openapi_first 0.20.0 → 0.21.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 033e7d24a78ecd8cd0c98bad90e49949612c47a2d0b83791cca3ec7149e91ff6
-  data.tar.gz: f2092ebe5ee49b86b9745c2a1d27d4a71b798ed1d91f1fad6ea8cc9750f3ddff
+  metadata.gz: 0b8b03aaa251de1bdb5cbba71de089bf1ffc6b9dbb96512008f88e783c3cea27
+  data.tar.gz: 02eb6cec864e9b5ed272d4392b31fd9e006713d3a8b00df9b26e9a52fa68e555
 SHA512:
-  metadata.gz: fc80eff5d2f0c30d1df07d9e7d58cec4dfab41b05467e503dfc4200c11670fe336d1f7ac723b770798708006419ddc1da689ce862b12385d673f03f9a4d4aef4
-  data.tar.gz: dbf86b5ce8a3b23f12af0311a5bad788b0b9841deff4f8170fe7de17acbad230b9a65806abf7eb73958bd123a76820f54b84f92a2c09a2dd54364c47bf5203f9
+  metadata.gz: e37e99e982f0ead9d54587683fa74491e69998f520b1cfb4993c9e1ee81273537dfdf1751c77daef856ab3c3051660589d2f8ac6e58508fd11d3ea130734d2a5
+  data.tar.gz: 6944ae2444da29928eeb12e70326505aa154f1c36a09f033083098b1e34be766b075257fd2459b94574370fa8cc417ef488f74dafcec6026eaab07a47f471445

data/.rubocop.yml

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.6
+  TargetRubyVersion: 3.0.5
   NewCops: enable
   SuggestExtensions: false
 Style/Documentation:

data/CHANGELOG.md

@@ -2,7 +2,15 @@
 
 ## Unreleased
 
+## 0.21.0
+
+- Fix: Query parameter validation does not fail if header parameters are defined (Thanks to [JF Lalonde](https://github.com/JF-Lalonde))
+- Update Ruby dependency to >= 3.0.5
+- Handle simple form-data in request bodies (see https://github.com/ahx/openapi_first/issues/149)
+- Update to hanami-router 2.0.0 stable
+
 ## 0.20.0
+
 - You can pass a filepath to `spec:` now so you no longer have to call `OpenapiFirst.load` anymore.
 - Router is optional now.
   You no longer have to add `Router` to your middleware stack. You still can add it to customize behaviour by setting options, but you no longer have to add it.
@@ -49,7 +57,7 @@ Yanked. No useful changes.
 
 ## 0.14.1
 
-- Bugfix: Don't mix path- and operation-level parameters for request validation
+- Fix: Don't mix path- and operation-level parameters for request validation
 
