Compatibility test SecurityRequirements

westse · westse · commit f39ababf808f · 2023-07-18T09:20:11.000-06:00
diff --git a/core/src/test/java/org/openapitools/openapidiff/core/backcompat/SecurityRequirementsBCTest.java b/core/src/test/java/org/openapitools/openapidiff/core/backcompat/SecurityRequirementsBCTest.java
@@ -0,0 +1,38 @@
+package org.openapitools.openapidiff.core.backcompat;
+
+import static org.openapitools.openapidiff.core.TestUtils.assertOpenApiBackwardIncompatible;
+import static org.openapitools.openapidiff.core.TestUtils.assertSpecChangedButCompatible;
+import static org.openapitools.openapidiff.core.TestUtils.assertSpecUnchanged;
+
+import org.junit.jupiter.api.Test;
+
+public class SecurityRequirementsBCTest {
+  private final String BASE = "bc_security_requirements_base.yaml";
+
+  @Test
+  public void unchanged() {
+    assertSpecUnchanged(BASE, BASE);
+  }
+
+  @Test
+  public void changedButCompatible() {
+    assertSpecChangedButCompatible(BASE, "bc_security_requirements_changed_but_compatible.yaml");
+  }
+
+  // TODO: Dropping *all* security requirements should be compatible. Refactor or document
+  // reasoning. Context: OAS spec is clear that only one of the security requirement objects
+  // need to be satisfied so it makes sense why dropping one could break a client that may
+  // not yet support one of the remaining referenced security schemes. But dropping all
+  // requirements should be compatible.
+  @Test
+  public void decreased() {
+    assertOpenApiBackwardIncompatible(BASE, "bc_security_requirements_decreased.yaml");
+  }
+
+  // TODO: A missing incompatible check seems to be if requirements increase from zero to 1 or more
+
+  @Test
+  public void schemeTypeChanged() {
+    assertOpenApiBackwardIncompatible(BASE, "bc_security_requirements_scheme_type_changed.yaml");
+  }
+}
diff --git a/core/src/test/resources/bc_security_requirements_base.yaml b/core/src/test/resources/bc_security_requirements_base.yaml
@@ -0,0 +1,30 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - my-scheme-1: []
+        - my-scheme-2: []
+components:
+  securitySchemes:
+    my-scheme-1:
+      type: http
+      scheme: basic
+    my-scheme-2:
+      type: http
+      scheme: basic
+    my-scheme-3:
+      type: http
+      scheme: basic
diff --git a/core/src/test/resources/bc_security_requirements_changed_but_compatible.yaml b/core/src/test/resources/bc_security_requirements_changed_but_compatible.yaml
@@ -0,0 +1,31 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - my-scheme-1: []
+        - my-scheme-2: []
+        - my-scheme-3: []
+components:
+  securitySchemes:
+    my-scheme-1:
+      type: http
+      scheme: basic
+    my-scheme-2:
+      type: http
+      scheme: basic
+    my-scheme-3:
+      type: http
+      scheme: basic
diff --git a/core/src/test/resources/bc_security_requirements_decreased.yaml b/core/src/test/resources/bc_security_requirements_decreased.yaml
@@ -0,0 +1,29 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - my-scheme-1: []
+components:
+  securitySchemes:
+    my-scheme-1:
+      type: http
+      scheme: basic
+    my-scheme-2:
+      type: http
+      scheme: basic
+    my-scheme-3:
+      type: http
+      scheme: basic
diff --git a/core/src/test/resources/bc_security_requirements_scheme_type_changed.yaml b/core/src/test/resources/bc_security_requirements_scheme_type_changed.yaml
@@ -0,0 +1,31 @@
+openapi: 3.0.0
+info:
+  description: myDesc
+  title: myTitle
+  version: 1.0.0
+paths:
+  /widgets:
+    get:
+      operationId: listWidgets
+      responses:
+        '200':
+          description: successful operation
+          content:
+            application/json:
+              schema:
+                type: string
+      security:
+        - my-scheme-1: []
+        - my-scheme-2: []
+components:
+  securitySchemes:
+    my-scheme-1:
+      type: apiKey
+      name: api_key
+      in: header
+    my-scheme-2:
+      type: http
+      scheme: basic
+    my-scheme-3:
+      type: http
+      scheme: basic
