diff --git a/README.md b/README.md
index e16152da..687fee9d 100644
--- a/README.md
+++ b/README.md
@@ -104,12 +104,116 @@ NOTE: the second command uses the org name from perferences
apigeecli is can also be used as a golang based client library. Look at this [sample](./samples) for more details
-## Docker
+## Generating API Proxies from OpenAPI Specs
+
+apigeecli allows the user to generate Apigee API Proxy bundles from an OpenAPI spec (only 3.0.x supported). The Apigee control plane does not support custom formats (ex: uuid). If you spec contains custom formats, consider the following flags
+
+* `--formatValidation=false`: this disables validation for custom formats.
+* `--skip-policy=false`: By default the OAS policy is added to the proxy (to validate API requests). By setting this to false, schema validation is not enabled and the control plane will not reject the bundle due to custom formats.
+
+The following actions are automatically implemented when the API Proxy bundle is generated:
+
+### Security Policies
+
+If the spec defines securitySchemes, for ex the following snippet:
+
+```yaml
+components:
+ securitySchemes:
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: 'http://petstore.swagger.io/api/oauth/dialog'
+ scopes:
+ 'write:pets': modify pets in your account
+ 'read:pets': read your pets
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+```
-Use apigecli via docker
+is interpreted as OAuth-v20 (verification only) policy and the VerifyAPIKey policy.
-```bash
-docker run --name apigeecli -v path-to-service-account.json:/etc/client_secret.json --rm nandanks/apigeecli:v{Tag} orgs list -a /etc/client_secret.json
+
+These security schemes can be added to the PreFlow by enabling the scheme globally
+
+```yaml
+security:
+ - api_key: []
+```
+
+Or within a Flow Condition like this
+
+```yaml
+ '/pet/{petId}/uploadImage':
+ post:
+ ...
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+
+```
+
+### Dynamic target endpoints
+
+apigeecli allows the user to dynamically set a target endpoint. These is especially useful when deploying target/backend applications to GCP's serverless platforms like Cloud Run, Cloud Functions etc. apigeecli also allows the user to enable Apigee'e [Google authentication](https://cloud.google.com/apigee/docs/api-platform/security/google-auth/overview) before connecting to the backend.
+
+#### Set a dynamic target
+
+```sh
+apigeecli apis create -n petstore -f ./test/petstore.yaml --oas-target-url-ref=propertyset.petstore.url
+```
+
+This example dynamically sets the `target.url` message context variable. This variable is retrieved from a propertyset file. It is expected the user will separately upload an environment scoped propertyset file with this key.
+
+#### Set a dynamic target for Cloud Run
+
+```sh
+apigeecli apis create -n petstore -f ./test/petstore.yaml --oas-google-idtoken-aud-ref=propertyset.petstore.aud --oas-target-url-ref=propertyset.petstore.url
+```
+
+This example dynamically sets the Google Auth `audience` and the `target.url` message context variable. These variables are retrieved from a propertyset file. It is expected the user will separately upload an environment scoped propertyset file with these keys. If you do not wish to user a property to set these values later, you can use `--oas-google-idtoken-aud-literal` to set the audience directly in the API Proxy.
+
+While this example shows the use of Google IDToken, Google Access Token is also supported. To use Google Access Token, use the `oas-google-accesstoken-scope-literal` flag instead.
+
+### Traffic Management
+
+apigeeli allow the user to add [SpikeArrest](https://cloud.google.com/apigee/docs/api-platform/reference/policies/spike-arrest-policy) or [Quota](https://cloud.google.com/apigee/docs/api-platform/reference/policies/quota-policy) policies. Since OpenAPI spec does not natively support the ability to specify such policies, a custom extension is used.
+
+#### Quota custom extension
+
+The following configuration allows the user to specify quota parameters in the API Proxy.
+
+```yaml
+x-google-quota:
+ - name: test1 # this is appended to the quota policy name, ex: Quota-test1
+ interval-literal: 1 # specify the interval in the policy, use interval-ref to specify a variable
+ timeunit-literal: minute # specify the timeUnit in the policy, use timeUnit-ref to specify a variable
+ allow-literal: 1 # specify the allowed rate in the policy, use allow-ref to specify a variable
+```
+
+NOTE: literals cannot be combined with variables.
+
+The following configuration allows the user to derive quota parameters from an API Product
+
+```yaml
+x-google-quota:
+ - name: test1 # this is appended to the quota policy name, ex: Quota-test1
+ useQuotaConfigInAPIProduct: Verify-API-Key-api_key # specify the step name that contains the consumer identification. Must be OAuth or VerifyAPIKey step.
+```
+
+The above configurations are mutually exclusive.
+
+#### SpikeArrest custom extension
+
+```yaml
+x-google-ratelimit:
+ - name: test1 # this is appended to the quota policy name, ex: Spike-Arrest-test1
+ rate-literal: 10ps # specify the allowed interval in the policy, use rate-ref to specify a variable
+ identifier-ref: request.header.url #optional, specify msg ctx var for the identifier
```
___
diff --git a/bundlegen/generateapi.go b/bundlegen/generateapi.go
index 5ed8e906..95fcfd6d 100644
--- a/bundlegen/generateapi.go
+++ b/bundlegen/generateapi.go
@@ -15,6 +15,7 @@
package bundlegen
import (
+ "encoding/json"
"fmt"
"net/url"
"path"
@@ -25,7 +26,8 @@ import (
"github.com/getkin/kin-openapi/openapi3"
"github.com/ghodss/yaml"
apiproxy "github.com/srinandan/apigeecli/bundlegen/apiproxydef"
- proxies "github.com/srinandan/apigeecli/bundlegen/proxies"
+ "github.com/srinandan/apigeecli/bundlegen/policies"
+ "github.com/srinandan/apigeecli/bundlegen/proxies"
targets "github.com/srinandan/apigeecli/bundlegen/targets"
)
@@ -33,6 +35,28 @@ type pathDetailDef struct {
OperationID string
Description string
SecurityScheme securitySchemesDef
+ SpikeArrest spikeArrestDef
+ Quota quotaDef
+}
+
