From fc251c2c6053f25dd4093344e99d532f18259c20 Mon Sep 17 00:00:00 2001
From: Mohammed Rizwan <y.mohdriz@gmail.com>
Date: Tue, 2 Nov 2021 11:23:53 +0530
Subject: [PATCH 1/3] Fix for issue 1601

Parser does not validate GET request with request body
---
 .../v3/parser/util/OpenAPIDeserializer.java   | 19 ++++--
 .../v3/parser/test/OpenAPIV3ParserTest.java   |  8 +++
 .../src/test/resources/issue-1601.yaml        | 65 +++++++++++++++++++
 3 files changed, 86 insertions(+), 6 deletions(-)
 create mode 100644 modules/swagger-parser-v3/src/test/resources/issue-1601.yaml

diff --git a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java
index 14f7198339..1c6814350c 100644
--- a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java
+++ b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java
@@ -737,7 +737,7 @@ public PathItem getPathItem(ObjectNode obj, String location, ParseResult result)
 
 		ObjectNode node = getObject("get", obj, false, location, result);
 		if (node != null) {
-			Operation operation = getOperation(node, location + "(get)", result);
+			Operation operation = getOperation(node, location + "(get)", result, true);
 			if (operation != null) {
 				pathItem.setGet(operation);
 			}
@@ -758,14 +758,14 @@ public PathItem getPathItem(ObjectNode obj, String location, ParseResult result)
 		}
 		node = getObject("head", obj, false, location, result);
 		if (node != null) {
-			Operation operation = getOperation(node, location + "(head)", result);
+			Operation operation = getOperation(node, location + "(head)", result, true);
 			if (operation != null) {
 				pathItem.setHead(operation);
 			}
 		}
 		node = getObject("delete", obj, false, location, result);
 		if (node != null) {
-			Operation operation = getOperation(node, location + "(delete)", result);
+			Operation operation = getOperation(node, location + "(delete)", result, true);
 			if (operation != null) {
 				pathItem.setDelete(operation);
 			}
@@ -2905,8 +2905,11 @@ public List<String> getTagsStrings(ArrayNode nodes, String location, ParseResult
 		return tags;
 	}
 
-
 	public Operation getOperation(ObjectNode obj, String location, ParseResult result) {
+		return getOperation(obj, location, result, false);
+	}
+
+	public Operation getOperation(ObjectNode obj, String location, ParseResult result, boolean ignoreRequestBody) {
 		if (obj == null) {
 			return null;
 		}
@@ -2946,8 +2949,12 @@ public Operation getOperation(ObjectNode obj, String location, ParseResult resul
 
 		final ObjectNode requestObjectNode = getObject("requestBody", obj, false, location, result);
 		if (requestObjectNode != null) {
-			operation.setRequestBody(getRequestBody(requestObjectNode, String.format("%s.%s", location,
-					"requestBody"), result));
+			if (ignoreRequestBody) {
+				result.warning(location, " is no longer allowed to have request body because it does not have defined semantics as per RFC 7231");
+			} else {
+				operation.setRequestBody(getRequestBody(requestObjectNode, String.format("%s.%s", location,
+						"requestBody"), result));
+			}
 		}
 
