Merge pull request #1152 from WebFuzzing/issue-#1150

core/src/main/kotlin/org/evomaster/core/problem/rest/param/QueryParam.kt

@@ -22,7 +22,7 @@ class QueryParam(
     init {
         //https://swagger.io/docs/specification/serialization/
         /*
-            sending x=[1,2,3]  intead of x=1,2,3 is wrong, and can lead to crashes in
+            sending x=[1,2,3]  instead of x=1,2,3 is wrong, and can lead to crashes in
             server if desearilazation is not properly handled.
             TODO: But sending such malformatted string should be handled as part of Robustness Testing
          */

core/src/main/kotlin/org/evomaster/core/search/gene/datetime/TimeGene.kt

@@ -52,6 +52,7 @@ class TimeGene(
             .thenBy(TimeGene::minute)
             .thenBy(TimeGene::second)
             //TODO ms and offset
+            //FIXME: considering offset, this check is wrong.
     }
 
     fun selectZ(){

core/src/main/kotlin/org/evomaster/core/search/gene/datetime/TimeNumOffsetGene.kt

@@ -20,11 +20,16 @@ import org.evomaster.core.search.service.mutator.genemutation.SubsetGeneMutation
  *    time-minute     = 2DIGIT  ; 00-59
  *    time-numoffset  = ("+" / "-") time-hour ":" time-minute
  *    time-offset     = "Z" / time-numoffset
+ *
+ *    Note: RFC3339 does NOT put constraints on hour, but Java does, ie, range -18,+18.
+ *    Apparently this is based on ISO8601, which RFC3339 "profiles"... but
+ *    that document costs money to read... also, it seems currently only -14,+12 is used
+ *    in practice in the world
  */
 class TimeNumOffsetGene(
   name: String,
   val sign: EnumGene<String> = EnumGene("sign", listOf("-","+"), treatAsNotString = true),
-  val hour: IntegerGene = IntegerGene("hour", min = 0, max = 23),
+  val hour: IntegerGene = IntegerGene("hour", min = 0, max = 18),
   val minute: IntegerGene = IntegerGene("minute", min = 0, max = 59)
 ) : CompositeFixedGene(name, listOf(sign, hour, minute)) {
 

e2e-tests/spring-rest-openapi-v3/pom.xml

@@ -145,6 +145,11 @@
             <artifactId>auth0</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>com.ethlo.time</groupId>
+            <artifactId>itu</artifactId>
+        </dependency>
+
     </dependencies>
 
     <build>

e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/time/TimeApplication.kt

@@ -0,0 +1,16 @@
+package com.foo.rest.examples.spring.openapi.v3.time
+
+import org.springframework.boot.SpringApplication
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
+
+@SpringBootApplication(exclude = [SecurityAutoConfiguration::class])
+open class TimeApplication {
+
+    companion object {
+        @JvmStatic
+        fun main(args: Array<String>) {
+            SpringApplication.run(TimeApplication::class.java, *args)
+        }
+    }
+}

e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/time/TimeRest.kt

@@ -0,0 +1,36 @@
+package com.foo.rest.examples.spring.openapi.v3.time
+
+import com.ethlo.time.ITU
+import org.springframework.http.ResponseEntity
+import org.springframework.web.bind.annotation.*
+
+@RestController
+@RequestMapping(path = ["/api/time"])
+class TimeRest {
+
+
+    @GetMapping
+    open fun get(@RequestParam x: String) : ResponseEntity<String> {
+
+        try{
+            ITU.parseDateTime(x)
+        }catch (e:Exception){
+            return ResponseEntity.badRequest().body(e.message)
+        }
+
+        //checking different offsets
+        if(x.contains("Z") ){
+            return ResponseEntity.ok("A")
+        }
+        // there are always 2 - before the T
+        if(x.chars().filter{it == '-'.code}.count() == 3L ){
+            return ResponseEntity.ok("B")
+        }
+        if(x.contains("+") ){
+            return ResponseEntity.ok("C")
+        }
+
+        //this shouldn't be reachable
+        return ResponseEntity.ok("D")
+    }
+}

e2e-tests/spring-rest-openapi-v3/src/main/resources/static/openapi-time.yml

@@ -0,0 +1,17 @@
+openapi: 3.0.0
+info:
+  title: time
+  version: "1"
+paths:
+  /api/time:
+    get:
+      parameters:
+        - in: query
+          name: x
+          required: true
+          schema:
+            type: string
+            format: 'date-time'
+      responses:
+        200:
+          description: ok

e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/time/TimeController.kt

@@ -0,0 +1,16 @@
+package com.foo.rest.examples.spring.openapi.v3.time
+
+import com.foo.rest.examples.spring.openapi.v3.SpringController
+import org.evomaster.client.java.controller.problem.ProblemInfo
+import org.evomaster.client.java.controller.problem.RestProblem
+
+class TimeController : SpringController(TimeApplication::class.java){
+
+
+    override fun getProblemInfo(): ProblemInfo {
+        return RestProblem(
+                "http://localhost:$sutPort/openapi-time.yml",
+                null
+        )
+    }
+}

e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/time/TimeEMTest.kt

@@ -0,0 +1,38 @@
+package org.evomaster.e2etests.spring.openapi.v3.time
+
+
+import com.foo.rest.examples.spring.openapi.v3.time.TimeController
+import org.evomaster.core.problem.rest.HttpVerb
+import org.evomaster.e2etests.spring.openapi.v3.SpringTestBase
+import org.junit.jupiter.api.Assertions
+import org.junit.jupiter.api.BeforeAll
+import org.junit.jupiter.api.Test
+
+class TimeEMTest : SpringTestBase(){
+
+    companion object {
+        @BeforeAll
+        @JvmStatic
+        fun init() {
+            initClass(TimeController())
+        }
+    }
+
+    @Test
+    fun testRunEM() {
+
+        runTestHandlingFlakyAndCompilation(
+                "TimeEM",
+                1000
+        ) { args: MutableList<String> ->
+
+            val solution = initAndRun(args)
+
+            Assertions.assertTrue(solution.individuals.size >= 1)
+            assertHasAtLeastOne(solution, HttpVerb.GET, 200, "/api/time", "A")
+            assertHasAtLeastOne(solution, HttpVerb.GET, 200, "/api/time", "B")
+            assertHasAtLeastOne(solution, HttpVerb.GET, 200, "/api/time", "C")
+            assertNone(solution, HttpVerb.GET, 200, "/api/time", "D")
+        }
+    }
+}

pom.xml

@@ -1041,6 +1041,14 @@
                 <version>${mockserver.client.version}</version>
                 <scope>test</scope>
             </dependency>
+
+            <dependency>
+                <!--  To deal with RFC3339 dateTime -->
+                <groupId>com.ethlo.time</groupId>
+                <artifactId>itu</artifactId>
+                <version>1.10.2</version>
+            </dependency>
+
         </dependencies>
     </dependencyManagement>