openapi_first 0.11.0.alpha → 0.12.1

data/benchmarks/apps/openapi_first.ru

@@ -5,7 +5,7 @@ require 'openapi_first'
 
 namespace = Module.new do
   def self.find_thing(params, _res)
-    { hello: 'world', id: params.fetch('id') }
+    { hello: 'world', id: params.fetch(:id) }
   end
 
   def self.find_things(_params, _res)

data/examples/app.rb

@@ -13,4 +13,9 @@ module Web
 end
 
 oas_path = File.absolute_path('./openapi.yaml', __dir__)
-App = OpenapiFirst.app(oas_path, namespace: Web)
+
+App = OpenapiFirst.app(
+  oas_path,
+  namespace: Web,
+  raise_error: OpenapiFirst.env == 'test'
+)

data/lib/openapi_first.rb

@@ -9,7 +9,7 @@ require 'openapi_first/router'
 require 'openapi_first/request_validation'
 require 'openapi_first/response_validator'
 require 'openapi_first/response_validation'
-require 'openapi_first/operation_resolver'
+require 'openapi_first/responder'
 require 'openapi_first/app'
 
 module OpenapiFirst
@@ -19,6 +19,10 @@ module OpenapiFirst
   INBOX = 'openapi_first.inbox'
   HANDLER = 'openapi_first.handler'
 
+  def self.env
+    ENV['RACK_ENV'] || ENV['HANAMI_ENV'] || ENV['RAILS_ENV']
+  end
+
   def self.load(spec_path, only: nil)
     content = YAML.load_file(spec_path)
     raw = OasParser::Parser.new(spec_path, content).resolve
@@ -27,14 +31,14 @@ module OpenapiFirst
     Definition.new(parsed)
   end
 
-  def self.app(spec, namespace:)
+  def self.app(spec, namespace:, raise_error: false)
     spec = OpenapiFirst.load(spec) if spec.is_a?(String)
-    App.new(nil, spec, namespace: namespace)
+    App.new(nil, spec, namespace: namespace, raise_error: raise_error)
   end
 
-  def self.middleware(spec, namespace:)
+  def self.middleware(spec, namespace:, raise_error: false)
     spec = OpenapiFirst.load(spec) if spec.is_a?(String)
-    AppWithOptions.new(spec, namespace: namespace)
+    AppWithOptions.new(spec, namespace: namespace, raise_error: raise_error)
   end
 
   class AppWithOptions
@@ -50,7 +54,41 @@ module OpenapiFirst
 
   class Error < StandardError; end
   class NotFoundError < Error; end
-  class ResponseCodeNotFoundError < Error; end
-  class ResponseMediaTypeNotFoundError < Error; end
-  class ResponseBodyInvalidError < Error; end
+  class NotImplementedError < RuntimeError; end
+  class ResponseInvalid < Error; end
+  class ResponseCodeNotFoundError < ResponseInvalid; end
+  class ResponseContentTypeNotFoundError < ResponseInvalid; end
+  class ResponseBodyInvalidError < ResponseInvalid; end
+
+  class RequestInvalidError < Error
+    def initialize(serialized_errors)
+      message = error_message(serialized_errors)
+      super message
+    end
+
+    private
+
+    def error_message(errors)
+      errors.map do |error|
+        [human_source(error), human_error(error)].compact.join(' ')
+      end.join(', ')
+    end
+
+    def human_source(error)
+      return unless error[:source]
+
+      source_key = error[:source].keys.first
+      source = {
+        pointer: 'Request body invalid:',
+        parameter: 'Query parameter invalid:'
+      }.fetch(source_key, source_key)
+      name = error[:source].values.first
+      source += " #{name}" unless name.nil? || name.empty?
+      source
+    end
+
+    def human_error(error)
+      error[:title]
+    end
+  end
 end

data/lib/openapi_first/app.rb

@@ -5,16 +5,13 @@ require 'logger'
 
 module OpenapiFirst
   class App
-    def initialize(
-      parent_app,
-      spec,
-      namespace:
-    )
+    def initialize(parent_app, spec, namespace:, raise_error:)
       @stack = Rack::Builder.app do
         freeze_app
-        use OpenapiFirst::Router, spec: spec, parent_app: parent_app
-        use OpenapiFirst::RequestValidation
-        run OpenapiFirst::OperationResolver.new(
+        use OpenapiFirst::Router, spec: spec, raise_error: raise_error, parent_app: parent_app
+        use OpenapiFirst::RequestValidation, raise_error: raise_error
+        use OpenapiFirst::ResponseValidation if raise_error
+        run OpenapiFirst::Responder.new(
           spec: spec,
           namespace: namespace
         )

data/lib/openapi_first/definition.rb

@@ -14,17 +14,5 @@ module OpenapiFirst
     def operations
       @spec.endpoints.map { |e| Operation.new(e) }
     end
-
-    def find_operation!(request)
-      @spec
-        .path_by_path(request.path)
-        .endpoint_by_method(request.request_method.downcase)
-    end
-
-    def find_operation(request)
-      find_operation!(request)
-    rescue OasParser::PathNotFound, OasParser::MethodNotFound
-      nil
-    end
   end
 end

data/lib/openapi_first/find_handler.rb

@@ -5,14 +5,10 @@ require_relative 'utils'
 module OpenapiFirst
   class FindHandler
     def initialize(spec, namespace)
-      @spec = spec
       @namespace = namespace
-    end
-
-    def all
-      @spec.operations.each_with_object({}) do |operation, hash|
+      @handlers = spec.operations.each_with_object({}) do |operation, hash|
         operation_id = operation.operation_id
-        handler = find_by_operation_id(operation_id)
+        handler = find_handler(operation_id)
         if handler.nil?
           warn "#{self.class.name} cannot not find handler for '#{operation.operation_id}' (#{operation.method} #{operation.path}). This operation will be ignored." # rubocop:disable Layout/LineLength
           next
@@ -21,22 +17,17 @@ module OpenapiFirst
       end
     end
 
-    def find_by_operation_id(operation_id) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+    def [](operation_id)
+      @handlers[operation_id]
+    end
+
+    def find_handler(operation_id)
       name = operation_id.match(/:*(.*)/)&.to_a&.at(1)
       return if name.nil?
 
-      if name.include?('.')
-        module_name, method_name = name.split('.')
-        klass = find_const(@namespace, module_name)
-        return klass&.method(Utils.underscore(method_name))
-      end
-      if name.include?('#')
-        module_name, klass_name = name.split('#')
-        const = find_const(@namespace, module_name)
-        klass = find_const(const, klass_name)
-        return ->(params, res) { klass.new.call(params, res) } if klass.instance_method(:initialize).arity.zero?
-
-        return ->(params, res) { klass.new(params.env).call(params, res) }
+      catch :halt do
+        return find_class_method_handler(name) if name.include?('.')
+        return find_instance_method_handler(name) if name.include?('#')
       end
       method_name = Utils.underscore(name)
       return unless @namespace.respond_to?(method_name)
@@ -44,11 +35,24 @@ module OpenapiFirst
       @namespace.method(method_name)
     end
 
-    private
+    def find_class_method_handler(name)
+      module_name, method_name = name.split('.')
+      klass = find_const(@namespace, module_name)
+      klass.method(Utils.underscore(method_name))
+    end
+
+    def find_instance_method_handler(name)
+      module_name, klass_name = name.split('#')
+      const = find_const(@namespace, module_name)
+      klass = find_const(const, klass_name)
+      return ->(params, res) { klass.new.call(params, res) } if klass.instance_method(:initialize).arity.zero?
+
+      ->(params, res) { klass.new(params.env).call(params, res) }
+    end
 
     def find_const(parent, name)
       name = Utils.classify(name)
-      return unless parent.const_defined?(name, false)
+      throw :halt unless parent.const_defined?(name, false)
 
       parent.const_get(name, false)
     end

data/lib/openapi_first/operation.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'forwardable'
+require 'json_schemer'
 require_relative 'utils'
 require_relative 'response_object'
 
@@ -25,6 +26,10 @@ module OpenapiFirst
       @parameters_json_schema ||= build_parameters_json_schema
     end
 
+    def parameters_schema
+      @parameters_schema ||= parameters_json_schema && JSONSchemer.schema(parameters_json_schema)
+    end
+
     def content_type_for(status)
       content = response_for(status)['content']
       content.keys[0] if content
@@ -36,8 +41,8 @@ module OpenapiFirst
 
       media_type = content[content_type]
       unless media_type
-        message = "Response media type found: '#{content_type}' for '#{operation_name}'"
-        raise ResponseMediaTypeNotFoundError, message
+        message = "Response content type not found '#{content_type}' for '#{name}'"
+        raise ResponseContentTypeNotFoundError, message
       end
       media_type['schema']
     end
@@ -45,16 +50,16 @@ module OpenapiFirst
     def response_for(status)
       @operation.response_by_code(status.to_s, use_default: true).raw
     rescue OasParser::ResponseCodeNotFound
-      message = "Response status code or default not found: #{status} for '#{operation_name}'"
+      message = "Response status code or default not found: #{status} for '#{name}'"
       raise OpenapiFirst::ResponseCodeNotFoundError, message
     end
 
