openapi_parser_firetail 1.0.0

data/lib/openapi_parser/schemas/discriminator.rb

@@ -0,0 +1,11 @@
+module OpenAPIParser::Schemas
+  class Discriminator < Base
+    # @!attribute [r] property_name
+    #   @return [String, nil]
+    openapi_attr_value :property_name, schema_key: :propertyName
+
+    # @!attribute [r] mapping
+    #   @return [Hash{String => String]
+    openapi_attr_value :mapping
+  end
+end

data/lib/openapi_parser/schemas/header.rb

@@ -0,0 +1,18 @@
+module OpenAPIParser::Schemas
+  class Header < Base
+    openapi_attr_values :description, :required, :deprecated, :style, :explode, :example
+
+    openapi_attr_value :allow_empty_value, schema_key: :allowEmptyValue
+    openapi_attr_value :allow_reserved, schema_key: :allowReserved
+
+    # @!attribute [r] schema
+    #   @return [Schema, Reference, nil]
+    openapi_attr_object :schema, Schema, reference: true
+
+    # validate by schema
+    # @param [Object] value
+    def validate(value)
+      OpenAPIParser::SchemaValidator.validate(value, schema, OpenAPIParser::SchemaValidator::Options.new)
+    end
+  end
+end

data/lib/openapi_parser/schemas/info.rb

@@ -0,0 +1,6 @@
+module OpenAPIParser::Schemas
+  class Info < Base
+
+    openapi_attr_values :title, :version
+  end
+end

data/lib/openapi_parser/schemas/media_type.rb

@@ -0,0 +1,18 @@
+# TODO: example
+# TODO: examples
+# TODO: encoding
+
+module OpenAPIParser::Schemas
+  class MediaType < Base
+    # @!attribute [r] schema
+    #   @return [Schema, nil] OpenAPI3 Schema object
+    openapi_attr_object :schema, Schema, reference: true
+
+    # validate params by schema definitions
+    # @param [Hash] params
+    # @param [OpenAPIParser::SchemaValidator::Options] options
+    def validate_parameter(params, options)
+      OpenAPIParser::SchemaValidator.validate(params, schema, options)
+    end
+  end
+end

data/lib/openapi_parser/schemas/openapi.rb

@@ -0,0 +1,63 @@
+# TODO: info object
+# TODO: servers object
+# TODO: tags object
+# TODO: externalDocs object
+
+module OpenAPIParser::Schemas
+  class OpenAPI < Base
+    def initialize(raw_schema, config, uri: nil, schema_registry: {})
+      super('#', nil, self, raw_schema)
+      @find_object_cache = {}
+      @path_item_finder = OpenAPIParser::PathItemFinder.new(paths) if paths # invalid definition
+      @config = config
+      @uri = uri
+      @schema_registry = schema_registry
+
+      # schema_registery is shared among schemas, and prevents a schema from being loaded multiple times
+      schema_registry[uri] = self if uri
+    end
+
+    # @!attribute [r] openapi
+    #   @return [String, nil]
+    openapi_attr_values :openapi
+
+    # @!attribute [r] paths
+    #   @return [Paths, nil]
+    openapi_attr_object :paths, Paths, reference: false
+
+    # @!attribute [r] components
+    #   @return [Components, nil]
+    openapi_attr_object :components, Components, reference: false
+
+    # @!attribute [r] info
+    #   @return [Info, nil]
+    openapi_attr_object :info, Info, reference: false
+
+    # @return [OpenAPIParser::RequestOperation, nil]
+    def request_operation(http_method, request_path)
+      OpenAPIParser::RequestOperation.create(http_method, request_path, @path_item_finder, @config, components&.security_schemes)
+    end
+
+    # load another schema with shared config and schema_registry
+    # @return [OpenAPIParser::Schemas::OpenAPI]
+    def load_another_schema(uri)
+      resolved_uri = resolve_uri(uri)
+      return if resolved_uri.nil?
+
+      loaded = @schema_registry[resolved_uri]
+      return loaded if loaded
+
+      OpenAPIParser.load_uri(resolved_uri, config: @config, schema_registry: @schema_registry)
+    end
+
+    private
+
+      def resolve_uri(uri)
+        if uri.absolute?
+          uri
+        else
+          @uri&.merge(uri)
+        end
+      end
+  end
+end

