-
-
Notifications
You must be signed in to change notification settings - Fork 242
/
Copy pathoasOpSecurityDefined.ts
112 lines (92 loc) · 2.67 KB
/
oasOpSecurityDefined.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
import type { JsonPath } from '@stoplight/types';
import { createRulesetFunction, IFunctionResult } from '@stoplight/spectral-core';
import { getAllOperations } from './utils/getAllOperations';
import { isObject } from './utils/isObject';
function _get(value: unknown, path: JsonPath): unknown {
for (const segment of path) {
if (!isObject(value)) {
break;
}
value = value[segment];
}
return value;
}
type Options = {
schemesPath: JsonPath;
};
export default createRulesetFunction<{ paths: Record<string, unknown>; security: unknown[] }, Options>(
{
input: {
type: 'object',
properties: {
paths: {
type: 'object',
},
security: {
type: 'array',
},
},
},
options: {
type: 'object',
properties: {
schemesPath: {
type: 'array',
items: {
type: ['string', 'number'],
},
},
},
},
},
function oasOpSecurityDefined(targetVal, { schemesPath }) {
const { paths } = targetVal;
const results: IFunctionResult[] = [];
const schemes = _get(targetVal, schemesPath);
const allDefs = isObject(schemes) ? Object.keys(schemes) : [];
// Check global security requirements
{
const { security } = targetVal;
if (Array.isArray(security)) {
for (const [index, value] of security.entries()) {
if (!isObject(value)) {
continue;
}
const securityKeys = Object.keys(value);
for (const securityKey of securityKeys) {
if (!allDefs.includes(securityKey)) {
results.push({
message: `API "security" values must match a scheme defined in the "${schemesPath.join('.')}" object.`,
path: ['security', index, securityKey],
});
}
}
}
}
}
for (const { path, operation, value } of getAllOperations(paths)) {
if (!isObject(value)) continue;
const { security } = value;
if (!Array.isArray(security)) {
continue;
}
for (const [index, value] of security.entries()) {
if (!isObject(value)) {
continue;
}
const securityKeys = Object.keys(value);
for (const securityKey of securityKeys) {
if (!allDefs.includes(securityKey)) {
results.push({
message: `Operation "security" values must match a scheme defined in the "${schemesPath.join(
'.',
)}" object.`,
path: ['paths', path, operation, 'security', index, securityKey],
});
}
}
}
}
return results;
},
);