openapi_first 0.12.0.alpha2 → 0.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4d0848ff82fa49a93053ec107ca28c419c1be8b9122301a8819742685e8b7995
-  data.tar.gz: 11cf9a3c60b619cd55d7f3f552a2c367553aa69ed047ddd101eff1b460ee4c53
+  metadata.gz: '03752095ad50ff4a6142b3f716f00aba532191a12f700227eca0d2d3c9c7a6b1'
+  data.tar.gz: 7c0271d081181b18999ce75dc72ee9fa4677eb18fc0ee02ed1a40505da9aa072
 SHA512:
-  metadata.gz: 5cabc3434dd9c4801b3f6ec030ec4ad5ef6905762a2643ef59a99f78057e6b108f90bf24696d29cab776dfa61a571be4973af7f62af07f5672f64996fb77086d
-  data.tar.gz: b7391c86d982be35d680e56f904261b8cfbd846a8206c2f339adc703248ad2476121fb8534a9562a20e081a2e5d5a8696231937affb23a72fe917a546a7e34c2
+  metadata.gz: f7a2454ed16c69e7d0b32f610ed985640735bba36a1e28798319b501f3f1eb80bb14b8329c8794f0dd87e3d38db037210319e3e25f82b1b5e0110f63c24ea4d3
+  data.tar.gz: 479eedd62e341f834ed258504d2699a94cfa924301ae85a016d075c56df870041e3b0504829bbce456694e138f7598129c20684731257ff6be23d5dba4b9b2f8

data/CHANGELOG.md

@@ -1,6 +1,9 @@
 # Changelog
 
-## Unreleased
+## 0.12.0
+- Change `ResponseValidator` to raise an exception if it found a problem
+- Params have symbolized keys now
+- Remove `not_found` option from Router. Return 405 if HTTP verb is not allowed (via Hanami::Router)
 - Add `raise_error` option to OpenapiFirst.app (false by default)
 - Add ResponseValidation to OpenapiFirst.app if raise_error option is true
 - Rename `raise` option to `raise_error`

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    openapi_first (0.12.0.alpha2)
+    openapi_first (0.12.0)
       deep_merge (>= 1.2.1)
       hanami-router (~> 2.0.alpha3)
       hanami-utils (~> 2.0.alpha1)
@@ -21,7 +21,7 @@ GEM
       zeitwerk (~> 2.2, >= 2.2.2)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
-    ast (2.4.0)
+    ast (2.4.1)
     builder (3.2.4)
     coderay (1.1.3)
     concurrent-ruby (1.1.6)
@@ -77,7 +77,7 @@ GEM
       rack (>= 1.0, < 3)
     rainbow (3.0.0)
     rake (13.0.1)
-    regexp_parser (1.7.0)
+    regexp_parser (1.7.1)
     rexml (3.2.4)
     rspec (3.9.0)
       rspec-core (~> 3.9.0)
@@ -92,7 +92,7 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-support (3.9.3)
-    rubocop (0.85.0)
+    rubocop (0.85.1)
       parallel (~> 1.10)
       parser (>= 2.7.0.1)
       rainbow (>= 2.2.2, < 4.0)

data/README.md

@@ -36,7 +36,6 @@ Options and their defaults:
 | Name | Possible values | Description | Default
 |:---|---|---|---|
 |`spec:`| | The spec loaded via `OpenapiFirst.load` ||
-| `not_found:` |`nil`, `:continue`, `Proc`| Specifies what to do if the path was not found in the API description. `nil` (default) returns a 404 response. `:continue` does nothing an calls the next app. `Proc` (or something that responds to `call`) to customize the response. | `nil` (return 404)
 | `raise_error:` |`false`, `true` | If set to true the middleware raises `OpenapiFirst::NotFoundError` when a path or method was not found in the API description. This is useful during testing to spot an incomplete API description. | `false` (don't raise an exception)
 
 ## OpenapiFirst::RequestValidation
@@ -143,7 +142,7 @@ Instead of composing these middlewares yourself you can use `OpenapiFirst.app`.
 module Pets
   def self.find_pet(params, res)
     {
-      id: params['id'],
+      id: params[:id],
       name: 'Oscar'
     }
   end
@@ -190,7 +189,7 @@ OpenapiFirst uses [`multi_json`](https://rubygems.org/gems/multi_json).
 
