VerifySpecCallback.kt

  1. package com.hexagonkt.rest.tools.openapi

  3. import com.atlassian.oai.validator.OpenApiInteractionValidator
  4. import com.atlassian.oai.validator.OpenApiInteractionValidator.createForInlineApiSpecification
  5. import com.atlassian.oai.validator.model.Request
  6. import com.atlassian.oai.validator.model.Request.Method
  7. import com.atlassian.oai.validator.model.Response
  8. import com.atlassian.oai.validator.model.SimpleRequest
  9. import com.atlassian.oai.validator.model.SimpleResponse
  10. import com.atlassian.oai.validator.report.ValidationReport
  11. import com.atlassian.oai.validator.report.ValidationReport.Message
  12. import com.hexagonkt.http.handlers.HttpCallback
  13. import com.hexagonkt.http.handlers.HttpContext
  14. import com.hexagonkt.http.model.ContentType
  15. import com.hexagonkt.http.model.HttpMethod
  16. import com.hexagonkt.http.model.HttpMethod.*
  17. import java.net.URL
  18. import kotlin.jvm.optionals.getOrNull

  20. /**
  21.  * Callback that verifies server calls comply with a given OpenAPI spec.
  22.  *
  23.  * @param spec Location of the spec used to validate HTTP calls.
  24.  */
  25. class VerifySpecCallback(spec: URL) : HttpCallback {

  27.     private val messagePrefix: String = "\n- "
  28.     private val specText: String = spec.readText()
  29.     private val validator: OpenApiInteractionValidator =
  30.         createForInlineApiSpecification(specText).build()

  32.     override fun invoke(context: HttpContext): HttpContext {
  33.         val requestReport = validator.validateRequest(request(context))

  35.         val result = context.next()

  37.         val resultMethod = method(result.method)
  38.         val responseReport = validator.validateResponse(result.path, resultMethod, response(result))

  40.         val callReport = responseReport.merge(requestReport)

  42.         return if (callReport.hasErrors()) result.badRequest(message(callReport))
  43.         else result
  44.     }

  46.     private fun message(report: ValidationReport): String {
  47.         val messages = report.messages.map(::messageToText).distinct()
  48.         return messages.joinToString(messagePrefix, "Invalid call:$messagePrefix")
  49.     }

  51.     private fun messageToText(it: Message): String {
  52.         val level = it.level
  53.         val key = it.key
  54.         val context = it.context
  55.             .map { c ->
  56.                 val op = c.apiOperation
  57.                     .getOrNull()
  58.                     ?.let { ao ->
  59.                         val method = ao.method
  60.                         val apiPath = ao.apiPath
  61.                         "$method ${apiPath.normalised()}"
  62.                     }
  63.                     ?: ""

  65.                 val loc = c.location.getOrNull()?.name ?: ""

  67.                 "$op $loc"
  68.             }
  69.             .orElse("")

  71.         val message = it.message
  72.         val additionalInfo = it.additionalInfo
  73.         val nestedMessages = it.nestedMessages

  75.         return "$level: $key [$context] $message $additionalInfo $nestedMessages"
  76.     }

  78.     private fun request(context: HttpContext): Request {
  79.         val request = context.request
  80.         val builder = SimpleRequest.Builder(method(context.method), context.path, true)

  82.         if (request.bodyString().isNotEmpty())
  83.             builder.withBody(request.bodyString())

  85.         request.contentType?.text?.let(builder::withContentType)
  86.         request.headers.httpFields.values.forEach { builder.withHeader(it.name, it.strings()) }
  87.         request.accept.map(ContentType::text).forEach(builder::withAccept)
  88.         request.authorization?.text?.let(builder::withAuthorization)
  89.         request.queryParameters.httpFields.values.forEach {
  90.             builder.withQueryParam(it.name, it.strings())
  91.         }

  93.         return builder.build()
  94.     }

  96.     private fun response(context: HttpContext): Response {
  97.         val response = context.response
  98.         val builder = SimpleResponse.Builder(context.status.code)

  100.         builder.withBody(response.bodyString())

  102.         response.contentType?.text?.let(builder::withContentType)
  103.         response.headers.httpFields.values.forEach { builder.withHeader(it.name, it.strings()) }

  105.         return builder.build()
  106.     }

  108.     private fun method(method: HttpMethod): Method =
  109.         when (method) {
  110.             GET -> Method.GET
  111.             HEAD -> Method.HEAD
  112.             POST -> Method.POST
  113.             PUT -> Method.PUT
  114.             DELETE -> Method.DELETE
  115.             TRACE -> Method.TRACE
  116.             OPTIONS -> Method.OPTIONS
  117.             PATCH -> Method.PATCH
  118.         }
  119. }
Created with JaCoCo 0.8.12.202403310830