 ## 0.14.0
 

data/Gemfile.lock

@@ -1,10 +1,10 @@
 PATH
   remote: .
   specs:
-    openapi_first (0.20.0)
+    openapi_first (0.21.0)
       deep_merge (>= 1.2.1)
-      hanami-router (= 2.0.alpha5)
-      hanami-utils (= 2.0.alpha3)
+      hanami-router (~> 2.0.0)
+      hanami-utils (~> 2.0.0)
       json_refs (~> 0.1, >= 0.1.7)
       json_schemer (~> 0.2.16)
       multi_json (~> 1.14)
@@ -15,78 +15,84 @@ GEM
   specs:
     ast (2.4.2)
     coderay (1.1.3)
-    concurrent-ruby (1.1.10)
+    concurrent-ruby (1.2.2)
     deep_merge (1.2.2)
     diff-lcs (1.5.0)
-    dry-transformer (0.1.1)
+    dry-core (1.0.0)
+      concurrent-ruby (~> 1.0)
+      zeitwerk (~> 2.6)
+    dry-transformer (1.0.1)
+      zeitwerk (~> 2.6)
     ecma-re-validator (0.4.0)
       regexp_parser (~> 2.2)
     hana (1.3.7)
-    hanami-router (2.0.0.alpha5)
-      mustermann (~> 1.0)
-      mustermann-contrib (~> 1.0)
+    hanami-router (2.0.2)
+      mustermann (~> 3.0)
+      mustermann-contrib (~> 3.0)
       rack (~> 2.0)
-    hanami-utils (2.0.0.alpha3)
+    hanami-utils (2.0.3)
       concurrent-ruby (~> 1.0)
-      dry-transformer (~> 0.1)
+      dry-core (~> 1.0, < 2)
+      dry-transformer (~> 1.0, < 2)
     hansi (0.2.1)
-    json (2.6.2)
+    json (2.6.3)
     json_refs (0.1.7)
       hana
-    json_schemer (0.2.22)
+    json_schemer (0.2.24)
       ecma-re-validator (~> 0.3)
       hana (~> 1.3)
       regexp_parser (~> 2.0)
       uri_template (~> 0.7)
     method_source (1.0.0)
     multi_json (1.15.0)
-    mustermann (1.1.2)
+    mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
-    mustermann-contrib (1.1.2)
+    mustermann-contrib (3.0.0)
       hansi (~> 0.2.0)
-      mustermann (= 1.1.2)
+      mustermann (= 3.0.0)
     parallel (1.22.1)
-    parser (3.1.2.1)
+    parser (3.2.1.0)
       ast (~> 2.4.1)
-    pry (0.14.1)
+    pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    rack (2.2.4)
+    rack (2.2.6.2)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rainbow (3.1.1)
     rake (13.0.6)
-    regexp_parser (2.6.0)
+    regexp_parser (2.7.0)
     rexml (3.2.5)
     rspec (3.12.0)
       rspec-core (~> 3.12.0)
       rspec-expectations (~> 3.12.0)
       rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.0)
+    rspec-core (3.12.1)
       rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.0)
+    rspec-expectations (3.12.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.0)
+    rspec-mocks (3.12.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
     rspec-support (3.12.0)
-    rubocop (1.37.1)
+    rubocop (1.45.1)
       json (~> 2.3)
       parallel (~> 1.10)
-      parser (>= 3.1.2.1)
+      parser (>= 3.2.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.23.0, < 2.0)
+      rubocop-ast (>= 1.24.1, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.23.0)
-      parser (>= 3.1.1.0)
+      unicode-display_width (>= 2.4.0, < 3.0)
+    rubocop-ast (1.26.0)
+      parser (>= 3.2.1.0)
     ruby-progressbar (1.11.0)
     ruby2_keywords (0.0.5)
-    unicode-display_width (2.3.0)
+    unicode-display_width (2.4.2)
     uri_template (0.7.0)
+    zeitwerk (2.6.7)
 
 PLATFORMS
   arm64-darwin-21

data/README.md

@@ -32,7 +32,7 @@ And these Rack apps:
 This middleware returns a 400 status code with a body that describes the error if the request is not valid.
 
 ```ruby
-use OpenapiFirst::RequestValidatio, spec: 'openapi.yaml'
+use OpenapiFirst::RequestValidation, spec: 'openapi.yaml'
 ```
 
 ### Options and defaults
@@ -110,7 +110,7 @@ use OpenapiFirst::ResponseValidation, spec: 'openapi.yaml' if ENV['RACK_ENV'] ==
 
 ## OpenapiFirst::Router
 
-This middleware first always used automatically, but you can add it to the top of your middleware stack if you want to change configuration.
+This middleware is used automatically, but you can add it to the top of your middleware stack if you want to change configuration.
 
 ```ruby
 use OpenapiFirst::Router, spec: './openapi/openapi.yaml'
@@ -122,8 +122,7 @@ This middleware adds `env[OpenapiFirst::OPERATION]` which holds an Operation obj
 
 | Name           | Possible values      | Description                                                                                                                                                                                                                                                     | Default                            |
 | :------------- | -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |
-| `spec:`        |                      | The path to the spec file or spec loaded via `OpenapiFirst.load`
-                                                                                                  |                                    |
+| `spec:`        |                      | The path to the spec file or spec loaded via `OpenapiFirst.load` |                                    |
 | `raise_error:` | `false`, `true`      | If set to true the middleware raises `OpenapiFirst::NotFoundError` when a path or method was not found in the API description. This is useful during testing to spot an incomplete API description.                                                             | `false` (don't raise an exception) |
 | `not_found:`   | `:continue`, `:halt` | If set to `:continue` the middleware will not return 404 (405, 415), but just pass handling the request to the next middleware or application in the Rack stack. If combined with `raise_error: true` `raise_error` gets preference and an exception is raised. | `:halt` (return 4xx response)      |
 
@@ -269,7 +268,7 @@ validator.validate(last_request, last_response)
 You can filter the URIs that should be handled by passing `only` to `OpenapiFirst.load`:
 