-    private
-
-    def operation_name
-      "#{method.upcase} #{path}"
+    def name
+      "#{method.upcase} #{path} (#{operation_id})"
     end
 
+    private
+
     def build_parameters_json_schema
       return unless @operation.parameters&.any?
 

data/lib/openapi_first/request_validation.rb

@@ -4,12 +4,16 @@ require 'rack'
 require 'json_schemer'
 require 'multi_json'
 require_relative 'inbox'
+require_relative 'router_required'
 require_relative 'validation_format'
 
 module OpenapiFirst
   class RequestValidation # rubocop:disable Metrics/ClassLength
-    def initialize(app, _options = {})
+    prepend RouterRequired
+
+    def initialize(app, raise_error: false)
       @app = app
+      @raise = raise_error
     end
 
     def call(env) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
@@ -46,32 +50,32 @@ module OpenapiFirst
 
       parsed_request_body = parse_request_body!(body)
       errors = validate_json_schema(schema, parsed_request_body)
-      halt(error_response(400, serialize_request_body_errors(errors))) if errors.any?
+      halt_with_error(400, serialize_request_body_errors(errors)) if errors.any?
       env[INBOX].merge! env[REQUEST_BODY] = parsed_request_body
     end
 
     def parse_request_body!(body)
-      MultiJson.load(body)
+      MultiJson.load(body, symbolize_keys: true)
     rescue MultiJson::ParseError => e
       err = { title: 'Failed to parse body as JSON' }
       err[:detail] = e.cause unless ENV['RACK_ENV'] == 'production'
-      halt(error_response(400, [err]))
+      halt_with_error(400, [err])
     end
 
     def validate_request_content_type!(content_type, operation)
       return if operation.request_body.content[content_type]
 
-      halt(error_response(415))
+      halt_with_error(415)
     end
 
     def validate_request_body_presence!(body, operation)
       return unless operation.request_body.required && body.empty?
 
-      halt(error_response(415, 'Request body is required'))
+      halt_with_error(415, 'Request body is required')
     end
 
     def validate_json_schema(schema, object)
-      JSONSchemer.schema(schema).validate(object)
+      schema.validate(Utils.deep_stringify(object))
     end
 
     def default_error(status, title = Rack::Utils::HTTP_STATUS_CODES[status])
@@ -81,8 +85,10 @@ module OpenapiFirst
       }
     end
 
-    def error_response(status, errors = [default_error(status)])
-      Rack::Response.new(
+    def halt_with_error(status, errors = [default_error(status)])
+      raise RequestInvalidError, errors if @raise
+
+      halt Rack::Response.new(
         MultiJson.dump(errors: errors),
         status,
         Rack::CONTENT_TYPE => 'application/vnd.api+json'
@@ -92,7 +98,8 @@ module OpenapiFirst
     def request_body_schema(content_type, operation)
       return unless operation
 
-      operation.request_body.content[content_type]&.fetch('schema')
+      schema = operation.request_body.content[content_type]&.fetch('schema')
+      JSONSchemer.schema(schema) if schema
     end
 
     def serialize_request_body_errors(validation_errors)
@@ -110,8 +117,11 @@ module OpenapiFirst
       return unless json_schema
 
       params = filtered_params(json_schema, params)
-      errors = JSONSchemer.schema(json_schema).validate(params)
-      halt error_response(400, serialize_query_parameter_errors(errors)) if errors.any?
+      errors = validate_json_schema(
+        operation.parameters_schema,
+        params
+      )
+      halt_with_error(400, serialize_query_parameter_errors(errors)) if errors.any?
       env[PARAMETERS] = params
       env[INBOX].merge! params
     end
@@ -119,7 +129,8 @@ module OpenapiFirst
     def filtered_params(json_schema, params)
       json_schema['properties']
         .each_with_object({}) do |key_value, result|
-          parameter_name, schema = key_value
+          parameter_name = key_value[0].to_sym
+          schema = key_value[1]
           next unless params.key?(parameter_name)
 
           value = params[parameter_name]

data/lib/openapi_first/{operation_resolver.rb → responder.rb}

@@ -5,16 +5,16 @@ require_relative 'inbox'
 require_relative 'find_handler'
 
 module OpenapiFirst
-  class OperationResolver
-    def initialize(spec:, namespace:)
-      @handlers = FindHandler.new(spec, namespace).all
+  class Responder
+    def initialize(spec:, namespace:, resolver: FindHandler.new(spec, namespace))
+      @resolver = resolver
       @namespace = namespace
     end
 
     def call(env)
       operation = env[OpenapiFirst::OPERATION]
       res = Rack::Response.new
-      handler = @handlers[operation.operation_id]
+      handler = find_handler(operation)
       result = handler.call(env[INBOX], res)
       res.write serialize(result) if result && res.body.empty?
       res[Rack::CONTENT_TYPE] ||= operation.content_type_for(res.status)
@@ -23,10 +23,24 @@ module OpenapiFirst
 
     private
 
+    def find_handler(operation)
+      handler = @resolver[operation.operation_id]
+      raise NotImplementedError, "Could not find handler for #{operation.name}" unless handler
+
+      handler
+    end
+
     def serialize(result)
       return result if result.is_a?(String)
 
