remove dependency on openapi-security-handler

cdimascio · Jul 19, 2019 · 054c65d · 054c65d
1 parent 612ff09
commit 054c65d
Show file tree

Hide file tree

Showing 4 changed files with 49 additions and 127 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "express-openapi-validator",
-  "version": "1.3.0-rc.1",
+  "version": "1.3.0-rc.2",
   "description": "Automatically validate API requests using an OpenAPI 3 and Express.",
   "main": "dist/index.js",
   "scripts": {
@@ -26,11 +26,10 @@
   "dependencies": {
     "ajv": "^6.10.2",
     "js-yaml": "^3.13.1",
-    "lodash": "^4.17.11",
-    "multer": "^1.4.1",
+    "lodash": "^4.17.15",
+    "multer": "^1.4.2",
     "ono": "^5.0.1",
     "openapi-schema-validator": "^3.0.3",
-    "openapi-security-handler": "^2.0.4",
     "openapi-types": "^1.3.5",
     "path-to-regexp": "^3.0.0",
     "ts-log": "^2.1.4"
@@ -39,24 +38,24 @@
     "@types/cookie-parser": "^1.4.1",
     "@types/express": "^4.17.0",
     "@types/mocha": "^5.2.7",
-    "@types/morgan": "^1.7.35",
-    "@types/node": "^11.13.13",
-    "@types/supertest": "^2.0.7",
+    "@types/morgan": "^1.7.36",
+    "@types/node": "^11.13.18",
+    "@types/supertest": "^2.0.8",
     "body-parser": "^1.19.0",
     "chai": "^4.2.0",
     "codacy-coverage": "^3.4.0",
     "cookie-parser": "^1.4.4",
-    "coveralls": "^3.0.4",
+    "coveralls": "^3.0.5",
     "express": "^4.17.1",
-    "mocha": "^6.1.4",
+    "mocha": "^6.2.0",
     "morgan": "^1.9.1",
     "nodemon": "^1.19.1",
     "nyc": "^13.3.0",
     "prettier": "^1.18.2",
     "source-map-support": "0.5.11",
     "supertest": "^4.0.2",
-    "ts-node": "^8.2.0",
+    "ts-node": "^8.3.0",
     "tsc": "^1.20150623.0",
-    "typescript": "^3.5.1"
+    "typescript": "^3.5.3"
   }
 }
diff --git a/src/framework/index.ts b/src/framework/index.ts
@@ -1,5 +1,4 @@
 import OpenAPISchemaValidator from 'openapi-schema-validator';
-import OpenAPISecurityHandler from 'openapi-security-handler';
 import { OpenAPIV2, OpenAPIV3 } from 'openapi-types';
 import BasePath from './base.path';
 import {
@@ -13,7 +12,6 @@ import {
   OpenAPIFrameworkVisitor,
 } from './types';
 import {
-  assertRegExpAndSecurity,
   copy,
   getBasePathsFromServers,
   loadSpecFile,
@@ -28,27 +26,15 @@ export {
   OpenAPIFrameworkPathContext,
   OpenAPIFrameworkPathObject,
   OpenAPIFrameworkAPIContext,
-  // OpenAPIFrameworkOperationContext,
 };
 export default class OpenAPIFramework implements IOpenAPIFramework {
   public readonly apiDoc;
   public readonly basePaths: BasePath[];
   public readonly featureType;
   public readonly loggingPrefix;
   public readonly name;
-  // private customFormats;
-  // private dependencies;
-  // private enableObjectCoercion;
-  // private errorTransformer;
-  // private externalSchemas;
+
   private originalApiDoc;
-  // private operations;
-  // private paths;
-  // private pathsIgnore;
-  private pathSecurity;
-  // private routesGlob;
-  // private routesIndexFileRegExp;
-  private securityHandlers;
   private validateApiDoc;
   private validator;
   private logger;
@@ -69,8 +55,6 @@ export default class OpenAPIFramework implements IOpenAPIFramework {
       { name: 'externalSchemas', type: 'object' },
       { name: 'featureType', required: true },
       { name: 'name', required: true },
-      { name: 'pathSecurity', class: Array, className: 'Array' },
-      { name: 'securityHandlers', type: 'object' },
     ].forEach(arg => {
       if (arg.required && !(arg.name in args)) {
         throw new Error(`${this.loggingPrefix}args.${arg.name} is required`);
@@ -84,17 +68,6 @@ export default class OpenAPIFramework implements IOpenAPIFramework {
         );
       }
 
