1use super::generator::ConformanceConfig;
7use super::schema_validator::SchemaValidatorGenerator;
8use super::spec::ConformanceFeature;
9use crate::error::Result;
10use crate::request_gen::RequestGenerator;
11use crate::spec_parser::ApiOperation;
12use openapiv3::{
13 OpenAPI, Operation, Parameter, ParameterSchemaOrContent, ReferenceOr, RequestBody, Response,
14 Schema, SchemaKind, SecurityScheme, StringFormat, Type, VariantOrUnknownOrEmpty,
15};
16use std::collections::HashSet;
17
18mod ref_resolver {
20 use super::*;
21
22 pub fn resolve_parameter<'a>(
23 param_ref: &'a ReferenceOr<Parameter>,
24 spec: &'a OpenAPI,
25 ) -> Option<&'a Parameter> {
26 match param_ref {
27 ReferenceOr::Item(param) => Some(param),
28 ReferenceOr::Reference { reference } => {
29 let name = reference.strip_prefix("#/components/parameters/")?;
30 let components = spec.components.as_ref()?;
31 match components.parameters.get(name)? {
32 ReferenceOr::Item(param) => Some(param),
33 ReferenceOr::Reference {
34 reference: inner_ref,
35 } => {
36 let inner_name = inner_ref.strip_prefix("#/components/parameters/")?;
38 match components.parameters.get(inner_name)? {
39 ReferenceOr::Item(param) => Some(param),
40 ReferenceOr::Reference { .. } => None,
41 }
42 }
43 }
44 }
45 }
46 }
47
48 pub fn resolve_request_body<'a>(
49 body_ref: &'a ReferenceOr<RequestBody>,
50 spec: &'a OpenAPI,
51 ) -> Option<&'a RequestBody> {
52 match body_ref {
53 ReferenceOr::Item(body) => Some(body),
54 ReferenceOr::Reference { reference } => {
55 let name = reference.strip_prefix("#/components/requestBodies/")?;
56 let components = spec.components.as_ref()?;
57 match components.request_bodies.get(name)? {
58 ReferenceOr::Item(body) => Some(body),
59 ReferenceOr::Reference {
60 reference: inner_ref,
61 } => {
62 let inner_name = inner_ref.strip_prefix("#/components/requestBodies/")?;
64 match components.request_bodies.get(inner_name)? {
65 ReferenceOr::Item(body) => Some(body),
66 ReferenceOr::Reference { .. } => None,
67 }
68 }
69 }
70 }
71 }
72 }
73
74 pub fn resolve_schema<'a>(
75 schema_ref: &'a ReferenceOr<Schema>,
76 spec: &'a OpenAPI,
77 ) -> Option<&'a Schema> {
78 resolve_schema_with_visited(schema_ref, spec, &mut HashSet::new())
79 }
80
81 fn resolve_schema_with_visited<'a>(
82 schema_ref: &'a ReferenceOr<Schema>,
83 spec: &'a OpenAPI,
84 visited: &mut HashSet<String>,
85 ) -> Option<&'a Schema> {
86 match schema_ref {
87 ReferenceOr::Item(schema) => Some(schema),
88 ReferenceOr::Reference { reference } => {
89 if !visited.insert(reference.clone()) {
90 return None; }
92 let name = reference.strip_prefix("#/components/schemas/")?;
93 let components = spec.components.as_ref()?;
94 let nested = components.schemas.get(name)?;
95 resolve_schema_with_visited(nested, spec, visited)
96 }
97 }
98 }
99
100 pub fn resolve_boxed_schema<'a>(
102 schema_ref: &'a ReferenceOr<Box<Schema>>,
103 spec: &'a OpenAPI,
104 ) -> Option<&'a Schema> {
105 match schema_ref {
106 ReferenceOr::Item(schema) => Some(schema.as_ref()),
107 ReferenceOr::Reference { reference } => {
108 let name = reference.strip_prefix("#/components/schemas/")?;
110 let components = spec.components.as_ref()?;
111 let nested = components.schemas.get(name)?;
112 resolve_schema_with_visited(nested, spec, &mut HashSet::new())
113 }
114 }
115 }
116
117 pub fn resolve_response<'a>(
118 resp_ref: &'a ReferenceOr<Response>,
119 spec: &'a OpenAPI,
120 ) -> Option<&'a Response> {
121 match resp_ref {
122 ReferenceOr::Item(resp) => Some(resp),
123 ReferenceOr::Reference { reference } => {
124 let name = reference.strip_prefix("#/components/responses/")?;
125 let components = spec.components.as_ref()?;
126 match components.responses.get(name)? {
127 ReferenceOr::Item(resp) => Some(resp),
128 ReferenceOr::Reference {
129 reference: inner_ref,
130 } => {
131 let inner_name = inner_ref.strip_prefix("#/components/responses/")?;
133 match components.responses.get(inner_name)? {
134 ReferenceOr::Item(resp) => Some(resp),
135 ReferenceOr::Reference { .. } => None,
136 }
137 }
138 }
139 }
140 }
141 }
142}
143
144#[derive(Debug, Clone)]
146pub enum SecuritySchemeInfo {
147 Bearer,
149 Basic,
151 ApiKey {
153 location: ApiKeyLocation,
154 name: String,
155 },
156}
157
158#[derive(Debug, Clone, PartialEq)]
160pub enum ApiKeyLocation {
161 Header,
162 Query,
163 Cookie,
164}
165
166#[derive(Debug, Clone)]
168pub struct AnnotatedOperation {
169 pub path: String,
170 pub method: String,
171 pub features: Vec<ConformanceFeature>,
172 pub request_body_content_type: Option<String>,
173 pub sample_body: Option<String>,
174 pub query_params: Vec<(String, String)>,
175 pub header_params: Vec<(String, String)>,
176 pub path_params: Vec<(String, String)>,
177 pub response_schema: Option<Schema>,
179 pub response_schemas: std::collections::BTreeMap<u16, serde_json::Value>,
187 pub request_body_schema: Option<Schema>,
193 pub security_schemes: Vec<SecuritySchemeInfo>,
195}
196
197pub struct SpecDrivenConformanceGenerator {
199 config: ConformanceConfig,
200 operations: Vec<AnnotatedOperation>,
201}
202
203impl SpecDrivenConformanceGenerator {
204 pub fn new(config: ConformanceConfig, operations: Vec<AnnotatedOperation>) -> Self {
205 Self { config, operations }
206 }
207
208 pub fn annotate_operations(
210 operations: &[ApiOperation],
211 spec: &OpenAPI,
212 ) -> Vec<AnnotatedOperation> {
213 operations.iter().map(|op| Self::annotate_operation(op, spec)).collect()
214 }
215
216 fn annotate_operation(op: &ApiOperation, spec: &OpenAPI) -> AnnotatedOperation {
218 let mut features = Vec::new();
219 let mut query_params = Vec::new();
220 let mut header_params = Vec::new();
221 let mut path_params = Vec::new();
222
223 match op.method.to_uppercase().as_str() {
225 "GET" => features.push(ConformanceFeature::MethodGet),
226 "POST" => features.push(ConformanceFeature::MethodPost),
227 "PUT" => features.push(ConformanceFeature::MethodPut),
228 "PATCH" => features.push(ConformanceFeature::MethodPatch),
229 "DELETE" => features.push(ConformanceFeature::MethodDelete),
230 "HEAD" => features.push(ConformanceFeature::MethodHead),
231 "OPTIONS" => features.push(ConformanceFeature::MethodOptions),
232 _ => {}
233 }
234
235 for param_ref in &op.operation.parameters {
237 if let Some(param) = ref_resolver::resolve_parameter(param_ref, spec) {
238 Self::annotate_parameter(
239 param,
240 spec,
241 &mut features,
242 &mut query_params,
243 &mut header_params,
244 &mut path_params,
245 );
246 }
247 }
248
249 for segment in op.path.split('/') {
251 if segment.starts_with('{') && segment.ends_with('}') {
252 let name = &segment[1..segment.len() - 1];
253 if !path_params.iter().any(|(n, _)| n == name) {
255 path_params.push((name.to_string(), "test-value".to_string()));
256 if !features.contains(&ConformanceFeature::PathParamString)
258 && !features.contains(&ConformanceFeature::PathParamInteger)
259 {
260 features.push(ConformanceFeature::PathParamString);
261 }
262 }
263 }
264 }
265
266 let mut request_body_content_type = None;
268 let mut sample_body = None;
269 let mut request_body_schema: Option<Schema> = None;
270
271 let resolved_body = op
272 .operation
273 .request_body
274 .as_ref()
275 .and_then(|b| ref_resolver::resolve_request_body(b, spec));
276
277 if let Some(body) = resolved_body {
278 for (content_type, _media) in &body.content {
279 match content_type.as_str() {
280 "application/json" => {
281 features.push(ConformanceFeature::BodyJson);
282 request_body_content_type = Some("application/json".to_string());
283 if let Ok(template) = RequestGenerator::generate_template(op) {
285 if let Some(body_val) = &template.body {
286 sample_body = Some(body_val.to_string());
287 }
288 }
289 }
290 "application/x-www-form-urlencoded" => {
291 features.push(ConformanceFeature::BodyFormUrlencoded);
292 request_body_content_type =
293 Some("application/x-www-form-urlencoded".to_string());
294 }
295 "multipart/form-data" => {
296 features.push(ConformanceFeature::BodyMultipart);
297 request_body_content_type = Some("multipart/form-data".to_string());
298 }
299 _ => {}
300 }
301 }
302
303 if let Some(media) = body.content.get("application/json") {