 ```ruby
-spec = OpenapiFirst.load('./openapi/openapi.yaml', only: '/pets'.method(:==))
+spec = OpenapiFirst.load('./openapi/openapi.yaml', only: { |path| path.starts_with? '/pets' })
 run OpenapiFirst.app(spec, namespace: Pets)
 ```
 

data/benchmarks/Gemfile.lock

@@ -1,10 +1,10 @@
 PATH
   remote: ..
   specs:
-    openapi_first (0.20.0)
+    openapi_first (0.21.0)
       deep_merge (>= 1.2.1)
-      hanami-router (= 2.0.alpha5)
-      hanami-utils (= 2.0.alpha3)
+      hanami-router (~> 2.0.0)
+      hanami-utils (~> 2.0.0)
       json_refs (~> 0.1, >= 0.1.7)
       json_schemer (~> 0.2.16)
       multi_json (~> 1.14)
@@ -13,43 +13,40 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (7.0.2.3)
+    activesupport (7.0.4.2)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-    benchmark-ips (2.10.0)
+    benchmark-ips (2.11.0)
     benchmark-memory (0.2.0)
       memory_profiler (~> 1)
     builder (3.2.4)
-    committee (4.4.0)
+    committee (5.0.0)
       json_schema (~> 0.14, >= 0.14.3)
-      openapi_parser (>= 0.11.1, < 1.0)
+      openapi_parser (~> 1.0)
       rack (>= 1.5)
-    concurrent-ruby (1.1.10)
+    concurrent-ruby (1.2.0)
     deep_merge (1.2.2)
-    dry-configurable (0.14.0)
+    dry-core (1.0.0)
       concurrent-ruby (~> 1.0)
-      dry-core (~> 0.6)
-    dry-container (0.9.0)
+      zeitwerk (~> 2.6)
+    dry-inflector (1.0.0)
+    dry-logic (1.5.0)
       concurrent-ruby (~> 1.0)
-      dry-configurable (~> 0.13, >= 0.13.0)
-    dry-core (0.7.1)
+      dry-core (~> 1.0, < 2)
+      zeitwerk (~> 2.6)
+    dry-transformer (1.0.1)
+      zeitwerk (~> 2.6)
+    dry-types (1.7.0)
       concurrent-ruby (~> 1.0)
-    dry-inflector (0.2.1)
-    dry-logic (1.2.0)
-      concurrent-ruby (~> 1.0)
-      dry-core (~> 0.5, >= 0.5)
-    dry-transformer (0.1.1)
-    dry-types (1.5.1)
-      concurrent-ruby (~> 1.0)
-      dry-container (~> 0.3)
-      dry-core (~> 0.5, >= 0.5)
-      dry-inflector (~> 0.1, >= 0.1.2)
-      dry-logic (~> 1.0, >= 1.0.2)
+      dry-core (~> 1.0, < 2)
+      dry-inflector (~> 1.0, < 2)
+      dry-logic (>= 1.4, < 2)
+      zeitwerk (~> 2.6)
     ecma-re-validator (0.4.0)
       regexp_parser (~> 2.2)
-    grape (1.6.2)
+    grape (1.7.0)
       activesupport
       builder
       dry-types (>= 1.1)
@@ -57,62 +54,64 @@ GEM
       rack (>= 1.3.0)
       rack-accept
     hana (1.3.7)
-    hanami-api (0.2.0)
-      hanami-router (~> 2.0.alpha)
-    hanami-router (2.0.0.alpha5)
-      mustermann (~> 1.0)
-      mustermann-contrib (~> 1.0)
+    hanami-api (0.3.0)
+      hanami-router (~> 2.0)
+    hanami-router (2.0.2)
+      mustermann (~> 3.0)
+      mustermann-contrib (~> 3.0)
       rack (~> 2.0)
-    hanami-utils (2.0.0.alpha3)
+    hanami-utils (2.0.3)
       concurrent-ruby (~> 1.0)
-      dry-transformer (~> 0.1)
-    hansi (0.2.0)
-    i18n (1.10.0)
+      dry-core (~> 1.0, < 2)
+      dry-transformer (~> 1.0, < 2)
+    hansi (0.2.1)
+    i18n (1.12.0)
       concurrent-ruby (~> 1.0)
     json_refs (0.1.7)
       hana
     json_schema (0.21.0)
-    json_schemer (0.2.22)
+    json_schemer (0.2.24)
       ecma-re-validator (~> 0.3)
       hana (~> 1.3)
       regexp_parser (~> 2.0)
       uri_template (~> 0.7)
-    memory_profiler (1.0.0)
-    minitest (5.15.0)
+    memory_profiler (1.0.1)
+    minitest (5.17.0)
     multi_json (1.15.0)
-    mustermann (1.1.1)
+    mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
-    mustermann-contrib (1.1.1)
+    mustermann-contrib (3.0.0)
       hansi (~> 0.2.0)
-      mustermann (= 1.1.1)
-    mustermann-grape (1.0.1)
+      mustermann (= 3.0.0)
+    mustermann-grape (1.0.2)
       mustermann (>= 1.0.0)
     nio4r (2.5.8)
-    openapi_parser (0.15.0)
