Load OpenAPI def from file with Automation framework.
109 views
Skip to first unread message
Богомолов Александр
Oct 26, 2023, 5:47:06 AM10/26/23
to ZAP User Group
Hi. I need some help with Automation framework.
When I try to load OpenApi (3.0.3) from file through
parameters:
apiFile: "api_scan/ZAP/apiFiles/MyOpenAPiDef.yaml"
context: "MyContext"
targetUrl: "https://mytargetUrl.net"
When I try to load OpenApi (3.0.3) from file through
jobs:
- type: openapi parameters:
apiFile: "api_scan/ZAP/apiFiles/MyOpenAPiDef.yaml"
context: "MyContext"
targetUrl: "https://mytargetUrl.net"
I get message:
Automation plan failures:
Job openapi target: https://mytargetUrl.net error: attribute components.schemas.Response.items is missing
Job openapi target: https://mytargetUrl.net error: attribute paths.'/change_password'(post).responses.422.content.'application/json'.schema.items is missing
Job openapi target: https://mytargetUrl.net error: attribute paths.'/change_password'(post).responses.200.content.'application/json'.schema.items is missing
...etc
Job openapi target: https://mytargetUrl.net error: attribute components.schemas.Response.items is missing
Job openapi target: https://mytargetUrl.net error: attribute paths.'/change_password'(post).responses.422.content.'application/json'.schema.items is missing
Job openapi target: https://mytargetUrl.net error: attribute paths.'/change_password'(post).responses.200.content.'application/json'.schema.items is missing
...etc
Example of OpenApi def:
/change_password:
post:
description: Change password
operationId: change_password
security: [ ]
tags:
- Security
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [ current_password, new_password, confirm_password ]
properties:
current_password:
type: string
new_password:
type: string
confirm_password:
type: string
responses:
'422':
$ref: "#/components/responses/UnprocessableEntity"
'200':
description: Success response
content:
application/json:
example:
success: true
message: "Password has been changed."
schema:
allOf:
- $ref: '#/components/schemas/Response'
- type: object
required:
- data
properties:
message:
type: string
schemas:
Response:
type: object
required:
- success
properties:
success:
type: boolean
message:
type: string
data:
oneOf:
- type: object
- type: array
error:
$ref: '#/components/schemas/Error'
Error:
type: object
properties:
target:
type: string
message:
type: string
errors:
type: array
items:
$ref: '#/components/schemas/Error'
UnprocessableEntity:
description: Request with invalid params
content:
application/json:
schema:
$ref: '#/components/schemas/Response'
example:
success: false
error:
message: message of operation
errors:
- message: message of error
target: field
post:
description: Change password
operationId: change_password
security: [ ]
tags:
- Security
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [ current_password, new_password, confirm_password ]
properties:
current_password:
type: string
new_password:
type: string
confirm_password:
type: string
responses:
'422':
$ref: "#/components/responses/UnprocessableEntity"
'200':
description: Success response
content:
application/json:
example:
success: true
message: "Password has been changed."
schema:
allOf:
- $ref: '#/components/schemas/Response'
- type: object
required:
- data
properties:
message:
type: string
schemas:
Response:
type: object
required:
- success
properties:
success:
type: boolean
message:
type: string
data:
oneOf:
- type: object
- type: array
error:
$ref: '#/components/schemas/Error'
Error:
type: object
properties:
target:
type: string
message:
type: string
errors:
type: array
items:
$ref: '#/components/schemas/Error'
UnprocessableEntity:
description: Request with invalid params
content:
application/json:
schema:
$ref: '#/components/schemas/Response'
example:
success: false
error:
message: message of operation
errors:
- message: message of error
target: field
When I try to load OpenAPI through
jobs:
- type: openapi
parameters:
apiURL: "https://mytargetUrl.net/apiFiles/MyOpenAPiDef.yaml"
context: "MyContext"
targetUrl: "https://mytargetUrl.net"
jobs:
- type: openapi
parameters:
apiURL: "https://mytargetUrl.net/apiFiles/MyOpenAPiDef.yaml"
context: "MyContext"
targetUrl: "https://mytargetUrl.net"
I get message:
Automation plan failures:
Job openapi target: https://mytargetUrl.net error: attribute components.schemas.Response.items is missing
What I doing wrong or what I need to fix in me OpenApi def?
Automation plan failures:
Job openapi target: https://mytargetUrl.net error: attribute components.schemas.Response.items is missing
What I doing wrong or what I need to fix in me OpenApi def?
Thanks
thc...@gmail.com
Oct 27, 2023, 8:46:18 AM10/27/23
to zaprox...@googlegroups.com
Hi,
> What I doing wrong or what I need to fix in me OpenApi def?
The problem is in the definition, the data property of the Response says
that can be of type array but it does not define the items.
Either remove the array type or define the items, but for ZAP it does
not matter the type of the response so you could also just change the
Automation plan to not fail on error.
Best regards.
> What I doing wrong or what I need to fix in me OpenApi def?
that can be of type array but it does not define the items.
Either remove the array type or define the items, but for ZAP it does
not matter the type of the response so you could also just change the
Automation plan to not fail on error.
Best regards.
Alexander B
Oct 31, 2023, 3:20:54 AM10/31/23
to ZAP User Group
Thanks. But: "you could also just change the
Automation plan to not fail on error." - I don't quite understand what this means...
Automation plan to not fail on error." - I don't quite understand what this means...
пятница, 27 октября 2023 г. в 15:46:18 UTC+3, thc202:
Simon Bennetts
Oct 31, 2023, 5:10:43 AM10/31/23
to ZAP User Group
In the env section there is a 'failOnError' parameter : https://www.zaproxy.org/docs/desktop/addons/automation-framework/environment/
Change that to 'false'.
Cheers,
Simon
Reply all
Reply to author
Forward
0 new messages