+type spikeArrestDef struct {
+ SpikeArrestEnabled bool
+ SpikeArrestName string
+ SpikeArrestIdentifierRef string
+ SpikeArrestRateRef string
+ SpikeArrestRateLiteral string
+}
+
+type quotaDef struct {
+ QuotaEnabled bool
+ QuotaName string
+ QuotaAllowRef string
+ QuotaAllowLiteral string
+ QuotaIntervalRef string
+ QuotaIntervalLiteral string
+ QuotaTimeUnitRef string
+ QuotaTimeUnitLiteral string
+ QuotaConfigStepName string
}
type oAuthPolicyDef struct {
@@ -59,6 +83,9 @@ var generateSetTarget bool
var securitySchemesList = securitySchemesListDef{}
+var quotaPolicyContent = map[string]string{}
+var spikeArrestPolicyContent = map[string]string{}
+
var doc *openapi3.T
func LoadDocumentFromFile(filePath string, validate bool, formatValidation bool) (string, []byte, error) {
@@ -141,7 +168,14 @@ func isFileYaml(name string) bool {
return false
}
-func GenerateAPIProxyDefFromOAS(name string, oasDocName string, skipPolicy bool, addCORS bool, oasGoogleAcessTokenScopeLiteral string, oasGoogleIdTokenAudLiteral string, oasGoogleIdTokenAudRef string, oasTargetUrlRef string) (err error) {
+func GenerateAPIProxyDefFromOAS(name string,
+ oasDocName string,
+ skipPolicy bool,
+ addCORS bool,
+ oasGoogleAcessTokenScopeLiteral string,
+ oasGoogleIdTokenAudLiteral string,
+ oasGoogleIdTokenAudRef string,
+ oasTargetUrlRef string) (err error) {
if doc == nil {
return fmt.Errorf("Open API document not loaded")
@@ -195,7 +229,25 @@ func GenerateAPIProxyDefFromOAS(name string, oasDocName string, skipPolicy bool,
if securityScheme.APIKeyPolicy.APIKeyPolicyEnabled {
proxies.AddStepToPreFlowRequest("Verify-API-Key-" + securityScheme.SchemeName)
} else if securityScheme.OAuthPolicy.OAuthPolicyEnabled {
- apiproxy.AddPolicy("OAuth-v20-1")
+ proxies.AddStepToPreFlowRequest("OAuth-v20-1")
+ }
+ }
+
+ //add any preflow quota or rate limit policies
+ if doc.Extensions != nil {
+ spikeArrestList, quotaList, err := processPreFlowExtensions(doc.Extensions)
+ if err != nil {
+ return err
+ }
+ if len(spikeArrestList) > 0 {
+ for _, spikeArrest := range spikeArrestList {
+ proxies.AddStepToPreFlowRequest("Spike-Arrest-" + spikeArrest.SpikeArrestName)
+ }
+ }
+ if len(quotaList) > 0 {
+ for _, quota := range quotaList {
+ proxies.AddStepToPreFlowRequest("Quota-" + quota.QuotaName)
+ }
}
}
@@ -231,8 +283,9 @@ func GetEndpoint(doc *openapi3.T) (u *url.URL, err error) {
return url.Parse(doc.Servers[0].URL)
}
-func GetHTTPMethod(pathItem *openapi3.PathItem, keyPath string) map[string]pathDetailDef {
+func GetHTTPMethod(pathItem *openapi3.PathItem, keyPath string) (map[string]pathDetailDef, error) {
+ var err error
pathMap := make(map[string]pathDetailDef)
alternateOperationId := strings.ReplaceAll(keyPath, "\\", "_")
@@ -250,6 +303,12 @@ func GetHTTPMethod(pathItem *openapi3.PathItem, keyPath string) map[string]pathD
securityRequirements := []openapi3.SecurityRequirement(*pathItem.Get.Security)
getPathDetail.SecurityScheme = getSecurityRequirements(securityRequirements)
}
+ //check for google extensions
+ if pathItem.Get.Extensions != nil {
+ if getPathDetail, err = processPathExtensions(pathItem.Get.Extensions, getPathDetail); err != nil {
+ return nil, err
+ }
+ }
pathMap["get"] = getPathDetail
}
@@ -267,6 +326,12 @@ func GetHTTPMethod(pathItem *openapi3.PathItem, keyPath string) map[string]pathD
securityRequirements := []openapi3.SecurityRequirement(*pathItem.Post.Security)
postPathDetail.SecurityScheme = getSecurityRequirements(securityRequirements)
}
+ //check for google extensions
+ if pathItem.Post.Extensions != nil {
+ if postPathDetail, err = processPathExtensions(pathItem.Post.Extensions, postPathDetail); err != nil {
+ return nil, err
+ }
+ }
pathMap["post"] = postPathDetail
}
@@ -284,6 +349,12 @@ func GetHTTPMethod(pathItem *openapi3.PathItem, keyPath string) map[string]pathD
securityRequirements := []openapi3.SecurityRequirement(*pathItem.Put.Security)
putPathDetail.SecurityScheme = getSecurityRequirements(securityRequirements)
}
+ //check for google extensions
+ if pathItem.Put.Extensions != nil {
+ if putPathDetail, err = processPathExtensions(pathItem.Put.Extensions, putPathDetail); err != nil {
+ return nil, err
+ }
+ }
pathMap["put"] = putPathDetail
}
@@ -301,6 +372,12 @@ func GetHTTPMethod(pathItem *openapi3.PathItem, keyPath string) map[string]pathD
securityRequirements := []openapi3.SecurityRequirement(*pathItem.Patch.Security)
patchPathDetail.SecurityScheme = getSecurityRequirements(securityRequirements)
}
+ //check for google extensions
+ if pathItem.Patch.Extensions != nil {
+ if patchPathDetail, err = processPathExtensions(pathItem.Patch.Extensions, patchPathDetail); err != nil {
+ return nil, err
+ }
+ }
pathMap["patch"] = patchPathDetail
}
@@ -318,6 +395,12 @@ func GetHTTPMethod(pathItem *openapi3.PathItem, keyPath string) map[string]pathD
securityRequirements := []openapi3.SecurityRequirement(*pathItem.Delete.Security)
deletePathDetail.SecurityScheme = getSecurityRequirements(securityRequirements)
}
+ //check for google extensions
+ if pathItem.Delete.Extensions != nil {
+ if deletePathDetail, err = processPathExtensions(pathItem.Delete.Extensions, deletePathDetail); err != nil {
+ return nil, err
+ }
+ }
pathMap["delete"] = deletePathDetail
}
@@ -360,12 +443,15 @@ func GetHTTPMethod(pathItem *openapi3.PathItem, keyPath string) map[string]pathD
pathMap["head"] = headPathDetail
}
- return pathMap
+ return pathMap, nil
}
func GenerateFlows(paths openapi3.Paths) (err error) {
for keyPath := range paths {
- pathMap := GetHTTPMethod(paths[keyPath], keyPath)
+ pathMap, err := GetHTTPMethod(paths[keyPath], keyPath)
+ if err != nil {
+ return err
+ }
for method, pathDetail := range pathMap {
proxies.AddFlow(pathDetail.OperationID, replacePathWithWildCard(keyPath), method, pathDetail.Description)
if pathDetail.SecurityScheme.OAuthPolicy.OAuthPolicyEnabled {
@@ -377,6 +463,16 @@ func GenerateFlows(paths openapi3.Paths) (err error) {
return err
}
}
+ if pathDetail.SpikeArrest.SpikeArrestEnabled {
+ if err = proxies.AddStepToFlowRequest("Spike-Arrest-"+pathDetail.SpikeArrest.SpikeArrestName, pathDetail.OperationID); err != nil {
