Co-authored-by: Jacob Floyd <cognifloyd@gmail.com>
Fixes#868
Allow to use coroutines with Aiohttp in security handlers.
- Move all function from connexion.operations.security to a class in connexion.security.SecurityHandlerFactory
- Specialize this class for AioHttp and Flask, and instantiate them in dedicated APIs
- AioHttp specialization now support coroutines
- pass_context_arg_name option is supported for security handlers
* Support aiohttp handlers to return tuples
* Minor update from #828 review
* Factorize more code between Flask and AioHttp response
* Fix CI
* Drop six string types
* Standardize response logging
* Handle one-tuples that only contain data
* clean up a couple of type hint comments
* Add a few more get_response tests
* Adjust _prepare_body interface to simplify improving _serialize_data
Rename _jsonify_data to _serialize_data to make its purpose easier to
understand (this was also known as _cast_body in aiohttp_api).
In exploring how to harmonize json serialization between aiothttp and
flask, we needed to be able to adjust the mimetype from within
_serialize_data. Harmonizing the actual serialization has to wait until
backwards incompatible changes can be made, but we can keep the new
interface, as these functions were introduced in this PR (#849).
* Add deprecation warnings about implicit serialization
* Remove the unused "query_sanitazion" fixture
* Test whether no sanitization is performed in the request body
* Do not perform sanitization on request body keys in OpenAPI v3
The deserialized JSON form of the request body
needs to be passed to the client applications
* without further modification *
so that they can work directly with objects
that have been received over the network.
The only names for which sanitization makes sense
are the ones which are used as Python identifiers.
Keys of the top-level JSON object within the request payload
are never used by Connexion as Python identifiers.
Also, no such sanitization of keys within request body
is performed in OpenAPI v2.
Closes issue #835.
* first implementation draft
* gitignore virtualenv
* use isinstance instead of type function
* fix tests
* remove unused function
* move object parsing to uri_parsing.py
* remove not needed import
* only test for OpenAPI
* remove not needed import
* make it work for other cases again
* flake8 fixes
* python2.7 fixes
* isort fix
* address code review comments
* remove for loop and address other comments
* remove not needed abstract function
* move array unnesting into uri_parsing
* make nested arrays possible
* style fixes
* style fixes
* test other data types
* comment and simplify function
* WIP: start additionalProperties test
* test additionalProperties
* remove uneccessary exception
* set default values
* set default values also in response
* flake8 fixes
* fix test
* use suggestions from dtkav's branch
* fix tests partially
* fix tests partially
* fix tests
* fix tests
* add comments for clarity
Fixes the build.
Changes proposed in this pull request:
- apply all of the isort changes that resulted from the latest version
- pin to the latest version (4.3.15) so this doesn't happen again, unless we bump the version on purpose
- App and Api options must be provided through the "options" argument (``old_style_options`` have been removed).
- You must specify a form content-type in 'consumes' in order to consume form data.
- The `Operation` interface has been formalized in the `AbstractOperation` class.
- The `Operation` class has been renamed to `Swagger2Operation`.
- Array parameter deserialization now follows the Swagger 2.0 spec more closely.
In situations when a query parameter is passed multiple times, and the collectionFormat is either csv or pipes, the right-most value will be used.
For example, `?q=1,2,3&q=4,5,6` will result in `q = [4, 5, 6]`.
The old behavior is available by setting the collectionFormat to `multi`, or by importing `decorators.uri_parsing.AlwaysMultiURIParser` and passing `parser_class=AlwaysMultiURIParser` to your Api.
- The spec validator library has changed from `swagger-spec-validator` to `openapi-spec-validator`.
- Errors that previously raised `SwaggerValidationError` now raise the `InvalidSpecification` exception.
All spec validation errors should be wrapped with `InvalidSpecification`.
- Support for nullable/x-nullable, readOnly and writeOnly/x-writeOnly has been added to the standard json schema validator.
- Custom validators can now be specified on api level (instead of app level).
- Added support for basic authentication and apikey authentication
- If unsupported security requirements are defined or ``x-tokenInfoFunc``/``x-tokenInfoUrl`` is missing, connexion now denies requests instead of allowing access without security-check.
- Accessing ``connexion.request.user`` / ``flask.request.user`` is no longer supported, use ``connexion.context['user']`` instead
- Added the AioHttpApi and AioHttpApp on connexion __init__;
- Created an abstract method on AbstractApi to cast the framework response to connexion response;
- Implemented the get_connexion_response on FlaskApi;
- Changed the CLI to use any kind of App class;
- Changed the ResponseValidator to always convert the response to a connexion response;
- Changed the ResponseValidator to support coroutine responses;
- Added the aiohttp as optional dependency;
- Added ujson as optional dependency;
- Skipped the aiohttp tests run on python 2.7;
- Changed the tests configs to run aiohttp tests properly on python 3.4+.
* FIX a typo causing an ERROR log
A small bug was introduced in #500 when sanitizing the request query
parameters. Instead of fetching the arguments from `request.query`,
the parameters were sanitized from the `request.form`. This causes an
error log to be printed, as the parameters are not expected for the
query (for example in the case of a POST request).
Fixes#504
* adds a fixture for testing query param sanitazion
Adds a simple fixture to test form and query parameter sanitazion. This
is mostly related to #522, in which the `formData` parameters were
treated as query parameters.
* add a test to validate form data params
* introduce testfixtures library
* Order classes by relevance in module
* Order definitions by relevance within module
* Swagger UI options extracted
* New style options
* Use new-style options
* Reuse code
* Sort imports
* Ignore typing imports
* Warn users about parameter name change
* Add back isort check
* Fix isort check
* Example with Flask support
* Only show import error when trying to use Flask
* Re-organize imports
* Move flask_utils next to related module
* Code style
* Change back to incentivizes
* Includes Flask by default
* Project clean up
* Update Rafael Caricio's e-mail address
* Fix conflicts
removed test_decorators and test_parameter (this test is useless now);
removed the request/response containers and add new request response classes;
created a abstract api class and a api flask class;
derived classes will implements the get_response/get_request methods that will convert framework req/resp types to connexion req/resp types;
moved the jsonifier from produces to flask api;
created a abstract app class and a app flask class;
changed all validators to use the ConnexionRequest instead flask request;
changed the problem function to generate a ConnexionRequest;
created a new user variables container called context (this is a property of ConnexionRequest). this will be passed as kwargs to all operations functions;
this context is used on authentication;
fixed all tests to new API;
some changes that I did may not be documented in this commit.
