mirror of
https://github.com/LukeHagar/libopenapi.git
synced 2025-12-09 12:37:49 +00:00
3bc0a3a577
Added hashing functions to all v2 and v3 models that handle security, thats the next target.
77 lines
2.3 KiB
Go
77 lines
2.3 KiB
Go
// Copyright 2022 Princess B33f Heavy Industries / Dave Shanley
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package v2
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"fmt"
|
|
"github.com/pb33f/libopenapi/datamodel/low"
|
|
"github.com/pb33f/libopenapi/index"
|
|
"gopkg.in/yaml.v3"
|
|
"strings"
|
|
)
|
|
|
|
// SecurityScheme is a low-level representation of a Swagger / OpenAPI 2 SecurityScheme object.
|
|
//
|
|
// SecurityScheme allows the definition of a security scheme that can be used by the operations. Supported schemes are
|
|
// basic authentication, an API key (either as a header or as a query parameter) and OAuth2's common flows
|
|
// (implicit, password, application and access code)
|
|
// - https://swagger.io/specification/v2/#securityDefinitionsObject
|
|
type SecurityScheme struct {
|
|
Type low.NodeReference[string]
|
|
Description low.NodeReference[string]
|
|
Name low.NodeReference[string]
|
|
In low.NodeReference[string]
|
|
Flow low.NodeReference[string]
|
|
AuthorizationUrl low.NodeReference[string]
|
|
TokenUrl low.NodeReference[string]
|
|
Scopes low.NodeReference[*Scopes]
|
|
Extensions map[low.KeyReference[string]]low.ValueReference[any]
|
|
}
|
|
|
|
// Build will extract extensions and scopes from the node.
|
|
func (ss *SecurityScheme) Build(root *yaml.Node, idx *index.SpecIndex) error {
|
|
ss.Extensions = low.ExtractExtensions(root)
|
|
|
|
scopes, sErr := low.ExtractObject[*Scopes](ScopesLabel, root, idx)
|
|
if sErr != nil {
|
|
return sErr
|
|
}
|
|
ss.Scopes = scopes
|
|
return nil
|
|
}
|
|
|
|
// Hash will return a consistent SHA256 Hash of the SecurityScheme object
|
|
func (ss *SecurityScheme) Hash() [32]byte {
|
|
var f []string
|
|
if !ss.Type.IsEmpty() {
|
|
f = append(f, ss.Type.Value)
|
|
}
|
|
if !ss.Description.IsEmpty() {
|
|
f = append(f, ss.Description.Value)
|
|
}
|
|
if !ss.Name.IsEmpty() {
|
|
f = append(f, ss.Name.Value)
|
|
}
|
|
if !ss.In.IsEmpty() {
|
|
f = append(f, ss.In.Value)
|
|
}
|
|
if !ss.Flow.IsEmpty() {
|
|
f = append(f, ss.Flow.Value)
|
|
}
|
|
if !ss.AuthorizationUrl.IsEmpty() {
|
|
f = append(f, ss.AuthorizationUrl.Value)
|
|
}
|
|
if !ss.TokenUrl.IsEmpty() {
|
|
f = append(f, ss.TokenUrl.Value)
|
|
}
|
|
if !ss.Scopes.IsEmpty() {
|
|
f = append(f, low.GenerateHashString(ss.Scopes.Value))
|
|
}
|
|
for k := range ss.Extensions {
|
|
f = append(f, fmt.Sprintf("%s-%v", k.Value, ss.Extensions[k].Value))
|
|
}
|
|
return sha256.Sum256([]byte(strings.Join(f, "|")))
|
|
}
|