From 46a452998ab3927362b388e248e785a12530a900 Mon Sep 17 00:00:00 2001 From: Lukasz Gornicki Date: Mon, 10 Aug 2020 18:27:35 +0200 Subject: [PATCH] fix: Revert wrong oauth2 or openIdConnect server sec info validation (#158) --- lib/customValidators.js | 34 +----------- test/customValidators_test.js | 100 ---------------------------------- 2 files changed, 1 insertion(+), 133 deletions(-) diff --git a/lib/customValidators.js b/lib/customValidators.js index 586923e35..f55d78360 100644 --- a/lib/customValidators.js +++ b/lib/customValidators.js @@ -135,8 +135,6 @@ function validateOperationId(parsedJSON, asyncapiYAMLorJSON, initialFormat, oper return true; } -/* eslint-disable sonarjs/cognitive-complexity */ -/* spliting it because it is 18 and not 15 lines would only make it more complex */ /** * Validates if server security is declared properly and the name has a corresponding security schema definition in components with the same name * @@ -155,8 +153,7 @@ function validateServerSecurity(parsedJSON, asyncapiYAMLorJSON, initialFormat, s const srvsMap = new Map(Object.entries(srvs)); const missingSecSchema = new Map(), - invalidSecurityValues = new Map(), - missingScopesList = new Map(); + invalidSecurityValues = new Map(); //we need to validate every server specified in the document srvsMap.forEach((server, serverName) => { @@ -176,7 +173,6 @@ function validateServerSecurity(parsedJSON, asyncapiYAMLorJSON, initialFormat, s //findSecuritySchema returns type always on index 1. Type is needed further to validate if server security info can be or not an empty array const schemaType = schema[1]; if (!isSrvrSecProperArray(schemaType, specialSecTypes, secObj, secName)) invalidSecurityValues.set(srvrSecurityPath, schemaType); - if (!hasSrvrSecScopes(schemaType, specialSecTypes, secObj, secName)) missingScopesList.set(srvrSecurityPath, schemaType); }); }); }); @@ -199,15 +195,6 @@ function validateServerSecurity(parsedJSON, asyncapiYAMLorJSON, initialFormat, s }); } - if (missingScopesList.size) { - throw new ParserError({ - type: validationError, - title: 'Server security value must not be an empty array if corresponding security schema type is oauth2 or openIdConnect. Add list of required scopes.', - parsedJSON, - validationErrors: groupValidationErrors(root, 'security info must not have an empty array because its corresponding security schema type is', missingScopesList, asyncapiYAMLorJSON, initialFormat) - }); - } - return true; } @@ -252,25 +239,6 @@ function isSrvrSecProperArray(schemaType, specialSecTypes, secObj, secName) { return true; } -/** - * Validates if given server security is not an empty array when security type requires it - * @private - * @param {String} schemaType security type, like httpApiKey or userPassword - * @param {String[]} specialSecTypes list of special types that do not have to be an empty array - * @param {Object} secObj server security object - * @param {String} secName name os server security object - * @returns {String[]} there are 2 elements in array, index 0 is the name of the security schema object and index 1 is it's type - */ -function hasSrvrSecScopes(schemaType, specialSecTypes, secObj, secName) { - if (specialSecTypes.includes(schemaType)) { - const securityObjValue = secObj[String(secName)]; - - return !!securityObjValue.length; - } - - return true; -} - module.exports = { validateChannelParams, validateServerVariables, diff --git a/test/customValidators_test.js b/test/customValidators_test.js index caa3bc18f..1764ee794 100644 --- a/test/customValidators_test.js +++ b/test/customValidators_test.js @@ -440,46 +440,6 @@ describe('validateServerSecurity()', function() { expect(validateServerSecurity(parsedInput, inputString, input, specialSecTypes)).to.equal(true); }); - it('should successfully validate server security for oauth2 that requires scopes', async function() { - const inputString = `{ - "asyncapi": "2.0.0", - "info": { - "version": "1.0.0" - }, - "servers": { - "dummy": { - "url": "http://localhost", - "protocol": "kafka", - "security": [ - { - "oauthsec": ["read:pets"] - } - ] - } - }, - "components": { - "securitySchemes": { - "oauthsec": { - "type": "oauth2", - "flows": { - "implicit": { - "authorizationUrl": "https://example.com/api/oauth/auth", - "refreshUrl": "https://example.com/api/oauth/refresh", - "scopes": { - "write:pets": "modify pets in your account", - "read:pets": "read your pets" - } - } - } - } - } - } - }`; - const parsedInput = JSON.parse(inputString); - - expect(validateServerSecurity(parsedInput, inputString, input, specialSecTypes)).to.equal(true); - }); - it('should successfully validate if server security not provided', async function() { const inputString = `{ "asyncapi": "2.0.0", @@ -584,66 +544,6 @@ describe('validateServerSecurity()', function() { } }); - it('should throw error that server security is missing scopes that are required for special security types like oauth2 and openIdConnect', async function() { - const inputString = `{ - "asyncapi": "2.0.0", - "info": { - "version": "1.0.0" - }, - "servers": { - "dummy": { - "url": "http://localhost", - "protocol": "kafka", - "security": [ - { - "oauthsec": [] - } - ] - } - }, - "components": { - "securitySchemes": { - "oauthsec": { - "type": "oauth2", - "flows": { - "implicit": { - "authorizationUrl": "https://example.com/api/oauth/auth", - "refreshUrl": "https://example.com/api/oauth/refresh", - "scopes": { - "write:pets": "modify pets in your account", - "read:pets": "read your pets" - } - } - } - } - } - } - }`; - const parsedInput = JSON.parse(inputString); - - try { - validateServerSecurity(parsedInput, inputString, input, specialSecTypes); - } catch (e) { - expect(e.type).to.equal('https://github.com/asyncapi/parser-js/validation-errors'); - expect(e.title).to.equal('Server security value must not be an empty array if corresponding security schema type is oauth2 or openIdConnect. Add list of required scopes.'); - expect(e.parsedJSON).to.deep.equal(parsedInput); - expect(e.validationErrors).to.deep.equal([ - { - title: 'dummy/security/oauthsec security info must not have an empty array because its corresponding security schema type is: oauth2', - location: { - jsonPointer: '/servers/dummy/security/oauthsec', - startLine: 12, - startColumn: 28, - startOffset: offset(251, 12), - endLine: 12, - endColumn: 30, - endOffset: offset(253, 12) - } - } - ]); - } - }); - it('should throw error that server has no security schema provided when components schema object is not in the document', async function() { const inputString = `{ "asyncapi": "2.0.0",