diff --git a/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java b/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java index cc92b48bf..30b99a542 100644 --- a/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java +++ b/core/src/main/java/org/openapitools/openapidiff/core/compare/SecurityRequirementsDiff.java @@ -7,6 +7,7 @@ import io.swagger.v3.oas.models.security.SecurityScheme; import java.util.ArrayList; import java.util.List; +import java.util.Map; import java.util.Optional; import java.util.stream.Collectors; import org.apache.commons.collections4.CollectionUtils; @@ -55,10 +56,16 @@ private List> getListOfSecuritySche return securityRequirement.keySet().stream() .map( x -> { - SecurityScheme result = components.getSecuritySchemes().get(x); + Map securitySchemes = components.getSecuritySchemes(); + if (securitySchemes == null) { + throw new IllegalArgumentException("Missing securitySchemes component definition."); + } + + SecurityScheme result = securitySchemes.get(x); if (result == null) { throw new IllegalArgumentException("Impossible to find security scheme: " + x); } + return result; }) .map(this::getPair) diff --git a/core/src/test/java/org/openapitools/openapidiff/core/SecurityDiffTest.java b/core/src/test/java/org/openapitools/openapidiff/core/SecurityDiffTest.java index ef1bec29c..056b92319 100644 --- a/core/src/test/java/org/openapitools/openapidiff/core/SecurityDiffTest.java +++ b/core/src/test/java/org/openapitools/openapidiff/core/SecurityDiffTest.java @@ -12,6 +12,7 @@ public class SecurityDiffTest { private final String OPENAPI_DOC1 = "security_diff_1.yaml"; private final String OPENAPI_DOC2 = "security_diff_2.yaml"; private final String OPENAPI_DOC3 = "security_diff_3.yaml"; + private final String OPENAPI_DOC4 = "security_diff_4.yaml"; @Test public void testDiffDifferent() { @@ -89,5 +90,8 @@ public void testWithUnknownSecurityScheme() { assertThrows( IllegalArgumentException.class, () -> OpenApiCompare.fromLocations(OPENAPI_DOC3, OPENAPI_DOC3)); + assertThrows( + IllegalArgumentException.class, + () -> OpenApiCompare.fromLocations(OPENAPI_DOC4, OPENAPI_DOC4)); } } diff --git a/core/src/test/resources/security_diff_4.yaml b/core/src/test/resources/security_diff_4.yaml new file mode 100644 index 000000000..aa13324a8 --- /dev/null +++ b/core/src/test/resources/security_diff_4.yaml @@ -0,0 +1,224 @@ +openapi: 3.0.0 +servers: + - url: 'http://petstore.swagger.io/v2' +info: + description: >- + This is a sample server Petstore server. You can find out more about + Swagger at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, + #swagger](http://swagger.io/irc/). For this sample, you can use the api key + `special-key` to test the authorization filters. + version: 1.0.0 + title: Swagger Petstore + termsOfService: 'http://swagger.io/terms/' + contact: + email: apiteam@swagger.io + license: + name: Apache 2.0 + url: 'http://www.apache.org/licenses/LICENSE-2.0.html' +tags: + - name: pet + description: Everything about your Pets + externalDocs: + description: Find out more + url: 'http://swagger.io' + - name: store + description: Access to Petstore orders + - name: user + description: Operations about user + externalDocs: + description: Find out more about our store + url: 'http://swagger.io' +security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + - unknown: [] +paths: + '/pet/{petId}': + parameters: + - name: newHeaderParam + in: header + required: false + schema: + type: integer + delete: + tags: + - pet + summary: Deletes a pet + description: '' + operationId: deletePet + parameters: + - name: api_key + in: header + required: false + schema: + type: string + - name: newHeaderParam + in: header + required: false + schema: + type: string + - name: petId + in: path + description: Pet id to delete + required: true + schema: + type: integer + format: int64 + responses: + '400': + description: Invalid ID supplied + '404': + description: Pet not found + security: + - petstore_auth: + - 'write:pets' + /pet: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + responses: + '405': + description: Invalid input + requestBody: + $ref: '#/components/requestBodies/Pet' + /pet2: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + responses: + '405': + description: Invalid input + requestBody: + $ref: '#/components/requestBodies/Pet' + /pet3: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + responses: + '405': + description: Invalid input + requestBody: + $ref: '#/components/requestBodies/Pet' + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + /pet/findByStatus2: + get: + tags: + - pet + summary: Finds Pets by status + description: Multiple status values can be provided with comma separated strings + operationId: findPetsByStatus + parameters: + - name: status + in: query + deprecated: true + description: Status values that need to be considered for filter + required: true + explode: true + schema: + type: array + items: + type: string + enum: + - available + - pending + - sold + default: available + security: + - tenant: [] + user: [] + responses: + '200': + description: successful operation + content: + application/xml: + schema: + type: array + items: + $ref: '#/components/schemas/Pet' + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Pet' + '400': + description: Invalid status value +externalDocs: + description: Find out more about Swagger + url: 'http://swagger.io' +components: + requestBodies: + Pet: + content: + application/json: + schema: + $ref: '#/components/schemas/Pet' + application/xml: + schema: + $ref: '#/components/schemas/Pet' + description: Pet object that needs to be added to the store + required: true + schemas: + Tag: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + xml: + name: Tag + Pet: + type: object + required: + - name + - photoUrls + properties: + id: + type: integer + format: int64 + category: + type: string + name: + type: string + example: doggie + newField: + type: string + example: a field demo + description: a field demo + photoUrls: + type: array + xml: + name: photoUrl + wrapped: true + items: + type: string + tags: + type: array + xml: + name: tag + wrapped: true + items: + $ref: '#/components/schemas/Tag' + status: + type: string + description: pet status in the store + enum: + - available + - pending + - sold + xml: + name: Pet \ No newline at end of file