Press n or j to go to the next uncovered block, b, p or k for the previous block.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 | 29x 29x 29x 65x 65x 65x 65x 65x 65x 65x 65x 19x 19x 19x 19x 2x 17x 1x 16x 6x 6x 1x 6x 1x 10x 8x 8x 1x 7x 1x 6x 6x 6x 6x 6x 6x 1x 6x 1x 2x 1x 1x 1x 1x 1x 1x 65x | /** * Copyright 2019 IBM All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ // Assertation 1: `type` is a necessary property and has four possible values: `apiKey`, `HTTP`, `oauth2`, `openIdConnect` // Assertation 2: name property is required for `apiKey` type // Assertation 3: `in` property is required for `apiKey` type, valid values are: `query`, `header` or `cookie` // Assertation 4: `scheme` property` is required for `http` type // Assertation 5: `flows` object is required for `oauth2` type // Assertation 6: `opedIdConnectUrl` property is required for `openIdConnect` and must be a valid url const stringValidator = require('validator'); const MessageCarrier = require('../../../utils/messageCarrier'); module.exports.validate = function({ resolvedSpec }) { const messages = new MessageCarrier(); const API_KEY = 'apiKey'; const OAUTH2 = 'oauth2'; const HTTP = 'http'; const OPENID_CONNECT = 'openIdConnect'; const authTypes = [API_KEY, HTTP, OAUTH2, OPENID_CONNECT]; const securitySchemes = resolvedSpec.components && resolvedSpec.components.securitySchemes; for (const key in securitySchemes) { const path = `securitySchemes.${key}`; const security = securitySchemes[key]; const type = security.type; if (!type) { messages.addMessage( path, 'security scheme is missing required field `type`', 'error' ); } else if (authTypes.indexOf(type) === -1) { messages.addMessage( path + '.type', '`type` must have one of the following types: `apiKey`, `oauth2`, `http`, `openIdConnect`', 'error' ); } else if (type === API_KEY) { //apiKey validation const authIn = security.in; if (!authIn || !['query', 'header', 'cookie'].includes(authIn)) { messages.addMessage( path + '.in', "apiKey authorization must have required 'in' property, valid values are 'query' or 'header' or 'cookie'.", 'error' ); } if (!security.name) { messages.addMessage( path, "apiKey authorization must have required 'name' string property. The name of the header or query property to be used.", 'error' ); } } // oauth2 validation else if (type === OAUTH2) { const flows = security.flows; if (!flows) { messages.addMessage( path, "oauth2 authorization must have required 'flows' property", 'error' ); } else if (flows.authorizationCode && !flows.authorizationCode.tokenUrl) { messages.addMessage( path + '.flows.authorizationCode', "flow must have required 'tokenUrl' property if type is `authorizationCode`", 'error' ); } else Iif (flows.password && !flows.password.tokenUrl) { messages.addMessage( path + '.flows.password', "flow must have required 'tokenUrl' property if type is `password`", 'error' ); } else Iif (flows.clientCredentials && !flows.clientCredentials.tokenUrl) { messages.addMessage( path + '.flows.clientCredentials', "flow must have required 'tokenUrl' property if type is `clientCredentials`", 'error' ); } else Iif ( !flows.implicit && !flows.authorizationCode && !flows.password && !flows.clientCredentials ) { messages.addMessage( path + '.flows', "oauth2 authorization `flows` must have one of the following properties: 'implicit', 'password', 'clientCredentials' or 'authorizationCode'", 'error' ); } else Eif (flows.implicit) { const authorizationUrl = flows.implicit.authorizationUrl; if (!authorizationUrl) { messages.addMessage( path + '.flows.implicit', "oauth2 implicit flow must have required 'authorizationUrl' property", 'error' ); } if (!flows.implicit.scopes) { messages.addMessage( path + '.flows.implicit', "oauth2 authorization implicit flow must have required 'scopes' property.", 'error' ); } } else if (flows.authorizationCode) { const authorizationUrl = flows.authorizationCode.authorizationUrl; if (!authorizationUrl) { messages.addMessage( path + 'flows.authorizationCode', "oauth2 authorizationCode flow must have required 'authorizationUrl' property.", 'error' ); } } else if (flows.password) { const tokenUrl = flows.password.tokenUrl; if (!tokenUrl) { messages.addMessage( path + '.flows.password', "oauth2 authorization password flow must have required 'tokenUrl' property.", 'error' ); } } else if (flows.clientCredentials) { if (!flows.clientCredentials.tokenUrl) { messages.addMessage( path + '.flows.clientCredentials', "oauth2 authorization clientCredentials flow must have required 'tokenUrl' property.", 'error' ); } } } else if (type === HTTP) { //scheme is required Eif (!security.scheme) { messages.addMessage( path, 'scheme must be defined for type `http`', 'error' ); } } else Eif (type == OPENID_CONNECT) { const openIdConnectURL = security.openIdConnectUrl; Eif ( !openIdConnectURL || typeof openIdConnectURL !== 'string' || !stringValidator.isURL(openIdConnectURL) ) { messages.addMessage( path, 'openIdConnectUrl must be defined for openIdConnect property and must be a valid URL', 'error' ); } } } return messages; }; |