Security handlers cannot access request params

[cionz0]

Describe the bug
The request.param is shown as an empty object if accessed from inside the security handler, while param values are correctly shown from inside the API code.

To Reproduce

• Define a parametric route and secure the API (no matter the security type).
• define a security handler
• print the request.param object from inside the API and from inside the security handler

Actual behavior
The API can see the param values, while the security handler sees only an empty object.

Expected behavior
See the same object both from inside the API code and from inside the security handler.

Examples and context

Express app code

"use strict";
const express = require("express");
const bodyParser = require("body-parser");
const cors = require("cors");
const app = express();
const openapi_validator_middleware = require("../middleware/openapi_validator_middleware");
app.use(bodyParser.json());
app.use(cors());
app.use(express.text());
app.use(express.urlencoded({extended: false}));
app.use(openapi_validator_middleware.OpenApiValidatorMiddleware);
app.use(openapi_validator_middleware.error_handler);


module.exports = () => {
    /**
     * @openapi
     * /test/{value}:
     *     post:
     *       summary: Perform an Action
     *       description: Perform a specific action based on the provided value.
     *       security:
     *          - operatorOrUserToken: []
     *       parameters:
     *         - name: value
     *           in: path
     *           required: true
     *           description: The value to be used for the action.
     *           schema:
     *             type: string
     *       responses:
     *         '200':
     *           description: Action performed successfully
     *           content:
     *             application/json:
     *               schema:
     *                 type: object
     *                 properties:
     *                   code:
     *                     type: string
     *                     example: OK
     *                   status:
     *                     type: integer
     *                     example: 200
     *                   message:
     *                     type: string
     *                     example: action performed
     *                   data:
     *                     type: object
     *                     example: {}
     */
    app.post("/test/:value", async (request, response) => {
        console.log(request.params); // <<-- prints {value: "the_value"}
        try {
            response.status(200).send({
                code: "OK", status: 200, message: "action performed", data: request.params,
            });
        } catch (e) {
            openapi_validator_middleware.error_handler(e, request, response);
        }
    });
    return app;
};

Middleware code

"use strict";


const OpenApiValidator = require("express-openapi-validator");
const security_handlers = require("./security/security_handlers");

const OpenApiValidatorMiddleware = OpenApiValidator.middleware({
    apiSpec: require("../openapi/openapi").SPECIFICATIONS,
    validateRequests: true, 
    validateResponses: true, 
    validateApiSpec: true,
    validateSecurity: {
        handlers: {
            "operatorOrUserToken": async function(request, scopes, schema) {
                console.log("params", request.params); // <<-- prints {}
                return true;
            }
        },
    },

});


module.exports = {OpenApiValidatorMiddleware};