openapi-ruby 0.1.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1f245f12d9c4ef8bfb96c0eff05a0ca82ad6c9c883846f23bcad9c53ce1a8b5c
-  data.tar.gz: d01ed0f0c3e268762fb212da520177c782c03bc5165c0a6059cb63f812f24ad5
+  metadata.gz: f4d1e0c7be33a19d1264716a6864c964451717c477a2d8be113c636d7ac12744
+  data.tar.gz: ef006bb3472303c4aeee1faf6291822a22e0c02c9f2bf81fc7f7296462bb5324
 SHA512:
-  metadata.gz: 177354fea7faf025cc7922a718e65767139a03cc6bc096fc67ab6c60830ed091718f2b665bb61be96402c0460a1dbf4451d60f7a300cc46752c9bb763133d0d6
-  data.tar.gz: 32c8a6d4ad9d6cc0155c80051756eab313e0e0b71c71802d1b0efe1fe70f9f03635a0b66cad462b4700fd108a04ce9ffc6f2e2be894d850596c1cf6b0872236a
+  metadata.gz: 80cf5378dfb48cdec73b9a19a57449b4891eddf7282f1ff3e251d77f4f04c7e876fa87ec89feef8dcf5bb10cea22ecd12f1c5dc30fd68a175ecc04ba44a26e1d
+  data.tar.gz: 0f3bf8c4096823a12426ec2c289be4200ec45b27262e4f4a991b67d08fa17a65d4673dc0fabda1c67cb9e634ceedb4ace95bc5187034b84ea09920efa0711dd7

data/lib/openapi_ruby/adapters/minitest.rb

@@ -43,9 +43,16 @@ module OpenapiRuby
           request_params = body || params.reject { |k, _| path_param_names(context).include?(k.to_s) }
           request_headers = headers.dup
 
-          if body.is_a?(Hash)
-            request_params = body.to_json
-            request_headers["Content-Type"] ||= "application/json"
+          if body
+            content_type = request_headers["Content-Type"] || context.operations[method.to_s]&.instance_variable_get(:@consumes_list)&.first
+
+            if content_type&.include?("form-data") || content_type&.include?("x-www-form-urlencoded")
+              request_params = body
+              request_headers["Content-Type"] ||= content_type
+            else
+              request_params = body.is_a?(String) ? body : body.to_json
+              request_headers["Content-Type"] ||= content_type || "application/json"
+            end
           end
 
           send_args = {params: request_params}

data/lib/openapi_ruby/adapters/rspec.rb

@@ -170,9 +170,16 @@ module OpenapiRuby
             send_args = {params: body || params}
             send_args[:headers] = headers if headers.any?
 
-            if (body && headers["Content-Type"]&.include?("json")) || body.is_a?(Hash)
-              send_args[:params] = body.is_a?(String) ? body : body.to_json
-              send_args[:headers] = (headers || {}).merge("Content-Type" => "application/json")
+            if body
+              content_type = headers["Content-Type"] || operation&.instance_variable_get(:@consumes_list)&.first
+
+              if content_type&.include?("form-data") || content_type&.include?("x-www-form-urlencoded")
+                send_args[:params] = body
+                send_args[:headers] = (headers || {}).merge("Content-Type" => content_type)
+              else
+                send_args[:params] = body.is_a?(String) ? body : body.to_json
+                send_args[:headers] = (headers || {}).merge("Content-Type" => content_type || "application/json")
+              end
             end
 
             send(method.to_sym, path, **send_args)

data/lib/openapi_ruby/components/base.rb

@@ -10,6 +10,7 @@ module OpenapiRuby
         base.class_attribute :_skip_key_transformation, default: false
         base.class_attribute :_component_type, default: :schemas
         base.class_attribute :_component_scopes, default: []
+        base.class_attribute :_component_scopes_explicitly_set, default: false
 
         Registry.instance.register(base) if base.name
       end
@@ -22,6 +23,7 @@ module OpenapiRuby
           subclass._skip_key_transformation = _skip_key_transformation
           subclass._component_type = _component_type
           subclass._component_scopes = _component_scopes.dup
+          subclass._component_scopes_explicitly_set = _component_scopes_explicitly_set
           Registry.instance.register(subclass) if subclass.name
         end
 
