fix(oas3): apply suggestions from code review

Co-Authored-By: Kyle Fuller <kyle@fuller.li>

Author: pksunkara

packages/fury-adapter-oas3-parser/STATUS.md

@@ -72,7 +72,7 @@ Key:
 | responses | [~](#responses-object) |
 | callbacks | [✕](https://github.com/apiaryio/api-elements.js/issues/74) |
 | deprecated | ✕ |
-| security | ✓ |
+| security |  [✕](https://github.com/apiaryio/api-elements.js/issues/329)  |
 | servers | [✕](https://github.com/apiaryio/api-elements.js/issues/76) |
 
 ## Parameter Object

packages/fury-adapter-oas3-parser/lib/parser/oas/parseOpenAPIObject.js

@@ -130,7 +130,7 @@ function parseOASObject(context, object) {
       if (components) {
         const schemes = R.or(components.get('securitySchemes'), new namespace.elements.Array());
 
-        if (schemes.length > 0) {
+        if (!schemes.isEmpty) {
           api.push(new namespace.elements.Category(
             schemes.content, { classes: ['authSchemes'] }
           ));

packages/fury-adapter-oas3-parser/lib/parser/oas/parseOperationObject.js

@@ -112,8 +112,12 @@ function parseOperationObject(context, path, member) {
         return requirement.get(0);
       }
 
-      const allOf = new namespace.elements.Array(requirement.content);
-      allOf.element = 'allOf';
+      const link = new namespace.elements.Link();
+      link.relation = 'profile';
+      link.href = 'https://github.com/refractproject/rfcs/issues/39';
+
+      const allOf = new namespace.elements.Extension(requirement.content);
+      allOf.meta.set('links', new namespace.elements.Array([link]));
 
       return allOf;
     }));

packages/fury-adapter-oas3-parser/lib/parser/oas/parseSecuritySchemeObject.js

@@ -16,7 +16,8 @@ const name = 'Security Scheme Object';
 const requiredKeys = ['type'];
 const unsupportedKeys = ['bearerFormat', 'openIdConnectUrl'];
 const isUnsupportedKey = R.anyPass(R.map(hasKey, unsupportedKeys));
-const passThrough = R.anyPass(R.map(hasKey, ['name', 'in', 'scheme', 'flows']));
+const outerPassThrough = R.anyPass(R.map(hasKey, ['name', 'in', 'scheme', 'flows']));
+const innerPassThrough = R.anyPass(R.map(hasKey, ['type', 'description']));
 
 const isApiKeyScheme = securityScheme => securityScheme.getValue('type') === 'apiKey';
 const isHttpScheme = securityScheme => securityScheme.getValue('type') === 'http';
@@ -43,27 +44,43 @@ function validateApiKeyScheme(context, securityScheme) {
     [hasKey('name'), parseString(context, name, false)],
     [hasKey('in'), parseIn],
 
-    [R.T, e => e],
+    [innerPassThrough, e => e],
+    [isUnsupportedKey, e => e],
+    [isExtension, e => e],
+
+    [R.T, createInvalidMemberWarning(namespace, `${name}' 'apiKey`)],
   ]);
 
   return parseObject(context, name, parseMember, ['name', 'in'], [], true)(securityScheme);
 }
 
 function validateHttpScheme(context, securityScheme) {
+  const { namespace } = context;
+
   const parseMember = R.cond([
     [hasKey('scheme'), parseString(context, name, false)],
 
-    [R.T, e => e],
+    [innerPassThrough, e => e],
+    [isUnsupportedKey, e => e],
+    [isExtension, e => e],
+
+    [R.T, createInvalidMemberWarning(namespace, `${name}' 'http`)],
   ]);
 
   return parseObject(context, name, parseMember, ['scheme'], [], true)(securityScheme);
 }
 
 function validateOauth2Scheme(context, securityScheme) {
+  const { namespace } = context;
+
   const parseMember = R.cond([
     [hasKey('flows'), R.compose(parseOauthFlowsObject(context), getValue)],
 
-    [R.T, e => e],
+    [innerPassThrough, e => e],
+    [isUnsupportedKey, e => e],
+    [isExtension, e => e],
+
+    [R.T, createInvalidMemberWarning(namespace, `${name}' 'oauth2`)],
   ]);
 
   return parseObject(context, name, parseMember, ['flows'], [], true)(securityScheme);
@@ -100,7 +117,7 @@ function parseSecuritySchemeObject(context, object) {
   const parseMember = R.cond([
     [hasKey('type'), parseType],
     [hasKey('description'), parseString(context, name, false)],
-    [passThrough, e => e],
+    [outerPassThrough, e => e],
 
     [isUnsupportedKey, createUnsupportedMemberWarning(namespace, name)],
 
@@ -129,7 +146,7 @@ function parseSecuritySchemeObject(context, object) {
         if (description) {
           flows.forEach((flow) => {
             // eslint-disable-next-line no-param-reassign
-            flow.description = description;
+            flow.description = description.clone();
           });
         }
 

packages/fury-adapter-oas3-parser/test/unit/parser/oas/parseOperationObject-test.js

@@ -574,13 +574,13 @@ describe('Operation Object', () => {
       expect(authSchemes.length).to.equal(2);
       expect(authSchemes.get(0)).to.be.instanceof(namespace.elements.AuthScheme);
       expect(authSchemes.get(0).element).to.equal('apiKey');
-      expect(authSchemes.get(1)).to.be.instanceof(namespace.elements.Array);
-      expect(authSchemes.get(1).element).to.equal('allOf');
-      expect(authSchemes.get(1).length).to.equal(2);
-      expect(authSchemes.get(1).get(0)).to.be.instanceof(namespace.elements.AuthScheme);
-      expect(authSchemes.get(1).get(0).element).to.equal('custom1');
-      expect(authSchemes.get(1).get(1)).to.be.instanceof(namespace.elements.AuthScheme);
-      expect(authSchemes.get(1).get(1).element).to.equal('custom2');
+      expect(authSchemes.get(1)).to.be.instanceof(namespace.elements.Extension);
+      expect(authSchemes.get(1).content.length).to.equal(2);
+      // TODO: Remove content[n] and use get(n) when moved to allOf element
+      expect(authSchemes.get(1).content[0]).to.be.instanceof(namespace.elements.AuthScheme);
+      expect(authSchemes.get(1).content[0].element).to.equal('custom1');
+      expect(authSchemes.get(1).content[1]).to.be.instanceof(namespace.elements.AuthScheme);
+      expect(authSchemes.get(1).content[1].element).to.equal('custom2');
     });
   });
 

packages/fury-adapter-oas3-parser/test/unit/parser/oas/parseSecuritySchemeObject-test.js

@@ -241,7 +241,7 @@ describe('Security Scheme Object', () => {
       expect(members.get(0).value.toValue()).to.equal('example');
     });
 
-    it('does not complain about scheme', () => {
+    it('provides warning for invalid scheme', () => {
       const securityScheme = new namespace.elements.Object({
         type: 'apiKey',
         name: 'example',
@@ -251,11 +251,11 @@ describe('Security Scheme Object', () => {
 
       const parseResult = parse(context, securityScheme);
 
-      expect(parseResult.length).to.equal(1);
-      expect(parseResult).to.not.contain.annotations;
+      expect(parseResult.length).to.equal(2);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'apiKey' contains invalid key 'scheme'");
     });
 
-    it('does not complain about flows', () => {
+    it('provides warning for invalid flows', () => {
       const securityScheme = new namespace.elements.Object({
         type: 'apiKey',
         name: 'example',
@@ -265,8 +265,8 @@ describe('Security Scheme Object', () => {
 
       const parseResult = parse(context, securityScheme);
 
-      expect(parseResult.length).to.equal(1);
-      expect(parseResult).to.not.contain.annotations;
+      expect(parseResult.length).to.equal(2);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'apiKey' contains invalid key 'flows'");
     });
   });
 
@@ -320,7 +320,7 @@ describe('Security Scheme Object', () => {
       expect(parseResult.get(0).get(1).description.toValue()).to.equal('oauth2 implementation');
     });
 
-    it('does not complain about name', () => {
+    it('provides warning for invalid name', () => {
       const securityScheme = new namespace.elements.Object({
         type: 'oauth2',
         flows: {},
@@ -329,11 +329,11 @@ describe('Security Scheme Object', () => {
 
       const parseResult = parse(context, securityScheme);
 
-      expect(parseResult.length).to.equal(1);
-      expect(parseResult).to.not.contain.annotations;
+      expect(parseResult.length).to.equal(2);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'oauth2' contains invalid key 'name'");
     });
 
-    it('does not complain about in', () => {
+    it('provides warning for invalid in', () => {
       const securityScheme = new namespace.elements.Object({
         type: 'oauth2',
         flows: {},
@@ -342,11 +342,11 @@ describe('Security Scheme Object', () => {
 
       const parseResult = parse(context, securityScheme);
 
-      expect(parseResult.length).to.equal(1);
-      expect(parseResult).to.not.contain.annotations;
+      expect(parseResult.length).to.equal(2);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'oauth2' contains invalid key 'in'");
     });
 
-    it('does not complain about scheme', () => {
+    it('provides warning for invalid scheme', () => {
       const securityScheme = new namespace.elements.Object({
         type: 'oauth2',
         flows: {},
@@ -355,8 +355,8 @@ describe('Security Scheme Object', () => {
 
       const parseResult = parse(context, securityScheme);
 
-      expect(parseResult.length).to.equal(1);
-      expect(parseResult).to.not.contain.annotations;
+      expect(parseResult.length).to.equal(2);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'oauth2' contains invalid key 'scheme'");
     });
   });
 
@@ -375,7 +375,7 @@ describe('Security Scheme Object', () => {
       expect(parseResult.get(0).members.length).to.equal(0);
     });
 
-    it('does not complain about name', () => {
+    it('provides warning for invalid name', () => {
       const securityScheme = new namespace.elements.Object({
         type: 'http',
         scheme: 'basic',
@@ -384,11 +384,11 @@ describe('Security Scheme Object', () => {
 
       const parseResult = parse(context, securityScheme);
 
-      expect(parseResult.length).to.equal(1);
-      expect(parseResult).to.not.contain.annotations;
+      expect(parseResult.length).to.equal(2);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'http' contains invalid key 'name'");
     });
 
-    it('does not complain about in', () => {
+    it('provides warning for invalid in', () => {
       const securityScheme = new namespace.elements.Object({
         type: 'http',
         scheme: 'basic',
@@ -397,11 +397,11 @@ describe('Security Scheme Object', () => {
 
       const parseResult = parse(context, securityScheme);
 
-      expect(parseResult.length).to.equal(1);
-      expect(parseResult).to.not.contain.annotations;
+      expect(parseResult.length).to.equal(2);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'http' contains invalid key 'in'");
     });
 
-    it('does not complain about flows', () => {
+    it('provides warning for invalid flows', () => {
       const securityScheme = new namespace.elements.Object({
         type: 'http',
         scheme: 'basic',
@@ -410,8 +410,8 @@ describe('Security Scheme Object', () => {
 
       const parseResult = parse(context, securityScheme);
 
-      expect(parseResult.length).to.equal(1);
-      expect(parseResult).to.not.contain.annotations;
+      expect(parseResult.length).to.equal(2);
+      expect(parseResult).to.contain.warning("'Security Scheme Object' 'http' contains invalid key 'flows'");
     });
   });