oas-tools / oas-tools Goto Github PK
View Code? Open in Web Editor NEWNodeJS module to manage RESTful APIs defined with OpenAPI 3.0 Specs over express servers.
License: Apache License 2.0
NodeJS module to manage RESTful APIs defined with OpenAPI 3.0 Specs over express servers.
License: Apache License 2.0
Hello,
is there a way how to combine pre-route middleware generated errors and my own validation errors thrown in controller/models?
Eg. returning to frontend one error object with "this parameter doesn't conform to OAS spec format" and "another param (ID for example) already exists in database" (which is not detectable by OAS-tools middleware)?
Thank for answer, you'll save my life.
Google Appengine uses a write only file except for /tmp
, so I'm getting this error:
Error: EROFS: read-only file system, open '/srv/node_modules/oas-tools/swagger-ui/index.html'
at Object.openSync (fs.js:439:3)
at Object.writeFileSync (fs.js:1190:35)
at registerPaths (/srv/node_modules/oas-tools/src/index.js:358:10)
at Object.initializeMiddleware (/srv/node_modules/oas-tools/src/index.js:409:3)
at Object.<anonymous> (/srv/index.js:26:10)
at Module._compile (internal/modules/cjs/loader.js:689:30)
Is there a config setting to change the directory oas-tools writes to?
Integrate swagger-ui so that the APIs can be easily documented and tested.
swagger-tools had the ability to configure swagger-ui.
app.use(middleware.swaggerUi({
apiDocs: '/foo/docs',
swaggerUi: `/foo`,
apiDocsPrefix: '',
swaggerUiPrefix: ''
}));
It would be nice to use the "docs" configuration option to pass an object through to swagger-ui to override default configuration
var options_object = {
controllers: path.join(__dirname, './controllers'),
loglevel: 'info',
strict: false,
router: true,
validator: true,
docs: {
apiDocs: '/foo/docs',
swaggerUi: `/foo`,
apiDocsPrefix: '',
swaggerUiPrefix: ''
}
};
Add a message to show where the swagger-ui docs can be found.
I currently have my swagger files divided across multiple files and use $ref. Is there a way to pass this 'chopped up' version of the swagger file to the initialize function?
Thanks,
Jas
Add more tests to improve code coverage so that it is greater than 80%.
Hi,
I am trying use the oneOf keyword in the OpenApi 3.0 specs. I am using the example on Swagger site (https://swagger.io/docs/specification/data-models/oneof-anyof-allof-not/). My swagger.yml has the following in it:
/testschema:
post:
description: Create app data storage
operationId: testSchema
security:
[]
x-security-scopes:
- Admin
x-swagger-router-controller: public
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/Cat'
- $ref: '#/components/schemas/Dog'
description: The app data schema
required: true
responses:
"200":
description: The app data schema was already initialized
components:
schemas:
Dog:
type: object
properties:
bark:
type: boolean
breed:
type: string
enum: [Dingo, Husky, Retriever, Shepherd]
Cat:
type: object
properties:
hunts:
type: boolean
age:
type: integer
While trying to a Postman call with the following body,
it is not recognizing and giving the below error. If I change the oneOf to anyOf, then everything passes (which also does not seem to be the correct behavior)
{
"bark": true,
"breed": "Dingo"
}
Error received:
[
{
"message": "Wrong data in the body of the request. ",
"error": [
{
"code": "ONE_OF_MULTIPLE",
"params": [],
"message": "Data is valid against more than one schema from 'oneOf'",
"path": "#/"
}
],
"content": {
"bark": "true",
"breed": "Dingo"
}
}
]
Consider the following:
openapi: 3.0.0
security:
- mySecurityScheme: []
- myOtherSecurityScheme: []
components:
securitySchemes:
mySecurityScheme:
name: X-Custom-Header
type: apiKey
in: header
myOtherSecurityScheme:
name: X-Custom-Header
type: apiKey
in: header
When this is passed through the oas-security
middleware, the name
of the definition is changed to the name of the key, in this case mySecurityScheme
and myOtherSecurityScheme
, and when getValue
tries to pull out the value, it will look at headers for that value -- not the actual name of the header.
https://github.com/isa-group/oas-tools/blob/2.1.0/src/middleware/oas-security.js#L101
https://github.com/isa-group/oas-tools/blob/2.1.0/src/middleware/oas-security.js#L10
https://github.com/isa-group/oas-tools/blob/2.1.0/src/middleware/oas-security.js#L24
What ends up happening is req.headers["mySecurityScheme"]
is provided to the verification function, not the actual header defined in the security scheme ("X-Custom-Header").
It's fine if they are both named the same - but in our case we want to do different checks for authorization based upon which security scheme has been applied. We'll need the same header name to be used multiple times for different security schemes... our options look something like this:
//....
securityFile: {
'mySecurityScheme': doVerification('role-name'),
'myOtherSecurityScheme': doVerification('other-role-name')
}
//...
const doVerification = role => (req, definition, header, cb) => {
verify(header, (err, user) => {
if (err || user == null) { return cb(req.res.sendStatus(401)) }
if (user.roles.indexOf(role) === -1) { return cb(req.res.sendStatus(403)) }
cb()
})
}
Responses are also being wrapped with JSON.stringify(); so returned CSV has been modified from what the server is trying to send.
In the OASRouter();
res.send = function (data)
override always calls
arguments[0] = JSON.stringify(arguments[0]);
When it should likely only be called inside the checkResponse() during this section
if (resultType && resultType.essence === 'application/json') {
Hi all , following open api 3.0 spec as below
https://swagger.io/docs/specification/serialization/
result :
debug info
Requested method-url pair: get - /PostlabAI/PostlabAI/1.0.0/run/container/1/command/1?options=0%3D-i%257B%252Fapp%252Finput%252Ffile.txt%257D
should be : options=-i{/app/input/file.txt}
with reserved word like : ' { } /' allowed... but the uri is malformed when I parse that.
Additionally, the allowReserved keyword specifies whether the reserved characters :/?#[]@!$&'()*+,;=
Is there any current method for splitting controllers into sub directories and have the
checkControllers function pass?
Hi,
If i have the following, which is taken from https://swagger.io/docs/specification/describing-responses/:
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/User'
# Definition of all error statuses
default:
description: Unexpected error
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
If we send a response, with response code 500 for example, oas-tools is giving the following error:
[
{
"message": "Wrong response code: 500"
}
]
Any fixes?
Thanks,
Jas
Add security middleware, which should work the same as swagger-security.
Hi,
As long as you report errors right from the framework, please define json schema of these erorrs in order to include it into application API.
It's pretty safe to define json schema, there's https://www.npmjs.com/package/speccy tool for json schema to open api conversion.
If you need a help with schema, don't hesitate to ask me.
I am running into an error where I am hitting the error on line 136 of oas-validator.
Relevant yaml
/branch/:deviceID:
get:
x-router-controller: secure
tags:
- secure
summary: gets branch details
operationId: getBranch
description: Returns a array of objects of branch
parameters:
- in: header
name: X-deviceToken
schema:
type: string
required: true
- in: path
name: deviceID
schema:
type: string
required: true
It looks like req[location][name] is always returned undefined when this is in header
curl -X GET "http://localhost:3000/branch/:deviceID" -H "accept: application/json" -H "X-deviceToken: asdasd"
console.log(params[i])
{ in: 'header',
name: 'X-deviceToken',
schema: { type: 'string' },
required: true }
{ in: 'path',
name: 'deviceID',
schema: { type: 'string' },
required: true }
console.log(location)
header
params
console.log(req[location][name])
undefined
:deviceID
Hi,
First, I'd like to congrats you, these two repositories: oas-generator and oas-tools are really amazing projects, I'm sure they will be so useful in my future projects.
In addition, I thought that could be a good idea having them in the 'awesome' lists which exist across GitHub in order to increment the visibility of them. Here I would like to give you guys these two that I've found:
Cheers.
Using a relative server URL works correctly in Swagger UI. Add it automatically if no localhost server is found.
