RubyGems - spikard - Versions diffs - 0.4.0-x86_64-linux - Mend

spikard 0.4.0-x86_64-linux

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (138) hide show

checksums.yaml +7 -0
data/LICENSE +1 -0
data/README.md +659 -0
data/ext/spikard_rb/Cargo.toml +17 -0
data/ext/spikard_rb/extconf.rb +10 -0
data/ext/spikard_rb/src/lib.rs +6 -0
data/lib/spikard/app.rb +405 -0
data/lib/spikard/background.rb +27 -0
data/lib/spikard/config.rb +396 -0
data/lib/spikard/converters.rb +13 -0
data/lib/spikard/handler_wrapper.rb +113 -0
data/lib/spikard/provide.rb +214 -0
data/lib/spikard/response.rb +173 -0
data/lib/spikard/schema.rb +243 -0
data/lib/spikard/sse.rb +111 -0
data/lib/spikard/streaming_response.rb +44 -0
data/lib/spikard/testing.rb +221 -0
data/lib/spikard/upload_file.rb +131 -0
data/lib/spikard/version.rb +5 -0
data/lib/spikard/websocket.rb +59 -0
data/lib/spikard.rb +43 -0
data/sig/spikard.rbs +366 -0
data/vendor/bundle/ruby/3.4.0/gems/diff-lcs-1.6.2/mise.toml +5 -0
data/vendor/bundle/ruby/3.4.0/gems/rake-compiler-dock-1.10.0/build/buildkitd.toml +2 -0
data/vendor/crates/spikard-bindings-shared/Cargo.toml +63 -0
data/vendor/crates/spikard-bindings-shared/examples/config_extraction.rs +139 -0
data/vendor/crates/spikard-bindings-shared/src/config_extractor.rs +561 -0
data/vendor/crates/spikard-bindings-shared/src/conversion_traits.rs +194 -0
data/vendor/crates/spikard-bindings-shared/src/di_traits.rs +246 -0
data/vendor/crates/spikard-bindings-shared/src/error_response.rs +403 -0
data/vendor/crates/spikard-bindings-shared/src/handler_base.rs +274 -0
data/vendor/crates/spikard-bindings-shared/src/lib.rs +25 -0
data/vendor/crates/spikard-bindings-shared/src/lifecycle_base.rs +298 -0
data/vendor/crates/spikard-bindings-shared/src/lifecycle_executor.rs +637 -0
data/vendor/crates/spikard-bindings-shared/src/response_builder.rs +309 -0
data/vendor/crates/spikard-bindings-shared/src/test_client_base.rs +248 -0
data/vendor/crates/spikard-bindings-shared/src/validation_helpers.rs +355 -0
data/vendor/crates/spikard-bindings-shared/tests/comprehensive_coverage.rs +502 -0
data/vendor/crates/spikard-bindings-shared/tests/error_response_edge_cases.rs +389 -0
data/vendor/crates/spikard-bindings-shared/tests/handler_base_integration.rs +413 -0
data/vendor/crates/spikard-core/Cargo.toml +40 -0
data/vendor/crates/spikard-core/src/bindings/mod.rs +3 -0
data/vendor/crates/spikard-core/src/bindings/response.rs +133 -0
data/vendor/crates/spikard-core/src/debug.rs +63 -0
data/vendor/crates/spikard-core/src/di/container.rs +726 -0
data/vendor/crates/spikard-core/src/di/dependency.rs +273 -0
data/vendor/crates/spikard-core/src/di/error.rs +118 -0
data/vendor/crates/spikard-core/src/di/factory.rs +538 -0
data/vendor/crates/spikard-core/src/di/graph.rs +545 -0
data/vendor/crates/spikard-core/src/di/mod.rs +192 -0
data/vendor/crates/spikard-core/src/di/resolved.rs +411 -0
data/vendor/crates/spikard-core/src/di/value.rs +283 -0
data/vendor/crates/spikard-core/src/errors.rs +39 -0
data/vendor/crates/spikard-core/src/http.rs +153 -0
data/vendor/crates/spikard-core/src/lib.rs +29 -0
data/vendor/crates/spikard-core/src/lifecycle.rs +422 -0
data/vendor/crates/spikard-core/src/metadata.rs +397 -0
data/vendor/crates/spikard-core/src/parameters.rs +723 -0
data/vendor/crates/spikard-core/src/problem.rs +310 -0
data/vendor/crates/spikard-core/src/request_data.rs +189 -0
data/vendor/crates/spikard-core/src/router.rs +249 -0
data/vendor/crates/spikard-core/src/schema_registry.rs +183 -0
data/vendor/crates/spikard-core/src/type_hints.rs +304 -0
data/vendor/crates/spikard-core/src/validation/error_mapper.rs +689 -0
data/vendor/crates/spikard-core/src/validation/mod.rs +459 -0
data/vendor/crates/spikard-http/Cargo.toml +58 -0
data/vendor/crates/spikard-http/examples/sse-notifications.rs +147 -0
data/vendor/crates/spikard-http/examples/websocket-chat.rs +91 -0
data/vendor/crates/spikard-http/src/auth.rs +247 -0
data/vendor/crates/spikard-http/src/background.rs +1562 -0
