openapi_first 1.0.0 → 1.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 259995bd946bd53afc1b6ab3cc2d556811a8d775ba2714d1e13f0058f3049048
-  data.tar.gz: fe150a639f4ddbbf6190296c0fb70ee06c5116711a2716826934fc12b48b1622
+  metadata.gz: 5ee379d839bec13bd899f690b3275d761b7425461f2241da4ccb62de384f0c94
+  data.tar.gz: 6ea27d437c7cb443d5b5c84b8e6d0ef34782e4f5d8bb5ce7666acc78797ca523
 SHA512:
-  metadata.gz: ed09d09b5ad4c131134843ed0c7772eb6742b9bd98e6bb410d2c7fca3efe9a49875993b095a9590ee1a5ec9484301d5a58ed67b445fdd46aacbabedaf7e8160e
-  data.tar.gz: 9fe5c08c823aff23d979b9cd0652e4a63a8df424f98c037cb77e45c28c7fd232f24305df8024495b7bd50f4b99fbb8669d0f8a962b20ef2652907298ac7dd6cf
+  metadata.gz: ab20a8bcd7d61961f4a1d654a36291f295ee0d69c50829cd8f1965998ca9a480a0636e2b0ca62d220a53c62b60d8bedb934fc8a57bed39a8e45683796a5cee8a
+  data.tar.gz: 43206c1bf540193863bd1f02c14f79d172fff662974c8efbfd90dfd6334f11f23c0dee62c9c70c4bd45bbf202e68a76c9750a00aa4a45f5dd8682b6837a1177b

data/CHANGELOG.md

@@ -1,5 +1,20 @@
 # Changelog
 
+## 1.2.0
+
+- Added `OpenapiFirst.parse(hash)` to load ("parse") a resolved/de-referenced Hash
+- Added support for unescaped special characters in the path params (https://github.com/ahx/openapi_first/pull/217)
+- Added `operation` to `RuntimeRequest` by [@MrBananaLord](https://github.com/ahx/openapi_first/pull/216)
+
+## 1.1.1
+
+- Fix reading response body for example when running Rails (`ActionDispatch::Response::RackBody`)
+- Add `known?`, `status`, `body`, `headers`, `content_type` methods to inspect the parsed response (`RuntimeResponse`)
+- Add `OpenapiFirst::ParseError` which is raised by low-level interfaces like `request.body` if the body could not be parsed.
+- Add "code" field to errors in JSON:API error response
+
+## 1.1.0 (yanked)
+
 ## 1.0.0
 
 - Breaking: The default error uses application/problem+json content-type

data/Gemfile

@@ -2,15 +2,17 @@
 
 source 'https://rubygems.org'
 
-# Specify your gem's dependencies in openapi_first.gemspec
 gemspec
 
 gem 'rack', '>= 3.0.0'
+gem 'rackup'
 
 group :test, :development do
+  gem 'actionpack'
   gem 'bundler'
   gem 'rack-test'
   gem 'rake'
   gem 'rspec'
   gem 'rubocop'
+  gem 'simplecov'
 end

data/Gemfile.lock

@@ -1,21 +1,58 @@
 PATH
   remote: .
   specs:
-    openapi_first (1.0.0)
+    openapi_first (1.2.1)
       json_refs (~> 0.1, >= 0.1.7)
       json_schemer (~> 2.1.0)
       multi_json (~> 1.15)
-      mustermann-contrib (~> 3.0.0)
+      mustermann (~> 3.0.0)
       openapi_parameters (>= 0.3.2, < 2.0)
       rack (>= 2.2, < 4.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
+    actionpack (7.1.3)
+      actionview (= 7.1.3)
+      activesupport (= 7.1.3)
+      nokogiri (>= 1.8.5)
+      racc
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    actionview (7.1.3)
+      activesupport (= 7.1.3)
+      builder (~> 3.1)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activesupport (7.1.3)
+      base64
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      mutex_m
+      tzinfo (~> 2.0)
     ast (2.4.2)
+    base64 (0.2.0)
+    bigdecimal (3.1.6)
+    builder (3.2.4)
+    concurrent-ruby (1.2.3)
+    connection_pool (2.4.1)
+    crass (1.0.6)
     diff-lcs (1.5.0)
+    docile (1.4.0)
+    drb (2.2.0)
+      ruby2_keywords
+    erubi (1.12.0)
     hana (1.3.7)
-    hansi (0.2.1)
+    i18n (1.14.1)
+      concurrent-ruby (~> 1.0)
     json (2.7.1)
     json_refs (0.1.8)
       hana
@@ -24,26 +61,44 @@ GEM
       regexp_parser (~> 2.0)
       simpleidn (~> 0.2)
     language_server-protocol (3.17.0.3)
+    loofah (2.22.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.12.0)
+    minitest (5.21.2)
     multi_json (1.15.0)
     mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
-    mustermann-contrib (3.0.0)
-      hansi (~> 0.2.0)
-      mustermann (= 3.0.0)
+    mutex_m (0.2.0)
+    nokogiri (1.16.0-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.0-x86_64-linux)
+      racc (~> 1.4)
     openapi_parameters (0.3.2)
       rack (>= 2.2)
       zeitwerk (~> 2.6)
     parallel (1.24.0)
-    parser (3.3.0.0)
+    parser (3.3.0.5)
       ast (~> 2.4.1)
       racc
     racc (1.7.3)
     rack (3.0.8)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
     rack-test (2.1.0)
       rack (>= 1.3)
+    rackup (2.1.0)
+      rack (>= 3)
+      webrick (~> 1.8)
+    rails-dom-testing (2.2.0)
+      activesupport (>= 5.0.0)
+      minitest
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
     rainbow (3.1.1)
     rake (13.1.0)
-    regexp_parser (2.8.3)
+    regexp_parser (2.9.0)
     rexml (3.2.6)
     rspec (3.12.0)
       rspec-core (~> 3.12.0)
@@ -58,11 +113,11 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
     rspec-support (3.12.1)
-    rubocop (1.59.0)
+    rubocop (1.60.1)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.2.4)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
@@ -73,12 +128,21 @@ GEM
       parser (>= 3.2.1.0)
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
+    simplecov (0.22.0)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
     simpleidn (0.2.1)
       unf (~> 0.1.4)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.9.1)
     unicode-display_width (2.5.0)
+    webrick (1.8.1)
     zeitwerk (2.6.12)
 
