Fix dangerous destructuration in typescript-nestjs services (#20157)

* refactor: remove requestParameters destructuration

* feat: add reserved param names sample

* feat: quote params

* feat: improve with reservedWords

* feat: use vendorExtensions instead of extending CodegenParameter

Author: GregoryMerlet

bin/configs/typescript-nestjs-reserved-param-names.yaml

@@ -0,0 +1,6 @@
+generatorName: typescript-nestjs
+outputDir: samples/client/petstore/typescript-nestjs/builds/reservedParamNames
+inputSpec: modules/openapi-generator/src/test/resources/3_0/typescript-nestjs/reserved-param-names.yaml
+templateDir: modules/openapi-generator/src/main/resources/typescript-nestjs
+additionalProperties:
+  "useSingleRequestParameter" : true

docs/generators/typescript-nestjs.md

@@ -116,9 +116,11 @@ These options may be applied as additional-properties (cli) or configOptions (pl
 <li>float</li>
 <li>for</li>
 <li>formParams</li>
+<li>from</li>
 <li>function</li>
 <li>goto</li>
 <li>headerParams</li>
+<li>headers</li>
 <li>if</li>
 <li>implements</li>
 <li>import</li>

modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/TypeScriptNestjsClientCodegen.java

@@ -88,6 +88,8 @@ public TypeScriptNestjsClientCodegen() {
         apiPackage = "api";
         modelPackage = "model";
 
+        reservedWords.addAll(Arrays.asList("from", "headers"));
+
         this.cliOptions.add(new CliOption(NPM_REPOSITORY,
                 "Use this property to set an url your private npmRepo in the package.json"));
         this.cliOptions.add(CliOption.newBoolean(WITH_INTERFACES,
@@ -327,6 +329,10 @@ public OperationsMap postProcessOperationsWithModels(OperationsMap operations, L
 
             // Overwrite path to TypeScript template string, after applying everything we just did.
             op.path = pathBuffer.toString();
+
+            for (CodegenParameter param : op.allParams) {
+                param.vendorExtensions.putIfAbsent("x-param-has-sanitized-name", !param.baseName.equals(param.paramName));
+            }
         }
 
         operations.put("hasSomeFormParams", hasSomeFormParams);

modules/openapi-generator/src/main/resources/typescript-nestjs/api.service.mustache

@@ -35,7 +35,7 @@ export interface {{classname}}{{operationIdCamelCase}}Request {
      * @type {{=<% %>=}}{<%&dataType%>}<%={{ }}=%>
      * @memberof {{classname}}{{operationIdCamelCase}}
      */
-    readonly {{paramName}}{{^required}}?{{/required}}: {{{dataType}}}
+    readonly {{#vendorExtensions.x-param-has-sanitized-name}}'{{{baseName}}}'{{/vendorExtensions.x-param-has-sanitized-name}}{{^vendorExtensions.x-param-has-sanitized-name}}{{{paramName}}}{{/vendorExtensions.x-param-has-sanitized-name}}{{^required}}?{{/required}}: {{{dataType}}}
     {{^-last}}
 
     {{/-last}}
@@ -106,7 +106,7 @@ export class {{classname}} {
 {{#useSingleRequestParameter}}
         const {
         {{#allParams}}
-            {{paramName}},
+            {{#vendorExtensions.x-param-has-sanitized-name}}'{{{baseName}}}': {{/vendorExtensions.x-param-has-sanitized-name}}{{paramName}},
         {{/allParams}}
         } = requestParameters;
 

modules/openapi-generator/src/main/resources/typescript-nestjs/modelGeneric.mustache

@@ -5,6 +5,6 @@ export interface {{classname}}{{#allParents}}{{#-first}} extends {{/-first}}{{{.
      * {{{.}}}
      */
     {{/description}}
-    {{#isReadOnly}}readonly {{/isReadOnly}}{{{name}}}{{^required}}?{{/required}}: {{#isEnum}}{{{datatypeWithEnum}}}{{/isEnum}}{{^isEnum}}{{{dataType}}}{{/isEnum}}{{#isNullable}} | null{{/isNullable}};
+    {{#isReadOnly}}readonly {{/isReadOnly}}{{#hasSanitizedName}}'{{{baseName}}}'{{/hasSanitizedName}}{{^hasSanitizedName}}{{{name}}}{{/hasSanitizedName}}{{^required}}?{{/required}}: {{#isEnum}}{{{datatypeWithEnum}}}{{/isEnum}}{{^isEnum}}{{{dataType}}}{{/isEnum}}{{#isNullable}} | null{{/isNullable}};
 {{/vars}}
 }{{>modelGenericEnums}}

modules/openapi-generator/src/main/resources/typescript-nestjs/modelTaggedUnion.mustache

