From e85dfd0d8a12183a81e353c9b19b55cb8d5c9ea0 Mon Sep 17 00:00:00 2001 From: Maggiekimani1 Date: Wed, 4 Sep 2024 12:39:44 +0300 Subject: [PATCH 1/2] Remove empty list initialization --- src/Microsoft.OpenApi/Models/OpenApiDocument.cs | 5 ++--- src/Microsoft.OpenApi/Models/OpenApiOperation.cs | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/src/Microsoft.OpenApi/Models/OpenApiDocument.cs b/src/Microsoft.OpenApi/Models/OpenApiDocument.cs index 201b321f1..745bb3cdb 100644 --- a/src/Microsoft.OpenApi/Models/OpenApiDocument.cs +++ b/src/Microsoft.OpenApi/Models/OpenApiDocument.cs @@ -1,4 +1,4 @@ -// Copyright (c) Microsoft Corporation. All rights reserved. +// Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT license. using System; @@ -48,8 +48,7 @@ public class OpenApiDocument : IOpenApiSerializable, IOpenApiExtensible, IOpenAp /// /// A declaration of which security mechanisms can be used across the API. /// - public IList SecurityRequirements { get; set; } = - new List(); + public IList SecurityRequirements { get; set; } /// /// A list of tags used by the specification with additional metadata. diff --git a/src/Microsoft.OpenApi/Models/OpenApiOperation.cs b/src/Microsoft.OpenApi/Models/OpenApiOperation.cs index 69054740e..e4bf5cc39 100644 --- a/src/Microsoft.OpenApi/Models/OpenApiOperation.cs +++ b/src/Microsoft.OpenApi/Models/OpenApiOperation.cs @@ -91,7 +91,7 @@ public class OpenApiOperation : IOpenApiSerializable, IOpenApiExtensible, IOpenA /// This definition overrides any declared top-level security. /// To remove a top-level security declaration, an empty array can be used. /// - public IList Security { get; set; } = new List(); + public IList Security { get; set; } /// /// An alternative server array to service this operation. From 18d99e6ebd2425a1196a886a740bfbd61ac2fca7 Mon Sep 17 00:00:00 2001 From: Maggiekimani1 Date: Wed, 4 Sep 2024 12:40:15 +0300 Subject: [PATCH 2/2] Add tests --- .../V3Tests/OpenApiDocumentTests.cs | 61 +++++++++++++++++++ 1 file changed, 61 insertions(+) diff --git a/test/Microsoft.OpenApi.Readers.Tests/V3Tests/OpenApiDocumentTests.cs b/test/Microsoft.OpenApi.Readers.Tests/V3Tests/OpenApiDocumentTests.cs index bb3db096f..a0bfa7c80 100644 --- a/test/Microsoft.OpenApi.Readers.Tests/V3Tests/OpenApiDocumentTests.cs +++ b/test/Microsoft.OpenApi.Readers.Tests/V3Tests/OpenApiDocumentTests.cs @@ -10,6 +10,7 @@ using FluentAssertions; using Microsoft.OpenApi.Any; using Microsoft.OpenApi.Exceptions; +using Microsoft.OpenApi.Extensions; using Microsoft.OpenApi.Interfaces; using Microsoft.OpenApi.Models; using Microsoft.OpenApi.Readers.Interface; @@ -1432,5 +1433,65 @@ public void ParseBasicDocumentWithServerVariableAndNoDefaultShouldFail() diagnostic.Errors.Should().NotBeEmpty(); } + + [Fact] + public void ParseDocumentWithMissingSecuritySchemeDefaultsToNull() + { + // Arrange + var input = @"openapi: 3.0.0 +info: + title: test + version: ""1.0"" +paths: + /test: + get: + description: description for test path + responses: + '200': + description: test +components: + securitySchemes: + apiKey0: + type: apiKey, + name: x-api-key, + in: header"; + + // Act && Assert + var doc = new OpenApiStringReader().Read(input, out var diagnostic); + + doc.Paths["/test"].Operations[OperationType.Get].Security.Should().BeNull(); + doc.SecurityRequirements.Should().BeNull(); + } + + [Fact] + public void ParseDocumentWithEmptySecuritySchemeDefaultsToEmptyList() + { + // Arrange + var input = @"openapi: 3.0.0 +info: + title: test + version: ""1.0"" +paths: + /test: + get: + description: description for test path + responses: + '200': + description: test + security: [] +security: +- apiKey0: [] +components: + securitySchemes: + apiKey0: + type: apiKey, + name: x-api-key, + in: header"; + + // Act && Assert + var doc = new OpenApiStringReader().Read(input, out var diagnostic); + + doc.Paths["/test"].Operations[OperationType.Get].Security.Should().BeEmpty(); + } } }