305 if let Some(schema_ref) = &media.schema {
306 if let Some(schema) = ref_resolver::resolve_schema(schema_ref, spec) {
307 Self::annotate_schema(schema, spec, &mut features);
308 request_body_schema = Some(schema.clone());
312 }
313 }
314 }
315 }
316
317 Self::annotate_responses(&op.operation, spec, &mut features);
319
320 let response_schema = Self::extract_response_schema(&op.operation, spec);
322 if response_schema.is_some() {
323 features.push(ConformanceFeature::ResponseValidation);
324 }
325 let response_schemas = Self::extract_response_schemas_per_status(&op.operation, spec);
327
328 Self::annotate_content_negotiation(&op.operation, spec, &mut features);
330
331 let mut security_schemes = Vec::new();
333 Self::annotate_security(&op.operation, spec, &mut features, &mut security_schemes);
334
335 features.sort_by_key(|f| f.check_name());
337 features.dedup_by_key(|f| f.check_name());
338
339 AnnotatedOperation {
340 path: op.path.clone(),
341 method: op.method.to_uppercase(),
342 features,
343 request_body_content_type,
344 sample_body,
345 query_params,
346 header_params,
347 path_params,
348 response_schema,
349 response_schemas,
350 request_body_schema,
351 security_schemes,
352 }
353 }
354
355 fn annotate_parameter(
357 param: &Parameter,
358 spec: &OpenAPI,
359 features: &mut Vec<ConformanceFeature>,
360 query_params: &mut Vec<(String, String)>,
361 header_params: &mut Vec<(String, String)>,
362 path_params: &mut Vec<(String, String)>,
363 ) {
364 let (location, data) = match param {
365 Parameter::Query { parameter_data, .. } => ("query", parameter_data),
366 Parameter::Path { parameter_data, .. } => ("path", parameter_data),
367 Parameter::Header { parameter_data, .. } => ("header", parameter_data),
368 Parameter::Cookie { .. } => {
369 features.push(ConformanceFeature::CookieParam);
370 return;
371 }
372 };
373
374 let is_integer = Self::param_schema_is_integer(data, spec);
376 let is_array = Self::param_schema_is_array(data, spec);
377
378 let sample = if is_integer {
380 "42".to_string()
381 } else if is_array {
382 "a,b".to_string()
383 } else {
384 "test-value".to_string()
385 };
386
387 match location {
388 "path" => {
389 if is_integer {
390 features.push(ConformanceFeature::PathParamInteger);
391 } else {
392 features.push(ConformanceFeature::PathParamString);
393 }
394 path_params.push((data.name.clone(), sample));
395 }
396 "query" => {
397 if is_array {
398 features.push(ConformanceFeature::QueryParamArray);
399 } else if is_integer {
400 features.push(ConformanceFeature::QueryParamInteger);
401 } else {
402 features.push(ConformanceFeature::QueryParamString);
403 }
404 query_params.push((data.name.clone(), sample));
405 }
406 "header" => {
407 features.push(ConformanceFeature::HeaderParam);
408 header_params.push((data.name.clone(), sample));
409 }
410 _ => {}
411 }
412
413 if let ParameterSchemaOrContent::Schema(schema_ref) = &data.format {
415 if let Some(schema) = ref_resolver::resolve_schema(schema_ref, spec) {
416 Self::annotate_schema(schema, spec, features);
417 }
418 }
419
420 if data.required {
422 features.push(ConformanceFeature::ConstraintRequired);
423 } else {
424 features.push(ConformanceFeature::ConstraintOptional);
425 }
426 }
427
428 fn param_schema_is_integer(data: &openapiv3::ParameterData, spec: &OpenAPI) -> bool {
429 if let ParameterSchemaOrContent::Schema(schema_ref) = &data.format {
430 if let Some(schema) = ref_resolver::resolve_schema(schema_ref, spec) {
431 return matches!(&schema.schema_kind, SchemaKind::Type(Type::Integer(_)));
432 }
433 }
434 false
435 }
436
437 fn param_schema_is_array(data: &openapiv3::ParameterData, spec: &OpenAPI) -> bool {
438 if let ParameterSchemaOrContent::Schema(schema_ref) = &data.format {
439 if let Some(schema) = ref_resolver::resolve_schema(schema_ref, spec) {
440 return matches!(&schema.schema_kind, SchemaKind::Type(Type::Array(_)));
441 }
442 }
443 false
444 }
445
446 fn annotate_schema(schema: &Schema, spec: &OpenAPI, features: &mut Vec<ConformanceFeature>) {
448 match &schema.schema_kind {
449 SchemaKind::Type(Type::String(s)) => {
450 features.push(ConformanceFeature::SchemaString);
451 match &s.format {
453 VariantOrUnknownOrEmpty::Item(StringFormat::Date) => {
454 features.push(ConformanceFeature::FormatDate);
455 }
456 VariantOrUnknownOrEmpty::Item(StringFormat::DateTime) => {
457 features.push(ConformanceFeature::FormatDateTime);
458 }
459 VariantOrUnknownOrEmpty::Unknown(fmt) => match fmt.as_str() {
460 "email" => features.push(ConformanceFeature::FormatEmail),
461 "uuid" => features.push(ConformanceFeature::FormatUuid),
462 "uri" | "url" => features.push(ConformanceFeature::FormatUri),
463 "ipv4" => features.push(ConformanceFeature::FormatIpv4),
464 "ipv6" => features.push(ConformanceFeature::FormatIpv6),
465 _ => {}
466 },
467 _ => {}
468 }
469 if s.pattern.is_some() {
471 features.push(ConformanceFeature::ConstraintPattern);
472 }
473 if !s.enumeration.is_empty() {
474 features.push(ConformanceFeature::ConstraintEnum);
475 }
476 if s.min_length.is_some() || s.max_length.is_some() {
477 features.push(ConformanceFeature::ConstraintMinMax);
478 }
479 }
480 SchemaKind::Type(Type::Integer(i)) => {
481 features.push(ConformanceFeature::SchemaInteger);
482 if i.minimum.is_some() || i.maximum.is_some() {
483 features.push(ConformanceFeature::ConstraintMinMax);
484 }
485 if !i.enumeration.is_empty() {
486 features.push(ConformanceFeature::ConstraintEnum);
487 }
488 }
489 SchemaKind::Type(Type::Number(n)) => {
490 features.push(ConformanceFeature::SchemaNumber);
491 if n.minimum.is_some() || n.maximum.is_some() {
492 features.push(ConformanceFeature::ConstraintMinMax);
493 }
494 }
495 SchemaKind::Type(Type::Boolean(_)) => {
496 features.push(ConformanceFeature::SchemaBoolean);
497 }
498 SchemaKind::Type(Type::Array(arr)) => {
499 features.push(ConformanceFeature::SchemaArray);
500 if let Some(item_ref) = &arr.items {
501 if let Some(item_schema) = ref_resolver::resolve_boxed_schema(item_ref, spec) {
502 Self::annotate_schema(item_schema, spec, features);
503 }
504 }
505 }
506 SchemaKind::Type(Type::Object(obj)) => {
507 features.push(ConformanceFeature::SchemaObject);
508 if !obj.required.is_empty() {
510 features.push(ConformanceFeature::ConstraintRequired);
511 }
512 for (_name, prop_ref) in &obj.properties {
514 if let Some(prop_schema) = ref_resolver::resolve_boxed_schema(prop_ref, spec) {
515 Self::annotate_schema(prop_schema, spec, features);
516 }
517 }
518 }
519 SchemaKind::OneOf { .. } => {
520 features.push(ConformanceFeature::CompositionOneOf);
521 }
522 SchemaKind::AnyOf { .. } => {
523 features.push(ConformanceFeature::CompositionAnyOf);
524 }
525 SchemaKind::AllOf { .. } => {
526 features.push(ConformanceFeature::CompositionAllOf);
527 }
528 _ => {}
529 }
530 }
531
532 fn annotate_responses(
534 operation: &Operation,
535 spec: &OpenAPI,
536 features: &mut Vec<ConformanceFeature>,
537 ) {
538 for (status_code, resp_ref) in &operation.responses.responses {
539 if ref_resolver::resolve_response(resp_ref, spec).is_some() {
541 match status_code {
542 openapiv3::StatusCode::Code(200) => {
543 features.push(ConformanceFeature::Response200)
544 }
545 openapiv3::StatusCode::Code(201) => {
546 features.push(ConformanceFeature::Response201)
547 }
548 openapiv3::StatusCode::Code(204) => {
549 features.push(ConformanceFeature::Response204)
550 }
551 openapiv3::StatusCode::Code(400) => {
552 features.push(ConformanceFeature::Response400)
553 }
554 openapiv3::StatusCode::Code(404) => {
555 features.push(ConformanceFeature::Response404)
556 }
557 _ => {}
558 }
559 }
560 }
561 }
562
563 fn extract_response_schemas_per_status(
569 operation: &Operation,
570 spec: &OpenAPI,
571 ) -> std::collections::BTreeMap<u16, serde_json::Value> {
572 let mut out = std::collections::BTreeMap::new();
573 for (code, resp_ref) in &operation.responses.responses {
574 let openapiv3::StatusCode::Code(n) = code else {
575 continue; };
577 let Some(response) = ref_resolver::resolve_response(resp_ref, spec) else {
578 continue;
579 };
580 let Some(media) = response.content.get("application/json") else {
581 continue;
582 };
583 let Some(schema_ref) = &media.schema else {
