diff --git a/samples/client/petstore-security-test/javascript-closure-angular/.swagger-codegen/VERSION b/samples/client/petstore-security-test/javascript-closure-angular/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/client/petstore-security-test/javascript-closure-angular/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file diff --git a/samples/client/petstore-security-test/javascript/.babelrc b/samples/client/petstore-security-test/javascript/.babelrc new file mode 100644 index 00000000000..bcb6ee8de93 --- /dev/null +++ b/samples/client/petstore-security-test/javascript/.babelrc @@ -0,0 +1,3 @@ +{ + "presets": ["es2015", "stage-0"] +} \ No newline at end of file diff --git a/samples/client/petstore-security-test/perl/.swagger-codegen/VERSION b/samples/client/petstore-security-test/perl/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/client/petstore-security-test/perl/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file diff --git a/samples/client/petstore-security-test/perl/deep_module_test/.swagger-codegen/VERSION b/samples/client/petstore-security-test/perl/deep_module_test/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/client/petstore-security-test/perl/deep_module_test/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file diff --git a/samples/client/petstore-security-test/qt5cpp/.swagger-codegen/VERSION b/samples/client/petstore-security-test/qt5cpp/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/client/petstore-security-test/qt5cpp/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file diff --git a/samples/client/petstore-security-test/ruby/.swagger-codegen/VERSION b/samples/client/petstore-security-test/ruby/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/client/petstore-security-test/ruby/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file diff --git a/samples/client/petstore-security-test/typescript-angular/api/fake.service.ts b/samples/client/petstore-security-test/typescript-angular/api/fake.service.ts new file mode 100644 index 00000000000..ec51d332251 --- /dev/null +++ b/samples/client/petstore-security-test/typescript-angular/api/fake.service.ts @@ -0,0 +1,98 @@ +/** + * Swagger Petstore *_/ ' \" =end -- \\r\\n \\n \\r + * This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end -- + * + * OpenAPI spec version: 1.0.0 *_/ ' \" =end -- \\r\\n \\n \\r + * Contact: apiteam@swagger.io *_/ ' \" =end -- \\r\\n \\n \\r + * + * NOTE: This class is auto generated by the swagger code generator program. + * https://github.com/swagger-api/swagger-codegen.git + * Do not edit the class manually. + */ + +/* tslint:disable:no-unused-variable member-ordering */ + +import { Inject, Injectable, Optional } from '@angular/core'; +import { HttpClient, HttpHeaders, HttpParams } from '@angular/common/http'; + +import { Observable } from 'rxjs/Observable'; +import '../rxjs-operators'; + + +import { BASE_PATH, COLLECTION_FORMATS } from '../variables'; +import { Configuration } from '../configuration'; +import { CustomHttpUrlEncodingCodec } from '../encoder'; + + +@Injectable() +export class FakeService { + + protected basePath = 'https://petstore.swagger.io *_/ ' \" =end -- \\r\\n \\n \\r/v2 *_/ ' \" =end -- \\r\\n \\n \\r'; + public defaultHeaders = new HttpHeaders(); + public configuration = new Configuration(); + + constructor(protected httpClient: HttpClient, @Optional()@Inject(BASE_PATH) basePath: string, @Optional() configuration: Configuration) { + if (basePath) { + this.basePath = basePath; + } + if (configuration) { + this.configuration = configuration; + this.basePath = basePath || configuration.basePath || this.basePath; + } + } + + /** + * @param consumes string[] mime-types + * @return true: consumes contains 'multipart/form-data', false: otherwise + */ + private canConsumeForm(consumes: string[]): boolean { + const form = 'multipart/form-data'; + for (let consume of consumes) { + if (form === consume) { + return true; + } + } + return false; + } + + + + /** + * To test code injection *_/ ' \" =end -- \\r\\n \\n \\r + * + * @param test code inject * ' " =end rn n r To test code injection *_/ ' \" =end -- \\r\\n \\n \\r + */ + public testCodeInjectEndRnNR(test code inject * ' " =end rn n r?: string): Observable<{}> { + + let headers = this.defaultHeaders; + + // to determine the Content-Type header + let consumes: string[] = [ + 'application/json', + '*_/ =end -- ' + ]; + const canConsumeForm = this.canConsumeForm(consumes); + + let formParams: { append(param: string, value: any): void; }; + let useForm = false; + let convertFormParamsToString = false; + if (useForm) { + formParams = new FormData(); + } else { + formParams = new HttpParams({encoder: new CustomHttpUrlEncodingCodec()}); + } + + + + if (test code inject * ' " =end rn n r !