 PLATFORMS
@@ -87,13 +151,16 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
+  actionpack
   bundler
   openapi_first!
   rack (>= 3.0.0)
   rack-test
+  rackup
   rake
   rspec
   rubocop
+  simplecov
 
 BUNDLED WITH
    2.3.10

data/Gemfile.rack2.lock

@@ -1,11 +1,11 @@
 PATH
   remote: .
   specs:
-    openapi_first (1.0.0.beta6)
+    openapi_first (1.1.1)
       json_refs (~> 0.1, >= 0.1.7)
       json_schemer (~> 2.1.0)
       multi_json (~> 1.15)
-      mustermann-contrib (~> 3.0.0)
+      mustermann (~> 3.0.0)
       openapi_parameters (>= 0.3.2, < 2.0)
       rack (>= 2.2, < 4.0)
 
@@ -15,7 +15,6 @@ GEM
     ast (2.4.2)
     diff-lcs (1.5.0)
     hana (1.3.7)
-    hansi (0.2.1)
     json (2.7.1)
     json_refs (0.1.8)
       hana
@@ -27,9 +26,6 @@ GEM
     multi_json (1.15.0)
     mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
-    mustermann-contrib (3.0.0)
-      hansi (~> 0.2.0)
-      mustermann (= 3.0.0)
     openapi_parameters (0.3.2)
       rack (>= 2.2)
       zeitwerk (~> 2.6)

data/README.md

@@ -1,8 +1,6 @@
 # openapi_first
 
-OpenapiFirst helps to implement HTTP APIs based on an [OpenAPI](https://www.openapis.org/) API description. It supports OpenAPI 3.0 and 3.1. It offers request and response validation to ensure that your implementation follows exactly the API description.
-
-This makes your API description reliable, reason about API design and use various tooling on top of OpenAPI.
+OpenapiFirst helps to implement HTTP APIs based on an [OpenAPI](https://www.openapis.org/) API description. It supports OpenAPI 3.0 and 3.1. It offers request and response validation and it ensures that your implementation follows exactly the API description.
 
 ## Contents
 
@@ -10,8 +8,12 @@ This makes your API description reliable, reason about API design and use variou
 
 - [Manual use](#manual-use)
 - [Rack Middlewares](#rack-middlewares)
+  - [Request validation](#request-validation)
+  - [Response validation](#response-validation)
 - [Configuration](#configuration)
 - [Development](#development)
+  - [Benchmarks](#benchmarks)
+  - [Contributing](#contributing)
 
 <!-- /TOC -->
 
@@ -30,17 +32,21 @@ Validate request / response:
 ```ruby
 
 # Find the request
-rack_request = Rack::Request.new(env)
+rack_request = Rack::Request.new(env) # GET /pets/42
 request = definition.request(rack_request)
 
 # Inspect the request and access parsed parameters
 request.known? # Is the request defined in the API description?
-request.parsed_body # alias: body
-request.path_parameters
-request.query # alias: query_parameters
+request.content_type
+request.body # alias: parsed_body
+request.path_parameters # => { "pet_id" => 42 }
+request.query_parameters # alias: query
 request.params # Merged path and query parameters
 request.headers
 request.cookies
+request.request_method # => "get"
+request.path # => "/pets/42"
+request.path_definition # => "/pets/{pet_id}"
 
 # Validate the request
 request.validate # Returns OpenapiFirst:::Failure if validation fails
@@ -50,8 +56,15 @@ request.validate! # Raises OpenapiFirst::RequestInvalidError or OpenapiFirst::No
 rack_response = Rack::Response[*app.call(env)]
 response = request.response(rack_response) # or definition.response(rack_request, rack_response)
 
+# Inspect the response
+response.known? # Is the response defined in the API description?
+response.status # => 200
+response.content_type
+response.body
+request.headers # parsed response headers
+
 # Validate response
-response.validate # Returns OpenapiFirst::Failure
+response.validate # Returns OpenapiFirst::Failure if validation fails
 response.validate! # Raises OpenapiFirst::ResponseInvalidError or OpenapiFirst::ResponseNotFoundError if validation fails
 ```
 
