use of io.swagger.v3.oas.models.security.SecurityScheme in project swagger-parser by swagger-api.
the class OpenAPIResolverTest method componentsResolver.
@Test
public void componentsResolver() throws Exception {
final ObjectMapper mapper = new ObjectMapper(new YAMLFactory());
String pathFile = FileUtils.readFileToString(new File("src/test/resources/oas3.yaml.template"));
pathFile = pathFile.replace("${dynamicPort}", String.valueOf(this.serverPort));
final JsonNode rootNode = mapper.readTree(pathFile.getBytes());
final OpenAPIDeserializer deserializer = new OpenAPIDeserializer();
final SwaggerParseResult result = deserializer.deserialize(rootNode);
Assert.assertNotNull(result);
final OpenAPI openAPI = result.getOpenAPI();
Assert.assertNotNull(openAPI);
assertEquals(new OpenAPIResolver(openAPI, new ArrayList<>(), null).resolve(), openAPI);
Map<String, Schema> schemas = openAPI.getComponents().getSchemas();
// internal url schema
Schema pet = schemas.get("Pet");
Schema category = (Schema) pet.getProperties().get("category");
assertEquals(category.get$ref(), "#/components/schemas/Category");
// remote url schema
Schema user = (Schema) pet.getProperties().get("user");
assertEquals(user.get$ref(), "#/components/schemas/User");
// ArraySchema items
ArraySchema tagsProperty = (ArraySchema) pet.getProperties().get("tags");
assertEquals(tagsProperty.getItems().get$ref(), "#/components/schemas/ExampleSchema");
assertEquals(tagsProperty.getType(), "array");
Assert.assertNotNull(openAPI.getComponents().getSchemas().get("ExampleSchema"));
// Schema not
assertEquals(schemas.get("OrderRef").getNot().get$ref(), "#/components/schemas/Category");
// Schema additionalProperties
assertTrue(schemas.get("OrderRef").getAdditionalProperties() instanceof Schema);
Schema additionalProperties = (Schema) schemas.get("OrderRef").getAdditionalProperties();
assertEquals(additionalProperties.get$ref(), "#/components/schemas/User");
// AllOfSchema
ComposedSchema extended = (ComposedSchema) schemas.get("ExtendedErrorModel");
Schema root = (Schema) extended.getAllOf().get(0).getProperties().get("rootCause");
assertEquals(root.get$ref(), "#/components/schemas/Category");
Map<String, ApiResponse> responses = openAPI.getComponents().getResponses();
// internal response headers
ApiResponse illegalInput = responses.get("IllegalInput");
assertEquals(illegalInput.getHeaders().get("X-Ref-Limit-Limit").get$ref(), "#/components/headers/X-Rate-Limit-Reset");
// internal response links
assertEquals(illegalInput.getLinks().get("address").get$ref(), "#/components/links/unsubscribe");
// internal url response schema
MediaType generalError = responses.get("GeneralError").getContent().get("application/json");
assertEquals(generalError.getSchema().get$ref(), "#/components/schemas/ExtendedErrorModel");
Map<String, RequestBody> requestBodies = openAPI.getComponents().getRequestBodies();
// internal url requestBody schema
RequestBody requestBody1 = requestBodies.get("requestBody1");
MediaType xmlMedia = requestBody1.getContent().get("application/json");
assertEquals(xmlMedia.getSchema().get$ref(), "#/components/schemas/Pet");
// internal url requestBody ArraySchema
RequestBody requestBody2 = requestBodies.get("requestBody2");
MediaType jsonMedia = requestBody2.getContent().get("application/json");
ArraySchema items = (ArraySchema) jsonMedia.getSchema();
assertEquals(items.getItems().get$ref(), "#/components/schemas/User");
// internal request body
assertEquals("#/components/requestBodies/requestBody2", requestBodies.get("requestBody3").get$ref());
// remote request body url
assertEquals(requestBodies.get("reference").get$ref(), "#/components/requestBodies/remote_requestBody");
Map<String, Parameter> parameters = openAPI.getComponents().getParameters();
// remote url parameter
assertEquals(parameters.get("remoteParameter").get$ref(), "#/components/parameters/parameter");
// internal Schema Parameter
assertEquals(parameters.get("newParam").getSchema().get$ref(), "#/components/schemas/Tag");
// parameter examples
assertEquals(parameters.get("contentParameter").getExamples().get("cat"), openAPI.getComponents().getExamples().get("cat"));
// parameter content schema
assertEquals(parameters.get("contentParameter").getContent().get("application/json").getSchema().get$ref(), "#/components/schemas/ExtendedErrorModel");
// internal Schema header
Map<String, Header> headers = openAPI.getComponents().getHeaders();
// header remote schema ref
assertEquals(headers.get("X-Rate-Limit-Remaining").getSchema().get$ref(), "#/components/schemas/User");
// header examples
