16

I'm building a fuzzer for a REST API that has an OpenAPI (Swagger) definition.

I want to test all available path from the OpenAPI definition, generate data to test the servers, analyse responses code and content, and to verify if the responses are conform to the API definition.

I'm looking for a way to generate data (JSON object) from model definitions.

For example, given this model:

...
"Pet": {
  "type": "object",
  "required": [
    "name",
    "photoUrls"
  ],
  "properties": {
    "id": {
      "type": "integer",
      "format": "int64"
    },
    "category": {
      "$ref": "#/definitions/Category"
    },
    "name": {
      "type": "string",
      "example": "doggie"
    },
    "photoUrls": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "tags": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/Tag"
      }
    },
    "status": {
      "type": "string",
      "description": "pet status in the store"
    }
  }
}

I want to generate random data and get something like this: 

{
  "id": 0,
  "category": {
    "id": 0,
    "name": "string"
  },
  "name": "doggie",
  "photoUrls": [
    "string"
  ],
  "tags": [
    {
      "id": 0,
      "name": "string"
    }
  ],
  "status": "string"
}
Helen
  • 87,344
  • 17
  • 243
  • 314
Youssouf Maiga
  • 6,701
  • 7
  • 26
  • 42

3 Answers3

9

The Swagger Inflector library has the ExampleBuilder class exactly for this purpose. It lets you generate JSON, XML and YAML examples from models in an OpenAPI (Swagger) definition.

OpenAPI 2.0 example

To work with OpenAPI 2.0 (swagger: '2.0') definitions, use Swagger Java libraries 1.x.

import io.swagger.parser.SwaggerParser;
import io.swagger.models.*;
import io.swagger.inflector.examples.*;
import io.swagger.inflector.examples.models.Example;
import io.swagger.inflector.processors.JsonNodeExampleSerializer;
import io.swagger.util.Json;
import io.swagger.util.Yaml;
import java.util.Map;
import com.fasterxml.jackson.databind.module.SimpleModule;

...

// Load your OpenAPI/Swagger definition
Swagger swagger = new SwaggerParser().read("http://petstore.swagger.io/v2/swagger.json");

// Create an Example object for the Pet model
Map<String, Model> definitions = swagger.getDefinitions();
Model pet = definitions.get("Pet");
Example example = ExampleBuilder.fromModel("Pet", pet, definitions, new HashSet<String>());
// Another way:
// Example example = ExampleBuilder.fromProperty(new RefProperty("Pet"), swagger.getDefinitions());

// Configure example serializers
SimpleModule simpleModule = new SimpleModule().addSerializer(new JsonNodeExampleSerializer());
Json.mapper().registerModule(simpleModule);
Yaml.mapper().registerModule(simpleModule);

// Convert the Example object to string

// JSON example
String jsonExample = Json.pretty(example);
System.out.println(jsonExample);

// YAML example
String yamlExample = Yaml.pretty().writeValueAsString(example);
System.out.println(yamlExample);

// XML example (TODO: pretty-print it)
String xmlExample = new XmlExampleSerializer().serialize(example);
System.out.println(xmlExample);

OpenAPI 3.0 example

For an OpenAPI 3.0 example, see this answer. You need version 2.x of Swagger Java libraries, and update the imports and class names appropriately, e.g. change io.swagger.parser.SwaggerParser to io.swagger.v3.parser.OpenAPIV3Parser and so on.

Helen
  • 87,344
  • 17
  • 243
  • 314
  • 2
    This works like a peach, almost after a year of searching for a solution I found this! – InCh Feb 06 '19 at 10:27
  • Unfortunately the ExampleBuilder does not respect the minLength and maxLength properties when creating string fields in JSON output (it always puts 'string' in a string field). This can result in 'malformed' JSON. You can work around this by creating your own StringProperty objects but that kind of defeats the purposes of having a builder. – Joman68 Aug 14 '19 at 03:33
  • @Joman68 you can open an issue at https://github.com/swagger-api/swagger-inflector/issues (or, better yet, submit a PR). As a workaround you can modify your API definition to provide a custom `example` for each property, and Inflector will use those examples. – Helen Aug 14 '19 at 07:23
  • swagger-inflector, only works when the schema is defined simple and basic. It does not recognize `oneOf`, `anyOf`, `allOf`, it does not handle any references using `$ref`, it does not follow any `pattern`. – Tiina Dec 13 '19 at 07:19
  • 1
    @Tiina `ExampleBuilder` supports `allOf`, `$ref`, `oneOf` and `anyOf`. With `oneOf`/`anyOf`, it should use the first subschema. If you get incorrect/incomplete examples, please open an issue at https://github.com/swagger-api/swagger-inflector/issues. Make sure to check your OpenAPI definition for syntax errors using https://editor.swagger.io and/or other validators. You can also work around ExampleBuilder's limitations by providing your own `example` for some schemas/properties in your API definition. – Helen Dec 13 '19 at 08:06
3

My experience:

  1. go to http://editor.swagger.io
  2. File -> Import file (to load my own Swagger description)
  3. Generate client -> Java (in my case)
  4. Download and extract the client
  5. Import it's model package into any simple project, instantiate and fill model's classes with the data you need
  6. Marshall the instantiated objects into the JSON (My case - Gson, because the generated model is annotated by Gson annotations)
  7. Profit

In short: generating client (java-client in my case) based on Swagger definition, filling it's model and marshalling the result.

Yury Shaban
  • 99
  • 4
1

Just put your model in https://json-schema-faker.js.org/ and off you go.

Your provided schema works as is with minor modifications: remove "Pets" and add definitions for "Category" and "Tag". See below as an example.

Then click "Generate" and you get fake data back. It appears that this can all be done programmatically via the libraries if you don't want to go through the website (haven't tried that myself though).

{
  "definitions": {
    "description": "making this up so all refs resolve",
    "Category": {
      "type": "string"
    },
    "Tag": {
      "type": "string"
    }
  },
  "comment": "From here on down, it's exactly the same as the OP schema",
  "type": "object",
  "required": [
    "name",
    "photoUrls"
  ],
  "properties": {
    "id": {
      "type": "integer",
      "format": "int64"
    },
    "category": {
      "$ref": "#/definitions/Category"
    },
    "name": {
      "type": "string",
      "example": "doggie"
    },
    "photoUrls": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "tags": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/Tag"
      }
    },
    "status": {
      "type": "string",
      "description": "pet status in the store"
    }
  }
}
mwag
  • 3,557
  • 31
  • 38