data/lib/openapi_parser/schemas/operation.rb

@@ -0,0 +1,50 @@
+# TODO: externalDocs
+# TODO: callbacks
+# TODO: security
+# TODO: servers
+
+module OpenAPIParser::Schemas
+  class Operation < Base
+    include OpenAPIParser::ParameterValidatable
+
+    openapi_attr_values :tags, :summary, :description, :deprecated, :security
+
+    openapi_attr_value :operation_id, schema_key: :operationId
+    
+    openapi_attr_list_object :parameters, Parameter, reference: true
+
+    # @!attribute [r] request_body
+    #   @return [OpenAPIParser::Schemas::RequestBody, nil] return OpenAPI3 object
+    openapi_attr_object :request_body, RequestBody, reference: true, schema_key: :requestBody
+
+    # @!attribute [r] responses
+    #   @return [OpenAPIParser::Schemas::Responses, nil] return OpenAPI3 object
+    openapi_attr_object :responses, Responses, reference: false
+
+    def validate_request_body(content_type, params, options)
+      request_body&.validate_request_body(content_type, params, options)
+    end
+
+    # @param [OpenAPIParser::RequestOperation::ValidatableResponseBody] response_body
+    # @param [OpenAPIParser::SchemaValidator::ResponseValidateOptions] response_validate_options
+    def validate_response(response_body, response_validate_options)
+      responses&.validate(response_body, response_validate_options)
+    end
+
+    def validate_security_schemes(securitySchemes, headers)
+      securitySchemes&.each do |securityScheme|
+        # check if the endpoint has security in schema
+       if security
+          # if security exists, check what securitySchemas used for enforcing
+          security.each do |s|
+            # securityScheme[0] is the securitySchema name
+            if s == securityScheme[0] 
+              # securitySchema[1] is the values like "type", "scheme" and bearerFormat
+              securityScheme[1].validate_security_schemes(securityScheme[1], headers)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/openapi_parser/schemas/parameter.rb

@@ -0,0 +1,20 @@
+# TODO: support examples
+
+module OpenAPIParser::Schemas
+  class Parameter < Base
+    openapi_attr_values :name, :in, :description, :required, :deprecated, :style, :explode, :example
+
+    openapi_attr_value :allow_empty_value, schema_key: :allowEmptyValue
+    openapi_attr_value :allow_reserved, schema_key: :allowReserved
+
+    # @!attribute [r] schema
+    #   @return [Schema, Reference, nil]
+    openapi_attr_object :schema, Schema, reference: true
+
+    # @return [Object] coerced or original params
+    # @param [OpenAPIParser::SchemaValidator::Options] options
+    def validate_params(params, options)
+      ::OpenAPIParser::SchemaValidator.validate(params, schema, options)
+    end
+  end
+end

data/lib/openapi_parser/schemas/path_item.rb

@@ -0,0 +1,22 @@
+# TODO: support servers
+# TODO: support reference
+
+module OpenAPIParser::Schemas
+  class PathItem < Base
+    openapi_attr_values :summary, :description
+
+    openapi_attr_objects :get, :put, :post, :delete, :options, :head, :patch, :trace, Operation
+    openapi_attr_list_object :parameters, Parameter, reference: true
+
+    # @return [Operation]
+    def operation(method)
+      public_send(method)
+    rescue NoMethodError
+      nil
+    end
+
+    def set_path_item_to_operation
+      [:get, :put, :post, :delete, :options, :head, :patch, :trace].each{ |method| operation(method)&.set_parent_path_item(self)}
+    end
+  end
+end

