From 94d808cd42b0c1f1ed5c9bd33164e2eb479fa541 Mon Sep 17 00:00:00 2001 From: Rens Groothuijsen Date: Sun, 28 Jun 2026 21:24:50 +0200 Subject: [PATCH 1/5] [python] Set API key cookie as key-value pair --- .../src/main/resources/python/api_client.mustache | 2 +- .../openapi_client/api_client.py | 2 +- samples/client/echo_api/python/openapi_client/api_client.py | 2 +- .../client/petstore/python-aiohttp/petstore_api/api_client.py | 2 +- .../petstore/python-httpx-sync/petstore_api/api_client.py | 2 +- .../client/petstore/python-httpx/petstore_api/api_client.py | 2 +- .../petstore/python-lazyImports/petstore_api/api_client.py | 2 +- .../openapi3/client/petstore/python/petstore_api/api_client.py | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/openapi-generator/src/main/resources/python/api_client.mustache b/modules/openapi-generator/src/main/resources/python/api_client.mustache index e414300cd095..a83a18b35ec6 100644 --- a/modules/openapi-generator/src/main/resources/python/api_client.mustache +++ b/modules/openapi-generator/src/main/resources/python/api_client.mustache @@ -680,7 +680,7 @@ class ApiClient: :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = auth_setting['value'] + headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py b/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py index 4b824e431f11..cfca2ea2b405 100644 --- a/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py +++ b/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py @@ -673,7 +673,7 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = auth_setting['value'] + headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/client/echo_api/python/openapi_client/api_client.py b/samples/client/echo_api/python/openapi_client/api_client.py index 4b824e431f11..cfca2ea2b405 100644 --- a/samples/client/echo_api/python/openapi_client/api_client.py +++ b/samples/client/echo_api/python/openapi_client/api_client.py @@ -673,7 +673,7 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = auth_setting['value'] + headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py index 3d0170779a39..5f5a1c641d57 100644 --- a/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py @@ -675,7 +675,7 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = auth_setting['value'] + headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py index 3d0170779a39..5f5a1c641d57 100644 --- a/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py @@ -675,7 +675,7 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = auth_setting['value'] + headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py index 3d0170779a39..5f5a1c641d57 100644 --- a/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py @@ -675,7 +675,7 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = auth_setting['value'] + headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py index d388566cbbe2..ad07ea6e41c6 100644 --- a/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py @@ -672,7 +672,7 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = auth_setting['value'] + headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python/petstore_api/api_client.py b/samples/openapi3/client/petstore/python/petstore_api/api_client.py index d388566cbbe2..ad07ea6e41c6 100755 --- a/samples/openapi3/client/petstore/python/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python/petstore_api/api_client.py @@ -672,7 +672,7 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = auth_setting['value'] + headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] From d71c9ceeb32d39bcf82bcd09aa7bfa7afba6921d Mon Sep 17 00:00:00 2001 From: Rens Groothuijsen Date: Sun, 28 Jun 2026 22:30:43 +0200 Subject: [PATCH 2/5] [python] Account for setting multiple cookies --- .../src/main/resources/python/api_client.mustache | 6 +++++- .../openapi_client/api_client.py | 6 +++++- samples/client/echo_api/python/openapi_client/api_client.py | 6 +++++- .../petstore/python-aiohttp/petstore_api/api_client.py | 6 +++++- .../petstore/python-httpx-sync/petstore_api/api_client.py | 6 +++++- .../client/petstore/python-httpx/petstore_api/api_client.py | 6 +++++- .../petstore/python-lazyImports/petstore_api/api_client.py | 6 +++++- .../client/petstore/python/petstore_api/api_client.py | 6 +++++- 8 files changed, 40 insertions(+), 8 deletions(-) diff --git a/modules/openapi-generator/src/main/resources/python/api_client.mustache b/modules/openapi-generator/src/main/resources/python/api_client.mustache index a83a18b35ec6..521ea384709f 100644 --- a/modules/openapi-generator/src/main/resources/python/api_client.mustache +++ b/modules/openapi-generator/src/main/resources/python/api_client.mustache @@ -680,7 +680,11 @@ class ApiClient: :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" + if not 'Cookie' in headers: + headers['Cookie'] = "" + else: + headers['Cookie'] += "; " + headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py b/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py index