Python httpx client: Cookie auth sends value without name #23301
Description
Issue Description
When using cookie-based authentication (type: apiKey, in: cookie) with an explicit name field in the OpenAPI spec, the Python httpx client generator produces incorrect Cookie headers.
Specification Example
"securitySchemes": {
"APIKeyCookie": {
"type": "apiKey",
"in": "cookie",
"name": "my_cookie_name"
}
}Expected Behavior
The generated code should send: Cookie: my_cookie_name=<token>
Actual Behavior
The generated _apply_auth_params method in api_client.py produces: Cookie: <token> (missing the cookie name)
Generated Code (buggy):
if auth_setting['in'] == 'cookie':
headers['Cookie'] = auth_setting['value']Analysis
The cookie name is correctly stored in auth_setting['key'] (e.g., "my_cookie_name"), but the generated code ignores it and only uses auth_setting['value'] (the token).
This is inconsistent with how header and query auth are handled, where the key/name is correctly used:
elif auth_setting['in'] == 'header':
headers[auth_setting['key']] = auth_setting['value'] # Correct
elif auth_setting['in'] == 'query':
queries.append((auth_setting['key'], auth_setting['value'])) # CorrectExpected Fix
The cookie case should format the header as:
if auth_setting['in'] == 'cookie':
headers['Cookie'] = f\"{auth_setting['key']}={auth_setting['value']}\"Environment
- Generator version: 7.19.0
- Template: Python httpx library
- OpenAPI spec version: 3.x
Suggestion
This affects all Python clients using cookie authentication. Please consider fixing the template file that generates this code.