data/lib/openapi_parser/schemas/paths.rb

@@ -0,0 +1,7 @@
+module OpenAPIParser::Schemas
+  class Paths < Base
+    # @!attribute [r] path
+    #   @return [Hash{String => PathItem, Reference}, nil]
+    openapi_attr_hash_body_objects 'path', PathItem, reference: true, allow_data_type: false
+  end
+end

data/lib/openapi_parser/schemas/reference.rb

@@ -0,0 +1,7 @@
+module OpenAPIParser::Schemas
+  class Reference < Base
+    # @!attribute [r] ref
+    #   @return [Base]
+    openapi_attr_value :ref, schema_key: '$ref'
+  end
+end

data/lib/openapi_parser/schemas/request_body.rb

@@ -0,0 +1,34 @@
+# TODO: support extended property
+
+module OpenAPIParser::Schemas
+  class RequestBody < Base
+    include OpenAPIParser::MediaTypeSelectable
+
+    # @!attribute [r] description
+    #   @return [String] description data
+    # @!attribute [r] required
+    #   @return [Boolean] required bool data
+    openapi_attr_values :description, :required
+
+    # @!attribute [r] content
+    #   @return [Hash{String => MediaType}, nil] content type to MediaType object
+    openapi_attr_hash_object :content, MediaType, reference: false
+
+    # @param [String] content_type
+    # @param [Hash] params
+    # @param [OpenAPIParser::SchemaValidator::Options] options
+    def validate_request_body(content_type, params, options)
+      media_type = select_media_type(content_type)
+      return params unless media_type
+
+      media_type.validate_parameter(params, options)
+    end
+
+    # select media type by content_type (consider wild card definition)
+    # @param [String] content_type
+    # @return [OpenAPIParser::Schemas::MediaType, nil]
+    def select_media_type(content_type)
+      select_media_type_from_content(content_type, content)
+    end
+  end
+end

data/lib/openapi_parser/schemas/response.rb

@@ -0,0 +1,54 @@
+# TODO: links
+
+module OpenAPIParser::Schemas
+  class Response < Base
+    include OpenAPIParser::MediaTypeSelectable
+
+    openapi_attr_values :description
+
+    # @!attribute [r] content
+    #   @return [Hash{String => MediaType}, nil] content_type to MediaType hash
+    openapi_attr_hash_object :content, MediaType, reference: false
+
+    # @!attribute [r] headers
+    #   @return [Hash{String => Header}, nil] header string to Header
+    openapi_attr_hash_object :headers, Header, reference: true
+
+    # @param [OpenAPIParser::RequestOperation::ValidatableResponseBody] response_body
+    # @param [OpenAPIParser::SchemaValidator::ResponseValidateOptions] response_validate_options
+    def validate(response_body, response_validate_options)
+      validate_header(response_body.headers) if response_validate_options.validate_header
+
+      media_type = select_media_type(response_body.content_type)
+      unless media_type
+        raise ::OpenAPIParser::NotExistContentTypeDefinition, object_reference if response_validate_options.strict
+
+        return nil
+      end
+
+      options = ::OpenAPIParser::SchemaValidator::Options.new # response validator not support any options
+      media_type.validate_parameter(response_body.response_data, options)
+    end
+
+    # select media type by content_type (consider wild card definition)
+    # @param [String] content_type
+    # @return [OpenAPIParser::Schemas::MediaType, nil]
+    def select_media_type(content_type)
+      select_media_type_from_content(content_type, content)
+    end
+
+    private
+
+      # @param [Hash] response_headers
+      def validate_header(response_headers)
+        return unless headers
+
+        headers.each do |name, schema|
+          next unless response_headers.key?(name)
+
+          value = response_headers[name]
+          schema.validate(value)
+        end
+      end
+  end
+end