584 continue;
585 };
586 let Some(schema) = ref_resolver::resolve_schema(schema_ref, spec) else {
587 continue;
588 };
589 if let Ok(value) = serde_json::to_value(schema) {
592 out.insert(*n, value);
593 }
594 }
595 out
596 }
597
598 fn extract_response_schema(operation: &Operation, spec: &OpenAPI) -> Option<Schema> {
601 for code in [200u16, 201] {
603 if let Some(resp_ref) =
604 operation.responses.responses.get(&openapiv3::StatusCode::Code(code))
605 {
606 if let Some(response) = ref_resolver::resolve_response(resp_ref, spec) {
607 if let Some(media) = response.content.get("application/json") {
608 if let Some(schema_ref) = &media.schema {
609 if let Some(schema) = ref_resolver::resolve_schema(schema_ref, spec) {
610 return Some(schema.clone());
611 }
612 }
613 }
614 }
615 }
616 }
617 None
618 }
619
620 fn annotate_content_negotiation(
622 operation: &Operation,
623 spec: &OpenAPI,
624 features: &mut Vec<ConformanceFeature>,
625 ) {
626 for (_status_code, resp_ref) in &operation.responses.responses {
627 if let Some(response) = ref_resolver::resolve_response(resp_ref, spec) {
628 if response.content.len() > 1 {
629 features.push(ConformanceFeature::ContentNegotiation);
630 return; }
632 }
633 }
634 }
635
636 fn annotate_security(
640 operation: &Operation,
641 spec: &OpenAPI,
642 features: &mut Vec<ConformanceFeature>,
643 security_schemes: &mut Vec<SecuritySchemeInfo>,
644 ) {
645 let security_reqs = operation.security.as_ref().or(spec.security.as_ref());
647
648 if let Some(security) = security_reqs {
649 for security_req in security {
650 for scheme_name in security_req.keys() {
651 if let Some(resolved) = Self::resolve_security_scheme(scheme_name, spec) {
653 match resolved {
654 SecurityScheme::HTTP { ref scheme, .. } => {
655 if scheme.eq_ignore_ascii_case("bearer") {
656 features.push(ConformanceFeature::SecurityBearer);
657 security_schemes.push(SecuritySchemeInfo::Bearer);
658 } else if scheme.eq_ignore_ascii_case("basic") {
659 features.push(ConformanceFeature::SecurityBasic);
660 security_schemes.push(SecuritySchemeInfo::Basic);
661 }
662 }
663 SecurityScheme::APIKey { location, name, .. } => {
664 features.push(ConformanceFeature::SecurityApiKey);
665 let loc = match location {
666 openapiv3::APIKeyLocation::Query => ApiKeyLocation::Query,
667 openapiv3::APIKeyLocation::Header => ApiKeyLocation::Header,
668 openapiv3::APIKeyLocation::Cookie => ApiKeyLocation::Cookie,
669 };
670 security_schemes.push(SecuritySchemeInfo::ApiKey {
671 location: loc,
672 name: name.clone(),
673 });
674 }
675 _ => {}
677 }
678 } else {
679 let name_lower = scheme_name.to_lowercase();
681 if name_lower.contains("bearer") || name_lower.contains("jwt") {
682 features.push(ConformanceFeature::SecurityBearer);
683 security_schemes.push(SecuritySchemeInfo::Bearer);
684 } else if name_lower.contains("api") && name_lower.contains("key") {
685 features.push(ConformanceFeature::SecurityApiKey);
686 security_schemes.push(SecuritySchemeInfo::ApiKey {
687 location: ApiKeyLocation::Header,
688 name: "X-API-Key".to_string(),
689 });
690 } else if name_lower.contains("basic") {
691 features.push(ConformanceFeature::SecurityBasic);
692 security_schemes.push(SecuritySchemeInfo::Basic);
693 }
694 }
695 }
696 }
697 }
698 }
699
700 fn resolve_security_scheme<'a>(name: &str, spec: &'a OpenAPI) -> Option<&'a SecurityScheme> {
702 let components = spec.components.as_ref()?;
703 match components.security_schemes.get(name)? {
704 ReferenceOr::Item(scheme) => Some(scheme),
705 ReferenceOr::Reference { .. } => None,
706 }
707 }
708
709 pub fn operation_count(&self) -> usize {
711 self.operations.len()
712 }
713
714 pub fn generate(&self) -> Result<(String, usize)> {
717 let mut script = String::with_capacity(16384);
718
719 script.push_str("import http from 'k6/http';\n");
721 script.push_str("import { check, group } from 'k6';\n");
722 if self.config.request_delay_ms > 0 {
723 script.push_str("import { sleep } from 'k6';\n");
724 }
725 script.push('\n');
726
727 script.push_str(
731 "http.setResponseCallback(http.expectedStatuses({ min: 100, max: 599 }));\n\n",
732 );
733
734 script.push_str("export const options = {\n");
736 script.push_str(" vus: 1,\n");
737 script.push_str(" iterations: 1,\n");
738 if self.config.skip_tls_verify {
739 script.push_str(" insecureSkipTLSVerify: true,\n");
740 }
741 script.push_str(" thresholds: {\n");
742 script.push_str(" checks: ['rate>0'],\n");
743 script.push_str(" },\n");
744 script.push_str("};\n\n");
745
746 script.push_str(&format!("const BASE_URL = '{}';\n\n", self.config.effective_base_url()));
748 script.push_str("const JSON_HEADERS = { 'Content-Type': 'application/json' };\n\n");
749
750 let custom_emit = self.config.generate_custom_group()?;
754 if let Some(emit) = &custom_emit {
755 if !emit.init_code.is_empty() {
756 script.push_str("// Round 39 (#79) — preloaded upload bytes for custom checks\n");
757 script.push_str(&emit.init_code);
758 script.push('\n');
759 }
760 }
761
762 script
765 .push_str("function __captureFailure(checkName, res, expected, schemaViolations) {\n");
766 script.push_str(" let bodyStr = '';\n");
767 script.push_str(" try { if (res.body) { const __n = res.body.length; bodyStr = res.body.substring(0, 65536); if (__n > 65536) bodyStr = bodyStr + ' <truncated at 65536 bytes; full body was ' + __n + ' bytes>'; } else { bodyStr = ''; } } catch(e) { bodyStr = '<unreadable>'; }\n");
768 script.push_str(" let reqHeaders = {};\n");
769 script.push_str(
770 " if (res.request && res.request.headers) { reqHeaders = res.request.headers; }\n",
771 );
772 script.push_str(" let reqBody = '';\n");
773 script.push_str(" if (res.request && res.request.body) { try { const __m = res.request.body.length; reqBody = res.request.body.substring(0, 65536); if (__m > 65536) reqBody = reqBody + ' <truncated at 65536 bytes; full body was ' + __m + ' bytes>'; } catch(e) {} }\n");
774 script.push_str(" let payload = {\n");
775 script.push_str(" check: checkName,\n");
776 script.push_str(" request: {\n");
777 script.push_str(" method: res.request ? res.request.method : 'unknown',\n");
778 script.push_str(" url: res.request ? res.request.url : res.url || 'unknown',\n");
779 script.push_str(" headers: reqHeaders,\n");
780 script.push_str(" body: reqBody,\n");
781 script.push_str(" },\n");
782 script.push_str(" response: {\n");
783 script.push_str(" status: res.status,\n");
784 script.push_str(" headers: res.headers ? Object.fromEntries(Object.entries(res.headers).slice(0, 20)) : {},\n");
785 script.push_str(" body: bodyStr,\n");
786 script.push_str(" },\n");
787 script.push_str(" expected: expected,\n");
788 script.push_str(" };\n");
789 script.push_str(" if (schemaViolations && schemaViolations.length > 0) { payload.schema_violations = schemaViolations; }\n");
790 script.push_str(" console.log('MOCKFORGE_FAILURE:' + JSON.stringify(payload));\n");
791 script.push_str("}\n\n");
792
793 if self.config.export_requests {
802 script.push_str("function __captureExchange(checkName, res) {\n");
803 script.push_str(" try {\n");
804 script.push_str(" let bodyStr = '';\n");
805 script.push_str(" try { if (res.body) { const __n = res.body.length; bodyStr = res.body.substring(0, 65536); if (__n > 65536) bodyStr = bodyStr + ' <truncated at 65536 bytes; full body was ' + __n + ' bytes>'; } else { bodyStr = ''; } } catch(e) { bodyStr = '<unreadable>'; }\n");
806 script.push_str(" let reqHeaders = {};\n");
807 script.push_str(
808 " if (res.request && res.request.headers) { reqHeaders = res.request.headers; }\n",
809 );
810 script.push_str(" let reqBody = '';\n");
814 script.push_str(" {\n");
815 script.push_str(
816 " const ct = (reqHeaders['Content-Type'] || reqHeaders['content-type'] || '').toString();\n",
817 );
818 script.push_str(" const isMultipart = ct.startsWith('multipart/');\n");
819 script.push_str(
820 " if (isMultipart && res.request && res.request.body) {\n\
821 \x20\x20\x20\x20\x20\x20\x20\x20try {\n\
822 \x20\x20\x20\x20\x20\x20\x20\x20 const raw = res.request.body;\n\
823 \x20\x20\x20\x20\x20\x20\x20\x20 let totalBytes = raw.length;\n\
