UNPKG

serverless-openapi-documenter

Version:

Generate OpenAPI v3 documentation and Postman Collections from your Serverless Config

github.com/JaredCE/serverless-openapi-documenter

JaredCE/serverless-openapi-documenter

121 lines (97 loc) 4.05 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
"use strict"; const expect = require("chai").expect; const nock = require("nock"); const owasp = require("../../src/owasp"); const owaspJSON = require("../../json/owasp.json"); const newOWASPJSON = require("../json/newOWASP.json"); describe(`owasp`, function () { describe(`getLatest`, function () { it(`populates the defaults from the included OWASP release when the online version can not be reached`, async function () { nock("https://owasp.org") .get("/www-project-secure-headers/ci/headers_add.json") .reply(404, {}); await owasp.getLatest().catch((err) => { console.error(err); expect(err).to.be.undefined; }); expect( owasp.DEFAULT_OWASP_HEADERS["Permissions-Policy"] ).to.have.property("schema"); const permissionsPolicyDefault = owaspJSON.headers.filter( (obj) => obj.name === "Permissions-Policy" ); expect( owasp.DEFAULT_OWASP_HEADERS["Permissions-Policy"].schema.default ).to.be.equal(permissionsPolicyDefault[0].value); expect(Object.keys(owasp.DEFAULT_OWASP_HEADERS).length).to.be.equal(12); }); it(`populates the defaults with information from a new OWASP release`, async function () { nock("https://owasp.org") .get("/www-project-secure-headers/ci/headers_add.json") .reply(200, newOWASPJSON); await owasp.getLatest().catch((err) => { console.error(err); expect(err).to.be.undefined; }); expect( owasp.DEFAULT_OWASP_HEADERS["Cross-Origin-Embedder-Policy"] ).to.have.property("schema"); const newCrossOriginEmbedderPolicy = newOWASPJSON.headers.filter( (obj) => obj.name === "Cross-Origin-Embedder-Policy" ); expect( owasp.DEFAULT_OWASP_HEADERS["Cross-Origin-Embedder-Policy"].schema .default ).to.be.equal(newCrossOriginEmbedderPolicy[0].value); expect(Object.keys(owasp.DEFAULT_OWASP_HEADERS).length).to.be.equal(12); }); it(`adds any properties contained in a new release`, async function () { const newOWASPJSONAdded = structuredClone(newOWASPJSON); newOWASPJSONAdded.headers.push({ name: "x-added", value: "true" }); nock("https://owasp.org") .get("/www-project-secure-headers/ci/headers_add.json") .reply(200, newOWASPJSONAdded); await owasp.getLatest().catch((err) => { console.error(err); expect(err).to.be.undefined; }); expect(owasp.DEFAULT_OWASP_HEADERS).to.have.property("x-added"); expect(owasp.DEFAULT_OWASP_HEADERS["x-added"]).to.have.property("schema"); expect(owasp.DEFAULT_OWASP_HEADERS["x-added"].schema.default).to.be.equal( "true" ); expect(Object.keys(owasp.DEFAULT_OWASP_HEADERS).length).to.be.equal(13); }); }); describe(`getHeaders`, function () { it(`brings back default headers from a list`, function () { const headerOptions = { cacheControl: true, xFrameOptions: true }; const headers = owasp.getHeaders(headerOptions); expect(Object.keys(headers).length).to.be.equal(2); }); it(`brings back default headers from a list with new schema defaults when values are provided`, function () { const headerOptions = { referrerPolicy: { value: "true", }, crossOriginOpenerPolicy: { value: "strict", }, }; const headers = owasp.getHeaders(headerOptions); expect(Object.keys(headers).length).to.be.equal(2); expect(headers["Cross-Origin-Opener-Policy"].schema.default === "strict"); }); it(`handles pragma being deprecated`, function () { const headerOptions = { pragma: { value: "true", }, }; const headers = owasp.getHeaders(headerOptions); expect(Object.keys(headers).length).to.be.equal(1); expect(headers["Pragma"]).to.have.property("schema"); expect(headers["Pragma"].schema).to.have.property("default", "true"); }); }); });