Add Continuous Integration with Travis.CI
5.4.13
to 5.4.14
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
mongoose is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 18 commits.
35b90d2
chore: release 5.4.14
8dc47a5
docs(schema): add examples for remaining functions
764735b
fix(documentarray): report validation errors that occur in an array subdoc created using create()
and then set()
3fec456
test(documentarray): repro #7504
660fe60
chore: remove unnecessary print statements
13c7a00
docs(schema): add examples to schema functions
270732e
docs(migrating_to_5): link to migrating to 5 docs on the mongoosejs.com website
db79cfc
Merge branch 'master' of github.com:Automattic/mongoose
67754bd
style: fix lint
8e30004
Merge pull request #7530 from sarpik/master
3e44bc2
Merge branch 'master' of github.com:Automattic/mongoose
aa43200
docs: add MongooseError to API docs and add list of error names
0daf626
Merge pull request #7521 from nocksapp/master
8752502
fix anchor tag
b5f1723
chore: now working on 5.4.14
There are 18 commits in total.
See the full diff
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
I've got a NODE_ENV=staging
environment that crashes during load of the OASTools with the following error.
if (newConfigurations.controllers == undefined) { //TODO: Fix this!
TypeError: Cannot read property 'controllers' of undefined
at Object._setConfigurations [as setConfigurations]
(.../node_modules/oas-tools/src/configurations/index.js:67:25)
It appears the default initialization that runs before .configure(options_object)
.
const oasTools = require('oas-tools')
const options_object = {
loglevel: debug
customLogger: null
strict: true
router: true
validator: true
docs: true
oasSecurity: false
securityFile: null
oasAuth: false
grantsFile: null
ignoreUnknownFormats: true
}
oasTools.configure(options_object)
I've hacked a fix by doing this, but it's ugly:
var newConfigurations = jsyaml.safeLoad(configString)[process.env.NODE_ENV === 'production' ? 'production' : 'development'];
1.111.1
to 1.112.0
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 2 commits.
ab6f5c8
Merge pull request #284 from snyk/feat/bump-lockfile-parser
762f056
feat: Bump required lockfile parser version
See the full diff
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
Hi all ,
Please remove the *.git inside the node_module before publishing the package
cause :
npm ERR! code EISGIT
npm ERR! git Refusing to remove it. Update manually,
npm ERR! git or move it out of the way first.
many thanks
openapi: 3.0.0
info:
title: Swagger Petstore
description: 'This is a sample server Petstore server. You can find out more about Swagger
at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, #swagger](http://swagger.io/irc/). For
this sample, you can use the api key `special-key` to test the authorization filters.'
termsOfService: http://swagger.io/terms/
contact:
email: [email protected]
license:
name: Apache 2.0
url: http://www.apache.org/licenses/LICENSE-2.0.html
version: 1.0.0
externalDocs:
description: Find out more about Swagger
url: http://swagger.io
servers:
- url: http://127.0.0.1:8080
tags:
- name: pet
description: Everything about your Pets
externalDocs:
description: Find out more
url: http://swagger.io
- name: store
description: Access to Petstore orders
- name: user
description: Operations about user
externalDocs:
description: Find out more about our store
url: http://swagger.io
paths:
/pet:
put:
tags:
- pet
summary: Update an existing pet
operationId: updatePet
requestBody:
description: Pet object that needs to be added to the store
content:
application/json:
schema:
$ref: '#/components/schemas/Pet'
application/xml:
schema:
$ref: '#/components/schemas/Pet'
required: true
responses:
400:
description: Invalid ID supplied
content: {}
404:
description: Pet not found
content: {}
405:
description: Validation exception
content: {}
security:
- petstore_auth:
- write:pets
- read:pets
x-router-controller: Pet
post:
tags:
- pet
summary: Add a new pet to the store
operationId: addPet
requestBody:
description: Pet object that needs to be added to the store
content:
application/json:
schema:
$ref: '#/components/schemas/Pet'
application/xml:
schema:
$ref: '#/components/schemas/Pet'
required: true
responses:
405:
description: Invalid input
content: {}
security:
- petstore_auth:
- write:pets
- read:pets
x-router-controller: Pet
components:
schemas:
Order:
type: object
properties:
id:
type: integer
format: int64
petId:
type: integer
format: int64
quantity:
type: integer
format: int32
shipDate:
type: string
format: date-time
status:
type: string
description: Order Status
enum:
- placed
- approved
- delivered
complete:
type: boolean
default: false
xml:
name: Order
Category:
type: object
properties:
id:
type: integer
format: int64
name:
type: string
xml:
name: Category
User:
type: object
properties:
id:
type: integer
format: int64
username:
type: string
firstName:
type: string
lastName:
type: string
email:
type: string
password:
type: string
phone:
type: string
userStatus:
type: integer
description: User Status
format: int32
xml:
name: User
Tag:
type: object
properties:
id:
type: integer
format: int64
name:
type: string
xml:
name: Tag
Pet:
required:
- name
- photoUrls
type: object
properties:
id:
type: integer
format: int64
category:
$ref: '#/components/schemas/Category'
name:
type: string
example: doggie
photoUrls:
type: array
xml:
name: photoUrl
wrapped: true
items:
type: string
tags:
type: array
xml:
name: tag
wrapped: true
items:
$ref: '#/components/schemas/Tag'
status:
type: string
description: pet status in the store
enum:
- available
- pending
- sold
xml:
name: Pet
ApiResponse:
type: object
properties:
code:
type: integer
format: int32
type:
type: string
message:
type: string
securitySchemes:
petstore_auth:
type: oauth2
flows:
implicit:
authorizationUrl: http://petstore.swagger.io/oauth/dialog
scopes:
write:pets: modify pets in your account
read:pets: read your pets
api_key:
type: apiKey
name: api_key
in: header
Server will not handle any requests, because we define
servers:
- url: http://127.0.0.1:8080
for
servers:
- url: http://localhost:8080
it works fine
As above,
Tested with
id:
type: integer
topLevel:
type: string
middleLevel:
type: string
nullable: true
lastLevel:
type: string
nullable: true
url:
type: string
{
"id": 59,
"topLevel": "Accessories",
"middleLevel": null,
"lastLevel": "",
"url": "/accessories"
}
"message": "Wrong data in the response. ",
"error": [
{
"code": "INVALID_TYPE",
"params": [
"string",
"null"
],
"message": "Expected type string but found type null",
"path": "#/webLinks/59/url/lastLevel/middleLevel"
}
],
This appears to be in the validate function in Z-Schema.
The readme file has not been updated since the last version was released. Some new features should be explained in it.
Hi,
I had a route with the following response:
responses:
"200":
description: Service is healthy and all dependencies are up
content:
application/json:
schema:
type: array
items:
type: string
In swagger-tools, the following line of express code worked. res.status(200).json(["ok"]);
But when I look at what's being sent to your middleware, I see that it's getting the string "["ok"]" as opposed to the object ["ok"]
Is this a problem on your side? The express side? Am i not allowed to use res.json()? Any guidance would be much appreciated.
Thanks,
Jas
I am getting a 404 when the path that was successfully registered is accessed. Could you please let me know where to look at?
I am just initializing express and passing as shown below with the assumption that 'oas-tools' would wire the controller to the path/request.
`
const app = express();
oasTools.initialize(oasDoc, app, function () {
http.createServer(app).listen(8080, function () {
console.log("App up and running!");
});
where options are:
{
"checkControllers": true,
"loglevel": "debug",
"strict": false,
"router": false,
"validator": false,
"docs": {
"apiDocs": "/api-docs",
"swaggerUi": "/docs"
},
"ignoreUnknownFormats": true
}
-- Please delete this issue as it was due to incorrect options.
1.99.0
to 1.99.1
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 2 commits.
479260b
Merge pull request #227 from snyk/fix/upgradle
f6aeb61
fix: bump gradle plugin to fix dep tree annotations
See the full diff
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
Goal: Reduce size from 8 Mb to less than 2 Mb
logger.warning(msg + JSON.stringify(validator.getLastErrors()));
It produces output like this:
warning: [object Object][{"what":"ever"}]
Changing that line to
logger.warning(JSON.stringify(msg) + JSON.stringify(validator.getLastErrors()));
would produce a more readable warning.