+ return err
+ }
+ }
+ if pathDetail.Quota.QuotaEnabled {
+ if err = proxies.AddStepToFlowRequest("Quota-"+pathDetail.Quota.QuotaName, pathDetail.OperationID); err != nil {
+ return err
+ }
+ }
}
}
return nil
@@ -444,3 +540,167 @@ func loadSecurityRequirements(securitySchemes openapi3.SecuritySchemes) {
func GetSecuritySchemesList() []securitySchemesDef {
return securitySchemesList.SecuritySchemes
}
+
+func getQuotaDefinition(i interface{}) (quotaDef, error) {
+ var jsonArrayMap []map[string]interface{}
+
+ quota := quotaDef{}
+ jsonMap := map[string]string{}
+ str := fmt.Sprintf("%s", i)
+
+ if err := json.Unmarshal([]byte(str), &jsonArrayMap); err != nil {
+ fmt.Println(err)
+ return quotaDef{}, err
+ }
+
+ for _, m := range jsonArrayMap {
+ for k, v := range m {
+ jsonMap[k] = fmt.Sprintf("%v", v)
+ }
+ }
+
+ if jsonMap["name"] != "" {
+ quota.QuotaName = jsonMap["name"]
+ quota.QuotaEnabled = true
+ } else {
+ return quotaDef{}, fmt.Errorf("x-google-quota extension must have a name")
+ }
+
+ if jsonMap["useQuotaConfigInAPIProduct"] != "" {
+ quota.QuotaConfigStepName = jsonMap["useQuotaConfigInAPIProduct"]
+ } else {
+ if jsonMap["allow-ref"] == "" && jsonMap["allow-literal"] == "" {
+ return quotaDef{}, fmt.Errorf("x-google-quota extension must have either allow-ref or allow-literal")
+ } else if jsonMap["allow-literal"] != "" {
+ quota.QuotaAllowLiteral = jsonMap["allow-literal"]
+ } else if jsonMap["allow-ref"] != "" {
+ quota.QuotaAllowRef = jsonMap["allow-ref"]
+ }
+
+ if jsonMap["interval-ref"] == "" && jsonMap["interval-literal"] == "" {
+ return quotaDef{}, fmt.Errorf("x-google-quota extension must have either interval-ref or interval-literal")
+ } else if jsonMap["interval-literal"] != "" {
+ quota.QuotaIntervalLiteral = jsonMap["interval-literal"]
+ } else if jsonMap["interval-ref"] != "" {
+ quota.QuotaIntervalRef = jsonMap["interval-ref"]
+ }
+
+ if jsonMap["timeunit-ref"] == "" && jsonMap["timeunit-literal"] == "" {
+ return quotaDef{}, fmt.Errorf("x-google-quota extension must have either timeunit-ref or timeunit-literal")
+ } else if jsonMap["timeunit-literal"] != "" {
+ quota.QuotaTimeUnitLiteral = jsonMap["timeunit-literal"]
+ } else if jsonMap["timeunit-ref"] != "" {
+ quota.QuotaTimeUnitRef = jsonMap["timeunit-ref"]
+ }
+ }
+
+ //store policy XML contents
+ quotaPolicyContent[quota.QuotaName] = policies.AddQuotaPolicy(
+ "Quota-"+quota.QuotaName,
+ quota.QuotaConfigStepName,
+ quota.QuotaAllowRef,
+ quota.QuotaAllowLiteral,
+ quota.QuotaIntervalRef,
+ quota.QuotaIntervalLiteral,
+ quota.QuotaTimeUnitRef,
+ quota.QuotaTimeUnitLiteral)
+
+ return quota, nil
+}
+
+func getSpikeArrestDefinition(i interface{}) (spikeArrestDef, error) {
+ var jsonArrayMap []map[string]interface{}
+
+ spikeArrest := spikeArrestDef{}
+ jsonMap := map[string]string{}
+ str := fmt.Sprintf("%s", i)
+
+ if err := json.Unmarshal([]byte(str), &jsonArrayMap); err != nil {
+ fmt.Println(err)
+ return spikeArrestDef{}, err
+ }
+
+ for _, m := range jsonArrayMap {
+ for k, v := range m {
+ jsonMap[k] = fmt.Sprintf("%v", v)
+ }
+ }
+
+ if jsonMap["identifier-ref"] != "" {
+ spikeArrest.SpikeArrestIdentifierRef = jsonMap["identifier-ref"]
+ } else {
+ return spikeArrestDef{}, fmt.Errorf("x-google-ratelimit extension must have an identifier-ref")
+ }
+
+ if jsonMap["name"] != "" {
+ spikeArrest.SpikeArrestName = jsonMap["name"]
+ spikeArrest.SpikeArrestEnabled = true
+ } else {
+ return spikeArrestDef{}, fmt.Errorf("x-google-ratelimit extension must have a name")
+ }
+
+ if jsonMap["rate-ref"] == "" && jsonMap["rate-literal"] == "" {
+ return spikeArrestDef{}, fmt.Errorf("x-google-ratelimit extension must have either rate-ref or rate-literal")
+ } else if jsonMap["rate-literal"] != "" {
+ spikeArrest.SpikeArrestRateLiteral = jsonMap["rate-literal"]
+ } else if jsonMap["rate-ref"] != "" {
+ spikeArrest.SpikeArrestRateRef = jsonMap["rate-ref"]
+ }
+
+ //store policy XML contents
+ spikeArrestPolicyContent[spikeArrest.SpikeArrestName] = policies.AddSpikeArrestPolicy("Spike-Arrest-"+spikeArrest.SpikeArrestName,
+ spikeArrest.SpikeArrestIdentifierRef,
+ spikeArrest.SpikeArrestRateRef,
+ spikeArrest.SpikeArrestRateLiteral)
+
+ return spikeArrest, nil
+}
+
+func processPathExtensions(extensions map[string]interface{}, pathDetail pathDetailDef) (pathDetailDef, error) {
+ var err error
+ for extensionName, extensionValue := range extensions {
+ if extensionName == "x-google-ratelimit" {
+ //process ratelimit
+ pathDetail.SpikeArrest, err = getSpikeArrestDefinition(extensionValue)
+ }
+ if extensionName == "x-google-quota" {
+ //process quota
+ pathDetail.Quota, err = getQuotaDefinition(extensionValue)
+ }
+ }
+ return pathDetail, err
+}
+
+func processPreFlowExtensions(extensions map[string]interface{}) ([]spikeArrestDef, []quotaDef, error) {
+ var err error
+ spikeArrestList := []spikeArrestDef{}
+ quotaList := []quotaDef{}
+
+ for extensionName, extensionValue := range extensions {
+ if extensionName == "x-google-ratelimit" {
+ //process ratelimit
+ spikeArrest, err := getSpikeArrestDefinition(extensionValue)
+ if err != nil {
+ return []spikeArrestDef{}, []quotaDef{}, err
+ }
+ spikeArrestList = append(spikeArrestList, spikeArrest)
+ }
+ if extensionName == "x-google-quota" {
+ //process quota
+ quota, err := getQuotaDefinition(extensionValue)
+ if err != nil {
+ return []spikeArrestDef{}, []quotaDef{}, err
+ }
+ quotaList = append(quotaList, quota)
+ }
+ }
+ return spikeArrestList, quotaList, err
+}
+
+func GetSpikeArrestPolicies() map[string]string {
+ return spikeArrestPolicyContent
+}
+
+func GetQuotaPolicies() map[string]string {
+ return quotaPolicyContent
+}
diff --git a/bundlegen/policies/policies.go b/bundlegen/policies/policies.go
index 85c8cdbd..831b9782 100644
--- a/bundlegen/policies/policies.go
+++ b/bundlegen/policies/policies.go
@@ -59,6 +59,37 @@ var corsPolicy = `
true
`
+var spikeArrestPolicy = `
+
+ Spike-Arrest-1
+
+ 1ps
+
+ true
+
+`
+
+var quotaPolicy1 = `
+
+ Quota-1
+
+
+
+
+ true
+ 2019-01-01 00:00:00
+
+`
+
+var quotaPolicy2 = `
+
+ Quota-1
+ step
+ true