data/vendor/crates/spikard-http/src/bindings/mod.rs +3 -0
data/vendor/crates/spikard-http/src/bindings/response.rs +1 -0
data/vendor/crates/spikard-http/src/body_metadata.rs +8 -0
data/vendor/crates/spikard-http/src/cors.rs +490 -0
data/vendor/crates/spikard-http/src/debug.rs +63 -0
data/vendor/crates/spikard-http/src/di_handler.rs +1878 -0
data/vendor/crates/spikard-http/src/handler_response.rs +532 -0
data/vendor/crates/spikard-http/src/handler_trait.rs +861 -0
data/vendor/crates/spikard-http/src/handler_trait_tests.rs +284 -0
data/vendor/crates/spikard-http/src/lib.rs +524 -0
data/vendor/crates/spikard-http/src/lifecycle/adapter.rs +149 -0
data/vendor/crates/spikard-http/src/lifecycle.rs +428 -0
data/vendor/crates/spikard-http/src/middleware/mod.rs +285 -0
data/vendor/crates/spikard-http/src/middleware/multipart.rs +930 -0
data/vendor/crates/spikard-http/src/middleware/urlencoded.rs +541 -0
data/vendor/crates/spikard-http/src/middleware/validation.rs +287 -0
data/vendor/crates/spikard-http/src/openapi/mod.rs +309 -0
data/vendor/crates/spikard-http/src/openapi/parameter_extraction.rs +535 -0
data/vendor/crates/spikard-http/src/openapi/schema_conversion.rs +867 -0
data/vendor/crates/spikard-http/src/openapi/spec_generation.rs +678 -0
data/vendor/crates/spikard-http/src/query_parser.rs +369 -0
data/vendor/crates/spikard-http/src/response.rs +399 -0
data/vendor/crates/spikard-http/src/server/handler.rs +1557 -0
data/vendor/crates/spikard-http/src/server/lifecycle_execution.rs +98 -0
data/vendor/crates/spikard-http/src/server/mod.rs +806 -0
data/vendor/crates/spikard-http/src/server/request_extraction.rs +630 -0
data/vendor/crates/spikard-http/src/server/routing_factory.rs +497 -0
data/vendor/crates/spikard-http/src/sse.rs +961 -0
data/vendor/crates/spikard-http/src/testing/form.rs +14 -0
data/vendor/crates/spikard-http/src/testing/multipart.rs +60 -0
data/vendor/crates/spikard-http/src/testing/test_client.rs +285 -0
data/vendor/crates/spikard-http/src/testing.rs +377 -0
data/vendor/crates/spikard-http/src/websocket.rs +831 -0
data/vendor/crates/spikard-http/tests/background_behavior.rs +918 -0
data/vendor/crates/spikard-http/tests/common/handlers.rs +308 -0
data/vendor/crates/spikard-http/tests/common/mod.rs +21 -0
data/vendor/crates/spikard-http/tests/di_integration.rs +202 -0
data/vendor/crates/spikard-http/tests/doc_snippets.rs +4 -0
data/vendor/crates/spikard-http/tests/lifecycle_execution.rs +1135 -0
data/vendor/crates/spikard-http/tests/multipart_behavior.rs +688 -0
data/vendor/crates/spikard-http/tests/server_config_builder.rs +324 -0
data/vendor/crates/spikard-http/tests/sse_behavior.rs +728 -0
data/vendor/crates/spikard-http/tests/websocket_behavior.rs +724 -0
data/vendor/crates/spikard-rb/Cargo.toml +43 -0
data/vendor/crates/spikard-rb/build.rs +199 -0
data/vendor/crates/spikard-rb/src/background.rs +63 -0
data/vendor/crates/spikard-rb/src/config/mod.rs +5 -0
data/vendor/crates/spikard-rb/src/config/server_config.rs +283 -0
data/vendor/crates/spikard-rb/src/conversion.rs +459 -0
data/vendor/crates/spikard-rb/src/di/builder.rs +105 -0
data/vendor/crates/spikard-rb/src/di/mod.rs +413 -0
data/vendor/crates/spikard-rb/src/handler.rs +612 -0
data/vendor/crates/spikard-rb/src/integration/mod.rs +3 -0
data/vendor/crates/spikard-rb/src/lib.rs +1857 -0
data/vendor/crates/spikard-rb/src/lifecycle.rs +275 -0
data/vendor/crates/spikard-rb/src/metadata/mod.rs +5 -0
data/vendor/crates/spikard-rb/src/metadata/route_extraction.rs +427 -0
data/vendor/crates/spikard-rb/src/runtime/mod.rs +5 -0
data/vendor/crates/spikard-rb/src/runtime/server_runner.rs +326 -0
data/vendor/crates/spikard-rb/src/server.rs +283 -0
data/vendor/crates/spikard-rb/src/sse.rs +231 -0
data/vendor/crates/spikard-rb/src/testing/client.rs +404 -0
data/vendor/crates/spikard-rb/src/testing/mod.rs +7 -0
data/vendor/crates/spikard-rb/src/testing/sse.rs +143 -0
data/vendor/crates/spikard-rb/src/testing/websocket.rs +221 -0
data/vendor/crates/spikard-rb/src/websocket.rs +233 -0