@@ -73,13 +86,13 @@ use OpenapiFirst::Middlewares::RequestValidation, spec: 'openapi.yaml'
 
 #### Options
 
-| Name              | Possible values                                                           | Description                                                                                                                         |
-| :---------------- | ------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
-| `spec:`           |                                                                           | The path to the spec file or spec loaded via `OpenapiFirst.load`                                                                    |
-| `raise_error:`    | `false` (default), `true`                                                 | If set to true the middleware raises `OpenapiFirst::RequestInvalidError` or `OpenapiFirst::NotFoundError` instead of returning 4xx. |
-| `error_response:` | `:default` (default), `:json_api`, Your implementation of `ErrorResponse` | :default                                                                                                                            |
+| Name              | Possible values                                                          | Description                                                                                                                         |
+| :---------------- | ------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------- |
+| `spec:`           |                                                                          | The path to the spec file or spec loaded via `OpenapiFirst.load`                                                                    |
+| `raise_error:`    | `false` (default), `true`                                                | If set to true the middleware raises `OpenapiFirst::RequestInvalidError` or `OpenapiFirst::NotFoundError` instead of returning 4xx. |
+| `error_response:` | `:default` (default), `:jsonapi`, Your implementation of `ErrorResponse` |
 
-Here's an example response body about an invalid request body. See also [RFC 9457](https://www.rfc-editor.org/rfc/rfc9457).
+Here in an example response body about an invalid request body. See also [RFC 9457](https://www.rfc-editor.org/rfc/rfc9457).
 
 ```json
 http-status: 400
@@ -108,6 +121,50 @@ content-type: "application/problem+json"
 }
 ```
 
+openapi_first offers a [JSON:API](https://jsonapi.org/) error response as well:
+
+```ruby
+use OpenapiFirst::Middlewares::RequestValidation, spec: 'openapi.yaml, error_response: :jsonapi'
+```
+
+Here is an example error response:
+
+```json
+// http-status: 400
+// content-type: "application/vnd.api+json"
+
+{
+  "errors": [
+    {
+      "status": "400",
+      "source": {
+        "pointer": "/data/name"
+      },
+      "title": "value at `/data/name` is not a string",
+      "code": "string"
+    },
+    {
+      "status": "400",
+      "source": {
+        "pointer": "/data/numberOfLegs"
+      },
+      "title": "number at `/data/numberOfLegs` is less than: 2",
+      "code": "minimum"
+    },
+    {
+      "status": "400",
+      "source": {
+        "pointer": "/data"
+      },
+      "title": "object at `/data` is missing required properties: mandatory",
+      "code": "required"
+    }
+  ]
+}
+```
+
+You can build your own custom error response with `error_response: MyCustomClass` that implements `OpenapiFirst::ErrorResponse`.
+
 #### readOnly / writeOnly properties
 
