Search in sources :

Example 1 with Request

use of com.atlassian.oai.validator.model.Request in project easy-tests by malinink.

the class SwaggerValidationInterceptor method preHandle.

/**
 * Validates the given requests. If a request is defined but invalid against the Swagger schema
 * an {@link InvalidRequestException} will be thrown leading to an error response.
 * <p>
 * Only {@link ResettableRequestServletWrapper} can be validated. Wrapping is done within the
 * {@link SwaggerValidationFilter}.
 *
 * @param servletRequest  the {@link HttpServletRequest} to validate
 * @param servletResponse the servlet response
 * @param handler         a handler
 * @return {@code true} if the request is valid against or not defined in the Swagger schema or
 * the servlet is not a {@link ResettableRequestServletWrapper}
 * @throws Exception if the request is invalid against the Swagger schema or the requests body
 *                   can't be read
 */
@Override
public boolean preHandle(final HttpServletRequest servletRequest, final HttpServletResponse servletResponse, final Object handler) throws Exception {
    // only wrapped servlet requests can be validated - see: SwaggerValidationFilter
    if (!(servletRequest instanceof ResettableRequestServletWrapper)) {
        return true;
    }
    // validate the request
    final ResettableRequestServletWrapper resettableRequest = (ResettableRequestServletWrapper) servletRequest;
    final String requestLoggingKey = servletRequest.getMethod() + "#" + servletRequest.getRequestURI();
    LOG.debug("Swagger request validation: {}", requestLoggingKey);
    final Request request = swaggerRequestValidationService.buildRequest(resettableRequest);
    final ValidationReport validationReport = swaggerRequestValidationService.validateRequest(request);
    if (!validationReport.hasErrors()) {
        LOG.debug("Swagger validation: {} - The request is valid.", requestLoggingKey);
    } else if (!swaggerRequestValidationService.isDefinedSwaggerRequest(validationReport)) {
        LOG.info("Swagger validation: {} - The request is not defined in the Swagger schema. Ignoring it.", requestLoggingKey);
    } else {
        final InvalidRequestException invalidRequestException = new InvalidRequestException(validationReport);
        LOG.info("Swagger validation: {} - The REST request is invalid: {}", requestLoggingKey, invalidRequestException.getMessage());
        throw invalidRequestException;
    }
    // reset the requests servlet input stream after reading it on former step
    resettableRequest.resetInputStream();
    return true;
}
Also used : ValidationReport(com.atlassian.oai.validator.report.ValidationReport) Request(com.atlassian.oai.validator.model.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest)

Example 2 with Request

use of com.atlassian.oai.validator.model.Request in project easy-tests by malinink.

the class SwaggerRequestValidationService method buildRequest.

/**
 * @param servletRequest the {@link HttpServletRequest}
 * @return the build {@link Request} created out of given {@link HttpServletRequest}
 * @throws IOException if the request body can't be read
 */
Request buildRequest(final HttpServletRequest servletRequest) throws IOException {
    Objects.requireNonNull(servletRequest, "A request is required.");
    final Request.Method method = Request.Method.valueOf(servletRequest.getMethod());
    final String requestUri = getCompleteRequestUri(servletRequest);
    final UriComponents uriComponents = UriComponentsBuilder.fromUriString(requestUri).build();
    final String path = uriComponents.getPath();
    final SimpleRequest.Builder builder = new SimpleRequest.Builder(method, path);
    final String body = readReader(servletRequest.getReader());
    // really empty.
    if (servletRequest.getContentLength() >= 0 || (body != null && !body.isEmpty())) {
        builder.withBody(body);
    }
    for (final Map.Entry<String, List<String>> entry : uriComponents.getQueryParams().entrySet()) {
        builder.withQueryParam(entry.getKey(), entry.getValue());
    }
    for (final String headerName : Collections.list(servletRequest.getHeaderNames())) {
        builder.withHeader(headerName, Collections.list(servletRequest.getHeaders(headerName)));
    }
    return builder.build();
}
Also used : UriComponents(org.springframework.web.util.UriComponents) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) Request(com.atlassian.oai.validator.model.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) SimpleRequest(com.atlassian.oai.validator.model.SimpleRequest) SimpleRequest(com.atlassian.oai.validator.model.SimpleRequest)

Example 3 with Request

use of com.atlassian.oai.validator.model.Request in project easy-tests by malinink.

the class SwaggerValidationInterceptor method postHandle.

@Override
public void postHandle(HttpServletRequest servletRequest, HttpServletResponse servletResponse, Object handler, @Nullable ModelAndView modelAndView) throws Exception {
    // only wrapped servlet requests can be validated - see: SwaggerValidationFilter
    if (!(servletRequest instanceof ResettableRequestServletWrapper) || !(servletResponse instanceof ContentCachingResponseWrapper)) {
        return;
    }
    // validate the request
    final ResettableRequestServletWrapper resettableRequest = (ResettableRequestServletWrapper) servletRequest;
    final ContentCachingResponseWrapper cachingResponse = (ContentCachingResponseWrapper) servletResponse;
    final Request request = swaggerRequestValidationService.buildRequest(resettableRequest);
    final Response response = swaggerRequestValidationService.buildResponse(cachingResponse);
    final String requestLoggingKey = servletRequest.getMethod() + "#" + servletRequest.getRequestURI() + "#" + response.getStatus();
    LOG.info("Swagger response validation: {}", requestLoggingKey);
    final ValidationReport validationReport = swaggerRequestValidationService.validateResponse(request.getPath(), request.getMethod(), response);
    if (!validationReport.hasErrors()) {
        LOG.debug("Swagger validation: {} - The response is valid.", requestLoggingKey);
    } else if (!swaggerRequestValidationService.isDefinedSwaggerRequest(validationReport)) {
        LOG.info("Swagger validation: {} - The request/response is not defined in the Swagger schema. Ignoring it.", requestLoggingKey);
    } else {
        final InvalidResponseException invalidReponseException = new InvalidResponseException(validationReport);
        LOG.warn("Swagger validation: {} - The REST response is invalid: {}", requestLoggingKey, invalidReponseException.getMessage());
        throw invalidReponseException;
    }
}
Also used : HttpServletResponse(javax.servlet.http.HttpServletResponse) Response(com.atlassian.oai.validator.model.Response) ContentCachingResponseWrapper(org.springframework.web.util.ContentCachingResponseWrapper) ValidationReport(com.atlassian.oai.validator.report.ValidationReport) Request(com.atlassian.oai.validator.model.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest)

Aggregations

Request (com.atlassian.oai.validator.model.Request)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)3 ValidationReport (com.atlassian.oai.validator.report.ValidationReport)2 Response (com.atlassian.oai.validator.model.Response)1 SimpleRequest (com.atlassian.oai.validator.model.SimpleRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 ContentCachingResponseWrapper (org.springframework.web.util.ContentCachingResponseWrapper)1 UriComponents (org.springframework.web.util.UriComponents)1 UriComponentsBuilder (org.springframework.web.util.UriComponentsBuilder)1