openapi_parser_firetail 1.0.0

data/lib/openapi_parser/errors.rb

@@ -0,0 +1,281 @@
+module OpenAPIParser
+  class OpenAPIError < StandardError
+    def initialize(reference)
+      @reference = reference
+    end
+  end
+
+  class MissingReferenceError < OpenAPIError
+    def message
+      "'#{@reference}' was referenced but could not be found"
+    end
+  end
+
+  class ValidateError < OpenAPIError
+    def initialize(data, type, reference)
+      super(reference)
+      @data = data
+      @type = type
+    end
+
+    def message
+      "#{@reference} expected #{@type}, but received #{@data.class}: #{@data.inspect}"
+    end
+
+    class << self
+      # create ValidateError for SchemaValidator return data
+      # @param [Object] value
+      # @param [OpenAPIParser::Schemas::Base] schema
+      def build_error_result(value, schema)
+        [nil, OpenAPIParser::ValidateError.new(value, schema.type, schema.object_reference)]
+      end
+    end
+  end
+
+  class NotNullError < OpenAPIError
+    def message
+      "#{@reference} does not allow null values"
+    end
+  end
+
+  class NotExistRequiredKey < OpenAPIError
+    def initialize(keys, reference)
+      super(reference)
+      @keys = keys
+    end
+
+    def message
+      "#{@reference} missing required parameters: #{@keys.join(", ")}"
+    end
+  end
+
+  class NotExistPropertyDefinition < OpenAPIError
+    def initialize(keys, reference)
+      super(reference)
+      @keys = keys
+    end
+
+    def message
+      "#{@reference} does not define properties: #{@keys.join(", ")}"
+    end
+  end
+
+  class NotExistDiscriminatorMappedSchema < OpenAPIError
+    def initialize(mapped_schema_reference, reference)
+      super(reference)
+      @mapped_schema_reference = mapped_schema_reference
+    end
+
+    def message
+      "discriminator mapped schema #{@mapped_schema_reference} does not exist in #{@reference}"
+    end
+  end
+
+  class NotExistDiscriminatorPropertyName < OpenAPIError
+    def initialize(key, value, reference)
+      super(reference)
+      @key   = key
+      @value = value
+    end
+
+    def message
+      "discriminator propertyName #{@key} does not exist in value #{@value.inspect} in #{@reference}"
+    end
+  end
+
+  class NotOneOf < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@value.inspect} isn't one of in #{@reference}"
+    end
+  end
+
+  class NotAnyOf < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@value.inspect} isn't any of in #{@reference}"
+    end
+  end
+
+  class NotEnumInclude < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@value.inspect} isn't part of the enum in #{@reference}"
+    end
+  end
+
+  class LessThanMinimum < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} #{@value.inspect} is less than minimum value"
+    end
+  end
+
+  class LessThanExclusiveMinimum < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} #{@value.inspect} cannot be less than or equal to exclusive minimum value"
+    end
+  end
+
+  class MoreThanMaximum < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} #{@value.inspect} is more than maximum value"
+    end
+  end
+
+  class MoreThanExclusiveMaximum < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} #{@value.inspect} cannot be more than or equal to exclusive maximum value"
+    end
+  end
+
+  class InvalidPattern < OpenAPIError
+    def initialize(value, pattern, reference, example)
+      super(reference)
+      @value = value
+      @pattern = pattern
+      @example = example
+    end
+
+    def message
+      "#{@reference} pattern #{@pattern} does not match value: #{@value.inspect}#{@example ? ", example: #{@example}" : ""}"
+    end
+  end
+
+  class InvalidEmailFormat < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} email address format does not match value: #{@value.inspect}"
+    end
+  end
+
+  class InvalidUUIDFormat < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} Value: #{@value.inspect} is not conformant with UUID format"
+    end
+  end
+
+  class InvalidDateFormat < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} Value: #{@value.inspect} is not conformant with date format"
+    end
+  end
+
+  class InvalidDateTimeFormat < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} Value: #{@value.inspect} is not conformant with date-time format"
+    end
+  end
+
+  class NotExistStatusCodeDefinition < OpenAPIError
+    def message
+      "#{@reference} status code definition does not exist"
+    end
+  end
+
+  class NotExistContentTypeDefinition < OpenAPIError
+    def message
+      "#{@reference} response definition does not exist"
+    end
+  end
+
+  class MoreThanMaxLength < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} #{@value.inspect} is longer than max length"
+    end
+  end
+
+  class LessThanMinLength < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} #{@value.inspect} is shorter than min length"
+    end
+  end
+
+  class MoreThanMaxItems < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} #{@value.inspect} contains more than max items"
+    end
+  end
+
+  class LessThanMinItems < OpenAPIError
+    def initialize(value, reference)
+      super(reference)
+      @value = value
+    end
+
+    def message
+      "#{@reference} #{@value.inspect} contains fewer than min items"
+    end
+  end
+
+  class ValidateSecurityError < OpenAPIError
+    def message
+      "access denied"
+    end
+  end
+end

