openapi_first 1.4.3 → 2.0.0

data/lib/openapi_first/request_validation/request_body_validator.rb

@@ -1,41 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../failure'
-
-module OpenapiFirst
-  module RequestValidation
-    class RequestBodyValidator # :nodoc:
-      def initialize(operation)
-        @operation = operation
-      end
-
-      def validate!(parsed_request_body, request_content_type)
-        request_body = operation.request_body
-        schema = request_body.schema_for(request_content_type)
-        unless schema
-          Failure.fail!(:unsupported_media_type,
-                        message: "Unsupported Media Type '#{request_content_type}'")
-        end
-
-        if request_body.required? && parsed_request_body.nil?
-          Failure.fail!(:invalid_body,
-                        message: 'Request body is not defined')
-        end
-
-        validate_body!(parsed_request_body, schema)
-      end
-
-      private
-
-      attr_reader :operation
-
-      def validate_body!(parsed_request_body, schema)
-        request_body_schema = schema
-        return unless request_body_schema
-
-        validation = request_body_schema.validate(parsed_request_body)
-        Failure.fail!(:invalid_body, errors: validation.errors) if validation.error?
-      end
-    end
-  end
-end

data/lib/openapi_first/request_validation/validator.rb

@@ -1,82 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../failure'
-require_relative 'request_body_validator'
-
-module OpenapiFirst
-  module RequestValidation
-    # Validates a RuntimeRequest against an Operation.
-    class Validator
-      def initialize(operation)
-        @operation = operation
-      end
-
-      def validate(runtime_request)
-        catch Failure::FAILURE do
-          validate_defined(runtime_request)
-          validate_parameters!(runtime_request)
-          validate_request_body!(runtime_request)
-          nil
-        end
-      end
-
-      private
-
-      attr_reader :operation, :raw_path_params
-
-      def validate_defined(request)
-        return if request.known?
-        return Failure.fail!(:not_found) unless request.known_path?
-
-        Failure.fail!(:method_not_allowed) unless request.known_request_method?
-      end
-
-      def validate_parameters!(request)
-        validate_query_params!(request)
-        validate_path_params!(request)
-        validate_cookie_params!(request)
-        validate_header_params!(request)
-      end
-
-      def validate_path_params!(request)
-        schema = operation.path_parameters_schema
-        return unless schema
-
-        validation = schema.validate(request.path_parameters)
-        Failure.fail!(:invalid_path, errors: validation.errors) if validation.error?
-      end
-
-      def validate_query_params!(request)
-        schema = operation.query_parameters_schema
-        return unless schema
-
-        validation = schema.validate(request.query)
-        Failure.fail!(:invalid_query, errors: validation.errors) if validation.error?
-      end
-
-      def validate_cookie_params!(request)
-        schema = operation.cookie_parameters_schema
-        return unless schema
-
-        validation = schema.validate(request.cookies)
-        Failure.fail!(:invalid_cookie, errors: validation.errors) if validation.error?
-      end
-
-      def validate_header_params!(request)
-        schema = operation.header_parameters_schema
-        return unless schema
-
-        validation = schema.validate(request.headers)
-        Failure.fail!(:invalid_header, errors: validation.errors) if validation.error?
-      end
-
-      def validate_request_body!(request)
-        return unless operation.request_body
-
-        RequestBodyValidator.new(operation).validate!(request.body, request.content_type)
-      rescue ParseError => e
-        Failure.fail!(:invalid_body, message: e.message)
-      end
-    end
-  end
-end