 Request validation fails if request includes a property with `readOnly: true`.
@@ -135,7 +192,7 @@ You can configure default options globally:
 ```ruby
 OpenapiFirst.configure do |config|
   # Specify which plugin is used to render error responses returned by the request validation middleware (defaults to :default)
-  config.request_validation_error_response = :json_api
+  config.request_validation_error_response = :jsonapi
   # Configure if the response validation middleware should raise an exception (defaults to false)
   config.request_validation_raise_error = true
 end

data/lib/openapi_first/body_parser.rb

@@ -4,7 +4,12 @@ require 'multi_json'
 
 module OpenapiFirst
   class BodyParser
-    class ParsingError < StandardError; end
+    def self.const_missing(const_name)
+      super unless const_name == :ParsingError
+      warn 'DEPRECATION WARNING: OpenapiFirst::BodyParser::ParsingError is deprecated. ' \
+           'Use OpenapiFirst::ParseError instead.'
+      OpenapiFirst::ParseError
+    end
 
     def parse(request, content_type)
       body = read_body(request)
@@ -15,7 +20,7 @@ module OpenapiFirst
 
       body
     rescue MultiJson::ParseError
-      raise ParsingError, 'Failed to parse body as JSON'
+      raise ParseError, 'Failed to parse body as JSON'
     end
 
     private

data/lib/openapi_first/definition/operation.rb

@@ -2,11 +2,8 @@
 
 require 'forwardable'
 require 'set'
+require 'openapi_parameters'
 require_relative 'request_body'
-require_relative 'query_parameters'
-require_relative 'header_parameters'
-require_relative 'path_parameters'
-require_relative 'cookie_parameters'
 require_relative 'responses'
 
 module OpenapiFirst
@@ -14,14 +11,11 @@ module OpenapiFirst
     class Operation
       extend Forwardable
       def_delegators :operation_object,
-                     :[],
-                     :dig
+                     :[]
 
       WRITE_METHODS = Set.new(%w[post put patch delete]).freeze
       private_constant :WRITE_METHODS
 
-      attr_reader :path, :method, :openapi_version
-
       def initialize(path, request_method, path_item_object, openapi_version:)
         @path = path
         @method = request_method
@@ -30,6 +24,9 @@ module OpenapiFirst
         @operation_object = @path_item_object[request_method]
       end
 
+      attr_reader :path, :method, :openapi_version
+      alias request_method method
+
       def operation_id
         operation_object['operationId']
       end
@@ -66,34 +63,63 @@ module OpenapiFirst
         @name ||= "#{method.upcase} #{path} (#{operation_id})"
       end
 
-      def query_parameters
-        @query_parameters ||= build_parameters(all_parameters.filter { |p| p['in'] == 'query' }, QueryParameters)
-      end
-
       def path_parameters
-        @path_parameters ||= build_parameters(all_parameters.filter { |p| p['in'] == 'path' }, PathParameters)
+        all_parameters['path']
       end
 
-      IGNORED_HEADERS = Set['Content-Type', 'Accept', 'Authorization'].freeze
-      private_constant :IGNORED_HEADERS
+      def query_parameters
+        all_parameters['query']
+      end
 
       def header_parameters
-        @header_parameters ||= build_parameters(find_header_parameters, HeaderParameters)
+        all_parameters['header']
       end
 
       def cookie_parameters
-        @cookie_parameters ||= build_parameters(all_parameters.filter { |p| p['in'] == 'cookie' }, CookieParameters)
+        all_parameters['cookie']
+      end
+
+      def path_parameters_schema
+        @path_parameters_schema ||= build_schema(path_parameters)
+      end
+
+      def query_parameters_schema
+        @query_parameters_schema ||= build_schema(query_parameters)
+      end
+
+      def header_parameters_schema
+        @header_parameters_schema ||= build_schema(header_parameters)
+      end
+
+      def cookie_parameters_schema
+        @cookie_parameters_schema ||= build_schema(cookie_parameters)
       end
 
       private
 
+      IGNORED_HEADERS = Set['Content-Type', 'Accept', 'Authorization'].freeze
+      private_constant :IGNORED_HEADERS
+
       def all_parameters
-        @all_parameters ||= begin
-          parameters = @path_item_object['parameters']&.dup || []
-          parameters_on_operation = operation_object['parameters']
-          parameters.concat(parameters_on_operation) if parameters_on_operation
-          parameters
+        @all_parameters ||= (@path_item_object.fetch('parameters', []) + operation_object.fetch('parameters', []))
+                            .reject { |p| p['in'] == 'header' && IGNORED_HEADERS.include?(p['name']) }
+                            .group_by { _1['in'] }
+      end
+
+      def build_schema(parameters)
+        return unless parameters&.any?
+
+        init_schema = {
+          'type' => 'object',
+          'properties' => {},
+          'required' => []
+        }
+        schema = parameters.each_with_object(init_schema) do |parameter_def, result|
+          parameter = OpenapiParameters::Parameter.new(parameter_def)
+          result['properties'][parameter.name] = parameter.schema if parameter.schema
+          result['required'] << parameter.name if parameter.required?
         end
+        Schema.new(schema, openapi_version: @openapi_version)
       end
 
       def responses
@@ -105,12 +131,6 @@ module OpenapiFirst
       def build_parameters(parameters, klass)
         klass.new(parameters, openapi_version:) if parameters.any?
       end
-
-      def find_header_parameters
-        all_parameters.filter do |p|
-          p['in'] == 'header' && !IGNORED_HEADERS.include?(p['name'])
-        end
-      end
     end
   end
 end

data/lib/openapi_first/definition/request_body.rb

@@ -3,40 +3,42 @@
 require_relative '../schema'
 
 module OpenapiFirst
-  class RequestBody
-    def initialize(request_body_object, operation)
-      @request_body_object = request_body_object
-      @operation = operation
-    end
+  class Definition
+    class RequestBody
+      def initialize(request_body_object, operation)
+        @request_body_object = request_body_object
+        @operation = operation
+      end
 
-    def description
-      @request_body_object['description']
-    end
+      def description
+        @request_body_object['description']
+      end
 
-    def required?
-      !!@request_body_object['required']
-    end
+      def required?
+        !!@request_body_object['required']
+      end
 
-    def schema_for(content_type)
-      content = @request_body_object['content']
-      return unless content&.any?
+      def schema_for(content_type)
+        content = @request_body_object['content']
+        return unless content&.any?
 
-      content_schemas&.fetch(content_type) do
-        type = content_type.split(';')[0]
-        content_schemas[type] || content_schemas["#{type.split('/')[0]}/*"] || content_schemas['*/*']
+        content_schemas&.fetch(content_type) do
+          type = content_type.split(';')[0]
+          content_schemas[type] || content_schemas["#{type.split('/')[0]}/*"] || content_schemas['*/*']
+        end
       end
-    end
 
-    private
+      private
 
-    def content_schemas
-      @content_schemas ||= @request_body_object['content']&.each_with_object({}) do |kv, result|
-        type, media_type = kv
-        schema_object = media_type['schema']
-        next unless schema_object
+      def content_schemas
+        @content_schemas ||= @request_body_object['content']&.each_with_object({}) do |kv, result|
+          type, media_type = kv
+          schema_object = media_type['schema']
+          next unless schema_object
 
-        result[type] = Schema.new(schema_object, write: @operation.write?,
-                                                 openapi_version: @operation.openapi_version)
+          result[type] = Schema.new(schema_object, write: @operation.write?,
+                                                   openapi_version: @operation.openapi_version)
+        end
       end
     end
   end

data/lib/openapi_first/definition.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'mustermann/template'
+require 'mustermann'
 require_relative 'definition/path_item'
 require_relative 'runtime_request'
 
@@ -9,7 +9,7 @@ module OpenapiFirst
   class Definition
     attr_reader :filepath, :paths, :openapi_version
 
-    def initialize(resolved, filepath)
+    def initialize(resolved, filepath = nil)
       @filepath = filepath
       @paths = resolved['paths']
       @openapi_version = detect_version(resolved)
@@ -60,7 +60,7 @@ module OpenapiFirst
 
     def search_for_path_item(request_path)
       paths.find do |path, path_item_object|
-        template = Mustermann::Template.new(path)
+        template = Mustermann.new(path)
         path_params = template.params(request_path)
         next unless path_params
         next unless path_params.size == template.names.size

data/lib/openapi_first/errors.rb

@@ -2,6 +2,7 @@
 
 module OpenapiFirst
   class Error < StandardError; end
+  class ParseError < Error; end
   class NotFoundError < Error; end
   class RequestInvalidError < Error; end
   class ResponseNotFoundError < Error; end

data/lib/openapi_first/failure.rb

@@ -20,7 +20,7 @@ module OpenapiFirst
     private_constant :TYPES
 
     # @param error_type [Symbol] See Failure::TYPES.keys
-    # @param errors [Array<OpenapiFirst::Schema::ValidationResult>]
+    # @param errors [Array<OpenapiFirst::Schema::ValidationError>]
     def self.fail!(error_type, message: nil, errors: nil)
       throw FAILURE, new(
         error_type,
@@ -47,9 +47,22 @@ module OpenapiFirst
 
     # Raise an exception that fits the failure.
     def raise!
-      exception, message_prefix = TYPES.fetch(error_type)
+      exception, = TYPES.fetch(error_type)
+      raise exception, exception_message
+    end
+
+    def exception_message
+      _, message_prefix = TYPES.fetch(error_type)
+
+      "#{message_prefix} #{@message || generate_message}"
+    end
+
+    private
 
-      raise exception, "#{message_prefix} #{@message || errors&.map(&:error)&.join('. ')}"
+    def generate_message
+      messages = errors&.take(4)&.map(&:error)
+      messages << "... (#{errors.size} errors total)" if errors && errors.size > 4
+      messages&.join('. ')
     end
   end
 end

data/lib/openapi_first/middlewares/response_validation.rb

@@ -19,10 +19,13 @@ module OpenapiFirst
 
       def call(env)
         request = find_request(env)
-        response = @app.call(env)
-        request.response(response).validate!
+        status, headers, body = @app.call(env)
 
-        response
+        body = body.to_ary if body.respond_to?(:to_ary)
+
+        request.response(Rack::Response[status, headers, body]).validate!
+
+        [status, headers, body]
       end
 
       private

data/lib/openapi_first/plugins/default/error_response.rb

@@ -16,7 +16,7 @@ module OpenapiFirst
           invalid_query: 'Bad Query Parameter',
           invalid_header: 'Bad Request Header',
           invalid_path: 'Bad Request Path',