 ## Manual response validation
 
-Response validation is useful to make sure your app responds as described in your API description. You usually do this in your tests using [rack-test](https://github.com/rack-test/rack-test).
+Instead of using the ResponseValidation middleware you can validate the response in your test manually via [rack-test](https://github.com/rack-test/rack-test) and ResponseValidator.
 
 ```ruby
 # In your test (rspec example):
@@ -198,7 +197,8 @@ require 'openapi_first'
 spec = OpenapiFirst.load('petstore.yaml')
 validator = OpenapiFirst::ResponseValidator.new(spec)
 
-expect(validator.validate(last_request, last_response).errors).to be_empty
+# This will raise an exception if it found an error
+validator.validate(last_request, last_response)
 ```
 
 ## Handling only certain paths

data/benchmarks/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: ..
   specs:
-    openapi_first (0.12.0.alpha2)
+    openapi_first (0.12.0)
       deep_merge (>= 1.2.1)
       hanami-router (~> 2.0.alpha3)
       hanami-utils (~> 2.0.alpha1)
@@ -72,7 +72,7 @@ GEM
       transproc (~> 1.0)
     hansi (0.2.0)
     hash-deep-merge (0.1.1)
-    i18n (1.8.2)
+    i18n (1.8.3)
       concurrent-ruby (~> 1.0)
     json_schema (0.20.8)
     json_schemer (0.2.11)

data/benchmarks/apps/openapi_first.ru

@@ -5,7 +5,7 @@ require 'openapi_first'
 
 namespace = Module.new do
   def self.find_thing(params, _res)
-    { hello: 'world', id: params.fetch('id') }
+    { hello: 'world', id: params.fetch(:id) }
   end
 
   def self.find_things(_params, _res)

data/examples/app.rb

@@ -13,7 +13,7 @@ module Web
 end
 
 oas_path = File.absolute_path('./openapi.yaml', __dir__)
-pp OpenapiFirst.env == 'test'
+
 App = OpenapiFirst.app(
   oas_path,
   namespace: Web,

data/lib/openapi_first.rb

@@ -55,9 +55,10 @@ module OpenapiFirst
   class Error < StandardError; end
   class NotFoundError < Error; end
   class NotImplementedError < RuntimeError; end
-  class ResponseCodeNotFoundError < Error; end
-  class ResponseMediaTypeNotFoundError < Error; end
-  class ResponseBodyInvalidError < Error; end
+  class ResponseInvalid < Error; end
+  class ResponseCodeNotFoundError < ResponseInvalid; end
+  class ResponseContentTypeNotFoundError < ResponseInvalid; end
+  class ResponseBodyInvalidError < ResponseInvalid; end
 
   class RequestInvalidError < Error
     def initialize(serialized_errors)

data/lib/openapi_first/operation.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'forwardable'
+require 'json_schemer'
 require_relative 'utils'
 require_relative 'response_object'
 
@@ -25,6 +26,10 @@ module OpenapiFirst
       @parameters_json_schema ||= build_parameters_json_schema
     end
 
+    def parameters_schema
+      @parameters_schema ||= parameters_json_schema && JSONSchemer.schema(parameters_json_schema)
+    end
+
     def content_type_for(status)
       content = response_for(status)['content']
       content.keys[0] if content
@@ -36,8 +41,8 @@ module OpenapiFirst
 
       media_type = content[content_type]
       unless media_type
-        message = "Response content type not found: '#{content_type}' for '#{name}'"
-        raise ResponseMediaTypeNotFoundError, message
+        message = "Response content type not found '#{content_type}' for '#{name}'"
+        raise ResponseContentTypeNotFoundError, message
       end
       media_type['schema']
     end

data/lib/openapi_first/request_validation.rb

@@ -50,32 +50,32 @@ module OpenapiFirst
 
       parsed_request_body = parse_request_body!(body)
       errors = validate_json_schema(schema, parsed_request_body)
-      halt(error_response(400, serialize_request_body_errors(errors))) if errors.any?
+      halt_with_error(400, serialize_request_body_errors(errors)) if errors.any?
       env[INBOX].merge! env[REQUEST_BODY] = parsed_request_body
     end
 
     def parse_request_body!(body)
-      MultiJson.load(body)
+      MultiJson.load(body, symbolize_keys: true)
     rescue MultiJson::ParseError => e
       err = { title: 'Failed to parse body as JSON' }
       err[:detail] = e.cause unless ENV['RACK_ENV'] == 'production'
-      halt(error_response(400, [err]))
+      halt_with_error(400, [err])
     end
 
     def validate_request_content_type!(content_type, operation)
       return if operation.request_body.content[content_type]
 
-      halt(error_response(415))
+      halt_with_error(415)
     end
 
     def validate_request_body_presence!(body, operation)
       return unless operation.request_body.required && body.empty?
 
