When using an OAS3 spec with formdata, the validation logic looks
for the key 'formData' in the spec parameters list. This keys is
specific to OAS2, and will never be present, causing any form data to
throw an ExtraParameterProblem.
This allows to use optional authentication and provide different
responses to authenticated users via the same API-Endpoint.
Co-Authored-By: Jacob Floyd <cognifloyd@gmail.com>
* Support aiohttp handlers to return tuples
* Minor update from #828 review
* Factorize more code between Flask and AioHttp response
* Fix CI
* Drop six string types
* Standardize response logging
* Handle one-tuples that only contain data
* clean up a couple of type hint comments
* Add a few more get_response tests
* Adjust _prepare_body interface to simplify improving _serialize_data
Rename _jsonify_data to _serialize_data to make its purpose easier to
understand (this was also known as _cast_body in aiohttp_api).
In exploring how to harmonize json serialization between aiothttp and
flask, we needed to be able to adjust the mimetype from within
_serialize_data. Harmonizing the actual serialization has to wait until
backwards incompatible changes can be made, but we can keep the new
interface, as these functions were introduced in this PR (#849).
* Add deprecation warnings about implicit serialization
* Remove the unused "query_sanitazion" fixture
* Test whether no sanitization is performed in the request body
* Do not perform sanitization on request body keys in OpenAPI v3
The deserialized JSON form of the request body
needs to be passed to the client applications
* without further modification *
so that they can work directly with objects
that have been received over the network.
The only names for which sanitization makes sense
are the ones which are used as Python identifiers.
Keys of the top-level JSON object within the request payload
are never used by Connexion as Python identifiers.
Also, no such sanitization of keys within request body
is performed in OpenAPI v2.
Closes issue #835.
* Add swagger_ui_config option to configure the Swagger UI
There was no possibility to configure the Swagger UI. Through
this new option a config object can be passed to the UI via
a `swagger-ui-config.json` file.
* Add tests for swagger_ui_config option
* first implementation draft
* gitignore virtualenv
* use isinstance instead of type function
* fix tests
* remove unused function
* move object parsing to uri_parsing.py
* remove not needed import
* only test for OpenAPI
* remove not needed import
* make it work for other cases again
* flake8 fixes
* python2.7 fixes
* isort fix
* address code review comments
* remove for loop and address other comments
* remove not needed abstract function
* move array unnesting into uri_parsing
* make nested arrays possible
* style fixes
* style fixes
* test other data types
* comment and simplify function
* WIP: start additionalProperties test
* test additionalProperties
* remove uneccessary exception
* set default values
* set default values also in response
* flake8 fixes
* fix test
* use suggestions from dtkav's branch
* fix tests partially
* fix tests partially
* fix tests
* fix tests
* add comments for clarity
Fixes the build.
Changes proposed in this pull request:
- apply all of the isort changes that resulted from the latest version
- pin to the latest version (4.3.15) so this doesn't happen again, unless we bump the version on purpose
* Fix: #772. Serving yaml spec.
Serve yaml spec with a yaml prettifier. Uses a separate method for
doing the job and does not modify the openapi_json one.
- App and Api options must be provided through the "options" argument (``old_style_options`` have been removed).
- You must specify a form content-type in 'consumes' in order to consume form data.
- The `Operation` interface has been formalized in the `AbstractOperation` class.
- The `Operation` class has been renamed to `Swagger2Operation`.
- Array parameter deserialization now follows the Swagger 2.0 spec more closely.
In situations when a query parameter is passed multiple times, and the collectionFormat is either csv or pipes, the right-most value will be used.
For example, `?q=1,2,3&q=4,5,6` will result in `q = [4, 5, 6]`.
The old behavior is available by setting the collectionFormat to `multi`, or by importing `decorators.uri_parsing.AlwaysMultiURIParser` and passing `parser_class=AlwaysMultiURIParser` to your Api.
- The spec validator library has changed from `swagger-spec-validator` to `openapi-spec-validator`.
- Errors that previously raised `SwaggerValidationError` now raise the `InvalidSpecification` exception.
All spec validation errors should be wrapped with `InvalidSpecification`.
- Support for nullable/x-nullable, readOnly and writeOnly/x-writeOnly has been added to the standard json schema validator.
- Custom validators can now be specified on api level (instead of app level).
- Added support for basic authentication and apikey authentication
- If unsupported security requirements are defined or ``x-tokenInfoFunc``/``x-tokenInfoUrl`` is missing, connexion now denies requests instead of allowing access without security-check.
- Accessing ``connexion.request.user`` / ``flask.request.user`` is no longer supported, use ``connexion.context['user']`` instead
Fixes#628 .
- Added a test for this bug.
- Fixed it by checking for non-empty HTTP POST payload by considering request.body, request.form and request.files (only request.body was checked)
removed the validate_defaults method from Operation because the new swagger_spec_validation version do this validation
added tests for AbstractApi._handle_add_operation_error
- array logic refactored into one place.
- validation.py and parameter.py no longer try to join the array, and the split it again.
- validation of defaults now works, because the validator is given the correct type.
- some additional classes that change the behavior of deduplicating query parameters that are defined multiple times
- **AlwaysMultiURIParser** that is backwards compatible, warts and all (used by default)
- **Swagger2URIParser** that adheres to the spec's definition of `collectionFormat: multi` and uses the last-defined query parameter value (ex. `query?a=1&a=2` => `a = 2`)
- **FirstValueURIParser** that behaves like Swagger2URIParser, except that the first-defined value is used (ex. `query?a=1&a=2` => `a=1`)
* Allow http.HTTPStatus enums as response status codes.
Python 3.5 introduced a new enumeration "http.HTTPStatus" for
representing HTTP response status codes. The default response validation
introduced in connexion 1.1.12 highlighted the fact that connexion does
not natively support this type and was previously silently ignoring
non-integer status code representations.
This modifies the response validation code to extract the value when
given an enum instead of an int. Somewhat hacky test code is added to
check for enum support on python versions that include
"http.HTTPStatus".
* [master]: Restructure tests from PR comments.
* [master]: Revert to exception based version checking.
This reverts to exception based python version checking for both tests,
due to the suggested unittest skipping alternative not being supported
in all python versions.
"unittest.case.SkipTest: Not supported in this version" is the error
reported.
* [master]: Move enum handling deeper into the stack.
* [master]: Respond to yet more PR comments.
* Preserving the multiplicity of array type query parameters
* Resolved failing tests, and refactored code block into a method
* Added tests for multi array
* Refactored parameter.py and updated tests in test_parameters.py
* Order classes by relevance in module
* Order definitions by relevance within module
* Swagger UI options extracted
* New style options
* Use new-style options
* Reuse code
* Sort imports
* Ignore typing imports
* Warn users about parameter name change
* Add back isort check
* Fix isort check
* Example with Flask support
* Only show import error when trying to use Flask
* Re-organize imports
* Move flask_utils next to related module
* Code style
* Change back to incentivizes
* Includes Flask by default
* Project clean up
* Update Rafael Caricio's e-mail address
* Fix conflicts
* Fix returning Response objects in tuple with status code and/or headers
* Use flasks code for dealing with tuples instead of my own
* Unit tests for returning flask reponse in tuple
* fix test, should be a dict, not a set
* Properly sort imports
removed test_decorators and test_parameter (this test is useless now);
removed the request/response containers and add new request response classes;
created a abstract api class and a api flask class;
derived classes will implements the get_response/get_request methods that will convert framework req/resp types to connexion req/resp types;
moved the jsonifier from produces to flask api;
created a abstract app class and a app flask class;
changed all validators to use the ConnexionRequest instead flask request;
changed the problem function to generate a ConnexionRequest;
created a new user variables container called context (this is a property of ConnexionRequest). this will be passed as kwargs to all operations functions;
this context is used on authentication;
fixed all tests to new API;
some changes that I did may not be documented in this commit.
