yori 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.editorconfig +14 -0
- data/.gitignore +11 -0
- data/.rspec +3 -0
- data/.rubocop.yml +15 -0
- data/.ruby-version +1 -0
- data/.travis.yml +7 -0
- data/CODE_OF_CONDUCT.md +74 -0
- data/Gemfile +6 -0
- data/Gemfile.lock +35 -0
- data/LICENSE.txt +21 -0
- data/README.md +44 -0
- data/Rakefile +6 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/yori.rb +16 -0
- data/lib/yori/errors/field_must_not_be_specified_error.rb +5 -0
- data/lib/yori/errors/invalid_schema_error.rb +5 -0
- data/lib/yori/errors/missing_required_field_error.rb +5 -0
- data/lib/yori/errors/unknown_component_error.rb +7 -0
- data/lib/yori/schema/any.rb +22 -0
- data/lib/yori/schema/v3.rb +10 -0
- data/lib/yori/schema/v3/callback.rb +15 -0
- data/lib/yori/schema/v3/components.rb +70 -0
- data/lib/yori/schema/v3/composer.rb +36 -0
- data/lib/yori/schema/v3/contact.rb +15 -0
- data/lib/yori/schema/v3/discriminator.rb +25 -0
- data/lib/yori/schema/v3/encoding.rb +33 -0
- data/lib/yori/schema/v3/example.rb +20 -0
- data/lib/yori/schema/v3/external_documentation.rb +18 -0
- data/lib/yori/schema/v3/header.rb +32 -0
- data/lib/yori/schema/v3/info.rb +27 -0
- data/lib/yori/schema/v3/license.rb +18 -0
- data/lib/yori/schema/v3/link.rb +46 -0
- data/lib/yori/schema/v3/media_type.rb +35 -0
- data/lib/yori/schema/v3/oauth_flow.rb +35 -0
- data/lib/yori/schema/v3/oauth_flows.rb +51 -0
- data/lib/yori/schema/v3/openapi.rb +61 -0
- data/lib/yori/schema/v3/operation.rb +72 -0
- data/lib/yori/schema/v3/parameter.rb +63 -0
- data/lib/yori/schema/v3/path_item.rb +47 -0
- data/lib/yori/schema/v3/paths.rb +44 -0
- data/lib/yori/schema/v3/request_body.rb +27 -0
- data/lib/yori/schema/v3/response.rb +34 -0
- data/lib/yori/schema/v3/responses.rb +42 -0
- data/lib/yori/schema/v3/root.rb +40 -0
- data/lib/yori/schema/v3/schema.rb +35 -0
- data/lib/yori/schema/v3/security_requirement.rb +23 -0
- data/lib/yori/schema/v3/security_scheme.rb +93 -0
- data/lib/yori/schema/v3/server.rb +24 -0
- data/lib/yori/schema/v3/server_variable.rb +25 -0
- data/lib/yori/schema/v3/tag.rb +28 -0
- data/lib/yori/schema/v3/xml.rb +28 -0
- data/lib/yori/schema_base.rb +110 -0
- data/lib/yori/schema_validator.rb +40 -0
- data/lib/yori/version.rb +3 -0
- data/yori.gemspec +44 -0
- metadata +142 -0
@@ -0,0 +1,72 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/external_documentation'
|
4
|
+
require 'yori/schema/v3/parameter'
|
5
|
+
require 'yori/schema/v3/request_body'
|
6
|
+
require 'yori/schema/v3/responses'
|
7
|
+
require 'yori/schema/v3/callback'
|
8
|
+
require 'yori/schema/v3/security_requirement'
|
9
|
+
require 'yori/schema/v3/server'
