From f11b2938af1de4b51141b934a0d4e596a94cb00c Mon Sep 17 00:00:00 2001 From: Peltoche Date: Mon, 1 Oct 2018 19:50:19 +0200 Subject: [PATCH] Add the request header validation --- analyzer.go | 11 +++++++++++ analyzer_test.go | 32 ++++++++++++++++++++++++++++++++ dataset/petstore.json | 7 +++++++ 3 files changed, 50 insertions(+) diff --git a/analyzer.go b/analyzer.go index 5fa90bc..73700b0 100644 --- a/analyzer.go +++ b/analyzer.go @@ -81,6 +81,8 @@ func (t *Analyzer) Analyze(req *http.Request) error { switch param.In { case "path": err = t.validatePathParameter(pathParams, ¶m) + case "header": + err = t.validateHeaderParameter(req, ¶m) case "body": err = t.validateBodyParameter(req, ¶m) case "query": @@ -126,6 +128,15 @@ func (t *Analyzer) validateBodyParameter(req *http.Request, param *spec.Paramete return nil } +func (t *Analyzer) validateHeaderParameter(req *http.Request, param *spec.Parameter) error { + errs := validate.NewParamValidator(param, strfmt.Default).Validate(req.Header.Get(param.Name)) + if errs != nil { + return errs.AsError() + } + + return nil +} + func (t *Analyzer) validateQueryParameter(req *http.Request, param *spec.Parameter) error { query := req.URL.Query() diff --git a/analyzer_test.go b/analyzer_test.go index dec8cf7..dceccc0 100644 --- a/analyzer_test.go +++ b/analyzer_test.go @@ -148,6 +148,7 @@ func Test_Analyzer_Analyze_with_path_parameters(t *testing.T) { analyzer := NewAnalyzer(specs) req, err := http.NewRequest("GET", "/pet/42", nil) + req.Header.Set("userID", "some-id") require.NoError(t, err) err = analyzer.Analyze(req) @@ -162,6 +163,7 @@ func Test_Analyzer_Analyze_with_invalid_path_parameters(t *testing.T) { analyzer := NewAnalyzer(specs) req, err := http.NewRequest("GET", "/pet/not-a-number", nil) + req.Header.Set("userID", "42") require.NoError(t, err) err = analyzer.Analyze(req) @@ -247,3 +249,33 @@ func Test_Analyzer_Analyze_with_missing_formData_field(t *testing.T) { assert.EqualError(t, err, "validation failure list:\n"+ "additionalMetadata in formData is required") } + +func Test_Analyzer_Analyze_with_header(t *testing.T) { + specs, err := NewSpecsFromFile("./dataset/petstore.json") + require.NoError(t, err) + + analyzer := NewAnalyzer(specs) + + req, err := http.NewRequest("GET", "/pet/32", nil) + require.NoError(t, err) + req.Header.Set("userID", "42") + + err = analyzer.Analyze(req) + + assert.NoError(t, err) +} + +func Test_Analyzer_Analyze_with_missing_header(t *testing.T) { + specs, err := NewSpecsFromFile("./dataset/petstore.json") + require.NoError(t, err) + + analyzer := NewAnalyzer(specs) + + req, err := http.NewRequest("GET", "/pet/32", nil) + require.NoError(t, err) + + err = analyzer.Analyze(req) + + assert.EqualError(t, err, "validation failure list:\n"+ + "userID in header is required") +} diff --git a/dataset/petstore.json b/dataset/petstore.json index 54de8e1..d3c0d02 100644 --- a/dataset/petstore.json +++ b/dataset/petstore.json @@ -248,6 +248,13 @@ "application/json" ], "parameters": [ + { + "name": "userID", + "in": "header", + "description": "", + "required": true, + "type": "string" + }, { "name": "petId", "in": "path",