data/vendor/crates/spikard-rb/tests/magnus_ffi_tests.rs +14 -0
metadata +213 -0

data/vendor/crates/spikard-http/src/openapi/spec_generation.rs ADDED Viewed

@@ -0,0 +1,678 @@
+//! OpenAPI specification generation and assembly
+use crate::RouteMetadata;
+use utoipa::openapi::HttpMethod;
+use utoipa::openapi::security::SecurityScheme;
+use utoipa::openapi::{Components, Info, OpenApi, OpenApiBuilder, PathItem, Paths, RefOr, Response, Responses};
+/// Convert route to OpenAPI PathItem
+fn route_to_path_item(route: &RouteMetadata) -> Result<PathItem, String> {
+    let operation = route_to_operation(route)?;
+    let http_method = match route.method.to_uppercase().as_str() {
+        "GET" => HttpMethod::Get,
+        "POST" => HttpMethod::Post,
+        "PUT" => HttpMethod::Put,
+        "DELETE" => HttpMethod::Delete,
+        "PATCH" => HttpMethod::Patch,
+        "HEAD" => HttpMethod::Head,
+        "OPTIONS" => HttpMethod::Options,
+        _ => return Err(format!("Unsupported HTTP method: {}", route.method)),
+    };
+    let path_item = PathItem::new(http_method, operation);
+    Ok(path_item)
+}
+/// Convert route to OpenAPI Operation
+fn route_to_operation(route: &RouteMetadata) -> Result<utoipa::openapi::path::Operation, String> {
+    let mut operation = utoipa::openapi::path::Operation::new();
+    if let Some(param_schema) = &route.parameter_schema {
+        let parameters =
+            crate::openapi::parameter_extraction::extract_parameters_from_schema(param_schema, &route.path)?;
+        if !parameters.is_empty() {
+            let unwrapped: Vec<_> = parameters
+                .into_iter()
+                .filter_map(|p| if let RefOr::T(param) = p { Some(param) } else { None })
+                .collect();
+            operation.parameters = Some(unwrapped);
+        }
+    }
+    if let Some(request_schema) = &route.request_schema {
+        let request_body = crate::openapi::schema_conversion::json_schema_to_request_body(request_schema)?;
+        operation.request_body = Some(request_body);
+    }
+    let mut responses = Responses::new();
+    if let Some(response_schema) = &route.response_schema {
+        let response = crate::openapi::schema_conversion::json_schema_to_response(response_schema)?;
+        responses.responses.insert("200".to_string(), RefOr::T(response));
+    } else {
+        responses
+            .responses
+            .insert("200".to_string(), RefOr::T(Response::new("Successful response")));
+    }
+    operation.responses = responses;
+    Ok(operation)
+}
+/// Assemble OpenAPI specification from routes with auto-detection of security schemes
+pub fn assemble_openapi_spec(
+    routes: &[RouteMetadata],
+    config: &super::OpenApiConfig,
+    server_config: Option<&crate::ServerConfig>,
+) -> Result<OpenApi, String> {
+    let mut info = Info::new(&config.title, &config.version);
+    if let Some(desc) = &config.description {
+        info.description = Some(desc.clone());
+    }
+    if let Some(contact_info) = &config.contact {
+        let mut contact = utoipa::openapi::Contact::default();
+        if let Some(name) = &contact_info.name {
+            contact.name = Some(name.clone());
+        }
+        if let Some(email) = &contact_info.email {
+            contact.email = Some(email.clone());
+        }
+        if let Some(url) = &contact_info.url {
+            contact.url = Some(url.clone());
+        }
+        info.contact = Some(contact);
+    }
+    if let Some(license_info) = &config.license {
+        let mut license = utoipa::openapi::License::new(&license_info.name);
+        if let Some(url) = &license_info.url {
+            license.url = Some(url.clone());
+        }
+        info.license = Some(license);
+    }
+    let servers = if config.servers.is_empty() {
+        None
+    } else {
+        Some(
+            config
+                .servers
+                .iter()
+                .map(|s| {
+                    let mut server = utoipa::openapi::Server::new(&s.url);
+                    if let Some(desc) = &s.description {
+                        server.description = Some(desc.clone());
+                    }
+                    server
+                })
+                .collect(),
+        )
+    };
+    let mut paths = Paths::new();
+    for route in routes {
+        let path_item = route_to_path_item(route)?;
+        paths.paths.insert(route.path.clone(), path_item);
+    }
+    let mut components = Components::new();
+    let mut global_security = Vec::new();
+    if let Some(server_cfg) = server_config {
+        if let Some(_jwt_cfg) = &server_cfg.jwt_auth {
+            let jwt_scheme = SecurityScheme::Http(
+                utoipa::openapi::security::HttpBuilder::new()
+                    .scheme(utoipa::openapi::security::HttpAuthScheme::Bearer)
+                    .bearer_format("JWT")
+                    .build(),
+            );
+            components.add_security_scheme("bearerAuth", jwt_scheme);
+            let security_req = utoipa::openapi::security::SecurityRequirement::new("bearerAuth", Vec::<String>::new());
+            global_security.push(security_req);
+        }
+        if let Some(api_key_cfg) = &server_cfg.api_key_auth {
+            use utoipa::openapi::security::ApiKey;
+            let api_key_scheme = SecurityScheme::ApiKey(ApiKey::Header(utoipa::openapi::security::ApiKeyValue::new(
+                &api_key_cfg.header_name,
+            )));
+            components.add_security_scheme("apiKeyAuth", api_key_scheme);
+            let security_req = utoipa::openapi::security::SecurityRequirement::new("apiKeyAuth", Vec::<String>::new());
+            global_security.push(security_req);
+        }
+    }
+    if !config.security_schemes.is_empty() {
+        for (name, scheme_info) in &config.security_schemes {
+            let scheme = crate::openapi::security_scheme_info_to_openapi(scheme_info);
+            components.add_security_scheme(name, scheme);
+        }
+    }
+    let mut openapi = OpenApiBuilder::new()
+        .info(info)
+        .paths(paths)
+        .components(Some(components))
+        .build();
+    if let Some(servers) = servers {
+        openapi.servers = Some(servers);
+    }
+    if !global_security.is_empty() {
+        openapi.security = Some(global_security);
+    }
+    Ok(openapi)
+}
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::{ApiKeyConfig, JwtConfig};
+    fn make_route(method: &str, path: &str) -> RouteMetadata {
+        RouteMetadata {
+            method: method.to_string(),
+            path: path.to_string(),
+            handler_name: format!("{}_handler", method.to_lowercase()),
+            request_schema: None,
+            response_schema: None,
+            parameter_schema: None,
+            file_params: None,
+            is_async: true,
+            cors: None,
+            body_param_name: None,
+            #[cfg(feature = "di")]
+            handler_dependencies: None,
+        }
+    }
+    fn make_server_config_with_jwt() -> crate::ServerConfig {
+        crate::ServerConfig {
+            jwt_auth: Some(JwtConfig {
+                secret: "test-secret".to_string(),
+                algorithm: "HS256".to_string(),
+                audience: None,
+                issuer: None,
+                leeway: 0,
+            }),
+            ..Default::default()
+        }
+    }
+    fn make_server_config_with_api_key() -> crate::ServerConfig {
+        crate::ServerConfig {
+            api_key_auth: Some(ApiKeyConfig {
+                keys: vec!["test-key".to_string()],
+                header_name: "X-API-Key".to_string(),
+            }),
+            ..Default::default()
+        }
+    }
+    // HTTP Method Coverage Tests
+    #[test]
+    fn test_route_to_path_item_get() {
+        let route = make_route("GET", "/users");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_post() {
+        let route = make_route("POST", "/users");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_put() {
+        let route = make_route("PUT", "/users/123");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_patch() {
+        let route = make_route("PATCH", "/users/123");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_delete() {
+        let route = make_route("DELETE", "/users/123");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_head() {
+        let route = make_route("HEAD", "/users");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_options() {
+        let route = make_route("OPTIONS", "/users");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_case_insensitive_method() {
+        let route_lower = make_route("get", "/users");
+        let route_mixed = make_route("GeT", "/users");
+        assert!(route_to_path_item(&route_lower).is_ok());
+        assert!(route_to_path_item(&route_mixed).is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_unsupported_method() {
+        let route = make_route("CONNECT", "/users");
+        let result = route_to_path_item(&route);
+        assert!(result.is_err());
+        if let Err(err) = result {
+            assert!(err.contains("Unsupported HTTP method"));
+        }
+    }
+    // OpenAPI Spec Assembly Tests
+    #[test]
+    fn test_assemble_openapi_spec_minimal() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        assert_eq!(spec.info.title, "Test API");
+        assert_eq!(spec.info.version, "1.0.0");
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_description() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            description: Some("This is a test API".to_string()),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        assert_eq!(spec.info.description, Some("This is a test API".to_string()));
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_contact() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            contact: Some(super::super::ContactInfo {
+                name: Some("Support Team".to_string()),
+                email: Some("support@example.com".to_string()),
+                url: Some("https://example.com/support".to_string()),
+            }),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        assert!(spec.info.contact.is_some());
+        let contact = spec.info.contact.unwrap();
+        assert_eq!(contact.name, Some("Support Team".to_string()));
+        assert_eq!(contact.email, Some("support@example.com".to_string()));
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_license() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            license: Some(super::super::LicenseInfo {
+                name: "Apache 2.0".to_string(),
+                url: Some("https://www.apache.org/licenses/LICENSE-2.0.html".to_string()),
+            }),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        assert!(spec.info.license.is_some());
+        let license = spec.info.license.unwrap();
+        assert_eq!(license.name, "Apache 2.0");
+        assert_eq!(
+            license.url,
+            Some("https://www.apache.org/licenses/LICENSE-2.0.html".to_string())
+        );
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_servers() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            servers: vec![
+                super::super::ServerInfo {
+                    url: "https://api.example.com".to_string(),
+                    description: Some("Production".to_string()),
+                },
+                super::super::ServerInfo {
+                    url: "http://localhost:8080".to_string(),
+                    description: Some("Development".to_string()),
+                },
+            ],
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        assert!(spec.servers.is_some());
+        let servers = spec.servers.unwrap();
+        assert_eq!(servers.len(), 2);
+    }
+    // Security Scheme Detection Tests
+    #[test]
+    fn test_assemble_openapi_spec_with_jwt_auth() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            ..Default::default()
+        };
