Refactoring

core/src/main/java/com/predic8/membrane/core/openapi/validators/QueryParameterValidator.java

@@ -30,6 +30,8 @@
 
 import static com.predic8.membrane.core.openapi.validators.ValidationContext.ValidatedEntityType.QUERY_PARAMETER;
 import static com.predic8.membrane.core.util.URLParamUtil.DuplicateKeyOrInvalidFormStrategy.ERROR;
+import static io.swagger.v3.oas.models.security.SecurityScheme.In.QUERY;
+import static io.swagger.v3.oas.models.security.SecurityScheme.Type.APIKEY;
 
 public class QueryParameterValidator extends AbstractParameterValidator{
 
@@ -62,19 +64,19 @@ private Map<String, String> getQueryParams(String query) {
         return new HashMap<>();
     }
 
-    ValidationError validateAdditionalQueryParameters(ValidationContext ctx, Map<String, String> qparams, OpenAPI api) {
-        collectSchemeQueryParamKeys(api).forEach(qparams::remove);
+    ValidationErrors validateAdditionalQueryParameters(ValidationContext ctx, Map<String, String> qparams, OpenAPI api) {
+        securitySchemeApiKeyQueryParamNames(api).forEach(qparams::remove);
 
         if (!qparams.isEmpty()) {
-            return new ValidationError(ctx.entityType(QUERY_PARAMETER), "There are query parameters that are not supported by the API: " + qparams.keySet());
+            return ValidationErrors.create(ctx.entityType(QUERY_PARAMETER), "There are query parameters that are not supported by the API: " + qparams.keySet());
         }
 
-        return null;
+        return ValidationErrors.empty();
     }
 
-    public List<String> collectSchemeQueryParamKeys(OpenAPI api) {
+    public List<String> securitySchemeApiKeyQueryParamNames(OpenAPI api) {
         return api.getComponents().getSecuritySchemes().values().stream()
-                .filter(scheme -> scheme != null && scheme.getIn() != null && scheme.getIn().toString().equals("query"))
+                .filter(scheme -> scheme != null && scheme.getType().equals(APIKEY) && scheme.getIn().equals(QUERY))
                 .map(SecurityScheme::getName)
                 .toList();
     }

core/src/main/java/com/predic8/membrane/core/openapi/validators/ValidationErrors.java

@@ -68,6 +68,10 @@ public int size() {
         return errors.size();
     }
 
+    public static ValidationErrors empty() {
+        return new ValidationErrors();
+    }
+
     public boolean isEmpty() {
         return size() == 0;
     }

core/src/test/java/com/predic8/membrane/core/openapi/validators/QueryParameterValidatorTest.java

@@ -13,19 +13,15 @@
    limitations under the License. */
 package com.predic8.membrane.core.openapi.validators;
 
-import io.swagger.v3.oas.models.Components;
-import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.*;
 import io.swagger.v3.oas.models.parameters.*;
-import io.swagger.v3.oas.models.security.SecurityRequirement;
-import io.swagger.v3.oas.models.security.SecurityScheme;
-import org.apache.commons.lang3.tuple.Pair;
+import io.swagger.v3.oas.models.security.*;
 import org.junit.jupiter.api.*;
 
 import java.util.*;
 
-import static io.swagger.v3.oas.models.security.SecurityScheme.In.HEADER;
-import static io.swagger.v3.oas.models.security.SecurityScheme.In.QUERY;
-import static java.util.Collections.emptyList;
+import static io.swagger.v3.oas.models.security.SecurityScheme.In.*;
+import static io.swagger.v3.oas.models.security.SecurityScheme.Type.APIKEY;
 import static org.junit.jupiter.api.Assertions.*;
 
 class QueryParameterValidatorTest extends AbstractValidatorTest{
@@ -67,37 +63,34 @@ void resolveReferencedParameter() {
 
     @Test
     void testValidateAdditionalQueryParametersValid() {
-        var spec = new OpenAPI().components(new Components() {{
-            addSecuritySchemes("test1", new SecurityScheme().name("foo").in(QUERY));
-        }});
-
-        assertNull(queryParameterValidator.validateAdditionalQueryParameters(
+        assertTrue(queryParameterValidator.validateAdditionalQueryParameters(
                 new ValidationContext(),
-                new HashMap<>(){{put("foo", "bar");}},
-                spec
-        ));
+                new HashMap<>(){{put("api-key", "234523");}},
+                new OpenAPI().components(new Components() {{
+                    addSecuritySchemes("schemaA", new SecurityScheme().type(APIKEY).name("api-key").in(QUERY));
+                }})
+        ).isEmpty());
     }
 
     @Test
     void testValidateAdditionalQueryParametersInvalid() {
-        var spec = new OpenAPI().components(new Components() {{
-            addSecuritySchemes("test1", new SecurityScheme().name("foo").in(QUERY));
-        }});
 
-        assertNotNull(queryParameterValidator.validateAdditionalQueryParameters(
+        assertFalse(queryParameterValidator.validateAdditionalQueryParameters(
                 new ValidationContext(),
-                new HashMap<>(){{put("bar", "baz");}},
-                spec
-        ));
+                new HashMap<>(){{put("bar", "2315124");}},
+                new OpenAPI().components(new Components() {{
+                    addSecuritySchemes("schemaA", new SecurityScheme().type(APIKEY).name("api-key").in(QUERY));
+                }})
+        ).isEmpty());
     }
 
     @Test
     void testCollectSchemeQueryParamKeys() {
         var spec = new OpenAPI().components(new Components() {{
-            addSecuritySchemes("test1", new SecurityScheme().name("foo").in(QUERY));
-            addSecuritySchemes("test2", new SecurityScheme().name("bar").in(QUERY));
+            addSecuritySchemes("schemaA", new SecurityScheme().type(APIKEY).name("api-key").in(QUERY));
+            addSecuritySchemes("schemaB", new SecurityScheme().type(APIKEY).name("x-api-key").in(QUERY));
         }});
 
-        assertEquals(List.of("foo", "bar"), queryParameterValidator.collectSchemeQueryParamKeys(spec));
+        assertEquals(List.of("api-key", "x-api-key"), queryParameterValidator.securitySchemeApiKeyQueryParamNames(spec));
     }
 }