cfca2ea2b405..dfe146f03bb6 100644 --- a/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py +++ b/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py @@ -673,7 +673,11 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" + if not 'Cookie' in headers: + headers['Cookie'] = "" + else: + headers['Cookie'] += "; " + headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/client/echo_api/python/openapi_client/api_client.py b/samples/client/echo_api/python/openapi_client/api_client.py index cfca2ea2b405..dfe146f03bb6 100644 --- a/samples/client/echo_api/python/openapi_client/api_client.py +++ b/samples/client/echo_api/python/openapi_client/api_client.py @@ -673,7 +673,11 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" + if not 'Cookie' in headers: + headers['Cookie'] = "" + else: + headers['Cookie'] += "; " + headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py index 5f5a1c641d57..c52602752a3d 100644 --- a/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py @@ -675,7 +675,11 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" + if not 'Cookie' in headers: + headers['Cookie'] = "" + else: + headers['Cookie'] += "; " + headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py index 5f5a1c641d57..c52602752a3d 100644 --- a/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py @@ -675,7 +675,11 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" + if not 'Cookie' in headers: + headers['Cookie'] = "" + else: + headers['Cookie'] += "; " + headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py index 5f5a1c641d57..c52602752a3d 100644 --- a/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py @@ -675,7 +675,11 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" + if not 'Cookie' in headers: + headers['Cookie'] = "" + else: + headers['Cookie'] += "; " + headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py index ad07ea6e41c6..091319638cff 100644 --- a/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py @@ -672,7 +672,11 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" + if not 'Cookie' in headers: + headers['Cookie'] = "" + else: + headers['Cookie'] += "; " + headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python/petstore_api/api_client.py b/samples/openapi3/client/petstore/python/petstore_api/api_client.py index ad07ea6e41c6..091319638cff 100755 --- a/samples/openapi3/client/petstore/python/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python/petstore_api/api_client.py @@ -672,7 +672,11 @@ def _apply_auth_params( :param auth_setting: auth settings for the endpoint """ if auth_setting['in'] == 'cookie': - headers['Cookie'] = f"{auth_setting['key']}={auth_setting['value']}" + if not 'Cookie' in headers: + headers['Cookie'] = "" + else: + headers['Cookie'] += "; " + headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] From bd13ed06ae703c1a377b3183538196003ccc0dc3 Mon Sep 17 00:00:00 2001 From: Rens Groothuijsen Date: Sun, 28 Jun 2026 22:44:54 +0200 Subject: [PATCH 3/5] Quote API cookie value to avoid possible parsing issues Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> --- samples/client/echo_api/python/openapi_client/api_client.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/client/echo_api/python/openapi_client/api_client.py b/samples/client/echo_api/python/openapi_client/api_client.py index dfe146f03bb6..a8bb9b02bbeb 100644 --- a/samples/client/echo_api/python/openapi_client/api_client.py +++ b/samples/client/echo_api/python/openapi_client/api_client.py @@ -677,7 +677,7 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" + headers['Cookie'] += f"{auth_setting['key']}={quote(auth_setting['value'], safe='')}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] From c552c8b66313a7c145a66209dd63e11849ea713f Mon Sep 17 00:00:00 2001 From: Rens Groothuijsen Date: Mon, 29 Jun 2026 00:23:18 +0200 Subject: [PATCH 4/5] [python] Stringify and quote API key cookie value to avoid possible parsing errors --- .../src/main/resources/python/api_client.mustache | 4 +++- .../openapi_client/api_client.py | 4 +++- samples/client/echo_api/python/openapi_client/api_client.py | 4 +++- .../client/petstore/python-aiohttp/petstore_api/api_client.py | 4 +++- .../petstore/python-httpx-sync/petstore_api/api_client.py | 4 +++- .../client/petstore/python-httpx/petstore_api/api_client.py | 4 +++- .../petstore/python-lazyImports/petstore_api/api_client.py | 4 +++- .../client/petstore/python/petstore_api/api_client.py | 4 +++- 8 files changed, 24 insertions(+), 8 deletions(-) diff --git a/modules/openapi-generator/src/main/resources/python/api_client.mustache b/modules/openapi-generator/src/main/resources/python/api_client.mustache index 521ea384709f..dc95c7c3f3c1 100644 --- a/modules/openapi-generator/src/main/resources/python/api_client.mustache +++ b/modules/openapi-generator/src/main/resources/python/api_client.mustache @@ -684,7 +684,9 @@ class ApiClient: headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" + # Account for cookie value containing