-    puma (5.6.5)
+    openapi_parser (1.0.0)
+    puma (6.1.0)
       nio4r (~> 2.0)
-    rack (2.2.3.1)
+    rack (2.2.6.2)
     rack-accept (0.4.5)
       rack (>= 0.4)
-    rack-protection (2.2.0)
+    rack-protection (3.0.5)
       rack
-    regexp_parser (2.6.0)
-    roda (3.54.0)
+    regexp_parser (2.7.0)
+    roda (3.65.0)
       rack
     ruby2_keywords (0.0.5)
     seg (1.2.0)
-    sinatra (2.2.0)
-      mustermann (~> 1.0)
-      rack (~> 2.2)
-      rack-protection (= 2.2.0)
+    sinatra (3.0.5)
+      mustermann (~> 3.0)
+      rack (~> 2.2, >= 2.2.4)
+      rack-protection (= 3.0.5)
       tilt (~> 2.0)
     syro (3.2.1)
       rack (>= 1.6.0)
       seg
-    tilt (2.0.10)
-    tzinfo (2.0.4)
+    tilt (2.0.11)
+    tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     uri_template (0.7.0)
+    zeitwerk (2.6.7)
 
 PLATFORMS
   arm64-darwin-21

data/benchmarks/benchmarks.rb

@@ -18,7 +18,8 @@ examples = [
   [Rack::MockRequest.env_for('/hello?filter[id]=1,2'), 200]
 ]
 
-apps = Dir['./apps/*.ru'].each_with_object({}) do |config, hash|
+glob = ARGV[0] || './apps/*.ru'
+apps = Dir[glob].each_with_object({}) do |config, hash|
   hash[config] = Rack::Builder.parse_file(config).first
 end
 apps.freeze

data/lib/openapi_first/body_parser_middleware.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+require 'multi_json'
+
+module OpenapiFirst
+  class BodyParserMiddleware
+    def initialize(app, options = {})
+      @app = app
+      @raise = options.fetch(:raise_error, false)
+    end
+
+    RACK_INPUT = 'rack.input'
+    ROUTER_PARSED_BODY = 'router.parsed_body'
+
+    def call(env)
+      env[ROUTER_PARSED_BODY] = parse_body(env)
+      @app.call(env)
+    rescue BodyParsingError => e
+      raise if @raise
+
+      err = { title: "Failed to parse body as #{env['CONTENT_TYPE']}", status: '400' }
+      err[:detail] = e.cause unless ENV['RACK_ENV'] == 'production'
+      errors = [err]
+
+      Rack::Response.new(
+        MultiJson.dump(errors: errors),
+        400,
+        Rack::CONTENT_TYPE => 'application/vnd.api+json'
+      ).finish
+    end
+
+    private
+
+    def parse_body(env)
+      request = Rack::Request.new(env)
+      body = read_body(request)
+      return if body.empty?
+
+      return MultiJson.load(body) if request.media_type =~ (/json/i) && (request.media_type =~ /json/i)
+      return request.POST if request.form_data?
+
+      body
+    rescue MultiJson::ParseError => e
+      raise BodyParsingError, e
+    end
+
+    def read_body(request)
+      body = request.body.read
+      request.body.rewind
+      body
+    end
+  end
+end

data/lib/openapi_first/errors.rb

@@ -22,6 +22,8 @@ module OpenapiFirst
 
   class ResponseBodyInvalidError < ResponseInvalid; end
 
+  class BodyParsingError < Error; end
+
   class RequestInvalidError < Error
     def initialize(serialized_errors)
       message = error_message(serialized_errors)

data/lib/openapi_first/operation.rb

@@ -47,6 +47,13 @@ module OpenapiFirst
       end
     end
 
+    def query_parameters_schema
+      @query_parameters_schema ||= begin
+        query_parameters_json_schema = build_query_parameters_json_schema
+        query_parameters_json_schema && SchemaValidation.new(query_parameters_json_schema)
+      end
+    end
+
     def content_types_for(status)
       response_for(status)['content']&.keys
     end
@@ -88,6 +95,13 @@ module OpenapiFirst
       "#{method.upcase} #{path} (#{operation_id})"
     end
 
+    def valid_request_content_type?(request_content_type)
+      content = operation_object.dig('requestBody', 'content')
+      return unless content
+
+      !!find_content_for_content_type(content, request_content_type)
+    end
