fix(spdx): adds support for reading ReferenceCategories with hyphens (f…

…ixes CycloneDX#267) Signed-off-by: Wessel Terpstra <wessel@wesselterpstra.com>
wterpstra · Nov 6, 2023 · 7e6f223 · 7e6f223
1 parent 1e3886b
commit 7e6f223
Show file tree

Hide file tree

Showing 13 changed files with 2,224 additions and 2 deletions.
diff --git a/src/CycloneDX.Spdx/Models/v2_2/ExternalRef.cs b/src/CycloneDX.Spdx/Models/v2_2/ExternalRef.cs
@@ -16,6 +16,7 @@
 // Copyright (c) OWASP Foundation. All Rights Reserved.
 
 using System;
+using System.Text.Json.Serialization;
 using System.Xml.Serialization;
 
 namespace CycloneDX.Spdx.Models.v2_2
@@ -28,8 +29,34 @@ public class ExternalRef
         /// <summary>
         /// Category for the external reference
         /// </summary>
-        [XmlElement("referenceCategory")]
+        [XmlIgnore]
         public ExternalRefCategory ReferenceCategory { get; set; }
+
+        /// <summary>
+        /// Category for the external reference, adjusted to allow values with hyphens and underscores
+        /// </summary>
+        [XmlElement("referenceCategory")]
+        [JsonIgnore]
+        public string ReferenceCategoryAsString
+        {
+            get => ReferenceCategory.ToString();
+            set
+            {
+                switch (value.ToUpperInvariant())
+                {
+                    case "OTHER":
+                        ReferenceCategory = ExternalRefCategory.OTHER;
+                        break;
+                    case "SECURITY":
+                        ReferenceCategory = ExternalRefCategory.SECURITY;
+                        break;
+                    case "PACKAGE_MANAGER":
+                    case "PACKAGE-MANAGER":
+                        ReferenceCategory = ExternalRefCategory.PACKAGE_MANAGER;
+                        break;
+                }
+            }
+        }
 
         /// <summary>
         /// The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location. The format of the locator is subject to constraints defined by the &lt;type&gt;.

diff --git a/src/CycloneDX.Spdx/Schemas/spdx-2.2.schema.json b/src/CycloneDX.Spdx/Schemas/spdx-2.2.schema.json
@@ -317,7 +317,7 @@
                 "referenceCategory" : {
                   "description" : "Category for the external reference",
                   "type" : "string",
-                  "enum" : [ "OTHER", "PERSISTENT_ID", "SECURITY", "PACKAGE_MANAGER" ]
+                  "enum" : [ "OTHER", "PERSISTENT_ID", "SECURITY", "PACKAGE_MANAGER", "PACKAGE-MANAGER", "PERSISTENT-ID" ]
                 },
                 "referenceLocator" : {
                   "description" : "The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location. The format of the locator is subject to constraints defined by the <type>.",

diff --git a/src/CycloneDX.Spdx/Serialization/Converters/HyphenToUnderscoreEnumConverter.cs b/src/CycloneDX.Spdx/Serialization/Converters/HyphenToUnderscoreEnumConverter.cs
@@ -0,0 +1,62 @@
+// This file is part of CycloneDX Library for .NET
+//
+// Licensed under the Apache License, Version 2.0 (the “License”);
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an “AS IS” BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (c) OWASP Foundation. All Rights Reserved.
+
+using System;
+using System.Diagnostics.Contracts;
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+namespace CycloneDX.Spdx.Serialization.Converters
+{
+
+    public class HyphenToUnderscoreEnumConverter<T> : JsonConverter<T> where T: struct
+    {
+        public override T Read(
+            ref Utf8JsonReader reader,
+            Type typeToConvert,
+            JsonSerializerOptions options)
+        {
+            if (reader.TokenType == JsonTokenType.Null
+                || reader.TokenType != JsonTokenType.String)
+            {
+                throw new JsonException();
+            }
+
+            var enumString = reader.GetString();
+
+            T enumValue;
+            var success = Enum.TryParse<T>(enumString.Replace("-", "_"), ignoreCase: true, out enumValue);
+            if (success)
+            {
+                return enumValue;
+            }
+            else
+            {
+                throw new JsonException();
+            }
+        }
+
+        public override void Write(
+            Utf8JsonWriter writer,
+            T value,
+            JsonSerializerOptions options)
+        {
+            Contract.Requires(writer != null);
+            writer.WriteStringValue(value.ToString());
+        }
+    }
+}
diff --git a/src/CycloneDX.Spdx/Serialization/JsonSerializer.cs b/src/CycloneDX.Spdx/Serialization/JsonSerializer.cs
@@ -21,6 +21,8 @@
 using System.Text.Json;
 using System.Text.Json.Serialization;
 using System.Threading.Tasks;
+using CycloneDX.Spdx.Models.v2_2;
+using CycloneDX.Spdx.Serialization.Converters;
 
 namespace CycloneDX.Spdx.Serialization
 {
@@ -38,6 +40,7 @@ public static JsonSerializerOptions GetJsonSerializerOptions_v2_2()
                 PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
                 DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull,
             };
+            options.Converters.Add(new HyphenToUnderscoreEnumConverter<ExternalRefCategory>());
             options.Converters.Add(new JsonStringEnumConverter());
             return options;
         }

diff --git a/tests/CycloneDX.Spdx.Tests/JsonSerializerTests.cs b/tests/CycloneDX.Spdx.Tests/JsonSerializerTests.cs
@@ -29,6 +29,7 @@ public class JsonSerializerTests
     {
         [Theory]
         [InlineData("document")]
+        [InlineData("document-with-hyphens-in-external-reference-category")]
         public void JsonRoundTripTest(string baseFilename)
         {
             var resourceFilename = Path.Join("Resources", "v2.2", baseFilename + ".json");
@@ -42,6 +43,7 @@ public void JsonRoundTripTest(string baseFilename)
 
         [Theory]
         [InlineData("document")]
+        [InlineData("document-with-hyphens-in-external-reference-category")]
         public async Task JsonAsyncRoundTripTest(string baseFilename)
         {
             var resourceFilename = Path.Join("Resources", "v2.2", baseFilename + ".json");

diff --git a/tests/CycloneDX.Spdx.Tests/JsonValidatorTests.cs b/tests/CycloneDX.Spdx.Tests/JsonValidatorTests.cs
@@ -29,6 +29,7 @@ public class JsonValidatorTests
     {
         [Theory]
         [InlineData("document")]
+        [InlineData("document-with-hyphens-in-external-reference-category")]
         public void ValidateJsonStringTest(string baseFilename)
         {
             var resourceFilename = Path.Join("Resources", "v2.2", baseFilename + ".json");
@@ -41,6 +42,7 @@ public void ValidateJsonStringTest(string baseFilename)
 
         [Theory]
         [InlineData("document")]
+        [InlineData("document-with-hyphens-in-external-reference-category")]
         public async Task ValidateJsonStreamTest(string baseFilename)
         {
             var resourceFilename = Path.Join("Resources", "v2.2", baseFilename + ".json");