== undefined) { + formParams = formParams.append('test code inject */ ' " =end -- \r\n \n \r', test code inject * ' " =end rn n r) || formParams; + } + + return this.httpClient.put(`${this.basePath}/fake`, + convertFormParamsToString ? formParams.toString() : formParams, { + headers: headers, + withCredentials: this.configuration.withCredentials, + }); + } + +} diff --git a/samples/client/petstore-security-test/typescript-angular/configuration.ts b/samples/client/petstore-security-test/typescript-angular/configuration.ts new file mode 100644 index 00000000000..005c3a26df3 --- /dev/null +++ b/samples/client/petstore-security-test/typescript-angular/configuration.ts @@ -0,0 +1,26 @@ +export interface ConfigurationParameters { + apiKeys?: {[ key: string ]: string}; + username?: string; + password?: string; + accessToken?: string | (() => string); + basePath?: string; + withCredentials?: boolean; +} + +export class Configuration { + apiKeys?: {[ key: string ]: string}; + username?: string; + password?: string; + accessToken?: string | (() => string); + basePath?: string; + withCredentials?: boolean; + + constructor(configurationParameters: ConfigurationParameters = {}) { + this.apiKeys = configurationParameters.apiKeys; + this.username = configurationParameters.username; + this.password = configurationParameters.password; + this.accessToken = configurationParameters.accessToken; + this.basePath = configurationParameters.basePath; + this.withCredentials = configurationParameters.withCredentials; + } +} diff --git a/samples/client/petstore-security-test/typescript-angular/encoder.ts b/samples/client/petstore-security-test/typescript-angular/encoder.ts new file mode 100644 index 00000000000..f1c6b78c9c8 --- /dev/null +++ b/samples/client/petstore-security-test/typescript-angular/encoder.ts @@ -0,0 +1,18 @@ + import { HttpUrlEncodingCodec } from '@angular/common/http'; + +/** +* CustomHttpUrlEncodingCodec +* Fix plus sign (+) not encoding, so sent as blank space +* See: https://github.com/angular/angular/issues/11058#issuecomment-247367318 +*/ +export class CustomHttpUrlEncodingCodec extends HttpUrlEncodingCodec { + encodeKey(k: string): string { + k = super.encodeKey(k); + return k.replace(/\+/gi, '%2B'); + } + encodeValue(v: string): string { + v = super.encodeValue(v); + return v.replace(/\+/gi, '%2B'); + } +} + diff --git a/samples/client/petstore-security-test/typescript-angular/rxjs-operators.ts b/samples/client/petstore-security-test/typescript-angular/rxjs-operators.ts new file mode 100644 index 00000000000..5659cd0694f --- /dev/null +++ b/samples/client/petstore-security-test/typescript-angular/rxjs-operators.ts @@ -0,0 +1,11 @@ +// RxJS imports according to https://angular.io/docs/ts/latest/guide/server-communication.html#!#rxjs + +// See node_module/rxjs/Rxjs.js +// Import just the rxjs statics and operators we need for THIS app. + +// Statics +import 'rxjs/add/observable/throw'; + +// Operators +import 'rxjs/add/operator/catch'; +import 'rxjs/add/operator/map'; diff --git a/samples/client/petstore-security-test/typescript-angular/variables.ts b/samples/client/petstore-security-test/typescript-angular/variables.ts new file mode 100644 index 00000000000..6fe58549f39 --- /dev/null +++ b/samples/client/petstore-security-test/typescript-angular/variables.ts @@ -0,0 +1,9 @@ +import { InjectionToken } from '@angular/core'; + +export const BASE_PATH = new InjectionToken('basePath'); +export const COLLECTION_FORMATS = { + 'csv': ',', + 'tsv': ' ', + 'ssv': ' ', + 'pipes': '|' +} diff --git a/samples/client/petstore-security-test/typescript-angular2/encoder.ts b/samples/client/petstore-security-test/typescript-angular2/encoder.ts new file mode 100644 index 00000000000..f1c6b78c9c8 --- /dev/null +++ b/samples/client/petstore-security-test/typescript-angular2/encoder.ts @@ -0,0 +1,18 @@ + import { HttpUrlEncodingCodec } from '@angular/common/http'; + +/** +* CustomHttpUrlEncodingCodec +* Fix plus sign (+) not encoding, so sent as blank space +* See: https://github.com/angular/angular/issues/11058#issuecomment-247367318 +*/ +export class CustomHttpUrlEncodingCodec extends HttpUrlEncodingCodec { + encodeKey(k: string): string { + k = super.encodeKey(k); + return k.replace(/\+/gi, '%2B'); + } + encodeValue(v: string): string { + v = super.encodeValue(v); + return v.replace(/\+/gi, '%2B'); + } +} + diff --git a/samples/client/petstore-security-test/typescript-node/.swagger-codegen/VERSION b/samples/client/petstore-security-test/typescript-node/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/client/petstore-security-test/typescript-node/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file diff --git a/samples/server/petstore-security-test/lumen/.swagger-codegen/VERSION b/samples/server/petstore-security-test/lumen/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/server/petstore-security-test/lumen/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file diff --git a/samples/server/petstore-security-test/silex/.swagger-codegen/VERSION b/samples/server/petstore-security-test/silex/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/server/petstore-security-test/silex/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file diff --git a/samples/server/petstore-security-test/slim/.swagger-codegen/VERSION b/samples/server/petstore-security-test/slim/.swagger-codegen/VERSION new file mode 100644 index 00000000000..f9f7450d135 --- /dev/null +++ b/samples/server/petstore-security-test/slim/.swagger-codegen/VERSION @@ -0,0 +1 @@ +2.3.0-SNAPSHOT \ No newline at end of file