data/lib/openapi_first/response_validation/validator.rb

@@ -1,98 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../failure'
-
-module OpenapiFirst
-  module ResponseValidation
-    # Validates a RuntimeResponse against an Operation.
-    class Validator
-      def initialize(operation)
-        @operation = operation
-      end
-
-      def validate(runtime_response)
-        return unless operation
-
-        catch Failure::FAILURE do
-          validate_defined(runtime_response)
-          response_definition = runtime_response.response_definition
-          validate_response_body(response_definition.content_schema, runtime_response)
-          validate_response_headers(response_definition.headers, runtime_response.headers)
-          nil
-        end
-      end
-
-      private
-
-      attr_reader :operation
-
-      def validate_defined(runtime_response)
-        return if runtime_response.known?
-
-        unless runtime_response.known_status?
-          message = "Response status '#{runtime_response.status}' not found for '#{runtime_response.name}'"
-          Failure.fail!(:response_not_found, message:)
-        end
-
-        content_type = runtime_response.content_type
-        if content_type.nil? || content_type.empty?
-          message = "Content-Type for '#{runtime_response.name}' must not be empty"
-          Failure.fail!(:invalid_response_header, message:)
-        end
-
-        message = "Content-Type '#{content_type}' is not defined for '#{runtime_response.name}'"
-        Failure.fail!(:invalid_response_header, message:)
-      end
-
-      def validate_response_body(schema, runtime_response)
-        return unless schema
-
-        begin
-          parsed_body = runtime_response.body
-        rescue ParseError => e
-          Failure.fail!(:invalid_response_body, message: e.message)
-        end
-
-        validation = schema.validate(parsed_body)
-        Failure.fail!(:invalid_response_body, errors: validation.errors) if validation.error?
-      end
-
-      def validate_response_headers(response_header_definitions, unpacked_headers)
-        return unless response_header_definitions
-
-        response_header_definitions.each do |name, definition|
-          next if name == 'Content-Type'
-
-          validate_response_header(name, definition, unpacked_headers, openapi_version: operation.openapi_version)
-        end
-      end
-
-      def validate_response_header(name, definition, unpacked_headers, openapi_version:)
-        unless unpacked_headers.key?(name)
-          if definition['required']
-            Failure.fail!(:invalid_response_header,
-                          message: "Required response header '#{name}' is missing")
-          end
-
-          return
-        end
-
-        return unless definition.key?('schema')
-
-        validation = Schema.new(definition['schema'], openapi_version:)
-        value = unpacked_headers[name]
-        validation_result = validation.validate(value)
-        return unless validation_result.error?
-
-        Failure.fail!(:invalid_response_header,
-                      errors: validation_result.errors)
-      end
-
-      def load_json(string)
-        MultiJson.load(string)
-      rescue MultiJson::ParseError
-        string
-      end
-    end
-  end
-end

data/lib/openapi_first/runtime_request.rb

@@ -1,166 +0,0 @@
-# frozen_string_literal: true
-
-require 'forwardable'
-require 'openapi_parameters'
-require_relative 'runtime_response'
-require_relative 'body_parser'
-require_relative 'request_validation/validator'
-
-module OpenapiFirst
-  # RuntimeRequest represents how an incoming request (Rack::Request) matches a request definition.
-  class RuntimeRequest
-    extend Forwardable
-
-    def initialize(request:, path_item:, operation:, path_params:)
-      @request = request
-      @path_item = path_item
-      @operation = operation
-      @original_path_params = path_params
-      @validated = false
-    end
-
-    def_delegators :@request, :content_type, :media_type, :path
-    def_delegators :@operation, :operation_id, :request_method
-    def_delegator :@path_item, :path, :path_definition
-
-    # Returns the path_item object.
-    # @return [PathItem, nil] The path_item object or nil if this request path is not known.
-    attr_reader :path_item
-
-    # Returns the operation object.
-    # @return [Operation, nil] The operation object or nil if this request method is not known.
-    attr_reader :operation
-
-    # Returns the error object if validation failed.
-    # @return [Failure, nil]
-    attr_accessor :error
-
-    # Checks if the request is valid.
-    # @return [Boolean] true if the request is valid, false otherwise.
-    def valid?
-      validate unless validated?
-      error.nil?
-    end
-
-    # Checks if the path and request method are known.
-    # @return [Boolean] true if the path and request method are known, false otherwise.
-    def known?
-      known_path? && known_request_method?
-    end
-
-    # Checks if the path is known.
-    # @return [Boolean] true if the path is known, false otherwise.
-    def known_path?
-      !!path_item
-    end
-
-    # Checks if the request method is known.
-    # @return [Boolean] true if the request method is known, false otherwise.
-    def known_request_method?
-      !!operation
-    end
-
-    # Returns the merged path and query parameters.
-    # @return [Hash] The merged path and query parameters.
-    def params
-      @params ||= query.merge(path_parameters)
-    end
-
-    # Returns the parsed path parameters of the request.
-    # @return [Hash]
-    def path_parameters
-      return {} unless operation.path_parameters
-
-      @path_parameters ||=
-        OpenapiParameters::Path.new(operation.path_parameters).unpack(@original_path_params) || {}
-    end
-
-    # Returns the parsed query parameters.
-    # This only includes parameters that are defined in the API description.
-    # @note This method is aliased as query_parameters.
-    # @return [Hash]
-    def query
-      return {} unless operation.query_parameters
-
-      @query ||=
-        OpenapiParameters::Query.new(operation.query_parameters).unpack(request.env[Rack::QUERY_STRING]) || {}
-    end
-
-    alias query_parameters query
-
-    # Returns the parsed header parameters.
-    # This only includes parameters that are defined in the API description.
-    # @return [Hash]
-    def headers
-      return {} unless operation.header_parameters
-
-      @headers ||= OpenapiParameters::Header.new(operation.header_parameters).unpack_env(request.env) || {}
-    end
-
-    # Returns the parsed cookie parameters.
-    # This only includes parameters that are defined in the API description.
-    # @return [Hash]
-    def cookies
-      return {} unless operation.cookie_parameters
-
-      @cookies ||=
-        OpenapiParameters::Cookie.new(operation.cookie_parameters).unpack(request.env[Rack::HTTP_COOKIE]) || {}
-    end
-
-    # Returns the parsed request body.
-    # This returns the whole request body with default values applied as defined in the API description.
-    # This does not remove any fields that are not defined in the API description.
-    # @return [Hash, Array, String, nil] The parsed body of the request.
-    def body
-      @body ||= BodyParser.new.parse(request, request.media_type)
-    end
-
-    alias parsed_body body
-
-    # Validates the request.
-    # @return [Failure, nil] The Failure object if validation failed.
-    # @deprecated Please use {Definition#validate_request} instead
-    def validate
-      warn '[DEPRECATION] `validate` is deprecated. Please use ' \
-           "`OpenapiFirst.load('openapi.yaml').validate_request(rack_request)` instead."
-      @error = RequestValidation::Validator.new(operation).validate(self)
-    end
-
-    # Validates the request and raises an error if validation fails.
-    def validate!
-      warn '[DEPRECATION] `validate!` is deprecated. Please use ' \
-           "`OpenapiFirst.load('openapi.yaml').validate_request(rack_request, raise_error: true)` instead."
-      error = validate
-      error&.raise!
-    end
-
-    # Validates the response.
-    # @param rack_response [Rack::Response] The rack response object.
-    # @param raise_error [Boolean] Whether to raise an error if validation fails.
-    # @return [RuntimeResponse] The validated response object.
-    def validate_response(rack_response, raise_error: false)
-      warn '[DEPRECATION] `validate_response!` is deprecated. Please use ' \
-           "`OpenapiFirst.load('openapi.yaml').validate_response(request, response, raise_error: false)` instead."
-      validated = response(rack_response).tap(&:validate)
-      validated.error&.raise! if raise_error
-      validated
-    end
-
-    # Creates a new RuntimeResponse object.
-    # @param rack_response [Rack::Response] The rack response object.
-    # @return [RuntimeResponse] The RuntimeResponse object.
-    def response(rack_response)
-      warn '[DEPRECATION] `response` is deprecated. Please use ' \
-           "`OpenapiFirst.load('openapi.yaml').validate_response(request, response, raise_error: false)` instead."
-      RuntimeResponse.new(operation, rack_response)
-    end
-
-    private
-
-    def validated?
-      defined?(@error)
-    end
-
-    attr_reader :request
-  end
-end

