All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.openapi4j.parser.validation.v3.OAuthFlowValidator Maven / Gradle / Ivy

There is a newer version: 1.0.7
Show newest version
package org.openapi4j.parser.validation.v3;

import org.openapi4j.core.validation.ValidationResult;
import org.openapi4j.core.validation.ValidationResults;
import org.openapi4j.parser.model.v3.OAuthFlow;
import org.openapi4j.parser.model.v3.OpenApi3;
import org.openapi4j.parser.validation.ValidationContext;
import org.openapi4j.parser.validation.Validator;

import static org.openapi4j.core.validation.ValidationSeverity.ERROR;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.AUTHORIZATIONCODE;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.AUTHORIZATIONURL;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.CLIENTCREDENTIALS;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.EXTENSIONS;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.IMPLICIT;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.PASSWORD;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.REFRESHURL;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.SCOPES;
import static org.openapi4j.parser.validation.v3.OAI3Keywords.TOKENURL;

class OAuthFlowValidator extends Validator3Base {
  private static final ValidationResult AUTH_URL_NOT_ALLOWED = new ValidationResult(ERROR, 120, "'authorizationUrl' is not allowed when OAuth2 configuration is 'implicit' or 'authorizationCode'.");
  private static final ValidationResult TOKEN_URL_NOT_ALLOWED = new ValidationResult(ERROR, 121, "'tokenUrl' is not allowed when OAuth2 configuration is 'implicit'.");

  private static final Validator INSTANCE = new OAuthFlowValidator();

  private OAuthFlowValidator() {
  }

  public static Validator instance() {
    return INSTANCE;
  }

  @Override
  public void validate(ValidationContext context, OpenApi3 api, OAuthFlow oauthFlow, ValidationResults results) {
    String conf = oauthFlow.getConfiguration();

    if (IMPLICIT.equals(conf) || AUTHORIZATIONCODE.equals(conf)) {
      validateUrl(api, oauthFlow.getAuthorizationUrl(), results, true, true, AUTHORIZATIONURL);
    } else if (oauthFlow.getAuthorizationUrl() != null) {
      results.add(AUTHORIZATIONURL, AUTH_URL_NOT_ALLOWED);
    }

    if (PASSWORD.equals(conf) || CLIENTCREDENTIALS.equals(conf) || AUTHORIZATIONCODE.equals(conf)) {
      validateUrl(api, oauthFlow.getTokenUrl(), results, true, true, TOKENURL);
    } else if (oauthFlow.getTokenUrl() != null) {
      results.add(TOKENURL, TOKEN_URL_NOT_ALLOWED);
    }

    validateUrl(api, oauthFlow.getRefreshUrl(), results, false, true, REFRESHURL);
    validateMap(context, api, oauthFlow.getScopes(), results, true, SCOPES, Regexes.NOEXT_REGEX, null);
    validateMap(context, api, oauthFlow.getExtensions(), results, false, EXTENSIONS, Regexes.EXT_REGEX, null);
  }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy