search

OpenAPITools / openapi-generator

OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec (v2, v3)
https://openapi-generator.tech
Apache License 2.0
21.3k stars 6.44k forks source link

[REQ] Spring: Add option to disable creating toString()-Method #14156

Open DevilJul opened 1 year ago

DevilJul commented 1 year ago

Currently, the POJO always contains a toString()-Method containing all fields. This can be a problem if the POJO is logged and contains sensitive data.

I suggest a configuration-parameter "excludeToString" so that the toString method is not generated anymore.

As Lombok is widely used it's often the preferred way to generate this method:

  1. Setting configuration additionalModelTypeAnnotations = @lombok.ToString
  2. Setting x-field-extra-annotation: ""@lombok.ToString.Include"/ "@lombok.ToString.Exclude" in API.yaml

Of course I can customize the mustache template and use this but I think this feature might be useful for quite a lot of people.

I'd happily contribute this feature as PR.

fenuks commented 1 year ago

I think it would be better to add extension and take into account existing format: password for type: string – problem is not unique to java, and solution preferably should be applicable for all generators.

raffian commented 1 month ago

Just throwing this out there as I faced the same issue with unwanted code generated for toString() as well as equals(), and hashcode() for all my schema objects. Those methods are not very useful in Api projects since request/response objects are short-lived , but without a way to suppress them in @lombok.Builder we found ourselves wasting time writing unit tests to cover that code. My original pom.xml looked like this.

<configOptions>
    <additionalModelTypeAnnotations>
        @lombok.Builder;
        @lombok.AllArgsConstructor(access = lombok.AccessLevel.PRIVATE);
        @lombok.NoArgsConstructor(access = lombok.AccessLevel.PUBLIC);
    </additionalModelTypeAnnotations>
</configOptions>

We had an idea of using @ToString and @EqualsAndHashCode with strict requirements (onlyExplicitlyIncluded=true) that would always fail thus suppressing codegen of those method - a sort of inside-out solution. To our surprise, this worked beautifully. Our schema objects now contain no generated code whatsoever for toString(), equals(), or hashcode() - greatly reducing our test coverage requirements. FYI, if you take this route make sure to leave generous comments for the next developer reading your code.

<configOptions>
    <additionalModelTypeAnnotations>
        @lombok.Builder;
        @lombok.AllArgsConstructor(access = lombok.AccessLevel.PRIVATE);
        @lombok.NoArgsConstructor(access = lombok.AccessLevel.PUBLIC);
        @lombok.ToString(onlyExplicitlyIncluded = true);
        @lombok.EqualsAndHashCode(onlyExplicitlyIncluded = true);
    </additionalModelTypeAnnotations>
</configOptions>