Validate query parameters

Author: SamyPesse

README.md

@@ -16,12 +16,8 @@ openapi-static-validator spec.json > validate.js
 
 ## TODOs
 
--   Parameters:
-    -   [ ] in `cookie`
-    -   [ ] in `header`
-    -   [ ] in `query`
--   JSONSchema `integer`
-    -   [ ] no float
+-   [ ] `in: header` and `in: cookie` parameters
+-   [ ] validation of `type: integer`, not just as `number`
 
 ## Development
 

src/compileOperation.ts

@@ -111,9 +111,93 @@ export function compileOperation(
 
         // Validate query parameters
         const queryParameters = (operation.parameters ?? []).filter(
-            (parameter) => compiler.resolveMaybeRef(parameter).in === 'path',
+            (parameter) => compiler.resolveMaybeRef(parameter).in === 'query',
         );
-        queryParameters.forEach((parameter) => {});
+        queryParameters.forEach((refParameter, index) => {
+            const parameter = compiler.resolveMaybeRef(refParameter);
+            const paramValueIdentifier = builders.identifier(`queryParam${index}`);
+            const resultIdentifier = builders.identifier(`queryParamResult${index}`);
+            const schemaFn = compileValueSchema(compiler, parameter.schema);
+
+            // Assign the query parameter to a variable
+            nodes.push(
+                builders.variableDeclaration('const', [
+                    builders.variableDeclarator(
+                        paramValueIdentifier,
+                        builders.memberExpression(
+                            builders.memberExpression(
+                                requestIdentifier,
+                                builders.identifier('query'),
+                            ),
+                            builders.literal(parameter.name),
+                            true,
+                        ),
+                    ),
+                ]),
+            );
+
+            nodes.push(
+                builders.ifStatement(
+                    builders.binaryExpression(
+                        '===',
+                        paramValueIdentifier,
+                        builders.identifier('undefined'),
+                    ),
+                    builders.blockStatement(
+                        parameter.required
+                            ? [
+                                  builders.returnStatement(
+                                      buildRequestError(
+                                          400,
+                                          `query parameter ${parameter.name} is required`,
+                                      ),
+                                  ),
+                              ]
+                            : [],
+                    ),
+                    builders.blockStatement([
+                        // Validate the value
+                        builders.variableDeclaration('const', [
+                            builders.variableDeclarator(
+                                resultIdentifier,
+                                builders.callExpression(schemaFn, [
+                                    builders.arrayExpression([
+                                        builders.literal('query'),
+                                        builders.literal(parameter.name),
+                                    ]),
+                                    paramValueIdentifier,
+                                    contextIdentifier,
+                                ]),
+                            ),
+                        ]),
+                        // Fail if error
+                        builders.ifStatement(
+                            builders.binaryExpression(
+                                'instanceof',
+                                resultIdentifier,
+                                ValidationErrorIdentifier,
+                            ),
+                            builders.blockStatement([builders.returnStatement(resultIdentifier)]),
+                        ),
+                        // Otherwise assign the value
+                        builders.expressionStatement(
+                            builders.assignmentExpression(
+                                '=',
+                                builders.memberExpression(
+                                    builders.memberExpression(
+                                        requestIdentifier,
+                                        builders.identifier('query'),
+                                    ),
+                                    builders.literal(parameter.name),
+                                    true,
+                                ),
+                                resultIdentifier,
+                            ),
+                        ),
+                    ]),
+                ),
+            );
+        });
 
         // Validate the body against the schema
         if (operation.requestBody) {

tests/__snapshots__/gitbook.test.ts.snap

@@ -1,5 +1,5 @@
 import { expect, test } from 'bun:test';
-import { validateRequest } from './gitbook.validate';
+import { validateRequest, ValidationError } from './gitbook.validate';
 
 test('POST /spaces/1234/hive/token', () => {
     const result = validateRequest({
@@ -40,3 +40,18 @@ test('POST orgs/appleId/custom-fields', () => {
         },
     });
 });
+
+test('GET orgs/microsoft/collections?limit=invalid', () => {
+    const result = validateRequest({
+        path: '/orgs/microsoft/collections',
+        method: 'get',
+        headers: {
+            'content-type': 'application/json',
+        },
+        query: {
+            limit: 'invalid',
+        },
+    });
+    expect(result instanceof ValidationError).toBeTruthy();
+    expect(result.path).toEqual(['query', 'limit']);
+});