+
     private
 
     def response_by_code(status)
@@ -118,6 +132,16 @@ module OpenapiFirst
       end
     end
 
+    def build_query_parameters_json_schema
+      query_parameters = all_parameters.reject { |field, _value| field['in'] == 'header' }
+      return unless query_parameters&.any?
+
+      query_parameters.each_with_object(new_node) do |parameter, schema|
+        params = Rack::Utils.parse_nested_query(parameter['name'])
+        generate_schema(schema, params, parameter)
+      end
+    end
+
     def all_parameters
       parameters = @path_item_object['parameters']&.dup || []
       parameters_on_operation = operation_object['parameters']

data/lib/openapi_first/request_validation.rb

@@ -20,57 +20,56 @@ module OpenapiFirst
       return @app.call(env) unless operation
 
       env[INBOX] = {}
-      catch(:halt) do
-        validate_query_parameters!(env, operation, env[PARAMETERS])
+      error = catch(:error) do
+        params = validate_query_parameters!(operation, env[PARAMETERS])
+        env[INBOX].merge! env[PARAMETERS] = params if params
         req = Rack::Request.new(env)
-        content_type = req.content_type
         return @app.call(env) unless operation.request_body
 
-        validate_request_content_type!(content_type, operation)
-        body = req.body.read
-        req.body.rewind
-        parse_and_validate_request_body!(env, content_type, body, operation)
-        @app.call(env)
+        validate_request_content_type!(operation, req.content_type)
+        parsed_request_body = parse_and_validate_request_body!(operation, req)
+        env[REQUEST_BODY] = parsed_request_body
+        env[INBOX].merge! parsed_request_body if parsed_request_body.is_a?(Hash)
+        nil
       end
+      if error
+        raise RequestInvalidError, error[:errors] if @raise
+
+        return validation_error_response(error[:status], error[:errors])
+      end
+      @app.call(env)
     end
 
     private
 
-    def halt(response)
-      throw :halt, response
-    end
+    ROUTER_PARSED_BODY = 'router.parsed_body'
+
+    def parse_and_validate_request_body!(operation, request)
+      env = request.env
+
+      body = env.delete(ROUTER_PARSED_BODY) if env.key?(ROUTER_PARSED_BODY)
 
-    def parse_and_validate_request_body!(env, content_type, body, operation)
       validate_request_body_presence!(body, operation)
-      return if body.empty?
+      return if body.nil?
 
-      schema = operation&.request_body_schema(content_type)
+      schema = operation&.request_body_schema(request.content_type)
       return unless schema
 
-      parsed_request_body = parse_request_body!(body)
-      errors = schema.validate(parsed_request_body)
-      halt_with_error(400, serialize_request_body_errors(errors)) if errors.any?
-      env[INBOX].merge! env[REQUEST_BODY] = Utils.deep_symbolize(parsed_request_body)
-    end
+      errors = schema.validate(body)
+      throw_error(400, serialize_request_body_errors(errors)) if errors.any?
+      return Utils.deep_symbolize(body) if body.is_a?(Hash)
 
-    def parse_request_body!(body)
-      MultiJson.load(body)
-    rescue MultiJson::ParseError => e
-      err = { title: 'Failed to parse body as JSON' }
-      err[:detail] = e.cause unless ENV['RACK_ENV'] == 'production'
-      halt_with_error(400, [err])
+      body
     end
 
-    def validate_request_content_type!(content_type, operation)
-      return if operation.request_body.dig('content', content_type)
-
-      halt_with_error(415)
+    def validate_request_content_type!(operation, content_type)
+      operation.valid_request_content_type?(content_type) || throw_error(415)
     end
 
     def validate_request_body_presence!(body, operation)