+        let server_config = make_server_config_with_jwt();
+        let result = assemble_openapi_spec(&[], &config, Some(&server_config));
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        // Verify JWT security scheme is added
+        assert!(spec.components.is_some());
+        let components = spec.components.unwrap();
+        assert!(components.security_schemes.get("bearerAuth").is_some());
+        // Verify global security requirement
+        assert!(spec.security.is_some());
+        let security_reqs = spec.security.unwrap();
+        assert!(!security_reqs.is_empty());
+        // Verify that at least one security requirement was added for bearerAuth
+        assert_eq!(security_reqs.len(), 1);
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_api_key_auth() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            ..Default::default()
+        };
+        let server_config = make_server_config_with_api_key();
+        let result = assemble_openapi_spec(&[], &config, Some(&server_config));
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        // Verify API Key security scheme is added
+        assert!(spec.components.is_some());
+        let components = spec.components.unwrap();
+        assert!(components.security_schemes.get("apiKeyAuth").is_some());
+        // Verify global security requirement
+        assert!(spec.security.is_some());
+        let security_reqs = spec.security.unwrap();
+        assert!(!security_reqs.is_empty());
+        // Verify that at least one security requirement was added for apiKeyAuth
+        assert_eq!(security_reqs.len(), 1);
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_both_auth_schemes() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            ..Default::default()
+        };
+        let mut server_config = make_server_config_with_jwt();
+        server_config.api_key_auth = Some(ApiKeyConfig {
+            keys: vec!["test-key".to_string()],
+            header_name: "X-API-Key".to_string(),
+        });
+        let result = assemble_openapi_spec(&[], &config, Some(&server_config));
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        // Verify both security schemes are added
+        assert!(spec.components.is_some());
+        let components = spec.components.unwrap();
+        assert!(components.security_schemes.get("bearerAuth").is_some());
+        assert!(components.security_schemes.get("apiKeyAuth").is_some());
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_custom_security_schemes() {
+        use std::collections::HashMap;
+        let mut security_schemes = HashMap::new();
+        security_schemes.insert(
+            "oauth2".to_string(),
+            super::super::SecuritySchemeInfo::Http {
+                scheme: "bearer".to_string(),
+                bearer_format: Some("OAuth2".to_string()),
+            },
+        );
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            security_schemes,
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        assert!(spec.components.is_some());
+        let components = spec.components.unwrap();
+        assert!(components.security_schemes.get("oauth2").is_some());
+    }
+    // Route Integration Tests
+    #[test]
+    fn test_assemble_openapi_spec_with_multiple_routes() {
+        let routes: Vec<RouteMetadata> = vec![
+            make_route("GET", "/users"),
+            make_route("POST", "/users"),
+            make_route("GET", "/users/{id}"),
+            make_route("PUT", "/users/{id}"),
+            make_route("DELETE", "/users/{id}"),
+        ];
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "User API".to_string(),
+            version: "1.0.0".to_string(),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&routes, &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        // Verify paths are included
+        assert!(!spec.paths.paths.is_empty());
+        assert!(spec.paths.paths.contains_key("/users"));
