openapi_first 0.12.5 → 0.14.0

data/benchmarks/apps/committee.ru

@@ -1,30 +1,26 @@
 # frozen_string_literal: true
 
-require 'committee'
-require 'syro'
 require 'multi_json'
+require 'committee'
+require 'hanami/api'
 
-app = Syro.new do
-  on 'hello' do
-    on :id do
-      get do
-        res.json MultiJson.dump(hello: 'world', id: inbox[:id])
-      end
-    end
+app = Class.new(Hanami::API) do
+  get '/hello/:id' do
+    json(hello: 'world', id: params.fetch(:id))
+  end
 
-    get do
-      res.json [MultiJson.dump(hello: 'world')]
-    end
+  get '/hello' do
+    json([{ hello: 'world' }])
+  end
 
-    post do
-      res.status = 201
-      res.json MultiJson.dump(hello: 'world')
-    end
+  post '/hello' do
+    status 201
+    json(hello: 'world')
   end
-end
+end.new
 
 use Committee::Middleware::RequestValidation,
     schema_path: './apps/openapi.yaml',
-    coerce_date_times: false
+    parse_response_by_content_type: true
 
 run app

data/benchmarks/apps/hanami_api.ru

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'multi_json'
+require 'hanami/api'
+
+app = Class.new(Hanami::API) do
+  get '/hello/:id' do
+    json(hello: 'world', id: params.fetch(:id))
+  end
+
+  get '/hello' do
+    json([{ hello: 'world' }])
+  end
+
+  post '/hello' do
+    status 201
+    json(hello: 'world')
+  end
+end.new
+
+run app

data/benchmarks/apps/hanami_router.ru

@@ -4,7 +4,7 @@ require 'hanami/router'
 require 'multi_json'
 
 app = Hanami::Router.new do
-  get '/hello', to: ->(_env) { [200, {}, [MultiJson.dump(hello: 'world')]] }
+  get '/hello', to: ->(_env) { [200, {}, [MultiJson.dump([{ hello: 'world' }])]] }
   get '/hello/:id', to: lambda { |env|
     [200, {}, [MultiJson.dump(hello: 'world', id: env['router.params'][:id])]]
   }

data/benchmarks/apps/sinatra.ru

@@ -13,7 +13,7 @@ class SinatraExample < Sinatra::Base
 
   get '/hello' do
     content_type :json
-    [MultiJson.dump(hello: 'world')]
+    MultiJson.dump([{ hello: 'world' }])
   end
 
   post '/hello' do

data/benchmarks/apps/syro.ru

@@ -7,17 +7,17 @@ app = Syro.new do
   on 'hello' do
     on :id do
       get do
-        res.json MultiJson.dump(hello: 'world', id: inbox[:id])
+        res.json({ hello: 'world', id: inbox[:id] })
       end
     end
 
     get do
-      res.json [MultiJson.dump(hello: 'world')]
+      res.json([{ hello: 'world' }])
     end
 
     post do
       res.status = 201
-      res.json MultiJson.dump(hello: 'world')
+      res.json({ hello: 'world' })
     end
   end
 end

data/benchmarks/benchmarks.rb

@@ -19,28 +19,25 @@ apps = Dir['./apps/*.ru'].each_with_object({}) do |config, hash|
 end
 apps.freeze
 
+bench = lambda do |app|
+  examples.each do |example|
+    env, expected_status = example
+    100.times { app.call(env) }
+    response = app.call(env)
+    raise unless response[0] == expected_status
+  end
+end
+
 Benchmark.ips do |x|
   apps.each do |config, app|
-    x.report(config) do
-      examples.each do |example|
-        env, expected_status = example
-        response = app.call(env)
-        raise unless response[0] == expected_status
-      end
-    end
+    x.report(config) { bench.call(app) }
   end
   x.compare!
 end
 