824 \x20\x20\x20\x20\x20\x20\x20\x20 const boundaryMatch = ct.match(/boundary=([^;]+)/);\n\
825 \x20\x20\x20\x20\x20\x20\x20\x20 const boundary = boundaryMatch ? boundaryMatch[1].replace(/^\"|\"$/g, '') : '';\n\
826 \x20\x20\x20\x20\x20\x20\x20\x20 const parts = [];\n\
827 \x20\x20\x20\x20\x20\x20\x20\x20 if (boundary) {\n\
828 \x20\x20\x20\x20\x20\x20\x20\x20 const sep = '--' + boundary;\n\
829 \x20\x20\x20\x20\x20\x20\x20\x20 let cursor = raw.indexOf(sep);\n\
830 \x20\x20\x20\x20\x20\x20\x20\x20 while (cursor !== -1 && parts.length < 100) {\n\
831 \x20\x20\x20\x20\x20\x20\x20\x20 const next = raw.indexOf(sep, cursor + sep.length);\n\
832 \x20\x20\x20\x20\x20\x20\x20\x20 if (next === -1) break;\n\
833 \x20\x20\x20\x20\x20\x20\x20\x20 const slice = raw.substring(cursor + sep.length, next);\n\
834 \x20\x20\x20\x20\x20\x20\x20\x20 const headerEnd = slice.indexOf('\\r\\n\\r\\n');\n\
835 \x20\x20\x20\x20\x20\x20\x20\x20 const partHeaders = headerEnd === -1 ? slice : slice.substring(0, headerEnd);\n\
836 \x20\x20\x20\x20\x20\x20\x20\x20 const partBody = headerEnd === -1 ? '' : slice.substring(headerEnd + 4);\n\
837 \x20\x20\x20\x20\x20\x20\x20\x20 const nameMatch = partHeaders.match(/name=\"([^\"]+)\"/);\n\
838 \x20\x20\x20\x20\x20\x20\x20\x20 const filenameMatch = partHeaders.match(/filename=\"([^\"]+)\"/);\n\
839 \x20\x20\x20\x20\x20\x20\x20\x20 const partCtMatch = partHeaders.match(/Content-Type:\\s*([^\\r\\n]+)/i);\n\
840 \x20\x20\x20\x20\x20\x20\x20\x20 parts.push({\n\
841 \x20\x20\x20\x20\x20\x20\x20\x20 name: nameMatch ? nameMatch[1] : '',\n\
842 \x20\x20\x20\x20\x20\x20\x20\x20 filename: filenameMatch ? filenameMatch[1] : '',\n\
843 \x20\x20\x20\x20\x20\x20\x20\x20 contentType: partCtMatch ? partCtMatch[1].trim() : '',\n\
844 \x20\x20\x20\x20\x20\x20\x20\x20 bytes: Math.max(0, partBody.length - 2),\n\
845 \x20\x20\x20\x20\x20\x20\x20\x20 });\n\
846 \x20\x20\x20\x20\x20\x20\x20\x20 cursor = next;\n\
847 \x20\x20\x20\x20\x20\x20\x20\x20 }\n\
848 \x20\x20\x20\x20\x20\x20\x20\x20 }\n\
849 \x20\x20\x20\x20\x20\x20\x20\x20 // Round 47 #79 — overlay on-disk byte counts (see generator.rs).\n\
850 \x20\x20\x20\x20\x20\x20\x20\x20 const __mfSizes = (globalThis.__mfUploadSizes || {})[checkName] || {};\n\
851 \x20\x20\x20\x20\x20\x20\x20\x20 let __allKnown = parts.length > 0;\n\
852 \x20\x20\x20\x20\x20\x20\x20\x20 parts.forEach(function (p) { if (typeof __mfSizes[p.name] === 'number') { p.bytes = __mfSizes[p.name]; } else { __allKnown = false; } });\n\
853 \x20\x20\x20\x20\x20\x20\x20\x20 const partsTotal = parts.reduce(function (acc, p) { return acc + p.bytes; }, 0);\n\
854 \x20\x20\x20\x20\x20\x20\x20\x20 if (__allKnown) totalBytes = partsTotal;\n\
855 \x20\x20\x20\x20\x20\x20\x20\x20 // Round 49 #79 — total = disk-sum payload; wire = total + multipart envelope.\n\
856 \x20\x20\x20\x20\x20\x20\x20\x20 const wireBytes = (typeof raw === 'string' && raw.length) ? raw.length : totalBytes;\n\
857 \x20\x20\x20\x20\x20\x20\x20\x20 const summary = parts.map(function (p) { return '\\'' + p.name + '\\':\\'' + p.filename + '\\' (' + p.contentType + ', ' + p.bytes + ' bytes)'; }).join(', ');\n\
858 \x20\x20\x20\x20\x20\x20\x20\x20 reqBody = '<multipart/form-data; boundary=' + boundary + '; ' + parts.length + ' part(s); total ' + totalBytes + ' bytes (wire ' + wireBytes + ' bytes w/ envelope): ' + summary + '>';\n\
859 \x20\x20\x20\x20\x20\x20\x20\x20} catch (e) {\n\
860 \x20\x20\x20\x20\x20\x20\x20\x20 reqBody = '<multipart upload; summary failed: ' + (e && e.message ? e.message : 'unknown') + '>';\n\
861 \x20\x20\x20\x20\x20\x20\x20\x20}\n\
862 \x20\x20\x20\x20\x20\x20} else if (isMultipart) {\n\
863 \x20\x20\x20\x20\x20\x20\x20\x20reqBody = '<multipart upload; body bytes not surfaced by k6 res.request.body>';\n\
864 \x20\x20\x20\x20\x20\x20} else if (res.request && res.request.body) {\n\
865 \x20\x20\x20\x20\x20\x20\x20\x20try { const __m = res.request.body.length; reqBody = res.request.body.substring(0, 65536); if (__m > 65536) reqBody = reqBody + ' <truncated at 65536 bytes; full body was ' + __m + ' bytes>'; } catch (e) {}\n\
866 \x20\x20\x20\x20\x20\x20}\n\
867 \x20\x20\x20\x20}\n",
868 );
869 script.push_str(
871 " if (res && res.status === 0) {\n\
872 \x20\x20\x20\x20\x20\x20const ec = (res.error_code != null) ? res.error_code : 0;\n\
873 \x20\x20\x20\x20\x20\x20const em = (res.error != null) ? String(res.error) : '';\n\
874 \x20\x20\x20\x20\x20\x20let kind = 'other';\n\
875 \x20\x20\x20\x20\x20\x20if (ec >= 1200 && ec < 1300) kind = 'connect';\n\
876 \x20\x20\x20\x20\x20\x20else if (ec >= 1300 && ec < 1400) kind = 'tls';\n\
877 \x20\x20\x20\x20\x20\x20else if (ec >= 1400 && ec < 1500) kind = 'timeout';\n\
878 \x20\x20\x20\x20\x20\x20else if (em.toLowerCase().indexOf('eof') !== -1) kind = 'connect';\n \x20\x20\x20\x20\x20\x20else if (em.toLowerCase().indexOf('timeout') !== -1) kind = 'timeout';\n\
879 \x20\x20\x20\x20\x20\x20else if (em.toLowerCase().indexOf('tls') !== -1) kind = 'tls';\n\
880 \x20\x20\x20\x20\x20\x20else if (em.toLowerCase().indexOf('connect') !== -1 || em.toLowerCase().indexOf('refused') !== -1) kind = 'connect';\n\
881 \x20\x20\x20\x20\x20\x20console.log('MOCKFORGE_NETWORK_EVENT:' + JSON.stringify({\n\
882 \x20\x20\x20\x20\x20\x20 timestamp: new Date().toISOString(),\n\
883 \x20\x20\x20\x20\x20\x20 check: checkName,\n\
884 \x20\x20\x20\x20\x20\x20 method: res.request ? res.request.method : 'unknown',\n\
885 \x20\x20\x20\x20\x20\x20 url: res.request ? res.request.url : res.url || 'unknown',\n\
886 \x20\x20\x20\x20\x20\x20 kind: kind,\n\
887 \x20\x20\x20\x20\x20\x20 error_code: ec,\n\
888 \x20\x20\x20\x20\x20\x20 message: em,\n\
889 \x20\x20\x20\x20\x20\x20}));\n\
890 \x20\x20\x20\x20}\n",
891 );
892 script.push_str(" console.log('MOCKFORGE_EXCHANGE:' + JSON.stringify({\n");
893 script.push_str(" check: checkName,\n");
894 script.push_str(" request: {\n");
895 script.push_str(" method: res.request ? res.request.method : 'unknown',\n");
896 script.push_str(" url: res.request ? res.request.url : res.url || 'unknown',\n");
897 script.push_str(" headers: reqHeaders,\n");
898 script.push_str(" body: reqBody,\n");
899 script.push_str(" },\n");
900 script.push_str(" response: {\n");
901 script.push_str(" status: res.status,\n");
902 script.push_str(" headers: res.headers ? Object.fromEntries(Object.entries(res.headers).slice(0, 30)) : {},\n");
903 script.push_str(" body: bodyStr,\n");
904 script.push_str(" },\n");
905 script.push_str(" }));\n");
906 script.push_str(" } catch (e) {\n");
907 script.push_str(" try {\n");
908 script.push_str(" console.log('MOCKFORGE_EXCHANGE:' + JSON.stringify({\n");
909 script.push_str(" check: checkName,\n");
910 script.push_str(" request: {\n");
911 script.push_str(
912 " method: (res && res.request) ? res.request.method : 'unknown',\n",
913 );
914 script.push_str(" url: (res && res.request) ? res.request.url : (res && res.url) || 'unknown',\n");
915 script.push_str(" headers: {},\n");
916 script.push_str(" body: '<exchange capture failed: ' + (e && e.message ? e.message : 'unknown error') + '>',\n");
917 script.push_str(" },\n");
918 script.push_str(" response: {\n");
919 script.push_str(" status: (res && res.status) || 0,\n");
920 script.push_str(" headers: {},\n");
921 script.push_str(" body: '',\n");
922 script.push_str(" },\n");
923 script.push_str(" _export_error: (e && e.message) ? e.message : String(e),\n");
924 script.push_str(" }));\n");
925 script.push_str(" } catch (e2) {\n");
926 script.push_str(" console.log('MOCKFORGE_EXCHANGE:{\"check\":\"' + checkName + '\",\"request\":{\"method\":\"unknown\",\"url\":\"unknown\",\"headers\":{},\"body\":\"\"},\"response\":{\"status\":0,\"headers\":{},\"body\":\"\"},\"_export_error\":\"double-fault\"}');\n");
927 script.push_str(" }\n");
928 script.push_str(" }\n");
929 script.push_str("}\n\n");
930 }
931
932 script.push_str("export default function () {\n");
934
935 if self.config.has_cookie_header() {
936 script.push_str(
937 " // Clear cookie jar to prevent server Set-Cookie from duplicating custom Cookie header\n",
938 );
939 script.push_str(" http.cookieJar().clear(BASE_URL);\n\n");
940 }
941
942 let mut category_ops: std::collections::BTreeMap<
944 &'static str,
