swagger parser updated for the new security obj

3scale · Jun 26, 2023 · 3c9ca65 · 3c9ca65
1 parent 02ccda9
commit 3c9ca65
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 8 deletions.
diff --git a/lib/3scale_toolbox/commands/import_command/openapi/update_service_oidc_conf_step.rb b/lib/3scale_toolbox/commands/import_command/openapi/update_service_oidc_conf_step.rb
@@ -29,7 +29,7 @@ def add_flow_settings(settings)
             # only applies to oauth2 sec type
             return if api_spec.security.nil? || api_spec.security[:type] != 'oauth2'
 
-            settings.merge!(api_spec.security[:flows])
+            settings.merge!(api_spec.security[:flows] || {})
           end
         end
       end

diff --git a/lib/3scale_toolbox/openapi/swagger.rb b/lib/3scale_toolbox/openapi/swagger.rb
@@ -21,7 +21,11 @@ module OpenAPI
     #     * :type -> string
     #     * :name -> string
     #     * :in_f -> string
-    #     * :flow -> symbol (:implicit_flow_enabled, :direct_access_grants_enabled, :service_accounts_enabled, :standard_flow_enabled)
+    #     * :flows -> hash
+    #       * :implicit_flow_enabled -> bool
+    #       * :direct_access_grants_enabled -> bool
+    #       * :service_accounts_enabled -> bool
+    #       * :standard_flow_enabled -> bool
     #     * :scopes -> array of string
     # * Swagger.service_backend_version -> string ('1','2','oidc')
     # * Swagger.set_server_url -> def(spec, url)
@@ -150,7 +154,7 @@ def parse_global_security_reqs
               type: sec_def['type'],
               name: sec_def['name'],
               in_f: sec_def['in'],
-              flow: convert_flow(sec_def['flow']),
+              flows: parse_flows(sec_def['flow']),
               scopes: sec_item
             }
           end
@@ -171,6 +175,21 @@ def security_definitions
         raw['securityDefinitions'] || {}
       end
 
+      def parse_flows(flow_name)
+        return nil if flow_name.nil?
+
+        basic_flows_object.merge!({ convert_flow(flow_name) => true })
+      end
+
+      def basic_flows_object
+        {
+          standard_flow_enabled: false,
+          implicit_flow_enabled: false,
+          service_accounts_enabled: false,
+          direct_access_grants_enabled: false
+        }
+      end
+
       def convert_flow(flow_name)
         return nil if flow_name.nil?
 

diff --git a/spec/unit/commands/import_command/openapi/update_service_oidc_conf_spec.rb b/spec/unit/commands/import_command/openapi/update_service_oidc_conf_spec.rb
@@ -65,6 +65,15 @@
 
       let(:security) { { id: 'oidc', type: 'oauth2', flows: flows } }
 
+      context 'no flows' do
+        let(:flows) { nil }
+
+        it 'service is not updated' do
+          # if service.update_oidc is called, this test should fail
+          subject
+        end
+      end
+
       context 'flow implicit' do
         let(:flows) { basic_empty_flow.merge(implicit_flow_enabled: true) }
         let(:expected_implicit_flow) { true }

diff --git a/spec/unit/openapi/swagger_spec.rb b/spec/unit/openapi/swagger_spec.rb
@@ -5,6 +5,12 @@
   let(:validate) { true }
   subject { described_class.build(raw_specification, validate: validate) }
   let(:content) { basic_swagger_content }
+  let(:basic_empty_flow) do
+    {
+      standard_flow_enabled: false, implicit_flow_enabled: false,
+      service_accounts_enabled: false, direct_access_grants_enabled: false
+    }
+  end
 
   context 'missing info' do
     let(:content) do
@@ -217,7 +223,7 @@
       end
 
       it 'flow matches' do
-        expect(subject.security[:flow]).to be_nil
+        expect(subject.security[:flows]).to be_nil
       end
 
       it 'scopes matches' do
@@ -249,7 +255,7 @@
       end
 
       it 'flow matches' do
-        expect(subject.security[:flow]).to be(:implicit_flow_enabled)
+        expect(subject.security[:flows]).to eq(basic_empty_flow.merge(implicit_flow_enabled: true))
       end
 
       it 'scopes matches' do
@@ -281,7 +287,7 @@
       end
 
       it 'flow matches' do
-        expect(subject.security[:flow]).to be(:direct_access_grants_enabled)
+        expect(subject.security[:flows]).to eq(basic_empty_flow.merge(direct_access_grants_enabled: true))
       end
 
       it 'scopes matches' do
@@ -313,7 +319,7 @@
       end
 
       it 'flow matches' do
-        expect(subject.security[:flow]).to be(:service_accounts_enabled)
+        expect(subject.security[:flows]).to eq(basic_empty_flow.merge(service_accounts_enabled: true))
       end
 
       it 'scopes matches' do
@@ -345,7 +351,7 @@
       end
 
       it 'flow matches' do
-        expect(subject.security[:flow]).to be(:standard_flow_enabled)
+        expect(subject.security[:flows]).to eq(basic_empty_flow.merge(standard_flow_enabled: true))
       end
 
       it 'scopes matches' do