+ 2019-01-01 00:00:00
+
+`
+
var setTargetEndpointPolicy = `
@@ -83,6 +114,59 @@ func AddVerifyApiKeyPolicy(location string, policyName string, keyName string) s
return strings.Replace(tmp, "Verify-API-Key-1", "Verify-API-Key-"+policyName, -1)
}
+func AddSpikeArrestPolicy(policyName string, identifierRef string, rateRef string, rateLiteral string) string {
+ policyString := strings.ReplaceAll(spikeArrestPolicy, "Spike-Arrest-1", policyName)
+ if rateLiteral != "" {
+ rate := "" + rateLiteral + ""
+ policyString = strings.ReplaceAll(policyString, "1ps", rate)
+ } else if rateRef != "" {
+ rate := ""
+ policyString = strings.ReplaceAll(policyString, "1ps", rate)
+ }
+ if identifierRef != "" {
+ identifer := ""
+ policyString = strings.ReplaceAll(policyString, "", identifer)
+ }
+
+ return policyString
+}
+
+func AddQuotaPolicy(policyName string, useQuotaConfigStepName string,
+ allowRef string, allowLiteral string,
+ intervalRef string, intervalLiteral string,
+ timeUnitRef string, timeUnitLiteral string) string {
+ var policyString string
+
+ if useQuotaConfigStepName != "" {
+ policyString = strings.ReplaceAll(quotaPolicy2, "Quota-1", policyName)
+ policyString = strings.ReplaceAll(policyString, "step", useQuotaConfigStepName)
+ } else {
+ policyString = strings.ReplaceAll(quotaPolicy1, "Quota-1", policyName)
+ if allowRef != "" {
+ allow := ""
+ policyString = strings.ReplaceAll(policyString, "", allow)
+ } else if allowLiteral != "" {
+ allow := ""
+ policyString = strings.ReplaceAll(policyString, "", allow)
+ }
+ if intervalRef != "" {
+ interval := ""
+ policyString = strings.ReplaceAll(policyString, "", interval)
+ } else if intervalLiteral != "" {
+ interval := "" + intervalLiteral + ""
+ policyString = strings.ReplaceAll(policyString, "", interval)
+ }
+ if timeUnitRef != "" {
+ timeUnit := ""
+ policyString = strings.ReplaceAll(policyString, "", timeUnit)
+ } else if timeUnitLiteral != "" {
+ timeUnit := "" + timeUnitLiteral + ""
+ policyString = strings.ReplaceAll(policyString, "", timeUnit)
+ }
+ }
+ return policyString
+}
+
func AddOAuth2Policy() string {
return oauth2Policy
}
diff --git a/bundlegen/proxybundle/proxybundle.go b/bundlegen/proxybundle/proxybundle.go
index 5787ed75..3f982093 100644
--- a/bundlegen/proxybundle/proxybundle.go
+++ b/bundlegen/proxybundle/proxybundle.go
@@ -39,7 +39,16 @@ import (
const rootDir = "apiproxy"
-func GenerateAPIProxyBundle(name string, content string, fileName string, resourceType string, skipPolicy bool, addCORS bool, oasGoogleAcessTokenScopeLiteral string, oasGoogleIdTokenAudLiteral string, oasGoogleIdTokenAudRef string, oasTargetUrlRef string) (err error) {
+func GenerateAPIProxyBundle(name string,
+ content string,
+ fileName string,
+ resourceType string,
+ skipPolicy bool,
+ addCORS bool,
+ oasGoogleAcessTokenScopeLiteral string,
+ oasGoogleIdTokenAudLiteral string,
+ oasGoogleIdTokenAudRef string,
+ oasTargetUrlRef string) (err error) {
var apiProxyData, proxyEndpointData, targetEndpointData string
@@ -102,7 +111,8 @@ func GenerateAPIProxyBundle(name string, content string, fileName string, resour
//add set target url
if genapi.GenerateSetTargetPolicy() {
- if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"Set-Target-1.xml", policies.AddSetTargetEndpoint(oasTargetUrlRef)); err != nil {
+ if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"Set-Target-1.xml",
+ policies.AddSetTargetEndpoint(oasTargetUrlRef)); err != nil {
return err
}
}
@@ -110,20 +120,39 @@ func GenerateAPIProxyBundle(name string, content string, fileName string, resour
//add security policies
for _, securityScheme := range genapi.GetSecuritySchemesList() {
if securityScheme.APIKeyPolicy.APIKeyPolicyEnabled {
- if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"Verify-API-Key-"+securityScheme.SchemeName+".xml", policies.AddVerifyApiKeyPolicy(securityScheme.APIKeyPolicy.APIKeyLocation, securityScheme.SchemeName, securityScheme.APIKeyPolicy.APIKeyName)); err != nil {
+ if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"Verify-API-Key-"+securityScheme.SchemeName+".xml",
+ policies.AddVerifyApiKeyPolicy(securityScheme.APIKeyPolicy.APIKeyLocation,
+ securityScheme.SchemeName,
+ securityScheme.APIKeyPolicy.APIKeyName)); err != nil {
return err
}
}
if securityScheme.OAuthPolicy.OAuthPolicyEnabled {
- if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"OAuth-v20-1.xml", policies.AddOAuth2Policy()); err != nil {
+ if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"OAuth-v20-1.xml",
+ policies.AddOAuth2Policy()); err != nil {
return err
}
}
}
+ //add quota policies
+ for quotaPolicyName, quotaPolicyContent := range genapi.GetQuotaPolicies() {
+ if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"Quota-"+quotaPolicyName+".xml", quotaPolicyContent); err != nil {
+ return err
+ }
+ }
+
+ //add spike arrest policies
+ for spikeArrestPolicyName, spikeArrestPolicyContent := range genapi.GetSpikeArrestPolicies() {
+ if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"Spike-Arrest-"+spikeArrestPolicyName+".xml", spikeArrestPolicyContent); err != nil {
+ return err
+ }
+ }
+
if !skipPolicy {
//add oas policy
- if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"OpenAPI-Spec-Validation-1.xml", policies.AddOpenAPIValidatePolicy(fileName)); err != nil {
+ if err = writeXMLData(policiesDirPath+string(os.PathSeparator)+"OpenAPI-Spec-Validation-1.xml",
+ policies.AddOpenAPIValidatePolicy(fileName)); err != nil {
return err
}
}
diff --git a/md.zip b/md.zip
new file mode 100644
index 00000000..4f883ca3
Binary files /dev/null and b/md.zip differ
diff --git a/test/md-ext1.yaml b/test/md-ext1.yaml
new file mode 100644
index 00000000..315813d9
--- /dev/null
+++ b/test/md-ext1.yaml
@@ -0,0 +1,92 @@
+openapi: 3.0.3
+info:
+ version: 0.0.1
+ title: Masterdata microservice
+ description: |
+ Masterdata microservice
+servers:
+ - url: https://my.example.com/md
+security:
+ - ApiKeyAuth: []
+
+x-google-ratelimit:
+ - name: md
+ rate-literal: 10pm
+ identifier-ref: request.header.url #optional
+
+paths:
+ '/':
+ get:
+ summary: 'List `Masterdata` objects.'
