def do(settings):
PARSED_HOST = urlparse(settings.spec_url)
swagger_spec = requests.get(settings.spec_url)
swagger_spec.raise_for_status()
SPEC = swagger_spec.json()
validator = get_validator(SPEC, settings.spec_url)
validator.validate_spec(swagger_spec.json(), settings.spec_url)
SPEC_HOST = urlunparse(list(PARSED_HOST)[:2] + [SPEC['basePath']] + ['', '', ''])
s = requests.Session()
@given(data())
@hsettings(max_examples=settings.iterations)
def swagger_fuzzer(data):
request = get_request(data, SPEC, SPEC_HOST)
note("Curl command: {}".format(to_curl_command(request)))
result = s.send(request)
for validator in VALIDATORS:
validator(SPEC, request, result, settings)
# Call the function
swagger_fuzzer()
def test_validate_specs(self):
for uri in ['/api/doc/specs/swagger.json', '/api/doc/specs/']:
resp = self.client.get(uri, format='json')
self.assertHttpOK(resp)
spec_json = self.deserialize(resp)
validator = get_validator(spec_json)
validator.validate_spec(spec_json)
def do(settings):
PARSED_HOST = urlparse(settings.spec_url)
swagger_spec = requests.get(settings.spec_url)
swagger_spec.raise_for_status()
SPEC = swagger_spec.json()
validator = get_validator(SPEC, settings.spec_url)
validator.validate_spec(swagger_spec.json(), settings.spec_url)
SPEC_HOST = urlunparse(
list(PARSED_HOST)[:2] + [SPEC['basePath']] + ['', '', ''])
s = requests.Session()
@given(data())
@hsettings(max_examples=settings.iterations)
def swagger_fuzzer(data):
request = get_request(data, SPEC, SPEC_HOST)
note("Curl command: {}".format(to_curl_command(request)))
result = s.send(request)
for validator in VALIDATORS:
validator(SPEC, request, result, settings)
# Call the function
swagger_fuzzer()
def test_validate_swaggerui(self):
"""验证 SwaggerUI 文档是否有效
"""
resp = self.fetch("/_spec")
spec_json = safe_load(resp.body)
validator = get_validator(spec_json)
validator.validate_spec(spec_json)
def do(settings):
PARSED_HOST = urlparse(settings.spec_url)
if settings.real_spec_url and not'://' in settings.real_spec_url:
swagger_spec = open(settings.real_spec_url).read()
SPEC = json.loads(swagger_spec)
else:
swagger_spec = requests.get(settings.real_spec_url or settings.spec_url, headers=settings.headers)
swagger_spec.raise_for_status()
SPEC = swagger_spec.json()
validator = get_validator(SPEC, settings.spec_url)
validator.validate_spec(SPEC, settings.spec_url)
base_path = SPEC.get('basePath', '/')
if not base_path.endswith('/'):
base_path += '/'
SPEC_HOST = urlunparse(list(PARSED_HOST)[:2] + [base_path] + ['', '', ''])
s = requests.Session()
@given(data())
@hsettings(
max_examples=settings.iterations,
timeout=unlimited,
deadline=None,
suppress_health_check=[HealthCheck.hung_test])
def swagger_fuzzer(data):
request = get_request(data, SPEC, SPEC_HOST, settings=settings)
note("Curl command: {}".format(to_curl_command(request)))
result = s.send(request)
for validator in VALIDATORS:
validator(SPEC, request, result, settings)
# Call the function
swagger_fuzzer()
def test_success_20():
spec = {'swagger': '2.0'}
assert validator20 == get_validator(spec, 'http://foo.com')
def test_success_12():
spec = {'swaggerVersion': '1.2'}
assert validator12 == get_validator(spec, 'http://foo.com') == validator12
def test_both_swagger_1_dot_x_and_2_dot_x_version_keys_found():
with pytest.raises(SwaggerValidationError) as excinfo:
spec = {'swagger': '2.0', 'swaggerVersion': '1.2'}
get_validator(spec, 'http://foo.com')
assert 'not both' in str(excinfo.value)
def test_2_dot_x_version_not_supported():
with pytest.raises(SwaggerValidationError) as excinfo:
get_validator({'swagger': '1.2'}, 'http://foo.com')
assert 'not supported' in str(excinfo.value)
def test_version_missing():
with pytest.raises(SwaggerValidationError) as excinfo:
get_validator({}, 'http://foo.com')
assert 'missing' in str(excinfo.value)