 Benchmark.memory do |x|
   apps.each do |config, app|
-    x.report(config) do
-      examples.each do |example|
-        env, expected_status = example
-        response = app.call(env)
-        raise unless response[0] == expected_status
-      end
-    end
+    x.report(config) { bench.call(app) }
   end
   x.compare!
 end

data/lib/openapi_first.rb

@@ -25,10 +25,9 @@ module OpenapiFirst
 
   def self.load(spec_path, only: nil)
     content = YAML.load_file(spec_path)
-    raw = OasParser::Parser.new(spec_path, content).resolve
-    raw['paths'].filter!(&->(key, _) { only.call(key) }) if only
-    parsed = OasParser::Definition.new(raw, spec_path)
-    Definition.new(parsed)
+    resolved = OasParser::Parser.new(spec_path, content).resolve
+    resolved['paths'].filter!(&->(key, _) { only.call(key) }) if only
+    Definition.new(resolved, spec_path)
   end
 
   def self.app(
@@ -78,11 +77,17 @@ module OpenapiFirst
   end
 
   class Error < StandardError; end
+
   class NotFoundError < Error; end
+
   class NotImplementedError < RuntimeError; end
+
   class ResponseInvalid < Error; end
+
   class ResponseCodeNotFoundError < ResponseInvalid; end
+
   class ResponseContentTypeNotFoundError < ResponseInvalid; end
+
   class ResponseBodyInvalidError < ResponseInvalid; end
 
   class RequestInvalidError < Error

data/lib/openapi_first/app.rb

@@ -11,17 +11,15 @@ module OpenapiFirst
       namespace:,
       router_raise_error: false,
       request_validation_raise_error: false,
-      response_validation: false
+      response_validation: false,
+      resolver: nil
     )
       @stack = Rack::Builder.app do
         freeze_app
         use OpenapiFirst::Router, spec: spec, raise_error: router_raise_error, parent_app: parent_app
         use OpenapiFirst::RequestValidation, raise_error: request_validation_raise_error
         use OpenapiFirst::ResponseValidation if response_validation
-        run OpenapiFirst::Responder.new(
-          spec: spec,
-          namespace: namespace
-        )
+        run OpenapiFirst::Responder.new(namespace: namespace, resolver: resolver)
       end
     end
 

data/lib/openapi_first/{find_handler.rb → default_operation_resolver.rb}

@@ -3,22 +3,14 @@
 require_relative 'utils'
 
 module OpenapiFirst
-  class FindHandler
-    def initialize(spec, namespace)
+  class DefaultOperationResolver
+    def initialize(namespace)
       @namespace = namespace
-      @handlers = spec.operations.each_with_object({}) do |operation, hash|
-        operation_id = operation.operation_id
-        handler = find_handler(operation_id)
-        if handler.nil?
-          warn "#{self.class.name} cannot not find handler for '#{operation.operation_id}' (#{operation.method} #{operation.path}). This operation will be ignored." # rubocop:disable Layout/LineLength
-          next
-        end
-        hash[operation_id] = handler
-      end
+      @handlers = {}
     end
 
-    def [](operation_id)
-      @handlers[operation_id]
+    def call(operation)
+      @handlers[operation.name] ||= find_handler(operation['x-handler'] || operation['operationId'])
     end
 
     def find_handler(operation_id)

data/lib/openapi_first/definition.rb

@@ -4,15 +4,16 @@ require_relative 'operation'
 
 module OpenapiFirst
   class Definition
-    attr_reader :filepath
+    attr_reader :filepath, :operations
 
-    def initialize(parsed)
-      @filepath = parsed.path
-      @spec = parsed
-    end
-
-    def operations
-      @spec.endpoints.map { |e| Operation.new(e) }
+    def initialize(resolved, filepath)
+      @filepath = filepath
+      methods = %w[get head post put patch delete trace options]
+      @operations = resolved['paths'].flat_map do |path, path_item|
+        path_item.slice(*methods).map do |request_method, _operation_object|
+          Operation.new(path, request_method, path_item)
+        end
+      end
     end
   end
 end

data/lib/openapi_first/operation.rb

@@ -2,32 +2,49 @@
 
 require 'forwardable'
 require 'json_schemer'
+require_relative 'schema_validation'
 require_relative 'utils'
 require_relative 'response_object'
 
 module OpenapiFirst
-  class Operation
+  class Operation # rubocop:disable Metrics/ClassLength
     extend Forwardable
-    def_delegators :@operation,
-                   :parameters,
-                   :method,
-                   :request_body,
-                   :operation_id
+    def_delegators :operation_object,
+                   :[],
+                   :dig
 
-    def initialize(parsed)
-      @operation = parsed
+    WRITE_METHODS = Set.new(%w[post put patch delete]).freeze
+    private_constant :WRITE_METHODS
+
+    attr_reader :path, :method
+
+    def initialize(path, request_method, path_item_object)
+      @path = path
+      @method = request_method
+      @path_item_object = path_item_object
+    end
+
+    def operation_id
+      operation_object['operationId']
     end
 
-    def path
-      @operation.path.path
+    def read?
+      !write?
     end
 
-    def parameters_json_schema
-      @parameters_json_schema ||= build_parameters_json_schema
+    def write?
+      WRITE_METHODS.include?(method)
+    end
+
+    def request_body
+      operation_object['requestBody']
     end
 
     def parameters_schema
-      @parameters_schema ||= parameters_json_schema && JSONSchemer.schema(parameters_json_schema)
+      @parameters_schema ||= begin
+        parameters_json_schema = build_parameters_json_schema
+        parameters_json_schema && SchemaValidation.new(parameters_json_schema)
+      end
     end
 
     def content_type_for(status)
@@ -42,22 +59,28 @@ module OpenapiFirst
       raise ResponseInvalid, "Response has no content-type for '#{name}'" unless content_type
 
       media_type = find_content_for_content_type(content, content_type)
+
       unless media_type
         message = "Response content type not found '#{content_type}' for '#{name}'"
         raise ResponseContentTypeNotFoundError, message
       end
-      media_type['schema']
+      schema = media_type['schema']
+      SchemaValidation.new(schema, write: false) if schema
     end
 
-    def request_body_schema_for(request_content_type)
-      content = @operation.request_body.content
+    def request_body_schema(request_content_type)
+      content = operation_object.dig('requestBody', 'content')
       media_type = find_content_for_content_type(content, request_content_type)
-      media_type&.fetch('schema', nil)
+      schema = media_type&.fetch('schema', nil)
+      return unless schema
+
+      SchemaValidation.new(schema, write: write?)
     end
 
     def response_for(status)
-      @operation.response_by_code(status.to_s, use_default: true).raw
-    rescue OasParser::ResponseCodeNotFound
+      response_content = response_by_code(status)
+      return response_content if response_content
+
       message = "Response status code or default not found: #{status} for '#{name}'"
       raise OpenapiFirst::ResponseCodeNotFoundError, message
     end
@@ -68,6 +91,15 @@ module OpenapiFirst
 
     private
 
+    def response_by_code(status)
+      operation_object.dig('responses', status.to_s) ||
+        operation_object.dig('responses', 'default')
+    end
+
+    def operation_object
+      @path_item_object[method]
+    end
+
     def find_content_for_content_type(content, request_content_type)
       content.fetch(request_content_type) do |_|
         type = request_content_type.split(';')[0]
@@ -76,24 +108,32 @@ module OpenapiFirst
     end
 
     def build_parameters_json_schema
-      return unless @operation.parameters&.any?
+      parameters = all_parameters
+      return unless parameters&.any?
 
-      @operation.parameters.each_with_object(new_node) do |parameter, schema|
-        params = Rack::Utils.parse_nested_query(parameter.name)
+      parameters.each_with_object(new_node) do |parameter, schema|
+        params = Rack::Utils.parse_nested_query(parameter['name'])
         generate_schema(schema, params, parameter)
       end
     end
 
-    def generate_schema(schema, params, parameter) # rubocop:disable Metrics/MethodLength
+    def all_parameters
+      parameters = @path_item_object['parameters'] || []
+      parameters_on_operation = operation_object['parameters']
+      parameters.concat(parameters_on_operation) if parameters_on_operation
+      parameters
+    end
+
+    def generate_schema(schema, params, parameter)
       required = Set.new(schema['required'])
       params.each do |key, value|
-        required << key if parameter.required
+        required << key if parameter['required']
         if value.is_a? Hash
           property_schema = new_node
           generate_schema(property_schema, value, parameter)
           Utils.deep_merge!(schema['properties'], { key => property_schema })
         else
-          schema['properties'][key] = parameter.schema
+          schema['properties'][key] = parameter['schema']
         end
       end
       schema['required'] = required.to_a

data/lib/openapi_first/request_validation.rb

@@ -16,7 +16,7 @@ module OpenapiFirst
       @raise = raise_error
     end
 
-    def call(env) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+    def call(env) # rubocop:disable Metrics/AbcSize
       operation = env[OpenapiFirst::OPERATION]
       return @app.call(env) unless operation
 
@@ -45,17 +45,17 @@ module OpenapiFirst
       validate_request_body_presence!(body, operation)
       return if body.empty?
 
-      schema = request_body_schema(content_type, operation)
+      schema = operation&.request_body_schema(content_type)
       return unless schema
 
       parsed_request_body = parse_request_body!(body)
-      errors = validate_json_schema(schema, parsed_request_body)
+      errors = schema.validate(parsed_request_body)
       halt_with_error(400, serialize_request_body_errors(errors)) if errors.any?
-      env[INBOX].merge! env[REQUEST_BODY] = parsed_request_body
+      env[INBOX].merge! env[REQUEST_BODY] = Utils.deep_symbolize(parsed_request_body)
     end
 
     def parse_request_body!(body)
-      MultiJson.load(body, symbolize_keys: true)
+      MultiJson.load(body)
     rescue MultiJson::ParseError => e
       err = { title: 'Failed to parse body as JSON' }
       err[:detail] = e.cause unless ENV['RACK_ENV'] == 'production'
@@ -63,21 +63,17 @@ module OpenapiFirst
     end
 
     def validate_request_content_type!(content_type, operation)
-      return if operation.request_body.content[content_type]
+      return if operation.request_body.dig('content', content_type)
 
       halt_with_error(415)
     end
 
     def validate_request_body_presence!(body, operation)
-      return unless operation.request_body.required && body.empty?
+      return unless operation.request_body['required'] && body.empty?
 
       halt_with_error(415, 'Request body is required')
     end
 
-    def validate_json_schema(schema, object)
-      schema.validate(Utils.deep_stringify(object))
-    end
-
     def default_error(status, title = Rack::Utils::HTTP_STATUS_CODES[status])
       {
         status: status.to_s,
@@ -95,14 +91,6 @@ module OpenapiFirst
       ).finish
     end
 
-    def request_body_schema(content_type, operation)
-      return unless operation
-
-      schema = operation.request_body_schema_for(content_type)
-
-      JSONSchemer.schema(schema) if schema
-    end
-
     def serialize_request_body_errors(validation_errors)
       validation_errors.map do |error|
         {
@@ -114,14 +102,11 @@ module OpenapiFirst
     end
 
     def validate_query_parameters!(env, operation, params)
-      json_schema = operation.parameters_json_schema
-      return unless json_schema
-
-      params = filtered_params(json_schema, params)
-      errors = validate_json_schema(
-        operation.parameters_schema,
-        params
-      )
+      schema = operation.parameters_schema
+      return unless schema
+
+      params = filtered_params(schema.raw_schema, params)
+      errors = schema.validate(Utils.deep_stringify(params))
       halt_with_error(400, serialize_query_parameter_errors(errors)) if errors.any?
       env[PARAMETERS] = params
       env[INBOX].merge! params
@@ -141,8 +126,9 @@ module OpenapiFirst
 
     def serialize_query_parameter_errors(validation_errors)
       validation_errors.map do |error|
+        pointer = error['data_pointer'][1..].to_s
         {
-          source: { parameter: File.basename(error['data_pointer']) }
+          source: { parameter: pointer }
         }.update(ValidationFormat.error_details(error))
       end
     end
@@ -150,14 +136,27 @@ module OpenapiFirst
     def parse_parameter(value, schema)
       return filtered_params(schema, value) if schema['properties']
 
+      return parse_array_parameter(value, schema) if schema['type'] == 'array'
+
+      parse_simple_value(value, schema)
+    end
+
+    def parse_array_parameter(value, schema)
+      array = value.is_a?(Array) ? value : value.split(',')
+      return array unless schema['items']
+
+      array.map! { |e| parse_simple_value(e, schema['items']) }
+    end
+
+    def parse_simple_value(value, schema)
+      return to_boolean(value) if schema['type'] == 'boolean'
+
       begin
         return Integer(value, 10) if schema['type'] == 'integer'
         return Float(value) if schema['type'] == 'number'
       rescue ArgumentError
         value
       end
-      return to_boolean(value) if schema['type'] == 'boolean'
-
       value
     end