       MultiJson.dump(result)
     end
   end
+
+  class OperationResolver < Responder
+    def initialize(spec:, namespace:)
+      warn "#{self.class.name} was renamed to #{OpenapiFirst::Responder.name}"
+      super
+    end
+  end
 end

data/lib/openapi_first/response_validation.rb

@@ -2,10 +2,13 @@
 
 require 'json_schemer'
 require 'multi_json'
+require_relative 'router_required'
 require_relative 'validation'
 
 module OpenapiFirst
   class ResponseValidation
+    prepend RouterRequired
+
     def initialize(app)
       @app = app
     end
@@ -14,103 +17,47 @@ module OpenapiFirst
       operation = env[OPERATION]
       return @app.call(env) unless operation
 
-      status, headers, body = @app.call(env)
+      response = @app.call(env)
+      validate(response, operation)
+      response
+    end
+
+    def validate(response, operation)
+      status, headers, body = response.to_a
+      return validate_status_only(operation, status) if status == 204
+
       content_type = headers[Rack::CONTENT_TYPE]
+      raise ResponseInvalid, "Response has no content-type for '#{operation.name}'" unless content_type
+
       response_schema = operation.response_schema_for(status, content_type)
       validate_response_body(response_schema, body) if response_schema
-
-      [status, headers, body]
     end
 
     private
 
-    def halt(status, body = '')
-      throw :halt, [status, {}, body]
-    end
-
-    def error(message)
-      { title: message }
-    end
-
-    def error_response(status, errors)
-      Rack::Response.new(
-        MultiJson.dump(errors: errors),
-        status,
-        Rack::CONTENT_TYPE => 'application/vnd.api+json'
-      ).finish
+    def validate_status_only(operation, status)
+      operation.response_for(status)
     end
 
     def validate_response_body(schema, response)
       full_body = +''
       response.each { |chunk| full_body << chunk }
-      data = full_body.empty? ? {} : MultiJson.load(full_body)
+      data = full_body.empty? ? {} : load_json(full_body)
       errors = JSONSchemer.schema(schema).validate(data).to_a.map do |error|
-        format_error(error)
+        error_message_for(error)
       end
       raise ResponseBodyInvalidError, errors.join(', ') if errors.any?
     end
 
-    def format_error(error)
-      err = ValidationFormat.error_details(error)
-      [err[:title], 'at', error['data_pointer'], err[:detail]].compact.join(' ')
-    end
-  end
-end
-
-# frozen_string_literal: true
-
-require 'json_schemer'
-require 'multi_json'
-require_relative 'validation'
-
-module OpenapiFirst
-  class ResponseValidator
-    def initialize(spec)
-      @spec = spec
-    end
-
-    def validate(request, response)
-      errors = validation_errors(request, response)
-      Validation.new(errors || [])
-    rescue OasParser::ResponseCodeNotFound, OasParser::MethodNotFound => e
-      Validation.new([e.message])
+    def load_json(string)
+      MultiJson.load(string)
+    rescue MultiJson::ParseError
+      string
     end
 
-    private
-
-    def validation_errors(request, response)
-      content = response_for(request, response)&.content
-      return unless content
-
-      content_type = content[response.content_type]
-      return ["Content type not found: '#{response.content_type}'"] unless content_type
-
-      response_schema = content_type['schema']
-      return unless response_schema
-
-      response_data = MultiJson.load(response.body)
-      validate_json_schema(response_schema, response_data)
-    end
-
-    def validate_json_schema(schema, data)
-      JSONSchemer.schema(schema).validate(data).to_a.map do |error|
-        format_error(error)
-      end
-    end
-
-    def format_error(error)
-      ValidationFormat.error_details(error)
-                      .merge!(
-                        data_pointer: error['data_pointer'],
-                        schema_pointer: error['schema_pointer']
-                      ).tap do |formatted|
-      end
-    end
-
-    def response_for(request, response)
-      @spec
-        .find_operation!(request)
-        &.response_by_code(response.status.to_s, use_default: true)
+    def error_message_for(error)
+      err = ValidationFormat.error_details(error)
+      [err[:title], error['data_pointer'], err[:detail]].compact.join(' ')
     end
   end
 end