robotframework-openapitools 0.2.1__py3-none-any.whl → 0.2.2__py3-none-any.whl

OpenApiLibCore/openapi_libcore.py

@@ -123,6 +123,7 @@ import re
 import sys
 from copy import deepcopy
 from dataclasses import Field, dataclass, field, make_dataclass
+from enum import Enum
 from functools import cached_property
 from itertools import zip_longest
 from logging import getLogger
@@ -147,11 +148,16 @@ from openapi_core.contrib.requests import (
     RequestsOpenAPIRequest,
     RequestsOpenAPIResponse,
 )
-from prance import ResolvingParser, ValidationError
+from openapi_core.exceptions import OpenAPIError
+from openapi_core.validation.exceptions import ValidationError
+from openapi_core.validation.response.exceptions import ResponseValidationError
+from openapi_core.validation.schemas.exceptions import InvalidSchemaValue
+from prance import ResolvingParser
 from prance.util.url import ResolutionError
 from requests import Response, Session
 from requests.auth import AuthBase, HTTPBasicAuth
 from requests.cookies import RequestsCookieJar as CookieJar
+from robot.api import Failure
 from robot.api.deco import keyword, library
 from robot.libraries.BuiltIn import BuiltIn
 
@@ -181,6 +187,15 @@ run_keyword = BuiltIn().run_keyword
 logger = getLogger(__name__)
 
 
+class ValidationLevel(str, Enum):
+    """The available levels for the response_validation parameter."""
+
+    DISABLED = "DISABLED"
+    INFO = "INFO"
+    WARN = "WARN"
+    STRICT = "STRICT"
+
+
 def get_safe_key(key: str) -> str:
     """
     Helper function to convert a valid JSON property name to a string that can be used
@@ -643,7 +658,8 @@ class OpenApiLibCore:  # pylint: disable=too-many-instance-attributes
             else:
                 for content_type in content_dict:
                     if "json" in content_type:
-                        yield content_type
+                        content_type_without_charset, _, _ = content_type.partition(";")
+                        yield content_type_without_charset
 
         if isinstance(item, list):
             for list_item in item:
@@ -1624,3 +1640,457 @@ class OpenApiLibCore:  # pylint: disable=too-many-instance-attributes
         )
         logger.debug(f"Response text: {response.text}")
         return response
+
+    @keyword
+    def perform_validated_request(
+        self,
+        path: str,
+        status_code: int,
+        request_values: RequestValues,
+        original_data: Optional[Dict[str, Any]] = None,
+    ) -> None:
+        """
+        This keyword first calls the Authorized Request keyword, then the Validate
+        Response keyword and finally validates, for `DELETE` operations, whether
+        the target resource was indeed deleted (OK response) or not (error responses).
+        """
+        response = run_keyword(
+            "authorized_request",
+            request_values.url,
+            request_values.method,
+            request_values.params,
+            request_values.headers,
+            request_values.json_data,
+        )
+        if response.status_code != status_code:
+            try:
+                response_json = response.json()
+            except Exception as _:  # pylint: disable=broad-except
+                logger.info(
+                    f"Failed to get json content from response. "
+                    f"Response text was: {response.text}"
+                )
+                response_json = {}
+            if not response.ok:
+                if description := response_json.get("detail"):
+                    pass
+                else:
+                    description = response_json.get(
+                        "message", "response contains no message or detail."
+                    )
+                logger.error(f"{response.reason}: {description}")
+
+            logger.debug(
+                f"\nSend: {_json.dumps(request_values.json_data, indent=4, sort_keys=True)}"
+                f"\nGot: {_json.dumps(response_json, indent=4, sort_keys=True)}"
+            )
+            raise AssertionError(
+                f"Response status_code {response.status_code} was not {status_code}"
+            )
+
+        run_keyword("validate_response", path, response, original_data)
+
+        if request_values.method == "DELETE":
+            get_request_data = self.get_request_data(endpoint=path, method="GET")
+            get_params = get_request_data.params
+            get_headers = get_request_data.headers
+            get_response = run_keyword(
+                "authorized_request", request_values.url, "GET", get_params, get_headers
+            )
+            if response.ok:
+                if get_response.ok:
+                    raise AssertionError(
+                        f"Resource still exists after deletion. Url was {request_values.url}"
+                    )
+                # if the path supports GET, 404 is expected, if not 405 is expected
+                if get_response.status_code not in [404, 405]:
+                    logger.warning(
+                        f"Unexpected response after deleting resource: Status_code "
+                        f"{get_response.status_code} was received after trying to get {request_values.url} "
+                        f"after sucessfully deleting it."
+                    )
+            elif not get_response.ok:
+                raise AssertionError(
+                    f"Resource could not be retrieved after failed deletion. "
+                    f"Url was {request_values.url}, status_code was {get_response.status_code}"
+                )
+
+    @keyword
+    def validate_response(
+        self,
+        path: str,
+        response: Response,
+        original_data: Optional[Dict[str, Any]] = None,
+    ) -> None:
+        """
+        Validate the `response` by performing the following validations:
+        - validate the `response` against the openapi schema for the `endpoint`
+        - validate that the response does not contain extra properties
+        - validate that a href, if present, refers to the correct resource
+        - validate that the value for a property that is in the response is equal to
+            the property value that was send
+        - validate that no `original_data` is preserved when performing a PUT operation
+        - validate that a PATCH operation only updates the provided properties
+        """
+        if response.status_code == 204:
+            assert not response.content
+            return None
+
+        try:
+            self._validate_response_against_spec(response)
+        except OpenAPIError as exception:
+            raise Failure(f"Response did not pass schema validation: {exception}")
+
+        request_method = response.request.method
+        if request_method is None:
+            logger.warning(
+                f"Could not validate response for path {path}; no method found "
+                f"on the request property of the provided response."
+            )
+            return None
+
+        response_spec = self._get_response_spec(
+            path=path,
+            method=request_method,
+            status_code=response.status_code,
+        )
+
+        content_type_from_response = response.headers.get("Content-Type", "unknown")
+        mime_type_from_response, _, _ = content_type_from_response.partition(";")
+
+        if not response_spec.get("content"):
+            logger.warning(
+                "The response cannot be validated: 'content' not specified in the OAS."
+            )
+            return None
+
+        # multiple content types can be specified in the OAS
+        content_types = list(response_spec["content"].keys())
+        supported_types = [
+            ct for ct in content_types if ct.partition(";")[0].endswith("json")
+        ]
+        if not supported_types:
+            raise NotImplementedError(
+                f"The content_types '{content_types}' are not supported. "
+                f"Only json types are currently supported."
+            )
+        content_type = supported_types[0]
+        mime_type = content_type.partition(";")[0]
+
+        if mime_type != mime_type_from_response:
+            raise ValueError(
+                f"Content-Type '{content_type_from_response}' of the response "
+                f"does not match '{mime_type}' as specified in the OpenAPI document."
+            )
+
+        json_response = response.json()
+        response_schema = resolve_schema(
+            response_spec["content"][content_type]["schema"]
+        )
+
+        response_type = response_schema.get("type", "undefined")
+        if response_type not in ["object", "array"]:
+            self._validate_value_type(value=json_response, expected_type=response_type)
+            return None
+
+        if list_item_schema := response_schema.get("items"):
+            if not isinstance(json_response, list):
+                raise AssertionError(
+                    f"Response schema violation: the schema specifies an array as "
+                    f"response type but the response was of type {type(json_response)}."
+                )
+            type_of_list_items = list_item_schema.get("type")
+            if type_of_list_items == "object":
+                for resource in json_response:
+                    run_keyword(
+                        "validate_resource_properties", resource, list_item_schema
+                    )
+            else:
+                for item in json_response:
+                    self._validate_value_type(
+                        value=item, expected_type=type_of_list_items
+                    )
+            # no further validation; value validation of individual resources should
+            # be performed on the endpoints for the specific resource
+            return None
+
+        run_keyword("validate_resource_properties", json_response, response_schema)
+        # ensure the href is valid if present in the response
+        if href := json_response.get("href"):
+            self._assert_href_is_valid(href, json_response)
+        # every property that was sucessfully send and that is in the response
+        # schema must have the value that was send
+        if response.ok and response.request.method in ["POST", "PUT", "PATCH"]:
+            run_keyword("validate_send_response", response, original_data)
+        return None
+
+    def _assert_href_is_valid(self, href: str, json_response: Dict[str, Any]) -> None:
+        url = f"{self.origin}{href}"
+        path = url.replace(self.base_url, "")
+        request_data = self.get_request_data(endpoint=path, method="GET")
+        params = request_data.params
+        headers = request_data.headers
+        get_response = run_keyword("authorized_request", url, "GET", params, headers)
+        assert (
+            get_response.json() == json_response
+        ), f"{get_response.json()} not equal to original {json_response}"
+
+    def _validate_response_against_spec(self, response: Response) -> None:
+        try:
+            self.validate_response_vs_spec(
+                request=RequestsOpenAPIRequest(response.request),
+                response=RequestsOpenAPIResponse(response),
+            )
+        except ResponseValidationError as exception:
+            errors: List[InvalidSchemaValue] = exception.__cause__
+            validation_errors: Optional[List[ValidationError]] = getattr(
+                errors, "schema_errors", None
+            )
+            if validation_errors:
+                error_message = "\n".join(
+                    [
+                        f"{list(error.schema_path)}: {error.message}"
+                        for error in validation_errors
+                    ]
+                )
+            else:
+                error_message = str(exception)
+
+            if response.status_code == self.invalid_property_default_response:
+                logger.debug(error_message)
+                return
+            if self.response_validation == ValidationLevel.STRICT:
+                logger.error(error_message)
+                raise exception
+            if self.response_validation == ValidationLevel.WARN:
+                logger.warning(error_message)
+            elif self.response_validation == ValidationLevel.INFO:
+                logger.info(error_message)
+
+    @keyword
+    def validate_resource_properties(
+        self, resource: Dict[str, Any], schema: Dict[str, Any]
+    ) -> None:
+        """
+        Validate that the `resource` does not contain any properties that are not
+        defined in the `schema_properties`.
+        """
+        schema_properties = schema.get("properties", {})
+        property_names_from_schema = set(schema_properties.keys())
+        property_names_in_resource = set(resource.keys())
+
+        if property_names_from_schema != property_names_in_resource:
+            # The additionalProperties property determines whether properties with
+            # unspecified names are allowed. This property can be boolean or an object
+            # (dict) that specifies the type of any additional properties.
+            additional_properties = schema.get("additionalProperties", True)
+            if isinstance(additional_properties, bool):
+                allow_additional_properties = additional_properties
+                allowed_additional_properties_type = None
+            else:
+                allow_additional_properties = True
+                allowed_additional_properties_type = additional_properties["type"]
+
+            extra_property_names = property_names_in_resource.difference(
+                property_names_from_schema
+            )
+            if allow_additional_properties:
+                # If a type is defined for extra properties, validate them
+                if allowed_additional_properties_type:
+                    extra_properties = {
+                        key: value
+                        for key, value in resource.items()
+                        if key in extra_property_names
+                    }
+                    self._validate_type_of_extra_properties(
+                        extra_properties=extra_properties,
+                        expected_type=allowed_additional_properties_type,
+                    )
+                # If allowed, validation should not fail on extra properties
+                extra_property_names = set()
+
+            required_properties = set(schema.get("required", []))
+            missing_properties = required_properties.difference(
+                property_names_in_resource
+            )
+
+            if extra_property_names or missing_properties:
+                extra = (
+                    f"\n\tExtra properties in response: {extra_property_names}"
+                    if extra_property_names
+                    else ""
+                )
+                missing = (
+                    f"\n\tRequired properties missing in response: {missing_properties}"
+                    if missing_properties
+                    else ""
+                )
+                raise AssertionError(
+                    f"Response schema violation: the response contains properties that are "
+                    f"not specified in the schema or does not contain properties that are "
+                    f"required according to the schema."
+                    f"\n\tReceived in the response: {property_names_in_resource}"
+                    f"\n\tDefined in the schema:    {property_names_from_schema}"
+                    f"{extra}{missing}"
+                )
+
+    @staticmethod
+    def _validate_value_type(value: Any, expected_type: str) -> None:
+        type_mapping = {
+            "string": str,
+            "number": float,
+            "integer": int,
+            "boolean": bool,
+            "array": list,
+            "object": dict,
+        }
+        python_type = type_mapping.get(expected_type, None)
+        if python_type is None:
+            raise AssertionError(
+                f"Validation of type '{expected_type}' is not supported."
+            )
+        if not isinstance(value, python_type):
+            raise AssertionError(f"{value} is not of type {expected_type}")
+
+    @staticmethod
+    def _validate_type_of_extra_properties(
+        extra_properties: Dict[str, Any], expected_type: str
+    ) -> None:
+        type_mapping = {
+            "string": str,
+            "number": float,
+            "integer": int,
+            "boolean": bool,
+            "array": list,
+            "object": dict,
+        }
+
+        python_type = type_mapping.get(expected_type, None)
+        if python_type is None:
+            logger.warning(
+                f"Additonal properties were not validated: "
+                f"type '{expected_type}' is not supported."
+            )
+            return
+
+        invalid_extra_properties = {
+            key: value
+            for key, value in extra_properties.items()
+            if not isinstance(value, python_type)
+        }
+        if invalid_extra_properties:
+            raise AssertionError(
+                f"Response contains invalid additionalProperties: "
+                f"{invalid_extra_properties} are not of type {expected_type}."
+            )
+
+    @staticmethod
+    @keyword
+    def validate_send_response(
+        response: Response, original_data: Optional[Dict[str, Any]] = None
+    ) -> None:
+        """
+        Validate that each property that was send that is in the response has the value
+        that was send.
+        In case a PATCH request, validate that only the properties that were patched
+        have changed and that other properties are still at their pre-patch values.
+        """
+
+        def validate_list_response(
+            send_list: List[Any], received_list: List[Any]
+        ) -> None:
+            for item in send_list:
+                if item not in received_list:
+                    raise AssertionError(
+                        f"Received value '{received_list}' does "
+                        f"not contain '{item}' in the {response.request.method} request."
+                        f"\nSend: {_json.dumps(send_json, indent=4, sort_keys=True)}"
+                        f"\nGot: {_json.dumps(response_data, indent=4, sort_keys=True)}"
+                    )
+
+        def validate_dict_response(
+            send_dict: Dict[str, Any], received_dict: Dict[str, Any]
+        ) -> None:
+            for send_property_name, send_property_value in send_dict.items():
+                # sometimes, a property in the request is not in the response, e.g. a password
+                if send_property_name not in received_dict.keys():
+                    continue
+                if send_property_value is not None:
+                    # if a None value is send, the target property should be cleared or
+                    # reverted to the default value (which cannot be specified in the
+                    # openapi document)
+                    received_value = received_dict[send_property_name]
+                    # In case of lists / arrays, the send values are often appended to
+                    # existing data
+                    if isinstance(received_value, list):
+                        validate_list_response(
+                            send_list=send_property_value, received_list=received_value
+                        )
+                        continue
+
+                    # when dealing with objects, we'll need to iterate the properties
+                    if isinstance(received_value, dict):
+                        validate_dict_response(
+                            send_dict=send_property_value, received_dict=received_value
+                        )
+                        continue
+
+                    assert received_value == send_property_value, (
+                        f"Received value for {send_property_name} '{received_value}' does not "
+                        f"match '{send_property_value}' in the {response.request.method} request."
+                        f"\nSend: {_json.dumps(send_json, indent=4, sort_keys=True)}"
+                        f"\nGot: {_json.dumps(response_data, indent=4, sort_keys=True)}"
+                    )
+
+        if response.request.body is None:
+            logger.warning(
+                "Could not validate send response; the body of the request property "
+                "on the provided response was None."
+            )
+            return None
+        if isinstance(response.request.body, bytes):
+            send_json = _json.loads(response.request.body.decode("UTF-8"))
+        else:
+            send_json = _json.loads(response.request.body)
+
+        response_data = response.json()
+        # POST on /resource_type/{id}/array_item/ will return the updated {id} resource
+        # instead of a newly created resource. In this case, the send_json must be
+        # in the array of the 'array_item' property on {id}
+        send_path: str = response.request.path_url
+        response_path = response_data.get("href", None)
+        if response_path and send_path not in response_path:
+            property_to_check = send_path.replace(response_path, "")[1:]
+            if response_data.get(property_to_check) and isinstance(
+                response_data[property_to_check], list
+            ):
+                item_list: List[Dict[str, Any]] = response_data[property_to_check]
+                # Use the (mandatory) id to get the POSTed resource from the list
+                [response_data] = [
+                    item for item in item_list if item["id"] == send_json["id"]
+                ]
+
+        # incoming arguments are dictionaries, so they can be validated as such
+        validate_dict_response(send_dict=send_json, received_dict=response_data)
+
+        # In case of PATCH requests, ensure that only send properties have changed
+        if original_data:
+            for send_property_name, send_value in original_data.items():
+                if send_property_name not in send_json.keys():
+                    assert send_value == response_data[send_property_name], (
+                        f"Received value for {send_property_name} '{response_data[send_property_name]}' does not "
+                        f"match '{send_value}' in the pre-patch data"
+                        f"\nPre-patch: {_json.dumps(original_data, indent=4, sort_keys=True)}"
+                        f"\nGot: {_json.dumps(response_data, indent=4, sort_keys=True)}"
+                    )
+        return None
+
+    def _get_response_spec(
+        self, path: str, method: str, status_code: int
+    ) -> Dict[str, Any]:
+        method = method.lower()
+        status = str(status_code)
+        spec: Dict[str, Any] = {**self.openapi_spec}["paths"][path][method][
+            "responses"
+        ][status]
+        return spec

{robotframework_openapitools-0.2.1.dist-info → robotframework_openapitools-0.2.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: robotframework-openapitools
-Version: 0.2.1
+Version: 0.2.2
 Summary: A set of Robot Framework libraries to test APIs for which the OAS is available.
