diff --git a/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass5.json b/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass5.json new file mode 100644 index 00000000000..aaf0919d252 --- /dev/null +++ b/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass5.json @@ -0,0 +1,41 @@ +{ + "swagger": "2.0", + "info": { + "title": "Simple API overview", + "version": "1.0.0" + }, + "schemes": [ + "wss" + ], + "paths": { + "/pets": { + "post": { + "description": "Creates a new pet in the store", + "responses": { + "200": { + "description": "200 response" + } + }, + "operationId": "addPet", + "security": [ + { + "apiKey1": [], + "apiKey3": [] + } + ] + } + } + }, + "securityDefinitions": { + "apiKey1": { + "type": "apiKey", + "name": "X-API-Key", + "in": "header" + }, + "apiKey3": { + "type": "apiKey", + "name": "X-API-Key", + "in": "query" + } + } +} \ No newline at end of file diff --git a/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass5.yaml b/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass5.yaml new file mode 100644 index 00000000000..c97ca16ff9d --- /dev/null +++ b/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass5.yaml @@ -0,0 +1,26 @@ +swagger: "2.0" +info: + title: Simple API overview + version: 1.0.0 +schemes: + - wss +paths: + /pets: + post: + description: Creates a new pet in the store + responses: + "200": + description: 200 response + operationId: addPet + security: + - apiKey1: [] + apiKey3: [] +securityDefinitions: + apiKey1: + type: apiKey + name: X-API-Key + in: header + apiKey3: + type: apiKey + name: X-API-Key + in: query diff --git a/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass6.json b/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass6.json new file mode 100644 index 00000000000..ce5807cbcd3 --- /dev/null +++ b/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass6.json @@ -0,0 +1,52 @@ +{ + "openapi": "3.0.0", + "info": { + "title": "Simple API overview", + "version": "1.0.0" + }, + "servers": [ + { + "url": "wss://example.com/socket", + "description": "Local server" + } + ], + "paths": { + "/pets": { + "post": { + "description": "Creates a new pet in the store", + "responses": { + "200": { + "description": "200 response" + } + }, + "operationId": "addPet", + "security": [ + { + "apiKey1": [], + "apiKey2": [], + "apiKey3": [] + } + ] + } + } + }, + "components": { + "securitySchemes": { + "apiKey1": { + "type": "apiKey", + "name": "X-API-Key", + "in": "header" + }, + "apiKey2": { + "type": "apiKey", + "name": "X-API-Key", + "in": "cookie" + }, + "apiKey3": { + "type": "apiKey", + "name": "X-API-Key", + "in": "query" + } + } + } +} diff --git a/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass6.yaml b/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass6.yaml new file mode 100644 index 00000000000..986e6b74a4b --- /dev/null +++ b/tests/openapi/checks/resource/generic/example_ClearTextAPIKey/pass6.yaml @@ -0,0 +1,33 @@ +openapi: 3.0.0 +info: + title: Simple API overview + version: 1.0.0 +servers: + - url: wss://example.com/socket + description: Local server +paths: + /pets: + post: + description: Creates a new pet in the store + responses: + '200': + description: 200 response + operationId: addPet + security: + - apiKey1: [] + apiKey2: [] + apiKey3: [] +components: + securitySchemes: + apiKey1: + type: apiKey + name: X-API-Key + in: header + apiKey2: + type: apiKey + name: X-API-Key + in: cookie + apiKey3: + type: apiKey + name: X-API-Key + in: query diff --git a/tests/openapi/checks/resource/generic/test_ClearTextAPIKey.py b/tests/openapi/checks/resource/generic/test_ClearTextAPIKey.py index d9003fbf715..93d24a2ac5b 100644 --- a/tests/openapi/checks/resource/generic/test_ClearTextAPIKey.py +++ b/tests/openapi/checks/resource/generic/test_ClearTextAPIKey.py @@ -27,6 +27,10 @@ def test_summary(self): "/pass3.json", "/pass4.yaml", "/pass4.json", + "/pass5.yaml", + "/pass5.json", + "/pass6.yaml", + "/pass6.json", } failing_resources = { "/fail.yaml",