From b46f2e76a2b84a036c9e86f34c14c035fded0b87 Mon Sep 17 00:00:00 2001 From: Jean Michel Rouly Date: Tue, 26 Jan 2021 10:49:34 -0500 Subject: [PATCH 1/3] Handle missing security schemes component. --- .../compare/SecurityRequirementsDiff.java | 19 +- .../openapidiff/core/SecurityDiffTest.java | 4 + core/src/test/resources/security_diff_4.yaml | 224 ++++++++++++++++++ 3 files changed, 240 insertions(+), 7 deletions(-) create mode 100644 core/src/test/resources/security_diff_4.yaml diff --git a/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java b/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java index cc92b48bf..68d49dd64 100644 --- a/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java +++ b/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java @@ -1,14 +1,8 @@ package org.openapitools.openapidiff.core.compare; -import static org.openapitools.openapidiff.core.utils.ChangedUtils.isChanged; - import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.security.SecurityRequirement; import io.swagger.v3.oas.models.security.SecurityScheme; -import java.util.ArrayList; -import java.util.List; -import java.util.Optional; -import java.util.stream.Collectors; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.tuple.ImmutablePair; import org.apache.commons.lang3.tuple.Pair; @@ -16,6 +10,11 @@ import org.openapitools.openapidiff.core.model.ChangedSecurityRequirements; import org.openapitools.openapidiff.core.model.DiffContext; +import java.util.*; +import java.util.stream.Collectors; + +import static org.openapitools.openapidiff.core.utils.ChangedUtils.isChanged; + /** Created by adarsh.sharma on 07/01/18. */ public class SecurityRequirementsDiff { private final OpenApiDiff openApiDiff; @@ -55,10 +54,16 @@ private List> getListOfSecuritySche return securityRequirement.keySet().stream() .map( x -> { - SecurityScheme result = components.getSecuritySchemes().get(x); + Map securitySchemes = components.getSecuritySchemes(); + if (securitySchemes == null) { + throw new IllegalArgumentException("Missing securitySchemes component definition."); + } + + SecurityScheme result = securitySchemes.get(x); if (result == null) { throw new IllegalArgumentException("Impossible to find security scheme: " + x); } + return result; }) .map(this::getPair) diff --git a/core/src/test/java/org/openapitools/openapidiff/core/SecurityDiffTest.java b/core/src/test/java/org/openapitools/openapidiff/core/SecurityDiffTest.java index ef1bec29c..056b92319 100644 --- a/core/src/test/java/org/openapitools/openapidiff/core/SecurityDiffTest.java +++ b/core/src/test/java/org/openapitools/openapidiff/core/SecurityDiffTest.java @@ -12,6 +12,7 @@ public class SecurityDiffTest { private final String OPENAPI_DOC1 = "security_diff_1.yaml"; private final String OPENAPI_DOC2 = "security_diff_2.yaml"; private final String OPENAPI_DOC3 = "security_diff_3.yaml"; + private final String OPENAPI_DOC4 = "security_diff_4.yaml"; @Test public void testDiffDifferent() { @@ -89,5 +90,8 @@ public void testWithUnknownSecurityScheme() { assertThrows( IllegalArgumentException.class, () -> OpenApiCompare.fromLocations(OPENAPI_DOC3, OPENAPI_DOC3)); + assertThrows( + IllegalArgumentException.class, + () -> OpenApiCompare.fromLocations(OPENAPI_DOC4, OPENAPI_DOC4)); } } diff --git a/core/src/test/resources/security_diff_4.yaml b/core/src/test/resources/security_diff_4.yaml new file mode 100644 index 000000000..aa13324a8 --- /dev/null +++ b/core/src/test/resources/security_diff_4.yaml @@ -0,0 +1,224 @@ +openapi: 3.0.0 +servers: + - url: 'http://petstore.swagger.io/v2' +info: + description: >- + This is a sample server Petstore server. You can find out more about + Swagger at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, + #swagger](http://swagger.io/irc/). For this sample, you can use the api key + `special-key` to test the authorization filters. + version: 1.0.0 + title: Swagger Petstore + termsOfService: 'http://swagger.io/terms/' + contact: + email: apiteam@swagger.io + license: + name: Apache 2.0 + url: 'http://www.apache.org/licenses/LICENSE-2.0.html' +tags: + - name: pet + description: Everything about your Pets + externalDocs: + description: Find out more + url: 'http://swagger.io' + - name: store + description: Access to Petstore orders + - name: user + description: Operations about user + externalDocs: + description: Find out more about our store + url: 'http://swagger.io' +security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + - unknown: [] +paths: + '/pet/{petId}': + parameters: + - name: newHeaderParam + in: header + required: false + schema: + type: integer + delete: + tags: + - pet + summary: Deletes a pet + description: '' + operationId: deletePet + parameters: + - name: api_key + in: header + required: false + schema: + type: string + - name: newHeaderParam + in: header + required: false + schema: + type: string + - name: petId + in: path + description: Pet