From 62aaa619db2aebf211ff318c63701170fa15475e Mon Sep 17 00:00:00 2001 From: Emmanuel Gautier Date: Sun, 15 Dec 2024 16:50:22 +0100 Subject: [PATCH] fix: manage openapi wrongly parsed example params and unsupported media types --- .github/workflows/scans.yml | 1 + openapi/operation.go | 4 +- openapi/param.go | 109 ++- openapi/param_test.go | 207 ++++-- test/stub/petstore.openapi.json | 1225 +++++++++++++++++++++++++++++++ 5 files changed, 1476 insertions(+), 70 deletions(-) create mode 100644 test/stub/petstore.openapi.json diff --git a/.github/workflows/scans.yml b/.github/workflows/scans.yml index 8f5ff88..9d4f947 100644 --- a/.github/workflows/scans.yml +++ b/.github/workflows/scans.yml @@ -319,6 +319,7 @@ jobs: "simple_http_bearer_jwt.openapi.json", "simple_http_bearer.openapi.json", "complex.openapi.json", + "petstore.openapi.json" ] steps: diff --git a/openapi/operation.go b/openapi/operation.go index 6d3559f..f5549ab 100644 --- a/openapi/operation.go +++ b/openapi/operation.go @@ -84,7 +84,9 @@ func (openapi *OpenAPI) Operations(client *request.Client, securitySchemes auth. var body *bytes.Buffer var mediaType string if o.RequestBody != nil { - body, mediaType = getRequestBodyValue(o.RequestBody.Value) + body, mediaType, _ = getRequestBodyValue(o.RequestBody.Value) + } + if body != nil && mediaType != "" { header.Set("Content-Type", mediaType) } else { body = bytes.NewBuffer(nil) diff --git a/openapi/param.go b/openapi/param.go index 7e7a327..0a0bbaa 100644 --- a/openapi/param.go +++ b/openapi/param.go @@ -2,6 +2,7 @@ package openapi import ( "bytes" + "fmt" "strconv" "github.com/brianvoe/gofakeit/v7" @@ -10,6 +11,17 @@ import ( const maximumDepth = 4 +const ( + FloatParamType = "float" + DoubleParamType = "double" + Int32ParamFormat = "int32" + Int64ParamFormat = "int64" +) + +func NewErrNoSupportedBodyMediaType() error { + return fmt.Errorf("no supported body media type") +} + func getParameterValue(param *openapi3.Parameter) string { if param.Schema != nil { value := getSchemaValue(param.Schema.Value, 0) @@ -17,14 +29,19 @@ func getParameterValue(param *openapi3.Parameter) string { case param.Schema.Value.Type.Is("string"): return value.(string) case param.Schema.Value.Type.Is("number"): - return strconv.FormatFloat(value.(float64), 'f', -1, 64) + switch param.Schema.Value.Format { + case FloatParamType: + return strconv.FormatFloat(value.(float64), 'f', -1, 32) + case DoubleParamType: + default: + return strconv.FormatFloat(value.(float64), 'f', -1, 64) + } case param.Schema.Value.Type.Is("integer"): - return strconv.Itoa(value.(int)) + return strconv.FormatInt(value.(int64), 10) case param.Schema.Value.Type.Is("boolean"): return strconv.FormatBool(value.(bool)) } } - return "" } @@ -36,7 +53,7 @@ func mapRequestBodyFakeValueToJSON(schema *openapi3.Schema, fakeValue interface{ case schema.Type.Is("number"): jsonResponse = []byte(strconv.FormatFloat(fakeValue.(float64), 'f', -1, 64)) case schema.Type.Is("integer"): - jsonResponse = []byte(strconv.Itoa(fakeValue.(int))) + jsonResponse = []byte(strconv.FormatInt(fakeValue.(int64), 10)) case schema.Type.Is("boolean"): jsonResponse = []byte(strconv.FormatBool(fakeValue.(bool))) case schema.Type.Is("array"): @@ -64,35 +81,83 @@ func mapRequestBodyFakeValueToJSON(schema *openapi3.Schema, fakeValue interface{ return bytes.NewBuffer(jsonResponse) } -func getRequestBodyValue(requestBody *openapi3.RequestBody) (*bytes.Buffer, string) { - if requestBody.Content != nil { - for mediaType, mediaTypeValue := range requestBody.Content { - if mediaTypeValue.Schema != nil { - body := getSchemaValue(mediaTypeValue.Schema.Value, 0) - switch mediaType { - case "application/json": - return mapRequestBodyFakeValueToJSON(mediaTypeValue.Schema.Value, body), "application/json" - default: - return bytes.NewBuffer([]byte(body.(string))), mediaType - } +func getRequestBodyValue(requestBody *openapi3.RequestBody) (*bytes.Buffer, string, error) { + if requestBody == nil || requestBody.Content == nil { + return nil, "", nil + } + for mediaType, mediaTypeValue := range requestBody.Content { + if mediaTypeValue.Schema != nil { + body := getSchemaValue(mediaTypeValue.Schema.Value, 0) + if mediaType == "application/json" { + return mapRequestBodyFakeValueToJSON(mediaTypeValue.Schema.Value, body), mediaType, nil } } } - - return bytes.NewBuffer(nil), "" + return nil, "", NewErrNoSupportedBodyMediaType() } -func getSchemaValue(schema *openapi3.Schema, depth int) interface{} { +func parseSchemaExample(schema *openapi3.Schema) (interface{}, error) { + var example interface{} if schema.Example != nil { - return schema.Example + example = schema.Example } else if len(schema.Enum) > 0 { - return schema.Enum[gofakeit.Number(0, len(schema.Enum)-1)] + example = schema.Enum[gofakeit.Number(0, len(schema.Enum)-1)] + } + if example == nil { + return nil, nil + } + + var ok bool + _, ok = example.(string) + if ok && !schema.Type.Is("string") { + switch { + case schema.Type.Is("number"): + return strconv.ParseFloat(example.(string), 64) + case schema.Type.Is("integer"): + return strconv.ParseInt(example.(string), 10, 64) + case schema.Type.Is("boolean"): + return strconv.ParseBool(example.(string)) + } + } + + switch { + case schema.Type.Is("string"): + example, ok = example.(string) + case schema.Type.Is("number"): + example, ok = example.(float64) + case schema.Type.Is("integer"): + switch schema.Format { + case Int32ParamFormat: + example, ok = example.(int32) + case Int64ParamFormat: + default: + example, ok = example.(int64) + } + case schema.Type.Is("boolean"): + example, ok = example.(bool) + case schema.Type.Is("array"): + example, ok = example.([]interface{}) + case schema.Type.Is("object"): + example, ok = example.(map[string]interface{}) + } + if !ok { + return nil, fmt.Errorf("invalid example type") + } + return example, nil +} + +func getSchemaValue(schema *openapi3.Schema, depth int) interface{} { + example, err := parseSchemaExample(schema) + if err == nil && example != nil { + return example } // if there is no example generate random param switch { - case schema.Type.Is("number") || schema.Type.Is("integer"): - return gofakeit.Number(0, 10) + case schema.Type.Is("number"): + return gofakeit.Float64() + case schema.Type.Is("integer"): + return gofakeit.Int64() case schema.Type.Is("boolean"): return gofakeit.Bool() case schema.Type.Is("array"): diff --git a/openapi/param_test.go b/openapi/param_test.go index fcc1a35..f0eb5cc 100644 --- a/openapi/param_test.go +++ b/openapi/param_test.go @@ -173,27 +173,26 @@ func TestGetSchemaValue_WhenRequestBodyParametersWithExample(t *testing.T) { assert.Equal(t, expected, operations[0].Body) } -func TestGetSchemaValue_WhenRequestBodyParametersWithoutExample(t *testing.T) { +func TestGetSchemaValue_WhenRequestBodyParametersWithMultiMediaTypes(t *testing.T) { + expected := []byte("\"example\"") openapiContract, _ := openapi.LoadFromData( context.Background(), - []byte(`{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: string}}}}, responses: {'204': {description: successful operation}}}}}}`), + []byte(`{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/xml': {schema: {type: string, example: example}},'application/json': {schema: {type: string, example: example}}}}, responses: {'204': {description: successful operation}}}}}}`), ) securitySchemesMap, _ := openapiContract.SecuritySchemeMap(openapi.NewEmptySecuritySchemeValues()) operations, err := openapiContract.Operations(nil, securitySchemesMap) assert.NoError(t, err) - assert.Len(t, operations, 1) - assert.Len(t, operations[0].Header, 1) assert.Equal(t, "application/json", operations[0].Header.Get("Content-Type")) - assert.Len(t, operations[0].Cookies, 0) assert.NotNil(t, operations[0].Body) + assert.Equal(t, expected, operations[0].Body) } -func TestGetSchemaValue_WhenRequestBodyParametersNotRequired(t *testing.T) { +func TestGetSchemaValue_WhenRequestBodyParametersWithoutExample(t *testing.T) { openapiContract, _ := openapi.LoadFromData( context.Background(), - []byte(`{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: string, example: example}}}}, responses: {'204': {description: successful operation}}}}}}`), + []byte(`{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: string}}}}, responses: {'204': {description: successful operation}}}}}}`), ) securitySchemesMap, _ := openapiContract.SecuritySchemeMap(openapi.NewEmptySecuritySchemeValues()) @@ -207,11 +206,10 @@ func TestGetSchemaValue_WhenRequestBodyParametersNotRequired(t *testing.T) { assert.NotNil(t, operations[0].Body) } -func TestGetSchemaValue_WhenRequestBodyParametersWithArrayExample(t *testing.T) { - expected := []byte("[\"example\"]") +func TestGetSchemaValue_WhenRequestBodyParametersIsString(t *testing.T) { openapiContract, _ := openapi.LoadFromData( context.Background(), - []byte(`{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: array, items: {type: string, example: example}}}}}, responses: {'204': {description: successful operation}}}}}}`), + []byte(`{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: string, example: example}}}}, responses: {'204': {description: successful operation}}}}}}`), ) securitySchemesMap, _ := openapiContract.SecuritySchemeMap(openapi.NewEmptySecuritySchemeValues()) @@ -223,47 +221,162 @@ func TestGetSchemaValue_WhenRequestBodyParametersWithArrayExample(t *testing.T) assert.Equal(t, "application/json", operations[0].Header.Get("Content-Type")) assert.Len(t, operations[0].Cookies, 0) assert.NotNil(t, operations[0].Body) - assert.Equal(t, expected, operations[0].Body) } -func TestGetSchemaValue_WhenRequestBodyParametersWithObjectExample(t *testing.T) { - expected := []byte("{\"name\":\"example\"}") - openapiContract, operr := openapi.LoadFromData( - context.Background(), - []byte(`{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {name: {type: string, example: example}}}}}}, responses: {'204': {description: successful operation}}}}}}`), - ) - - securitySchemesMap, _ := openapiContract.SecuritySchemeMap(openapi.NewEmptySecuritySchemeValues()) - operations, err := openapiContract.Operations(nil, securitySchemesMap) - - assert.NoError(t, operr) - assert.NoError(t, err) - assert.Len(t, operations, 1) - assert.Len(t, operations[0].Header, 1) - assert.Equal(t, "application/json", operations[0].Header.Get("Content-Type")) - assert.Len(t, operations[0].Cookies, 0) - assert.NotNil(t, operations[0].Body) - assert.Equal(t, expected, operations[0].Body) +func TestGetSchemaValue_RequestBodyParameters(t *testing.T) { + tests := []struct { + name string + schema string + }{ + { + name: "string", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: string}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "number", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number}}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "double", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, format: double}}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "float", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, format: float}}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "integer", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number}}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "int32", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, format: int32}}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "int64", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, format: int64}}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "boolean", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: boolean}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "array", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: array, items: {type: string}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "object", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {name: {type: string}}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "object with array", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {name: {type: array, items: {type: string}}}}}}}, responses: {'204': {}}}}}}`, + }, + { + name: "object with object", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {name: {type: object, properties: {subname: {type: string}}}}}}}}, responses: {'204': {}}}}}}`, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + openapiContract, _ := openapi.LoadFromData( + context.TODO(), + []byte(tt.schema), + ) + + securitySchemesMap, _ := openapiContract.SecuritySchemeMap(openapi.NewEmptySecuritySchemeValues()) + operations, err := openapiContract.Operations(nil, securitySchemesMap) + + assert.NoError(t, err) + assert.NotNil(t, operations[0].Body) + }) + } } -func TestGetSchemaValue_WhenRequestBodyParametersWithObjectExampleAndArrayExample(t *testing.T) { - expected := []byte("{\"name\":[\"example\"]}") - openapiContract, operr := openapi.LoadFromData( - context.Background(), - []byte(`{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {name: {type: array, items: {type: string, example: example}}}}}}}, responses: {'204': {description: successful operation}}}}}}`), - ) - - securitySchemesMap, _ := openapiContract.SecuritySchemeMap(openapi.NewEmptySecuritySchemeValues()) - operations, err := openapiContract.Operations(nil, securitySchemesMap) - - assert.NoError(t, operr) - assert.NoError(t, err) - assert.Len(t, operations, 