spaces or being non-string value + cookie_value = quote(str(auth_setting['value']), safe='') + headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py b/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py index dfe146f03bb6..3de6ef05d1f1 100644 --- a/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py +++ b/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py @@ -677,7 +677,9 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" + # Account for cookie value containing spaces or being non-string value + cookie_value = quote(str(auth_setting['value']), safe='') + headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/client/echo_api/python/openapi_client/api_client.py b/samples/client/echo_api/python/openapi_client/api_client.py index a8bb9b02bbeb..3de6ef05d1f1 100644 --- a/samples/client/echo_api/python/openapi_client/api_client.py +++ b/samples/client/echo_api/python/openapi_client/api_client.py @@ -677,7 +677,9 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={quote(auth_setting['value'], safe='')}" + # Account for cookie value containing spaces or being non-string value + cookie_value = quote(str(auth_setting['value']), safe='') + headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py index c52602752a3d..0274633db2b0 100644 --- a/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py @@ -679,7 +679,9 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" + # Account for cookie value containing spaces or being non-string value + cookie_value = quote(str(auth_setting['value']), safe='') + headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py index c52602752a3d..0274633db2b0 100644 --- a/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py @@ -679,7 +679,9 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" + # Account for cookie value containing spaces or being non-string value + cookie_value = quote(str(auth_setting['value']), safe='') + headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py index c52602752a3d..0274633db2b0 100644 --- a/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py @@ -679,7 +679,9 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" + # Account for cookie value containing spaces or being non-string value + cookie_value = quote(str(auth_setting['value']), safe='') + headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py index 091319638cff..739a6d372350 100644 --- a/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py @@ -676,7 +676,9 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" + # Account for cookie value containing spaces or being non-string value + cookie_value = quote(str(auth_setting['value']), safe='') + headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] diff --git a/samples/openapi3/client/petstore/python/petstore_api/api_client.py b/samples/openapi3/client/petstore/python/petstore_api/api_client.py index 091319638cff..739a6d372350 100755 --- a/samples/openapi3/client/petstore/python/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python/petstore_api/api_client.py @@ -676,7 +676,9 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - headers['Cookie'] += f"{auth_setting['key']}={auth_setting['value']}" + # Account for cookie value containing spaces or being non-string value + cookie_value = quote(str(auth_setting['value']), safe='') + headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': headers[auth_setting['key']] = auth_setting['value'] From 07e3e01d821a7435f4db009d8c4df9670a91c6bb Mon Sep 17 00:00:00 2001 From: Rens Groothuijsen Date: Mon, 29 Jun 2026 01:33:55 +0200 Subject: [PATCH 5/5] [python] Limit cookie value URL-encoding to spaces and semicolons --- .../src/main/resources/python/api_client.mustache | 4 ++-- .../openapi_client/api_client.py | 4 ++-- samples/client/echo_api/python/openapi_client/api_client.py | 4 ++-- .../client/petstore/python-aiohttp/petstore_api/api_client.py | 4 ++-- .../petstore/python-httpx-sync/petstore_api/api_client.py | 4 ++-- .../client/petstore/python-httpx/petstore_api/api_client.py | 4 ++-- .../petstore/python-lazyImports/petstore_api/api_client.py | 4 ++-- .../client/petstore/python/petstore_api/api_client.py | 4 ++-- 8 files changed, 16 insertions(+), 16 deletions(-) diff --git a/modules/openapi-generator/src/main/resources/python/api_client.mustache b/modules/openapi-generator/src/main/resources/python/api_client.mustache index dc95c7c3f3c1..a25eb9bd7188 100644 --- a/modules/openapi-generator/src/main/resources/python/api_client.mustache +++ b/modules/openapi-generator/src/main/resources/python/api_client.mustache @@ -684,8 +684,8 @@ class ApiClient: headers['Cookie'] = "" else: headers['Cookie'] += "; " - # Account for cookie value containing spaces or being non-string value - cookie_value = quote(str(auth_setting['value']), safe='') + # Encode spaces and semicolons in cookie value, leaving other characters as-is + cookie_value = str(auth_setting['value']).replace(" ", "%20").replace(";", "%3B") headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': diff --git a/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py b/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py index 3de6ef05d1f1..7b2e68094897 100644 --- a/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py +++ b/samples/client/echo_api/python-disallowAdditionalPropertiesIfNotPresent/openapi_client/api_client.py @@ -677,8 +677,8 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - # Account for cookie value containing spaces or being non-string value - cookie_value = quote(str(auth_setting['value']), safe='') + # Encode spaces and semicolons in cookie value, leaving other characters as-is + cookie_value = str(auth_setting['value']).replace(" ", "%20").replace(";", "%3B") headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': diff --git a/samples/client/echo_api/python/openapi_client/api_client.py b/samples/client/echo_api/python/openapi_client/api_client.py index 3de6ef05d1f1..7b2e68094897 100644 --- a/samples/client/echo_api/python/openapi_client/api_client.py +++ b/samples/client/echo_api/python/openapi_client/api_client.py @@ -677,8 +677,8 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - # Account for cookie value containing spaces or being non-string value - cookie_value = quote(str(auth_setting['value']), safe='') + # Encode spaces and semicolons in cookie value, leaving other characters as-is + cookie_value = str(auth_setting['value']).replace(" ", "%20").replace(";", "%3B") headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': diff --git a/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py index 0274633db2b0..c2a5838c7e48 100644 --- a/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-aiohttp/petstore_api/api_client.py @@ -679,8 +679,8 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - # Account for cookie value containing spaces or being non-string value - cookie_value = quote(str(auth_setting['value']), safe='') + # Encode spaces and semicolons in cookie value, leaving other characters as-is + cookie_value = str(auth_setting['value']).replace(" ", "%20").replace(";", "%3B") headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': diff --git a/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py index 0274633db2b0..c2a5838c7e48 100644 --- a/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-httpx-sync/petstore_api/api_client.py @@ -679,8 +679,8 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - # Account for cookie value containing spaces or being non-string value - cookie_value = quote(str(auth_setting['value']), safe='') + # Encode spaces and semicolons in cookie value, leaving other characters as-is + cookie_value = str(auth_setting['value']).replace(" ", "%20").replace(";", "%3B") headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': diff --git a/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py index 0274633db2b0..c2a5838c7e48 100644 --- a/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-httpx/petstore_api/api_client.py @@ -679,8 +679,8 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - # Account for cookie value containing spaces or being non-string value - cookie_value = quote(str(auth_setting['value']), safe='') + # Encode spaces and semicolons in cookie value, leaving other characters as-is + cookie_value = str(auth_setting['value']).replace(" ", "%20").replace(";", "%3B") headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': diff --git a/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py b/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py index 739a6d372350..279b5199af21 100644 --- a/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python-lazyImports/petstore_api/api_client.py @@ -676,8 +676,8 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - # Account for cookie value containing spaces or being non-string value - cookie_value = quote(str(auth_setting['value']), safe='') + # Encode spaces and semicolons in cookie value, leaving other characters as-is + cookie_value = str(auth_setting['value']).replace(" ", "%20").replace(";", "%3B") headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature': diff --git a/samples/openapi3/client/petstore/python/petstore_api/api_client.py b/samples/openapi3/client/petstore/python/petstore_api/api_client.py index 739a6d372350..279b5199af21 100755 --- a/samples/openapi3/client/petstore/python/petstore_api/api_client.py +++ b/samples/openapi3/client/petstore/python/petstore_api/api_client.py @@ -676,8 +676,8 @@ def _apply_auth_params( headers['Cookie'] = "" else: headers['Cookie'] += "; " - # Account for cookie value containing spaces or being non-string value - cookie_value = quote(str(auth_setting['value']), safe='') + # Encode spaces and semicolons in cookie value, leaving other characters as-is + cookie_value = str(auth_setting['value']).replace(" ", "%20").replace(";", "%3B") headers['Cookie'] += f"{auth_setting['key']}={cookie_value}" elif auth_setting['in'] == 'header': if auth_setting['type'] != 'http-signature':