fix(oas3): warn for unsupported 3.1 security scheme mutalTLS

kylef · kylef · commit 00d9daf41971 · 2021-02-22T09:48:19.000Z
diff --git a/packages/openapi3-parser/lib/parser/oas/parseSecuritySchemeObject.js b/packages/openapi3-parser/lib/parser/oas/parseSecuritySchemeObject.js
@@ -115,7 +115,15 @@ function parseSecuritySchemeObject(context, object) {
     createWarning(namespace, `'${name}' 'type' must be either 'apiKey', 'http', 'oauth2' or 'openIdConnect'`),
     getValue
   );
-  const validateType = R.unless(isValidTypeValue, createInvalidTypeWarning);
+
+  const isMutalTLSOnOpenAPI31 = R.both(
+    hasValue('mutalTLS'),
+    () => context.isOpenAPIVersionMoreThanOrEqual(3, 1)
+  );
+  const validateType = R.unless(
+    R.either(isValidTypeValue, isMutalTLSOnOpenAPI31),
+    createInvalidTypeWarning
+  );
 
   const createUnsupportedTypeWarning = member => createWarning(namespace,
     `'${name}' 'type' '${member.value.toValue()}' is unsupported`, member.value);
diff --git a/packages/openapi3-parser/test/unit/parser/oas/parseSecuritySchemeObject-test.js b/packages/openapi3-parser/test/unit/parser/oas/parseSecuritySchemeObject-test.js
@@ -53,6 +53,29 @@ describe('Security Scheme Object', () => {
       expect(parseResult.length).to.equal(1);
       expect(parseResult).to.contain.warning("'Security Scheme Object' 'type' 'openIdConnect' is unsupported");
     });
+
+    it('provides an unsupported warning for mutalTLS type in OpenAPI >= 3.1', () => {
+      context.openapiVersion = { major: 3, minor: 1 };
+      const securityScheme = new namespace.elements.Object({
+        type: 'mutalTLS',
+      });
+
+      const parseResult = parse(context, securityScheme);
+
+      expect(parseResult.length).to.equal(1);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'type' 'mutalTLS' is unsupported");
+    });
+
+    it('provides an invalid warning for mutalTLS type in OpenAPI 3.0', () => {
+      const securityScheme = new namespace.elements.Object({
+        type: 'mutalTLS',
+      });
+
+      const parseResult = parse(context, securityScheme);
+
+      expect(parseResult.length).to.equal(1);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'type' must be either 'apiKey', 'http', 'oauth2' or 'openIdConnect'");
+    });
   });
 
   describe('#name', () => {