+ description: |
+ Fetches list of masterdata of all items we carry
+ # This is an array of GET operation parameters:
+ responses:
+ '200':
+ description: Successful response
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ persons:
+ type: array
+ items:
+ $ref: '#/components/schemas/ListOfMasterdata'
+ nextPageToken:
+ description: |
+ A token which can be sent as `pageToken`
+ to retrieve the next page.
+ type: string
+ '/{name}':
+ get:
+ description: 'Retrieve a single Person object.'
+ parameters:
+ - name: name
+ in: path
+ description: |
+ Unique identifier of the desired person object.
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ description: Successful response
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Masterdata'
+ '404':
+ description: 'Item was not found'
+components:
+ securitySchemes:
+ ApiKeyAuth:
+ type: apiKey
+ in: header
+ name: X-API-KEY
+ schemas:
+ ListOfMasterdata:
+ title: List of Masterdata
+ type: array
+ items:
+ $ref: '#/components/schemas/Masterdata'
+ Masterdata:
+ title: Masterdata
+ type: object
+ properties:
+ name:
+ description: |
+ name of the item
+ Format: `persons/{personId}`
+ type: string
+ example: "md/a353-x51d"
+ pattern: 'md\/[a-z0-9-]+'
+ desc:
+ description: 'the description of the item'
+ type: string
+ imgUrl:
+ description: 'the url to the image'
+ type: string
+ id:
+ description: 'uuid of the item in question (internal only)'
+ type: string
diff --git a/test/petstore-ext1.yaml b/test/petstore-ext1.yaml
new file mode 100644
index 00000000..4987e007
--- /dev/null
+++ b/test/petstore-ext1.yaml
@@ -0,0 +1,753 @@
+openapi: 3.0.0
+servers:
+ - url: 'https://petstore.swagger.io/v2'
+info:
+ description: >-
+ This is a sample server Petstore server. For this sample, you can use the api key
+ `special-key` to test the authorization filters.
+ version: 1.0.0
+ title: OpenAPI Petstore
+ license:
+ name: Apache-2.0
+ url: 'https://www.apache.org/licenses/LICENSE-2.0.html'
+tags:
+ - name: pet
+ description: Everything about your Pets
+ - name: store
+ description: Access to Petstore orders
+ - name: user
+ description: Operations about user
+
+x-google-ratelimit:
+ - name: test1
+ rate-literal: 10ps
+ identifier-ref: request.header.url #optional
+
+paths:
+ /pet:
+ post:
+ tags:
+ - pet
+ summary: Add a new pet to the store
+ description: ''
+ operationId: addPet
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ '405':
+ description: Invalid input
+ x-google-quota:
+ - name: test2
+ interval-literal: 1
+ timeunit-literal: minute
+ allow-literal: 1
+ #interval-ref: propertyset.quota.interval
+ #timeunit-ref: propertyset.quota.timeunit
+ #allow-ref: propertyset.quota.allow
+ #useQuotaConfigInAPIProduct: Verify-Api-Key-api_key
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ requestBody:
+ $ref: '#/components/requestBodies/Pet'
+ put:
+ tags:
+ - pet
+ summary: Update an existing pet
+ description: ''
+ operationId: updatePet
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ '400':
+ description: Invalid ID supplied
+ '404':
+ description: Pet not found
+ '405':
+ description: Validation exception
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ requestBody:
+ $ref: '#/components/requestBodies/Pet'
+ /pet/findByStatus:
+ get:
+ tags:
+ - pet
+ summary: Finds Pets by status
+ description: Multiple status values can be provided with comma separated strings
+ operationId: findPetsByStatus
+ parameters:
+ - name: status
+ in: query
+ description: Status values that need to be considered for filter
+ required: true
+ style: form
+ explode: false
+ deprecated: true
+ schema:
+ type: array
+ items:
+ type: string
+ enum:
+ - available
+ - pending
+ - sold
+ default: available
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ '400':
+ description: Invalid status value
+ security:
+ - petstore_auth:
+ - 'read:pets'
+ /pet/findByTags:
+ get:
+ tags:
+ - pet
+ summary: Finds Pets by tags
+ description: >-
+ Multiple tags can be provided with comma separated strings. Use tag1,
+ tag2, tag3 for testing.
+ operationId: findPetsByTags
+ parameters:
+ - name: tags
+ in: query
+ description: Tags to filter by
+ required: true
+ style: form
+ explode: false
+ schema:
+ type: array
+ items:
+ type: string
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ '400':
+ description: Invalid tag value
+ security:
+ - petstore_auth:
+ - 'read:pets'
+ deprecated: true
+ '/pet/{petId}':
+ get:
+ tags:
+ - pet
+ summary: Find pet by ID
+ description: Returns a single pet
+ operationId: getPetById
+ parameters:
+ - name: petId
+ in: path
+ description: ID of pet to return
+ required: true
+ schema:
+ type: integer
+ format: int64
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ '400':
+ description: Invalid ID supplied
+ '404':
+ description: Pet not found
+ security:
+ - api_key: []
+ post:
+ tags:
+ - pet
+ summary: Updates a pet in the store with form data
+ description: ''
+ operationId: updatePetWithForm
+ parameters:
+ - name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ schema:
+ type: integer
+ format: int64
+ responses:
+ '405':
+ description: Invalid input
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ requestBody:
+ content:
+ application/x-www-form-urlencoded:
+ schema:
+ type: object
+ properties:
+ name:
+ description: Updated name of the pet
+ type: string
+ status:
+ description: Updated status of the pet
+ type: string
+ delete:
+ tags:
+ - pet
+ summary: Deletes a pet
+ description: ''
+ operationId: deletePet
+ parameters:
+ - name: api_key
+ in: header
+ required: false
+ schema:
+ type: string
+ - name: petId
+ in: path
+ description: Pet id to delete
+ required: true
+ schema:
+ type: integer
+ format: int64
+ responses:
+ '400':
+ description: Invalid pet value
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ '/pet/{petId}/uploadImage':
+ post:
+ tags:
+ - pet
+ summary: uploads an image
+ description: ''
+ operationId: uploadFile
+ parameters:
+ - name: petId
+ in: path
+ description: ID of pet to update
+ required: true
+ schema:
+ type: integer
+ format: int64
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ApiResponse'
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ additionalMetadata:
+ description: Additional data to pass to server
+ type: string
+ file:
+ description: file to upload
+ type: string
+ format: binary
+ /store/inventory:
+ get:
+ tags:
+ - store
+ summary: Returns pet inventories by status
+ description: Returns a map of status codes to quantities
+ operationId: getInventory
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/json:
+ schema:
+ type: object
+ additionalProperties:
+ type: integer
+ format: int32
+ security:
+ - api_key: []
+ /store/order:
+ post:
+ tags:
+ - store
+ summary: Place an order for a pet
+ description: ''
+ operationId: placeOrder
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Order'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Order'
+ '400':
+ description: Invalid Order
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Order'
+ description: order placed for purchasing the pet
+ required: true
+ '/store/order/{orderId}':
+ get:
+ tags:
+ - store
+ summary: Find purchase order by ID
+ description: >-
+ For valid response try integer IDs with value <= 5 or > 10. Other values
+ will generated exceptions
+ operationId: getOrderById
+ parameters:
+ - name: orderId
+ in: path
+ description: ID of pet that needs to be fetched
+ required: true
+ schema:
+ type: integer
+ format: int64
+ minimum: 1
+ maximum: 5
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Order'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Order'
+ '400':
+ description: Invalid ID supplied
+ '404':
+ description: Order not found
+ delete:
+ tags:
+ - store
+ summary: Delete purchase order by ID
+ description: >-
+ For valid response try integer IDs with value < 1000. Anything above
+ 1000 or nonintegers will generate API errors
+ operationId: deleteOrder
+ parameters:
+ - name: orderId
+ in: path
+ description: ID of the order that needs to be deleted
+ required: true
+ schema:
+ type: string
+ responses:
+ '400':
+ description: Invalid ID supplied
+ '404':
+ description: Order not found
+ /user:
+ post:
+ tags:
+ - user
+ summary: Create user
+ description: This can only be done by the logged in user.
+ operationId: createUser
+ responses:
+ default:
+ description: successful operation
+ security:
+ - api_key: []
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ description: Created user object
+ required: true
+ /user/createWithArray:
+ post:
+ tags:
+ - user
+ summary: Creates list of users with given input array
+ description: ''
+ operationId: createUsersWithArrayInput
+ responses:
+ default:
+ description: successful operation
+ security:
+ - api_key: []
+ requestBody:
+ $ref: '#/components/requestBodies/UserArray'
+ /user/createWithList:
+ post:
+ tags:
+ - user
+ summary: Creates list of users with given input array
+ description: ''
+ operationId: createUsersWithListInput
+ responses:
+ default:
+ description: successful operation
+ security:
+ - api_key: []
+ requestBody:
+ $ref: '#/components/requestBodies/UserArray'
+ /user/login:
+ get:
+ tags:
+ - user
+ summary: Logs user into the system
+ description: ''
+ operationId: loginUser
+ parameters:
+ - name: username
+ in: query
+ description: The user name for login
+ required: true
+ schema:
+ type: string
+ pattern: '^[a-zA-Z0-9]+[a-zA-Z0-9\.\-_]*[a-zA-Z0-9]+$'
+ - name: password
+ in: query
+ description: The password for login in clear text
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ description: successful operation
+ headers:
+ Set-Cookie:
+ description: >-
+ Cookie authentication key for use with the `api_key`
+ apiKey authentication.
+ schema:
+ type: string
+ example: AUTH_KEY=abcde12345; Path=/; HttpOnly
+ X-Rate-Limit:
+ description: calls per hour allowed by the user
+ schema:
+ type: integer
+ format: int32
+ X-Expires-After:
+ description: date in UTC when token expires
+ schema:
+ type: string
+ format: date-time
+ content:
+ application/xml:
+ schema:
+ type: string
+ application/json:
+ schema:
+ type: string
+ '400':
+ description: Invalid username/password supplied
+ /user/logout:
+ get:
+ tags:
+ - user
+ summary: Logs out current logged in user session
+ description: ''
+ operationId: logoutUser
+ responses:
+ default:
+ description: successful operation
+ security:
+ - api_key: []
+ '/user/{username}':
+ get:
+ tags:
+ - user
+ summary: Get user by user name
+ description: ''
+ operationId: getUserByName
+ parameters:
+ - name: username
+ in: path
+ description: The name that needs to be fetched. Use user1 for testing.
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/User'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ '400':
+ description: Invalid username supplied
+ '404':
+ description: User not found
+ put:
+ tags:
+ - user
+ summary: Updated user
+ description: This can only be done by the logged in user.
+ operationId: updateUser
+ parameters:
+ - name: username
+ in: path
+ description: name that need to be deleted
+ required: true
+ schema:
+ type: string
+ responses:
+ '400':
+ description: Invalid user supplied
+ '404':
+ description: User not found
+ security:
+ - api_key: []
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ description: Updated user object
+ required: true
+ delete:
+ tags:
+ - user
+ summary: Delete user
+ description: This can only be done by the logged in user.