data/lib/openapi_parser/schemas/responses.rb

@@ -0,0 +1,56 @@
+# TODO: support extended property
+
+module OpenAPIParser::Schemas
+  class Responses < Base
+    # @!attribute [r] default
+    #   @return [Response, Reference, nil] default response object
+    openapi_attr_object :default, Response, reference: true
+
+    # @!attribute [r] response
+    #   @return [Hash{String => Response, Reference}, nil] response object indexed by status code. see: https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#patterned-fields-1
+    openapi_attr_hash_body_objects 'response', Response, reject_keys: [:default], reference: true, allow_data_type: false
+
+    # validate params data by definition
+    # find response object by status_code and content_type
+    # https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#patterned-fields-1
+    # @param [OpenAPIParser::RequestOperation::ValidatableResponseBody] response_body
+    # @param [OpenAPIParser::SchemaValidator::ResponseValidateOptions] response_validate_options
+    def validate(response_body, response_validate_options)
+      return nil unless response
+
+      if (res = find_response_object(response_body.status_code))
+
+        return res.validate(response_body, response_validate_options)
+      end
+
+      raise ::OpenAPIParser::NotExistStatusCodeDefinition, object_reference if response_validate_options.strict
+
+      nil
+    end
+
+    private
+
+      # @param [Integer] status_code
+      # @return [Response]
+      def find_response_object(status_code)
+        if (res = response[status_code.to_s])
+          return res
+        end
+
+        wild_card = status_code_to_wild_card(status_code)
+        if (res = response[wild_card])
+          return res
+        end
+
+        default
+      end
+
+      # parse 400 -> 4xx
+      # OpenAPI3 allow 1xx, 2xx, 3xx... only, don't allow 41x
+      # @param [Integer] status_code
+      def status_code_to_wild_card(status_code)
+        top = status_code / 100
+        "#{top}XX"
+      end
+  end
+end

data/lib/openapi_parser/schemas/schema.rb

@@ -0,0 +1,117 @@
+# TODO: support 'not' because I need check reference...
+# TODO: support 'xml', 'externalDocs'
+# TODO: support extended property
+
+module OpenAPIParser::Schemas
+  class Schema < Base
+    # @!attribute [r] title
+    #   @return [String, nil]
+    # @!attribute [r] pattern
+    #   @return [String, nil] regexp
+    # @!attribute [r] pattern
+    #   @return [String, nil] regexp
+    # @!attribute [r] description
+    #   @return [String, nil]
+    # @!attribute [r] format
+    #   @return [String, nil]
+    # @!attribute [r] type
+    #   @return [String, nil] multiple types doesn't supported in OpenAPI3
+
+    # @!attribute [r] maximum
+    #   @return [Float, nil]
+    # @!attribute [r] multipleOf
+    #   @return [Float, nil]
+
+    # @!attribute [r] maxLength
+    #   @return [Integer, nil]
+    # @!attribute [r] minLength
+    #   @return [Integer, nil]
+    # @!attribute [r] maxItems
+    #   @return [Integer, nil]
+    # @!attribute [r] minItems
+    #   @return [Integer, nil]
+    # @!attribute [r] maxProperties
+    #   @return [Integer, nil]
+    # @!attribute [r] minProperties
+    #   @return [Integer, nil]
+
+    # @!attribute [r] exclusiveMaximum
+    #   @return [Boolean, nil]
+    # @!attribute [r] exclusiveMinimum
+    #   @return [Boolean, nil]
+    # @!attribute [r] uniqueItems
+    #   @return [Boolean, nil]
+    # @!attribute [r] nullable
+    #   @return [Boolean, nil]
+    # @!attribute [r] deprecated
+    #   @return [Boolean, nil]
+
+    # @!attribute [r] required
+    #   @return [Array<String>, nil] at least one item included
+
+    # @!attribute [r] enum
+    #   @return [Array, nil] any type array
+
+    # @!attribute [r] default
+    #   @return [Object, nil]
+
+    # @!attribute [r] example
+    #   @return [Object, nil]
+
+    openapi_attr_values :title, :multipleOf,
+                        :maximum, :exclusiveMaximum, :minimum, :exclusiveMinimum,
+                        :maxLength, :minLength,
+                        :pattern,
+                        :maxItems, :minItems, :uniqueItems,
+                        :maxProperties, :minProperties,
+                        :required, :enum,
+                        :description,
+                        :format,
+                        :default,
+                        :type,
+                        :nullable,
+                        :example,
+                        :deprecated
+
+    # @!attribute [r] read_only
+    #   @return [Boolean, nil]
+    openapi_attr_value :read_only, schema_key: :readOnly
+
+    # @!attribute [r] write_only
+    #   @return [Boolean, nil]
+    openapi_attr_value :write_only, schema_key: :writeOnly
+
+    # @!attribute [r] all_of
+    #   @return [Array<Schema, Reference>, nil]
+    openapi_attr_list_object :all_of, Schema, reference: true, schema_key: :allOf
+
+    # @!attribute [r] one_of
+    #   @return [Array<Schema, Reference>, nil]
+    openapi_attr_list_object :one_of, Schema, reference: true, schema_key: :oneOf
+
+    # @!attribute [r] any_of
+    #   @return [Array<Schema, Reference>, nil]
+    openapi_attr_list_object :any_of, Schema, reference: true, schema_key: :anyOf
+
+    # @!attribute [r] items
+    #   @return [Schema, nil]
+    openapi_attr_object :items, Schema, reference: true
+
+    # @!attribute [r] properties
+    #   @return [Hash{String => Schema}, nil]
+    openapi_attr_hash_object :properties, Schema, reference: true
+
+    # @!attribute [r] discriminator
+    #   @return [Discriminator, nil]
+    openapi_attr_object :discriminator, Discriminator
+
+    # @!attribute [r] additional_properties
+    #   @return [Boolean, Schema, Reference, nil]
+    openapi_attr_object :additional_properties, Schema, reference: true, allow_data_type: true, schema_key: :additionalProperties
+    # additional_properties have default value
+    # we should add default value feature in openapi_attr_object method, but we need temporary fix so override attr_reader
+    def additional_properties
+      @additional_properties.nil? ? true : @additional_properties
+    end
+  end
+end

data/lib/openapi_parser/schemas/security.rb

@@ -0,0 +1,7 @@
+module OpenAPIParser::Schemas
+  class Security < Base
+
+    def validate_security_requirements(securityScheme, headers)
+    end
+  end
+end

data/lib/openapi_parser/schemas/security_schemes.rb

@@ -0,0 +1,20 @@
+require 'jwt'
+module OpenAPIParser::Schemas
+  class SecuritySchemes < Base
+
+    openapi_attr_values :type, :description, :scheme
+    openapi_attr_value :bearer_format, schema_key: :bearerFormat
+
+    def validate_security_schemes(securityScheme, headers)
+      if self.type == "http" && self.scheme == "bearer" && self.bearer_format == "JWT"
+        raise "need authorization" unless headers["AUTHORIZATION"]
+        raise "not bearer" unless headers["AUTHORIZATION"].split[0] == "Bearer"
+
+        # check if the JWT token is being sent and try to decode.
+        # if JWT token does not exist or token cannot decode, then deny access
+        token = headers["AUTHORIZATION"].split[1]
+        JWT.decode token, nil, false
+      end
+    end
+  end
+end

data/lib/openapi_parser/schemas.rb

@@ -0,0 +1,20 @@
+require_relative 'schemas/classes'
+
+require_relative 'schemas/base'
+require_relative 'schemas/discriminator'
+require_relative 'schemas/openapi'
+require_relative 'schemas/paths'
+require_relative 'schemas/path_item'
+require_relative 'schemas/operation'
+require_relative 'schemas/parameter'
+require_relative 'schemas/reference'
+require_relative 'schemas/request_body'
+require_relative 'schemas/response'
+require_relative 'schemas/responses'
+require_relative 'schemas/components'
+require_relative 'schemas/media_type'
+require_relative 'schemas/schema'
+require_relative 'schemas/header'
+require_relative 'schemas/security_schemes'
+require_relative 'schemas/info'
+require_relative 'schemas/security'

