Problem
Auth requirements are per-operation; a two-boolean scheme doesn't generalise.
Proposed change
Generate one flag per security scheme plus a precedence ladder per operation. sdk-core's auth step consumes the descriptor + available credentials and throws a tailored "requires X" error. Keep core scheme-agnostic; per-cloud/OAuth specifics stay in adapters.
Acceptance
Priority: medium · Effort: medium
Problem
Auth requirements are per-operation; a two-boolean scheme doesn't generalise.
Proposed change
Generate one flag per security scheme plus a precedence ladder per operation. sdk-core's auth step consumes the descriptor + available credentials and throws a tailored "requires X" error. Keep core scheme-agnostic; per-cloud/OAuth specifics stay in adapters.
Acceptance
Priority: medium · Effort: medium