add openapi request validator

Author: mduesterhoeft

router-openapi-request-validator/build.gradle.kts

@@ -0,0 +1,16 @@
+repositories {
+    mavenCentral()
+}
+
+dependencies {
+    compile(kotlin("stdlib-jdk8"))
+    compile(kotlin("reflect"))
+
+    compile("com.atlassian.oai:swagger-request-validator-core:2.2.2")
+    compile(project(":router"))
+
+    testImplementation("org.junit.jupiter:junit-jupiter-engine:5.4.0")
+    testImplementation("org.assertj:assertj-core:3.11.1")
+    testImplementation("io.mockk:mockk:1.8.13.kotlin13")
+    testImplementation("org.slf4j:slf4j-simple:1.7.26")
+}

router-openapi-request-validator/src/main/kotlin/com/github/mduesterhoeft/router/openapi/OpenApiValidator.kt

@@ -0,0 +1,56 @@
+package com.github.mduesterhoeft.router.openapi
+
+import com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent
+import com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent
+import com.atlassian.oai.validator.OpenApiInteractionValidator
+import com.atlassian.oai.validator.model.Request
+import com.atlassian.oai.validator.model.Response
+import com.atlassian.oai.validator.model.SimpleRequest
+import com.atlassian.oai.validator.model.SimpleResponse
+import com.atlassian.oai.validator.report.ValidationReport
+import org.slf4j.LoggerFactory
+
+class OpenApiValidator(val specUrlOrPayload: String) {
+    val validator = OpenApiInteractionValidator.createFor(specUrlOrPayload).build()
+
+    fun validate(request: APIGatewayProxyRequestEvent, response: APIGatewayProxyResponseEvent): ValidationReport {
+        return validator.validate(request.toRequest(), response.toResponse())
+            .also { if (it.hasErrors()) log.error("error validating request and response against $specUrlOrPayload - $it") }
+    }
+
+    fun assertValid(request: APIGatewayProxyRequestEvent, response: APIGatewayProxyResponseEvent) {
+        return validate(request, response).let { if (it.hasErrors()) throw ApiInteractionInvalid(specUrlOrPayload, request, response, it) }
+    }
+
+    class ApiInteractionInvalid(val spec: String, val request: APIGatewayProxyRequestEvent, val response: APIGatewayProxyResponseEvent, val validationReport: ValidationReport) :
+        RuntimeException("Error validating request and response against $spec - $validationReport")
+
+    private fun APIGatewayProxyRequestEvent.toRequest(): Request {
+        val builder = when (httpMethod.toLowerCase()) {
+            "get" -> SimpleRequest.Builder.get(path)
+            "post" -> SimpleRequest.Builder.post(path)
+            "put" -> SimpleRequest.Builder.put(path)
+            "patch" -> SimpleRequest.Builder.patch(path)
+            "delete" -> SimpleRequest.Builder.delete(path)
+            "options" -> SimpleRequest.Builder.options(path)
+            "head" -> SimpleRequest.Builder.head(path)
+            else -> throw IllegalArgumentException("Unsupported method $httpMethod")
+        }
+        headers?.forEach { builder.withHeader(it.key, it.value) }
+        queryStringParameters?.forEach { builder.withQueryParam(it.key, it.value) }
+        builder.withBody(body)
+        return builder.build()
+    }
+
+    private fun APIGatewayProxyResponseEvent.toResponse(): Response {
+        return SimpleResponse.Builder
+            .status(statusCode)
+            .withBody(body)
+            .also { headers.forEach { h -> it.withHeader(h.key, h.value) } }
+            .build()
+    }
+
+    companion object {
+        val log = LoggerFactory.getLogger(OpenApiValidator::class.java)
+    }
+}

router-openapi-request-validator/src/test/kotlin/com/github/mduesterhoeft/router/openapi/OpenApiValidatorTest.kt

@@ -0,0 +1,72 @@
+package com.github.mduesterhoeft.router.openapi
+
+import com.github.mduesterhoeft.router.GET
+import com.github.mduesterhoeft.router.Request
+import com.github.mduesterhoeft.router.RequestHandler
+import com.github.mduesterhoeft.router.ResponseEntity
+import com.github.mduesterhoeft.router.Router
+import io.mockk.mockk
+import org.assertj.core.api.BDDAssertions.thenThrownBy
+import org.junit.jupiter.api.Test
+
+class OpenApiValidatorTest {
+
+    val testHandler = TestRequestHandler()
+
+    val validator = OpenApiValidator("openapi.yml")
+
+    @Test
+    fun `should handle and validate request`() {
+        val request = GET("/tests")
+            .withHeaders(mapOf("Accept" to "application/json"))
+
+        val response = testHandler.handleRequest(request, mockk())
+
+        validator.assertValid(request, response)
+    }
+
+    @Test
+    fun `should fail on undocumented request`() {
+        val request = GET("/tests-not-documented")
+            .withHeaders(mapOf("Accept" to "application/json"))
+
+        val response = testHandler.handleRequest(request, mockk())
+
+        thenThrownBy { validator.assertValid(request, response) }.isInstanceOf(OpenApiValidator.ApiInteractionInvalid::class.java)
+    }
+
+    @Test
+    fun `should fail on invalid schema`() {
+        val request = GET("/tests")
+            .withHeaders(mapOf("Accept" to "application/json"))
+
+        val response = TestInvalidRequestHandler().handleRequest(request, mockk())
+
+        thenThrownBy { validator.assertValid(request, response) }.isInstanceOf(OpenApiValidator.ApiInteractionInvalid::class.java)
+    }
+
+    class TestRequestHandler : RequestHandler() {
+
+        data class TestResponse(val name: String)
+
+        override val router = Router.router {
+            GET("/tests") { _: Request<Unit> ->
+                ResponseEntity.ok(TestResponse("Hello"))
+            }
+            GET("/tests-not-documented") { _: Request<Unit> ->
+                ResponseEntity.ok(TestResponse("Hello"))
+            }
+        }
+    }
+
+    class TestInvalidRequestHandler : RequestHandler() {
+
+        data class TestResponseInvalid(val invalid: String)
+
+        override val router = Router.router {
+            GET("/tests") { _: Request<Unit> ->
+                ResponseEntity.ok(TestResponseInvalid("Hello"))
+            }
+        }
+    }
+}

router-openapi-request-validator/src/test/resources/openapi.yml

@@ -0,0 +1,27 @@
+openapi: "3.0.0"
+info:
+  version: 1.0.0
+  title: Test
+paths:
+  /tests:
+    get:
+      summary: List all test records
+      operationId: get-tests
+      tags:
+        - tests
+      responses:
+        '200':
+          description: All tests
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Test"
+components:
+  schemas:
+    Test:
+      required:
+        - name
+      properties:
+        name:
+          type: string
+          description: unique id of the service area

settings.gradle

@@ -1,3 +1,4 @@
 rootProject.name = 'lambda-kotlin-request-router'
 include 'router'
-include 'router-protobuf'
+include 'router-protobuf'
+include 'router-openapi-request-validator'