Open edersonbrilhante opened 4 years ago
valentijnscholten
commented
4 years ago I think it's a great idea, but haven't looked yet into the details if it supports all operations. Not sure if everything is in the swagger spec. I remember when browsing the swagger docs on defect dojo some api features are not there.
edersonbrilhante
commented
4 years ago Indeed, but I downloaded with curl using token in headers, so I got details that was not available with the browser
curl -X GET '<endpoint>/api/v2/doc/?format=openapi' -H 'Authorization: Token<token>' If the swagger is well configured in django-DefectDojo/dojo/api_v2/views.py I think it will not be a problem.
I saw some methods(@action) in ViewSet without swagger_auto_schema, so there are responses and request_bodys wrong.
Example:
api/v2/finding/ = are ok
api/v2/finding/
edersonbrilhante
commented
4 years ago Hi @valentijnscholten I fixed here https://github.com/DefectDojo/django-DefectDojo/pull/2488
alles-klar
commented
4 years ago I created a similar project a while ago: https://github.com/alles-klar/defectdojo-api-v2-client. Generally it works fine but there are some bugs in the defectdojo swagger documentation. So for a stable api client we need to write a lot of tests. @edersonbrilhante do you have an idea how to automatically generate tests?
edersonbrilhante
commented
4 years ago @alles-klar My PR fixing some bugs defectdojo swagger documentation was merged to dev. I am not sure about these tests.
Description
I am using [swagger-codegen] (https://github.com/swagger-api/swagger-codegen) to generate a better mirror of defectdojo API.
This way it is not needed to add manually new paths, actions, payload, etc It is needed just to run swagger-codegen using the latest version of swagger file provided by defectdojo in
/api/v2/doc/?format=openapiExample
Here is my project running with this purpose https://github.com/William-Hill-Online/defectdojo-api-swagger