Compatibility test SecurityScheme

Author: westse

core/src/main/java/org/openapitools/openapidiff/core/model/ChangedSecurityScheme.java

@@ -44,6 +44,13 @@ public DiffResult isCoreChanged() {
         && !changedBearerFormat
         && !changedOpenIdConnectUrl
         && (changedScopes == null || changedScopes.getIncreased().isEmpty())) {
+
+      // TODO: Dead code removal opportunity for changedType and changedIn. It appears that
+      // SecuritySchemaDiff will never be given the chance to detect differences TYPE and
+      // IN differences because that case has already been detected and filtered out by
+      // SecurityRequirementsDiff and recorded as a dropped requirement in
+      // ChangedSecurityRequirements.
+
       return DiffResult.COMPATIBLE;
     }
     return DiffResult.INCOMPATIBLE;

core/src/test/java/org/openapitools/openapidiff/core/backcompat/SecuritySchemeBCTest.java

@@ -0,0 +1,51 @@
+package org.openapitools.openapidiff.core.backcompat;
+
+import static org.openapitools.openapidiff.core.TestUtils.assertOpenApiBackwardIncompatible;
+import static org.openapitools.openapidiff.core.TestUtils.assertSpecChangedButCompatible;
+import static org.openapitools.openapidiff.core.TestUtils.assertSpecUnchanged;
+
+import org.junit.jupiter.api.Test;
+
+public class SecuritySchemeBCTest {
+  private final String BASE = "bc_security_scheme_base.yaml";
+
+  @Test
+  public void unchanged() {
+    assertSpecUnchanged(BASE, BASE);
+  }
+
+  @Test
+  public void changedButCompatible() {
+    assertSpecChangedButCompatible(BASE, "bc_security_scheme_changed_but_compatible.yaml");
+  }
+
+  @Test
+  public void bearerFormatChanged() {
+    assertOpenApiBackwardIncompatible(BASE, "bc_security_scheme_bearer_format_changed.yaml");
+  }
+
+  @Test
+  public void inChanged() {
+    assertOpenApiBackwardIncompatible(BASE, "bc_security_scheme_in_changed.yaml");
+  }
+
+  @Test
+  public void openIdConnectUrlChanged() {
+    assertOpenApiBackwardIncompatible(BASE, "bc_security_scheme_open_id_connect_url_changed.yaml");
+  }
+
+  @Test
+  public void schemeChanged() {
+    assertOpenApiBackwardIncompatible(BASE, "bc_security_scheme_scheme_changed.yaml");
+  }
+
+  @Test
+  public void typeChanged() {
+    assertOpenApiBackwardIncompatible(BASE, "bc_security_scheme_type_changed.yaml");
+  }
+
+  @Test
+  public void scopesIncreased() {
+    assertOpenApiBackwardIncompatible(BASE, "bc_security_scheme_scopes_increased.yaml");
+  }
+}

core/src/test/resources/bc_security_scheme_base.yaml

@@ -0,0 +1,42 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - basic-scheme-1: []
+        - apikey-scheme-1: []
+        - openidconnect-scheme-1: []
+        - oauth2-scheme-1:
+            - "scope1"
+            - "scope2"
+components:
+  securitySchemes:
+    apikey-scheme-1:
+      type: apiKey
+      name: api_key
+      in: header
+    basic-scheme-1:
+      type: http
+    openidconnect-scheme-1:
+      type: openIdConnect
+      openIdConnectUrl: https://example.com/api/openidconnect
+    oauth2-scheme-1:
+      type: oauth2
+      flows:
+        implicit:
+          authorizationUrl: https://example.com/api/oauth/dialog
+          scopes:
+            scope1: scope1 description
+            scope2: scope2 description

core/src/test/resources/bc_security_scheme_bearer_format_changed.yaml

@@ -0,0 +1,43 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - basic-scheme-1: []
+        - apikey-scheme-1: []
+        - openidconnect-scheme-1: []
+        - oauth2-scheme-1:
+            - "scope1"
+            - "scope2"
+components:
+  securitySchemes:
+    apikey-scheme-1:
+      type: apiKey
+      name: api_key
+      in: header
+    basic-scheme-1:
+      type: http
+      bearerFormat: myBearerFormat
+    openidconnect-scheme-1:
+      type: openIdConnect
+      openIdConnectUrl: https://example.com/api/openidconnect
+    oauth2-scheme-1:
+      type: oauth2
+      flows:
+        implicit:
+          authorizationUrl: https://example.com/api/oauth/dialog
+          scopes:
+            scope1: scope1 description
+            scope2: scope2 description