-      halt(error_response(415, 'Request body is required'))
+      halt_with_error(415, 'Request body is required')
     end
 
     def validate_json_schema(schema, object)
-      JSONSchemer.schema(schema).validate(object)
+      schema.validate(Utils.deep_stringify(object))
     end
 
     def default_error(status, title = Rack::Utils::HTTP_STATUS_CODES[status])
@@ -85,10 +85,10 @@ module OpenapiFirst
       }
     end
 
-    def error_response(status, errors = [default_error(status)])
+    def halt_with_error(status, errors = [default_error(status)])
       raise RequestInvalidError, errors if @raise
 
-      Rack::Response.new(
+      halt Rack::Response.new(
         MultiJson.dump(errors: errors),
         status,
         Rack::CONTENT_TYPE => 'application/vnd.api+json'
@@ -98,7 +98,8 @@ module OpenapiFirst
     def request_body_schema(content_type, operation)
       return unless operation
 
-      operation.request_body.content[content_type]&.fetch('schema')
+      schema = operation.request_body.content[content_type]&.fetch('schema')
+      JSONSchemer.schema(schema) if schema
     end
 
     def serialize_request_body_errors(validation_errors)
@@ -116,8 +117,11 @@ module OpenapiFirst
       return unless json_schema
 
       params = filtered_params(json_schema, params)
-      errors = JSONSchemer.schema(json_schema).validate(params)
-      halt error_response(400, serialize_query_parameter_errors(errors)) if errors.any?
+      errors = validate_json_schema(
+        operation.parameters_schema,
+        params
+      )
+      halt_with_error(400, serialize_query_parameter_errors(errors)) if errors.any?
       env[PARAMETERS] = params
       env[INBOX].merge! params
     end
@@ -125,7 +129,8 @@ module OpenapiFirst
     def filtered_params(json_schema, params)
       json_schema['properties']
         .each_with_object({}) do |key_value, result|
-          parameter_name, schema = key_value
+          parameter_name = key_value[0].to_sym
+          schema = key_value[1]
           next unless params.key?(parameter_name)
 
           value = params[parameter_name]

data/lib/openapi_first/response_validation.rb

@@ -17,38 +17,28 @@ module OpenapiFirst
       operation = env[OPERATION]
       return @app.call(env) unless operation
 
-      status, headers, body = @app.call(env)
+      response = @app.call(env)
+      validate(response, operation)
+      response
+    end
+
+    def validate(response, operation)
+      status, headers, body = response.to_a
       content_type = headers[Rack::CONTENT_TYPE]
+      raise ResponseInvalid, "Response has no content-type for '#{operation.name}'" unless content_type
+
       response_schema = operation.response_schema_for(status, content_type)
       validate_response_body(response_schema, body) if response_schema
-
-      [status, headers, body]
     end
 
     private
 
-    def halt(status, body = '')
-      throw :halt, [status, {}, body]
-    end
-
-    def error(message)
-      { title: message }
-    end
-
-    def error_response(status, errors)
-      Rack::Response.new(
-        MultiJson.dump(errors: errors),
-        status,
-        Rack::CONTENT_TYPE => 'application/vnd.api+json'
-      ).finish
-    end
-
     def validate_response_body(schema, response)
       full_body = +''
       response.each { |chunk| full_body << chunk }
       data = full_body.empty? ? {} : load_json(full_body)
       errors = JSONSchemer.schema(schema).validate(data).to_a.map do |error|
-        format_error(error)
+        error_message_for(error)
       end
       raise ResponseBodyInvalidError, errors.join(', ') if errors.any?
     end
@@ -59,7 +49,7 @@ module OpenapiFirst
       string
     end
 
-    def format_error(error)
+    def error_message_for(error)
       err = ValidationFormat.error_details(error)
       [err[:title], error['data_pointer'], err[:detail]].compact.join(' ')
     end

data/lib/openapi_first/response_validator.rb

@@ -10,57 +10,13 @@ module OpenapiFirst
     def initialize(spec)
       @spec = spec
       @router = Router.new(->(_env) {}, spec: spec, raise_error: true)
+      @response_validation = ResponseValidation.new(->(response) { response.to_a })
     end
 