945 Vec<(&AnnotatedOperation, &ConformanceFeature)>,
946 > = std::collections::BTreeMap::new();
947
948 for op in &self.operations {
949 for feature in &op.features {
950 let category = feature.category();
951 if self.config.should_include_category(category) {
952 category_ops.entry(category).or_default().push((op, feature));
953 }
954 }
955 }
956
957 let mut total_checks = 0usize;
959 for (category, ops) in &category_ops {
960 script.push_str(&format!(" group('{}', function () {{\n", category));
961
962 if self.config.all_operations {
963 let mut emitted_checks: HashSet<String> = HashSet::new();
965 for (op, feature) in ops {
966 let qualified = format!("{}:{}", feature.check_name(), op.path);
967 if emitted_checks.insert(qualified.clone()) {
968 self.emit_check_named(&mut script, op, feature, &qualified);
969 total_checks += 1;
970 }
971 }
972 } else {
973 let mut emitted_features: HashSet<&str> = HashSet::new();
976 for (op, feature) in ops {
977 if emitted_features.insert(feature.check_name()) {
978 let qualified = format!("{}:{}", feature.check_name(), op.path);
979 self.emit_check_named(&mut script, op, feature, &qualified);
980 total_checks += 1;
981 }
982 }
983 }
984
985 script.push_str(" });\n\n");
986 }
987
988 if let Some(emit) = custom_emit {
992 script.push_str(&emit.group_body);
993 }
994
995 script.push_str("}\n\n");
996
997 self.generate_handle_summary(&mut script);
999
1000 Ok((script, total_checks))
1001 }
1002
1003 fn emit_check_named(
1005 &self,
1006 script: &mut String,
1007 op: &AnnotatedOperation,
1008 feature: &ConformanceFeature,
1009 check_name: &str,
1010 ) {
1011 let check_name = check_name.replace('\'', "\\'");
1013 let check_name = check_name.as_str();
1014
1015 script.push_str(" {\n");
1016
1017 let mut url_path = op.path.clone();
1019 for (name, value) in &op.path_params {
1020 url_path = url_path.replace(&format!("{{{}}}", name), value);
1021 }
1022
1023 if !op.query_params.is_empty() {
1025 let qs: Vec<String> =
1026 op.query_params.iter().map(|(k, v)| format!("{}={}", k, v)).collect();
1027 url_path = format!("{}?{}", url_path, qs.join("&"));
1028 }
1029
1030 let full_url = format!("${{BASE_URL}}{}", url_path);
1031
1032 let mut effective_headers = self.effective_headers(&op.header_params);
1035
1036 if matches!(feature, ConformanceFeature::Response400 | ConformanceFeature::Response404) {
1039 let expected_code = match feature {
1040 ConformanceFeature::Response400 => "400",
1041 ConformanceFeature::Response404 => "404",
1042 _ => unreachable!(),
1043 };
1044 effective_headers
1045 .push(("X-Mockforge-Response-Status".to_string(), expected_code.to_string()));
1046 }
1047
1048 let needs_auth = matches!(
1052 feature,
1053 ConformanceFeature::SecurityBearer
1054 | ConformanceFeature::SecurityBasic
1055 | ConformanceFeature::SecurityApiKey
1056 ) || !op.security_schemes.is_empty();
1057
1058 if needs_auth {
1059 self.inject_security_headers(&op.security_schemes, &mut effective_headers);
1060 }
1061
1062 let has_headers = !effective_headers.is_empty();
1063 let headers_obj = if has_headers {
1064 Self::format_headers(&effective_headers)
1065 } else {
1066 String::new()
1067 };
1068
1069 match op.method.as_str() {
1071 "GET" => {
1072 if has_headers {
1073 script.push_str(&format!(
1074 " let res = http.get(`{}`, {{ headers: {} }});\n",
1075 full_url, headers_obj
1076 ));
1077 } else {
1078 script.push_str(&format!(" let res = http.get(`{}`);\n", full_url));
1079 }
1080 }
1081 "POST" => {
1082 self.emit_request_with_body(script, "post", &full_url, op, &effective_headers);
1083 }
1084 "PUT" => {
1085 self.emit_request_with_body(script, "put", &full_url, op, &effective_headers);
1086 }
1087 "PATCH" => {
1088 self.emit_request_with_body(script, "patch", &full_url, op, &effective_headers);
1089 }
1090 "DELETE" => {
1091 if has_headers {
1092 script.push_str(&format!(
1093 " let res = http.del(`{}`, null, {{ headers: {} }});\n",
1094 full_url, headers_obj
1095 ));
1096 } else {
1097 script.push_str(&format!(" let res = http.del(`{}`);\n", full_url));
1098 }
1099 }
1100 "HEAD" => {
1101 if has_headers {
1102 script.push_str(&format!(
1103 " let res = http.head(`{}`, {{ headers: {} }});\n",
1104 full_url, headers_obj
1105 ));
1106 } else {
1107 script.push_str(&format!(" let res = http.head(`{}`);\n", full_url));
1108 }
1109 }
1110 "OPTIONS" => {
1111 if has_headers {
1112 script.push_str(&format!(
1113 " let res = http.options(`{}`, null, {{ headers: {} }});\n",
1114 full_url, headers_obj
1115 ));
1116 } else {
1117 script.push_str(&format!(" let res = http.options(`{}`);\n", full_url));
1118 }
1119 }
1120 _ => {
1121 if has_headers {
1122 script.push_str(&format!(
1123 " let res = http.get(`{}`, {{ headers: {} }});\n",
1124 full_url, headers_obj
1125 ));
1126 } else {
1127 script.push_str(&format!(" let res = http.get(`{}`);\n", full_url));
1128 }
1129 }
1130 }
1131
1132 if self.config.export_requests {
1135 script.push_str(&format!(
1136 " if (typeof __captureExchange === 'function') __captureExchange('{}', res);\n",
1137 check_name
1138 ));
1139 }
1140
1141 if matches!(
1143 feature,
1144 ConformanceFeature::Response200
1145 | ConformanceFeature::Response201
1146 | ConformanceFeature::Response204
1147 | ConformanceFeature::Response400
1148 | ConformanceFeature::Response404
1149 ) {
1150 let expected_code = match feature {
1151 ConformanceFeature::Response200 => 200,
1152 ConformanceFeature::Response201 => 201,
1153 ConformanceFeature::Response204 => 204,
1154 ConformanceFeature::Response400 => 400,
1155 ConformanceFeature::Response404 => 404,
1156 _ => 200,
1157 };
1158 script.push_str(&format!(
1159 " {{ let ok = check(res, {{ '{}': (r) => r.status === {} }}); if (!ok) __captureFailure('{}', res, 'status === {}'); }}\n",
1160 check_name, expected_code, check_name, expected_code
1161 ));
1162 } else if matches!(feature, ConformanceFeature::ResponseValidation) {
1163 if let Some(schema) = &op.response_schema {
1168 let validation_js = SchemaValidatorGenerator::generate_validation(schema);
1169 let schema_json = serde_json::to_string(schema).unwrap_or_default();
1170 let schema_json_escaped = schema_json.replace('\\', "\\\\").replace('`', "\\`");
1172 script.push_str(&format!(
1173 concat!(
1174 " try {{\n",
1175 " let body = res.json();\n",
1176 " let ok = check(res, {{ '{check}': (r) => ( {validation} ) }});\n",
1177 " if (!ok) {{\n",
1178 " let __violations = [];\n",
1179 " try {{\n",
1180 " let __schema = JSON.parse(`{schema}`);\n",
1181 " function __collectErrors(schema, data, path) {{\n",
1182 " if (!schema || typeof schema !== 'object') return;\n",
1183 " let st = schema.type || (schema.schema_kind && schema.schema_kind.Type && Object.keys(schema.schema_kind.Type)[0]);\n",
1184 " if (st) {{ st = st.toLowerCase(); }}\n",
1185 " if (st === 'object') {{\n",
1186 " if (typeof data !== 'object' || data === null) {{ __violations.push({{ field_path: path || '/', violation_type: 'type', expected: 'object', actual: typeof data }}); return; }}\n",
1187 " let props = schema.properties || (schema.schema_kind && schema.schema_kind.Type && schema.schema_kind.Type.Object && schema.schema_kind.Type.Object.properties) || {{}};\n",
1188 " let req = schema.required || (schema.schema_kind && schema.schema_kind.Type && schema.schema_kind.Type.Object && schema.schema_kind.Type.Object.required) || [];\n",
1189 " for (let f of req) {{ if (!(f in data)) {{ __violations.push({{ field_path: path + '/' + f, violation_type: 'required', expected: 'present', actual: 'missing' }}); }} }}\n",
1190 " for (let [k, v] of Object.entries(props)) {{ if (data[k] !== undefined) {{ let ps = v.Item || v; __collectErrors(ps, data[k], path + '/' + k); }} }}\n",
1191 " }} else if (st === 'array') {{\n",
1192 " if (!Array.isArray(data)) {{ __violations.push({{ field_path: path || '/', violation_type: 'type', expected: 'array', actual: typeof data }}); return; }}\n",
1193 " let items = schema.items || (schema.schema_kind && schema.schema_kind.Type && schema.schema_kind.Type.Array && schema.schema_kind.Type.Array.items);\n",
1194 " if (items) {{ let is = items.Item || items; for (let i = 0; i < Math.min(data.length, 5); i++) {{ __collectErrors(is, data[i], path + '/' + i); }} }}\n",
1195 " }} else if (st === 'string') {{\n",
1196 " if (typeof data !== 'string') {{ __violations.push({{ field_path: path || '/', violation_type: 'type', expected: 'string', actual: typeof data }}); }}\n",
1197 " }} else if (st === 'integer') {{\n",
1198 " if (typeof data !== 'number' || !Number.isInteger(data)) {{ __violations.push({{ field_path: path || '/', violation_type: 'type', expected: 'integer', actual: typeof data }}); }}\n",
1199 " }} else if (st === 'number') {{\n",
1200 " if (typeof data !== 'number') {{ __violations.push({{ field_path: path || '/', violation_type: 'type', expected: 'number', actual: typeof data }}); }}\n",
1201 " }} else if (st === 'boolean') {{\n",
1202 " if (typeof data !== 'boolean') {{ __violations.push({{ field_path: path || '/', violation_type: 'type', expected: 'boolean', actual: typeof data }}); }}\n",
1203 " }}\n",
1204 " }}\n",
1205 " __collectErrors(__schema, body, '');\n",
1206 " }} catch(_e) {{}}\n",
1207 " __captureFailure('{check}', res, 'schema validation', __violations);\n",
1208 " }}\n",
1209 " }} catch(e) {{ check(res, {{ '{check}': () => false }}); __captureFailure('{check}', res, 'JSON parse failed: ' + e.message); }}\n",
1210 ),
1211 check = check_name,
1212 validation = validation_js,
1213 schema = schema_json_escaped,
1214 ));
1215 }
1216 } else if matches!(
1217 feature,
1218 ConformanceFeature::SecurityBearer
1219 | ConformanceFeature::SecurityBasic
1220 | ConformanceFeature::SecurityApiKey
1221 ) {
1222 script.push_str(&format!(
1224 " {{ let ok = check(res, {{ '{}': (r) => r.status >= 200 && r.status < 400 }}); if (!ok) __captureFailure('{}', res, 'status >= 200 && status < 400 (auth accepted)'); }}\n",
1225 check_name, check_name
1226 ));
1227 } else {
1228 script.push_str(&format!(
1229 " {{ let ok = check(res, {{ '{}': (r) => r.status >= 200 && r.status < 500 }}); if (!ok) __captureFailure('{}', res, 'status >= 200 && status < 500'); }}\n",
1230 check_name, check_name
1231 ));
1232 }
1233
1234 let has_cookie = self.config.has_cookie_header()
1236 || effective_headers.iter().any(|(h, _)| h.eq_ignore_ascii_case("Cookie"));
1237 if has_cookie {
1238 script.push_str(" http.cookieJar().clear(BASE_URL);\n");
1239 }
1240
1241 script.push_str(" }\n");
1242
1243 if self.config.request_delay_ms > 0 {
1245 script.push_str(&format!(
1246 " sleep({:.3});\n",
1247 self.config.request_delay_ms as f64 / 1000.0
1248 ));
1249 }
1250 }
1251
1252 fn emit_request_with_body(
1254 &self,
1255 script: &mut String,
1256 method: &str,
1257 url: &str,
1258 op: &AnnotatedOperation,
1259 effective_headers: &[(String, String)],
1260 ) {
1261 if let Some(body) = &op.sample_body {
1262 let escaped_body = body.replace('\'', "\\'");
1263 let headers = if !effective_headers.is_empty() {
1264 format!(
1265 "Object.assign({{}}, JSON_HEADERS, {})",
1266 Self::format_headers(effective_headers)
1267 )
1268 } else {
1269 "JSON_HEADERS".to_string()
1270 };
1271 script.push_str(&format!(
1272 " let res = http.{}(`{}`, '{}', {{ headers: {} }});\n",
1273 method, url, escaped_body, headers
1274 ));
1275 } else if !effective_headers.is_empty() {
1276 script.push_str(&format!(
1277 " let res = http.{}(`{}`, null, {{ headers: {} }});\n",
1278 method,
1279 url,
1280 Self::format_headers(effective_headers)
1281 ));
1282 } else {
1283 script.push_str(&format!(" let res = http.{}(`{}`, null);\n", method, url));
1284 }
1285 }
1286
1287 fn effective_headers(&self, spec_headers: &[(String, String)]) -> Vec<(String, String)> {
1291 let custom = &self.config.custom_headers;
1292 if custom.is_empty() {
1293 return spec_headers.to_vec();
1294 }
1295
1296 let mut result: Vec<(String, String)> = Vec::new();
1297
1298 for (name, value) in spec_headers {
1300 if let Some((_, custom_val)) =
1301 custom.iter().find(|(cn, _)| cn.eq_ignore_ascii_case(name))
1302 {
1303 result.push((name.clone(), custom_val.clone()));
1304 } else {
1305 result.push((name.clone(), value.clone()));
1306 }
1307 }
1308
1309 for (name, value) in custom {
1311 if !spec_headers.iter().any(|(sn, _)| sn.eq_ignore_ascii_case(name)) {
1312 result.push((name.clone(), value.clone()));
1313 }
1314 }
1315
1316 result
1317 }
1318
1319 fn inject_security_headers(
1322 &self,
1323 schemes: &[SecuritySchemeInfo],
1324 headers: &mut Vec<(String, String)>,
1325 ) {
1326 let mut to_add: Vec<(String, String)> = Vec::new();
1327
1328 let has_header = |name: &str, headers: &[(String, String)]| {
1329 headers.iter().any(|(h, _)| h.eq_ignore_ascii_case(name))
1330 || self.config.custom_headers.iter().any(|(h, _)| h.eq_ignore_ascii_case(name))
1331 };
1332
1333 let has_cookie_auth = has_header("Cookie", headers);
1335
1336 for scheme in schemes {
1337 match scheme {
1338 SecuritySchemeInfo::Bearer => {
1339 if !has_cookie_auth && !has_header("Authorization", headers) {
1340 to_add.push((
1342 "Authorization".to_string(),
1343 "Bearer mockforge-conformance-test-token".to_string(),
1344 ));
1345 }
1346 }
1347 SecuritySchemeInfo::Basic => {
1348 if !has_cookie_auth && !has_header("Authorization", headers) {
1349 let creds = self.config.basic_auth.as_deref().unwrap_or("test:test");
1350 use base64::Engine;
1351 let encoded =
1352 base64::engine::general_purpose::STANDARD.encode(creds.as_bytes());
1353 to_add.push(("Authorization".to_string(), format!("Basic {}", encoded)));
1354 }
1355 }
1356 SecuritySchemeInfo::ApiKey { location, name } => match location {
1357 ApiKeyLocation::Header => {
1358 if !has_header(name, headers) {
1359 let key = self
1360 .config
1361 .api_key
1362 .as_deref()
1363 .unwrap_or("mockforge-conformance-test-key");
1364 to_add.push((name.clone(), key.to_string()));
1365 }
1366 }
1367 ApiKeyLocation::Cookie => {
1368 if !has_header("Cookie", headers) {
1369 to_add.push((
1370 "Cookie".to_string(),
1371 format!("{}=mockforge-conformance-test-session", name),
1372 ));
1373 }
1374 }
1375 ApiKeyLocation::Query => {
1376 }
1378 },
1379 }
1380 }
1381
1382 headers.extend(to_add);
1383 }
1384
1385 fn format_headers(headers: &[(String, String)]) -> String {
1387 let entries: Vec<String> = headers
1388 .iter()
1389 .map(|(k, v)| format!("'{}': '{}'", k, v.replace('\'', "\\'")))
1390 .collect();
1391 format!("{{ {} }}", entries.join(", "))
1392 }
1393
1394 fn generate_handle_summary(&self, script: &mut String) {
1396 let report_path = match &self.config.output_dir {
1398 Some(dir) => {
1399 let abs = std::fs::canonicalize(dir)
1400 .unwrap_or_else(|_| dir.clone())
1401 .join("conformance-report.json");
1402 abs.to_string_lossy().to_string()
1403 }
1404 None => "conformance-report.json".to_string(),
1405 };
1406
1407 script.push_str("export function handleSummary(data) {\n");
1408 script.push_str(" let checks = {};\n");
1409 script.push_str(" if (data.metrics && data.metrics.checks) {\n");
1410 script.push_str(" checks.overall_pass_rate = data.metrics.checks.values.rate;\n");
1411 script.push_str(" }\n");
1412 script.push_str(" let checkResults = {};\n");
1413 script.push_str(" function walkGroups(group) {\n");
1414 script.push_str(" if (group.checks) {\n");
1415 script.push_str(" for (let checkObj of group.checks) {\n");
1416 script.push_str(" checkResults[checkObj.name] = {\n");
1417 script.push_str(" passes: checkObj.passes,\n");
1418 script.push_str(" fails: checkObj.fails,\n");
1419 script.push_str(" };\n");
1420 script.push_str(" }\n");
1421 script.push_str(" }\n");
1422 script.push_str(" if (group.groups) {\n");
1423 script.push_str(" for (let subGroup of group.groups) {\n");
1424 script.push_str(" walkGroups(subGroup);\n");
1425 script.push_str(" }\n");
1426 script.push_str(" }\n");
1427 script.push_str(" }\n");
1428 script.push_str(" if (data.root_group) {\n");
1429 script.push_str(" walkGroups(data.root_group);\n");
1430 script.push_str(" }\n");
1431 script.push_str(" return {\n");
1432 script.push_str(&format!(
1433 " '{}': JSON.stringify({{ checks: checkResults, overall: checks }}, null, 2),\n",
1434 report_path
1435 ));
1436 script.push_str(" 'summary.json': JSON.stringify(data),\n");
1437 script.push_str(" stdout: textSummary(data, { indent: ' ', enableColors: true }),\n");