If the spec file has a relative URL as the first server, the API base path is not detected correctly.
I'm returning multiple content types from a single endpoint but my content-type is being overriden by
res.header("Content-Type", "application/json;charset=utf-8");
inside of oas-router.js
responses:
'200':
description: OK
content:
text/csv:
schema:
$ref: '#/components/schemas/CSVResponse'
application/json:
schema:
$ref: '#/components/schemas/JSONResponse'
Suggested tools are:
10.8.0
to 10.9.0
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
validator is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
See the changelog.
The new version differs by 20 commits.
ef5f7a1
10.9.0
2ea9186
chore: update changelog and min version
4d409bd
feat(isMobilePhone): add en-GH locale (Ghana) (#928)
209a801
feat(isMobilePhone): add en-MU locale (Mauritian) (#925)
c12af3c
fix: sync changelog and min version
d557d44
fix(isMobilePhone): Indonesian locale update (#916)
8445383
fix: sync changelog and min version
cec8841
fix(isMobilePhone): fix bn-BD locale prefixes (#913)
0031015
chore: rebuild with babel 7
425320c
chore: upgrade to babel 7 (#915)
dad8961
fix: extra validation for dates (#910)
509324f
chore: update changelog and min version
3a2d661
fix: transpile isJWT changes (#906)
439c51f
feat(isJWT): signature is not required (#906)
8c4a74c
feat(isURL): add option to reject email-like URLs (#901)
There are 20 commits in total.
See the full diff
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
Upgrade winston to latest version.
Needs some adjustment in code.
5.4.2
to 5.4.3
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
publish-please is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
Changelog: https://github.com/inikulin/publish-please/blob/master/CHANGELOG.md#543---2018-12-02
The new version differs by 20 commits.
2538124
chore(release): update release date
ce43a82
doc(README): add gif demo
010ae2d
doc(media): remove unused media files
8dada4e
doc(publish): revamp documentation
b695bac
doc(publish): revamp documentation
0b48262
doc(publish): revamp documentation
c9e072e
doc(publish): revamp documentation
7ddf61d
doc(publish): revamp documentation
046bcf4
doc(publish): revamp documentation
e257332
doc(publish): revamp documentation
a54abd8
doc(publish): revamp documentation
cf5b231
doc(publish): revamp documentation
116f504
doc(publish): revamp documentation
c8c1c65
doc(publish): revamp documentation
3fe5112
doc(publish): revamp documentation
There are 20 commits in total.
See the full diff
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
When a request body contains a primitive JSON (a number, a string...) an error is thrown.
Run: npm run lint
to ge the full list.
// eslint-disable-line
Hello,
Path may contain common parameters defined: https://swagger.io/docs/specification/describing-parameters/
Please ignore them during the app bootstrap, supported operations are the following: get, post, put, patch, delete, head, options, trace
.
Hi,
when using oasSecurity
like
oasTools.configure({
// ...
oasSecurity: true,
securityFile: {
<secScheme>: async (req, secDef, key, next) => { return next() }
}
});
the framework errors out with
Error: No handler was specified for security scheme ApiKeyAuth
at async.map (/path/to/proj/node_modules/oas-tools/src/middleware/oas-security.js:109:45)
This seems due to an outdated version of lodash-compat
being used for validating the <secScheme>
cb in https://github.com/isa-group/oas-tools/blob/master/src/middleware/oas-security.js#L105 - see also lodash issue over at lodash/lodash#3603
Could you please bump lodash-compat
to a more current version in order to allow async callbacks for security validations?
Thanks in advance!
fix post & put tests
Hello,
It would be great to provide preconfigured logger instead of loglevel and logfile options.
Integration test keep running endless.
Using the module 'accesscontrol', add the ability to specify roles and access restrictions and automatically allow or deny access to specific endpoints and resources.
Add a configuration option to disable the swagger-ui docs. It will be enabled by default.
Set Apache 2.0 license
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.