From 054c65d2097313ee053f3616e23981bf3a7d9429 Mon Sep 17 00:00:00 2001 From: Carmine DiMascio Date: Fri, 19 Jul 2019 16:28:58 -0400 Subject: [PATCH] remove dependency on openapi-security-handler --- package-lock.json | 91 ++++++++++++++++++------------------------ package.json | 21 +++++----- src/framework/index.ts | 57 +------------------------- src/framework/types.ts | 7 ---- 4 files changed, 49 insertions(+), 127 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0512ae03..5c5f16fe 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "express-openapi-validator", - "version": "1.3.0-rc.1", + "version": "1.3.0-rc.2", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -196,18 +196,18 @@ "dev": true }, "@types/morgan": { - "version": "1.7.35", - "resolved": "https://registry.npmjs.org/@types/morgan/-/morgan-1.7.35.tgz", - "integrity": "sha512-E9qFi0seOkdlQnCTPv54brNfGWeFdRaEhI5tSue4pdx/V+xfxvMETsxXhOEcj1cYL+0n/jcTEmj/jD2gjzCwMg==", + "version": "1.7.36", + "resolved": "https://registry.npmjs.org/@types/morgan/-/morgan-1.7.36.tgz", + "integrity": "sha512-Hc2UfTpnqS3gfGZFPk6aaQf/nwxFHboC/o1O25W29UsENPLv8qd/GJUBqzrBuczgaIS3/vZxZRHTfFF28uFNeQ==", "dev": true, "requires": { "@types/express": "*" } }, "@types/node": { - "version": "11.13.13", - "resolved": "https://registry.npmjs.org/@types/node/-/node-11.13.13.tgz", - "integrity": "sha512-GFWH7e4Q/OGLAO545bupVju+nE1YtLSwYAdLfSzAXnTPqoqKoXCOEtB7Cluvg9B/h2nGLhyzCDyCInYvrOE2nw==", + "version": "11.13.18", + "resolved": "https://registry.npmjs.org/@types/node/-/node-11.13.18.tgz", + "integrity": "sha512-sMHdXLccscaxI+Hlzz58yLQue3lQyXP+6aQniDRi5oju3n0123kcjhicVGF20WF7cHiwJ2vxMbXc4skOclosoA==", "dev": true }, "@types/range-parser": { @@ -227,9 +227,9 @@ } }, "@types/superagent": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/@types/superagent/-/superagent-4.1.1.tgz", - "integrity": "sha512-NetXrraTWPcdGG6IwYJhJ5esUGx8AYNiozbc1ENWEsF6BsD4JmNODJczI6Rm1xFPVp6HZESds9YCfqz4zIsM6A==", + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/@types/superagent/-/superagent-4.1.3.tgz", + "integrity": "sha512-vy2licJQwOXrTAe+yz9SCyUVXAkMgCeDq9VHzS5CWJyDU1g6CI4xKb4d5sCEmyucjw5sG0y4k2/afS0iv/1D0Q==", "dev": true, "requires": { "@types/cookiejar": "*", @@ -237,9 +237,9 @@ } }, "@types/supertest": { - "version": "2.0.7", - "resolved": "https://registry.npmjs.org/@types/supertest/-/supertest-2.0.7.tgz", - "integrity": "sha512-GibTh4OTkal71btYe2fpZP/rVHIPnnUsYphEaoywVHo+mo2a/LhlOFkIm5wdN0H0DA0Hx8x+tKgCYMD9elHu5w==", + "version": "2.0.8", + "resolved": "https://registry.npmjs.org/@types/supertest/-/supertest-2.0.8.tgz", + "integrity": "sha512-wcax7/ip4XSSJRLbNzEIUVy2xjcBIZZAuSd2vtltQfRK7kxhx5WMHbLHkYdxN3wuQCrwpYrg86/9byDjPXoGMA==", "dev": true, "requires": { "@types/superagent": "*" @@ -346,9 +346,9 @@ "integrity": "sha1-HjRA6RXwsSA9I3SOeO3XubW0PlY=" }, "arg": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.0.tgz", - "integrity": "sha512-ZWc51jO3qegGkVh8Hwpv636EkbesNV5ZNQPCtRa+0qytRYPEs9IYT9qITY9buezqUH5uqyzlWLcufrzU2rffdg==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.1.tgz", + "integrity": "sha512-SlmP3fEA88MBv0PypnXZ8ZfJhwmDeIE3SP71j37AiXQBXYosPV0x6uISAaHYSlSVhmHOVkomen0tbGk6Anlebw==", "dev": true }, "argparse": { @@ -969,13 +969,13 @@ "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" }, "coveralls": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/coveralls/-/coveralls-3.0.4.tgz", - "integrity": "sha512-eyqUWA/7RT0JagiL0tThVhjbIjoiEUyWCjtUJoOPcWoeofP5WK/jb2OJYoBFrR6DvplR+AxOyuBqk4JHkk5ykA==", + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/coveralls/-/coveralls-3.0.5.tgz", + "integrity": "sha512-/KD7PGfZv/tjKB6LoW97jzIgFqem0Tu9tZL9/iwBnBd8zkIZp7vT1ZSHNvnr0GSQMV/LTMxUstWg8WcDDUVQKg==", "dev": true, "requires": { "growl": "~> 1.10.0", - "js-yaml": "^3.11.0", + "js-yaml": "^3.13.1", "lcov-parse": "^0.0.10", "log-driver": "^1.2.7", "minimist": "^1.2.0", @@ -2936,9 +2936,9 @@ } }, "lodash": { - "version": "4.17.13", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.13.tgz", - "integrity": "sha512-vm3/XWXfWtRua0FkUyEHBZy8kCPjErNBT9fJx8Zvs+U6zjqPbTUOpkaoum3O5uiA8sm+yNMHXfYkTUHFoMxFNA==" + "version": "4.17.15", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" }, "lodash.merge": { "version": "4.6.2", @@ -3135,9 +3135,9 @@ } }, "mocha": { - "version": "6.1.4", - "resolved": "https://registry.npmjs.org/mocha/-/mocha-6.1.4.tgz", - "integrity": "sha512-PN8CIy4RXsIoxoFJzS4QNnCH4psUCPWc4/rPrst/ecSJJbLBkubMiyGCP2Kj/9YnWbotFqAoeXyXMucj7gwCFg==", + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/mocha/-/mocha-6.2.0.tgz", + "integrity": "sha512-qwfFgY+7EKAAUAdv7VYMZQknI7YJSGesxHyhn6qD52DV8UcSZs5XwCifcZGMVIE4a5fbmhvbotxC0DLQ0oKohQ==", "dev": true, "requires": { "ansi-colors": "3.2.3", @@ -3211,9 +3211,9 @@ "dev": true }, "multer": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/multer/-/multer-1.4.1.tgz", - "integrity": "sha512-zzOLNRxzszwd+61JFuAo0fxdQfvku12aNJgnla0AQ+hHxFmfc/B7jBVuPr5Rmvu46Jze/iJrFpSOsD7afO8SDw==", + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/multer/-/multer-1.4.2.tgz", + "integrity": "sha512-xY8pX7V+ybyUpbYMxtjM9KAiD9ixtg5/JkeKUTD6xilfDv0vzzOFcCp4Ljb1UU3tSOM3VTZtKo63OmzOrGi3Cg==", "requires": { "append-field": "^1.0.0", "busboy": "^0.2.11", @@ -4520,21 +4520,6 @@ } } }, - "openapi-security-handler": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/openapi-security-handler/-/openapi-security-handler-2.0.4.tgz", - "integrity": "sha512-blz/UftEqYQLAByuEVITePUI9hV5Rd91CEK8yrsKDUaf3zk6cmIMafJ2qvagHqjXRRtL7fOqvsSKIeFrai+HfQ==", - "requires": { - "openapi-types": "1.3.4" - }, - "dependencies": { - "openapi-types": { - "version": "1.3.4", - "resolved": "https://registry.npmjs.org/openapi-types/-/openapi-types-1.3.4.tgz", - "integrity": "sha512-h8rADpW3k/wepLdERKF0VKMAPdoFYNQCLGPmc/f8sgQ2dxUy+7sY4WAX2XDUDjhKTjbJVbxxofLkzy7f1/tE4g==" - } - } - }, "openapi-types": { "version": "1.3.5", "resolved": "https://registry.npmjs.org/openapi-types/-/openapi-types-1.3.5.tgz", @@ -5559,9 +5544,9 @@ "integrity": "sha512-P1EJSoyV+N3bR/IWFeAqXzKPZwHpnLY6j7j58mAvewHRipo+BQM2Y1f9Y9BjEQznKwgqqZm7H8iuixmssU7tYQ==" }, "ts-node": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-8.2.0.tgz", - "integrity": "sha512-m8XQwUurkbYqXrKqr3WHCW310utRNvV5OnRVeISeea7LoCWVcdfeB/Ntl8JYWFh+WRoUAdBgESrzKochQt7sMw==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-8.3.0.tgz", + "integrity": "sha512-dyNS/RqyVTDcmNM4NIBAeDMpsAdaQ+ojdf0GOLqE6nwJOgzEkdRNzJywhDfwnuvB10oa6NLVG1rUJQCpRN7qoQ==", "dev": true, "requires": { "arg": "^4.1.0", @@ -5636,9 +5621,9 @@ "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=" }, "typescript": { - "version": "3.5.1", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.5.1.tgz", - "integrity": "sha512-64HkdiRv1yYZsSe4xC1WVgamNigVYjlssIoaH2HcZF0+ijsk5YK2g0G34w9wJkze8+5ow4STd22AynfO6ZYYLw==", + "version": "3.5.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.5.3.tgz", + "integrity": "sha512-ACzBtm/PhXBDId6a6sDJfroT2pOWt/oOnk4/dElG5G33ZL776N3Y6/6bKZJBFpd+b05F3Ct9qDjMeJmRWtE2/g==", "dev": true }, "undefsafe": { @@ -5953,9 +5938,9 @@ "dev": true }, "xtend": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.1.tgz", - "integrity": "sha1-pcbVMr5lbiPbgg77lDofBJmNY68=" + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz", + "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==" }, "y18n": { "version": "4.0.0", diff --git a/package.json b/package.json index 99422373..5832403a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "express-openapi-validator", - "version": "1.3.0-rc.1", + "version": "1.3.0-rc.2", "description": "Automatically validate API requests using an OpenAPI 3 and Express.", "main": "dist/index.js", "scripts": { @@ -26,11 +26,10 @@ "dependencies": { "ajv": "^6.10.2", "js-yaml": "^3.13.1", - "lodash": "^4.17.11", - "multer": "^1.4.1", + "lodash": "^4.17.15", + "multer": "^1.4.2", "ono": "^5.0.1", "openapi-schema-validator": "^3.0.3", - "openapi-security-handler": "^2.0.4", "openapi-types": "^1.3.5", "path-to-regexp": "^3.0.0", "ts-log": "^2.1.4" @@ -39,24 +38,24 @@ "@types/cookie-parser": "^1.4.1", "@types/express": "^4.17.0", "@types/mocha": "^5.2.7", - "@types/morgan": "^1.7.35", - "@types/node": "^11.13.13", - "@types/supertest": "^2.0.7", + "@types/morgan": "^1.7.36", + "@types/node": "^11.13.18", + "@types/supertest": "^2.0.8", "body-parser": "^1.19.0", "chai": "^4.2.0", "codacy-coverage": "^3.4.0", "cookie-parser": "^1.4.4", - "coveralls": "^3.0.4", + "coveralls": "^3.0.5", "express": "^4.17.1", - "mocha": "^6.1.4", + "mocha": "^6.2.0", "morgan": "^1.9.1", "nodemon": "^1.19.1", "nyc": "^13.3.0", "prettier": "^1.18.2", "source-map-support": "0.5.11", "supertest": "^4.0.2", - "ts-node": "^8.2.0", + "ts-node": "^8.3.0", "tsc": "^1.20150623.0", - "typescript": "^3.5.1" + "typescript": "^3.5.3" } } diff --git a/src/framework/index.ts b/src/framework/index.ts index 146aa311..932104dc 100644 --- a/src/framework/index.ts +++ b/src/framework/index.ts @@ -1,5 +1,4 @@ import OpenAPISchemaValidator from 'openapi-schema-validator'; -import OpenAPISecurityHandler from 'openapi-security-handler'; import { OpenAPIV2, OpenAPIV3 } from 'openapi-types'; import BasePath from './base.path'; import { @@ -13,7 +12,6 @@ import { OpenAPIFrameworkVisitor, } from './types'; import { - assertRegExpAndSecurity, copy, getBasePathsFromServers, loadSpecFile, @@ -28,7 +26,6 @@ export { OpenAPIFrameworkPathContext, OpenAPIFrameworkPathObject, OpenAPIFrameworkAPIContext, - // OpenAPIFrameworkOperationContext, }; export default class OpenAPIFramework implements IOpenAPIFramework { public readonly apiDoc; @@ -36,19 +33,8 @@ export default class OpenAPIFramework implements IOpenAPIFramework { public readonly featureType; public readonly loggingPrefix; public readonly name; - // private customFormats; - // private dependencies; - // private enableObjectCoercion; - // private errorTransformer; - // private externalSchemas; + private originalApiDoc; - // private operations; - // private paths; - // private pathsIgnore; - private pathSecurity; - // private routesGlob; - // private routesIndexFileRegExp; - private securityHandlers; private validateApiDoc; private validator; private logger; @@ -69,8 +55,6 @@ export default class OpenAPIFramework implements IOpenAPIFramework { { name: 'externalSchemas', type: 'object' }, { name: 'featureType', required: true }, { name: 'name', required: true }, - { name: 'pathSecurity', class: Array, className: 'Array' }, - { name: 'securityHandlers', type: 'object' }, ].forEach(arg => { if (arg.required && !