|
10
|
+
|
11
|
+
module Yori
|
12
|
+
module Schema
|
13
|
+
module V3
|
14
|
+
# Operaion: Describes a single API operation on a path.
|
15
|
+
class Operation < Yori::SchemaBase
|
16
|
+
# @!method tags
|
17
|
+
# A list of tags for API documentation control.
|
18
|
+
# Tags can be used for logical grouping of operations by resources or any other qualifier.
|
19
|
+
# @!method summary A short summary of what the operation does.
|
20
|
+
# @!method description
|
21
|
+
# A verbose explanation of the operation behavior.
|
22
|
+
# CommonMark syntax MAY be used for rich text representation.
|
23
|
+
# @!method operationId
|
24
|
+
# Unique string used to identify the operation. The id MUST be unique among all operations described in the API.
|
25
|
+
# Tools and libraries MAY use the operationId to uniquely identify an operation,
|
26
|
+
# therefore, it is RECOMMENDED to follow common programming naming conventions.
|
27
|
+
# @!method deprecated
|
28
|
+
# Declares this operation to be deprecated. Consumers SHOULD refrain from usage of the declared operation.
|
29
|
+
# Default value is false.
|
30
|
+
fields :tags, :summary, :description, :operationId, :deprecated
|
31
|
+
# @!method externalDocs
|
32
|
+
# Additional external documentation for this operation.
|
33
|
+
field_block :externalDocs, Yori::Schema::V3::ExternalDocumentation
|
34
|
+
# @!method parameters
|
35
|
+
# A list of parameters that are applicable for this operation.
|
36
|
+
# If a parameter is already defined at the Path Item, the new definition will override it but can never remove it.
|
37
|
+
# The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location.
|
38
|
+
# The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object's components/parameters.
|
39
|
+
array_field_block :parameters, :parameter, Yori::Schema::V3::Parameter
|
40
|
+
# @!method requestBody
|
41
|
+
# The request body applicable for this operation.
|
42
|
+
# The requestBody is only supported in HTTP methods where the HTTP 1.1 specification RFC7231 has explicitly defined semantics for request bodies.
|
43
|
+
# In other cases where the HTTP spec is vague, requestBody SHALL be ignored by consumers.
|
44
|
+
field_block :requestBody, Yori::Schema::V3::RequestBody
|
45
|
+
# @!method responses
|
46
|
+
# REQUIRED. The list of possible responses as they are returned from executing this operation.
|
47
|
+
field_block :responses, Yori::Schema::V3::Responses
|
48
|
+
# @!method callbacks
|
49
|
+
# A map of possible out-of band callbacks related to the parent operation.
|
50
|
+
# The key is a unique identifier for the Callback Object.
|
51
|
+
# Each value in the map is a Callback Object that describes a request that may be initiated by the API provider and the expected responses.
|
52
|
+
# The key value used to identify the callback object is an expression, evaluated at runtime, that identifies a URL to use for the callback operation.
|
53
|
+
hash_field_block :callbacks, :callback, Yori::Schema::V3::Callback
|
54
|
+
# @!method security
|
55
|
+
# A declaration of which security mechanisms can be used for this operation.
|
56
|
+
# The list of values includes alternative security requirement objects that can be used.
|
57
|
+
# Only one of the security requirement objects need to be satisfied to authorize a request.
|
58
|
+
# This definition overrides any declared top-level security.
|
59
|
+
# To remove a top-level security declaration, an empty array can be used.
|
60
|
+
array_field_block :security, :schemes, Yori::Schema::V3::SecurityRequirement
|
61
|
+
# @!method servers
|
62
|
+
# An alternative server array to service this operation.
|
63
|
+
# If an alternative server object is specified at the Path Item Object or Root level, it will be overridden by this value.
|
64
|
+
array_field_block :servers, :server, Yori::Schema::V3::Server
|
65
|
+
|
66
|
+
def validate!
