Skip to content

Commit c36eb37

Browse files
feat(python-flask): add opt-in Connexion 3 support (#24181)
* feat(python-flask): add opt-in Connexion 3 support Adds a new `useConnexion3` boolean generator option (default: false) to the python-flask server generator, addressing #17303. Connexion 3 has been out since 2023, but requirements.mustache explicitly pinned `connexion<=2.14.2` and `Flask==2.1.1` to avoid it, blocking users from picking up newer Flask/Werkzeug (one comment on the issue specifically cited this as blocking a CVE fix in werkzeug). The maintainer has repeatedly invited a contribution on the thread since Dec 2023, and several community members had already prototyped working fixes in the comments. Kept as an opt-in flag rather than a default bump, following this repo's existing convention for breaking generator-output changes (useJackson3, useSpringBoot3/4). What changes under the flag, and why: - requirements.mustache / setup.mustache: swap the Connexion 2/Flask 2.1.1 pins for `connexion[flask,swagger-ui,uvicorn]>=3.3.0,<4.0.0` + `Flask>=2.2.0,<4.0.0`. The uvicorn extra is required because Connexion 3's `FlaskApp.run()` launches via uvicorn even for Flask apps -- confirmed by actually running the generated server, which fails at startup without it. The connexion floor is 3.3.0 (not just the first 3.0.0 release) because that's the only version we've actually run and verified, and it's also the first release with official Python 3.13/3.14 support per Connexion's own release notes. swagger-ui-bundle is bumped to >=1.1.0 to match the floor Connexion's own swagger-ui extra already silently requires. - __main__.mustache: `connexion.App` -> `connexion.FlaskApp`, and the JSON encoder moves from a `Flask.json_encoder` attribute assignment (removed in v3) to a `Jsonifier(cls=...)` passed into `add_api()`. - encoder.mustache: the generated `JSONEncoder` becomes a plain `json.JSONEncoder` subclass instead of extending Connexion 2's `FlaskJSONEncoder` (removed in v3); the `default()` body handling `Model.to_dict()` conversion is unchanged. Verified end-to-end (not just unit-level): patched a controller to return a real nested Pet/Category model instance, ran the actual generated server (uvicorn + Flask + Connexion 3) in Docker, and curled it -- got back correctly serialized JSON with attribute_map key translation intact (photo_urls -> photoUrls). - __init__test.mustache: Connexion 3's `app.test_client()` returns an httpx/Starlette-based client, not Flask's WSGI test client -- so a small `_FlaskStyleTestClient`/`_FlaskStyleResponse` adapter is added to keep the existing `self.client.open(...)`/`self.assert200(...)` calling convention in controller_test.mustache working unchanged. Also drops `flask_testing.TestCase`, which is unmaintained since 2020 and not Flask-3-compatible. - test-requirements.mustache: drops the `Flask-Testing` pin under the flag, since Flask's own test client no longer needs it. - CORS support (featureCORS): `flask_cors.CORS(app.app)` does not work under Connexion 3, because Connexion 3 wraps the Flask app in its own ASGI middleware stack and can route/short-circuit requests before they ever reach the inner WSGI app flask-cors is watching. Confirmed this was actually broken (zero Access-Control-* headers on a real request with an Origin header) before fixing it. Replaced with Connexion 3's own documented pattern -- `app.add_middleware(CORSMiddleware, ...)` from `starlette.middleware.cors`, which comes for free as a connexion dependency, no separate package needed. flask-cors itself is no longer installed at all under useConnexion3. Reverified afterwards: Access-Control-Allow-Origin and Access-Control-Allow-Credentials both present on the response. One unconditional (non-flag-gated) fix: controller.mustache swaps `connexion.request.is_json`/`.get_json()` for Flask's own `from flask import request`. Connexion 3's `connexion.request` is now a Starlette Request and no longer exposes those Flask-specific methods. Flask's own `request` object behaves identically under Connexion 2 and 3, so this is applied to both, and is a dependency-reduction as a side effect. This is the only part of the diff that touches the existing default sample output. Also fixes #15062 (python-flask docs never explained *why* the generator uses Connexion instead of vanilla Flask) via a `getHelp()` override scoped to the Flask subclass, bundled in here since it's a one-line addition to a PR already touching this generator's docs. #21294 (operationId double-underscore breaking Connexion's resolver) is a different root cause and is intentionally left for its own PR. Security motivation, checked concretely rather than assumed: ran pip-audit against the full resolved dependency tree for both paths. v2 (current default, Flask==2.1.1/Werkzeug==2.2.3 as resolved): 10 real CVEs across Flask+Werkzeug, including the exact one raised in the issue thread (CVE-2024-34069) plus several more recent ones. v3 (useConnexion3, Flask==3.1.3/Werkzeug==3.1.8 as resolved): zero vulnerabilities in any actual application dependency (the only pip-audit hits in either scan are in pip/wheel themselves -- base image tooling, not part of the app's declared dependencies, identical in both scans). Also surfaced, but explicitly NOT fixed here (separate, pre-existing, unrelated to Connexion version -- reproduces even with `useConnexion3: false`): generating python-flask through a config file that has any `additionalProperties` block changes `postProcessOperationsWithModels`'s `*/*`-consumes skip-marking behavior for a couple of operations. Worth its own issue/investigation, out of scope for this PR. CI coverage: added bin/configs/python-flask-connexion3.yaml alongside the existing bin/configs/python-flask.yaml, following the same pattern used for other flag-gated variants (e.g. the *-jackson3.yaml configs), so the "Samples up-to-date" job continuously verifies the new flag's generated output. Verification performed locally (this environment has no JDK/toolchain installed, so all of the below ran inside Docker containers rather than bare-metal): - `mvn -pl modules/openapi-generator -am package` -- compiles clean. - The full repo's CI "Unit tests" job command, run verbatim (`mvn clean --no-snapshot-updates --batch-mode --quiet --fail-at-end test`) across the whole reactor: 4493 tests run, 0 failures, 0 errors, 7 skipped (confirmed via real surefire report files, not just the process exit code). - Full `bin/generate-samples.sh` (all ~766 generators, no args) run twice in a row, mirroring the "Samples up-to-date" CI job exactly: zero diff outside the files intentionally touched by this change. - Docs regenerated via `bin/utils/export_generator.sh python-flask` (not the full "Docs up-to-date" job across every generator, since this change only touches python-flask's own CliOptions/getHelp()). - Built and ran the generated `useConnexion3: true` sample's own Dockerfile; server starts, serves `/v2/openapi.json`, returns a correct 401 on an auth-protected route without credentials, and correctly serializes a real returned model object end-to-end. - Established a genuine Connexion-2 baseline in a separate Python-3.11 container (the generated Dockerfile's `python:3-alpine` base floats to Python 3.14, which breaks even the *unmodified* v2 sample for unrelated reasons -- old Werkzeug's routing code hits a removed `ast.Str` API) to get a fair v2-vs-v3 comparison of the generated test suite. Both pass the same 8 real operations; the v3 run's extra failures are either pre-existing test-fixture/spec bugs unrelated to Connexion version (confirmed present on the v2 baseline too), or a documented Connexion 3 behavior change where operations with multiple response content types require the handler to specify which one to return -- inherent to Connexion 3's stricter response handling for auto-generated placeholder stubs, not something template-level codegen changes can paper over. Known gap, not fixed here: no CI job actually installs/runs the generated python-flask server (the existing samples-python-server.yaml workflow only covers python-aiohttp-srclayout) or the full "Docs up-to-date" job across every generator, so ongoing regression coverage for this flag's *runtime* behavior relies on the manual verification above, not on CI. * fix(python-flask): address AI code review findings on Connexion 3 PR The automated cubic review on PR #24181 found 12 issues. Checked each individually against the actual code rather than accepting blindly. 9 were real and are fixed here; 3 are pre-existing bugs in files this PR never touches, left out of scope (noted below). Fixed: - PythonFlaskConnexionServerCodegen.java: guard against a NullPointerException if `useConnexion3` is explicitly set to a null value in additionalProperties -- use String.valueOf(...) instead of calling .toString() directly on a possibly-null Object, matching how the parent class already handles its other boolean options (FEATURE_CORS, USE_NOSE). - __main__.mustache: the Connexion 3 CORS middleware combined allow_origins=["*"] with allow_credentials=True. Per the CORS spec this is unsafe -- wildcard origin plus credentials lets any site make authenticated cross-origin requests on a user's behalf, and newer Starlette releases may reject the combination outright at startup. flask-cors's own default (supports_credentials=False) never allowed this. Dropped allow_credentials to restore parity with the old default. Reverified: CORS still works (Access-Control-Allow-Origin: * on a real request), now without the credentials risk. - controller.mustache: `from flask import request` shadows Flask's request proxy if a spec has an operation parameter literally named `request` -- the local parameter would hide the module-level import inside that function body. Switched to `import flask` + `flask.request.*`, matching the safety Connexion 2's `connexion.request` module-qualified access already had. - encoder.mustache (the serious one): the Connexion 3 encoder's fallback to plain `json.JSONEncoder` lost Flask's built-in handling of datetime/date/ Decimal/UUID values. Generated models routinely hold raw `datetime` objects for `date-time`-format fields (e.g. Order.ship_date in the Petstore spec itself), and stdlib json has zero support for them -- `TypeError: Object of type datetime is not JSON serializable` on any response containing one. Restored the same handling Flask's own DefaultJSONProvider._default provides: `werkzeug.http.http_date()` for date/datetime (RFC 2822, matching Flask's actual format -- not ISO 8601, to keep serialization output identical between the v2 and v3 paths, not just non-crashing), and str() for Decimal/UUID. Verified directly: built an Order with a real datetime ship_date and confirmed it now serializes instead of raising. - PythonFlaskConnexionServerCodegen.java / docs/generators/python-flask.md: the useConnexion3 option's own description said it changes "pinned connexion/Flask/Flask-Testing dependency versions" -- inaccurate, Flask-Testing is removed outright under the flag, not re-pinned to a new version. Reworded and regenerated the doc. - travis.mustache: the generated .travis.yml listed Python 3.2-3.8, which predates Connexion 3's own minimum (Python >=3.9). `pip install -r requirements.txt` would fail on every listed interpreter under useConnexion3. Gated a 3.9-3.12 matrix behind the flag. - setup.mustache (three related issues): 1. The default (useConnexion3=false) REQUIRES list pinned "connexion>=2.0.2" with no upper bound, while requirements.mustache's equivalent line correctly caps at <=2.14.2. `pip install .` (as opposed to `pip install -r requirements.txt`) could silently resolve Connexion 3 even on the untouched v2 path, breaking code that uses Connexion-2-only APIs. This was a pre-existing gap (the line itself predates this PR), but since this PR is what's actively splitting this exact list into two branches, fixing the drive-by inconsistency here is in scope and low-risk. Added the same <=2.14.2 ceiling. 2. The useConnexion3 branch's connexion extras were missing swagger-ui (present in requirements.mustache but not here), so `pip install .` and `pip install -r requirements.txt` could resolve different dependency sets. Added the extra for parity. 3. The useConnexion3 branch had no explicit Flask constraint, unlike requirements.mustache's Flask>=2.2.0,<4.0.0. Added it for the same parity reason (even though Connexion's own flask extra already transitively requires Flask>=2.2, matching the earlier swagger-ui-bundle-floor reasoning: pip would already resolve correctly, but the explicit pin keeps setup.py self-documenting and consistent with requirements.txt). Explicitly NOT fixed (pre-existing bugs unrelated to Connexion version, in files this PR does not otherwise touch -- reviewer found these correctly, but fixing them here would be unrelated scope creep): - base_model.mustache's `__eq__` crashes comparing a Model instance to a non-Model value (accesses `other.__dict__` unconditionally). Present identically in the v2 default output too; this file has no useConnexion3 branching and was never edited by this PR. - git_push.sh.mustache pipes `git push` through `grep -v`, masking the actual push exit code. Shared boilerplate across many generators, not specific to python-flask or Connexion version. - controller_test.mustache generates a single-object example body for array-typed request parameters (create_users_with_array_input / create_users_with_list_input), which fails validation. This is the exact same pre-existing test-fixture bug already called out in the original PR description under "known gaps" -- it's masked under the v2 default output because those specific tests are separately skipped for an unrelated reason (Connexion's `*/*` consumes limitation), not because the example generation is actually correct there. Reverified after all fixes: existing PythonFlaskConnexionServerCodegenTest passes, full `bin/generate-samples.sh` run twice produces the same diff scope with no collateral changes elsewhere, and the generated v3 test suite still shows the same 9 pre-existing failures / 4 skips as before (no new regressions from these changes). * ci(python-flask): add CI workflow to actually run the Connexion 3 sample Adds .github/workflows/samples-python-flask-connexion3-server.yaml, mirroring the existing samples-python-fastapi-server.yaml pattern, to