From baa79cb57bdf34bdae1349f948fa32950f595a83 Mon Sep 17 00:00:00 2001 From: u239009 Date: Tue, 7 Mar 2023 09:31:45 +0100 Subject: [PATCH] fix: url and identifier cannot be used simultaneously but one of them must be set --- .../v3/parser/util/OpenAPIDeserializer.java | 12 +- .../parser/util/OpenAPIDeserializerTest.java | 121 ++++++++++++++++++ 2 files changed, 131 insertions(+), 2 deletions(-) diff --git a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java index fbcd77b068..61265f3942 100644 --- a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java +++ b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java @@ -1305,9 +1305,17 @@ public License getLicense(ObjectNode node, String location, ParseResult result) } if (result.isOpenapi31()) { - value = getString("identifier", node, true, location, result); + // either the url must be set or the identifier but not both + boolean needsIdentifier = license.getUrl() == null; + value = getString("identifier", node, needsIdentifier, location, result); + if (StringUtils.isNotBlank(value)) { - license.setIdentifier(value); + if (!needsIdentifier) { + result.extra(location, "identifier", node); + result.invalid(); + } else { + license.setIdentifier(value); + } } } diff --git a/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/util/OpenAPIDeserializerTest.java b/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/util/OpenAPIDeserializerTest.java index 2cadef7b78..945396eb73 100644 --- a/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/util/OpenAPIDeserializerTest.java +++ b/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/util/OpenAPIDeserializerTest.java @@ -162,6 +162,127 @@ public void testEmptyDefinitions() throws Exception { } + @Test + public void testIdentifierAndUrlInvalid() throws Exception { + String yaml = "openapi: 3.1.0\n" + + "servers:\n" + + " - url: 'http://abc:5555/mypath'\n" + + "info:\n" + + " version: '1.0'\n" + + " title: dd\n" + + " license:\n" + + " name: test\n" + + " url: http://example.com\n" + + " identifier: test\n" + + "paths:\n" + + " /resource1/Id:\n" + + " post:\n" + + " description: ''\n" + + " operationId: postOp\n" + + " responses:\n" + + " '200':\n" + + " description: Successful\n" + + " '401':\n" + + " description: Access Denied\n" + + " requestBody:\n" + + " content:\n" + + " application/json:\n" + + " schema:\n" + + " $ref: '#/components/schemas/mydefinition'\n" + + " required: true\n" + + "components:\n" + + " schemas:\n" + + " mydefinition: {}"; + + OpenAPIV3Parser parser = new OpenAPIV3Parser(); + + SwaggerParseResult result = parser.readContents(yaml,null,null); + OpenAPI openAPI = result.getOpenAPI(); + assertNotNull(openAPI); + + assertEquals(result.getMessages().size(), 1); + assertTrue(result.getMessages().get(0).contains("identifier")); + } + + @Test + public void testUrlValid() { + String yaml = "openapi: 3.1.0\n" + + "servers:\n" + + " - url: 'http://abc:5555/mypath'\n" + + "info:\n" + + " version: '1.0'\n" + + " title: dd\n" + + " license:\n" + + " name: test\n" + + " url: http://example.com\n" + + "paths:\n" + + " /resource1/Id:\n" + + " post:\n" + + " description: ''\n" + + " operationId: postOp\n" + + " responses:\n" + + " '200':\n" + + " description: Successful\n" + + " '401':\n" + + " description: Access Denied\n" + + " requestBody:\n" + + " content:\n" + + " application/json:\n" + + " schema:\n" + + " $ref: '#/components/schemas/mydefinition'\n" + + " required: true\n" + + "components:\n" + + " schemas:\n" + + " mydefinition: {}"; + + OpenAPIV3Parser parser = new OpenAPIV3Parser(); + + SwaggerParseResult result = parser.readContents(yaml,null,null); + OpenAPI openAPI = result.getOpenAPI(); + assertNotNull(openAPI); + + assertEquals(result.getMessages().size(), 0); + } + + @Test + public void testIdentifierValid() { + String yaml = "openapi: 3.1.0\n" + + "servers:\n" + + " - url: 'http://abc:5555/mypath'\n" + + "info:\n" + + " version: '1.0'\n" + + " title: dd\n" + + " license:\n" + + " name: test\n" + + " identifier: abc\n" + + "paths:\n" + + " /resource1/Id:\n" + + " post:\n" + + " description: ''\n" + + " operationId: postOp\n" + + " responses:\n" + + " '200':\n" + + " description: Successful\n" + + " '401':\n" + + " description: Access Denied\n" + + " requestBody:\n" + + " content:\n" + + " application/json:\n" + + " schema:\n" + + " $ref: '#/components/schemas/mydefinition'\n" + + " required: true\n" + + "components:\n" + + " schemas:\n" + + " mydefinition: {}"; + + OpenAPIV3Parser parser = new OpenAPIV3Parser(); + + SwaggerParseResult result = parser.readContents(yaml,null,null); + OpenAPI openAPI = result.getOpenAPI(); + assertNotNull(openAPI); + + assertEquals(result.getMessages().size(), 0); + } @Test public void testSecurityDeserialization() throws Exception {