1438 script.push_str(" };\n");
1439 script.push_str("}\n\n");
1440 script.push_str("function textSummary(data, opts) {\n");
1441 script.push_str(" return JSON.stringify(data, null, 2);\n");
1442 script.push_str("}\n");
1443 }
1444}
1445
1446#[cfg(test)]
1447mod tests {
1448 use super::*;
1449 use openapiv3::{
1450 Operation, ParameterData, ParameterSchemaOrContent, PathStyle, Response, Schema,
1451 SchemaData, SchemaKind, StringType, Type,
1452 };
1453
1454 fn make_op(method: &str, path: &str, operation: Operation) -> ApiOperation {
1455 ApiOperation {
1456 method: method.to_string(),
1457 path: path.to_string(),
1458 operation,
1459 operation_id: None,
1460 }
1461 }
1462
1463 fn empty_spec() -> OpenAPI {
1464 OpenAPI::default()
1465 }
1466
1467 #[test]
1468 fn test_annotate_get_with_path_param() {
1469 let mut op = Operation::default();
1470 op.parameters.push(ReferenceOr::Item(Parameter::Path {
1471 parameter_data: ParameterData {
1472 name: "id".to_string(),
1473 description: None,
1474 required: true,
1475 deprecated: None,
1476 format: ParameterSchemaOrContent::Schema(ReferenceOr::Item(Schema {
1477 schema_data: SchemaData::default(),
1478 schema_kind: SchemaKind::Type(Type::String(StringType::default())),
1479 })),
1480 example: None,
1481 examples: Default::default(),
1482 explode: None,
1483 extensions: Default::default(),
1484 },
1485 style: PathStyle::Simple,
1486 }));
1487
1488 let api_op = make_op("get", "/users/{id}", op);
1489 let annotated = SpecDrivenConformanceGenerator::annotate_operation(&api_op, &empty_spec());
1490
1491 assert!(annotated.features.contains(&ConformanceFeature::MethodGet));
1492 assert!(annotated.features.contains(&ConformanceFeature::PathParamString));
1493 assert!(annotated.features.contains(&ConformanceFeature::ConstraintRequired));
1494 assert_eq!(annotated.path_params.len(), 1);
1495 assert_eq!(annotated.path_params[0].0, "id");
1496 }
1497
1498 #[test]
1499 fn test_annotate_post_with_json_body() {
1500 let mut op = Operation::default();
1501 let mut body = RequestBody {
1502 required: true,
1503 ..Default::default()
1504 };
1505 body.content
1506 .insert("application/json".to_string(), openapiv3::MediaType::default());
1507 op.request_body = Some(ReferenceOr::Item(body));
1508
1509 let api_op = make_op("post", "/items", op);
1510 let annotated = SpecDrivenConformanceGenerator::annotate_operation(&api_op, &empty_spec());
1511
1512 assert!(annotated.features.contains(&ConformanceFeature::MethodPost));
1513 assert!(annotated.features.contains(&ConformanceFeature::BodyJson));
1514 }
1515
1516 #[test]
1517 fn test_annotate_response_codes() {
1518 let mut op = Operation::default();
1519 op.responses
1520 .responses
1521 .insert(openapiv3::StatusCode::Code(200), ReferenceOr::Item(Response::default()));
1522 op.responses
1523 .responses
1524 .insert(openapiv3::StatusCode::Code(404), ReferenceOr::Item(Response::default()));
1525
1526 let api_op = make_op("get", "/items", op);
1527 let annotated = SpecDrivenConformanceGenerator::annotate_operation(&api_op, &empty_spec());
1528
1529 assert!(annotated.features.contains(&ConformanceFeature::Response200));
1530 assert!(annotated.features.contains(&ConformanceFeature::Response404));
1531 }
1532
1533 #[test]
1534 fn test_generate_spec_driven_script() {
1535 let config = ConformanceConfig {
1536 target_url: "http://localhost:3000".to_string(),
1537 api_key: None,
1538 basic_auth: None,
1539 skip_tls_verify: false,
1540 categories: None,
1541 base_path: None,
1542 custom_headers: vec![],
1543 output_dir: None,
1544 all_operations: false,
1545 custom_checks_file: None,
1546 request_delay_ms: 0,
1547 custom_filter: None,
1548 export_requests: false,
1549 validate_requests: false,
1550 };
1551
1552 let operations = vec![AnnotatedOperation {
1553 path: "/users/{id}".to_string(),
1554 method: "GET".to_string(),
1555 features: vec![
1556 ConformanceFeature::MethodGet,
1557 ConformanceFeature::PathParamString,
1558 ],
1559 request_body_content_type: None,
1560 sample_body: None,
1561 query_params: vec![],
1562 header_params: vec![],
1563 path_params: vec![("id".to_string(), "test-value".to_string())],
1564 response_schema: None,
1565 response_schemas: std::collections::BTreeMap::new(),
1566 request_body_schema: None,
1567 security_schemes: vec![],
1568 }];
1569
1570 let gen = SpecDrivenConformanceGenerator::new(config, operations);
1571 let (script, _check_count) = gen.generate().unwrap();
1572
1573 assert!(script.contains("import http from 'k6/http'"));
1574 assert!(script.contains("/users/test-value"));
1575 assert!(script.contains("param:path:string"));
1576 assert!(script.contains("method:GET"));
1577 assert!(script.contains("handleSummary"));
1578 }
1579
1580 #[test]
1581 fn test_generate_with_category_filter() {
1582 let config = ConformanceConfig {
1583 target_url: "http://localhost:3000".to_string(),
1584 api_key: None,
1585 basic_auth: None,
1586 skip_tls_verify: false,
1587 categories: Some(vec!["Parameters".to_string()]),
1588 base_path: None,
1589 custom_headers: vec![],
1590 output_dir: None,
1591 all_operations: false,
1592 custom_checks_file: None,
1593 request_delay_ms: 0,
1594 custom_filter: None,
1595 export_requests: false,
1596 validate_requests: false,
1597 };
1598
1599 let operations = vec![AnnotatedOperation {
1600 path: "/users/{id}".to_string(),
1601 method: "GET".to_string(),
1602 features: vec![
1603 ConformanceFeature::MethodGet,
1604 ConformanceFeature::PathParamString,
1605 ],
1606 request_body_content_type: None,
1607 sample_body: None,
1608 query_params: vec![],
1609 header_params: vec![],
1610 path_params: vec![("id".to_string(), "1".to_string())],
1611 response_schema: None,
1612 response_schemas: std::collections::BTreeMap::new(),
1613 request_body_schema: None,
1614 security_schemes: vec![],
1615 }];
1616
1617 let gen = SpecDrivenConformanceGenerator::new(config, operations);
1618 let (script, _check_count) = gen.generate().unwrap();
1619
1620 assert!(script.contains("group('Parameters'"));
1621 assert!(!script.contains("group('HTTP Methods'"));
1622 }
1623
1624 #[test]
1625 fn test_annotate_response_validation() {
1626 use openapiv3::ObjectType;
1627
1628 let mut op = Operation::default();
1630 let mut response = Response::default();
1631 let mut media = openapiv3::MediaType::default();
1632 let mut obj_type = ObjectType::default();
1633 obj_type.properties.insert(
1634 "name".to_string(),
1635 ReferenceOr::Item(Box::new(Schema {
1636 schema_data: SchemaData::default(),
1637 schema_kind: SchemaKind::Type(Type::String(StringType::default())),
1638 })),
1639 );
1640 obj_type.required = vec!["name".to_string()];
1641 media.schema = Some(ReferenceOr::Item(Schema {
1642 schema_data: SchemaData::default(),
1643 schema_kind: SchemaKind::Type(Type::Object(obj_type)),
1644 }));
1645 response.content.insert("application/json".to_string(), media);
1646 op.responses
1647 .responses
1648 .insert(openapiv3::StatusCode::Code(200), ReferenceOr::Item(response));
1649
1650 let api_op = make_op("get", "/users", op);
1651 let annotated = SpecDrivenConformanceGenerator::annotate_operation(&api_op, &empty_spec());
1652
1653 assert!(
1654 annotated.features.contains(&ConformanceFeature::ResponseValidation),
1655 "Should detect ResponseValidation when response has a JSON schema"
1656 );
1657 assert!(annotated.response_schema.is_some(), "Should extract the response schema");
1658
1659 let config = ConformanceConfig {
1661 target_url: "http://localhost:3000".to_string(),
1662 api_key: None,
1663 basic_auth: None,
1664 skip_tls_verify: false,
1665 categories: None,
1666 base_path: None,
1667 custom_headers: vec![],
1668 output_dir: None,
1669 all_operations: false,
1670 custom_checks_file: None,
1671 request_delay_ms: 0,
1672 custom_filter: None,
1673 export_requests: false,
1674 validate_requests: false,
1675 };
1676 let gen = SpecDrivenConformanceGenerator::new(config, vec![annotated]);
1677 let (script, _check_count) = gen.generate().unwrap();
1678
1679 assert!(
1680 script.contains("response:schema:validation"),
1681 "Script should contain the validation check name"
1682 );