-      if (
-        arg.class &&
-        arg.name in args &&
-        !(args[arg.name] instanceof arg.class)
-      ) {
-        throw new Error(
-          `${this.loggingPrefix}args.${arg.name} must be an instance of ${
-            arg.className
-          } when given`,
-        );
-      }
     });
 
     // this.enableObjectCoercion = !!args.enableObjectCoercion;
@@ -123,20 +96,6 @@ export default class OpenAPIFramework implements IOpenAPIFramework {
         (this.apiDoc as OpenAPIV2.Document).swagger,
       extensions: this.apiDoc[`x-${this.name}-schema-extension`],
     });
-    // this.customFormats = args.customFormats;
-    // this.dependencies = args.dependencies;
-    // this.errorTransformer = args.errorTransformer;
-    // this.externalSchemas = args.externalSchemas;
-    // this.operations = args.operations;
-    // this.pathsIgnore = args.pathsIgnore;
-    this.pathSecurity = Array.isArray(args.pathSecurity)
-      ? args.pathSecurity
-      : [];
-    // this.routesGlob = args.routesGlob;
-    // this.routesIndexFileRegExp = args.routesIndexFileRegExp;
-    this.securityHandlers = args.securityHandlers;
-    this.pathSecurity.forEach(assertRegExpAndSecurity.bind(null, this));
-
     if (this.validateApiDoc) {
       const apiDocValidation = this.validator.validate(this.apiDoc);
 
@@ -156,20 +115,6 @@ export default class OpenAPIFramework implements IOpenAPIFramework {
   }
 
   public initialize(visitor: OpenAPIFrameworkVisitor) {
-    const securitySchemes = (this.apiDoc as OpenAPIV3.Document).openapi
-      ? (this.apiDoc.components || {}).securitySchemes
-      : this.apiDoc.securityDefinitions;
-
-    const apiSecurityMiddleware =
-      this.securityHandlers && this.apiDoc.security && securitySchemes
-        ? new OpenAPISecurityHandler({
-            securityDefinitions: securitySchemes,
-            securityHandlers: this.securityHandlers,
-            operationSecurity: this.apiDoc.security,
-            loggingKey: `${this.name}-security`,
-          })
-        : null;
-
     const getApiDoc = () => {
       return copy(this.apiDoc);
     };

diff --git a/src/framework/types.ts b/src/framework/types.ts
@@ -1,5 +1,4 @@
 import { Request } from 'express';
-import { SecurityHandlers } from 'openapi-security-handler';
 import { IJsonSchema, OpenAPIV2, OpenAPIV3 } from 'openapi-types';
 import { Logger } from 'ts-log';
 import BasePath from './base.path';
@@ -20,11 +19,6 @@ interface SecurityRequirement {
 
 type SecurityScope = string;
 
-// type SecurityHandlerCallback = (
-//   error: SecurityHandlerError,
-//   result: boolean
-// ) => void;
-
 interface SecurityHandlerError {
   status?: number;
   challenge?: string;
@@ -60,7 +54,6 @@ interface OpenAPIFrameworkArgs {
   pathsIgnore?: RegExp;
   routesGlob?: string;
   routesIndexFileRegExp?: RegExp;
-  securityHandlers?: SecurityHandlers; // TODO define the handlers more here
   validateApiDoc?: boolean;
   logger?: Logger;
 }