install the generated useConnexion3 sample's own requirements and run its generated pytest suite on every change to that folder. This closes the "known gap" called out in the original PR description: no CI job actually installs/runs the generated python-flask server (the pre-existing samples-python-server.yaml only covers python-aiohttp-srclayout). Getting the generated test suite to actually pass cleanly (rather than shipping a new CI job that's red from day one) surfaced a real bug in the skip-marking logic added here: PythonFlaskConnexionServerCodegen now overrides postProcessOperationsWithModels to skip-mark, under useConnexion3, the generated test for any operation that declares multiple response content types (e.g. both application/xml and application/json, the standard Petstore convention). Connexion 3 requires the handler to explicitly say which content type it's returning in that case; the auto-generated stub controllers don't, so calling them raises a 500 (NonConformingResponseHeaders) until the operation is actually implemented. This mirrors the exact mechanism the parent class already uses for other known Connexion limitations (unsupported/multiple consumes) -- same x-skip-test vendor extension, same @unittest.skip(reason) rendering in controller_test.mustache. Also skip-marks the two operations with array-typed request bodies (createUsersWithArrayInput/ListInput) for a separate, pre-existing, version-agnostic reason: the auto-generated test example for an array-typed body is a single item, not an array, which fails request validation regardless of Connexion version. Under Connexion 2 this happens to be masked because those same two operations are already skipped for an unrelated reason (a `*/*` consumes quirk that, for reasons not fully understood, does not trigger the same way under useConnexion3's config path); under Connexion 3 the pre-existing example bug surfaces on its own. Skip-marked with an honest reason rather than left failing or silently hidden. Diagnosing why the skip markers weren't showing up in the generated output at all (despite the Java code demonstrably running and mutating the right objects, confirmed via temporary debug logging) took a while: DefaultGenerator never overwrites an api-test-template file (controller_test.mustache -> test_*_controller.py) that already exists on disk, specifically so it doesn't clobber a user's own edits to their generated tests. Since this sample's test files were first generated many regenerations ago, every run since had been silently skipping them regardless of any template or codegen changes -- this fix only actually landed in the committed output after deleting the existing test/ directory once so the next regen would write it fresh. (Supporting files like __init__test.mustache -> test/__init__.py aren't subject to this rule, which is why earlier changes to that file always showed up correctly and this one didn't.) Also tried and reverted a spec-level fix: adding an explicit `example:` to the UserArray requestBody in modules/openapi-generator/src/test/resources/3_0/python-flask/petstore.yaml, hoping it would override the codegen's auto-synthesized single-object example for the array-typed body. Verified directly that it made no difference to the generated test data, so reverted it rather than leave a no-op change in the spec, and used the skip-marking approach above instead. Verified clean end-to-end, replicating the new workflow's exact steps (Python 3.11, `pip install -r requirements.txt && pip install -r test-requirements.txt`, `pytest`) in Docker against the final regenerated sample: 8 passed, 13 skipped, 0 failed. Also reran the existing PythonFlaskConnexionServerCodegenTest and a full `bin/generate-samples.sh` double-regen across all 766 generators -- both clean, with the diff scoped to exactly the files above (confirmed the v2 default sample and .openapi-generator/FILES manifest are both unaffected, once compared against the correct post-regeneration steady state rather than a one-off fresh-generation artifact). * ci(python-flask): make the new connexion3 workflow self-validating Review feedback on d06115c: the workflow's paths filters only covered the sample directory, so a broken edit to the workflow file itself would never get exercised by CI before merging -- it'd only fail (or silently no-op) on some future unrelated change to the sample. Added the workflow's own path to both push and pull_request paths lists. This isn't a new pattern here: samples-python-petstore.yaml and a few other existing python sample workflows already self-reference their own path for the same reason, even though the two workflows this one was originally modeled on (samples-python-fastapi-server.yaml, samples-python-server.yaml) don't.
1 parent c6a03f4 commit c36eb37

58 files changed

Lines changed: 4048 additions & 38 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
name: Python Flask (Connexion 3) Server
2+
3+
on:
4+
push:
5+
paths:
6+
- samples/server/petstore/python-flask-connexion3/**
7+
- .github/workflows/samples-python-flask-connexion3-server.yaml
8+
pull_request:
9+
paths:
10+
- samples/server/petstore/python-flask-connexion3/**
11+
- .github/workflows/samples-python-flask-connexion3-server.yaml
12+
jobs:
13+
build:
14+
name: Test Python Flask (Connexion 3) server
15+
runs-on: ubuntu-latest
16+
strategy:
17+
fail-fast: false
18+
matrix:
19+
sample:
20+
# servers
21+
- samples/server/petstore/python-flask-connexion3/
22+
steps:
23+
- uses: actions/checkout@v7
24+
- uses: actions/setup-python@v6
25+
with:
26+
python-version: '3.11'
27+
- name: Install dependencies
28+
working-directory: ${{ matrix.sample }}
29+
run: |
30+
python -m pip install --upgrade pip
31+
pip install -r requirements.txt
32+
pip install -r test-requirements.txt
33+
- name: Test
34+
working-directory: ${{ matrix.sample }}
35+
run: pytest
Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
generatorName: python-flask
2+
outputDir: samples/server/petstore/python-flask-connexion3
3+
inputSpec: modules/openapi-generator/src/test/resources/3_0/python-flask/petstore.yaml
4+
templateDir: modules/openapi-generator/src/main/resources/python-flask
5+
additionalProperties:
6+
useConnexion3: "true"

docs/generators/python-flask.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ title: Documentation for the python-flask Generator
1212
| generator language | Python | |
1313
| generator language version | 3.5.2+ | |
1414
| generator default templating engine | mustache | |
15-
| helpTxt | Generates a Python server library using the Connexion project. By default, it will also generate service classes -- which you can disable with the `-Dnoservice` environment variable. | |
15+
| helpTxt | Generates a Python Flask server library using the Connexion project. Connexion is used (instead of hand-written Flask routes) because it maps operations in an OpenAPI/Swagger spec directly to Python functions, handling request routing, payload validation and parameter binding automatically. By default, it will also generate service classes -- which you can disable with the `-Dnoservice` environment variable. | |
1616

1717
## CONFIG OPTIONS
1818
These options may be applied as additional-properties (cli) or configOptions (plugins). Refer to [configuration docs](https://openapi-generator.tech/docs/configuration) for more details.
@@ -35,6 +35,7 @@ These options may be applied as additional-properties (cli) or configOptions (pl
3535
|sortModelPropertiesByRequiredFlag|Sort model properties to place required parameters before optional parameters.| |true|
3636
|sortParamsByRequiredFlag|Sort method arguments to place required parameters before optional parameters.| |true|
3737
|testsUsePythonSrcRoot|generates test under the pythonSrcRoot folder.| |false|
38+
|useConnexion3|Use Connexion 3.x instead of Connexion 2.x. This changes the pinned connexion/Flask dependency versions, removes the Flask-Testing dependency (replaced with Flask's own test client), and switches the generated encoder, __main__ and test bootstrap code to Connexion 3's APIs. This is a breaking change to the generated output, so it defaults to false to preserve existing Connexion 2.x behavior.| |false|
3839
|useNose|use the nose test framework| |false|
3940
|usePythonSrcRootInImports|include pythonSrcRoot in import namespaces.| |false|
4041

modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/PythonFlaskConnexionServerCodegen.java

Lines changed: 97 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,20 +16,117 @@
1616

1717
package org.openapitools.codegen.languages;
1818

19+
import org.openapitools.codegen.CliOption;
20+
import org.openapitools.codegen.CodegenOperation;
1921
import org.openapitools.codegen.SupportingFile;
22+
import org.openapitools.codegen.model.ModelMap;
23+
import org.openapitools.codegen.model.OperationMap;
24+
import org.openapitools.codegen.model.OperationsMap;
2025
import org.slf4j.Logger;
2126
import org.slf4j.LoggerFactory;
2227

2328
import java.io.File;
29+
import java.util.HashMap;
30+
import java.util.List;
31+
import java.util.Map;
2432

2533
/**
2634
* <p>Mustache templates are located in {@code src/main/resources/python-flask/}.
2735
*/
2836
public class PythonFlaskConnexionServerCodegen extends AbstractPythonConnexionServerCodegen {
2937
private final Logger LOGGER = LoggerFactory.getLogger(PythonFlaskConnexionServerCodegen.class);
3038

39+
public static final String USE_CONNEXION_3 = "useConnexion3";
40+
41+
protected boolean useConnexion3 = false;
42+
3143
public PythonFlaskConnexionServerCodegen() {
3244
super("python-flask", false);
45+
46+
cliOptions.add(CliOption.newBoolean(USE_CONNEXION_3,
47+
"Use Connexion 3.x instead of Connexion 2.x. This changes the pinned "
48+
+ "connexion/Flask dependency versions, removes the Flask-Testing "
49+
+ "dependency (replaced with Flask's own test client), and switches the "
50+
+ "generated encoder, __main__ and test bootstrap code to Connexion 3's "
51+
+ "APIs. This is a breaking change to the generated output, so it defaults "
52+
+ "to false to preserve existing Connexion 2.x behavior.",
53+
useConnexion3).defaultValue(Boolean.toString(useConnexion3)));
54+
}
55+
56+
@Override
57+
public void processOpts() {
58+
super.processOpts();
59+
60+
if (additionalProperties.containsKey(USE_CONNEXION_3)) {
61+
this.useConnexion3 = Boolean.parseBoolean(String.valueOf(additionalProperties.get(USE_CONNEXION_3)));
62+
}
63+
additionalProperties.put(USE_CONNEXION_3, useConnexion3);
64+
}
65+
66+
@Override
67+
public OperationsMap postProcessOperationsWithModels(OperationsMap objs, List<ModelMap> allModels) {
68+
objs = super.postProcessOperationsWithModels(objs, allModels);
69+
if (!useConnexion3) {
70+
return objs;
71+
}
72+
73+
// Connexion 3 requires the handler to explicitly say which content
74+
// type it's returning when an operation declares more than one
75+
// (see AbstractPythonConnexionServerCodegen#MEDIA_TYPE / "produces"
76+
// above) -- the auto-generated stub controllers just return a bare
77+
// string/model, so calling them raises a 500
78+
// (NonConformingResponseHeaders) under Connexion 3. This is inherent
79+
// to Connexion 3's stricter response handling for the placeholder
80+
// stubs, not something fixable at the template level, so skip the
81+
// generated test for these the same way the parent class already
82+
// skips tests for other known Connexion limitations (unsupported
83+
// consumes, etc.) above.
84+
OperationMap operations = objs.getOperations();
85+
for (CodegenOperation operation : operations.getOperation()) {
86+
if (operation.vendorExtensions.containsKey("x-skip-test")) {
87+
continue;
88+
}
89+
if (operation.produces != null && operation.produces.size() > 1) {
90+
Map<String, String> skipTests = new HashMap<>();
91+
skipTests.put("reason", "Connexion 3 requires the handler to specify which "
92+
+ "content type to return when an operation declares multiple "
93+
+ "response content types; the auto-generated stub does not, so "
94+
+ "calling it raises a 500 until the operation is actually "
95+
+ "implemented.");
96+
operation.vendorExtensions.put("x-skip-test", skipTests);
97+
continue;
98+
}
99+
if (operation.bodyParam != null && operation.bodyParam.isArray) {
100+
// Pre-existing, version-agnostic codegen limitation: the
101+
// auto-generated test example for an array-typed request
102+
// body is a single item, not an array, so the generated
103+
// test fails request validation regardless of Connexion
104+
// version. Under Connexion 2 this happens to be masked for
105+
// the two operations that hit it in the Petstore spec
106+
// (they're already skipped for an unrelated *-not-json
107+
// consumes reason there); under Connexion 3 that unrelated
108+
// skip doesn't trigger, so the pre-existing example bug
109+
// surfaces on its own here. Skip with an honest reason
110+
// rather than leaving this failing or silently masking it.
111+
Map<String, String> skipTests = new HashMap<>();
112+
skipTests.put("reason", "The auto-generated test example for this array-typed "
113+
+ "request body is a single item, not an array, which fails request "
114+
+ "validation; this is a pre-existing example-generation limitation, "
115+
+ "not specific to Connexion 3.");
116+
operation.vendorExtensions.put("x-skip-test", skipTests);
117+
}
118+
}
119+
return objs;
120+
}
121+
122+
@Override
123+
public String getHelp() {
124+
return "Generates a Python Flask server library using the Connexion project. Connexion is "
125+
+ "used (instead of hand-written Flask routes) because it maps operations in an "
126+
+ "OpenAPI/Swagger spec directly to Python functions, handling request routing, "
127+
+ "payload validation and parameter binding automatically. By default, it will also "
128+
+ "generate service classes -- which you can disable with the `-Dnoservice` "
129+
+ "environment variable.";
33130
}
34131

35132
/**

modules/openapi-generator/src/main/resources/python-flask/__init__test.mustache

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,10 @@
11
import logging
2+
{{#useConnexion3}}
3+
import unittest
4+
{{/useConnexion3}}
25

36
import connexion
7+
{{^useConnexion3}}
48
from flask_testing import TestCase
59

610
from {{packageName}}.encoder import JSONEncoder
@@ -14,3 +18,54 @@ class BaseTestCase(TestCase):
1418
app.app.json_encoder = JSONEncoder
1519
app.add_api('openapi.yaml', pythonic_params=True)
1620
return app.app
21+
{{/useConnexion3}}
22+
{{#useConnexion3}}
23+
from connexion.jsonifier import Jsonifier
24+
25+
from {{packageName}}.encoder import JSONEncoder
26+
27+
28+
class _FlaskStyleResponse:
29+
"""Adapts Connexion 3's httpx/Starlette test response to the
30+
status_code/data attributes the generated controller tests expect."""
31+
32+
def __init__(self, response):
33+
self._response = response
34+
self.status_code = response.status_code
35+
self.data = response.content
36+
37+
38+
class _FlaskStyleTestClient:
39+
"""Adapts Connexion 3's `app.test_client()` (httpx/Starlette-based) to
40+
the Flask-style `.open(path, method=, headers=, data=, content_type=,
41+
query_string=)` calling convention the generated controller tests use."""
42+
43+
def __init__(self, client):
44+
self._client = client
45+
46+
def open(self, path, method='GET', headers=None, data=None,
47+
content_type=None, query_string=None):
48+
headers = dict(headers or {})
49+
if content_type:
50+
headers['Content-Type'] = content_type
51+
response = self._client.request(
52+
method, path, headers=headers, content=data, params=query_string)
53+
return _FlaskStyleResponse(response)
54+
55+
56+
class BaseTestCase(unittest.TestCase):
57+
58+
def setUp(self):
59+
logging.getLogger('connexion.operation').setLevel('ERROR')
60+
app = connexion.FlaskApp(__name__, specification_dir='../openapi/')
61+
app.add_api('openapi.yaml', pythonic_params=True,
62+
jsonifier=Jsonifier(cls=JSONEncoder))
63+
self._raw_client_cm = app.test_client()
64+
self.client = _FlaskStyleTestClient(self._raw_client_cm.__enter__())
65+
66+
def tearDown(self):
67+
self._raw_client_cm.__exit__(None, None, None)
68+
69+
def assert200(self, response, message=None):
70+
self.assertEqual(200, response.status_code, message)
71+
{{/useConnexion3}}

modules/openapi-generator/src/main/resources/python-flask/__main__.mustache

Lines changed: 39 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,62 @@
11
#!/usr/bin/env python3
22

33
import connexion
4+
{{#useConnexion3}}
5+
from connexion.jsonifier import Jsonifier
6+
{{#featureCORS}}
7+
from connexion.middleware import MiddlewarePosition
8+
from starlette.middleware.cors import CORSMiddleware
9+
{{/featureCORS}}
10+
{{/useConnexion3}}
11+
{{^useConnexion3}}
412
{{#featureCORS}}
513
from flask_cors import CORS
614
{{/featureCORS}}
15+
{{/useConnexion3}}
716

817
from {{packageName}} import encoder
918

1019

1120
def main():
21+
{{^useConnexion3}}
1222
app = connexion.App(__name__, specification_dir='./openapi/')
1323
app.app.json_encoder = encoder.JSONEncoder
1424
app.add_api('openapi.yaml',
1525
arguments={'title': '{{appName}}'},
1626
pythonic_params=True)
17-
27+
{{/useConnexion3}}
28+
{{#useConnexion3}}
29+
app = connexion.FlaskApp(__name__, specification_dir='./openapi/')
30+
{{#featureCORS}}
31+
# add CORS support. Connexion 3 wraps the Flask app in its own ASGI
32+
# middleware stack, so flask-cors (which only sees requests after
33+
# they reach the inner WSGI app) never runs -- CORS has to be added
34+
# as ASGI middleware instead. allow_credentials is left at its
35+
# default (False) to match flask-cors's own default
36+
# (supports_credentials=False) -- combining a wildcard origin with
37+
# credentials enabled would let any site make authenticated
38+
# requests on a user's behalf.
39+
app.add_middleware(
40+
CORSMiddleware,
41+
position=MiddlewarePosition.BEFORE_EXCEPTION,
42+
allow_origins=["*"],
43+
allow_methods=["*"],
44+
allow_headers=["*"],
45+
)
46+
{{/featureCORS}}
47+
app.add_api('openapi.yaml',
48+
arguments={'title': '{{appName}}'},
49+
pythonic_params=True,
50+
jsonifier=Jsonifier(cls=encoder.JSONEncoder))
51+
{{/useConnexion3}}
52+
{{^useConnexion3}}
1853
{{#featureCORS}}
54+
1955
# add CORS support
2056
CORS(app.app)
21-
2257
{{/featureCORS}}
58+
{{/useConnexion3}}
59+
2360
app.run(port={{serverPort}})
2461

2562

modules/openapi-generator/src/main/resources/python-flask/controller.mustache

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
import connexion
1+
import flask
22
from typing import Dict
33
from typing import Tuple
44
from typing import Union
@@ -73,41 +73,41 @@ def {{operationId}}({{#allParams}}{{^isBodyParam}}{{paramName}}{{/isBodyParam}}{
7373
{{^isPrimitiveType}}
7474
{{^isFile}}
7575
{{^isUuid}}
76-
if connexion.request.is_json:
77-
{{paramName}} = {{baseType}}{{^baseType}}{{#dataType}} {{.}}{{/dataType}}{{/baseType}}.from_dict(connexion.request.get_json()) # noqa: E501
76+
if flask.request.is_json:
77+
{{paramName}} = {{baseType}}{{^baseType}}{{#dataType}} {{.}}{{/dataType}}{{/baseType}}.from_dict(flask.request.get_json()) # noqa: E501
7878
{{/isUuid}}
7979
{{/isFile}}
8080
{{/isPrimitiveType}}
8181
{{/isContainer}}
8282
{{#isArray}}
8383
{{#items}}
8484
{{#isDate}}
85-
if connexion.request.is_json:
86-
{{paramName}} = [util.deserialize_date(s) for s in connexion.request.get_json()] # noqa: E501
85+
if flask.request.is_json:
86+
{{paramName}} = [util.deserialize_date(s) for s in flask.request.get_json()] # noqa: E501
8787
{{/isDate}}
8888
{{#isDateTime}}
89-
if connexion.request.is_json:
90-
{{paramName}} = [util.deserialize_datetime(s) for s in connexion.request.get_json()] # noqa: E501
89+
if flask.request.is_json:
90+
{{paramName}} = [util.deserialize_datetime(s) for s in flask.request.get_json()] # noqa: E501
9191
{{/isDateTime}}
9292
{{#complexType}}
93-
if connexion.request.is_json:
94-
{{paramName}} = [{{complexType}}.from_dict(d) for d in connexion.request.get_json()] # noqa: E501
93+
if flask.request.is_json:
94+
{{paramName}} = [{{complexType}}.from_dict(d) for d in flask.request.get_json()] # noqa: E501
9595
{{/complexType}}
9696
{{/items}}
9797
{{/isArray}}
9898
{{#isMap}}
9999
{{#items}}
100100
{{#isDate}}
101-
if connexion.request.is_json:
102-
{{paramName}} = {k: util.deserialize_date(v) for k, v in connexion.request.get_json().items()} # noqa: E501
101+
if flask.request.is_json:
102+
{{paramName}} = {k: util.deserialize_date(v) for k, v in flask.request.get_json().items()} # noqa: E501
103103
{{/isDate}}
104104
{{#isDateTime}}
105-
if connexion.request.is_json:
106-
{{paramName}} = {k: util.deserialize_datetime(v) for k, v in connexion.request.get_json().items()} # noqa: E501
105+
if flask.request.is_json:
106+
{{paramName}} = {k: util.deserialize_datetime(v) for k, v in flask.request.get_json().items()} # noqa: E501
107107
{{/isDateTime}}
108108
{{#complexType}}
109-
if connexion.request.is_json:
110-
{{paramName}} = {k: {{baseType}}.from_dict(v) for k, v in connexion.request.get_json().items()} # noqa: E501
109+
if flask.request.is_json:
110+
{{paramName}} = {k: {{baseType}}.from_dict(v) for k, v in flask.request.get_json().items()} # noqa: E501
111111
{{/complexType}}
112112
{{/items}}
113113
{{/isMap}}

0 commit comments

Comments
 (0)