Open Api 3 <--> RESTFul API Defender

This tool was moved from @ten-group/oa3-api-defender (which is now deprecated).

This tool is a CLI that parses an Open Api 3 Specification, calls a real API based on the spec's paths & associated response schemas, and provides command line validation on the output.

Installation

npm install oa3-api-defender --dev

yarn add oa3-api-defender --dev

Usage

npx oa3-def validate --specPath=<path_to_yaml_spec> --url=<URL_of_API>

• --specPath: path to an Open Api 3 Specification written in YAML.
• --url: fully qualified URL to the API to call (don't use production, especially if your spec has CRUD operations!!).
• --auth: an optional string that will be added as an auth header, like so:

{
  headers: {
    Authorization: 'YOUR AUTH STRING HERE'
  }
}

Requests with path (/path{id}) or query (/path?query=1&nice=2) will be called only if the OA3 spec contains valid examples for the parameters:

Known Issues/WIPs

• The Tool cannot currently handle paramaterised requests : url/{id} or url/{id}/nestedpath, I am working on a solution: grabbing example param values from the OA3 spec and automatically calling the endpoints with them. Paramaterised (path + query only) requests are now implemented as of version 1.4.

• The Tool cannot currently properly handle requests with request bodies, I am also working on this, though the solution to this is a little more involved - give me a few days :) Request bodies are now supported as of version 1.6. Provide example values for body parameters, and the tool will automatically attempt to generate request bodies based on examples given. Body properties without examples will be ommitted from the generated body object, so make sure any required properties have an example specified.