@@ -81,8 +81,44 @@ $defs:
8181 $ref : " #/$defs/Header"
8282 loginEndpointAuth :
8383 $ref : " #/$defs/LoginEndpoint"
84+ createUsers :
85+ $ref : " #/$defs/CreateUsers"
8486 x-required : ["name"]
8587 # ##
88+ CreateUsers :
89+ description : " For some example APIs, it might be possible to create new users with a single HTTP request. \
90+ In these cases, instead of relying on knowledge of existing users, the fuzzer can create them on \
91+ the fly. This can be useful when endpoints might modify data of existing users, whose auth info \
92+ could get invalidated during the fuzzing session."
93+ type : object
94+ properties :
95+ endpoint :
96+ description : " The endpoint path (eg '/users') where to execute the create user action. \
97+ It assumes it is on same server of API.\
98+ If not, rather use 'externalEndpointURL'."
99+ type : string
100+ externalEndpointURL :
101+ description : " If the create endpoint is on a different server, here can rather specify the full URL for it."
102+ type : string
103+ payloadRaw :
104+ description : " The raw payload to send, as a string. This will need to contain the template placeholders \
105+ defined in the generators. "
106+ type : string
107+ verb :
108+ $ref : " #/$defs/HttpVerb"
109+ contentType :
110+ description : " Specify the format in which the payload is sent to the login endpoint. \
111+ A common example is 'application/json'."
112+ type : string
113+ generators :
114+ description : " List of generators for unique/random names to use in payload template resolution."
115+ type : array
116+ items :
117+ @ref
118+ TODO
119+ x-required :
120+ allOf : ["verb","contentType","payloadRaw"]
121+ oneOf : ["endpoint","externalEndpointURL"]
86122 LoginEndpoint :
87123 description : " Used to represent the case in which a login endpoint is used to obtain the authentication credentials. \
88124 These can be cookies, or a token extracted from the login endpoint's response. \
0 commit comments