data/lib/openapi_first/runtime_response.rb

@@ -1,124 +0,0 @@
-# frozen_string_literal: true
-
-require 'forwardable'
-require_relative 'body_parser'
-require_relative 'response_validation/validator'
-
-module OpenapiFirst
-  # Represents a response returned by the Rack application and how it relates to the API description.
-  class RuntimeResponse
-    extend Forwardable
-
-    def initialize(operation, rack_response)
-      @operation = operation
-      @rack_response = rack_response
-    end
-
-    # @return [Failure, nil] Error object if validation failed.
-    attr_accessor :error
-
-    # @visibility private
-    attr_accessor :operation
-
-    # @attr_reader [Integer] status The HTTP status code of this response.
-    # @attr_reader [String] content_type The content_type of the Rack::Response.
-    def_delegators :@rack_response, :status, :content_type
-
-    # @return [String] name The name of the operation. Used for generating error messages.
-    def name
-      "#{@operation.name} response status: #{status}"
-    end
-
-    # Checks if the response is valid. Runs the validation unless it has been run before.
-    # @return [Boolean]
-    def valid?
-      validate unless validated?
-      @error.nil?
-    end
-
-    # Checks if the response is defined in the API description.
-    # @return [Boolean] Returns true if the response is known, false otherwise.
-    def known?
-      !!response_definition
-    end
-
-    # Checks if the response status is defined in the API description.
-    # @return [Boolean] Returns true if the response status is known, false otherwise.
-    def known_status?
-      @operation.response_status_defined?(status)
-    end
-
-    # Returns the description of the response definition if available.
-    # @return [String, nil] Returns the description of the response, or nil if not available.
-    def description
-      response_definition&.description
-    end
-
-    # Returns the parsed (JSON) body of the response.
-    # @return [Hash, String] Returns the body of the response.
-    def body
-      @body ||= content_type =~ /json/i ? load_json(original_body) : original_body
-    end
-
-    # Returns the headers of the response as defined in the API description.
-    # This only returns the headers that are defined in the API description.
-    # @return [Hash] Returns the headers of the response.
-    def headers
-      @headers ||= unpack_response_headers
-    end
-
-    # Validates the response.
-    # @return [Failure, nil] Returns the validation error, or nil if the response is valid.
-    # @deprecated Please use {Definition#validate_response} instead
-    def validate
-      warn '[DEPRECATION] `validate` is deprecated. ' \
-           "Please use `OpenapiFirst.load('openapi.yaml').validate_response(rack_request, rack_response)` instead."
-      @error = ResponseValidation::Validator.new(@operation).validate(self)
-    end
-
-    # Validates the response and raises an error if invalid.
-    # @raise [ResponseNotFoundError, ResponseInvalidError] Raises an error if the response is invalid.
-    def validate!
-      error = validate
-      error&.raise!
-    end
-
-    # Returns the response definition associated with the response.
-    # @return [Definition::Response, nil] Returns the response definition, or nil if not found.
-    def response_definition
-      @response_definition ||= @operation.response_for(status, content_type)
-    end
-
-    private
-
-    def validated?
-      defined?(@error)
-    end
-
-    # Usually the body responds to #each, but when using manual response validation without the middleware
-    # in Rails request specs the body is a String. So this code handles both cases.
-    def original_body
-      buffered_body = String.new
-      if @rack_response.body.respond_to?(:each)
-        @rack_response.body.each { |chunk| buffered_body.to_s << chunk }
-        return buffered_body
-      end
-      @rack_response.body
-    end
-
-    def load_json(string)
-      MultiJson.load(string)
-    rescue MultiJson::ParseError
-      raise ParseError, 'Failed to parse response body as JSON'
-    end
-
-    def unpack_response_headers
-      return {} if response_definition&.headers.nil?
-
-      headers_as_parameters = response_definition.headers.map do |name, definition|
-        definition.merge('name' => name, 'in' => 'header')
-      end
-      OpenapiParameters::Header.new(headers_as_parameters).unpack(@rack_response.headers)
-    end
-  end
-end