1) - assert.Len(t, operations[0].Header, 1) - assert.Equal(t, "application/json", operations[0].Header.Get("Content-Type")) - assert.Len(t, operations[0].Cookies, 0) - assert.NotNil(t, operations[0].Body) - assert.Equal(t, expected, operations[0].Body) +func TestGetSchemaValue_RequestBodyParametersAndExample(t *testing.T) { + tests := []struct { + name string + schema string + expected []byte + }{ + { + name: "string", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: string, example: example}}}}, responses: {'204': {}}}}}}`, + expected: []byte("\"example\""), + }, + { + name: "number", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, example: 1.1}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"number\":1.1}"), + }, + { + name: "double", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, format: double, example: 1.1}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"number\":1.1}"), + }, + { + name: "float", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, format: float, example: 1.1}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"number\":1.1}"), + }, + { + name: "integer", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, example: 1}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"number\":1}"), + }, + { + name: "int32", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, format: int32, example: 1}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"number\":1}"), + }, + { + name: "int64", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {number: {type: number, format: int64, example: 1}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"number\":1}"), + }, + { + name: "boolean", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: boolean, example: true}}}}, responses: {'204': {}}}}}}`, + expected: []byte("true"), + }, + { + name: "array", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: array, items: {type: string, example: example}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("[\"example\"]"), + }, + { + name: "object", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {name: {type: string, example: example}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"name\":\"example\"}"), + }, + { + name: "object with array", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {name: {type: array, items: {type: string, example: example}}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"name\":[\"example\"]}"), + }, + { + name: "object with object", + schema: `{openapi: 3.0.2, servers: [{url: 'http://localhost:8080'}], paths: {/: {post: {requestBody: {content: {'application/json': {schema: {type: object, properties: {name: {type: object, properties: {subname: {type: string, example: example}}}}}}}}, responses: {'204': {}}}}}}`, + expected: []byte("{\"name\":{\"subname\":\"example\"}}"), + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + openapiContract, _ := openapi.LoadFromData( + context.TODO(), + []byte(tt.schema), + ) + + securitySchemesMap, _ := openapiContract.SecuritySchemeMap(openapi.NewEmptySecuritySchemeValues()) + operations, err := openapiContract.Operations(nil, securitySchemesMap) + + assert.NoError(t, err) + assert.NotNil(t, operations[0].Body) + assert.Equal(t, tt.expected, operations[0].Body) + }) + } } func TestRecursiveParameters(t *testing.T) { diff --git a/test/stub/petstore.openapi.json b/test/stub/petstore.openapi.json new file mode 100644 index 0000000..dbbdfbd --- /dev/null +++ b/test/stub/petstore.openapi.json @@ -0,0 +1,1225 @@ +{ + "openapi": "3.0.2", + "info": { + "title": "Swagger Petstore - OpenAPI 3.0", + "description": "This is a sample Pet Store Server based on the OpenAPI 3.0 specification. You can find out more about\nSwagger at [http://swagger.io](http://swagger.io). In the third iteration of the pet store, we've switched to the design first approach!\nYou can now help us improve the API whether it's by making changes to the definition itself or to the code.\nThat way, with time, we can improve the API in general, and expose some of the new features in OAS3.