data/lib/openapi_parser/parameter_validator.rb

@@ -0,0 +1,33 @@
+class OpenAPIParser::ParameterValidator
+  class << self
+    # @param [Hash{String => Parameter}] parameters_hash
+    # @param [Hash] params
+    # @param [String] object_reference
+    # @param [OpenAPIParser::SchemaValidator::Options] options
+    # @param [Boolean] is_header is header or not (ignore params key case)
+    def validate_parameter(parameters_hash, params, object_reference, options, is_header = false)
+      no_exist_required_key = []
+
+      params_key_converted = params.keys.map { |k| [convert_key(k, is_header), k] }.to_h
+      parameters_hash.each do |k, v|
+        key = params_key_converted[convert_key(k, is_header)]
+        if params.include?(key)
+          coerced = v.validate_params(params[key], options)
+          params[key] = coerced if options.coerce_value
+        elsif v.required
+          no_exist_required_key << k
+        end
+      end
+
+      raise OpenAPIParser::NotExistRequiredKey.new(no_exist_required_key, object_reference) unless no_exist_required_key.empty?
+
+      params
+    end
+
+    private
+
+    def convert_key(k, is_header)
+      is_header ? k&.downcase : k
+    end
+  end
+end

data/lib/openapi_parser/path_item_finder.rb

@@ -0,0 +1,161 @@
+class OpenAPIParser::PathItemFinder
+  # @param [OpenAPIParser::Schemas::Paths] paths
+  def initialize(paths)
+    @paths = paths
+  end
+
+  # find operation object and if not exist return nil
+  # @param [String, Symbol] http_method like (get, post .... allow symbol)
+  # @param [String] request_path
+  # @return [Result, nil]
+  def operation_object(http_method, request_path)
+    if (path_item_object = @paths.path[request_path])
+      if (op = path_item_object.operation(http_method))
+        return Result.new(path_item_object, op, request_path, {}) # find no path_params path
+      end
+    end
+
+    # check with path_params
+    parse_request_path(http_method, request_path)
+  end
+
+  class Result
+    attr_reader :path_item_object, :operation_object, :original_path, :path_params
+    # @!attribute [r] path_item_object
+    #   @return [OpenAPIParser::Schemas::PathItem]
+    # @!attribute [r] operation_object
+    #   @return [OpenAPIParser::Schemas::Operation]
+    # @!attribute [r] path_params
+    #   @return [Hash{String => String}]
+    # @!attribute [r] original_path
+    #   @return [String]
+
+    def initialize(path_item_object, operation_object, original_path, path_params)
+      @path_item_object = path_item_object
+      @operation_object = operation_object
+      @original_path = original_path
+      @path_params = path_params
+    end
+  end
+
+  def parse_path_parameters(schema_path, request_path)
+    parameters = path_parameters(schema_path)
+    return nil if parameters.empty?
+
+    # If there are regex special characters in the path, the regex will
+    # be too permissive, so escape the non-parameter parts.
+    components = []
+    unprocessed = schema_path.dup
+    parameters.each do |parameter|
+      parts = unprocessed.partition(parameter)
+      components << Regexp.escape(parts[0]) unless parts[0] == ''
+      components << "(?<#{param_name(parameter)}>.+)"
+      unprocessed = parts[2]
+    end
+    components << Regexp.escape(unprocessed) unless unprocessed == ''
+
+    regex = components.join('')
+    matches = request_path.match(regex)
+    return nil unless matches
+
+    # Match up the captured names with the captured values as a hash
+    matches.names.zip(matches.captures).to_h
+  end
+
+  private
+    def path_parameters(schema_path)
+      # OAS3 follows a RFC6570 subset for URL templates
+      # https://swagger.io/docs/specification/serialization/#uri-templates
+      # A URL template param can be preceded optionally by a "." or ";", and can be succeeded optionally by a "*";
+      # this regex returns a match of the full parameter name with all of these modifiers. Ex: {;id*}
+      parameters = schema_path.scan(/(\{[\.;]*[^\{\*\}]+\**\})/)
+      # The `String#scan` method returns an array of arrays; we want an array of strings
+      parameters.collect { |param| param[0] }
+    end
+
+    # check if there is a identical path in the schema (without any param)
+    def matches_directly?(request_path, http_method)
+      @paths.path[request_path]&.operation(http_method)
+    end
+
+    # used to filter paths with different depth or without given http method
+    def different_depth_or_method?(splitted_schema_path, splitted_request_path, path_item, http_method)
+      splitted_schema_path.size != splitted_request_path.size || !path_item.operation(http_method)
+    end
+
+    # check if the path item is a template
+    # EXAMPLE: path_template?('{id}') => true
+    def path_template?(schema_path_item)
+      schema_path_item.start_with?('{') && schema_path_item.end_with?('}')
+    end
+
+    # get the parameter name from the schema path item
+    # EXAMPLE: param_name('{id}') => 'id'
+    def param_name(schema_path_item)
+      schema_path_item[1..(schema_path_item.length - 2)]
+    end
+
+    # extract params by comparing the request path and the path from schema
+    # EXAMPLE:
+    # extract_params(['org', '1', 'user', '2', 'edit'], ['org', '{org_id}', 'user', '{user_id}'])
+    # => { 'org_id' => 1, 'user_id' => 2 }
+    # return nil if the schema does not match
+    def extract_params(splitted_request_path, splitted_schema_path)
+      splitted_request_path.zip(splitted_schema_path).reduce({}) do |result, zip_item|
+        request_path_item, schema_path_item = zip_item
+
+        params = parse_path_parameters(schema_path_item, request_path_item)
+        if params
+          result.merge!(params)
+        else
+          return if schema_path_item != request_path_item
+        end
+
+        result
+      end
+    end
+
+    # find all matching paths with parameters extracted
+    # EXAMPLE:
+    # [
+    #    ['/user/{id}/edit', { 'id' => 1 }],
+    #    ['/user/{id}/{action}', { 'id' => 1, 'action' => 'edit' }],
+    #  ]
+    def matching_paths_with_params(request_path, http_method)
+      splitted_request_path = request_path.split('/')
+
+      @paths.path.reduce([]) do |result, item|
+        path, path_item = item
+        splitted_schema_path = path.split('/')
+
+        next result if different_depth_or_method?(splitted_schema_path, splitted_request_path, path_item, http_method)
+
+        extracted_params = extract_params(splitted_request_path, splitted_schema_path)
+        result << [path, extracted_params] if extracted_params
+        result
+      end
+    end
+
+    # find matching path and extract params
+    # EXAMPLE: find_path_and_params('get', '/user/1') => ['/user/{id}', { 'id' => 1 }]
+    def find_path_and_params(http_method, request_path)
+      return [request_path, {}] if matches_directly?(request_path, http_method)
+
+      matching = matching_paths_with_params(request_path, http_method)
+
+      # if there are many matching paths, return the one with the smallest number of params
+      # (prefer /user/{id}/action over /user/{param_1}/{param_2} )
+      matching.min_by { |match| match[1].size }
+    end
+
+    def parse_request_path(http_method, request_path)
+      original_path, path_params = find_path_and_params(http_method, request_path)
+      return nil unless original_path # # can't find
+
+      path_item_object = @paths.path[original_path]
+      obj = path_item_object.operation(http_method.to_s)
+      return nil unless obj
+
+      Result.new(path_item_object, obj, original_path, path_params)
+    end
+end

