Class: Aikido::Zen::Request::Schema

Inherits:
Object
  • Object
show all
Defined in:
lib/aikido/zen/request/schema.rb,
lib/aikido/zen/request/schema/builder.rb,
lib/aikido/zen/request/schema/definition.rb,
lib/aikido/zen/request/schema/auth_schemas.rb,
lib/aikido/zen/request/schema/empty_schema.rb,
lib/aikido/zen/request/schema/auth_discovery.rb

Overview

Defines the shape of a request received by your application as seen by Zen. This is used to understand how requests are made against your app, so dynamic security testing on your API endpoints can take place.

See Also:

  • Config#api_schema_collection_enabled?

Defined Under Namespace

Classes: AuthDiscovery, AuthSchemas, Builder, Definition

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(content_type:, body_schema:, query_schema:, auth_schema:) ⇒ Schema

Returns a new instance of Schema.



36
37
38
39
40
41
 
# File 'lib/aikido/zen/request/schema.rb', line 36

def initialize(content_type:, body_schema:, query_schema:, auth_schema:)
  @content_type = content_type
  @query_schema = query_schema
  @body_schema = body_schema
  @auth_schema = auth_schema
end

Instance Attribute Details

#auth_schemaAikido::Zen::Request::Schema::AuthSchemas (readonly)

Returns:



23
24
25
 
# File 'lib/aikido/zen/request/schema.rb', line 23

def auth_schema
  @auth_schema
end

#body_schemaAikido::Zen::Request::Schema::Definition (readonly)

Returns:



17
18
19
 
# File 'lib/aikido/zen/request/schema.rb', line 17

def body_schema
  @body_schema
end

#content_typeSymbol? (readonly)

Returns an identifier for the Content-Type header of the request, if sent.

Returns:

  • (Symbol, nil)

    an identifier for the Content-Type header of the request, if sent.



14
15
16
 
# File 'lib/aikido/zen/request/schema.rb', line 14

def content_type
  @content_type
end

#query_schemaAikido::Zen::Request::Schema::Definition (readonly)

Returns:



20
21
22
 
# File 'lib/aikido/zen/request/schema.rb', line 20

def query_schema
  @query_schema
end

Class Method Details

.build(context = Aikido::Zen.current_context) ⇒ Aikido::Zen::Request::Schema?

Extracts the request information from the current Context (if configured) and builds a Schema out of it.

Parameters:

Returns:



30
31
32
33
34
 
# File 'lib/aikido/zen/request/schema.rb', line 30

def self.build(context = Aikido::Zen.current_context)
  return if context.nil?

  Request::Schema::Builder.new(context: context).schema
end

Instance Method Details

#as_jsonHash

Returns:

  • (Hash) 


44
45
46
47
48
49
 
# File 'lib/aikido/zen/request/schema.rb', line 44

def as_json
  body = {type: content_type, schema: body_schema.as_json}.compact
  body = nil if body.empty?

  {body: body, query: query_schema.as_json, auth: auth_schema.as_json}.compact
end

#merge(other) ⇒ Aikido::Zen::Request::Schema Also known as: |

Merges the request specification with another request’s specification.

Parameters:

Returns:



55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/aikido/zen/request/schema.rb', line 55

def merge(other)
  return self if other.nil?

  self.class.new(
    # TODO: this is currently overriding the content type with the new
    # value, but we should support APIs that accept input in many types
    # (e.g. JSON and XML)
    content_type: other.content_type,
    body_schema: body_schema.merge(other.body_schema),
    query_schema: query_schema.merge(other.query_schema),
    auth_schema: auth_schema.merge(other.auth_schema)
  )
end