From 66990c1cf8af6e6e19da586817e6ab0fcca74630 Mon Sep 17 00:00:00 2001 From: gracekarina Date: Sat, 24 Jul 2021 17:43:07 -0500 Subject: [PATCH 1/2] allow to filter authorization by URL --- .../java/io/swagger/parser/SwaggerParser.java | 24 ++++++++++ .../io/swagger/parser/util/RemoteUrl.java | 10 +++-- .../io/swagger/parser/util/RemoteUrlTest.java | 44 +++++++++++++++++++ 3 files changed, 74 insertions(+), 4 deletions(-) diff --git a/modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java b/modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java index dcea5b896f..a40b946c7d 100644 --- a/modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java +++ b/modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java @@ -221,4 +221,28 @@ public List getExtensions() { } return output; } + + /** + * Transform the swagger-model version of AuthorizationValue into a parser-specific one, to avoid + * dependencies across extensions + * + * @param input + * @return + */ + protected List transform(List input) { + if(input == null) { + return null; + } + List output = new ArrayList<>(); + for(AuthorizationValue value : input) { + AuthorizationValue v = new AuthorizationValue(); + v.setKeyName(value.getKeyName()); + v.setValue(value.getValue()); + v.setType(value.getType()); + v.setUrls(value.getUrls()); + + output.add(v); + } + return output; + } } diff --git a/modules/swagger-parser/src/main/java/io/swagger/parser/util/RemoteUrl.java b/modules/swagger-parser/src/main/java/io/swagger/parser/util/RemoteUrl.java index 3bb67cd976..c6a564b9a6 100644 --- a/modules/swagger-parser/src/main/java/io/swagger/parser/util/RemoteUrl.java +++ b/modules/swagger-parser/src/main/java/io/swagger/parser/util/RemoteUrl.java @@ -101,10 +101,12 @@ public static String urlToString(String url, List auths) thr final List header = new ArrayList<>(); if (auths != null) { for (AuthorizationValue auth : auths) { - if ("query".equals(auth.getType())) { - appendValue(inUrl, auth, query); - } else if ("header".equals(auth.getType())) { - appendValue(inUrl, auth, header); + if (auth.getUrls() == null || auth.getUrls().contains(inUrl)) { + if ("query".equals(auth.getType())) { + appendValue(inUrl, auth, query); + } else if ("header".equals(auth.getType())) { + appendValue(inUrl, auth, header); + } } } } diff --git a/modules/swagger-parser/src/test/java/io/swagger/parser/util/RemoteUrlTest.java b/modules/swagger-parser/src/test/java/io/swagger/parser/util/RemoteUrlTest.java index 72e06d2cdd..798d937f1b 100644 --- a/modules/swagger-parser/src/test/java/io/swagger/parser/util/RemoteUrlTest.java +++ b/modules/swagger-parser/src/test/java/io/swagger/parser/util/RemoteUrlTest.java @@ -2,12 +2,16 @@ import com.github.tomakehurst.wiremock.WireMockServer; import com.github.tomakehurst.wiremock.client.WireMock; +import com.github.tomakehurst.wiremock.verification.LoggedRequest; import io.swagger.models.auth.AuthorizationValue; import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeMethod; import org.testng.annotations.Test; +import java.net.URL; import java.util.Arrays; +import java.util.Collections; +import java.util.List; import static com.github.tomakehurst.wiremock.client.WireMock.aResponse; import static com.github.tomakehurst.wiremock.client.WireMock.equalTo; @@ -17,6 +21,7 @@ import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; import static com.github.tomakehurst.wiremock.client.WireMock.urlPathEqualTo; import static com.github.tomakehurst.wiremock.client.WireMock.verify; +import static org.junit.Assert.assertFalse; import static org.testng.Assert.assertEquals; public class RemoteUrlTest { @@ -77,6 +82,45 @@ public void testAuthorizationHeader() throws Exception { ); } + @Test + public void testAuthorizationHeaderWithMatchingUrl() throws Exception { + + final String expectedBody = setupStub(); + + final String headerName = "Authorization"; + final String headerValue = "foobar"; + String url = getUrl(); + final AuthorizationValue authorizationValue = new AuthorizationValue(headerName, headerValue, "header", + Collections.singletonList(new URL(url))); + final String actualBody = RemoteUrl.urlToString(url, Arrays.asList(authorizationValue)); + + assertEquals(actualBody, expectedBody); + + verify(getRequestedFor(urlEqualTo("/v2/pet/1")) + .withHeader("Accept", equalTo(EXPECTED_ACCEPTS_HEADER)) + .withHeader(headerName, equalTo(headerValue)) + ); + } + + @Test + public void testAuthorizationHeaderWithNonMatchingUrl() throws Exception { + + final String expectedBody = setupStub(); + + final String headerValue = "foobar"; + String url = getUrl(); + String authorization = "Authorization"; + final AuthorizationValue authorizationValue = new AuthorizationValue(authorization, + headerValue, "header", Collections.singletonList(new URL("http://foo.com"))); + final String actualBody = RemoteUrl.urlToString(url, Arrays.asList(authorizationValue)); + + assertEquals(actualBody, expectedBody); + + List requests = WireMock.findAll(getRequestedFor(urlEqualTo("/v2/pet/1"))); + assertEquals(1, requests.size()); + assertFalse(requests.get(0).containsHeader(authorization)); + } + @Test public void testHostHeader() throws Exception { From 58ddfa8583e48bdc7194ced7c711fe1e1f152d8e Mon Sep 17 00:00:00 2001 From: gracekarina Date: Thu, 5 Aug 2021 14:57:32 -0500 Subject: [PATCH 2/2] changes in RemoteUrl class --- .../java/io/swagger/parser/SwaggerParser.java | 24 ------------------- .../processors/ExternalRefProcessor.java | 2 -- .../io/swagger/parser/util/RemoteUrl.java | 2 +- .../io/swagger/parser/util/RemoteUrlTest.java | 14 +++++------ 4 files changed, 7 insertions(+), 35 deletions(-) diff --git a/modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java b/modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java index a40b946c7d..dcea5b896f 100644 --- a/modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java +++ b/modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java @@ -221,28 +221,4 @@ public List getExtensions() { } return output; } - - /** - * Transform the swagger-model version of AuthorizationValue into a parser-specific one, to avoid - * dependencies across extensions - * - * @param input - * @return - */ - protected List transform(List input) { - if(input == null) { - return null; - } - List output = new ArrayList<>(); - for(AuthorizationValue value : input) { - AuthorizationValue v = new AuthorizationValue(); - v.setKeyName(value.getKeyName()); - v.setValue(value.getValue()); - v.setType(value.getType()); - v.setUrls(value.getUrls()); - - output.add(v); - } - return output; - } } diff --git a/modules/swagger-parser/src/main/java/io/swagger/parser/processors/ExternalRefProcessor.java b/modules/swagger-parser/src/main/java/io/swagger/parser/processors/ExternalRefProcessor.java index d03221d1d4..23d5df9b03 100644 --- a/modules/swagger-parser/src/main/java/io/swagger/parser/processors/ExternalRefProcessor.java +++ b/modules/swagger-parser/src/main/java/io/swagger/parser/processors/ExternalRefProcessor.java @@ -11,8 +11,6 @@ import io.swagger.models.refs.RefFormat; import io.swagger.models.refs.RefType; import io.swagger.parser.ResolverCache; -import io.swagger.parser.util.RefUtils; -import jdk.nashorn.internal.ir.ObjectNode; import org.apache.commons.lang3.StringUtils; import org.slf4j.LoggerFactory; diff --git a/modules/swagger-parser/src/main/java/io/swagger/parser/util/RemoteUrl.java b/modules/swagger-parser/src/main/java/io/swagger/parser/util/RemoteUrl.java index c6a564b9a6..3eceedda1d 100644 --- a/modules/swagger-parser/src/main/java/io/swagger/parser/util/RemoteUrl.java +++ b/modules/swagger-parser/src/main/java/io/swagger/parser/util/RemoteUrl.java @@ -101,7 +101,7 @@ public static String urlToString(String url, List auths) thr final List header = new ArrayList<>(); if (auths != null) { for (AuthorizationValue auth : auths) { - if (auth.getUrls() == null || auth.getUrls().contains(inUrl)) { + if (auth.getUrlMatcher() == null || auth.getUrlMatcher().test(inUrl)) { if ("query".equals(auth.getType())) { appendValue(inUrl, auth, query); } else if ("header".equals(auth.getType())) { diff --git a/modules/swagger-parser/src/test/java/io/swagger/parser/util/RemoteUrlTest.java b/modules/swagger-parser/src/test/java/io/swagger/parser/util/RemoteUrlTest.java index 798d937f1b..d31acd26ab 100644 --- a/modules/swagger-parser/src/test/java/io/swagger/parser/util/RemoteUrlTest.java +++ b/modules/swagger-parser/src/test/java/io/swagger/parser/util/RemoteUrlTest.java @@ -8,9 +8,7 @@ import org.testng.annotations.BeforeMethod; import org.testng.annotations.Test; -import java.net.URL; import java.util.Arrays; -import java.util.Collections; import java.util.List; import static com.github.tomakehurst.wiremock.client.WireMock.aResponse; @@ -89,10 +87,9 @@ public void testAuthorizationHeaderWithMatchingUrl() throws Exception { final String headerName = "Authorization"; final String headerValue = "foobar"; - String url = getUrl(); final AuthorizationValue authorizationValue = new AuthorizationValue(headerName, headerValue, "header", - Collections.singletonList(new URL(url))); - final String actualBody = RemoteUrl.urlToString(url, Arrays.asList(authorizationValue)); + url -> url.toString().startsWith("http://localhost")); + final String actualBody = RemoteUrl.urlToString(getUrl(), Arrays.asList(authorizationValue)); assertEquals(actualBody, expectedBody); @@ -108,11 +105,12 @@ public void testAuthorizationHeaderWithNonMatchingUrl() throws Exception { final String expectedBody = setupStub(); final String headerValue = "foobar"; - String url = getUrl(); String authorization = "Authorization"; final AuthorizationValue authorizationValue = new AuthorizationValue(authorization, - headerValue, "header", Collections.singletonList(new URL("http://foo.com"))); - final String actualBody = RemoteUrl.urlToString(url, Arrays.asList(authorizationValue)); + headerValue, "header", u -> false); + final String actualBody = RemoteUrl.urlToString(getUrl(), Arrays.asList(authorizationValue)); + + assertEquals(actualBody, expectedBody);