-          invalid_cookie: 'Bod Request Cookie'
+          invalid_cookie: 'Bad Request Cookie'
         }.freeze
         private_constant :TITLES
 

data/lib/openapi_first/plugins/jsonapi/error_response.rb

@@ -22,7 +22,8 @@ module OpenapiFirst
             {
               status: status.to_s,
               source: { key => pointer(error.instance_location) },
-              title: error.error
+              title: error.error,
+              code: error.type
             }
           end
         end

data/lib/openapi_first/request_validation/validator.rb

@@ -38,34 +38,34 @@ module OpenapiFirst
       end
 
       def validate_path_params!(request)
-        parameters = operation.path_parameters
-        return unless parameters
+        schema = operation.path_parameters_schema
+        return unless schema
 
-        validation = parameters.schema.validate(request.path_parameters)
+        validation = schema.validate(request.path_parameters)
         Failure.fail!(:invalid_path, errors: validation.errors) if validation.error?
       end
 
       def validate_query_params!(request)
-        parameters = operation.query_parameters
-        return unless parameters
+        schema = operation.query_parameters_schema
+        return unless schema
 
-        validation = parameters.schema.validate(request.query)
+        validation = schema.validate(request.query)
         Failure.fail!(:invalid_query, errors: validation.errors) if validation.error?
       end
 
       def validate_cookie_params!(request)
-        parameters = operation.cookie_parameters
-        return unless parameters
+        schema = operation.cookie_parameters_schema
+        return unless schema
 
-        validation = parameters.schema.validate(request.cookies)
+        validation = schema.validate(request.cookies)
         Failure.fail!(:invalid_cookie, errors: validation.errors) if validation.error?
       end
 
       def validate_header_params!(request)
-        parameters = operation.header_parameters
-        return unless parameters
+        schema = operation.header_parameters_schema
+        return unless schema
 
-        validation = parameters.schema.validate(request.headers)
+        validation = schema.validate(request.headers)
         Failure.fail!(:invalid_header, errors: validation.errors) if validation.error?
       end
 
@@ -73,7 +73,7 @@ module OpenapiFirst
         return unless operation.request_body
 
         RequestBodyValidator.new(operation).validate!(request.body, request.content_type)
-      rescue BodyParser::ParsingError => e
+      rescue ParseError => e
         Failure.fail!(:invalid_body, message: e.message)
       end
     end

data/lib/openapi_first/response_validation/validator.rb

@@ -9,14 +9,14 @@ module OpenapiFirst
         @operation = operation
       end
 
-      def validate(rack_response)
+      def validate(runtime_response)
         return unless operation
 
-        response = Rack::Response[*rack_response.to_a]
         catch Failure::FAILURE do
-          response_definition = response_for(operation, response.status, response.content_type)
-          validate_response_body(response_definition.content_schema, response.body)
-          validate_response_headers(response_definition.headers, response.headers)
+          validate_defined(runtime_response)
+          response_definition = runtime_response.response_definition
+          validate_response_body(response_definition.content_schema, runtime_response)
+          validate_response_headers(response_definition.headers, runtime_response.headers)
           nil
         end
       end
@@ -25,37 +25,40 @@ module OpenapiFirst
 
       attr_reader :operation
 
-      def response_for(operation, status, content_type)
-        response = operation.response_for(status, content_type)
-        return response if response
+      def validate_defined(runtime_response)
+        return if runtime_response.known?
 
-        unless operation.response_status_defined?(status)
-          message = "Response status '#{status}' not found for '#{operation.name}'"
+        unless runtime_response.known_status?
+          message = "Response status '#{runtime_response.status}' not found for '#{runtime_response.name}'"
           Failure.fail!(:response_not_found, message:)
         end
+
+        content_type = runtime_response.content_type
         if content_type.nil? || content_type.empty?
-          message = "Content-Type for '#{operation.name}' must not be empty"
+          message = "Content-Type for '#{runtime_response.name}' must not be empty"
           Failure.fail!(:invalid_response_header, message:)
         end
 
-        message = "Content-Type '#{content_type}' is not defined for '#{operation.name}'"
+        message = "Content-Type '#{content_type}' is not defined for '#{runtime_response.name}'"
         Failure.fail!(:invalid_response_header, message:)
       end
 
-      def validate_response_body(schema, response)
+      def validate_response_body(schema, runtime_response)
         return unless schema
 
-        full_body = +''
-        response.each { |chunk| full_body << chunk }
-        data = full_body.empty? ? {} : load_json(full_body)
-        validation = schema.validate(data)
+        begin
+          parsed_body = runtime_response.body
+        rescue ParseError => e
+          Failure.fail!(:invalid_response_body, message: e.message)
+        end
+
+        validation = schema.validate(parsed_body)