assertEquals(headers.get("X-Rate-Limit-Reset").getExamples().get("headerExample").get$ref(), "#/components/examples/dog");
// remote header ref
assertEquals(headers.get("X-Ref-Limit-Limit").get$ref(), "#/components/headers/X-Rate-Limit-Reset");
// header content
assertEquals(headers.get("X-Rate-Limit-Reset").getContent().get("application/json").getSchema().get$ref(), "#/components/schemas/ExtendedErrorModel");
Map<String, Example> examples = openAPI.getComponents().getExamples();
// internal url example
Example frogExample = examples.get("frog");
assertEquals(frogExample.get$ref(), "#/components/examples/cat");
// remote example url
assertEquals(examples.get("referenceCat").get$ref(), "#/components/examples/example");
// internal url securityScheme
SecurityScheme scheme = openAPI.getComponents().getSecuritySchemes().get("reference");
assertEquals(scheme.getType(), SecurityScheme.Type.APIKEY);
SecurityScheme remoteScheme = openAPI.getComponents().getSecuritySchemes().get("remote_reference");
assertEquals(remoteScheme.getType(), SecurityScheme.Type.OAUTH2);
Map<String, Link> links = openAPI.getComponents().getLinks();
// internal link
assertEquals(openAPI.getComponents().getLinks().get("referenced").get$ref(), "#/components/links/unsubscribe");
// remote ref link
assertEquals(openAPI.getComponents().getLinks().get("subscribe").get$ref(), "#/components/links/link");
Map<String, Callback> callbacks = openAPI.getComponents().getCallbacks();
// internal callback reference
assertEquals(callbacks.get("referenced").get$ref(), "#/components/callbacks/failed");
// callback pathItem -> operation ->requestBody
assertEquals(callbacks.get("heartbeat").get("$request.query.heartbeat-url").getPost().getRequestBody().get$ref(), "#/components/requestBodies/requestBody3");
// remote callback ref
assertEquals(callbacks.get("remoteCallback").get$ref(), "#/components/callbacks/callback");
}
use of io.swagger.v3.oas.models.security.SecurityScheme in project swagger-parser by swagger-api.
the class OpenAPIV3ParserTest method testIssue480.
@Test
public void testIssue480() {
final OpenAPI openAPI = new OpenAPIV3Parser().read("src/test/resources/issue-480.yaml");
for (String key : openAPI.getComponents().getSecuritySchemes().keySet()) {
SecurityScheme definition = openAPI.getComponents().getSecuritySchemes().get(key);
if ("petstore_auth".equals(key)) {
assertTrue(definition.getType().equals(SecurityScheme.Type.OAUTH2));
// OAuth2 oauth = (OAuth2Definition) definition;
assertEquals("This is a description", definition.getDescription());
}
if ("api_key".equals(key)) {
assertTrue(definition.getType().equals(SecurityScheme.Type.APIKEY));
assertEquals("This is another description", definition.getDescription());
}
}
}
use of io.swagger.v3.oas.models.security.SecurityScheme in project snow-owl by b2ihealthcare.
the class BaseApiConfig method docs.
/**
* Expose this as @Bean annotated component in the implementation configuration class.
* @return a configured docket for this API module
*/
protected final GroupedOpenApi docs(final String apiBaseUrl, final String apiGroup, final String apiVersion, final String apiTitle, final String apiTermsOfServiceUrl, final String apiContact, final String apiLicense, final String apiLicenseUrl, final String apiDescription) {
return GroupedOpenApi.builder().group(apiGroup).pathsToMatch(apiBaseUrl.endsWith("/") ? apiBaseUrl + "**" : apiBaseUrl + "/**").packagesToScan(getApiBasePackages()).addOpenApiCustomiser(api -> {
Info apiInfo = api.getInfo();
apiInfo.setTitle(apiTitle);
apiInfo.setDescription(apiDescription);
apiInfo.setVersion(apiVersion);
apiInfo.setTermsOfService(apiTermsOfServiceUrl);
Contact contact = new Contact();
contact.setName("B2i Healthcare");
contact.setEmail(apiContact);
contact.setUrl(apiLicenseUrl);
apiInfo.setContact(contact);
License license = new License();
license.setName(apiLicense);
license.setUrl(apiLicenseUrl);
apiInfo.setLicense(license);
// configure global security
api.getComponents().addSecuritySchemes("basic", new SecurityScheme().type(SecurityScheme.Type.HTTP).scheme("basic")).addSecuritySchemes("bearer", new SecurityScheme().type(SecurityScheme.Type.APIKEY).scheme("bearer").in(In.HEADER).bearerFormat("JWT"));
// disable servers prop
api.setServers(List.of());
}).addOperationCustomizer((operation, method) -> {
return operation.addSecurityItem(new SecurityRequirement().addList("basic").addList("bearer"));
}).build();
// .useDefaultResponseMessages(false)
// .alternateTypeRules(getAlternateTypeRules(resolver));
}
use of io.swagger.v3.oas.models.security.SecurityScheme in project swagger-core by swagger-api.
the class SecuritySchemeDeserializer method deserialize.
