@mimik/api-helper 1.1.0 → 1.1.2

package/README.md

@@ -32,11 +32,12 @@ Setup the API to be use for a service
 - <code>Promise</code> An error is thrown if the initiatilization failed.
 
 For the security schemes, the following scheme names are reserved: `SystemSecurity`, `AdminSecurity`, `UserSecurity`, `PeerSecurity`, `ApiKeySecurity`.
-The secOptions in the options porperty passed when using `init` allows the folloing operations:
+The secOptions in the options property passed when using `init` allows the following operations:
 - introduce a customer sevurity scheme, in this case secOptions contains: { newSecurityScheme: {function}newSecurityHandler },
 - disable a security scheme that is defined in the swagger API, in this case secOptions contains: { securitySchemeToDisable: { {boolean}notEnabled: true } },
 - overwite an existing security scheme, in this case secOptions contains: { securitySchemeToOverwrite: {function}newSecurityHandler }.
 If the secOptions is not present either to introduce, disable or overwrite a security scheme that is present in the swagger API file an error is generated.
+If the secOptions contains unused security schemes, an error is generated.
 
 The default formats for validation are: `date`, `time`, `date-time`, `byte`, `uuid`, `uri`, `email`, `ipv4`, `ipv6`, `semver`, `ip`.
 

package/index.js

@@ -67,11 +67,12 @@ const {
  * @throws {Promise} An error is thrown if the initiatilization failed.
  *
  * For the security schemes, the following scheme names are reserved: `SystemSecurity`, `AdminSecurity`, `UserSecurity`, `PeerSecurity`, `ApiKeySecurity`.
- * The secOptions in the options porperty passed when using `init` allows the folloing operations:
+ * The secOptions in the options property passed when using `init` allows the following operations:
  * - introduce a customer sevurity scheme, in this case secOptions contains: { newSecurityScheme: {function}newSecurityHandler },
  * - disable a security scheme that is defined in the swagger API, in this case secOptions contains: { securitySchemeToDisable: { {boolean}notEnabled: true } },
  * - overwite an existing security scheme, in this case secOptions contains: { securitySchemeToOverwrite: {function}newSecurityHandler }.
  * If the secOptions is not present either to introduce, disable or overwrite a security scheme that is present in the swagger API file an error is generated.
+ * If the secOptions contains unused security schemes, an error is generated.
  *
  * The default formats for validation are: `date`, `time`, `date-time`, `byte`, `uuid`, `uri`, `email`, `ipv4`, `ipv6`, `semver`, `ip`.
  */
@@ -107,7 +108,7 @@ const apiSetup = (setup, registeredOperations, securityHandlers, extraFormats, c
   }
   const appliedSecurities = [];
   const registerDefault = (securitySchemeName, securityHandler) => {
-    if (existingSecuritySchemes.includes(securitySchemeName) && securityHandlers && !securityHandlers[securitySchemeName]) {
+    if (existingSecuritySchemes.includes(securitySchemeName) && (!securityHandlers || (securityHandlers && !securityHandlers[securitySchemeName]))) {
       api.registerSecurityHandler(securitySchemeName, securityHandler);
       appliedSecurities.push(securitySchemeName);
     }
@@ -121,6 +122,9 @@ const apiSetup = (setup, registeredOperations, securityHandlers, extraFormats, c
 
   if (securityHandlers) {
     const securityHandlerNames = Object.keys(securityHandlers);
+    const unusedSecuritySchemes = difference(securityHandlerNames, definedSecuritySchemes);
+
+    if (unusedSecuritySchemes.length !== 0) throw getRichError('System', 'unused handlers for security schemes', { unusedSecuritySchemes });
 
     remainingSecurities.forEach((securityScheme) => {
       if (!securityHandlerNames.includes(securityScheme) && !securityHandlers[securityScheme].notEnabled) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mimik/api-helper",
-  "version": "1.1.0",
+  "version": "1.1.2",
   "description": "helper for openAPI backend and mimik service",
   "main": "index.js",
   "scripts": {