();
+            var apiKey = httpContext.Request.Query["{{keyParamName}}"].FirstOrDefault();
 {{/isKeyInQuery}}
 {{#isKeyInCookie}}
-                var apiKey = authorizationFilterContext.HttpContext.Request.Cookies["{{keyParamName}}"] ?? null;
+            var apiKey = httpContext.Request.Cookies["{{keyParamName}}"] ?? null;
 {{/isKeyInCookie}}
-                if (requirement.PolicyName == "{{name}}" && apiKey != null && requirement.ApiKeys.Any(requiredApiKey => apiKey == requiredApiKey))
-                {
-                    context.Succeed(requirement);
-                }
+            if (requirement.PolicyName == "{{name}}" && apiKey != null && requirement.ApiKeys.Any(requiredApiKey => apiKey == requiredApiKey))
+            {
+                context.Succeed(requirement);
             }
-{{/isApiKey}}{{/authMethods}}
+{{/isApiKey}}
+{{/authMethods}}
         }
     }
 }
