From d2983e3bdd4af4d05060d7d1cb43343079d811b3 Mon Sep 17 00:00:00 2001 From: Pavel Bodiachevskii Date: Sun, 25 Feb 2024 17:33:48 +0400 Subject: [PATCH] test(2.6.0): check correctness of realisation by reading AsyncAPI example - Operation Security Example https://github.com/asyncapi/jasyncapi/issues/165 --- .../examples/v2/_6_0/OperationSecurity.kt | 202 ++++++++++++++++++ .../examples/v2.6.0/operation-security.yml | 99 +++++++++ 2 files changed, 301 insertions(+) create mode 100644 asyncapi-core/src/test/kotlin/com/asyncapi/examples/v2/_6_0/OperationSecurity.kt create mode 100644 asyncapi-core/src/test/resources/examples/v2.6.0/operation-security.yml diff --git a/asyncapi-core/src/test/kotlin/com/asyncapi/examples/v2/_6_0/OperationSecurity.kt b/asyncapi-core/src/test/kotlin/com/asyncapi/examples/v2/_6_0/OperationSecurity.kt new file mode 100644 index 00000000..0b893a60 --- /dev/null +++ b/asyncapi-core/src/test/kotlin/com/asyncapi/examples/v2/_6_0/OperationSecurity.kt @@ -0,0 +1,202 @@ +package com.asyncapi.examples.v2._6_0 + +import com.asyncapi.v2.Reference +import com.asyncapi.v2._6_0.model.channel.ChannelItem +import com.asyncapi.v2._6_0.model.channel.message.Message +import com.asyncapi.v2._6_0.model.channel.operation.Operation +import com.asyncapi.v2._6_0.model.component.Components +import com.asyncapi.v2._6_0.model.info.Info +import com.asyncapi.v2.binding.operation.http.HTTPOperationBinding +import com.asyncapi.v2.binding.operation.http.HTTPOperationMethod +import com.asyncapi.v2.binding.operation.http.HTTPOperationType +import com.asyncapi.v2.schema.Schema +import com.asyncapi.v2.security_scheme.oauth2.OAuthFlows +import com.asyncapi.v2.security_scheme.oauth2.OAuth2SecurityScheme +import com.asyncapi.v2.security_scheme.oauth2.flow.ClientCredentialsOAuthFlow + +class OperationSecurity: AbstractExampleValidationTest() { + + override fun specificationLocation(): String = "/examples/v2.6.0/operation-security.yml" + + override fun expectedInfo(): Info { + return Info.builder() + .title("Notifications") + .version("1.0.0") + .description("This contract defines HTTP Push notification for application authorization revocation topic" + ) + .build() + } + + override fun expectedServers(): Map? = null + + override fun expectedChannels(): Map { + return mapOf( + Pair("AUTHORIZATION_REVOCATION", ChannelItem.builder() + .subscribe(Operation.builder() + .message(Reference("#/components/messages/message")) + .bindings(mapOf( + Pair("http", HTTPOperationBinding.builder() + .type(HTTPOperationType.REQUEST) + .method(HTTPOperationMethod.POST) + .build()) + )) + .security(listOf( + mapOf( + Pair("petstore_auth", listOf("subscribe:auth_revocations")) + ) + )) + .build() + ) + .build() + ) + ) + } + + override fun expectedComponents(): Components? { + return Components.builder() + .messages(mapOf( + Pair("message", Message.builder() + .headers(Schema.builder() + .type("object") + .properties(mapOf( + Pair("X-SIGNATURE", Schema.builder() + .type("string") + .description("ECC message signature") + .build() + ) + )) + .build() + ) + .payload(Schema.builder() + .type("object") + .properties(mapOf( + Pair("metadata", Schema.builder() + .ref("#/components/schemas/MetaData") + .build() + ), + Pair("notification", Schema.builder() + .ref("#/components/schemas/Notification") + .build() + ) + )) + .build() + ) + .build() + ) + )) + .schemas(mapOf( + Pair("MetaData", Schema.builder() + .type("object") + .properties(mapOf( + Pair("topic", Schema.builder() + .type("string") + .description("Topic subscribed to.") + .build() + ), + Pair("schemaVersion", Schema.builder() + .type("string") + .description("The schema for this topic.") + .build() + ), + Pair("deprecated", Schema.builder() + .type("boolean") + .description("If this is a deprecated schema or topic.") + .defaultValue("false") + .build() + ) + )) + .build() + ), + Pair("Notification", Schema.builder() + .type("object") + .properties(mapOf( + Pair("notificationId", Schema.builder() + .type("string") + .description("The notification Id.") + .build() + ), + Pair("eventDate", Schema.builder() + .type("string") + .description("The event date associated with this notification in UTC.") + .build() + ), + Pair("publishDate", Schema.builder() + .type("string") + .description("The message publish date in UTC.") + .build() + ), + Pair("publishAttemptCount", Schema.builder() + .type("integer") + .description("The