data/lib/openapi_parser/version.rb

@@ -0,0 +1,3 @@
+module OpenAPIParser
+  VERSION = '1.0.0'.freeze
+end

data/lib/openapi_parser.rb

@@ -0,0 +1,108 @@
+require 'uri'
+require 'time'
+require 'json'
+require 'psych'
+require 'pathname'
+require 'open-uri'
+
+require 'openapi_parser/version'
+require 'openapi_parser/config'
+require 'openapi_parser/errors'
+require 'openapi_parser/concern'
+require 'openapi_parser/schemas'
+require 'openapi_parser/path_item_finder'
+require 'openapi_parser/request_operation'
+require 'openapi_parser/schema_validator'
+require 'openapi_parser/parameter_validator'
+require 'openapi_parser/reference_expander'
+
+module OpenAPIParser
+  class << self
+    # Load schema hash object. Uri is not set for returned schema.
+    # @return [OpenAPIParser::Schemas::OpenAPI]
+    def parse(schema, config = {})
+      load_hash(schema, config: Config.new(config), uri: nil, schema_registry: {})
+    end
+
+    # @param filepath [String] Path of the file containing the passed schema.
+    #   Used for resolving remote $ref if provided.
+    #   If file path is relative, it is resolved using working directory.
+    # @return [OpenAPIParser::Schemas::OpenAPI]
+    def parse_with_filepath(schema, filepath, config = {})
+      load_hash(schema, config: Config.new(config), uri: filepath && file_uri(filepath), schema_registry: {})
+    end
+
+    # Load schema in specified filepath. If file path is relative, it is resolved using working directory.
+    # @return [OpenAPIParser::Schemas::OpenAPI]
+    def load(filepath, config = {})
+      load_uri(file_uri(filepath), config: Config.new(config), schema_registry: {})
+    end
+
+    # Load schema located by the passed uri. Uri must be absolute.
+    # @return [OpenAPIParser::Schemas::OpenAPI]
+    def load_uri(uri, config:, schema_registry:)
+      # Open-uri doesn't open file scheme uri, so we try to open file path directly
+      # File scheme uri which points to a remote file is not supported.
+      uri_path = uri.path
+      raise "file not found" if uri_path.nil?
+
+      content = if uri.scheme == 'file'
+        open(uri_path)&.read
+      elsif uri.is_a?(OpenURI::OpenRead)
+        uri.open()&.read
+      end
+
+      extension = Pathname.new(uri_path).extname
+      load_hash(parse_file(content, extension), config: config, uri: uri, schema_registry: schema_registry)
+    end
+
+    private
+
+      def file_uri(filepath)
+        path = Pathname.new(filepath)
+        path = Pathname.getwd + path if path.relative?
+        URI.join("file:///",  path.to_s)
+      end
+
+      def parse_file(content, ext)
+        case ext.downcase
+        when '.yaml', '.yml'
+          parse_yaml(content)
+        when '.json'
+          parse_json(content)
+        else
+          # When extension is something we don't know, try to parse as json first. If it fails, parse as yaml
+          begin
+            parse_json(content)
+          rescue JSON::ParserError
+            parse_yaml(content)
+          end
+        end
+      end
+
+      def parse_yaml(content)
+        # FIXME: when drop ruby 2.5, we should use permitted_classes
+        (Gem::Version.create(RUBY_VERSION) < Gem::Version.create("2.6.0")) ? 
+          Psych.safe_load(content, [Date, Time]) : 
+          Psych.safe_load(content, permitted_classes: [Date, Time])
+      end
+
+      def parse_json(content)
+        raise "json content is nil" unless content 
+        JSON.parse(content)
+      end
+
+      def load_hash(hash, config:, uri:, schema_registry:)
+        root = Schemas::OpenAPI.new(hash, config, uri: uri, schema_registry: schema_registry)
+
+        OpenAPIParser::ReferenceExpander.expand(root, config.strict_reference_validation) if config.expand_reference
+
+        # TODO: use callbacks
+        root.paths&.path&.values&.each do | path_item |
+          path_item.set_path_item_to_operation
+        end
+
+        root
+      end
+  end
+end