diff --git a/packages/oas/src/converter/DefaultConverter.ts b/packages/oas/src/converter/DefaultConverter.ts index 837e9c61..182726e1 100644 --- a/packages/oas/src/converter/DefaultConverter.ts +++ b/packages/oas/src/converter/DefaultConverter.ts @@ -19,6 +19,17 @@ import type { import pointer from 'json-pointer'; export class DefaultConverter implements Converter { + private readonly ALLOWED_METHODS: readonly string[] = [ + 'GET', + 'PUT', + 'POST', + 'DELETE', + 'OPTIONS', + 'HEAD', + 'PATCH', + 'TRACE' + ]; + private spec: OpenAPI.Document; private securityRequirements?: SecurityRequirementsParser; private readonly refParser = new $RefParser(); @@ -39,9 +50,8 @@ export class DefaultConverter implements Converter { return Object.entries(this.spec.paths).flatMap( ([path, pathMethods]: [string, PathItemObject]) => Object.keys(pathMethods) - .filter( - (method: string) => - !method.toLowerCase().startsWith('x-swagger-router-controller') + .filter((method: string) => + this.ALLOWED_METHODS.includes(method.toUpperCase()) ) .map((method) => this.createHarEntry(path, method)) ); diff --git a/packages/oas/tests/DefaultConverter.spec.ts b/packages/oas/tests/DefaultConverter.spec.ts index b0fed690..cc5bd5fd 100644 --- a/packages/oas/tests/DefaultConverter.spec.ts +++ b/packages/oas/tests/DefaultConverter.spec.ts @@ -384,5 +384,19 @@ describe('DefaultConverter', () => { expect(result).toStrictEqual(expectedDoc); } ); + + it('should ignore properties other than http method', async () => { + // arrange + const { inputDoc, expectedDoc } = await createFixture({ + inputFile: `./fixtures/path-item.ignore-non-http-method-properties.oas.yaml`, + expectedFile: `./fixtures/path-item.ignore-non-http-method-properties.oas.result.json` + }); + + // act + const result: Request[] = await oas2har(inputDoc as any); + + // assert + expect(result).toStrictEqual(expectedDoc); + }); }); }); diff --git a/packages/oas/tests/fixtures/path-item.ignore-non-http-method-properties.oas.result.json b/packages/oas/tests/fixtures/path-item.ignore-non-http-method-properties.oas.result.json new file mode 100644 index 00000000..df58d652 --- /dev/null +++ b/packages/oas/tests/fixtures/path-item.ignore-non-http-method-properties.oas.result.json @@ -0,0 +1,25 @@ +[ + { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/json" + }, + { + "name": "accept", + "value": "application/json" + } + ], + "headersSize": 0, + "httpVersion": "HTTP/1.1", + "method": "POST", + "postData": { + "mimeType": "application/json", + "text": "{\"email\":\"Cristobal.Weissnat@example.com\",\"name\":\"Cristobal.Weissnat\",\"number\":\"6915656974\",\"password\":\"5hmb0gvyC__hVQg\"}" + }, + "queryString": [], + "url": "http://localhost:8888/identity/api/auth/signup" + } +] diff --git a/packages/oas/tests/fixtures/path-item.ignore-non-http-method-properties.oas.yaml b/packages/oas/tests/fixtures/path-item.ignore-non-http-method-properties.oas.yaml new file mode 100644 index 00000000..468af77d --- /dev/null +++ b/packages/oas/tests/fixtures/path-item.ignore-non-http-method-properties.oas.yaml @@ -0,0 +1,59 @@ +openapi: 3.0.1 +info: + title: OWASP crAPI API + version: 1-oas3 +externalDocs: + description: Completely Ridiculous API (crAPI) + url: https://github.com/OWASP/crAPI +servers: + - url: http://localhost:8888 +paths: + /identity/api/auth/signup: + post: + operationId: signup + summary: Sign up + description: Used to create an account + tags: + - Identity / Auth + security: [] + requestBody: + content: + application/json: + schema: + type: object + required: + - email + - name + - number + - password + properties: + email: + type: string + example: Cristobal.Weissnat@example.com + name: + type: string + example: Cristobal.Weissnat + number: + type: string + example: '6915656974' + password: + type: string + example: 5hmb0gvyC__hVQg + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CRAPIResponse' + description: '' + parameters: [] +components: + schemas: + CRAPIResponse: + type: object + properties: + message: + type: string + status: + type: integer + format: int32