@@ -45,13 +47,29 @@ module OpenapiRuby
         end
 
         def component_scopes(*scopes)
+          Registry.instance.unregister(self)
           self._component_scopes = scopes.flatten.map(&:to_sym)
+          self._component_scopes_explicitly_set = true
+          Registry.instance.register(self)
+        end
+
+        def shared_component
+          self._component_scopes = []
+          self._component_scopes_explicitly_set = true
         end
 
         def component_name
           (name || "Anonymous").demodulize
         end
 
+        def registry_key
+          if _component_scopes.empty?
+            component_name
+          else
+            "#{_component_scopes.sort.join("_")}:#{component_name}"
+          end
+        end
+
         def to_openapi
           definition = _schema_definition.deep_dup
 

data/lib/openapi_ruby/components/loader.rb

@@ -12,7 +12,7 @@ module OpenapiRuby
 
       def load!
         define_namespace_modules!
-        component_files.each { |f| require f }
+        load_component_files!
         self
       end
 
@@ -63,13 +63,70 @@ module OpenapiRuby
           expanded = File.expand_path(path)
           next unless Dir.exist?(expanded)
 
-          Dir.children(expanded).select { |f| File.directory?(File.join(expanded, f)) }.each do |dir|
-            mod_name = dir.camelize.to_sym
-            Object.const_set(mod_name, Module.new) unless Object.const_defined?(mod_name)
+          define_nested_modules(expanded, expanded)
+        end
+      end
+
+      def define_nested_modules(base_path, current_path)
+        Dir.children(current_path).select { |f| File.directory?(File.join(current_path, f)) }.each do |dir|
+          mod_name = dir.camelize.to_sym
+          Object.const_set(mod_name, Module.new) unless Object.const_defined?(mod_name)
+
+          child_path = File.join(current_path, dir)
+          define_nested_modules(base_path, child_path)
+        end
+      end
+
+      def load_component_files!
+        scope_paths = OpenapiRuby.configuration.component_scope_paths
+
+        if scope_paths.any?
+          load_with_scope_inference(scope_paths)
+        else
+          component_files.each { |f| require f }
+        end
+      end
+
+      def load_with_scope_inference(scope_paths)
+        @paths.each do |base_path|
+          expanded = File.expand_path(base_path)
+          next unless Dir.exist?(expanded)
+
+          files = Dir[File.join(expanded, "**", "*.rb")].sort
+
+          files.each do |file|
+            relative = file.sub("#{expanded}/", "")
+            inferred_scope = infer_scope(relative, scope_paths)
+
+            registered_before = Registry.instance.all_registered_classes.dup
+            require file
+            registered_after = Registry.instance.all_registered_classes
+
+            new_classes = registered_after - registered_before
+            new_classes.each do |klass|
+              next if klass._component_scopes_explicitly_set
+
+              if inferred_scope == :shared
+                # Shared components have empty scopes (included in all specs)
+                klass._component_scopes = []
+              elsif inferred_scope
+                Registry.instance.unregister(klass)
+                klass._component_scopes = [inferred_scope]
+                Registry.instance.register(klass)
+              end
+            end
           end
         end
       end
 
+      def infer_scope(relative_path, scope_paths)
+        # Match longest prefix first for specificity
+        scope_paths.sort_by { |prefix, _| -prefix.length }.each do |prefix, scope|
+          return scope&.to_sym if relative_path.start_with?("#{prefix}/")
+        end
+        nil
+      end
+
       def component_files
         @paths.flat_map do |path|
           expanded = File.expand_path(path)

data/lib/openapi_ruby/components/registry.rb

@@ -13,21 +13,21 @@ module OpenapiRuby
 
       def register(component_class)
         type = component_class._component_type
-        name = component_class.component_name
+        key = component_class.registry_key
 
         @components[type] ||= {}
 
-        if @components[type].key?(name) && @components[type][name] != component_class
-          raise DuplicateComponentError, "Component '#{name}' already registered under #{type}"
+        if @components[type].key?(key) && @components[type][key] != component_class
+          raise DuplicateComponentError, "Component '#{component_class.component_name}' already registered under #{type}"
         end
 
-        @components[type][name] = component_class
+        @components[type][key] = component_class
       end
 
       def unregister(component_class)
         type = component_class._component_type
-        name = component_class.component_name
-        @components[type]&.delete(name)
+        key = component_class.registry_key
+        @components[type]&.delete(key)
       end
 
       def components_for(type)
@@ -38,6 +38,10 @@ module OpenapiRuby
         @components.keys
       end
 
+      def all_registered_classes
+        @components.values.flat_map(&:values)
+      end
+
       def grouped_by_type
         @components.dup
       end

data/lib/openapi_ruby/configuration.rb

@@ -8,8 +8,12 @@ module OpenapiRuby
 
     # Components
     attr_accessor :component_paths
+    attr_accessor :component_scope_paths
     attr_accessor :camelize_keys, :key_transform, :response_validation, :strict_query_params,
       :coerce_params, :error_handler, :schema_output_format, :validate_responses_in_tests, :ui_path, :ui_config, :coverage_report_path
+    attr_accessor :strict_reference_validation
+    attr_accessor :auto_validation_error_response
+    attr_accessor :validation_error_schema
 
     # Middleware (runtime validation)
     attr_accessor :request_validation
@@ -26,6 +30,7 @@ module OpenapiRuby
     def initialize
       @schemas = {}
       @component_paths = ["app/api_components"]
+      @component_scope_paths = {}
       @camelize_keys = true
       @key_transform = nil
       @request_validation = :disabled
@@ -39,6 +44,9 @@ module OpenapiRuby
       @ui_enabled = false
       @ui_path = "/api-docs"
       @ui_config = {}
+      @strict_reference_validation = true
+      @auto_validation_error_response = true
+      @validation_error_schema = nil
       @coverage_enabled = false
       @coverage_report_path = "tmp/openapi_coverage.json"
     end

data/lib/openapi_ruby/core/document.rb

@@ -3,13 +3,15 @@
 module OpenapiRuby
   module Core
     class Document
-      OPENAPI_VERSION = "3.1.0"
+      MIN_OPENAPI_VERSION = "3.1.0"
+      DEFAULT_OPENAPI_VERSION = "3.1.0"
 
       attr_reader :data
 
-      def initialize(info: {}, servers: [])
+      def initialize(info: {}, servers: [], openapi_version: DEFAULT_OPENAPI_VERSION)
+        validate_version!(openapi_version)
         @data = {
-          "openapi" => OPENAPI_VERSION,
+          "openapi" => openapi_version,
           "info" => normalize_info(info),
           "paths" => {}
         }
@@ -34,7 +36,13 @@ module OpenapiRuby
       end
 
       def to_h
-        @data
+        result = @data.dup
+        result["paths"] = result["paths"].sort.to_h if result["paths"]
+        if result["components"]
+          result["components"] = result["components"].transform_values { |v| v.sort.to_h }
+        end
+        result["tags"] = result["tags"].sort_by { |t| t["name"].to_s } if result["tags"]
+        result
       end
 
       def to_json(*_args)
@@ -59,6 +67,13 @@ module OpenapiRuby
 
       private
 
+      def validate_version!(version)
+        if Gem::Version.new(version) < Gem::Version.new(MIN_OPENAPI_VERSION)
+          raise OpenapiRuby::ConfigurationError,
+            "OpenAPI version must be >= #{MIN_OPENAPI_VERSION}, got #{version}"
+        end
+      end
+
       def normalize_info(info)
         result = info.transform_keys(&:to_s)
         result["title"] ||= ""

data/lib/openapi_ruby/core/document_builder.rb

@@ -7,7 +7,8 @@ module OpenapiRuby
         @spec_config = spec_config
         @document = Document.new(
           info: spec_config[:info] || {},
-          servers: spec_config[:servers] || []
+          servers: spec_config[:servers] || [],
+          openapi_version: spec_config[:openapi_version] || Document::DEFAULT_OPENAPI_VERSION
         )
         @paths = {}
         @components = {}
@@ -33,6 +34,7 @@ module OpenapiRuby
       end
 
       def build
+        inject_validation_error_responses! if OpenapiRuby.configuration.auto_validation_error_response
         @paths.each { |template, path_item| @document.add_path(template, path_item) }
         @document.set_components(@components)
         @document.set_security(@security)
@@ -43,6 +45,48 @@ module OpenapiRuby
       def to_h
         build.to_h
       end
+
+      private
+
+      def inject_validation_error_responses!
+        # Add ValidationError response component
+        @components["responses"] ||= {}
+        @components["responses"]["ValidationError"] ||= {
+          "description" => "Request validation failed",
+          "content" => {
+            "application/json" => {
+              "schema" => validation_error_component_schema
+            }
+          }
+        }
+
+        # Add 400 to every operation that doesn't already define one
+        @paths.each_value do |path_item|
+          path_item.each do |key, operation|
+            next unless operation.is_a?(Hash) && operation.key?("responses")
+            next if key == "parameters"
+
+            operation["responses"]["400"] ||= {"$ref" => "#/components/responses/ValidationError"}
+          end
+        end
+      end
+
+      def validation_error_component_schema
+        custom = OpenapiRuby.configuration.validation_error_schema
+        return custom if custom
+
+        {
+          "type" => "object",
+          "properties" => {
+            "error" => {"type" => "string"},
+            "details" => {
+              "type" => "array",
+              "items" => {"type" => "string"}
+            }
+          },
+          "required" => %w[error details]
+        }
+      end
     end
   end
 end

data/lib/openapi_ruby/engine.rb

@@ -8,21 +8,29 @@ module OpenapiRuby
       config = OpenapiRuby.configuration
 
       if config.request_validation != :disabled || config.response_validation != :disabled
-        schema_path = default_schema_path(config)
+        config.schemas.each do |name, schema_config|
+          schema_path = resolve_schema_path(config, name)
+          next unless schema_path && File.exist?(schema_path)
 
-        if schema_path && File.exist?(schema_path)
-          resolver = Middleware::SchemaResolver.new(spec_path: schema_path)
+          resolver = Middleware::SchemaResolver.new(
+            spec_path: schema_path,
+            strict_reference_validation: config.strict_reference_validation
+          )
+
+          prefix = schema_config[:prefix]
 
           if config.request_validation != :disabled
             app.middleware.use Middleware::RequestValidation,
               schema_resolver: resolver,
-              mode: config.request_validation
+              mode: config.request_validation,
+              prefix: prefix
           end
 
           if config.response_validation != :disabled
             app.middleware.use Middleware::ResponseValidation,
               schema_resolver: resolver,
-              mode: config.response_validation
+              mode: config.response_validation,
+              prefix: prefix
           end
         end
       end
@@ -46,10 +54,7 @@ module OpenapiRuby
 
     private
 
-    def default_schema_path(config)
-      return nil if config.schemas.empty?
-
-      schema_name = config.schemas.keys.first
+    def resolve_schema_path(config, schema_name)
       ext = (config.schema_output_format == :json) ? "json" : "yaml"
       Rails.root.join(config.schema_output_dir, "#{schema_name}.#{ext}").to_s
     end

data/lib/openapi_ruby/generator/schema_writer.rb

@@ -23,6 +23,7 @@ module OpenapiRuby
 
       def write!
         document = build_document
+        validate_document!(document) if OpenapiRuby.configuration.strict_reference_validation
         output_path = File.join(output_dir, filename)
         FileUtils.mkdir_p(output_dir)
         File.write(output_path, format_output(document))
@@ -56,6 +57,14 @@ module OpenapiRuby
         "#{@schema_name}.#{ext}"
       end
 
+      def validate_document!(document)
+        errors = document.validate
+        return if errors.empty?
+
+        error_messages = errors.first(10).map { |e| e["error"] || e.to_s }
+        warn "[openapi_ruby] Generated schema '#{@schema_name}' has validation errors:\n#{error_messages.join("\n")}"
+      end
+
       def format_output(document)
         if OpenapiRuby.configuration.schema_output_format == :json
           document.to_json

data/lib/openapi_ruby/middleware/request_validation.rb

@@ -10,13 +10,22 @@ module OpenapiRuby
         @coerce = options.fetch(:coerce, OpenapiRuby.configuration.coerce_params)
         @error_handler = options[:error_handler] || ErrorHandler.new
         @mode = options.fetch(:mode, OpenapiRuby.configuration.request_validation)
+        @prefix = options[:prefix]
       end
 