\n\nSome useful links:\n- [The Pet Store repository](https://github.com/swagger-api/swagger-petstore)\n- [The source API definition for the Pet Store](https://github.com/swagger-api/swagger-petstore/blob/master/src/main/resources/openapi.yaml)", + "termsOfService": "http://swagger.io/terms/", + "contact": { + "email": "apiteam@swagger.io" + }, + "license": { + "name": "Apache 2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0.html" + }, + "version": "1.0.19" + }, + "externalDocs": { + "description": "Find out more about Swagger", + "url": "http://swagger.io" + }, + "servers": [ + { + "url": "http://localhost:8080/api/v3" + } + ], + "tags": [ + { + "name": "pet", + "description": "Everything about your Pets", + "externalDocs": { + "description": "Find out more", + "url": "http://swagger.io" + } + }, + { + "name": "store", + "description": "Access to Petstore orders", + "externalDocs": { + "description": "Find out more about our store", + "url": "http://swagger.io" + } + }, + { + "name": "user", + "description": "Operations about user" + } + ], + "paths": { + "/pet": { + "put": { + "tags": [ + "pet" + ], + "summary": "Update an existing pet", + "description": "Update an existing pet by Id", + "operationId": "updatePet", + "requestBody": { + "description": "Update an existent pet in the store", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + }, + "application/xml": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + }, + "application/x-www-form-urlencoded": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful operation", + "content": { + "application/xml": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + }, + "application/json": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + } + } + }, + "400": { + "description": "Invalid ID supplied" + }, + "404": { + "description": "Pet not found" + }, + "405": { + "description": "Validation exception" + } + }, + "security": [ + { + "petstore_auth": [ + "write:pets", + "read:pets" + ] + } + ] + }, + "post": { + "tags": [ + "pet" + ], + "summary": "Add a new pet to the store", + "description": "Add a new pet to the store", + "operationId": "addPet", + "requestBody": { + "description": "Create a new pet in the store", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + }, + "application/xml": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + }, + "application/x-www-form-urlencoded": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful operation", + "content": { + "application/xml": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + }, + "application/json": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + } + } + }, + "405": { + "description": "Invalid input" + } + }, + "security": [ + { + "petstore_auth": [ + "write:pets", + "read:pets" + ] + } + ] + } + }, + "/pet/findByStatus": { + "get": { + "tags": [ + "pet" + ], + "summary": "Finds Pets by status", + "description": "Multiple status values can be provided with comma separated strings", + "operationId": "findPetsByStatus", + "parameters": [ + { + "name": "status", + "in": "query", + "description": "Status values that need to be considered for filter", + "required": false, + "explode": true, + "schema": { + "type": "string", + "default": "available", + "enum": [ + "available", + "pending", + "sold" + ] + } + } + ], + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/xml": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Pet" + } + } + }, + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Pet" + } + } + } + } + }, + "400": { + "description": "Invalid status value" + } + }, + "security": [ + { + "petstore_auth": [ + "write:pets", + "read:pets" + ] + } + ] + } + }, + "/pet/findByTags": { + "get": { + "tags": [ + "pet" + ], + "summary": "Finds Pets by tags", + "description": "Multiple tags can be provided with comma separated strings. Use tag1, tag2, tag3 for testing.", + "operationId": "findPetsByTags", + "parameters": [ + { + "name": "tags", + "in": "query", + "description": "Tags to filter by", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + } + ], + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/xml": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Pet" + } + } + }, + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Pet" + } + } + } + } + }, + "400": { + "description": "Invalid tag value" + } + }, + "security": [ + { + "petstore_auth": [ + "write:pets", + "read:pets" + ] + } + ] + } + }, + "/pet/{petId}": { + "get": { + "tags": [ + "pet" + ], + "summary": "Find pet by ID", + "description": "Returns a single pet", + "operationId": "getPetById", + "parameters": [ + { + "name": "petId", + "in": "path", + "description": "ID of pet to return", + "required": true, + "schema": { + "type": "integer", + "format": "int64" + } + } + ], + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/xml": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + }, + "application/json": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + } + } + }, + "400": { + "description": "Invalid ID supplied" + }, + "404": { + "description": "Pet not found" + } + }, + "security": [ + { + "api_key": [] + }, + { + "petstore_auth": [ + "write:pets", + "read:pets" + ] + } + ] + }, + "post": { + "tags": [ + "pet" + ], + "summary": "Updates a pet in the store with form data", + "description": "", + "operationId": "updatePetWithForm", + "parameters": [ + { + "name": "petId", + "in": "path", + "description": "ID of pet that needs to be updated", + "required": true, + "schema": { + "type": "integer", + "format": "int64" + } + }, + { + "name": "name", + "in": "query", + "description": "Name of pet that needs to be updated", + "schema": { + "type": "string" + } + }, + { + "name": "status", + "in": "query", + "description": "Status of pet that needs to be updated", + "schema": { + "type": "string" + } + } + ], + "responses": { + "405": { + "description": "Invalid input" + } + }, + "security": [ + { + "petstore_auth": [ + "write:pets", + "read:pets" + ] + } + ] + }, + "delete": { + "tags": [ + "pet" + ], + "summary": "Deletes a pet", + "description": "", + "operationId": "deletePet", + "parameters": [ + { + "name": "api_key", + "in": "header", + "description": "", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "petId", + "in": "path", + "description": "Pet id to delete", + "required": true, + "schema": { + "type": "integer", + "format": "int64" + } + } + ], + "responses": { + "400": { + "description": "Invalid pet value" + } + }, + "security": [ + { + "petstore_auth": [ + "write:pets", + "read:pets" + ] + } + ] + } + }, + "/pet/{petId}/uploadImage": { + "post": { + "tags": [ + "pet" + ], + "summary": "uploads an image", + "description": "", + "operationId": "uploadFile", + "parameters": [ + { + "name": "petId", + "in": "path", + "description": "ID of pet to update", + "required": true, + "schema": { + "type": "integer", + "format": "int64" + } + }, + { + "name": "additionalMetadata", + "in": "query", + "description": "Additional Metadata", + "required": false, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/octet-stream": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + }, + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiResponse" + } + } + } + } + }, + "security": [ + { + "petstore_auth": [ + "write:pets", + "read:pets" + ] + } + ] + } + }, + "/store/inventory": { + "get": { + "tags": [ + "store" + ], + "summary": "Returns pet inventories by status", + "description": "Returns a map of status codes to quantities", + "operationId": "getInventory", + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "integer", + "format": "int32" + } + } + } + } + } + }, + "security": [ + { + "api_key": [] + } + ] + } + }, + "/store/order": { + "post": { + "tags": [ + "store" + ], + "summary": "Place an order for a pet", + "description": "Place a new order in the store", + "operationId": "placeOrder", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Order" + } + }, + "application/xml": { + "schema": { + "$ref": "#/components/schemas/Order" + } + }, + "application/x-www-form-urlencoded": { + "schema": { + "$ref": "#/components/schemas/Order" + } + } + } + }, + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Order" + } + } + } + }, + "405": { + "description": "Invalid input" + } + } + } + }, + "/store/order/{orderId}": { + "get": { + "tags": [ + "store" + ], + "summary": "Find purchase order by ID", + "description": "For valid response try integer IDs with value <= 5 or > 10. Other values will generate exceptions.", + "operationId": "getOrderById", + "parameters": [ + { + "name": "orderId", + "in": "path", + "description": "ID of order that needs to be fetched", + "required": true, + "schema": { + "type": "integer", + "format": "int64" + } + } + ], + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/xml": { + "schema": { + "$ref": "#/components/schemas/Order" + } + }, + "application/json": { + "schema": { + "$ref": "#/components/schemas/Order" + } + } + } + }, + "400": { + "description": "Invalid ID supplied" + }, + "404": { + "description": "Order not found" + } + } + }, + "delete": { + "tags": [ + "store" + ], + "summary": "Delete purchase order by ID", + "description": "For valid response try integer IDs with value < 