From 7bafd9d68fdb8a86c4c417247687f7d1128825e6 Mon Sep 17 00:00:00 2001 From: marinnicolae Date: Mon, 28 Feb 2022 14:35:58 +0200 Subject: [PATCH 1/6] Update schemaEndpointResolver.js Check only if the key exists in path attributes when matching the route without exactMatch for cases when path parameter is empty --- src/utils/schemaEndpointResolver.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/utils/schemaEndpointResolver.js b/src/utils/schemaEndpointResolver.js index 17b4448..68068fb 100644 --- a/src/utils/schemaEndpointResolver.js +++ b/src/utils/schemaEndpointResolver.js @@ -31,7 +31,7 @@ function _pathMatcherInternal(routes, path, exactMatch) { if (!exactMatch) { // if current path segment is param - if (seg.startsWith(':') && pathArr[idx]) return true; + if (seg.startsWith(':') && (idx in pathArr)) return true; } return false; From 130c19129c8866d72710f074f38bee91aec9f625 Mon Sep 17 00:00:00 2001 From: marinnicolae Date: Mon, 28 Feb 2022 14:40:57 +0200 Subject: [PATCH 2/6] Update middleware-test.js Add test for case when path parameter is empty string --- test/express/middleware-test.js | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/test/express/middleware-test.js b/test/express/middleware-test.js index 27612a5..ad37948 100644 --- a/test/express/middleware-test.js +++ b/test/express/middleware-test.js @@ -345,6 +345,22 @@ describe('input-validation middleware tests - Express', function () { done(); }); }); + it('bad path param - wrong format empty string', function (done) { + request(app) + .get('/pets/') + .set('request-id', '1234') + .set('api-version', '1.0') + .query({ limit: '50', page: 0 }) + .expect(400, function (err, res) { + if (err) { + throw err; + } + const moreInfoAsJson = JSON.parse(res.body.more_info); + expect(moreInfoAsJson).to.be.instanceof(Array); + expect(res.body.more_info).to.includes('petId'); + done(); + }); + }); it('bad body - wrong format nested attribute (not parameters)', function (done) { request(app) .put('/pets') From 5408a6e3f45d43a70121ef2188b10157c4d78530 Mon Sep 17 00:00:00 2001 From: marinnicolae Date: Mon, 28 Feb 2022 15:18:59 +0200 Subject: [PATCH 3/6] Update middleware-test.js remove express test case --- test/express/middleware-test.js | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/test/express/middleware-test.js b/test/express/middleware-test.js index ad37948..27612a5 100644 --- a/test/express/middleware-test.js +++ b/test/express/middleware-test.js @@ -345,22 +345,6 @@ describe('input-validation middleware tests - Express', function () { done(); }); }); - it('bad path param - wrong format empty string', function (done) { - request(app) - .get('/pets/') - .set('request-id', '1234') - .set('api-version', '1.0') - .query({ limit: '50', page: 0 }) - .expect(400, function (err, res) { - if (err) { - throw err; - } - const moreInfoAsJson = JSON.parse(res.body.more_info); - expect(moreInfoAsJson).to.be.instanceof(Array); - expect(res.body.more_info).to.includes('petId'); - done(); - }); - }); it('bad body - wrong format nested attribute (not parameters)', function (done) { request(app) .put('/pets') From 1db7eec1d05e70a5d081e4712a25addce49034da Mon Sep 17 00:00:00 2001 From: marinnicolae Date: Mon, 28 Feb 2022 15:21:23 +0200 Subject: [PATCH 4/6] Update pet-store-swagger.yaml define swagger path for child resource --- test/pet-store-swagger.yaml | 62 +++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/test/pet-store-swagger.yaml b/test/pet-store-swagger.yaml index fe8fe91..5883ef5 100644 --- a/test/pet-store-swagger.yaml +++ b/test/pet-store-swagger.yaml @@ -226,6 +226,68 @@ paths: description: unexpected error schema: $ref: '#/definitions/Error' + /pets/{petId}/medicalHistory: + get: + summary: Medical history for a specific pet + operationId: medicalHistoryByPetId + tags: + - pets + parameters: + - $ref: '#/parameters/ApiVersion' + - $ref: '#/parameters/ApiRequestId' + - name: petId + in: path + required: true + description: The id of the pet to retrieve + type: string + minLength: 3 + maxLength: 10 + responses: + "200": + description: Expected response to a valid request + schema: + $ref: '#/definitions/Pets' + default: + description: unexpected error + schema: + $ref: '#/definitions/Error' + put: + summary: Medical history for a specific pet + operationId: medicalHistoryByPetId + tags: + - pets + consumes: + - application/json + parameters: + - $ref: '#/parameters/ApiVersion' + - $ref: '#/parameters/ApiRequestId' + - name: petId + in: path + required: true + description: The id of the pet to retrieve + type: string + minLength: 3 + maxLength: 10 + - name: body + in: body + schema: + type: object + properties: + name: + type: string + age: + type: integer + tag: + type: string + responses: + "200": + description: Expected response to a valid request + schema: + $ref: '#/definitions/Pets' + default: + description: unexpected error + schema: + $ref: '#/definitions/Error' /pets/search: get: summary: Search for a pet From 7e8f243dfafeacb064b66ce60f39a5de0efbf8c8 Mon Sep 17 00:00:00 2001 From: marinnicolae Date: Mon, 28 Feb 2022 15:23:19 +0200 Subject: [PATCH 5/6] Update fastify-test.js add tests for api with child resource and empty path parameter --- test/fastify/fastify-test.js | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/test/fastify/fastify-test.js b/test/fastify/fastify-test.js index 348314f..00e8444 100644 --- a/test/fastify/fastify-test.js +++ b/test/fastify/fastify-test.js @@ -29,6 +29,10 @@ describe('fastify plugin', () => { app.get('/pets', (req, reply) => { reply.status(204).send(); }); + + app.get('/pets/:petId/medicalHistory', (req, reply) => { + reply.status(204).send(); + }); app.post('/pets', (req, reply) => { reply.status(201).send(); @@ -106,4 +110,22 @@ describe('fastify plugin', () => { }).post('/pets'); expect(response.statusCode).to.equal(400); }); + it('Invalid path parameter - too short', async () => { + const response = await app.inject() + .headers({ + 'api-version': '1.0' + }) + .get('/pets/11/medicalHistory'); + expect(response.statusCode).to.equal(400); + console.log(response); + }); + it('Invalid path parameter - empty', async () => { + const response = await app.inject() + .headers({ + 'api-version': '1.0' + }) + .get('/pets//medicalHistory'); + expect(response.statusCode).to.equal(400); + console.log(response); + }); }); From 109d5e6acb2402e6a3293ef988f34f7882de1613 Mon Sep 17 00:00:00 2001 From: Nicolae Marin Date: Mon, 28 Feb 2022 16:09:40 +0200 Subject: [PATCH 6/6] lint fix --- test/fastify/fastify-test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/fastify/fastify-test.js b/test/fastify/fastify-test.js index 00e8444..e3576a3 100644 --- a/test/fastify/fastify-test.js +++ b/test/fastify/fastify-test.js @@ -29,7 +29,7 @@ describe('fastify plugin', () => { app.get('/pets', (req, reply) => { reply.status(204).send(); }); - + app.get('/pets/:petId/medicalHistory', (req, reply) => { reply.status(204).send(); });