1683 assert!(script.contains("try {"), "Script should wrap validation in try-catch");
1684 assert!(script.contains("res.json()"), "Script should parse response as JSON");
1685 }
1686
1687 #[test]
1688 fn test_annotate_global_security() {
1689 let op = Operation::default();
1691 let mut spec = OpenAPI::default();
1692 let mut global_req = openapiv3::SecurityRequirement::new();
1693 global_req.insert("bearerAuth".to_string(), vec![]);
1694 spec.security = Some(vec![global_req]);
1695 let mut components = openapiv3::Components::default();
1697 components.security_schemes.insert(
1698 "bearerAuth".to_string(),
1699 ReferenceOr::Item(SecurityScheme::HTTP {
1700 scheme: "bearer".to_string(),
1701 bearer_format: Some("JWT".to_string()),
1702 description: None,
1703 extensions: Default::default(),
1704 }),
1705 );
1706 spec.components = Some(components);
1707
1708 let api_op = make_op("get", "/protected", op);
1709 let annotated = SpecDrivenConformanceGenerator::annotate_operation(&api_op, &spec);
1710
1711 assert!(
1712 annotated.features.contains(&ConformanceFeature::SecurityBearer),
1713 "Should detect SecurityBearer from global security + components"
1714 );
1715 }
1716
1717 #[test]
1718 fn test_annotate_security_scheme_resolution() {
1719 let mut op = Operation::default();
1721 let mut req = openapiv3::SecurityRequirement::new();
1723 req.insert("myAuth".to_string(), vec![]);
1724 op.security = Some(vec![req]);
1725
1726 let mut spec = OpenAPI::default();
1727 let mut components = openapiv3::Components::default();
1728 components.security_schemes.insert(
1729 "myAuth".to_string(),
1730 ReferenceOr::Item(SecurityScheme::APIKey {
1731 location: openapiv3::APIKeyLocation::Header,
1732 name: "X-API-Key".to_string(),
1733 description: None,
1734 extensions: Default::default(),
1735 }),
1736 );
1737 spec.components = Some(components);
1738
1739 let api_op = make_op("get", "/data", op);
1740 let annotated = SpecDrivenConformanceGenerator::annotate_operation(&api_op, &spec);
1741
1742 assert!(
1743 annotated.features.contains(&ConformanceFeature::SecurityApiKey),
1744 "Should detect SecurityApiKey from SecurityScheme::APIKey, not name heuristic"
1745 );
1746 }
1747
1748 #[test]
1749 fn test_annotate_content_negotiation() {
1750 let mut op = Operation::default();
1751 let mut response = Response::default();
1752 response
1754 .content
1755 .insert("application/json".to_string(), openapiv3::MediaType::default());
1756 response
1757 .content
1758 .insert("application/xml".to_string(), openapiv3::MediaType::default());
1759 op.responses
1760 .responses
1761 .insert(openapiv3::StatusCode::Code(200), ReferenceOr::Item(response));
1762
1763 let api_op = make_op("get", "/items", op);
1764 let annotated = SpecDrivenConformanceGenerator::annotate_operation(&api_op, &empty_spec());
1765
1766 assert!(
1767 annotated.features.contains(&ConformanceFeature::ContentNegotiation),
1768 "Should detect ContentNegotiation when response has multiple content types"
1769 );
1770 }
1771
1772 #[test]
1773 fn test_no_content_negotiation_for_single_type() {
1774 let mut op = Operation::default();
1775 let mut response = Response::default();
1776 response
1777 .content
1778 .insert("application/json".to_string(), openapiv3::MediaType::default());
1779 op.responses
1780 .responses
1781 .insert(openapiv3::StatusCode::Code(200), ReferenceOr::Item(response));
1782
1783 let api_op = make_op("get", "/items", op);
1784 let annotated = SpecDrivenConformanceGenerator::annotate_operation(&api_op, &empty_spec());
1785
1786 assert!(
1787 !annotated.features.contains(&ConformanceFeature::ContentNegotiation),
1788 "Should NOT detect ContentNegotiation for a single content type"
1789 );
1790 }
1791
1792 #[test]
1793 fn test_spec_driven_with_base_path() {
1794 let annotated = AnnotatedOperation {
1795 path: "/users".to_string(),
1796 method: "GET".to_string(),
1797 features: vec![ConformanceFeature::MethodGet],
1798 path_params: vec![],
1799 query_params: vec![],
1800 header_params: vec![],
1801 request_body_content_type: None,
1802 sample_body: None,
1803 response_schema: None,
1804 response_schemas: std::collections::BTreeMap::new(),
1805 request_body_schema: None,
1806 security_schemes: vec![],
1807 };
1808 let config = ConformanceConfig {
1809 target_url: "https://192.168.2.86/".to_string(),
1810 api_key: None,
1811 basic_auth: None,
1812 skip_tls_verify: true,
1813 categories: None,
1814 base_path: Some("/api".to_string()),
1815 custom_headers: vec![],
1816 output_dir: None,
1817 all_operations: false,
1818 custom_checks_file: None,
1819 request_delay_ms: 0,
1820 custom_filter: None,
1821 export_requests: false,
1822 validate_requests: false,
1823 };
1824 let gen = SpecDrivenConformanceGenerator::new(config, vec![annotated]);
1825 let (script, _check_count) = gen.generate().unwrap();
1826
1827 assert!(
1828 script.contains("const BASE_URL = 'https://192.168.2.86/api'"),
1829 "BASE_URL should include the base_path. Got: {}",
1830 script.lines().find(|l| l.contains("BASE_URL")).unwrap_or("not found")
1831 );
1832 }
1833
1834 #[test]
1835 fn test_spec_driven_with_custom_headers() {
1836 let annotated = AnnotatedOperation {
1837 path: "/users".to_string(),
1838 method: "GET".to_string(),
1839 features: vec![ConformanceFeature::MethodGet],
1840 path_params: vec![],
1841 query_params: vec![],
1842 header_params: vec![
1843 ("X-Avi-Tenant".to_string(), "test-value".to_string()),
1844 ("X-CSRFToken".to_string(), "test-value".to_string()),
1845 ],
1846 request_body_content_type: None,
1847 sample_body: None,
1848 response_schema: None,
1849 response_schemas: std::collections::BTreeMap::new(),
1850 request_body_schema: None,
1851 security_schemes: vec![],
1852 };
1853 let config = ConformanceConfig {
1854 target_url: "https://192.168.2.86/".to_string(),
1855 api_key: None,
1856 basic_auth: None,
1857 skip_tls_verify: true,
1858 categories: None,
1859 base_path: Some("/api".to_string()),
1860 custom_headers: vec![
1861 ("X-Avi-Tenant".to_string(), "admin".to_string()),
1862 ("X-CSRFToken".to_string(), "real-csrf-token".to_string()),
1863 ("Cookie".to_string(), "sessionid=abc123".to_string()),
1864 ],
1865 output_dir: None,
1866 all_operations: false,
1867 custom_checks_file: None,
1868 request_delay_ms: 0,
1869 custom_filter: None,
1870 export_requests: false,
1871 validate_requests: false,
1872 };
1873 let gen = SpecDrivenConformanceGenerator::new(config, vec![annotated]);
1874 let (script, _check_count) = gen.generate().unwrap();
1875
1876 assert!(
1878 script.contains("'X-Avi-Tenant': 'admin'"),
1879 "Should use custom value for X-Avi-Tenant, not test-value"
1880 );
1881 assert!(
1882 script.contains("'X-CSRFToken': 'real-csrf-token'"),
1883 "Should use custom value for X-CSRFToken, not test-value"
1884 );
1885 assert!(
1887 script.contains("'Cookie': 'sessionid=abc123'"),
1888 "Should include Cookie header from custom_headers"
1889 );
1890 assert!(
1892 !script.contains("'test-value'"),
1893 "test-value placeholders should be replaced by custom values"
1894 );
1895 }
1896
1897 #[test]
1898 fn test_effective_headers_merging() {
1899 let config = ConformanceConfig {
1900 target_url: "http://localhost".to_string(),
1901 api_key: None,
1902 basic_auth: None,
1903 skip_tls_verify: false,
1904 categories: None,
1905 base_path: None,
1906 custom_headers: vec![
1907 ("X-Auth".to_string(), "real-token".to_string()),
1908 ("Cookie".to_string(), "session=abc".to_string()),
1909 ],
1910 output_dir: None,
1911 all_operations: false,
1912 custom_checks_file: None,
1913 request_delay_ms: 0,
1914 custom_filter: None,
1915 export_requests: false,
1916 validate_requests: false,
1917 };
1918 let gen = SpecDrivenConformanceGenerator::new(config, vec![]);
1919
1920 let spec_headers = vec![
1922 ("X-Auth".to_string(), "test-value".to_string()),
1923 ("X-Other".to_string(), "keep-this".to_string()),
1924 ];
1925 let effective = gen.effective_headers(&spec_headers);
1926
1927 assert_eq!(effective[0], ("X-Auth".to_string(), "real-token".to_string()));
1929 assert_eq!(effective[1], ("X-Other".to_string(), "keep-this".to_string()));
1931 assert_eq!(effective[2], ("Cookie".to_string(), "session=abc".to_string()));
1933 }
1934}