diff --git a/package-lock.json b/package-lock.json index 83993e3..e6d9592 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6723,9 +6723,9 @@ "dev": true }, "progress": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.0.tgz", - "integrity": "sha1-ihvjZr+Pwj2yvSPxDG/pILQ4nR8=", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.1.tgz", + "integrity": "sha512-OE+a6vzqazc+K6LxJrX5UPyKFvGnL5CYmq2jFGNIBWHpc4QyE49/YOumcrpQFJpfejmvRtbJzgO1zPmMCqlbBg==", "dev": true }, "pseudomap": { diff --git a/src/core/spec/start/normalize/content_negotiation.js b/src/core/spec/start/normalize/content_negotiation.js index 696e2d1..358974e 100644 --- a/src/core/spec/start/normalize/content_negotiation.js +++ b/src/core/spec/start/normalize/content_negotiation.js @@ -13,6 +13,11 @@ const getNegotiationsParams = function({ spec, operation, params }) { // A random request Content-Type will be picked const getContentTypeParam = function({ spec, operation, params }) { const consumes = getConsumes({ spec, operation }) + + if(consumes === undefined) { + return + } + const consumesA = filterFormDataMimes({ mimes: consumes, params }) if (consumesA === undefined) { diff --git a/src/core/spec/start/normalize/params/security.js b/src/core/spec/start/normalize/params/security.js index a6c48a6..f4f8ad4 100644 --- a/src/core/spec/start/normalize/params/security.js +++ b/src/core/spec/start/normalize/params/security.js @@ -10,17 +10,40 @@ const IN_TO_LOCATION = require('./in_to_location') // Normalize OpenAPI security request parameters into specification-agnostic // format const getSecParams = function({ - spec: { securityDefinitions, security: apiSecurity = [] }, + spec: { + securityDefinitions, + security: apiSecurity = [], + components: { + securitySchemes: secSchemes + } + }, operation: { security = apiSecurity }, }) { const secRefs = getSecRefs({ security }) + const secDef = getSecDefs({ securityDefinitions, securitySchemes: secSchemes}) const secParams = secRefs.map(([secName, scopes]) => - getSecParam({ secName, scopes, securityDefinitions }), + getSecParam({ secName, scopes, securityDefinitions: secDef }), ) const secParamsA = Object.assign({}, ...secParams) return secParamsA } +const getSecDefs = function({ securityDefinitions, securitySchemes }) { + // Check if either 2.0 or 3.0 exist + if ((securityDefinitions === undefined) && (securitySchemes === undefined)) { + throw new TestOpenApiError( + `Could not find OpenAPI 2 'securityDefinitions' or OpenAPI 3 'components.securitySchemes' from the spec root` + ) + } + + // Check for 2.0 + if (securityDefinitions === undefined) { + return securitySchemes + } + + return securityDefinitions +} + const getSecRefs = function({ security }) { const securityA = security.map(Object.entries) const securityB = [].concat(...securityA) @@ -62,10 +85,31 @@ const getDefApiKey = function({ name, in: paramIn }) { return { [key]: { type: 'string', optional: true } } } +const getDefHttpKey = function({ scheme }) { + const scheme_type = HTTP_SCHEME_TYPES[scheme] + + if (scheme_type === undefined) { + throw new TestOpenApiError( + `Other HTTP schemes defined by RFC 7235 not yet supported`, + ) + } + + const location = IN_TO_LOCATION['header'] + const key = locationToKey({ name: 'authorization', location}) + + return { [key]: { type: 'string', optional: false } } +} + const SECURITY_DEFS = { apiKey: getDefApiKey, + http: getDefHttpKey } +const HTTP_SCHEME_TYPES = Object.freeze({ + "basic": 1, + "bearer": 2 +}) + module.exports = { getSecParams, }