Cannot get overwrites.*.overwriteRequestSecurity to work

[tomchkk]

I'm attempting to overwrite oauth2 security config at both the global and request level. I can get the config to overwrite at global level, but it just doesn't seem to work at request level. I've sanity checked my base spec and am confident that it is set-up correctly, defining an available security element in the request in question. However, no matter what I do, I cannot get the values to overwrite in the output collection.

I'm including my oas, the portman config and the resulting postman collection files.

Using portman version 1.26.2

Appreciate any pointers.

openapi: 3.0.0

info:
  title: 'my-oas'
  version: 1.0.0

security:
  - ClientCredentials: [ ]

paths:
  /api/v1/resources:
    get:
      operationId: get.api.v1.resources.index
      responses:
        '204':
          description: The server has successfully fulfilled the request and there is no additional content to send in the response payload body.
  /api/v1/resources/show:
    get:
      operationId: get.api.v1.resources.show
      security:
        - PasswordGrant: [ ]
      responses:
        '204':
          description: The server has successfully fulfilled the request and there is no additional content to send in the response payload body.

components:
  securitySchemes:
    ClientCredentials:
      type: oauth2
      description: See https://www.oauth.com/oauth2-servers/access-tokens/client-credentials/ for request and response details.
      flows:
        clientCredentials:
          tokenUrl: oauth/token
          scopes: { }
    PasswordGrant:
      type: oauth2
      description: See https://www.oauth.com/oauth2-servers/access-tokens/password-grant/ for request and response details
      flows:
        password:
          tokenUrl: oauth/token
          scopes: { }

collection.postman.json
portman-config.json

[tomchkk]

Edit: I note that there is also this open portman issue #483 which links to this open postman issue postmanlabs/openapi-to-postman#465.

If I understand this issue correctly, it relates to importing the modified collection into postman. Manually updating the auth key in question the collection is correctly imported into Postman.

[thim81]

hi @tomchkk

Thanks for all the config files. We will use to try to reproduce the issue.
The Postman issue #483 seems to be related.
But Portman does manipulate the converted Posmtan collection, so perhaps we can find a way around the current issue.

We will try to find some time to reproduce it first and after that see how we can solve it.

[thim81]

hi @tomchkk

I did a try but I was unable to generate a proper Postman config that was accepted by Postman.
Not sure how to proceed here.

[tomchkk]

Hey @thim81 - thanks for taking a look at this.

I created the attached collection in Postman, exported it and was able to import it independently into Postman without issue. However, I haven't found a way to make this same collection using Portman.

Portman Collection Conversion Issue.postman_collection.json

[thim81]

@tomchkk

That is again very useful, I'll try to make some time in the near future to further investigate.