number of attempts made to publish this message.") + .build() + ), + Pair("publishAttemptCount", Schema.builder() + .type("integer") + .description("The number of attempts made to publish this message.") + .build() + ), + Pair("data", Schema.builder() + .ref("#/components/schemas/AuthorizationRevocationData") + .build() + ) + )) + .build() + ), + Pair("AuthorizationRevocationData", Schema.builder() + .type("object") + .description("The Authorization Revocation payload.") + .properties(mapOf( + Pair("username", Schema.builder() + .type("string") + .description("The username for the user.") + .build() + ), + Pair("userId", Schema.builder() + .type("string") + .description("The immutable public userId for the user") + .build() + ), + Pair("eiasToken", Schema.builder() + .type("string") + .description("The legacy eiasToken specific to the user") + .build() + ), + Pair("revokeReason", Schema.builder() + .type("string") + .enumValue(listOf( + "REVOKED_BY_APP", + "REVOKED_BY_USER", + "REVOKED_BY_ADMIN", + "PASSWORD_CHANGE" + )) + .description("The reason for authorization revocation") + .build() + ), + Pair("revocationDate", Schema.builder() + .type("string") + .description("Date and time when the authorization was revoked") + .build() + ) + )) + .build() + ), + )) + .securitySchemes(mapOf( + Pair("petstore_auth", OAuth2SecurityScheme( + "The oauth security descriptions", + OAuthFlows( + null, + null, + ClientCredentialsOAuthFlow( + "", + mapOf(Pair("subscribe:auth_revocations", "Scope required for authorization revocation topic")), + "https://example.com/api/oauth/dialog" + ), + null + ), + )) + )) + .build() + } + +} \ No newline at end of file diff --git a/asyncapi-core/src/test/resources/examples/v2.6.0/operation-security.yml b/asyncapi-core/src/test/resources/examples/v2.6.0/operation-security.yml new file mode 100644 index 00000000..fed5e202 --- /dev/null +++ b/asyncapi-core/src/test/resources/examples/v2.6.0/operation-security.yml @@ -0,0 +1,99 @@ +asyncapi: 2.6.0 +info: + title: Notifications + version: 1.0.0 + description: >- + This contract defines HTTP Push notification for + application authorization revocation topic +channels: + AUTHORIZATION_REVOCATION: + subscribe: + message: + $ref: '#/components/messages/message' + bindings: + http: + type: request + method: POST + security: + - petstore_auth: + - subscribe:auth_revocations +components: + messages: + message: + headers: + type: object + properties: + X-SIGNATURE: + description: ECC message signature + type: string + payload: + type: object + properties: + metadata: + $ref: '#/components/schemas/MetaData' + notification: + $ref: '#/components/schemas/Notification' + schemas: + MetaData: + type: object + properties: + topic: + type: string + description: Topic subscribed to. + schemaVersion: + type: string + description: The schema for this topic. + deprecated: + type: boolean + description: If this is a deprecated schema or topic. + default: 'false' + Notification: + type: object + properties: + notificationId: + type: string + description: The notification Id. + eventDate: + type: string + description: The event date associated with this notification in UTC. + publishDate: + type: string + description: The message publish date in UTC. + publishAttemptCount: + type: integer + description: The number of attempts made to publish this message. + data: + $ref: '#/components/schemas/AuthorizationRevocationData' + AuthorizationRevocationData: + type: object + description: The Authorization Revocation payload. + properties: + username: + type: string + description: The username for the user. + userId: + type: string + description: The immutable public userId for the user + eiasToken: + type: string + description: The legacy eiasToken specific to the user + revokeReason: + type: string + enum: + - REVOKED_BY_APP + - REVOKED_BY_USER + - REVOKED_BY_ADMIN + - PASSWORD_CHANGE + description: The reason for authorization revocation + revocationDate: + type: string + description: Date and time when the authorization was revoked + securitySchemes: + petstore_auth: + type: oauth2 + description: The oauth security descriptions + flows: + clientCredentials: + tokenUrl: 'https://example.com/api/oauth/dialog' + scopes: + subscribe:auth_revocations: Scope required for authorization revocation topic \ No newline at end of file