+        assert!(spec.paths.paths.contains_key("/users/{id}"));
+    }
+    #[test]
+    fn test_route_to_operation_default_response() {
+        let route = make_route("GET", "/health");
+        let result = route_to_operation(&route);
+        assert!(result.is_ok());
+        let operation = result.unwrap();
+        assert!(!operation.responses.responses.is_empty());
+        assert!(operation.responses.responses.contains_key("200"));
+    }
+    #[test]
+    fn test_assemble_openapi_spec_empty_routes() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Empty API".to_string(),
+            version: "0.1.0".to_string(),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        assert!(spec.paths.paths.is_empty());
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_partial_contact() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            contact: Some(super::super::ContactInfo {
+                name: Some("Support".to_string()),
+                email: None,
+                url: None,
+            }),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        let contact = spec.info.contact.unwrap();
+        assert_eq!(contact.name, Some("Support".to_string()));
+        assert!(contact.email.is_none());
+    }
+    #[test]
+    fn test_assemble_openapi_spec_without_servers() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            servers: vec![],
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        assert!(spec.servers.is_none());
+    }
+    #[test]
+    fn test_route_to_path_item_lowercase_method() {
+        let route = make_route("post", "/items");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_route_to_path_item_mixed_case_method() {
+        let route = make_route("PoSt", "/items");
+        let result = route_to_path_item(&route);
+        assert!(result.is_ok());
+    }
+    #[test]
+    fn test_assemble_openapi_spec_preserves_route_order() {
+        let routes: Vec<RouteMetadata> = vec![
+            make_route("GET", "/a"),
+            make_route("GET", "/b"),
+            make_route("GET", "/c"),
+        ];
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&routes, &config, None);
+        assert!(result.is_ok());
+        let spec = result.unwrap();
+        // All routes should be present
+        assert!(spec.paths.paths.contains_key("/a"));
+        assert!(spec.paths.paths.contains_key("/b"));
+        assert!(spec.paths.paths.contains_key("/c"));
+    }
+    #[test]
+    fn test_assemble_openapi_spec_with_server_config_none() {
+        let config = super::super::OpenApiConfig {
+            enabled: true,
+            title: "Test API".to_string(),
+            version: "1.0.0".to_string(),
+            ..Default::default()
+        };
+        let result = assemble_openapi_spec(&[], &config, None);
+        assert!(result.is_ok());
+        // No security schemes should be auto-detected
+        let spec = result.unwrap();
+        if let Some(components) = spec.components {
+            assert!(!components.security_schemes.contains_key("bearerAuth"));
+            assert!(!components.security_schemes.contains_key("apiKeyAuth"));
+        }
+    }
+    #[test]
+    fn test_route_to_operation_with_no_schemas() {
+        let route = RouteMetadata {
+            method: "GET".to_string(),
+            path: "/endpoint".to_string(),
+            handler_name: "test_handler".to_string(),
+            request_schema: None,
+            response_schema: None,
+            parameter_schema: None,
+            file_params: None,
+            is_async: true,
+            cors: None,
+            body_param_name: None,
+            #[cfg(feature = "di")]
+            handler_dependencies: None,
+        };
+        let result = route_to_operation(&route);
+        assert!(result.is_ok());
+        let operation = result.unwrap();
+        assert!(operation.request_body.is_none());
+        // Default 200 response should still exist
+        assert!(operation.responses.responses.contains_key("200"));
+    }
+}