|
67
|
+
validate_require_fields!('responses')
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/schema'
|
4
|
+
require 'yori/schema/v3/example'
|
5
|
+
require 'yori/schema/v3/media_type'
|
6
|
+
|
7
|
+
module Yori
|
8
|
+
module Schema
|
9
|
+
module V3
|
10
|
+
# Parameter: Describes a single operation parameter.
|
11
|
+
class Parameter < Yori::SchemaBase
|
12
|
+
fields :name, :description, :required, :deprecated, :allowEmptyValue
|
13
|
+
|
14
|
+
def in_query
|
15
|
+
self['in'] = 'query'
|
16
|
+
end
|
17
|
+
|
18
|
+
def in_header
|
19
|
+
self['in'] = 'header'
|
20
|
+
end
|
21
|
+
|
22
|
+
def in_path
|
23
|
+
self['in'] = 'path'
|
24
|
+
end
|
25
|
+
|
26
|
+
def in_cookie
|
27
|
+
self['in'] = 'cookie'
|
28
|
+
end
|
29
|
+
|
30
|
+
fields :style, :explode, :allowReserved
|
31
|
+
field_block :schema, Yori::Schema::V3::Schema
|
32
|
+
|
33
|
+
def example_any(value)
|
34
|
+
self['example'] = value
|
35
|
+
end
|
36
|
+
|
37
|
+
hash_field_block :examples, :example, Yori::Schema::V3::Example
|
38
|
+
hash_field_block :content, :content_type, Yori::Schema::V3::MediaType
|
39
|
+
|
40
|
+
def validate!
|
41
|
+
validate_require_fields!('name', 'in')
|
42
|
+
validate_in!
|
43
|
+
validate_schema_or_content!
|
44
|
+
end
|
45
|
+
|
46
|
+
def validate_in!
|
47
|
+
validate_limit_field_values!('in', 'query', 'header', 'path', 'cookie')
|
48
|
+
in_value = self['in']
|
49
|
+
|
50
|
+
case in_value
|
51
|
+
when 'path'
|
52
|
+
validate_require_fields!('required')
|
53
|
+
validate_limit_field_values!('required', true)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def validate_schema_or_content!
|
58
|
+
validate_mutually_exclusive_fields!('schema', 'content')
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/operation'
|
4
|
+
require 'yori/schema/v3/server'
|
5
|
+
require 'yori/schema/v3/parameter'
|
6
|
+
|
7
|
+
module Yori
|
8
|
+
module Schema
|
9
|
+
module V3
|
10
|
+
# PathItem
|
11
|
+
# Describes the operations available on a single path.
|
12
|
+
# A Path Item MAY be empty, due to ACL constraints.
|
13
|
+
# The path itself is still exposed to the documentation viewer but they will not know which operations and parameters are available.
|
14
|
+
class PathItem < Yori::SchemaBase
|
15
|
+
# @!method summary
|
16
|
+
# An optional, string summary, intended to apply to all operations in this path.
|
17
|
+
# @!method description
|
18
|
+
# An optional, string description, intended to apply to all operations in this path.
|
19
|
+
# CommonMark syntax MAY be used for rich text representation.
|
20
|
+
fields :summary, :description
|
21
|
+
|
22
|
+
# @!method get A definition of a GET operation on this path.
|
23
|
+
# @!method put A definition of a PUT operation on this path.
|
24
|
+
# @!method post A definition of a POST operation on this path.
|
25
|
+
# @!method delete A definition of a DELETE operation on this path.
|
26
|
+
# @!method options A definition of a OPTIONS operation on this path.
|
27
|
+
# @!method head A definition of a HEAD operation on this path.
|
28
|
+
# @!method patch A definition of a PATH operation on this path.
|
29
|
+
# @!method trace A definition of a TRACE operation on this path.
|
30
|
+
%i[get put post delete options head patch trace].each do |method|
|
31
|
+
field_block method, Yori::Schema::V3::Operation
|
32
|
+
end
|
33
|
+
|
34
|
+
# @!method servers
|
35
|
+
# An alternative server array to service all operations in this path.
|
36
|
+
array_field_block :servers, :server, Yori::Schema::V3::Server
|
37
|
+
|
38
|
+
# @!method parameters
|
39
|
+
# A list of parameters that are applicable for all the operations described under this path.
|
40
|
+
# These parameters can be overridden at the operation level, but cannot be removed there.
|
41
|
+
# The list MUST NOT include duplicated parameters. A unique parameter is defined by a combination of a name and location.
|
42
|
+
# The list can use the Reference Object to link to parameters that are defined at the OpenAPI Object's components/parameters.
|
43
|
+
array_field_block :parameters, :parameter, Yori::Schema::V3::Parameter
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/path_item'
|
4
|
+
|
5
|
+
module Yori
|
6
|
+
module Schema
|
7
|
+
module V3
|
8
|
+
# Paths
|
9
|
+
# Holds the relative paths to the individual endpoints and their operations.
|
10
|
+
# The path is appended to the URL from the Server Object in order to construct the full URL.
|
11
|
+
# The Paths MAY be empty, due to ACL constraints.
|
12
|
+
class Paths < Yori::SchemaBase
|
13
|
+
# @!method path
|
14
|
+
# A relative path to an individual endpoint. The field name MUST begin with a slash.
|
15
|
+
# The path is appended (no relative URL resolution) to the expanded URL from the Server Object's url field in order to construct the full URL.
|
16
|
+
# Path templating is allowed. When matching URLs, concrete (non-templated) paths would be matched before their templated counterparts.
|
17
|
+
# Templated paths with the same hierarchy but different templated names MUST NOT exist as they are identical.
|
18
|
+
# In case of ambiguous matching, it's up to the tooling to decide which one to use.
|
19
|
+
def path(path_temp, value = nil, &block)
|
20
|
+
path_temp = '/' + path_temp unless path_temp.start_with?('/')
|
21
|
+
self[path_temp] = self.class.eval_input!(Yori::Schema::V3::PathItem, id, value, &block)
|
22
|
+
end
|
23
|
+
|
24
|
+
def merge_registered!
|
25
|
+
self.class.registered_path[id]&.each do |_path, block|
|
26
|
+
instance_eval(&block)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
class << self
|
31
|
+
def registered_path
|
32
|
+
@registered_path ||= {}
|
33
|
+
end
|
34
|
+
|
35
|
+
def register_path(id, path, value = nil, &block)
|
36
|
+
@registered_path ||= {}
|
37
|
+
@registered_path[id] ||= {}
|
38
|
+
@registered_path[id][path] = proc { path(path, value, &block) }
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/media_type'
|
4
|
+
|
5
|
+
module Yori
|
6
|
+
module Schema
|
7
|
+
module V3
|
8
|
+
# RequestBody: Describes a single request body.
|
9
|
+
class RequestBody < Yori::SchemaBase
|
10
|
+
# @!method description
|
11
|
+
# A brief description of the request body. This could contain examples of use.
|
12
|
+
# CommonMark syntax MAY be used for rich text representation.
|
13
|
+
# @!method required
|
14
|
+
# Determines if the request body is required in the request. Defaults to false.
|
15
|
+
fields :description, :required
|
16
|
+
# @!method content
|
17
|
+
# REQUIRED. The content of the request body. The key is a media type or media type range and the value describes it.
|
18
|
+
# For requests that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
|
19
|
+
hash_field_block :content, :content_type, Yori::Schema::V3::MediaType
|
20
|
+
|
21
|
+
def validate!
|
22
|
+
validate_require_fields!('content')
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/header'
|
4
|
+
require 'yori/schema/v3/media_type'
|
5
|
+
require 'yori/schema/v3/link'
|
6
|
+
|
7
|
+
module Yori
|
8
|
+
module Schema
|
9
|
+
module V3
|
10
|
+
# Response: Describes a single response from an API Operation, including design-time, static links to operations based on the response.
|
11
|
+
class Response < Yori::SchemaBase
|
12
|
+
# @!method description
|
13
|
+
# REQUIRED. A short description of the response. CommonMark syntax MAY be used for rich text representation.
|
14
|
+
fields :description
|
15
|
+
# @!method headers
|
16
|
+
# Maps a header name to its definition. RFC7230 states header names are case insensitive.
|
17
|
+
# If a response header is defined with the name "Content-Type", it SHALL be ignored.
|
18
|
+
hash_field_block :headers, :header, Yori::Schema::V3::Header
|
19
|
+
# @!method content
|
20
|
+
# A map containing descriptions of potential response payloads. The key is a media type or media type range and the value describes it.
|
21
|
+
# For responses that match multiple keys, only the most specific key is applicable. e.g. text/plain overrides text/*
|
22
|
+
hash_field_block :content, :content_type, Yori::Schema::V3::MediaType
|
23
|
+
# @!method links
|
24
|
+
# A map of operations links that can be followed from the response.
|
25
|
+
# The key of the map is a short name for the link, following the naming constraints of the names for Component Objects.
|
26
|
+
hash_field_block :links, :link, Yori::Schema::V3::Link
|
27
|
+
|
28
|
+
def validate!
|
29
|
+
validate_require_fields!('description')
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/response'
|
4
|
+
|
5
|
+
module Yori
|
6
|
+
module Schema
|
7
|
+
module V3
|
8
|
+
# Responses:
|
9
|
+
# A container for the expected responses of an operation.
|
10
|
+
# The container maps a HTTP response code to the expected response.
|
11
|
+
# The documentation is not necessarily expected to cover all possible HTTP response codes because they may not be known in advance.
|
12
|
+
# However, documentation is expected to cover a successful operation response and any known errors.
|
13
|
+
# The default MAY be used as a default response object for all HTTP codes that are not covered individually by the specification.
|
14
|
+
# The Responses Object MUST contain at least one response code, and it SHOULD be the response for a successful operation call.
|
15
|
+
class Responses < Yori::SchemaBase
|
16
|
+
# @!method default
|
17
|
+
# The documentation of responses other than the ones declared for specific HTTP response codes.
|
18
|
+
# Use this field to cover undeclared responses. A Reference Object can link to a response that the OpenAPI Object's components/responses section defines.
|
19
|
+
field_block :default, Yori::Schema::V3::Response
|
20
|
+
|
21
|
+
# @!method response
|
22
|
+
# Any HTTP status code can be used as the property name, but only one property per code, to describe the expected response for that HTTP status code.
|
23
|
+
# A Reference Object can link to a response that is defined in the OpenAPI Object's components/responses section.
|
24
|
+
# This field MUST be enclosed in quotation marks (for example, "200") for compatibility between JSON and YAML.
|
25
|
+
# To define a range of response codes, this field MAY contain the uppercase wildcard character X.
|
26
|
+
# For example, 2XX represents all response codes between [200-299]. The following range definitions are allowed: 1XX, 2XX, 3XX, 4XX, and 5XX.
|
27
|
+
# If a response range is defined using an explicit code, the explicit code definition takes precedence over the range definition for that code.
|
28
|
+
def response(status_code, &block)
|
29
|
+
self[status_code.to_s] = self.class.eval_class!(Yori::Schema::V3::Response, id, &block)
|
30
|
+
end
|
31
|
+
|
32
|
+
alias status response
|
33
|
+
alias http_status_code response
|
34
|
+
|
35
|
+
def validate!
|
36
|
+
status_keys = keys.reject { |x| x == 'default' }
|
37
|
+
raise Yori::Errors::InvalidSchemaError, 'The Responses Object MUST contain at least one response code.' if status_keys.empty?
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Yori
|
4
|
+
module Schema
|
5
|
+
module V3
|
6
|
+
# Root
|
7
|
+
module Root
|
8
|
+
def self.included(klass)
|
9
|
+
klass.class_eval do
|
10
|
+
class << self
|
11
|
+
def api_docs_factory
|
12
|
+
@_api_docs_factory
|
13
|
+
end
|
14
|
+
|
15
|
+
def api_docs
|
16
|
+
return unless api_docs_factory
|
17
|
+
|
18
|
+
openapi = api_docs_factory.call
|
19
|
+
openapi.to_json
|
20
|
+
end
|
21
|
+
|
22
|
+
def root(id = '', &block)
|
23
|
+
@_api_docs_factory = proc do
|
24
|
+
Yori::Schema::V3::OpenAPI.new.tap do |openapi|
|
25
|
+
openapi.id = id
|
26
|
+
openapi.instance_eval(&block)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def api_docs
|
35
|
+
self.class.api_docs
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/discriminator'
|
4
|
+
require 'yori/schema/v3/xml'
|
5
|
+
require 'yori/schema/v3/external_documentation'
|
6
|
+
|
7
|
+
module Yori
|
8
|
+
module Schema
|
9
|
+
module V3
|
10
|
+
# Schema: The Schema Object allows the definition of input and output data types.
|
11
|
+
# These types can be objects, but also primitives and arrays. This object is an extended subset of the JSON Schema Specification Wright Draft 00.
|
12
|
+
class Schema < SchemaBase
|
13
|
+
fields :title, :type, :description, :format, :default
|
14
|
+
fields :multipleOf, :maximum, :exclusiveMaximum, :minimum, :exclusiveMinimum, :maxLength, :minLength
|
15
|
+
fields :pattern, :maxItems, :minItems, :uniqueItems
|
16
|
+
fields :maxProperties, :minProperties, :required, :enum
|
17
|
+
|
18
|
+
array_field_block :allOf, :allOfItem, Yori::Schema::V3::Schema
|
19
|
+
array_field_block :oneOf, :oneOfItem, Yori::Schema::V3::Schema
|
20
|
+
array_field_block :anyOf, :anyOfItem, Yori::Schema::V3::Schema
|
21
|
+
array_field_block :not, :notItem, Yori::Schema::V3::Schema
|
22
|
+
|
23
|
+
field_block :items, Yori::Schema::V3::Schema
|
24
|
+
hash_field_block :properties, :property, Yori::Schema::V3::Schema
|
25
|
+
field_block :additionalProperties, Yori::Schema::V3::Schema
|
26
|
+
|
27
|
+
fields :nullable, :readOnly, :writeOnly, :deprecated
|
28
|
+
field_block :discriminator, Yori::Schema::V3::Discriminator
|
29
|
+
field_block :xml, Yori::Schema::V3::XML
|
30
|
+
field_block :externalDocs, Yori::Schema::V3::ExternalDocumentation
|
31
|
+
field_block :example, Yori::Schema::Any
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Yori
|
4
|
+
module Schema
|
5
|
+
module V3
|
6
|
+
# SecurityRequirement:
|
7
|
+
# Lists the required security schemes to execute this operation.
|
8
|
+
# The name used for each property MUST correspond to a security scheme declared in the Security Schemes under the Components Object.
|
9
|
+
class SecurityRequirement < Yori::SchemaBase
|
10
|
+
# @!method scheme
|
11
|
+
# Each key MUST correspond to a security scheme which is declared in the Security Schemes under the Components Object.
|
12
|
+
# If the security scheme is of type "oauth2" or "openIdConnect", then the value is a list of scope names required for the execution.
|
13
|
+
# For other security scheme types, the array MUST be empty.
|
14
|
+
def scheme(key, scopes)
|
15
|
+
self[key.to_s] ||= []
|
16
|
+
self[key.to_s].concat(scopes)
|
17
|
+
end
|
18
|
+
|
19
|
+
# TODO: validate with related SecurityScheme type...
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,93 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yori/schema/v3/oauth_flows'
|
4
|
+
|
5
|
+
module Yori
|
6
|
+
module Schema
|
7
|
+
module V3
|
8
|
+
# SecurityScheme:
|
9
|
+
# Defines a security scheme that can be used by the operations.
|
10
|
+
# Supported schemes are HTTP authentication, an API key (either as a header or as a query parameter),
|
11
|
+
# OAuth2's common flows (implicit, password, application and access code) as defined in RFC6749, and OpenID Connect Discovery.
|
12
|
+
class SecurityScheme < Yori::SchemaBase
|
13
|
+
# @!method type :Applies To Any;
|
14
|
+
# REQUIRED. The type of the security scheme.
|
15
|
+
# Valid values are "apiKey", "http", "oauth2", "openIdConnect"
|
16
|
+
# @!method description :Applies To Any;
|
17
|
+
# A short description for security scheme. CommonMark syntax MAY be used for rich text representation.
|
18
|
+
# @!method name :Applies To apiKey;
|
19
|
+
# REQUIRED. The name of the header, query or cookie parameter to be used.
|
20
|
+
fields :type, :description, :name
|
21
|
+
|
22
|
+
# @!method in_query
|
23
|
+
# Set 'query' value to 'in' field.
|
24
|
+
def in_query
|
25
|
+
self['in'] = 'query'
|
26
|
+
end
|
27
|
+
|
28
|
+
# @!method in_header
|
29
|
+
# Set 'header' value to 'in' field.
|
30
|
+
def in_header
|
31
|
+
self['in'] = 'header'
|
32
|
+
end
|
33
|
+
|
34
|
+
# @!method in_cookie
|
35
|
+
# Set 'cookie' value to 'in' field.
|
36
|
+
def in_cookie
|
37
|
+
self['in'] = 'cookie'
|
38
|
+
end
|
39
|
+
|
40
|
+
# @!method scheme :Applies To http;
|
41
|
+
# REQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in RFC7235.
|
42
|
+
# @!method bearerFormat :Applies To http ("bearer");
|
43
|
+
# A hint to the client to identify how the bearer token is formatted.
|
44
|
+
# Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.
|
45
|
+
fields :scheme, :bearerFormat
|
46
|
+
|
47
|
+
# @!method flows :Applies To oauth2;
|
48
|
+
# REQUIRED. An object containing configuration information for the flow types supported.
|
49
|
+
field_block :flows, Yori::Schema::V3::OAuthFlows
|
50
|
+
|
51
|
+
# @!method openIdConnectUrl :Applies To openIdConnect
|
52
|
+
# REQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.
|
53
|
+
fields :openIdConnectUrl
|
54
|
+
|
55
|
+
def validate!
|
56
|
+
validate_type!
|
57
|
+
case self['type']
|
58
|
+
when 'apiKey'
|
59
|
+
validate_as_api_key!
|
60
|
+
when 'http'
|
61
|
+
validate_as_http!
|
62
|
+
when 'oauth2'
|
63
|
+
validate_as_oauth2!
|
64
|
+
when 'openIdConnect'
|
65
|
+
validate_as_open_id_connect!
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
def validate_type!
|
70
|
+
validate_require_fields!('type')
|
71
|
+
validate_limit_field_values!('type', 'apiKey', 'http', 'oauth2', 'openIdConnect')
|
72
|
+
end
|
73
|
+
|
74
|
+
def validate_as_api_key!
|
75
|
+
validate_require_fields!('name', 'in')
|
76
|
+
validate_limit_field_values!('in', 'query', 'header', 'cookie')
|
77
|
+
end
|
78
|
+
|
79
|
+
def validate_as_http!
|
80
|
+
validate_require_fields!('scheme')
|
81
|
+
end
|
82
|
+
|
83
|
+
def validate_as_oauth2!
|
84
|
+
validate_require_fields!('flows')
|
85
|
+
end
|
86
|
+
|
87
|
+
def validate_as_open_id_connect!
|
88
|
+
validate_require_fields!('openIdConnectUrl')
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|