Skip to content

Instantly share code, notes, and snippets.

@isaackogan

isaackogan/removePrivateRoutesFromSpec.ts

Created September 9, 2024 04:51
Show Gist options
  • Save isaackogan/17aa2a1340284fd88d8981d675768665 to your computer and use it in GitHub Desktop.
Save isaackogan/17aa2a1340284fd88d8981d675768665 to your computer and use it in GitHub Desktop.
Download ZIP
Remove private routes from an openapi spec. This will ONLY add refs that are *used* by the whitelisted routes, and hide protected routes / components
Raw
removePrivateRoutesFromSpec.ts
import {OpenAPISpec} from "../../@types/express/openapi";
function addAllowedPathsToPrivateSpec(
publicSpec: Partial<OpenAPISpec>,
privateSpec: OpenAPISpec,
allowedPaths: string[]
): void {
publicSpec.paths ||= {};
for (const path in privateSpec.paths) {
if (allowedPaths.includes(path)) {
publicSpec.paths[path] = privateSpec.paths[path];
}
}
}
function recursivelyExtractRefsFromObject(
obj: Record<string, any>,
refs: Set<string> = new Set<string>()
): Set<string> {
for (const key in obj) {
if (key === "$ref") {
refs.add(obj[key]);
} else if (typeof obj[key] === "object") {
recursivelyExtractRefsFromObject(obj[key], refs);
}
}
return refs;
}
function cleanRefName(ref: string): string {
return ref.split("/").pop() as string;
}
class SetWithPop<T> extends Set<T> {
pop(): T {
const value = this.values().next().value;
this.delete(value);
return value;
}
}
function addRefsToSpec(
publicSpec: Partial<OpenAPISpec>,
privateSpec: OpenAPISpec,
baseRefs: Set<string>
) {
let addedRefs = new Set<string>();
let refs = new SetWithPop<string>(baseRefs);
publicSpec.components = {schemas: {}};
while (refs.size > 0) {
const ref = refs.pop();
const refName = cleanRefName(ref);
publicSpec.components.schemas[refName] = privateSpec.components.schemas[refName];
const newRefs = recursivelyExtractRefsFromObject(publicSpec.components.schemas);
newRefs.forEach(newRef => {
if (!addedRefs.has(newRef)) {
refs.add(newRef);
addedRefs.add(newRef);
}
})
}
}
export function createSpecWithAllowedRoutes(
privateSpec: OpenAPISpec,
allowedRoutes: string[],
): Partial<OpenAPISpec> {
const publicSpec: Partial<OpenAPISpec> = {};
publicSpec.components = {schemas: {}};
addAllowedPathsToPrivateSpec(publicSpec, privateSpec, allowedRoutes);
const baseRefs = recursivelyExtractRefsFromObject(publicSpec);
addRefsToSpec(publicSpec, privateSpec, baseRefs);
return publicSpec;
}
@isaackogan
Copy link
Author

isaackogan commented Sep 9, 2024
edited
Loading

Types:

export type OpenAPISpec = {
  openapi: string; // Version of the OpenAPI Specification, e.g., "3.0.0"
  info: Info;
  components: Components;
  paths: Record<string, any>;
  servers: Server[];
  tags: Tag[];
};

export type Server = {
  url: string;
  description?: string;
  variables?: Record<string, any>;
};

export type Tag = {
  name: string;
  description?: string;
  externalDocs?: any;
};

export type Info = {
  title: string;
  version: string;
  description?: string;
  termsOfService?: string;
  contact?: Contact;
  license?: License;
};

export type Contact = {
  name?: string;
  url?: string;
  email?: string;
};

export type License = {
  name: string;
  url?: string;
};

export type Components = {
  schemas: Record<string, any>;
  responses?: Record<string, any>;
  parameters?: Record<string, any>;
  examples?: Record<string, any>;
  requestBodies?: Record<string, any>;
  headers?: Record<string, any>;
  securitySchemes?: Record<string, any>;
  links?: Record<string, any>;
  callbacks?: Record<string, any>;
};

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment