diff --git a/modules/openapi-generator/src/main/resources/go-server/controller-api.mustache b/modules/openapi-generator/src/main/resources/go-server/controller-api.mustache index 73b495c3110..583de2dca7c 100644 --- a/modules/openapi-generator/src/main/resources/go-server/controller-api.mustache +++ b/modules/openapi-generator/src/main/resources/go-server/controller-api.mustache @@ -98,7 +98,11 @@ func (c *{{classname}}Controller) {{nickname}}(w http.ResponseWriter, r *http.Re {{/mux}} {{/routers}} {{#hasQueryParams}} - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } {{/hasQueryParams}} {{#allParams}} {{#isPathParam}} diff --git a/modules/openapi-generator/src/main/resources/go-server/routers.mustache b/modules/openapi-generator/src/main/resources/go-server/routers.mustache index 3fe075ec240..fb2d043076a 100644 --- a/modules/openapi-generator/src/main/resources/go-server/routers.mustache +++ b/modules/openapi-generator/src/main/resources/go-server/routers.mustache @@ -23,6 +23,7 @@ import ( "io" "mime/multipart" "net/http" + "net/url" "os" "strconv" "strings" @@ -370,3 +371,9 @@ func parseNumericArrayParameter[T Number](param, delim string, required bool, fn return values, nil } + + +// parseQuery parses query paramaters and returns an error if any malformed value pairs are encountered. +func parseQuery(rawQuery string) (url.Values, error) { + return url.ParseQuery(rawQuery) +} \ No newline at end of file diff --git a/samples/openapi3/server/petstore/go/go-petstore/go/api_pet.go b/samples/openapi3/server/petstore/go/go-petstore/go/api_pet.go index 6b7c61f9ca4..1406472c0ff 100644 --- a/samples/openapi3/server/petstore/go/go-petstore/go/api_pet.go +++ b/samples/openapi3/server/petstore/go/go-petstore/go/api_pet.go @@ -144,7 +144,11 @@ func (c *PetAPIController) DeletePet(w http.ResponseWriter, r *http.Request) { // FindPetsByStatus - Finds Pets by status func (c *PetAPIController) FindPetsByStatus(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var statusParam []string if query.Has("status") { statusParam = strings.Split(query.Get("status"), ",") @@ -162,7 +166,11 @@ func (c *PetAPIController) FindPetsByStatus(w http.ResponseWriter, r *http.Reque // FindPetsByTags - Finds Pets by tags // Deprecated func (c *PetAPIController) FindPetsByTags(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var tagsParam []string if query.Has("tags") { tagsParam = strings.Split(query.Get("tags"), ",") diff --git a/samples/openapi3/server/petstore/go/go-petstore/go/api_user.go b/samples/openapi3/server/petstore/go/go-petstore/go/api_user.go index 998327702a2..71f2b3d1de1 100644 --- a/samples/openapi3/server/petstore/go/go-petstore/go/api_user.go +++ b/samples/openapi3/server/petstore/go/go-petstore/go/api_user.go @@ -172,7 +172,11 @@ func (c *UserAPIController) CreateUsersWithListInput(w http.ResponseWriter, r *h // DeleteUser - Delete user func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } usernameParam := chi.URLParam(r, "username") if usernameParam == "" { c.errorHandler(w, r, &RequiredError{"username"}, nil) @@ -221,7 +225,11 @@ func (c *UserAPIController) GetUserByName(w http.ResponseWriter, r *http.Request // LoginUser - Logs user into the system func (c *UserAPIController) LoginUser(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var usernameParam string if query.Has("username") { param := query.Get("username") diff --git a/samples/openapi3/server/petstore/go/go-petstore/go/routers.go b/samples/openapi3/server/petstore/go/go-petstore/go/routers.go index 07d148352e2..ed9069c86d5 100644 --- a/samples/openapi3/server/petstore/go/go-petstore/go/routers.go +++ b/samples/openapi3/server/petstore/go/go-petstore/go/routers.go @@ -18,6 +18,7 @@ import ( "io" "mime/multipart" "net/http" + "net/url" "os" "strconv" "strings" @@ -337,3 +338,9 @@ func parseNumericArrayParameter[T Number](param, delim string, required bool, fn return values, nil } + + +// parseQuery parses query paramaters and returns an error if any malformed value pairs are encountered. +func parseQuery(rawQuery string) (url.Values, error) { + return url.ParseQuery(rawQuery) +} \ No newline at end of file diff --git a/samples/server/petstore/go-api-server/go/api_pet.go b/samples/server/petstore/go-api-server/go/api_pet.go index 925d27a78ec..d595b2d2cbb 100644 --- a/samples/server/petstore/go-api-server/go/api_pet.go +++ b/samples/server/petstore/go-api-server/go/api_pet.go @@ -177,7 +177,11 @@ func (c *PetAPIController) DeletePet(w http.ResponseWriter, r *http.Request) { // FilterPetsByCategory - Finds Pets func (c *PetAPIController) FilterPetsByCategory(w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } genderParam, err := NewGenderFromValue(params["gender"]) if err != nil { c.errorHandler(w, r, &ParsingError{Err: err}, nil) @@ -218,7 +222,11 @@ func (c *PetAPIController) FilterPetsByCategory(w http.ResponseWriter, r *http.R // FindPetsByStatus - Finds Pets by status func (c *PetAPIController) FindPetsByStatus(w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var statusParam []string if query.Has("status") { statusParam = strings.Split(query.Get("status"), ",") @@ -248,7 +256,11 @@ func (c *PetAPIController) FindPetsByStatus(w http.ResponseWriter, r *http.Reque // FindPetsByTags - Finds Pets by tags // Deprecated func (c *PetAPIController) FindPetsByTags(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var tagsParam []string if query.Has("tags") { tagsParam = strings.Split(query.Get("tags"), ",") @@ -356,7 +368,11 @@ func (c *PetAPIController) GetPetsByTime(w http.ResponseWriter, r *http.Request) // GetPetsUsingBooleanQueryParameters - Get the pets by only using boolean query parameters func (c *PetAPIController) GetPetsUsingBooleanQueryParameters(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var exprParam bool if query.Has("expr") { param, err := parseBoolParameter( @@ -415,7 +431,11 @@ func (c *PetAPIController) GetPetsUsingBooleanQueryParameters(w http.ResponseWri // SearchPet - Search Pets by filters func (c *PetAPIController) SearchPet(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var ageParam *int64 if query.Has("age") { param, err := parseNumericParameter[int64]( diff --git a/samples/server/petstore/go-api-server/go/api_user.go b/samples/server/petstore/go-api-server/go/api_user.go index 2828512c89f..630b5b4d6da 100644 --- a/samples/server/petstore/go-api-server/go/api_user.go +++ b/samples/server/petstore/go-api-server/go/api_user.go @@ -173,7 +173,11 @@ func (c *UserAPIController) CreateUsersWithListInput(w http.ResponseWriter, r *h // DeleteUser - Delete user func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } usernameParam := params["username"] if usernameParam == "" { c.errorHandler(w, r, &RequiredError{"username"}, nil) @@ -223,7 +227,11 @@ func (c *UserAPIController) GetUserByName(w http.ResponseWriter, r *http.Request // LoginUser - Logs user into the system func (c *UserAPIController) LoginUser(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var usernameParam string if query.Has("username") { param := query.Get("username") diff --git a/samples/server/petstore/go-api-server/go/routers.go b/samples/server/petstore/go-api-server/go/routers.go index a22936ca05a..9cd601c3b2b 100644 --- a/samples/server/petstore/go-api-server/go/routers.go +++ b/samples/server/petstore/go-api-server/go/routers.go @@ -17,6 +17,7 @@ import ( "io" "mime/multipart" "net/http" + "net/url" "os" "strconv" "strings" @@ -341,3 +342,9 @@ func parseNumericArrayParameter[T Number](param, delim string, required bool, fn return values, nil } + + +// parseQuery parses query paramaters and returns an error if any malformed value pairs are encountered. +func parseQuery(rawQuery string) (url.Values, error) { + return url.ParseQuery(rawQuery) +} \ No newline at end of file diff --git a/samples/server/petstore/go-chi-server/go/api_pet.go b/samples/server/petstore/go-chi-server/go/api_pet.go index 322476ada1a..a641b3eaa5d 100644 --- a/samples/server/petstore/go-chi-server/go/api_pet.go +++ b/samples/server/petstore/go-chi-server/go/api_pet.go @@ -175,7 +175,11 @@ func (c *PetAPIController) DeletePet(w http.ResponseWriter, r *http.Request) { // FilterPetsByCategory - Finds Pets func (c *PetAPIController) FilterPetsByCategory(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } genderParam, err := NewGenderFromValue(chi.URLParam(r, "gender")) if err != nil { c.errorHandler(w, r, &ParsingError{Err: err}, nil) @@ -215,7 +219,11 @@ func (c *PetAPIController) FilterPetsByCategory(w http.ResponseWriter, r *http.R // FindPetsByStatus - Finds Pets by status func (c *PetAPIController) FindPetsByStatus(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var statusParam []string if query.Has("status") { statusParam = strings.Split(query.Get("status"), ",") @@ -245,7 +253,11 @@ func (c *PetAPIController) FindPetsByStatus(w http.ResponseWriter, r *http.Reque // FindPetsByTags - Finds Pets by tags // Deprecated func (c *PetAPIController) FindPetsByTags(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var tagsParam []string if query.Has("tags") { tagsParam = strings.Split(query.Get("tags"), ",") @@ -350,7 +362,11 @@ func (c *PetAPIController) GetPetsByTime(w http.ResponseWriter, r *http.Request) // GetPetsUsingBooleanQueryParameters - Get the pets by only using boolean query parameters func (c *PetAPIController) GetPetsUsingBooleanQueryParameters(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var exprParam bool if query.Has("expr") { param, err := parseBoolParameter( @@ -409,7 +425,11 @@ func (c *PetAPIController) GetPetsUsingBooleanQueryParameters(w http.ResponseWri // SearchPet - Search Pets by filters func (c *PetAPIController) SearchPet(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var ageParam *int64 if query.Has("age") { param, err := parseNumericParameter[int64]( diff --git a/samples/server/petstore/go-chi-server/go/api_user.go b/samples/server/petstore/go-chi-server/go/api_user.go index 43f8c897484..94885ee318f 100644 --- a/samples/server/petstore/go-chi-server/go/api_user.go +++ b/samples/server/petstore/go-chi-server/go/api_user.go @@ -172,7 +172,11 @@ func (c *UserAPIController) CreateUsersWithListInput(w http.ResponseWriter, r *h // DeleteUser - Delete user func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } usernameParam := chi.URLParam(r, "username") if usernameParam == "" { c.errorHandler(w, r, &RequiredError{"username"}, nil) @@ -221,7 +225,11 @@ func (c *UserAPIController) GetUserByName(w http.ResponseWriter, r *http.Request // LoginUser - Logs user into the system func (c *UserAPIController) LoginUser(w http.ResponseWriter, r *http.Request) { - query := r.URL.Query() + query, err := parseQuery(r.URL.RawQuery) + if err != nil { + c.errorHandler(w, r, &ParsingError{Err: err}, nil) + return + } var usernameParam string if query.Has("username") { param := query.Get("username") diff --git a/samples/server/petstore/go-chi-server/go/routers.go b/samples/server/petstore/go-chi-server/go/routers.go index 07d148352e2..ed9069c86d5 100644 --- a/samples/server/petstore/go-chi-server/go/routers.go +++ b/samples/server/petstore/go-chi-server/go/routers.go @@ -18,6 +18,7 @@ import ( "io" "mime/multipart" "net/http" + "net/url" "os" "strconv" "strings" @@ -337,3 +338,9 @@ func parseNumericArrayParameter[T Number](param, delim string, required bool, fn return values, nil } + + +// parseQuery parses query paramaters and returns an error if any malformed value pairs are encountered. +func parseQuery(rawQuery string) (url.Values, error) { + return url.ParseQuery(rawQuery) +} \ No newline at end of file