+ operationId: deleteUser
+ parameters:
+ - name: username
+ in: path
+ description: The name that needs to be deleted
+ required: true
+ schema:
+ type: string
+ responses:
+ '400':
+ description: Invalid username supplied
+ '404':
+ description: User not found
+ security:
+ - api_key: []
+externalDocs:
+ description: Find out more about Swagger
+ url: 'http://swagger.io'
+components:
+ requestBodies:
+ UserArray:
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/User'
+ description: List of user object
+ required: true
+ Pet:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ description: Pet object that needs to be added to the store
+ required: true
+ securitySchemes:
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: 'http://petstore.swagger.io/api/oauth/dialog'
+ scopes:
+ 'write:pets': modify pets in your account
+ 'read:pets': read your pets
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+ schemas:
+ Order:
+ title: Pet Order
+ description: An order for a pets from the pet store
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ petId:
+ type: integer
+ format: int64
+ quantity:
+ type: integer
+ format: int32
+ shipDate:
+ type: string
+ format: date-time
+ status:
+ type: string
+ description: Order Status
+ enum:
+ - placed
+ - approved
+ - delivered
+ complete:
+ type: boolean
+ default: false
+ xml:
+ name: Order
+ Category:
+ title: Pet category
+ description: A category for a pet
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ pattern: '^[a-zA-Z0-9]+[a-zA-Z0-9\.\-_]*[a-zA-Z0-9]+$'
+ xml:
+ name: Category
+ User:
+ title: a User
+ description: A User who is purchasing from the pet store
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ username:
+ type: string
+ firstName:
+ type: string
+ lastName:
+ type: string
+ email:
+ type: string
+ password:
+ type: string
+ phone:
+ type: string
+ userStatus:
+ type: integer
+ format: int32
+ description: User Status
+ xml:
+ name: User
+ Tag:
+ title: Pet Tag
+ description: A tag for a pet
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ xml:
+ name: Tag
+ Pet:
+ title: a Pet
+ description: A pet for sale in the pet store
+ type: object
+ required:
+ - name
+ - photoUrls
+ properties:
+ id:
+ type: integer
+ format: int64
+ category:
+ $ref: '#/components/schemas/Category'
+ name:
+ type: string
+ example: doggie
+ photoUrls:
+ type: array
+ xml:
+ name: photoUrl
+ wrapped: true
+ items:
+ type: string
+ tags:
+ type: array
+ xml:
+ name: tag
+ wrapped: true
+ items:
+ $ref: '#/components/schemas/Tag'
+ status:
+ type: string
+ description: pet status in the store
+ deprecated: true
+ enum:
+ - available
+ - pending
+ - sold
+ xml:
+ name: Pet
+ ApiResponse:
+ title: An uploaded response
+ description: Describes the result of uploading an image resource
+ type: object
+ properties:
+ code:
+ type: integer
+ format: int32
+ type:
+ type: string
+ message:
+ type: string
diff --git a/test/petstore.yaml b/test/petstore.yaml
new file mode 100644
index 00000000..cdb4ac80
--- /dev/null
+++ b/test/petstore.yaml
@@ -0,0 +1,738 @@
+openapi: 3.0.0
+servers:
+ - url: 'https://petstore.swagger.io/v2'
+info:
+ description: >-
+ This is a sample server Petstore server. For this sample, you can use the api key
+ `special-key` to test the authorization filters.
+ version: 1.0.0
+ title: OpenAPI Petstore
+ license:
+ name: Apache-2.0
+ url: 'https://www.apache.org/licenses/LICENSE-2.0.html'
+tags:
+ - name: pet
+ description: Everything about your Pets
+ - name: store
+ description: Access to Petstore orders
+ - name: user
+ description: Operations about user
+paths:
+ /pet:
+ post:
+ tags:
+ - pet
+ summary: Add a new pet to the store
+ description: ''
+ operationId: addPet
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ '405':
+ description: Invalid input
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ requestBody:
+ $ref: '#/components/requestBodies/Pet'
+ put:
+ tags:
+ - pet
+ summary: Update an existing pet
+ description: ''
+ operationId: updatePet
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ '400':
+ description: Invalid ID supplied
+ '404':
+ description: Pet not found
+ '405':
+ description: Validation exception
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ requestBody:
+ $ref: '#/components/requestBodies/Pet'
+ /pet/findByStatus:
+ get:
+ tags:
+ - pet
+ summary: Finds Pets by status
+ description: Multiple status values can be provided with comma separated strings
+ operationId: findPetsByStatus
+ parameters:
+ - name: status
+ in: query
+ description: Status values that need to be considered for filter
+ required: true
+ style: form
+ explode: false
+ deprecated: true
+ schema:
+ type: array
+ items:
+ type: string
+ enum:
+ - available
+ - pending
+ - sold
+ default: available
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ '400':
+ description: Invalid status value
+ security:
+ - petstore_auth:
+ - 'read:pets'
+ /pet/findByTags:
+ get:
+ tags:
+ - pet
+ summary: Finds Pets by tags
+ description: >-
+ Multiple tags can be provided with comma separated strings. Use tag1,
+ tag2, tag3 for testing.
+ operationId: findPetsByTags
+ parameters:
+ - name: tags
+ in: query
+ description: Tags to filter by
+ required: true
+ style: form
+ explode: false
+ schema:
+ type: array
+ items:
+ type: string
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Pet'
+ '400':
+ description: Invalid tag value
+ security:
+ - petstore_auth:
+ - 'read:pets'
+ deprecated: true
+ '/pet/{petId}':
+ get:
+ tags:
+ - pet
+ summary: Find pet by ID
+ description: Returns a single pet
+ operationId: getPetById
+ parameters:
+ - name: petId
+ in: path
+ description: ID of pet to return
+ required: true
+ schema:
+ type: integer
+ format: int64
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ '400':
+ description: Invalid ID supplied
+ '404':
+ description: Pet not found
+ security:
+ - api_key: []
+ post:
+ tags:
+ - pet
+ summary: Updates a pet in the store with form data
+ description: ''
+ operationId: updatePetWithForm
+ parameters:
+ - name: petId
+ in: path
+ description: ID of pet that needs to be updated
+ required: true
+ schema:
+ type: integer
+ format: int64
+ responses:
+ '405':
+ description: Invalid input
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ requestBody:
+ content:
+ application/x-www-form-urlencoded:
+ schema:
+ type: object
+ properties:
+ name:
+ description: Updated name of the pet
+ type: string
+ status:
+ description: Updated status of the pet
+ type: string
+ delete:
+ tags:
+ - pet
+ summary: Deletes a pet
+ description: ''
+ operationId: deletePet
+ parameters:
+ - name: api_key
+ in: header
+ required: false
+ schema:
+ type: string
+ - name: petId
+ in: path
+ description: Pet id to delete
+ required: true
+ schema:
+ type: integer
+ format: int64
+ responses:
+ '400':
+ description: Invalid pet value
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ '/pet/{petId}/uploadImage':
+ post:
+ tags:
+ - pet
+ summary: uploads an image
+ description: ''
+ operationId: uploadFile
+ parameters:
+ - name: petId
+ in: path
+ description: ID of pet to update
+ required: true
+ schema:
+ type: integer
+ format: int64
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ApiResponse'
+ security:
+ - petstore_auth:
+ - 'write:pets'
+ - 'read:pets'
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ additionalMetadata:
+ description: Additional data to pass to server
+ type: string
+ file:
+ description: file to upload
+ type: string
+ format: binary
+ /store/inventory:
+ get:
+ tags:
+ - store
+ summary: Returns pet inventories by status
+ description: Returns a map of status codes to quantities
+ operationId: getInventory
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/json:
+ schema:
+ type: object
+ additionalProperties:
+ type: integer
+ format: int32
+ security:
+ - api_key: []
+ /store/order:
+ post:
+ tags:
+ - store
+ summary: Place an order for a pet
+ description: ''
+ operationId: placeOrder
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Order'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Order'
+ '400':
+ description: Invalid Order
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Order'
+ description: order placed for purchasing the pet
+ required: true
+ '/store/order/{orderId}':
+ get:
+ tags:
+ - store
+ summary: Find purchase order by ID
+ description: >-
+ For valid response try integer IDs with value <= 5 or > 10. Other values
+ will generated exceptions
+ operationId: getOrderById
+ parameters:
+ - name: orderId
+ in: path
+ description: ID of pet that needs to be fetched
+ required: true
+ schema:
+ type: integer
+ format: int64
+ minimum: 1
+ maximum: 5
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Order'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Order'
+ '400':
+ description: Invalid ID supplied
+ '404':
+ description: Order not found
+ delete:
+ tags:
+ - store
+ summary: Delete purchase order by ID
+ description: >-
+ For valid response try integer IDs with value < 1000. Anything above
+ 1000 or nonintegers will generate API errors
+ operationId: deleteOrder
+ parameters:
+ - name: orderId
+ in: path
+ description: ID of the order that needs to be deleted
+ required: true
+ schema:
+ type: string
+ responses:
+ '400':
+ description: Invalid ID supplied
+ '404':
+ description: Order not found
+ /user:
+ post:
+ tags:
+ - user
+ summary: Create user
+ description: This can only be done by the logged in user.
+ operationId: createUser
+ responses:
+ default:
+ description: successful operation
+ security:
+ - api_key: []
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ description: Created user object
+ required: true
+ /user/createWithArray:
+ post:
+ tags:
+ - user
+ summary: Creates list of users with given input array
+ description: ''
+ operationId: createUsersWithArrayInput
+ responses:
+ default:
+ description: successful operation
+ security:
+ - api_key: []
+ requestBody:
+ $ref: '#/components/requestBodies/UserArray'
+ /user/createWithList:
+ post:
+ tags:
+ - user
+ summary: Creates list of users with given input array
+ description: ''
+ operationId: createUsersWithListInput
+ responses:
+ default:
+ description: successful operation
+ security:
+ - api_key: []
+ requestBody:
+ $ref: '#/components/requestBodies/UserArray'
+ /user/login:
+ get:
+ tags:
+ - user
+ summary: Logs user into the system
+ description: ''
+ operationId: loginUser
+ parameters:
+ - name: username
+ in: query
+ description: The user name for login
+ required: true
+ schema:
+ type: string
+ pattern: '^[a-zA-Z0-9]+[a-zA-Z0-9\.\-_]*[a-zA-Z0-9]+$'
+ - name: password
+ in: query
+ description: The password for login in clear text
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ description: successful operation
+ headers:
+ Set-Cookie:
+ description: >-
+ Cookie authentication key for use with the `api_key`
+ apiKey authentication.
+ schema:
+ type: string
+ example: AUTH_KEY=abcde12345; Path=/; HttpOnly
+ X-Rate-Limit:
+ description: calls per hour allowed by the user
+ schema:
+ type: integer
+ format: int32
+ X-Expires-After:
+ description: date in UTC when token expires
+ schema:
+ type: string
+ format: date-time
+ content:
+ application/xml:
+ schema:
+ type: string
+ application/json:
+ schema:
+ type: string
+ '400':
+ description: Invalid username/password supplied
+ /user/logout:
+ get:
+ tags:
+ - user
+ summary: Logs out current logged in user session
+ description: ''
+ operationId: logoutUser
+ responses:
+ default:
+ description: successful operation
+ security:
+ - api_key: []
+ '/user/{username}':
+ get:
+ tags:
+ - user
+ summary: Get user by user name
+ description: ''
+ operationId: getUserByName
+ parameters:
+ - name: username
+ in: path
+ description: The name that needs to be fetched. Use user1 for testing.
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ description: successful operation
+ content:
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/User'
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ '400':
+ description: Invalid username supplied
+ '404':
+ description: User not found
+ put:
+ tags:
+ - user
+ summary: Updated user
+ description: This can only be done by the logged in user.
+ operationId: updateUser
+ parameters:
+ - name: username
+ in: path
+ description: name that need to be deleted
+ required: true
+ schema:
+ type: string
+ responses:
+ '400':
+ description: Invalid user supplied
+ '404':
+ description: User not found
+ security:
+ - api_key: []
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ description: Updated user object
+ required: true
+ delete:
+ tags:
+ - user
+ summary: Delete user
+ description: This can only be done by the logged in user.
+ operationId: deleteUser
+ parameters:
+ - name: username
+ in: path
+ description: The name that needs to be deleted
+ required: true
+ schema:
+ type: string
+ responses:
+ '400':
+ description: Invalid username supplied
+ '404':
+ description: User not found
+ security:
+ - api_key: []
+externalDocs:
+ description: Find out more about Swagger
+ url: 'http://swagger.io'
+components:
+ requestBodies:
+ UserArray:
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/User'
+ description: List of user object
+ required: true
+ Pet:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ application/xml:
+ schema:
+ $ref: '#/components/schemas/Pet'
+ description: Pet object that needs to be added to the store
+ required: true
+ securitySchemes:
+ petstore_auth:
+ type: oauth2
+ flows:
+ implicit:
+ authorizationUrl: 'http://petstore.swagger.io/api/oauth/dialog'
+ scopes:
+ 'write:pets': modify pets in your account
+ 'read:pets': read your pets
+ api_key:
+ type: apiKey
+ name: api_key
+ in: header
+ schemas:
+ Order:
+ title: Pet Order
+ description: An order for a pets from the pet store
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ petId:
+ type: integer
+ format: int64
+ quantity:
+ type: integer
+ format: int32
+ shipDate:
+ type: string
+ format: date-time
+ status:
+ type: string
+ description: Order Status
+ enum:
+ - placed
+ - approved
+ - delivered
+ complete:
+ type: boolean
+ default: false
+ xml:
+ name: Order
+ Category:
+ title: Pet category
+ description: A category for a pet
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ pattern: '^[a-zA-Z0-9]+[a-zA-Z0-9\.\-_]*[a-zA-Z0-9]+$'
+ xml:
+ name: Category
+ User:
+ title: a User
+ description: A User who is purchasing from the pet store
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ username:
+ type: string
+ firstName:
+ type: string
+ lastName:
+ type: string
+ email:
+ type: string
+ password:
+ type: string
+ phone:
+ type: string
+ userStatus:
+ type: integer
+ format: int32
+ description: User Status
+ xml:
+ name: User
+ Tag:
+ title: Pet Tag
+ description: A tag for a pet
+ type: object
+ properties:
+ id:
+ type: integer
+ format: int64
+ name:
+ type: string
+ xml:
+ name: Tag
+ Pet:
+ title: a Pet
+ description: A pet for sale in the pet store
+ type: object
+ required:
+ - name
+ - photoUrls
+ properties:
+ id:
+ type: integer
+ format: int64
+ category:
+ $ref: '#/components/schemas/Category'
+ name:
+ type: string
+ example: doggie
+ photoUrls:
+ type: array
+ xml:
+ name: photoUrl
+ wrapped: true
+ items:
+ type: string
+ tags:
+ type: array
+ xml:
+ name: tag
+ wrapped: true
+ items:
+ $ref: '#/components/schemas/Tag'
+ status:
+ type: string
+ description: pet status in the store
+ deprecated: true
+ enum:
+ - available
+ - pending
+ - sold
+ xml:
+ name: Pet
+ ApiResponse:
+ title: An uploaded response
+ description: Describes the result of uploading an image resource
+ type: object
+ properties:
+ code:
+ type: integer
+ format: int32
+ type:
+ type: string
+ message:
+ type: string