     def validate(request, response)
-      errors = validation_errors(request, response)
-      Validation.new(errors || [])
-    rescue OpenapiFirst::ResponseCodeNotFoundError, OpenapiFirst::NotFoundError => e
-      Validation.new([e.message])
-    end
-
-    def validate_operation(request, response)
-      errors = validation_errors(request, response)
-      Validation.new(errors || [])
-    rescue OpenapiFirst::ResponseCodeNotFoundError, OpenapiFirst::NotFoundError => e
-      Validation.new([e.message])
-    end
-
-    private
-
-    def validation_errors(request, response)
-      content = response_for(request, response)&.fetch('content', nil)
-      return unless content
-
-      content_type = content[response.content_type]
-      return ["Content type not found: '#{response.content_type}'"] unless content_type
-
-      response_schema = content_type['schema']
-      return unless response_schema
-
-      response_data = MultiJson.load(response.body)
-      validate_json_schema(response_schema, response_data)
-    end
-
-    def validate_json_schema(schema, data)
-      JSONSchemer.schema(schema).validate(data).to_a.map do |error|
-        format_error(error)
-      end
-    end
-
-    def format_error(error)
-      ValidationFormat.error_details(error)
-                      .merge!(
-                        data_pointer: error['data_pointer'],
-                        schema_pointer: error['schema_pointer']
-                      )
-    end
-
-    def response_for(request, response)
       env = request.env.dup
       @router.call(env)
-      operation = env[OPERATION]
-      operation&.response_for(response.status)
+      @response_validation.validate(response, env[OPERATION])
     end
   end
 end

data/lib/openapi_first/router.rb

@@ -6,58 +6,49 @@ require_relative 'utils'
 
 module OpenapiFirst
   class Router
-    NOT_FOUND = Rack::Response.new('', 404).finish.freeze
-    DEFAULT_NOT_FOUND_APP = ->(_env) { NOT_FOUND }
-
     def initialize(
       app,
       spec:,
       raise_error: false,
-      parent_app: nil,
-      not_found: nil
+      parent_app: nil
     )
       @app = app
       @parent_app = parent_app
       @raise = raise_error
-      @failure_app = find_failure_app(not_found)
-      if @failure_app.nil?
-        raise ArgumentError,
-              'not_found must be nil, :continue or must respond to call'
-      end
       @filepath = spec.filepath
       @router = build_router(spec.operations)
     end
 
     def call(env)
       env[OPERATION] = nil
-      route = find_route(env)
-      return route.call(env) if route.routable?
+      response = call_router(env)
+      status = response[0]
+      if UNKNOWN_ROUTE_STATUS.include?(status)
+        return @parent_app.call(env) if @parent_app # This should only happen if used via OpenapiFirst.middlware
 
-      if @raise
-        req = Rack::Request.new(env)
-        msg = "Could not find definition for #{req.request_method} '#{req.path}' in API description #{@filepath}"
-        raise NotFoundError, msg
+        raise_error(env) if @raise
       end
-      return @parent_app.call(env) if @parent_app
-
-      @failure_app.call(env)
+      response
     end
 
-    private
+    UNKNOWN_ROUTE_STATUS = [404, 405].freeze
+    ORIGINAL_PATH = 'openapi_first.path_info'
 
-    def find_failure_app(option)
-      return DEFAULT_NOT_FOUND_APP if option.nil?
-      return @app if option == :continue
+    private
 
-      option if option.respond_to?(:call)
+    def raise_error(env)
+      req = Rack::Request.new(env)
+      msg = "Could not find definition for #{req.request_method} '#{req.path}' in API description #{@filepath}"
+      raise NotFoundError, msg
     end
 
-    def find_route(env)
-      original_path_info = env[Rack::PATH_INFO]
+    def call_router(env)
+      # Changing and restoring PATH_INFO is needed, because Hanami::Router does not respect existing script_path
+      env[ORIGINAL_PATH] = env[Rack::PATH_INFO]
       env[Rack::PATH_INFO] = Rack::Request.new(env).path
-      @router.recognize(env)
+      @router.call(env)
     ensure
-      env[Rack::PATH_INFO] = original_path_info
+      env[Rack::PATH_INFO] = env.delete(ORIGINAL_PATH) if env[ORIGINAL_PATH]
     end
 
     def build_router(operations) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
@@ -73,7 +64,8 @@ module OpenapiFirst
           normalized_path,
           to: lambda do |env|
             env[OPERATION] = operation
-            env[PARAMETERS] = Utils.deep_stringify(env['router.params'])
+            env[PARAMETERS] = env['router.params']
+            env[Rack::PATH_INFO] = env.delete(ORIGINAL_PATH)
             @app.call(env)
           end
         )

data/lib/openapi_first/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module OpenapiFirst
-  VERSION = '0.12.0.alpha2'
+  VERSION = '0.12.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: openapi_first
 version: !ruby/object:Gem::Version
-  version: 0.12.0.alpha2
+  version: 0.12.0
 platform: ruby
 authors:
 - Andreas Haller
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-06-09 00:00:00.000000000 Z
+date: 2020-06-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: deep_merge
@@ -236,9 +236,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.1.2
 signing_key: