api7
diff --git a/‎t/conformance/test_validate_body.lua‎
Lines changed: 60 additions & 0 deletions b/‎t/conformance/test_validate_body.lua‎
Lines changed: 60 additions & 0 deletions
diff --git a/‎t/conformance/test_validate_body_31.lua‎
Lines changed: 93 additions & 0 deletions b/‎t/conformance/test_validate_body_31.lua‎
Lines changed: 93 additions & 0 deletions
diff --git a/‎t/conformance/test_validate_header.lua‎
Lines changed: 62 additions & 0 deletions b/‎t/conformance/test_validate_header.lua‎
Lines changed: 62 additions & 0 deletions
diff --git a/‎t/conformance/test_validate_path_items_31.lua‎
Lines changed: 59 additions & 0 deletions b/‎t/conformance/test_validate_path_items_31.lua‎
Lines changed: 59 additions & 0 deletions
diff --git a/‎t/conformance/test_validate_path_params.lua‎
Lines changed: 59 additions & 0 deletions b/‎t/conformance/test_validate_path_params.lua‎
Lines changed: 59 additions & 0 deletions
diff --git a/‎t/conformance/test_validate_query_params.lua‎
Lines changed: 53 additions & 0 deletions b/‎t/conformance/test_validate_query_params.lua‎
Lines changed: 53 additions & 0 deletions
@@ -0,0 +1,60 @@
+#!/usr/bin/env resty
+--- Conformance test ported from lua-resty-openapi-validate: body.t
+-- Validates request body for OpenAPI 3.0 spec.
+dofile("t/lib/test_bootstrap.lua")
+
+local T = require("test_helper")
+local cjson = require("cjson.safe")
+local ov = require("resty.openapi_validator")
+
+local function read_file(path)
+    local f = io.open(path, "r")
+    assert(f, "cannot open " .. path)
+    local data = f:read("*a")
+    f:close()
+    return data
+end
+
+local spec_str = read_file("t/specs/body.json")
+local validator, compile_err = ov.compile(spec_str)
+assert(validator, "compile failed: " .. tostring(compile_err))
+
+-- TEST 1: valid body
+T.describe("body: valid request body", function()
+    local ok, err = validator:validate_request({
+        method = "POST",
+        path = "/user",
+        body = cjson.encode({
+            username = "alphabeta",
+            email = "alphabeta@gamma.zeta",
+        }),
+        content_type = "application/json",
+    })
+    T.ok(ok, "valid body passes: " .. tostring(err))
+end)
+
+-- TEST 2: missing required field 'username'
+T.describe("body: missing required field username", function()
+    local ok, err = validator:validate_request({
+        method = "POST",
+        path = "/user",
+        body = cjson.encode({
+            email = "alphabeta@gamma.zeta",
+        }),
+        content_type = "application/json",
+    })
+    T.ok(not ok, "missing username fails")
+    T.like(err, "username", "error mentions username")
+end)
+
+-- TEST 3: skip body validation (empty body)
+T.describe("body: skip body validation", function()
+    local ok, err = validator:validate_request({
+        method = "POST",
+        path = "/user",
+        content_type = "application/json",
+    }, { body = true })
+    T.ok(ok, "skip body passes: " .. tostring(err))
+end)
+
+T.done()
@@ -0,0 +1,93 @@
+#!/usr/bin/env resty
+--- Conformance test ported from lua-resty-openapi-validate: body_31.t
+-- Validates request body for OpenAPI 3.1 features: type arrays (nullable), const.