id to delete + required: true + schema: + type: integer + format: int64 + responses: + '400': + description: Invalid ID supplied + '404': + description: Pet not found + security: + - petstore_auth: + - 'write:pets' + /pet: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + responses: + '405': + description: Invalid input + requestBody: + $ref: '#/components/requestBodies/Pet' + /pet2: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + responses: + '405': + description: Invalid input + requestBody: + $ref: '#/components/requestBodies/Pet' + /pet3: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + responses: + '405': + description: Invalid input + requestBody: + $ref: '#/components/requestBodies/Pet' + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + /pet/findByStatus2: + get: + tags: + - pet + summary: Finds Pets by status + description: Multiple status values can be provided with comma separated strings + operationId: findPetsByStatus + parameters: + - name: status + in: query + deprecated: true + description: Status values that need to be considered for filter + required: true + explode: true + schema: + type: array + items: + type: string + enum: + - available + - pending + - sold + default: available + security: + - tenant: [] + user: [] + responses: + '200': + description: successful operation + content: + application/xml: + schema: + type: array + items: + $ref: '#/components/schemas/Pet' + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Pet' + '400': + description: Invalid status value +externalDocs: + description: Find out more about Swagger + url: 'http://swagger.io' +components: + requestBodies: + Pet: + content: + application/json: + schema: + $ref: '#/components/schemas/Pet' + application/xml: + schema: + $ref: '#/components/schemas/Pet' + description: Pet object that needs to be added to the store + required: true + schemas: + Tag: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + xml: + name: Tag + Pet: + type: object + required: + - name + - photoUrls + properties: + id: + type: integer + format: int64 + category: + type: string + name: + type: string + example: doggie + newField: + type: string + example: a field demo + description: a field demo + photoUrls: + type: array + xml: + name: photoUrl + wrapped: true + items: + type: string + tags: + type: array + xml: + name: tag + wrapped: true + items: + $ref: '#/components/schemas/Tag' + status: + type: string + description: pet status in the store + enum: + - available + - pending + - sold + xml: + name: Pet \ No newline at end of file From f33ed7c92b5ee79874275e6ecf359027a9d54c0f Mon Sep 17 00:00:00 2001 From: Jean Michel Rouly Date: Tue, 26 Jan 2021 10:59:56 -0500 Subject: [PATCH 2/3] optimize imports --- .../openapidiff/core/compare/SecurityRequirementsDiff.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java b/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java index 68d49dd64..b9a3fdca5 100644 --- a/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java +++ b/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java @@ -10,7 +10,10 @@ import org.openapitools.openapidiff.core.model.ChangedSecurityRequirements; import org.openapitools.openapidiff.core.model.DiffContext; -import java.util.*; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Optional; import java.util.stream.Collectors; import static org.openapitools.openapidiff.core.utils.ChangedUtils.isChanged; From 7c07d5bf8b33249b5128970891e016c53247efd6 Mon Sep 17 00:00:00 2001 From: Jochen Schalanda Date: Sun, 28 Feb 2021 17:09:22 +0100 Subject: [PATCH 3/3] Return to original imports order --- .../core/compare/SecurityRequirementsDiff.java | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java b/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java index b9a3fdca5..30b99a542 100644 --- a/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java +++ b/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java @@ -1,8 +1,15 @@ package org.openapitools.openapidiff.core.compare; +import static org.openapitools.openapidiff.core.utils.ChangedUtils.isChanged; + import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.security.SecurityRequirement; import io.swagger.v3.oas.models.security.SecurityScheme; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import java.util.stream.Collectors; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.tuple.ImmutablePair; import org.apache.commons.lang3.tuple.Pair; @@ -10,14 +17,6 @@ import org.openapitools.openapidiff.core.model.ChangedSecurityRequirements; import org.openapitools.openapidiff.core.model.DiffContext; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; -import java.util.Optional; -import java.util.stream.Collectors; - -import static org.openapitools.openapidiff.core.utils.ChangedUtils.isChanged; - /** Created by adarsh.sharma on 07/01/18. */ public class SecurityRequirementsDiff { private final OpenApiDiff openApiDiff;