       def call(env)
         return @app.call(env) if @mode == :disabled
 
         request = Rack::Request.new(env)
-        result = @resolver.find_operation(request.request_method, request.path_info)
+
+        # Skip if request doesn't match prefix
+        if @prefix && !request.path_info.start_with?(@prefix)
+          return @app.call(env)
+        end
+
+        # Strip prefix for path matching
+        match_path = @prefix ? request.path_info.sub(@prefix, "") : request.path_info
+        result = @resolver.find_operation(request.request_method, match_path)
 
         if result.nil?
           return strict? ? @error_handler.not_found(request.path_info) : @app.call(env)
@@ -194,6 +203,11 @@ module OpenapiRuby
 
         if media_type&.include?("json")
           JSON.parse(content)
+        elsif media_type&.include?("x-www-form-urlencoded")
+          Rack::Utils.parse_nested_query(content)
+        elsif media_type&.include?("form-data")
+          # Multipart form data is already parsed by Rack into params
+          nil
         else
           content
         end

data/lib/openapi_ruby/middleware/response_validation.rb

@@ -9,11 +9,19 @@ module OpenapiRuby
         @error_handler = options[:error_handler] || ErrorHandler.new
         @mode = options.fetch(:mode, OpenapiRuby.configuration.response_validation)
         @validate_success_only = options.fetch(:validate_success_only, true)
+        @prefix = options[:prefix]
       end
 
       def call(env)
         return @app.call(env) if @mode == :disabled
 
+        request = Rack::Request.new(env)
+
+        # Skip if request doesn't match prefix
+        if @prefix && !request.path_info.start_with?(@prefix)
+          return @app.call(env)
+        end
+
         status, headers, body = @app.call(env)
 
         # Skip validation for certain status codes

data/lib/openapi_ruby/middleware/schema_resolver.rb

@@ -3,15 +3,16 @@
 module OpenapiRuby
   module Middleware
     class SchemaResolver
-      def initialize(spec_path: nil, document: nil)
+      def initialize(spec_path: nil, document: nil, strict_reference_validation: true)
         @spec_path = spec_path
         @document = document
+        @strict_reference_validation = strict_reference_validation
         @path_matcher = nil
         @schemer = nil
       end
 
       def document
-        @document ||= load_document
+        @document ||= load_document.tap { |doc| validate_document!(doc) }
       end
 
       def schemer
@@ -39,6 +40,18 @@ module OpenapiRuby
 
       private
 
+      def validate_document!(doc)
+        return unless @strict_reference_validation
+
+        schemer = JSONSchemer.openapi(doc)
+        errors = schemer.validate.to_a
+        return if errors.empty?
+
+        error_messages = errors.first(5).map { |e| e["error"] || e.to_s }
+        raise OpenapiRuby::ConfigurationError,
+          "OpenAPI document validation failed:\n#{error_messages.join("\n")}"
+      end
+
       def load_document
         raise ConfigurationError, "No spec_path configured for middleware" unless @spec_path
 

data/lib/openapi_ruby/testing/request_builder.rb

@@ -62,9 +62,17 @@ module OpenapiRuby
       def build_body
         return nil unless @body_value
 
-        if @body_value.is_a?(Hash) || @body_value.is_a?(Array)
+        content_type = @headers&.fetch("Content-Type", nil)
+        consumes = @operation.instance_variable_get(:@consumes_list)
+        content_type ||= consumes&.first
+
+        if content_type&.include?("form-data") || content_type&.include?("x-www-form-urlencoded")
+          @body_value
+        elsif @body_value.is_a?(Hash) || @body_value.is_a?(Array)
+          @body_value.to_json
+        else
+          @body_value
         end
-        @body_value
       end
 
       def deep_stringify(value)

data/lib/openapi_ruby/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module OpenapiRuby
-  VERSION = "0.1.0"
+  VERSION = "2.0.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: openapi-ruby
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Morten Hartvig
@@ -140,7 +140,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 4.0.6
+rubygems_version: 3.6.9
 specification_version: 4
 summary: OpenAPI 3.1 toolkit for Rails — spec generation, schema components, and runtime
   validation