@@ -10,12 +10,12 @@ export interface {{classname}} { {{>modelGenericAdditionalProperties}}
     * {{{.}}}
     */
     {{/description}}
-    {{name}}{{^required}}?{{/required}}: {{#discriminatorValue}}'{{.}}'{{/discriminatorValue}}{{^discriminatorValue}}{{#isEnum}}{{{datatypeWithEnum}}}{{/isEnum}}{{^isEnum}}{{{dataType}}}{{/isEnum}}{{/discriminatorValue}}{{#isNullable}} | null{{/isNullable}};
+    {{#hasSanitizedName}}'{{{baseName}}}'{{/hasSanitizedName}}{{^hasSanitizedName}}{{{name}}}{{/hasSanitizedName}}{{^required}}?{{/required}}: {{#discriminatorValue}}'{{.}}'{{/discriminatorValue}}{{^discriminatorValue}}{{#isEnum}}{{{datatypeWithEnum}}}{{/isEnum}}{{^isEnum}}{{{dataType}}}{{/isEnum}}{{/discriminatorValue}}{{#isNullable}} | null{{/isNullable}};
 {{/allVars}}
 }
 {{>modelGenericEnums}}
 {{/parent}}
 {{^parent}}
 {{>modelGeneric}}
 {{/parent}}
-{{/discriminator}}
+{{/discriminator}}

modules/openapi-generator/src/test/resources/3_0/typescript-nestjs/reserved-param-names.yaml

@@ -0,0 +1,43 @@
+openapi: 3.0.0
+info:
+  description: Test reserved param names
+  version: 1.0.0
+  title: Reserved param names
+paths:
+  /test:
+    post:
+      security:
+        - bearerAuth: []
+      summary: Test reserved param names
+      description: ''
+      operationId: testReservedParamNames
+      parameters:
+        - name: notReserved
+          in: query
+          description: Should not be treated as a reserved param name
+          required: true
+          schema:
+            type: string
+        - name: from
+          in: query
+          description: Might conflict with rxjs import
+          required: true
+          schema:
+            type: string
+        - name: headers
+          in: header
+          description: Might conflict with headers const
+          required: true
+          schema:
+            type: string
+      responses:
+        '200':
+          description: successful operation
+        '405':
+          description: Invalid input
+components:
+  securitySchemes:
+    bearerAuth:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT

samples/client/petstore/typescript-nestjs/builds/reservedParamNames/.gitignore

@@ -0,0 +1,4 @@
+wwwroot/*.js
+node_modules
+typings
+dist

samples/client/petstore/typescript-nestjs/builds/reservedParamNames/.openapi-generator-ignore

@@ -0,0 +1,23 @@
+# OpenAPI Generator Ignore
+# Generated by openapi-generator https://github.com/openapitools/openapi-generator
+
+# Use this file to prevent files from being overwritten by the generator.
+# The patterns follow closely to .gitignore or .dockerignore.
+
+# As an example, the C# client generator defines ApiClient.cs.
+# You can make changes and tell OpenAPI Generator to ignore just this file by uncommenting the following line:
+#ApiClient.cs
+
+# You can match any string of characters against a directory, file or extension with a single asterisk (*):
+#foo/*/qux
+# The above matches foo/bar/qux and foo/baz/qux, but not foo/bar/baz/qux
+
+# You can recursively match patterns against a directory, file or extension with a double asterisk (**):
+#foo/**/qux
+# This matches foo/bar/qux, foo/baz/qux, and foo/bar/baz/qux
+
+# You can also negate patterns with an exclamation (!).
+# For example, you can ignore all files in a docs folder with the file extension .md:
+#docs/*.md
+# Then explicitly reverse the ignore rule for a single file:
+#!docs/README.md

samples/client/petstore/typescript-nestjs/builds/reservedParamNames/.openapi-generator/FILES

@@ -0,0 +1,10 @@
+.gitignore
+README.md
+api.module.ts
+api/api.ts
+api/default.service.ts
+configuration.ts
+git_push.sh
+index.ts
+model/models.ts
+variables.ts