-      return unless operation.request_body['required'] && body.empty?
+      return unless operation.request_body['required'] && body.nil?
 
-      halt_with_error(415, 'Request body is required')
+      throw_error(415, 'Request body is required')
     end
 
     def default_error(status, title = Rack::Utils::HTTP_STATUS_CODES[status])
@@ -80,10 +79,15 @@ module OpenapiFirst
       }
     end
 
-    def halt_with_error(status, errors = [default_error(status)])
-      raise RequestInvalidError, errors if @raise
+    def throw_error(status, errors = [default_error(status)])
+      throw :error, {
+        status: status,
+        errors: errors
+      }
+    end
 
-      halt Rack::Response.new(
+    def validation_error_response(status, errors)
+      Rack::Response.new(
         MultiJson.dump(errors: errors),
         status,
         Rack::CONTENT_TYPE => 'application/vnd.api+json'
@@ -100,17 +104,15 @@ module OpenapiFirst
       end
     end
 
-    def validate_query_parameters!(env, operation, params)
-      schema = operation.parameters_schema
+    def validate_query_parameters!(operation, params)
+      schema = operation.query_parameters_schema
       return unless schema
 
       params = filtered_params(schema.raw_schema, params)
       params = Utils.deep_stringify(params)
       errors = schema.validate(params)
-      halt_with_error(400, serialize_query_parameter_errors(errors)) if errors.any?
-      params = Utils.deep_symbolize(params)
-      env[PARAMETERS] = params
-      env[INBOX].merge! params
+      throw_error(400, serialize_query_parameter_errors(errors)) if errors.any?
+      Utils.deep_symbolize(params)
     end
 
     def filtered_params(json_schema, params)

data/lib/openapi_first/router.rb

@@ -1,7 +1,9 @@
 # frozen_string_literal: true
 
 require 'rack'
+require 'multi_json'
 require 'hanami/router'
+require_relative 'body_parser_middleware'
 
 module OpenapiFirst
   class Router
@@ -54,26 +56,50 @@ module OpenapiFirst
       env[ORIGINAL_PATH] = env[Rack::PATH_INFO]
       env[Rack::PATH_INFO] = Rack::Request.new(env).path
       @router.call(env)
+    rescue BodyParsingError => e
+      handle_body_parsing_error(e)
     ensure
       env[Rack::PATH_INFO] = env.delete(ORIGINAL_PATH) if env[ORIGINAL_PATH]
     end
 
+    def handle_body_parsing_error(exception)
+      err = { title: 'Failed to parse body as application/json', status: '400' }
+      err[:detail] = exception.cause unless ENV['RACK_ENV'] == 'production'
+      errors = [err]
+      raise RequestInvalidError, errors if @raise
+
+      Rack::Response.new(
+        MultiJson.dump(errors: errors),
+        400,
+        Rack::CONTENT_TYPE => 'application/vnd.api+json'
+      ).finish
+    end
+
     def build_router(operations)
-      router = Hanami::Router.new
-      operations.each do |operation|
-        normalized_path = operation.path.gsub('{', ':').gsub('}', '')
-        router.public_send(
-          operation.method,
-          normalized_path,
-          to: lambda do |env|
-            env[OPERATION] = operation
-            env[PARAMETERS] = env['router.params']
-            env[Rack::PATH_INFO] = env.delete(ORIGINAL_PATH)
-            @app.call(env)
-          end
-        )
+      router = Hanami::Router.new.tap do |r|
+        operations.each do |operation|
+          normalized_path = operation.path.gsub('{', ':').gsub('}', '')
+          r.public_send(
+            operation.method,
+            normalized_path,
+            to: build_route(operation)
+          )
+        end
+      end
+      raise_error = @raise
+      Rack::Builder.app do
+        use BodyParserMiddleware, raise_error: raise_error
+        run router
+      end
+    end
+
+    def build_route(operation)
+      lambda do |env|
+        env[OPERATION] = operation
+        env[PARAMETERS] = env['router.params']
+        env[Rack::PATH_INFO] = env.delete(ORIGINAL_PATH)
+        @app.call(env)
       end
-      router
     end
   end
 end

data/lib/openapi_first/schema_validation.rb

@@ -17,6 +17,7 @@ module OpenapiFirst
         insert_property_defaults: true,
         before_property_validation: proc do |data, property, property_schema, parent|
           convert_nullable(data, property, property_schema, parent)
+          binary_format(data, property, property_schema, parent)
         end
       )
     end
@@ -27,6 +28,14 @@ module OpenapiFirst
 
     private
 
+    def binary_format(data, property, property_schema, _parent)
+      return unless property_schema.is_a?(Hash) && property_schema['format'] == 'binary'
+
+      property_schema['type'] = 'object'
+      property_schema.delete('format')
+      data[property].transform_keys!(&:to_s)
+    end
+
     def convert_nullable(_data, _property, property_schema, _parent)
       return unless property_schema.is_a?(Hash) && property_schema['nullable'] && property_schema['type']
 

data/lib/openapi_first/use_router.rb

@@ -11,9 +11,7 @@ module OpenapiFirst
     def call(env)
       return super if env.key?(OPERATION)
 
-      @router ||= Router.new(lambda { |e|
-                               super(e)
-                             }, spec: @options.fetch(:spec), raise_error: @options.fetch(:raise_error, false))
+      @router ||= Router.new(->(e) { super(e) }, @options)
       @router.call(env)
     end
   end

data/lib/openapi_first/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module OpenapiFirst
-  VERSION = '0.20.0'
+  VERSION = '0.21.0'
 end

data/openapi_first.gemspec

@@ -32,11 +32,11 @@ Gem::Specification.new do |spec|
   spec.bindir        = 'exe'
   spec.require_paths = ['lib']
 
-  spec.required_ruby_version = '>= 2.6.0'
+  spec.required_ruby_version = '>= 3.0.5'
 
   spec.add_runtime_dependency 'deep_merge', '>= 1.2.1'
-  spec.add_runtime_dependency 'hanami-router', '2.0.alpha5'
-  spec.add_runtime_dependency 'hanami-utils', '2.0.alpha3'
+  spec.add_runtime_dependency 'hanami-router', '~> 2.0.0'
+  spec.add_runtime_dependency 'hanami-utils', '~> 2.0.0'
   spec.add_runtime_dependency 'json_refs', '~> 0.1', '>= 0.1.7'
   spec.add_runtime_dependency 'json_schemer', '~> 0.2.16'
   spec.add_runtime_dependency 'multi_json', '~> 1.14'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: openapi_first
 version: !ruby/object:Gem::Version
-  version: 0.20.0
+  version: 0.21.0
 platform: ruby
 authors:
 - Andreas Haller
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-10-27 00:00:00.000000000 Z
+date: 2023-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: deep_merge
@@ -28,30 +28,30 @@ dependencies:
   name: hanami-router
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.alpha5
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.alpha5
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: hanami-utils
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.alpha3
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.alpha3
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: json_refs
   requirement: !ruby/object:Gem::Requirement
@@ -215,6 +215,7 @@ files:
 - examples/openapi.yaml
 - lib/openapi_first.rb
 - lib/openapi_first/app.rb
+- lib/openapi_first/body_parser_middleware.rb
 - lib/openapi_first/coverage.rb
 - lib/openapi_first/default_operation_resolver.rb
 - lib/openapi_first/definition.rb
@@ -248,7 +249,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: 3.0.5
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="