loafle/openapi-generator
3
0
Fork 0
forked from loafle/openapi-generator-original
Code Pull Requests Activity

Add more security samples (#3344)

Browse Source 
* add line break test to petstore-security-test.yaml

* add objc/swift security testing

* add go,scala,qt5cpp for security test

* add security test for typescript

* fix go security issue, fix consumes,produces line break
This commit is contained in:
wing328
2016-07-12 19:51:28 +08:00
committed by GitHub
parent d4951bbf3c
commit 394840e352
146 changed files with 9480 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
samples/client/petstore-security-test/php/SwaggerClient-php/README.md
View File

@@ -1,10 +1,10 @@
# SwaggerClient-php
This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ */ ' \" =end
This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
This PHP package is automatically generated by the [Swagger Codegen](https://github.com/swagger-api/swagger-codegen) project:
- API version: 1.0.0 */ ' " =end
- Build date: 2016-07-06T12:09:22.895-07:00
- API version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
- Build date: 2016-07-12T18:29:31.200+08:00
- Build package: class io.swagger.codegen.languages.PhpClientCodegen
## Requirements
@@ -58,12 +58,12 @@ Please follow the [installation procedure](#installation--usage) and then run th
require_once(__DIR__ . '/vendor/autoload.php');
$api_instance = new Swagger\Client\Api\FakeApi();
$test_code_inject____end = "test_code_inject____end_example"; // string | To test code injection */ ' \" =end
$test_code_inject____end_rn_n_r = "test_code_inject____end_rn_n_r_example"; // string | To test code injection *_/ ' \" =end \\r\\n \\n \\r
try {
$api_instance->testCodeInjectEnd($test_code_inject____end);
$api_instance->testCodeInjectEndRnNR($test_code_inject____end_rn_n_r);
} catch (Exception $e) {
echo 'Exception when calling FakeApi->testCodeInjectEnd: ', $e->getMessage(), PHP_EOL;
echo 'Exception when calling FakeApi->testCodeInjectEndRnNR: ', $e->getMessage(), PHP_EOL;
}
?>
@@ -71,11 +71,11 @@ try {
## Documentation for API Endpoints
All URIs are relative to *https://petstore.swagger.io */ ' " =end/v2 */ ' " =end*
All URIs are relative to *https://petstore.swagger.io *_/ ' \" =end \\r\\n \\n \\r/v2 *_/ ' \" =end \\r\\n \\n \\r*
Class | Method | HTTP request | Description
------------ | ------------- | ------------- | -------------
*FakeApi* | [**testCodeInjectEnd**](docs/Api/FakeApi.md#testcodeinjectend) | **PUT** /fake | To test code injection */ ' \" =end
*FakeApi* | [**testCodeInjectEndRnNR**](docs/Api/FakeApi.md#testcodeinjectendrnnr) | **PUT** /fake | To test code injection *_/ ' \" =end \\r\\n \\n \\r
## Documentation For Models
@@ -86,24 +86,24 @@ Class | Method | HTTP request | Description
## Documentation For Authorization
## api_key
- **Type**: API key
- **API key parameter name**: api_key */ ' " =end \r\n \n \r
- **Location**: HTTP header
## petstore_auth
- **Type**: OAuth
- **Flow**: implicit
- **Authorization URL**: http://petstore.swagger.io/api/oauth/dialog
- **Scopes**:
- **write:pets**: modify pets in your account */ ' " =end
- **read:pets**: read your pets */ ' " =end
## api_key
- **Type**: API key
- **API key parameter name**: api_key */ ' " =end
- **Location**: HTTP header
- **write:pets**: modify pets in your account */ ' " =end \r\n \n \r
- **read:pets**: read your pets */ ' " =end \r\n \n \r
## Author
apiteam@swagger.io */ ' " =end
apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r

8
samples/client/petstore-security-test/php/SwaggerClient-php/autoload.php
View File

@@ -1,12 +1,12 @@
<?php
/**
* Swagger Petstore */ ' " =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ */ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 */ ' " =end
* Contact: apiteam@swagger.io */ ' " =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");

22
samples/client/petstore-security-test/php/SwaggerClient-php/docs/Api/FakeApi.md
View File

@@ -1,16 +1,16 @@
# Swagger\Client\FakeApi
All URIs are relative to *https://petstore.swagger.io */ &#39; &quot; &#x3D;end/v2 */ &#39; &quot; &#x3D;end*
All URIs are relative to *https://petstore.swagger.io *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r/v2 *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r*
Method | HTTP request | Description
------------- | ------------- | -------------
[**testCodeInjectEnd**](FakeApi.md#testCodeInjectEnd) | **PUT** /fake | To test code injection */ &#39; \&quot; &#x3D;end
[**testCodeInjectEndRnNR**](FakeApi.md#testCodeInjectEndRnNR) | **PUT** /fake | To test code injection *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r
# **testCodeInjectEnd**
> testCodeInjectEnd($test_code_inject____end)
# **testCodeInjectEndRnNR**
> testCodeInjectEndRnNR($test_code_inject____end_rn_n_r)
To test code injection */ ' \" =end
To test code injection *_/ ' \" =end \\r\\n \\n \\r
### Example
```php
@@ -18,12 +18,12 @@ To test code injection */ ' \" =end
require_once(__DIR__ . '/vendor/autoload.php');
$api_instance = new Swagger\Client\Api\FakeApi();
$test_code_inject____end = "test_code_inject____end_example"; // string | To test code injection */ ' \" =end
$test_code_inject____end_rn_n_r = "test_code_inject____end_rn_n_r_example"; // string | To test code injection *_/ ' \" =end \\r\\n \\n \\r
try {
$api_instance->testCodeInjectEnd($test_code_inject____end);
$api_instance->testCodeInjectEndRnNR($test_code_inject____end_rn_n_r);
} catch (Exception $e) {
echo 'Exception when calling FakeApi->testCodeInjectEnd: ', $e->getMessage(), PHP_EOL;
echo 'Exception when calling FakeApi->testCodeInjectEndRnNR: ', $e->getMessage(), PHP_EOL;
}
?>
```
@@ -32,7 +32,7 @@ try {
Name | Type | Description | Notes
------------- | ------------- | ------------- | -------------
**test_code_inject____end** | **string**| To test code injection */ &#39; \&quot; &#x3D;end | [optional]
**test_code_inject____end_rn_n_r** | **string**| To test code injection *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r | [optional]
### Return type
@@ -44,8 +44,8 @@ No authorization required
### HTTP request headers
- **Content-Type**: application/json, */ ' " =end
- **Accept**: application/json, */ ' " =end
- **Content-Type**: application/json, *_/ \" =end
- **Accept**: application/json, *_/ \" =end
[[Back to top]](#) [[Back to API list]](../../README.md#documentation-for-api-endpoints) [[Back to Model list]](../../README.md#documentation-for-models) [[Back to README]](../../README.md)

2
samples/client/petstore-security-test/php/SwaggerClient-php/docs/Model/ModelReturn.md
View File

@@ -3,7 +3,7 @@
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**return** | **int** | property description */ &#39; \&quot; &#x3D;end | [optional]
**return** | **int** | property description *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r | [optional]
[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)

36
samples/client/petstore-security-test/php/SwaggerClient-php/lib/Api/FakeApi.php
View File

@@ -11,12 +11,12 @@
*/
/**
* Swagger Petstore */ ' " =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ */ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 */ ' " =end
* Contact: apiteam@swagger.io */ ' " =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -73,7 +73,7 @@ class FakeApi
{
if ($apiClient == null) {
$apiClient = new ApiClient();
$apiClient->getConfig()->setHost('https://petstore.swagger.io */ &#39; &quot; &#x3D;end/v2 */ &#39; &quot; &#x3D;end');
$apiClient->getConfig()->setHost('https://petstore.swagger.io *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r/v2 *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r');
}
$this->apiClient = $apiClient;
@@ -103,30 +103,30 @@ class FakeApi
}
/**
* Operation testCodeInjectEnd
* Operation testCodeInjectEndRnNR
*
* To test code injection */ ' \" =end
* To test code injection *_/ ' \" =end \\r\\n \\n \\r
*
* @param string $test_code_inject____end To test code injection */ &#39; \&quot; &#x3D;end (optional)
* @param string $test_code_inject____end_rn_n_r To test code injection *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r (optional)
* @return void
* @throws \Swagger\Client\ApiException on non-2xx response
*/
public function testCodeInjectEnd($test_code_inject____end = null)
public function testCodeInjectEndRnNR($test_code_inject____end_rn_n_r = null)
{
list($response) = $this->testCodeInjectEndWithHttpInfo($test_code_inject____end);
list($response) = $this->testCodeInjectEndRnNRWithHttpInfo($test_code_inject____end_rn_n_r);
return $response;
}
/**
* Operation testCodeInjectEndWithHttpInfo
* Operation testCodeInjectEndRnNRWithHttpInfo
*
* To test code injection */ ' \" =end
* To test code injection *_/ ' \" =end \\r\\n \\n \\r
*
* @param string $test_code_inject____end To test code injection */ &#39; \&quot; &#x3D;end (optional)
* @param string $test_code_inject____end_rn_n_r To test code injection *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r (optional)
* @return Array of null, HTTP status code, HTTP response headers (array of strings)
* @throws \Swagger\Client\ApiException on non-2xx response
*/
public function testCodeInjectEndWithHttpInfo($test_code_inject____end = null)
public function testCodeInjectEndRnNRWithHttpInfo($test_code_inject____end_rn_n_r = null)
{
// parse inputs
$resourcePath = "/fake";
@@ -134,18 +134,18 @@ class FakeApi
$queryParams = array();
$headerParams = array();
$formParams = array();
$_header_accept = $this->apiClient->selectHeaderAccept(array('application/json', '*/ ' " =end'));
$_header_accept = $this->apiClient->selectHeaderAccept(array('application/json', '*_/ \" =end'));
if (!is_null($_header_accept)) {
$headerParams['Accept'] = $_header_accept;
}
$headerParams['Content-Type'] = $this->apiClient->selectHeaderContentType(array('application/json','*/ ' " =end'));
$headerParams['Content-Type'] = $this->apiClient->selectHeaderContentType(array('application/json','*_/ \" =end'));
// default format to json
$resourcePath = str_replace("{format}", "json", $resourcePath);
// form params
if ($test_code_inject____end !== null) {
$formParams['test code inject */ &#39; &quot; &#x3D;end'] = $this->apiClient->getSerializer()->toFormValue($test_code_inject____end);
if ($test_code_inject____end_rn_n_r !== null) {
$formParams['test code inject */ &#39; &quot; &#x3D;end \r\n \n \r'] = $this->apiClient->getSerializer()->toFormValue($test_code_inject____end_rn_n_r);
}
// for model (json/xml)

8
samples/client/petstore-security-test/php/SwaggerClient-php/lib/ApiClient.php
View File

@@ -12,12 +12,12 @@
*/
/**
* Swagger Petstore */ ' " =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ */ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 */ ' " =end
* Contact: apiteam@swagger.io */ ' " =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");

8
samples/client/petstore-security-test/php/SwaggerClient-php/lib/ApiException.php
View File

@@ -11,12 +11,12 @@
*/
/**
* Swagger Petstore */ ' " =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ */ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 */ ' " =end
* Contact: apiteam@swagger.io */ ' " =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");

12
samples/client/petstore-security-test/php/SwaggerClient-php/lib/Configuration.php
View File

@@ -11,12 +11,12 @@
*/
/**
* Swagger Petstore */ ' " =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ */ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 */ ' " =end
* Contact: apiteam@swagger.io */ ' " =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -102,7 +102,7 @@ class Configuration
*
* @var string
*/
protected $host = 'https://petstore.swagger.io */ &#39; &quot; &#x3D;end/v2 */ &#39; &quot; &#x3D;end';
protected $host = 'https://petstore.swagger.io *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r/v2 *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r';
/**
* Timeout (second) of the HTTP request, by default set to 0, no timeout
@@ -522,7 +522,7 @@ class Configuration
$report = 'PHP SDK (Swagger\Client) Debug Report:' . PHP_EOL;
$report .= ' OS: ' . php_uname() . PHP_EOL;
$report .= ' PHP Version: ' . phpversion() . PHP_EOL;
$report .= ' OpenAPI Spec Version: 1.0.0 */ &#39; &quot; &#x3D;end' . PHP_EOL;
$report .= ' OpenAPI Spec Version: 1.0.0 *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r' . PHP_EOL;
$report .= ' Temp Folder Path: ' . self::getDefaultConfiguration()->getTempFolderPath() . PHP_EOL;
return $report;

12
samples/client/petstore-security-test/php/SwaggerClient-php/lib/Model/ModelReturn.php
View File

@@ -12,12 +12,12 @@
*/
/**
* Swagger Petstore */ ' " =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ */ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 */ ' " =end
* Contact: apiteam@swagger.io */ ' " =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -47,7 +47,7 @@ use \ArrayAccess;
* ModelReturn Class Doc Comment
*
* @category Class */
// @description Model for testing reserved words */ &#39; \&quot; &#x3D;end
// @description Model for testing reserved words *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r
/**
* @package Swagger\Client
* @author http://github.com/swagger-api/swagger-codegen
@@ -167,7 +167,7 @@ class ModelReturn implements ArrayAccess
/**
* Sets return
* @param int $return property description */ ' \" =end
* @param int $return property description *_/ ' \" =end \\r\\n \\n \\r
* @return $this
*/
public function setReturn($return)

10
samples/client/petstore-security-test/php/SwaggerClient-php/lib/ObjectSerializer.php
View File

@@ -12,12 +12,12 @@
*/
/**
* Swagger Petstore */ ' " =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ */ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 */ ' " =end
* Contact: apiteam@swagger.io */ ' " =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -264,7 +264,7 @@ class ObjectSerializer
} else {
return null;
}
} elseif (in_array($class, array('void', 'bool', 'string', 'double', 'byte', 'mixed', 'integer', 'float', 'int', 'DateTime', 'number', 'boolean', 'object'))) {
} elseif (in_array($class, array('integer', 'int', 'void', 'number', 'object', 'double', 'float', 'byte', 'DateTime', 'string', 'mixed', 'boolean', 'bool'))) {
settype($data, $class);
return $data;
} elseif ($class === '\SplFileObject') {

14
samples/client/petstore-security-test/php/SwaggerClient-php/test/Api/FakeApiTest.php
View File

@@ -11,12 +11,12 @@
*/
/**
* Swagger Petstore ' \" =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 ' \" =end
* Contact: apiteam@swagger.io ' \" =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -90,12 +90,12 @@ class FakeApiTest extends \PHPUnit_Framework_TestCase
}
/**
* Test case for testCodeInjectEnd
* Test case for testCodeInjectEndRnNR
*
* To test code injection ' \" =end.
* To test code injection *_/ ' \" =end \\r\\n \\n \\r.
*
*/
public function testTestCodeInjectEnd()
public function testTestCodeInjectEndRnNR()
{
}

10
samples/client/petstore-security-test/php/SwaggerClient-php/test/Model/ModelReturnTest.php
View File

@@ -12,12 +12,12 @@
*/
/**
* Swagger Petstore ' \" =end
* Swagger Petstore *_/ ' \" =end \\r\\n \\n \\r
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ ' \" =end
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\ *_/ ' \" =end
*
* OpenAPI spec version: 1.0.0 ' \" =end
* Contact: apiteam@swagger.io ' \" =end
* OpenAPI spec version: 1.0.0 *_/ ' \" =end \\r\\n \\n \\r
* Contact: apiteam@swagger.io *_/ ' \" =end \\r\\n \\n \\r
* Generated by: https://github.com/swagger-api/swagger-codegen.git
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -45,7 +45,7 @@ namespace Swagger\Client;
* ModelReturnTest Class Doc Comment
*
* @category Class */
// * @description Model for testing reserved words &#39; \&quot; &#x3D;end
// * @description Model for testing reserved words *_/ &#39; \&quot; &#x3D;end \\r\\n \\n \\r
/**
* @package Swagger\Client
* @author http://github.com/swagger-api/swagger-codegen