swagger-api · mohsen1 · Feb 7, 2015 · Feb 6, 2015
diff --git a/app/scripts/controllers/preview.js b/app/scripts/controllers/preview.js
@@ -2,8 +2,10 @@
 
 SwaggerEditor.controller('PreviewCtrl', function PreviewCtrl(Storage, Builder,
   ASTManager, Sorter, Editor, BackendHealthCheck, FocusedPath, TagManager,
-  Preferences, $scope, $rootScope, $stateParams) {
-
+  Preferences, $scope, $rootScope, $stateParams, $sessionStorage) {
+  $sessionStorage.$default({securityKeys: {}});
+  var securityKeys = $sessionStorage.securityKeys;
+  var SparkMD5 = (window.SparkMD5);
   /*
    * Reacts to updates of YAML in storage that usually triggered by editor
    * changes
@@ -38,6 +40,11 @@ SwaggerEditor.controller('PreviewCtrl', function PreviewCtrl(Storage, Builder,
     // Refresh tags with an un-filtered specs to get all tags in tag manager
     refreshTags(Sorter.sort(_.cloneDeep(result.specs), {}));
     $scope.specs = Sorter.sort(result.specs, sortOptions);
+    if ($scope.specs && $scope.specs.securityDefinitions) {
+      _.forEach($scope.specs.securityDefinitions, function (security, key) {
+        securityKeys[key] = SparkMD5.hash(JSON.stringify(security));
+      });
+    }
     $scope.errors = result.errors;
     $scope.warnings = result.warnings;
   }

diff --git a/app/scripts/services/auth-manager.js b/app/scripts/services/auth-manager.js
@@ -4,8 +4,9 @@
  * Manages Authentications
 */
 SwaggerEditor.service('AuthManager', function AuthManager($sessionStorage) {
-  $sessionStorage.$default({securities: {}});
+  $sessionStorage.$default({securities: {}, securityKeys: {}});
   var securities = $sessionStorage.securities;
+  var securityKeys = $sessionStorage.securityKeys;
 
   /*
    * Authenticates HTTP Basic Auth securities
@@ -19,7 +20,8 @@ SwaggerEditor.service('AuthManager', function AuthManager($sessionStorage) {
       options.isAuthenticated = true;
       options.base64 = window.btoa(options.username + ':' + options.password);
       options.securityName = securityName;
-      securities[securityName] = {
+      var key = securityKeys[securityName];
+      securities[key] = {
         type: 'basic',
         security: security,
         options: options
@@ -38,7 +40,8 @@ SwaggerEditor.service('AuthManager', function AuthManager($sessionStorage) {
   */
   this.oAuth2 = function (securityName, security, options) {
     options.isAuthenticated = true;
-    securities[securityName] = {
+    var key = securityKeys[securityName];
+    securities[key] = {
       type: 'oAuth2',
       security: security,
       options: options
@@ -54,7 +57,8 @@ SwaggerEditor.service('AuthManager', function AuthManager($sessionStorage) {
   */
   this.apiKey = function (securityName, security, options) {
     options.isAuthenticated = true;
-    securities[securityName] = {
+    var key = securityKeys[securityName];
+    securities[key] = {
       type: 'apiKey',
       security: security,
       options: options
@@ -66,15 +70,24 @@ SwaggerEditor.service('AuthManager', function AuthManager($sessionStorage) {
    * @returns {object} the security object
   */
   this.getAuth = function (securityName) {
-    return securities[securityName];
+    var key = securityKeys[securityName];
+    if (key) {
+      return securities[key];
+    } else {
+      return {};
+    }
   };
 
   /*
    * Checks if a security is authenticated
    * @returns {boolean} - true if security is authenticated false otherwise
   */
   this.securityIsAuthenticated = function (securityName) {
-    var auth = securities[securityName];
+    var auth = {};
+    var key = securityKeys[securityName];
+    if (key) {
+      auth = securities[key];
+    }
 
     return auth && auth.options && auth.options.isAuthenticated;
   };

diff --git a/test/e2e/specs/5_session_auth_test.js b/test/e2e/specs/5_session_auth_test.js
@@ -0,0 +1,116 @@
+'use strict';
+
+/*
+ * This test file just opens the web app and examine if
+ * there is store the security map
+ * It marks tests success if there is
+ */
+
+function setValue(value) {
+  browser.executeScript(function (value) {
+    document.querySelector('[ui-ace]').env.editor.setValue(value);
+  }, value);
+}
+
+describe('Session auth tests', function () {
+  it('Should find the sessionStorage', function () {
+    var swyaml = [
+        'swagger: \'2.0\'',
+        'info:',
+        '  version: 1.0.9-abcd',
+        '  title: Swagger Sample API',
+        'basePath: /v1',
+        'schemes:',
+        '  - http',
+        '  - https',
+        'security:',
+        '  - githubAccessCode:',
+        '    - user',
+        '    - user:email',
+        '  - petstoreImplicit:',
+        '    - user',
+        '    - user:email',
+        '  - internalApiKey: []',
+        'paths:',
+        '  /pets/{id}:',
+        '    get:',
+        '      parameters:',
+        '      - name: id',
+        '        in: path',
+        '        description: ID of pet to use',
+        '        required: true',
+        '        type: array',
+        '        items:',
+        '          type: string',
+        '        collectionFormat: csv',
+        '      description: Returns pets based on ID',
+        '      summary: Find pets by ID',
+        '      operationId: getPetsById',
+        '      security:',
+        '        - githubAccessCode:',
+        '            - user',
+        '        - internalApiKey: []',
+        '      responses:',
+        '        default:',
+        '          description: error payload',
+        '          schema:',
+        '            $ref: \'#/definitions/ErrorModel\'',
+        'securityDefinitions:',
+        '  githubAccessCode:',
+        '    type: oauth2',
+        '    scopes:',
+        '      user: Grants read/write .',
+        '      user:email: Grants read .',
+        '    flow: accessCode',
+        '    authorizationUrl: https://github.com/login/oauth/authorize',
+        '    tokenUrl: https://github.com/login/oauth/access_token',
+        '  petstoreImplicit:',
+        '    type: oauth2',
+        '    scopes:',
+        '      user: Grants read/write .',
+        '      user:email: Grants read .',
+        '    flow: implicit',
+        '    authorizationUrl: http://domain.com/oauth/dialog',
+        '  internalApiKey:',
+        '    type: apiKey',
+        '    in: header',
+        '    name: api_key',
+        'definitions:',
+        '  ErrorModel:',
+        '    required:',
+        '      - code',
+        '      - message',
+        '    properties:',
+        '      code:',
+        '        type: integer',
+        '        format: int32',
+        '      message:',
+        '        type: string'
+    ].join('\n');
+
+    //swyaml is the test yaml file
+
+    setValue(swyaml);
+
+    browser.sleep(3000);
+
+    browser.executeAsyncScript(function (done) {
+      var auth = JSON.stringify(window.sessionStorage);
+      done(auth);
+    }).then(function (auth) {
+      var sessionStorage = JSON.parse(auth);
+      var storeAuth = JSON.parse(
+        sessionStorage['ngStorage-securityKeys']
+      );
+
+      expect(storeAuth.hasOwnProperty('githubAccessCode'))
+      .toEqual(true);
+      expect(storeAuth.hasOwnProperty('petstoreImplicit'))
+      .toEqual(true);
+      expect(storeAuth.hasOwnProperty('internalApiKey'))
+      .toEqual(true);
+      expect(storeAuth.hasOwnProperty('anynotfound'))
+      .toEqual(false);
+    });
+  });
+});