@Override
public SecurityScheme deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException {
ObjectMapper mapper = null;
if (openapi31) {
mapper = Json31.mapper();
} else {
mapper = Json.mapper();
}
SecurityScheme result = null;
JsonNode node = jp.getCodec().readTree(jp);
JsonNode inNode = node.get("type");
if (inNode != null) {
String type = inNode.asText();
if (Arrays.stream(SecurityScheme.Type.values()).noneMatch(t -> t.toString().equals(type))) {
// wrong type, throw exception
throw new JsonParseException(jp, String.format("SecurityScheme type %s not allowed", type));
}
result = new SecurityScheme().description(getFieldText("description", node));
if ("http".equals(type)) {
result.type(SecurityScheme.Type.HTTP).scheme(getFieldText("scheme", node)).bearerFormat(getFieldText("bearerFormat", node));
} else if ("apiKey".equals(type)) {
result.type(SecurityScheme.Type.APIKEY).name(getFieldText("name", node)).in(getIn(getFieldText("in", node)));
} else if ("openIdConnect".equals(type)) {
result.type(SecurityScheme.Type.OPENIDCONNECT).openIdConnectUrl(getFieldText("openIdConnectUrl", node));
} else if ("oauth2".equals(type)) {
result.type(SecurityScheme.Type.OAUTH2).flows(mapper.convertValue(node.get("flows"), OAuthFlows.class));
} else if ("mutualTLS".equals(type)) {
result.type(SecurityScheme.Type.MUTUALTLS);
}
}
return result;
}
use of io.swagger.v3.oas.models.security.SecurityScheme in project swagger-core by swagger-api.
the class JsonDeserializationTest method testDeserializeSecurity.
@Test
public void testDeserializeSecurity() throws Exception {
final OpenAPI swagger = TestUtils.deserializeJsonFileFromClasspath("specFiles/securityDefinitions.json", OpenAPI.class);
final List<SecurityRequirement> security = swagger.getSecurity();
assertNotNull(security);
assertEquals(security.size(), 3);
final Map<String, SecurityScheme> securitySchemes = swagger.getComponents().getSecuritySchemes();
assertNotNull(securitySchemes);
assertEquals(securitySchemes.size(), 4);
{
final SecurityScheme scheme = securitySchemes.get("petstore_auth");
assertNotNull(scheme);
assertEquals(scheme.getType().toString(), "oauth2");
assertEquals(scheme.getFlows().getImplicit().getAuthorizationUrl(), "http://petstore.swagger.io/oauth/dialog");
assertEquals(scheme.getFlows().getImplicit().getScopes().get("write:pets"), "modify pets in your account");
assertEquals(scheme.getFlows().getImplicit().getScopes().get("read:pets"), "read your pets");
}
{
final SecurityScheme scheme = securitySchemes.get("api_key");
assertNotNull(scheme);
assertEquals(scheme.getType().toString(), "apiKey");
assertEquals(scheme.getIn().toString(), "header");
assertEquals(scheme.getName(), "api_key");
}
{
final SecurityScheme scheme = securitySchemes.get("http");
assertNotNull(scheme);
assertEquals(scheme.getType().toString(), "http");
assertEquals(scheme.getScheme(), "basic");
}
{
final SecurityScheme scheme = securitySchemes.get("open_id_connect");
assertNotNull(scheme);
assertEquals(scheme.getType().toString(), "openIdConnect");
assertEquals(scheme.getOpenIdConnectUrl(), "http://petstore.swagger.io/openid");
}
{
final SecurityRequirement securityRequirement = security.get(0);
final List<String> scopes = securityRequirement.get("petstore_auth");
assertNotNull(scopes);
assertEquals(scopes.size(), 2);
assertTrue(scopes.contains("write:pets"));
assertTrue(scopes.contains("read:pets"));
}
{
final SecurityRequirement securityRequirement = security.get(1);
final List<String> scopes = securityRequirement.get("api_key");
assertNotNull(scopes);
assertTrue(scopes.isEmpty());
}
{
final SecurityRequirement securityRequirement = security.get(2);
final List<String> scopes = securityRequirement.get("http");
assertNotNull(scopes);
assertTrue(scopes.isEmpty());
}
}
Aggregations