fix(api): remove global openapi bearer security

Co-Authored-By: Virgil <virgil@lethean.io>
2026-04-02 08:54:24 +00:00 · 2026-04-02 08:54:24 +00:00 · d40ff2c294
commit d40ff2c294
parent 192f8331f2
2 changed files with 2 additions and 13 deletions
--- a/openapi.go
+++ b/openapi.go
@ -74,11 +74,6 @@ func (sb *SpecBuilder) Build(groups []RouteGroup) ([]byte, error) {
 		},
 		"paths": sb.buildPaths(prepared),
 		"tags":  sb.buildTags(prepared),
-		"security": []any{
-			map[string]any{
-				"bearerAuth": []any{},
-			},
-		},
 	}

 	if sb.LicenseName != "" {
--- a/openapi_test.go
+++ b/openapi_test.go
@ -197,14 +197,8 @@ func TestSpecBuilder_Good_EmptyGroups(t *testing.T) {
 	if bearerAuth["scheme"] != "bearer" {
 		t.Fatalf("expected bearerAuth.scheme=bearer, got %v", bearerAuth["scheme"])
 	}
-
-	security := spec["security"].([]any)
-	if len(security) != 1 {
-		t.Fatalf("expected one default security requirement, got %d", len(security))
-	}
-	req := security[0].(map[string]any)
-	if _, ok := req["bearerAuth"]; !ok {
-		t.Fatal("expected default bearerAuth security requirement")
+	if _, ok := spec["security"]; ok {
+		t.Fatal("expected no global security requirement in the document")
 	}
 }