core/src/test/resources/bc_security_scheme_changed_but_compatible.yaml

@@ -0,0 +1,41 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - basic-scheme-1: []
+        - apikey-scheme-1: []
+        - openidconnect-scheme-1: []
+        - oauth2-scheme-1:
+            - "scope1"
+components:
+  securitySchemes:
+    apikey-scheme-1:
+      type: apiKey
+      name: api_key
+      in: header
+    basic-scheme-1:
+      type: http
+    openidconnect-scheme-1:
+      type: openIdConnect
+      openIdConnectUrl: https://example.com/api/openidconnect
+    oauth2-scheme-1:
+      type: oauth2
+      flows:
+        implicit:
+          authorizationUrl: https://example.com/api/oauth/dialog
+          scopes:
+            scope1: scope1 description
+            scope2: scope2 description

core/src/test/resources/bc_security_scheme_in_changed.yaml

@@ -0,0 +1,42 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - basic-scheme-1: []
+        - apikey-scheme-1: []
+        - openidconnect-scheme-1: []
+        - oauth2-scheme-1:
+            - "scope1"
+            - "scope2"
+components:
+  securitySchemes:
+    apikey-scheme-1:
+      type: apiKey
+      name: api_key
+      in: query
+    basic-scheme-1:
+      type: http
+    openidconnect-scheme-1:
+      type: openIdConnect
+      openIdConnectUrl: https://example.com/api/openidconnect
+    oauth2-scheme-1:
+      type: oauth2
+      flows:
+        implicit:
+          authorizationUrl: https://example.com/api/oauth/dialog
+          scopes:
+            scope1: scope1 description
+            scope2: scope2 description

core/src/test/resources/bc_security_scheme_open_id_connect_url_changed.yaml

@@ -0,0 +1,42 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - basic-scheme-1: []
+        - apikey-scheme-1: []
+        - openidconnect-scheme-1: []
+        - oauth2-scheme-1:
+            - "scope1"
+            - "scope2"
+components:
+  securitySchemes:
+    apikey-scheme-1:
+      type: apiKey
+      name: api_key
+      in: header
+    basic-scheme-1:
+      type: http
+    openidconnect-scheme-1:
+      type: openIdConnect
+      openIdConnectUrl: https://example.com/api/openidconnect2
+    oauth2-scheme-1:
+      type: oauth2
+      flows:
+        implicit:
+          authorizationUrl: https://example.com/api/oauth/dialog
+          scopes:
+            scope1: scope1 description
+            scope2: scope2 description

core/src/test/resources/bc_security_scheme_scheme_changed.yaml

@@ -0,0 +1,43 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - basic-scheme-1: []
+        - apikey-scheme-1: []
+        - openidconnect-scheme-1: []
+        - oauth2-scheme-1:
+            - "scope1"
+            - "scope2"
+components:
+  securitySchemes:
+    apikey-scheme-1:
+      type: apiKey
+      name: api_key
+      in: header
+    basic-scheme-1:
+      type: http
+      scheme: Digest
+    openidconnect-scheme-1:
+      type: openIdConnect
+      openIdConnectUrl: https://example.com/api/openidconnect
+    oauth2-scheme-1:
+      type: oauth2
+      flows:
+        implicit:
+          authorizationUrl: https://example.com/api/oauth/dialog
+          scopes:
+            scope1: scope1 description
+            scope2: scope2 description

core/src/test/resources/bc_security_scheme_scopes_increased.yaml

@@ -0,0 +1,43 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - basic-scheme-1: []
+        - apikey-scheme-1: []
+        - openidconnect-scheme-1: []
+        - oauth2-scheme-1:
+            - "scope1"
+            - "scope2"
+            - "scope3"
+components:
+  securitySchemes:
+    apikey-scheme-1:
+      type: apiKey
+      name: api_key
+      in: header
+    basic-scheme-1:
+      type: http
+    openidconnect-scheme-1:
+      type: openIdConnect
+      openIdConnectUrl: https://example.com/api/openidconnect
+    oauth2-scheme-1:
+      type: oauth2
+      flows:
+        implicit:
+          authorizationUrl: https://example.com/api/oauth/dialog
+          scopes:
+            scope1: scope1 description
+            scope2: scope2 description