 Home-page: https://github.com/MarketSquare/robotframework-openapitools
 License: Apache-2.0

{robotframework_openapitools-0.2.1.dist-info → robotframework_openapitools-0.2.2.dist-info}/RECORD

@@ -1,15 +1,15 @@
 OpenApiDriver/__init__.py,sha256=34h5RkB8nBNRKPId4r_B_xzcgXJYD3m2QYwIaPfpv80,1331
-OpenApiDriver/openapi_executors.py,sha256=XEuHUD-3mBNb8WNK8gmJoYkz2HAjzS-K9oQ0FTmgOoc,32851
+OpenApiDriver/openapi_executors.py,sha256=7zjvMzkKY-IknTWZABZZoMNguMqXVn3gNiiljDQ9VyQ,12260
 OpenApiDriver/openapi_reader.py,sha256=4kSM-hFd54ws-jq88inbienkaoC5sSDwfRuxLrHP7aA,4652
-OpenApiDriver/openapidriver.libspec,sha256=3yU3o0AhCFulFWmmFwW-w0LY7GQaYSaU8er64Dr8cCA,28323
+OpenApiDriver/openapidriver.libspec,sha256=JuR4-Feq6xy3WQZn0xe8U9jA0rVnnvfvLN-3X6YwDjY,28322
 OpenApiDriver/openapidriver.py,sha256=QRFcF1q9x88rqsD7XzBN25wPYqTbZldK4rSvpEdhQHo,15214
 OpenApiDriver/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-OpenApiLibCore/__init__.py,sha256=TOeGg8q0V8BNvdP9tEPE2MRQm7XyS1VzC5AP8y_qOPg,1591
-OpenApiLibCore/dto_base.py,sha256=L1jKJLOthqL7jjdfZ6HDmM3t967UiH7RWkvsAu6NURg,11794
+OpenApiLibCore/__init__.py,sha256=CGZRj3Vh4TZ76LOLWJOrBFr27QYWVXsO1imLqH-aP9E,1604
+OpenApiLibCore/dto_base.py,sha256=qAPSLnrs1n_sbfe1z-3EPV31Q7dMe0Nno2XRFmrYl9A,11792
 OpenApiLibCore/dto_utils.py,sha256=maYX9QqPaJtiEo8vIFQLsT2FOT-LUGVnNcVaca4zCDk,2903
 OpenApiLibCore/oas_cache.py,sha256=Qg_Is5pAJZjZu5VmwEEarQs8teKrh3Y2psCcpDLU5Y4,379
-OpenApiLibCore/openapi_libcore.libspec,sha256=9Kn1CGzUoIL1uzb5cpjQrJS7ZKxjHAvRqADzCzdGlKQ,33102
-OpenApiLibCore/openapi_libcore.py,sha256=GHuhcpMiDNGCy-0pmTB5WRbUDzK8wpL5O07lZo0kPVQ,65826
+OpenApiLibCore/openapi_libcore.libspec,sha256=qgCF2aJGNWUgSX6-xjHQ2-DvknFGcA-1CnvU3VHCRzA,39801
+OpenApiLibCore/openapi_libcore.py,sha256=BVBaeqv_ZgPw5332BmNeTjONdpL73dXPcf8w1bWtvBA,86685
 OpenApiLibCore/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 OpenApiLibCore/value_utils.py,sha256=wO5ssYTuk4YWWMJb0kl5n20X2r0NG55FXvgLqQd8qvw,18145
 roboswag/__init__.py,sha256=-8ql4wuY_ftOZRdCxSmBCMW3WpDk7Ir__st9xcb9qCI,223
@@ -35,7 +35,7 @@ roboswag/validate/__init__.py,sha256=stpgQmvZvqlqPBjZ3Vxhd3wbX_Nb85jyIbj44_EhK_w
 roboswag/validate/core.py,sha256=CfUEhkXPFAzIppRSiGyh62j4BYW4vkjIXWEzRcJFD6o,84
 roboswag/validate/schema.py,sha256=jyD44GcYU_JQLw5hb1wK-DwxOsbJ-FstoNHwIVVMqoo,711
 roboswag/validate/text_response.py,sha256=P7WEC6ot1OG3YDEXRtmOwIFwki8jgq8fMb-L77X4vIo,527
-robotframework_openapitools-0.2.1.dist-info/LICENSE,sha256=HrhfyXIkWY2tGFK11kg7vPCqhgh5DcxleloqdhrpyMY,11558
-robotframework_openapitools-0.2.1.dist-info/METADATA,sha256=tT_w_nW-DgGsHRjhoWUQxRg92sQTdjTG7gzdPf19ndE,1610
-robotframework_openapitools-0.2.1.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-robotframework_openapitools-0.2.1.dist-info/RECORD,,
+robotframework_openapitools-0.2.2.dist-info/LICENSE,sha256=HrhfyXIkWY2tGFK11kg7vPCqhgh5DcxleloqdhrpyMY,11558
+robotframework_openapitools-0.2.2.dist-info/METADATA,sha256=9b-sj3qOnu_xXjxDj5Ad-9Vp5RIIBvd-fav5IVCqk6I,1610
+robotframework_openapitools-0.2.2.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+robotframework_openapitools-0.2.2.dist-info/RECORD,,