data/lib/openapi_parser/reference_expander.rb

@@ -0,0 +1,9 @@
+class OpenAPIParser::ReferenceExpander
+  class << self
+    # @param [OpenAPIParser::Schemas::OpenAPI] openapi
+    def expand(openapi, validate_references)
+      openapi.expand_reference(openapi, validate_references)
+      openapi.purge_object_cache
+    end
+  end
+end

data/lib/openapi_parser/request_operation.rb

@@ -0,0 +1,90 @@
+# binding request data and operation object
+
+class OpenAPIParser::RequestOperation
+  class << self
+    # @param [OpenAPIParser::Config] config
+    # @param [OpenAPIParser::PathItemFinder] path_item_finder
+    # @return [OpenAPIParser::RequestOperation, nil]
+    def create(http_method, request_path, path_item_finder, config, security_schemes = {})
+      result = path_item_finder.operation_object(http_method, request_path)
+      return nil unless result
+
+      self.new(http_method, result, config, security_schemes)
+    end
+  end
+
+  # @!attribute [r] operation_object
+  #   @return [OpenAPIParser::Schemas::Operation]
+  # @!attribute [r] path_params
+  #   @return [Hash{String => String}]
+  # @!attribute [r] config
+  #   @return [OpenAPIParser::Config]
+  # @!attribute [r] http_method
+  #   @return [String]
+  # @!attribute [r] original_path
+  #   @return [String]
+  # @!attribute [r] path_item
+  #   @return [OpenAPIParser::Schemas::PathItem]
+  attr_reader :operation_object, :path_params, :config, :http_method, :original_path, :path_item, :security_schemes
+
+  # @param [String] http_method
+  # @param [OpenAPIParser::PathItemFinder::Result] result
+  # @param [OpenAPIParser::Config] config
+  def initialize(http_method, result, config, security_schemes)
+    @http_method = http_method.to_s
+    @original_path = result.original_path
+    @operation_object = result.operation_object
+    @path_params = result.path_params || {}
+    @path_item = result.path_item_object
+    @config = config
+    @security_schemes = security_schemes
+  end
+
+  def validate_security(security_schemes, headers)
+    operation_object.validate_security_schemes(security_schemes, headers)
+  end
+
+  def validate_path_params(options = nil)
+    options ||= config.path_params_options
+    operation_object&.validate_path_params(path_params, options)
+  end
+
+  # @param [String] content_type
+  # @param [Hash] params
+  # @param [OpenAPIParser::SchemaValidator::Options] options
+  def validate_request_body(content_type, params, options = nil)
+    options ||= config.request_body_options
+    operation_object&.validate_request_body(content_type, params, options)
+  end
+
+  # @param [OpenAPIParser::RequestOperation::ValidatableResponseBody] response_body
+  # @param [OpenAPIParser::SchemaValidator::ResponseValidateOptions] response_validate_options
+  def validate_response_body(response_body, response_validate_options = nil)
+    response_validate_options ||= config.response_validate_options
+
+    operation_object&.validate_response(response_body, response_validate_options)
+  end
+
+  # @param [Hash] params parameter hash
+  # @param [Hash] headers headers hash
+  # @param [OpenAPIParser::SchemaValidator::Options] options request validator options
+  def validate_request_parameter(params, headers, options = nil)
+    options ||= config.request_validator_options
+    validate_security(security_schemes, headers)
+    operation_object&.validate_request_parameter(params, headers, options)
+  end
+
+  class ValidatableResponseBody
+    attr_reader :status_code, :response_data, :headers
+
+    def initialize(status_code, response_data, headers)
+      @status_code = status_code
+      @response_data = response_data
+      @headers = headers
+    end
+
+    def content_type
+      headers['Content-Type'].to_s.split(';').first.to_s
+    end
+  end
+end