+dofile("t/lib/test_bootstrap.lua")
+
+local T = require("test_helper")
+local cjson = require("cjson.safe")
+local ov = require("resty.openapi_validator")
+
+local function read_file(path)
+    local f = io.open(path, "r")
+    assert(f, "cannot open " .. path)
+    local data = f:read("*a")
+    f:close()
+    return data
+end
+
+local spec_str = read_file("t/specs/body_31.json")
+local validator, compile_err = ov.compile(spec_str, { strict = false })
+assert(validator, "compile failed: " .. tostring(compile_err))
+
+-- TEST 1: valid body (basic 3.1 compatibility)
+T.describe("body_31: valid request body", function()
+    local ok, err = validator:validate_request({
+        method = "POST",
+        path = "/user",
+        body = cjson.encode({
+            username = "alphabeta",
+            email = "alphabeta@gamma.zeta",
+        }),
+        content_type = "application/json",
+    })
+    T.ok(ok, "valid body passes: " .. tostring(err))
+end)
+
+-- TEST 2: nullable field with null value (3.1 type array ["string", "null"])
+T.describe("body_31: nullable email with null", function()
+    local ok, err = validator:validate_request({
+        method = "POST",
+        path = "/user",
+        body = cjson.encode({
+            username = "alphabeta",
+            email = cjson.null,
+        }),
+        content_type = "application/json",
+    })
+    T.ok(ok, "nullable email with null passes: " .. tostring(err))
+end)
+
+-- TEST 3: missing required field 'username'
+T.describe("body_31: missing required username", function()
+    local ok, err = validator:validate_request({
+        method = "POST",
+        path = "/user",
+        body = cjson.encode({
+            email = "alphabeta@gamma.zeta",
+        }),
+        content_type = "application/json",
+    })
+    T.ok(not ok, "missing username fails")
+    T.like(err, "username", "error mentions username")
+end)
+
+-- TEST 4: correct const value
+T.describe("body_31: correct const value", function()
+    local ok, err = validator:validate_request({
+        method = "POST",
+        path = "/user",
+        body = cjson.encode({
+            username = "alphabeta",
+            role = "admin",
+        }),
+        content_type = "application/json",
+    })
+    T.ok(ok, "correct const value passes: " .. tostring(err))
+end)
+
+-- TEST 5: wrong const value
+T.describe("body_31: wrong const value", function()
+    local ok, err = validator:validate_request({
+        method = "POST",
+        path = "/user",
+        body = cjson.encode({
+            username = "alphabeta",
+            role = "user",
+        }),
+        content_type = "application/json",
+    })
+    T.ok(not ok, "wrong const value fails")
+    T.like(err, "const", "error mentions const")
+end)
+
+T.done()
@@ -0,0 +1,62 @@
+#!/usr/bin/env resty
+--- Conformance test ported from lua-resty-openapi-validate: header.t
+-- Validates header parameters with pattern constraints.
+dofile("t/lib/test_bootstrap.lua")
+
+local T = require("test_helper")
+local ov = require("resty.openapi_validator")
+
+local function read_file(path)
+    local f = io.open(path, "r")
+    assert(f, "cannot open " .. path)
+    local data = f:read("*a")
+    f:close()
+    return data
+end
+
+local spec_str = read_file("t/specs/header.json")
+local validator, compile_err = ov.compile(spec_str)
+assert(validator, "compile failed: " .. tostring(compile_err))
+
+-- TEST 1: valid headers
+T.describe("header: valid Authorization and Content-Type", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/validateHeaders",
+        headers = {
+            ["authorization"] = "Bearer dGVzdA==.dGVzdA==.dGVzdA==",
+            ["content-type"] = "application/json",
+        },
+    })
+    T.ok(ok, "valid headers pass: " .. tostring(err))
+end)
+
+-- TEST 2: missing required headers
+T.describe("header: missing required headers", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/validateHeaders",
+        headers = {
+            ["no-authorization"] = "wrong",
+            ["no-content-type"] = "wrong",
+        },
+    })
+    T.ok(not ok, "missing required headers fails")
+    T.like(err, "[Aa]uthorization", "error mentions Authorization")
+    T.like(err, "[Cc]ontent%-[Tt]ype", "error mentions Content-Type")
+end)
+
+-- TEST 3: skip header validation
+T.describe("header: skip header validation", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/validateHeaders",
+        headers = {
+            ["no-authorization"] = "wrong",
+            ["no-content-type"] = "wrong",
+        },
+    }, { header = true })
+    T.ok(ok, "skip header passes: " .. tostring(err))
+end)
+
+T.done()
@@ -0,0 +1,59 @@
+#!/usr/bin/env resty
+--- Conformance test ported from lua-resty-openapi-validate: path_items_31.t
+-- Validates OAS 3.1 components/pathItems with $ref.