         Failure.fail!(:invalid_response_body, errors: validation.errors) if validation.error?
       end
 
-      def validate_response_headers(response_header_definitions, response_headers)
+      def validate_response_headers(response_header_definitions, unpacked_headers)
         return unless response_header_definitions
 
-        unpacked_headers = unpack_response_headers(response_header_definitions, response_headers)
         response_header_definitions.each do |name, definition|
           next if name == 'Content-Type'
 
@@ -84,13 +87,6 @@ module OpenapiFirst
                       errors: validation_result.errors)
       end
 
-      def unpack_response_headers(response_header_definitions, response_headers)
-        headers_as_parameters = response_header_definitions.map do |name, definition|
-          definition.merge('name' => name, 'in' => 'header')
-        end
-        OpenapiParameters::Header.new(headers_as_parameters).unpack(response_headers)
-      end
-
       def load_json(string)
         MultiJson.load(string)
       rescue MultiJson::ParseError

data/lib/openapi_first/runtime_request.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'forwardable'
+require 'openapi_parameters'
 require_relative 'runtime_response'
 require_relative 'body_parser'
 require_relative 'request_validation/validator'
@@ -17,8 +18,11 @@ module OpenapiFirst
       @original_path_params = path_params
     end
 
-    def_delegators :@request, :content_type, :media_type
-    def_delegators :@operation, :operation_id
+    def_delegators :@request, :content_type, :media_type, :path
+    def_delegators :@operation, :operation_id, :request_method
+    def_delegator :@path_item, :path, :path_definition
+
+    attr_reader :path_item, :operation
 
     def known?
       known_path? && known_request_method?
@@ -38,25 +42,32 @@ module OpenapiFirst
     end
 
     def path_parameters
+      return {} unless operation.path_parameters
+
       @path_parameters ||=
-        operation.path_parameters&.unpack(@original_path_params) || {}
+        OpenapiParameters::Path.new(operation.path_parameters).unpack(@original_path_params) || {}
     end
 
     def query
+      return {} unless operation.query_parameters
+
       @query ||=
-        operation.query_parameters&.unpack(request.env) || {}
+        OpenapiParameters::Query.new(operation.query_parameters).unpack(request.env[Rack::QUERY_STRING]) || {}
     end
 
     alias query_parameters query
 
     def headers
-      @headers ||=
-        operation.header_parameters&.unpack(request.env) || {}
+      return {} unless operation.header_parameters
+
+      @headers ||= OpenapiParameters::Header.new(operation.header_parameters).unpack_env(request.env) || {}
     end
 
     def cookies
+      return {} unless operation.cookie_parameters
+
       @cookies ||=
-        operation.cookie_parameters&.unpack(request.env) || {}
+        OpenapiParameters::Cookie.new(operation.cookie_parameters).unpack(request.env[Rack::HTTP_COOKIE]) || {}
     end
 
     def body
@@ -79,6 +90,6 @@ module OpenapiFirst
 
     private
 
-    attr_reader :request, :operation, :path_item
+    attr_reader :request
   end
 end

data/lib/openapi_first/runtime_response.rb

@@ -1,20 +1,43 @@
 # frozen_string_literal: true
 
+require 'forwardable'
+require_relative 'body_parser'
 require_relative 'response_validation/validator'
 
 module OpenapiFirst
   class RuntimeResponse
+    extend Forwardable
+
     def initialize(operation, rack_response)
       @operation = operation
       @rack_response = rack_response
     end
 
+    def_delegators :@rack_response, :status, :content_type
+    def_delegators :@operation, :name
+
+    def known?
+      !!response_definition
+    end
+
+    def known_status?
+      @operation.response_status_defined?(status)
+    end
+
     def description
       response_definition&.description
     end
 
+    def body
+      @body ||= content_type =~ /json/i ? load_json(original_body) : original_body
+    end
+
+    def headers
+      @headers ||= unpack_response_headers
+    end
+
     def validate
-      ResponseValidation::Validator.new(@operation).validate(@rack_response)
+      ResponseValidation::Validator.new(@operation).validate(self)
     end
 
     def validate!
@@ -22,10 +45,31 @@ module OpenapiFirst
       error&.raise!
     end
 
+    def response_definition
+      @response_definition ||= @operation.response_for(status, content_type)
+    end
+
     private
 
-    def response_definition
-      @response_definition ||= @operation.response_for(@rack_response.status, @rack_response.content_type)
+    def original_body
+      buffered_body = String.new
+      @rack_response.body.each { |chunk| buffered_body << chunk }
+      buffered_body
+    end
+
+    def load_json(string)
+      MultiJson.load(string)
+    rescue MultiJson::ParseError
+      raise ParseError, 'Failed to parse response body as JSON'
+    end
+
+    def unpack_response_headers
+      return {} if response_definition&.headers.nil?
+
+      headers_as_parameters = response_definition.headers.map do |name, definition|
+        definition.merge('name' => name, 'in' => 'header')
+      end
+      OpenapiParameters::Header.new(headers_as_parameters).unpack(@rack_response.headers)
     end
   end
 end

data/lib/openapi_first/schema/validation_result.rb

@@ -20,13 +20,6 @@ module OpenapiFirst
           ValidationError.new(err)
         end
       end
-
-      # Returns a message that is used in exception messages.
-      def message
-        return unless error?
-
-        errors.map(&:error).join('. ')
-      end
     end
   end
 end

data/lib/openapi_first/schema.rb

@@ -32,10 +32,6 @@ module OpenapiFirst
       )
     end
 
-    def [](key)
-      @schema[key]
-    end
-
     private
 
     def before_property_validation(data, property, property_schema, parent)

data/lib/openapi_first/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module OpenapiFirst
-  VERSION = '1.0.0'
+  VERSION = '1.2.1'
 end

data/lib/openapi_first.rb

@@ -28,10 +28,20 @@ module OpenapiFirst
   # Key in rack to find instance of RuntimeRequest
   REQUEST = 'openapi.request'
 
-  def self.load(spec_path, only: nil)
-    resolved = Bundle.resolve(spec_path)
+  # Load and dereference an OpenAPI spec file
+  def self.load(filepath, only: nil)
+    resolved = bundle(filepath)
+    parse(resolved, only:, filepath:)
+  end
+
+  # Parse a dereferenced Hash
+  def self.parse(resolved, only: nil, filepath: nil)
     resolved['paths'].filter!(&->(key, _) { only.call(key) }) if only
-    Definition.new(resolved, spec_path)
+    Definition.new(resolved, filepath)
+  end
+
+  def self.bundle(filepath)
+    Bundle.resolve(filepath)
   end
 
   module Bundle

data/openapi_first.gemspec

@@ -41,7 +41,7 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'json_refs', '~> 0.1', '>= 0.1.7'
   spec.add_runtime_dependency 'json_schemer', '~> 2.1.0'
   spec.add_runtime_dependency 'multi_json', '~> 1.15'
-  spec.add_runtime_dependency 'mustermann-contrib', '~> 3.0.0'
+  spec.add_runtime_dependency 'mustermann', '~> 3.0.0'
   spec.add_runtime_dependency 'openapi_parameters', '>= 0.3.2', '< 2.0'
   spec.add_runtime_dependency 'rack', '>= 2.2', '< 4.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: openapi_first
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.2.1
 platform: ruby
 authors:
 - Andreas Haller
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-01-06 00:00:00.000000000 Z
+date: 2024-01-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json_refs
@@ -59,7 +59,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.15'
 - !ruby/object:Gem::Dependency
-  name: mustermann-contrib
+  name: mustermann
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -133,13 +133,8 @@ files:
 - lib/openapi_first/body_parser.rb
 - lib/openapi_first/configuration.rb
 - lib/openapi_first/definition.rb
-- lib/openapi_first/definition/cookie_parameters.rb
-- lib/openapi_first/definition/header_parameters.rb
 - lib/openapi_first/definition/operation.rb
-- lib/openapi_first/definition/parameters.rb
 - lib/openapi_first/definition/path_item.rb
-- lib/openapi_first/definition/path_parameters.rb
-- lib/openapi_first/definition/query_parameters.rb
 - lib/openapi_first/definition/request_body.rb
 - lib/openapi_first/definition/response.rb
 - lib/openapi_first/definition/responses.rb

data/lib/openapi_first/definition/cookie_parameters.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-require 'openapi_parameters'
-require_relative 'parameters'
-
-module OpenapiFirst
-  class CookieParameters < Parameters
-    def unpack(env)
-      OpenapiParameters::Cookie.new(@parameter_definitions).unpack(env['HTTP_COOKIE'])
-    end
-  end
-end

data/lib/openapi_first/definition/header_parameters.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-require 'openapi_parameters'
-require_relative 'parameters'
-
-module OpenapiFirst
-  class HeaderParameters < Parameters
-    def unpack(env)
-      OpenapiParameters::Header.new(@parameter_definitions).unpack_env(env)
-    end
-  end
-end

data/lib/openapi_first/definition/parameters.rb

@@ -1,47 +0,0 @@
-# frozen_string_literal: true
-
-require 'forwardable'
-require_relative '../schema'
-
-module OpenapiFirst
-  class Parameters
-    extend Forwardable
-
-    def initialize(parameter_definitions, openapi_version:)
-      @parameter_definitions = parameter_definitions
-      @openapi_version = openapi_version
-    end
-
-    def_delegators :parameters, :map
-
-    def empty?
-      @parameter_definitions.empty?
-    end
-
-    def schema
-      @schema ||= build_schema
-    end
-
-    def parameters
-      @parameter_definitions.map do |parameter_object|
-        OpenapiParameters::Parameter.new(parameter_object)
-      end
-    end
-
-    private
-
-    def build_schema
-      init_schema = {
-        'type' => 'object',
-        'properties' => {},
-        'required' => []
-      }
-      schema = @parameter_definitions.each_with_object(init_schema) do |parameter_def, result|
-        parameter = OpenapiParameters::Parameter.new(parameter_def)
-        result['properties'][parameter.name] = parameter.schema if parameter.schema
-        result['required'] << parameter.name if parameter.required?
-      end
-      Schema.new(schema, openapi_version: @openapi_version)
-    end
-  end
-end

data/lib/openapi_first/definition/path_parameters.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-require 'openapi_parameters'
-require_relative 'parameters'
-
-module OpenapiFirst
-  class PathParameters < Parameters
-    def unpack(original_path_params)
-      OpenapiParameters::Path.new(@parameter_definitions).unpack(original_path_params)
-    end
-  end
-end

data/lib/openapi_first/definition/query_parameters.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-require 'openapi_parameters'
-require_relative 'parameters'
-
-module OpenapiFirst
-  class QueryParameters < Parameters
-    def unpack(env)
-      OpenapiParameters::Query.new(@parameter_definitions).unpack(env['QUERY_STRING'])
-    end
-  end
-end