data/lib/openapi_parser/schema_validator/all_of_validator.rb

@@ -0,0 +1,40 @@
+# validate AllOf schema
+class OpenAPIParser::SchemaValidator
+  class AllOfValidator < Base
+    # coerce and validate value
+    # @param [Object] value
+    # @param [OpenAPIParser::Schemas::Schema] schema
+    def coerce_and_validate(value, schema, **keyword_args)
+      # if any schema return error, it's not valida all of value
+      remaining_keys               = value.kind_of?(Hash) ? value.keys : []
+      nested_additional_properties = false
+      schema.all_of.each do |s|
+        # We need to store the reference to all of, so we can perform strict check on allowed properties
+        _coerced, err = validatable.validate_schema(
+          value,
+          s,
+          :parent_all_of => true,
+          parent_discriminator_schemas: keyword_args[:parent_discriminator_schemas]
+        )
+
+        if s.type == "object"
+          remaining_keys               -= (s.properties || {}).keys
+          nested_additional_properties = true if s.additional_properties
+        else
+          # If this is not allOf having array of objects inside, but e.g. having another anyOf/oneOf nested
+          remaining_keys.clear
+        end
+
+        return [nil, err] if err
+      end
+
+      # If there are nested additionalProperites, we allow not defined extra properties and lean on the specific
+      # additionalProperties validation
+      if !nested_additional_properties && !remaining_keys.empty?
+        return [nil, OpenAPIParser::NotExistPropertyDefinition.new(remaining_keys, schema.object_reference)]
+      end
+
+      [value, nil]
+    end
+  end
+end

data/lib/openapi_parser/schema_validator/any_of_validator.rb

@@ -0,0 +1,18 @@
+class OpenAPIParser::SchemaValidator
+  class AnyOfValidator < Base
+    # @param [Object] value
+    # @param [OpenAPIParser::Schemas::Schema] schema
+    def coerce_and_validate(value, schema, **_keyword_args)
+      if schema.discriminator
+        return validate_discriminator_schema(schema.discriminator, value)
+      end
+
+      # in all schema return error (=true) not any of data
+      schema.any_of.each do |s|
+        coerced, err = validatable.validate_schema(value, s)
+        return [coerced, nil] if err.nil?
+      end
+      [nil, OpenAPIParser::NotAnyOf.new(value, schema.object_reference)]
+    end
+  end
+end

data/lib/openapi_parser/schema_validator/array_validator.rb

@@ -0,0 +1,32 @@
+class OpenAPIParser::SchemaValidator
+  class ArrayValidator < Base
+    # @param [Array] value
+    # @param [OpenAPIParser::Schemas::Schema] schema
+    def coerce_and_validate(value, schema, **_keyword_args)
+      return OpenAPIParser::ValidateError.build_error_result(value, schema) unless value.kind_of?(Array)
+
+      value, err = validate_max_min_items(value, schema)
+      return [nil, err] if err
+
+      # array type have an schema in items property
+      items_schema = schema.items
+      coerced_values = value.map do |v|
+        coerced, err = validatable.validate_schema(v, items_schema)
+        return [nil, err] if err
+
+        coerced
+      end
+
+      value.each_index { |idx| value[idx] = coerced_values[idx] } if @coerce_value
+
+      [value, nil]
+    end
+
+    def validate_max_min_items(value, schema)
+      return [nil, OpenAPIParser::MoreThanMaxItems.new(value, schema.object_reference)] if schema.maxItems && value.length > schema.maxItems
+      return [nil, OpenAPIParser::LessThanMinItems.new(value, schema.object_reference)] if schema.minItems && value.length < schema.minItems
+
+      [value, nil]
+    end
+  end
+end