+dofile("t/lib/test_bootstrap.lua")
+
+local T = require("test_helper")
+local ov = require("resty.openapi_validator")
+
+local function read_file(path)
+    local f = io.open(path, "r")
+    assert(f, "cannot open " .. path)
+    local data = f:read("*a")
+    f:close()
+    return data
+end
+
+local spec_str = read_file("t/specs/path_items_31.json")
+local validator, compile_err = ov.compile(spec_str, { strict = false })
+assert(validator, "compile failed: " .. tostring(compile_err))
+
+-- TEST 1: valid GET with userId 420
+T.describe("path_items_31: valid GET /users/420", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users/420",
+    })
+    T.ok(ok, "valid GET passes: " .. tostring(err))
+end)
+
+-- TEST 2: userId exceeds maximum (4200 > 1000)
+T.describe("path_items_31: userId exceeds max", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users/4200",
+    })
+    T.ok(not ok, "exceeding maximum fails")
+    T.like(err, "userId", "error mentions userId")
+end)
+
+-- TEST 3: non-integer path param
+T.describe("path_items_31: non-integer userId", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users/not-an-integer",
+    })
+    T.ok(not ok, "non-integer fails")
+    T.like(err, "userId", "error mentions userId")
+end)
+
+-- TEST 4: valid DELETE with userId 5
+T.describe("path_items_31: valid DELETE /users/5", function()
+    local ok, err = validator:validate_request({
+        method = "DELETE",
+        path = "/users/5",
+    })
+    T.ok(ok, "valid DELETE passes: " .. tostring(err))
+end)
+
+T.done()
@@ -0,0 +1,59 @@
+#!/usr/bin/env resty
+--- Conformance test ported from lua-resty-openapi-validate: path_params.t
+-- Validates path parameters with type and range constraints.
+dofile("t/lib/test_bootstrap.lua")
+
+local T = require("test_helper")
+local ov = require("resty.openapi_validator")
+
+local function read_file(path)
+    local f = io.open(path, "r")
+    assert(f, "cannot open " .. path)
+    local data = f:read("*a")
+    f:close()
+    return data
+end
+
+local spec_str = read_file("t/specs/path_params.json")
+local validator, compile_err = ov.compile(spec_str)
+assert(validator, "compile failed: " .. tostring(compile_err))
+
+-- TEST 1: valid path param
+T.describe("path_params: valid userId 420", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users/420",
+    })
+    T.ok(ok, "valid path param passes: " .. tostring(err))
+end)
+
+-- TEST 2: path param exceeds maximum (4200 > 1000)
+T.describe("path_params: userId exceeds maximum", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users/4200",
+    })
+    T.ok(not ok, "exceeding maximum fails")
+    T.like(err, "userId", "error mentions userId")
+end)
+
+-- TEST 3: wrong type (string instead of integer)
+T.describe("path_params: wrong type for userId", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users/wrong_path_param",
+    })
+    T.ok(not ok, "string for integer param fails")
+    T.like(err, "userId", "error mentions userId")
+end)
+
+-- TEST 4: skip path params validation
+T.describe("path_params: skip path params", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users/this-is-wrong-but-it-should-pass",
+    }, { path = true })
+    T.ok(ok, "skip path params passes: " .. tostring(err))
+end)
+
+T.done()
@@ -0,0 +1,53 @@
+#!/usr/bin/env resty
+--- Conformance test ported from lua-resty-openapi-validate: query_params.t
+-- Validates query parameters with required, type, and range constraints.
+dofile("t/lib/test_bootstrap.lua")
+
+local T = require("test_helper")
+local ov = require("resty.openapi_validator")
+
+local function read_file(path)
+    local f = io.open(path, "r")
+    assert(f, "cannot open " .. path)
+    local data = f:read("*a")
+    f:close()
+    return data
+end
+
+local spec_str = read_file("t/specs/query_params.json")
+local validator, compile_err = ov.compile(spec_str)
+assert(validator, "compile failed: " .. tostring(compile_err))
+
+-- TEST 1: valid query params
+T.describe("query_params: valid page=1 limit=10", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users",
+        query = { page = "1", limit = "10" },
+    })
+    T.ok(ok, "valid query params pass: " .. tostring(err))
+end)
+
+-- TEST 2: missing required query params
+T.describe("query_params: missing required params", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users",
+        query = { not_page = "1", unlimited = "10" },
+    })
+    T.ok(not ok, "missing required params fails")
+    T.like(err, "page", "error mentions page")
+    T.like(err, "limit", "error mentions limit")
+end)
+
+-- TEST 3: skip query params validation
+T.describe("query_params: skip query params", function()
+    local ok, err = validator:validate_request({
+        method = "GET",
+        path = "/users",
+        query = { page = "1", limit = "wrong" },
+    }, { query = true })
+    T.ok(ok, "skip query params passes: " .. tostring(err))
+end)
+
+T.done()