1000. Anything above 1000 or nonintegers will generate API errors", + "operationId": "deleteOrder", + "parameters": [ + { + "name": "orderId", + "in": "path", + "description": "ID of the order that needs to be deleted", + "required": true, + "schema": { + "type": "integer", + "format": "int64" + } + } + ], + "responses": { + "400": { + "description": "Invalid ID supplied" + }, + "404": { + "description": "Order not found" + } + } + } + }, + "/user": { + "post": { + "tags": [ + "user" + ], + "summary": "Create user", + "description": "This can only be done by the logged in user.", + "operationId": "createUser", + "requestBody": { + "description": "Created user object", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/User" + } + }, + "application/xml": { + "schema": { + "$ref": "#/components/schemas/User" + } + }, + "application/x-www-form-urlencoded": { + "schema": { + "$ref": "#/components/schemas/User" + } + } + } + }, + "responses": { + "default": { + "description": "successful operation", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/User" + } + }, + "application/xml": { + "schema": { + "$ref": "#/components/schemas/User" + } + } + } + } + } + } + }, + "/user/createWithList": { + "post": { + "tags": [ + "user" + ], + "summary": "Creates list of users with given input array", + "description": "Creates list of users with given input array", + "operationId": "createUsersWithListInput", + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/User" + } + } + } + } + }, + "responses": { + "200": { + "description": "Successful operation", + "content": { + "application/xml": { + "schema": { + "$ref": "#/components/schemas/User" + } + }, + "application/json": { + "schema": { + "$ref": "#/components/schemas/User" + } + } + } + }, + "default": { + "description": "successful operation" + } + } + } + }, + "/user/login": { + "get": { + "tags": [ + "user" + ], + "summary": "Logs user into the system", + "description": "", + "operationId": "loginUser", + "parameters": [ + { + "name": "username", + "in": "query", + "description": "The user name for login", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "password", + "in": "query", + "description": "The password for login in clear text", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "successful operation", + "headers": { + "X-Rate-Limit": { + "description": "calls per hour allowed by the user", + "schema": { + "type": "integer", + "format": "int32" + } + }, + "X-Expires-After": { + "description": "date in UTC when token expires", + "schema": { + "type": "string", + "format": "date-time" + } + } + }, + "content": { + "application/xml": { + "schema": { + "type": "string" + } + }, + "application/json": { + "schema": { + "type": "string" + } + } + } + }, + "400": { + "description": "Invalid username/password supplied" + } + } + } + }, + "/user/logout": { + "get": { + "tags": [ + "user" + ], + "summary": "Logs out current logged in user session", + "description": "", + "operationId": "logoutUser", + "parameters": [], + "responses": { + "default": { + "description": "successful operation" + } + } + } + }, + "/user/{username}": { + "get": { + "tags": [ + "user" + ], + "summary": "Get user by user name", + "description": "", + "operationId": "getUserByName", + "parameters": [ + { + "name": "username", + "in": "path", + "description": "The name that needs to be fetched. Use user1 for testing. ", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "successful operation", + "content": { + "application/xml": { + "schema": { + "$ref": "#/components/schemas/User" + } + }, + "application/json": { + "schema": { + "$ref": "#/components/schemas/User" + } + } + } + }, + "400": { + "description": "Invalid username supplied" + }, + "404": { + "description": "User not found" + } + } + }, + "put": { + "tags": [ + "user" + ], + "summary": "Update user", + "description": "This can only be done by the logged in user.", + "operationId": "updateUser", + "parameters": [ + { + "name": "username", + "in": "path", + "description": "name that needs to be updated", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "description": "Update an existent user in the store", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/User" + } + }, + "application/xml": { + "schema": { + "$ref": "#/components/schemas/User" + } + }, + "application/x-www-form-urlencoded": { + "schema": { + "$ref": "#/components/schemas/User" + } + } + } + }, + "responses": { + "default": { + "description": "successful