Skip to content

Develop #74

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
SebastianDT1 merged 12 commits into from
Feb 17, 2026
Merged

Develop #74

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
2774093
refactor: unify security responses checks oar035 and oar096
mels-h Feb 16, 2026
7e744e5
refactor: unify path responses checks oar073 and oar079
mels-h Feb 16, 2026
481aad8
refactor: unify forbidden query checks oar083 and oar084
mels-h Feb 16, 2026
3bad7e2
refactor: unify resources by verb checks oar103 to oar107
mels-h Feb 17, 2026
f8e7d77
refactor: unify abstract wso2 checks oar004 and oar040
mels-h Feb 17, 2026
8ca01e9
Merge pull request #72 from apiaddicts/fix/56/sonar-issues
SebastianDT1 Feb 17, 2026
eb2fe95
refactor: unify abstract parameter checks oar060 and oar070
mels-h Feb 17, 2026
678429d
refactor: unify wso2 operation checks oar005 and oar041
mels-h Feb 17, 2026
b0e1a0b
refactor: unify abstract info object checks oar110 and oar111
mels-h Feb 17, 2026
3a6942d
refactor: unify typed param checks oar074 and oar075
mels-h Feb 17, 2026
39b7814
fix: sonar issue on verb path matcher
mels-h Feb 17, 2026
7bf580e
Merge pull request #73 from apiaddicts/fix/56/sonar-issues
SebastianDT1 Feb 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 39 additions & 0 deletions src/main/java/apiaddicts/sonar/openapi/checks/apim/wso2/AbstractPatternWso2ScopesCheck.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
package apiaddicts.sonar.openapi.checks.apim.wso2;

import org.apiaddicts.apitools.dosonarapi.sslr.yaml.grammar.JsonNode;

import java.util.regex.Pattern;

public abstract class AbstractPatternWso2ScopesCheck extends AbstractWso2ScopesCheck {

protected final String ruleKey;
protected final String messageKey;
protected final String fieldName;
protected final String defaultPatternValue;

protected Pattern pattern;
private String patternStr;

protected AbstractPatternWso2ScopesCheck(String key, String message, String fieldName, String defaultPatternValue) {
this.ruleKey = key;
this.messageKey = message;
this.fieldName = fieldName;
this.defaultPatternValue = defaultPatternValue;
}

@Override
protected void visitFile(JsonNode root) {
pattern = Pattern.compile(patternStr != null ? patternStr : defaultPatternValue);
}

@Override
protected void visitScope(JsonNode scope) {
JsonNode fieldNode = scope.propertyMap().get(fieldName);
if (fieldNode == null || fieldNode.isNull() || fieldNode.isMissing()) return;

String fieldText = fieldNode.getTokenValue();
boolean notValid = !pattern.matcher(fieldText).matches();

if (notValid) addIssue(ruleKey, translate(messageKey), fieldNode.value());
}
}
28 changes: 28 additions & 0 deletions src/main/java/apiaddicts/sonar/openapi/checks/apim/wso2/AbstractWso2OperationCheck.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
package apiaddicts.sonar.openapi.checks.apim.wso2;

import com.google.common.collect.ImmutableSet;
import com.sonar.sslr.api.AstNodeType;
import apiaddicts.sonar.openapi.checks.BaseCheck;
import org.apiaddicts.apitools.dosonarapi.api.v2.OpenApi2Grammar;
import org.apiaddicts.apitools.dosonarapi.api.v3.OpenApi3Grammar;
import org.apiaddicts.apitools.dosonarapi.sslr.yaml.grammar.JsonNode;

import java.util.Set;

public abstract class AbstractWso2OperationCheck extends BaseCheck {

@Override
public Set<AstNodeType> subscribedKinds() {
return ImmutableSet.of(
OpenApi2Grammar.OPERATION,
OpenApi3Grammar.OPERATION
);
}

@Override
public void visitNode(JsonNode node) {
visitOperationNode(node);
}

protected abstract void visitOperationNode(JsonNode node);
}
47 changes: 16 additions & 31 deletions src/main/java/apiaddicts/sonar/openapi/checks/apim/wso2/OAR004ValidWso2ScopesRolesCheck.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,36 +2,21 @@

import org.sonar.check.Rule;
import org.sonar.check.RuleProperty;
import org.apiaddicts.apitools.dosonarapi.sslr.yaml.grammar.JsonNode;

import java.util.regex.Pattern;

@Rule(key = OAR004ValidWso2ScopesRolesCheck.KEY)
public class OAR004ValidWso2ScopesRolesCheck extends AbstractWso2ScopesCheck {

public static final String KEY = "OAR004";
private static final String DEFAULT_PATTERN_VALUE = "^[a-zA-Z0-9_\\-., ]+$";
private static final String MESSAGE = "OAR004.error";

@RuleProperty(
key = "pattern",
description = "Regular expression used to check the 'roles' field against.",
defaultValue = DEFAULT_PATTERN_VALUE)
public String patternStr = DEFAULT_PATTERN_VALUE;

private Pattern pattern;

@Override
protected void visitFile(JsonNode root) {
pattern = Pattern.compile(patternStr);
}

@Override
protected void visitScope(JsonNode scope) {
JsonNode roles = scope.propertyMap().get("roles");
if (roles == null || roles.isNull() || roles.isMissing()) return;
String rolesText = roles.getTokenValue();
boolean notValid = !pattern.matcher(rolesText).matches();
if (notValid) addIssue(KEY, translate(MESSAGE), roles);
}
}
public class OAR004ValidWso2ScopesRolesCheck extends AbstractPatternWso2ScopesCheck {

public static final String KEY = "OAR004";
private static final String MESSAGE = "OAR004.error";
private static final String DEFAULT_PATTERN_VALUE = "^[a-zA-Z0-9_\\-., ]+$";

@RuleProperty(
key = "pattern",
description = "Regular expression used to check the 'roles' field against.",
defaultValue = DEFAULT_PATTERN_VALUE)
private String patternStr = DEFAULT_PATTERN_VALUE;

public OAR004ValidWso2ScopesRolesCheck() {
super(KEY, MESSAGE, "roles", DEFAULT_PATTERN_VALUE);
}
}
96 changes: 47 additions & 49 deletions ...main/java/apiaddicts/sonar/openapi/checks/apim/wso2/OAR005UndefinedWso2ScopeUseCheck.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,7 @@
package apiaddicts.sonar.openapi.checks.apim.wso2;

import com.google.common.collect.ImmutableSet;
import com.sonar.sslr.api.AstNode;
import com.sonar.sslr.api.AstNodeType;
import org.sonar.check.Rule;
import org.apiaddicts.apitools.dosonarapi.api.v2.OpenApi2Grammar;
import org.apiaddicts.apitools.dosonarapi.api.v3.OpenApi3Grammar;
import apiaddicts.sonar.openapi.checks.BaseCheck;
import org.apiaddicts.apitools.dosonarapi.sslr.yaml.grammar.JsonNode;

import java.util.Collections;
Expand All @@ -16,47 +11,50 @@
import static java.util.Objects.isNull;

@Rule(key = OAR005UndefinedWso2ScopeUseCheck.KEY)
public class OAR005UndefinedWso2ScopeUseCheck extends BaseCheck {

public static final String KEY = "OAR005";
private static final String MESSAGE = "OAR005.error";

private Set<String> definedScopes;

@Override
protected void visitFile(JsonNode root) {
definedScopes = getScopes(root);
}

private Set<String> getScopes(JsonNode root) {
JsonNode scopes = root.get("x-wso2-security").get("apim").get("x-wso2-scopes");
if (scopes.isMissing() || scopes.isNull()) return Collections.emptySet();
return scopes
.elements()
.stream()
.map(node -> node.get("name"))
.filter(node -> !node.isMissing() && !node.isNull())
.map(AstNode::getTokenValue)
.collect(Collectors.toSet());
}

@Override
public Set<AstNodeType> subscribedKinds() {
return ImmutableSet.of(OpenApi2Grammar.OPERATION, OpenApi3Grammar.OPERATION);
}

@Override
public void visitNode(JsonNode node) {
visitV2Node(node);
}

private void visitV2Node(JsonNode node) {
JsonNode scopeNode = node.get("x-scope");
if (scopeNode.isMissing()) return;
String scope = scopeNode.isNull() ? null : scopeNode.getTokenValue();
if (isNull(scope) || !definedScopes.contains(scope)) {
addIssue(KEY, translate(MESSAGE), scopeNode);
}
}

}
public class OAR005UndefinedWso2ScopeUseCheck
extends AbstractWso2OperationCheck {

public static final String KEY = "OAR005";
private static final String MESSAGE = "OAR005.error";

private Set<String> definedScopes;

@Override
protected void visitFile(JsonNode root) {
definedScopes = getScopes(root);
}

private Set<String> getScopes(JsonNode root) {

JsonNode scopes = root
.get("x-wso2-security")
.get("apim")
.get("x-wso2-scopes");

if (scopes.isMissing() || scopes.isNull()) {
return Collections.emptySet();
}

return scopes.elements().stream()
.map(node -> node.get("name"))
.filter(node -> !node.isMissing() && !node.isNull())
.map(AstNode::getTokenValue)
.collect(Collectors.toSet());
}

@Override
protected void visitOperationNode(JsonNode node) {

JsonNode scopeNode = node.get("x-scope");

if (scopeNode.isMissing()) return;

String scope = scopeNode.isNull()
? null
: scopeNode.getTokenValue();

if (isNull(scope) || !definedScopes.contains(scope)) {
addIssue(KEY, translate(MESSAGE), scopeNode);
}
}
}
47 changes: 16 additions & 31 deletions ...ain/java/apiaddicts/sonar/openapi/checks/apim/wso2/OAR040StandardWso2ScopesNameCheck.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,36 +2,21 @@

import org.sonar.check.Rule;
import org.sonar.check.RuleProperty;
import org.apiaddicts.apitools.dosonarapi.sslr.yaml.grammar.JsonNode;

import java.util.regex.Pattern;

@Rule(key = OAR040StandardWso2ScopesNameCheck.KEY)
public class OAR040StandardWso2ScopesNameCheck extends AbstractWso2ScopesCheck {

public static final String KEY = "OAR040";
private static final String DEFAULT_PATTERN_VALUE = "^[a-zA-Z]{4,}_(SC|sc)_[a-zA-Z0-9]{1,}$";
private static final String MESSAGE = "OAR040.error";

@RuleProperty(
key = "pattern",
description = "Regular expression used to check the 'name' field against.",
defaultValue = DEFAULT_PATTERN_VALUE)
public String patternStr = DEFAULT_PATTERN_VALUE;

private Pattern pattern;

@Override
protected void visitFile(JsonNode root) {
pattern = Pattern.compile(patternStr);
}

@Override
protected void visitScope(JsonNode scope) {
JsonNode name = scope.propertyMap().get("name");
if (name == null || name.isNull() || name.isMissing()) return;
String nameText = name.getTokenValue();
boolean notValid = !pattern.matcher(nameText).matches();
if (notValid) addIssue(KEY, translate(MESSAGE), name.value());
}
}
public class OAR040StandardWso2ScopesNameCheck extends AbstractPatternWso2ScopesCheck {

public static final String KEY = "OAR040";
private static final String MESSAGE = "OAR040.error";
private static final String DEFAULT_PATTERN_VALUE = "^[a-zA-Z]{4,}_(SC|sc)_[a-zA-Z0-9]{1,}$";

@RuleProperty(
key = "pattern",
description = "Regular expression used to check the 'name' field against.",
defaultValue = DEFAULT_PATTERN_VALUE)
private String patternStr = DEFAULT_PATTERN_VALUE;

public OAR040StandardWso2ScopesNameCheck() {
super(KEY, MESSAGE, "name", DEFAULT_PATTERN_VALUE);
}
}
25 changes: 7 additions & 18 deletions ...a/apiaddicts/sonar/openapi/checks/apim/wso2/OAR041UndefinedAuthTypeForWso2ScopeCheck.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,37 +1,26 @@
package apiaddicts.sonar.openapi.checks.apim.wso2;

import com.google.common.collect.ImmutableSet;
import com.sonar.sslr.api.AstNodeType;
import org.sonar.check.Rule;
import org.apiaddicts.apitools.dosonarapi.api.v2.OpenApi2Grammar;
import org.apiaddicts.apitools.dosonarapi.api.v3.OpenApi3Grammar;
import apiaddicts.sonar.openapi.checks.BaseCheck;
import org.apiaddicts.apitools.dosonarapi.sslr.yaml.grammar.JsonNode;

import java.util.Set;

@Rule(key = OAR041UndefinedAuthTypeForWso2ScopeCheck.KEY)
public class OAR041UndefinedAuthTypeForWso2ScopeCheck extends BaseCheck {
public class OAR041UndefinedAuthTypeForWso2ScopeCheck
extends AbstractWso2OperationCheck {

public static final String KEY = "OAR041";
private static final String MESSAGE = "OAR041.error";

@Override
public Set<AstNodeType> subscribedKinds() {
return ImmutableSet.of(OpenApi2Grammar.OPERATION, OpenApi3Grammar.OPERATION);
}

@Override
public void visitNode(JsonNode node) {
visitV2Node(node);
}
protected void visitOperationNode(JsonNode node) {

private void visitV2Node(JsonNode node) {
JsonNode scopeNode = node.get("x-scope");

if (scopeNode.isMissing()) return;

JsonNode authTypeNode = node.get("x-auth-type");

if (authTypeNode.isMissing()) {
addIssue(KEY, translate(MESSAGE), scopeNode.key());
}
}
}
}
Loading
Loading