(arg.name in args)) { throw new Error(`${this.loggingPrefix}args.${arg.name} is required`); @@ -84,17 +68,6 @@ export default class OpenAPIFramework implements IOpenAPIFramework { ); } - if ( - arg.class && - arg.name in args && - !(args[arg.name] instanceof arg.class) - ) { - throw new Error( - `${this.loggingPrefix}args.${arg.name} must be an instance of ${ - arg.className - } when given`, - ); - } }); // this.enableObjectCoercion = !!args.enableObjectCoercion; @@ -123,20 +96,6 @@ export default class OpenAPIFramework implements IOpenAPIFramework { (this.apiDoc as OpenAPIV2.Document).swagger, extensions: this.apiDoc[`x-${this.name}-schema-extension`], }); - // this.customFormats = args.customFormats; - // this.dependencies = args.dependencies; - // this.errorTransformer = args.errorTransformer; - // this.externalSchemas = args.externalSchemas; - // this.operations = args.operations; - // this.pathsIgnore = args.pathsIgnore; - this.pathSecurity = Array.isArray(args.pathSecurity) - ? args.pathSecurity - : []; - // this.routesGlob = args.routesGlob; - // this.routesIndexFileRegExp = args.routesIndexFileRegExp; - this.securityHandlers = args.securityHandlers; - this.pathSecurity.forEach(assertRegExpAndSecurity.bind(null, this)); - if (this.validateApiDoc) { const apiDocValidation = this.validator.validate(this.apiDoc); @@ -156,20 +115,6 @@ export default class OpenAPIFramework implements IOpenAPIFramework { } public initialize(visitor: OpenAPIFrameworkVisitor) { - const securitySchemes = (this.apiDoc as OpenAPIV3.Document).openapi - ? (this.apiDoc.components || {}).securitySchemes - : this.apiDoc.securityDefinitions; - - const apiSecurityMiddleware = - this.securityHandlers && this.apiDoc.security && securitySchemes - ? new OpenAPISecurityHandler({ - securityDefinitions: securitySchemes, - securityHandlers: this.securityHandlers, - operationSecurity: this.apiDoc.security, - loggingKey: `${this.name}-security`, - }) - : null; - const getApiDoc = () => { return copy(this.apiDoc); }; diff --git a/src/framework/types.ts b/src/framework/types.ts index ff3e5f70..2880bbca 100644 --- a/src/framework/types.ts +++ b/src/framework/types.ts @@ -1,5 +1,4 @@ import { Request } from 'express'; -import { SecurityHandlers } from 'openapi-security-handler'; import { IJsonSchema, OpenAPIV2, OpenAPIV3 } from 'openapi-types'; import { Logger } from 'ts-log'; import BasePath from './base.path'; @@ -20,11 +19,6 @@ interface SecurityRequirement { type SecurityScope = string; -// type SecurityHandlerCallback = ( -// error: SecurityHandlerError, -// result: boolean -// ) => void; - interface SecurityHandlerError { status?: number; challenge?: string; @@ -60,7 +54,6 @@ interface OpenAPIFrameworkArgs { pathsIgnore?: RegExp; routesGlob?: string; routesIndexFileRegExp?: RegExp; - securityHandlers?: SecurityHandlers; // TODO define the handlers more here validateApiDoc?: boolean; logger?: Logger; }