operation" + } + } + }, + "delete": { + "tags": [ + "user" + ], + "summary": "Delete user", + "description": "This can only be done by the logged in user.", + "operationId": "deleteUser", + "parameters": [ + { + "name": "username", + "in": "path", + "description": "The name that needs to be deleted", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "400": { + "description": "Invalid username supplied" + }, + "404": { + "description": "User not found" + } + } + } + } + }, + "components": { + "schemas": { + "Order": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64", + "example": 10 + }, + "petId": { + "type": "integer", + "format": "int64", + "example": 198772 + }, + "quantity": { + "type": "integer", + "format": "int32", + "example": 7 + }, + "shipDate": { + "type": "string", + "format": "date-time" + }, + "status": { + "type": "string", + "description": "Order Status", + "example": "approved", + "enum": [ + "placed", + "approved", + "delivered" + ] + }, + "complete": { + "type": "boolean" + } + }, + "xml": { + "name": "order" + } + }, + "Customer": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64", + "example": 100000 + }, + "username": { + "type": "string", + "example": "fehguy" + }, + "address": { + "type": "array", + "xml": { + "name": "addresses", + "wrapped": true + }, + "items": { + "$ref": "#/components/schemas/Address" + } + } + }, + "xml": { + "name": "customer" + } + }, + "Address": { + "type": "object", + "properties": { + "street": { + "type": "string", + "example": "437 Lytton" + }, + "city": { + "type": "string", + "example": "Palo Alto" + }, + "state": { + "type": "string", + "example": "CA" + }, + "zip": { + "type": "string", + "example": "94301" + } + }, + "xml": { + "name": "address" + } + }, + "Category": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64", + "example": 1 + }, + "name": { + "type": "string", + "example": "Dogs" + } + }, + "xml": { + "name": "category" + } + }, + "User": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64", + "example": 10 + }, + "username": { + "type": "string", + "example": "theUser" + }, + "firstName": { + "type": "string", + "example": "John" + }, + "lastName": { + "type": "string", + "example": "James" + }, + "email": { + "type": "string", + "example": "john@email.com" + }, + "password": { + "type": "string", + "example": "12345" + }, + "phone": { + "type": "string", + "example": "12345" + }, + "userStatus": { + "type": "integer", + "description": "User Status", + "format": "int32", + "example": 1 + } + }, + "xml": { + "name": "user" + } + }, + "Tag": { + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + } + }, + "xml": { + "name": "tag" + } + }, + "Pet": { + "required": [ + "name", + "photoUrls" + ], + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64", + "example": 10 + }, + "name": { + "type": "string", + "example": "doggie" + }, + "category": { + "$ref": "#/components/schemas/Category" + }, + "photoUrls": { + "type": "array", + "xml": { + "wrapped": true + }, + "items": { + "type": "string", + "xml": { + "name": "photoUrl" + } + } + }, + "tags": { + "type": "array", + "xml": { + "wrapped": true + }, + "items": { + "$ref": "#/components/schemas/Tag" + } + }, + "status": { + "type": "string", + "description": "pet status in the store", + "enum": [ + "available", + "pending", + "sold" + ] + } + }, + "xml": { + "name": "pet" + } + }, + "ApiResponse": { + "type": "object", + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "type": { + "type": "string" + }, + "message": { + "type": "string" + } + }, + "xml": { + "name": "##default" + } + } + }, + "requestBodies": { + "Pet": { + "description": "Pet object that needs to be added to the store", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + }, + "application/xml": { + "schema": { + "$ref": "#/components/schemas/Pet" + } + } + } + }, + "UserArray": { + "description": "List of user object", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/User" + } + } + } + } + } + }, + "securitySchemes": { + "petstore_auth": { + "type": "oauth2", + "flows": { + "implicit": { + "authorizationUrl": "https://petstore3.swagger.io/oauth/authorize", + "scopes": { + "write:pets": "modify pets in your account", + "read:pets": "read your pets" + } + } + } + }, + "api_key": { + "type": "apiKey", + "name": "api_key", + "in": "header" + } + } + } +} \ No newline at end of file