 		ObjectNode responsesNode = getObject("responses", obj, true, location, result);
diff --git a/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java b/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
index bb902ea029..9b409d5f25 100644
--- a/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
+++ b/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
@@ -2914,4 +2914,12 @@ public void testIssue1540() throws Exception{
         Assert.assertNotNull(testPutExtensions.get("x-order"));
         Assert.assertEquals((String)testPutExtensions.get("x-order"),"2147483647");
     }
+
+    @Test
+    public void testIssue1601() {
+        SwaggerParseResult result = new OpenAPIV3Parser().readLocation("src/test/resources/issue-1601.yaml", null, null);
+        List<String> messages = result.getMessages();
+        Assert.assertEquals(messages.get(0), "attribute paths.'/inventory'(get). is no longer allowed to have request body because it does not have defined semantics as per RFC 7231");
+        Assert.assertEquals(messages.size(), 1);
+    }
 }
diff --git a/modules/swagger-parser-v3/src/test/resources/issue-1601.yaml b/modules/swagger-parser-v3/src/test/resources/issue-1601.yaml
new file mode 100644
index 0000000000..ae324666c9
--- /dev/null
+++ b/modules/swagger-parser-v3/src/test/resources/issue-1601.yaml
@@ -0,0 +1,65 @@
+openapi: 3.0.3
+info:
+  description: This is a simple API
+  version: "1.0.0"
+  title: Simple Inventory API
+  contact:
+    email: you@your-company.com
+  license:
+    name: Apache 2.0
+    url: 'http://www.apache.org/licenses/LICENSE-2.0.html'
+paths:
+  /inventory:
+    get:
+      tags:
+        - admins
+      summary: adds an inventory item
+      operationId: addInventory
+      description: Adds an item to the system
+      responses:
+        '201':
+          description: item created
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/InventoryItem'
+        description: Inventory item to add
+components:
+  schemas:
+    InventoryItem:
+      type: object
+      required:
+        - id
+        - name
+        - manufacturer
+        - releaseDate
+      properties:
+        id:
+          type: string
+          format: uuid
+          example: d290f1ee-6c54-4b01-90e6-d701748f0851
+        name:
+          type: string
+          example: Widget Adapter
+        releaseDate:
+          type: string
+          format: date-time
+          example: '2016-08-29T09:12:33.001Z'
+        manufacturer:
+          $ref: '#/components/schemas/Manufacturer'
+    Manufacturer:
+      required:
+        - name
+      properties:
+        name:
+          type: string
+          example: ACME Corporation
+        homePage:
+          type: string
+          format: url
+          example: 'https://www.acme-corp.com'
+        phone:
+          type: string
+          example: 408-867-5309
+      type: object
\ No newline at end of file

From 4c77911fbb31f094193cb5c23edb8885308b901a Mon Sep 17 00:00:00 2001
From: Mohammed Rizwan <y.mohdriz@gmail.com>
Date: Tue, 2 Nov 2021 11:39:17 +0530
Subject: [PATCH 2/3] Backward compatibility

---
 .../java/io/swagger/v3/parser/util/OpenAPIDeserializer.java  | 5 ++---
 .../java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java  | 1 +
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java
index 1c6814350c..14e2e0b3e6 100644
--- a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java
+++ b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/OpenAPIDeserializer.java
@@ -2951,10 +2951,9 @@ public Operation getOperation(ObjectNode obj, String location, ParseResult resul
 		if (requestObjectNode != null) {
 			if (ignoreRequestBody) {
 				result.warning(location, " is no longer allowed to have request body because it does not have defined semantics as per RFC 7231");
-			} else {
-				operation.setRequestBody(getRequestBody(requestObjectNode, String.format("%s.%s", location,
-						"requestBody"), result));
 			}
+			operation.setRequestBody(getRequestBody(requestObjectNode, String.format("%s.%s", location,
+						"requestBody"), result));
 		}
 
 		ObjectNode responsesNode = getObject("responses", obj, true, location, result);
diff --git a/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java b/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
index 9b409d5f25..08900ec363 100644
--- a/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
+++ b/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
@@ -2921,5 +2921,6 @@ public void testIssue1601() {
         List<String> messages = result.getMessages();
         Assert.assertEquals(messages.get(0), "attribute paths.'/inventory'(get). is no longer allowed to have request body because it does not have defined semantics as per RFC 7231");
         Assert.assertEquals(messages.size(), 1);
+        Assert.assertNotNull(result.getOpenAPI().getPaths().get("/inventory").getGet().getRequestBody());
     }
 }

From 3979a4ff400f5cd6681570b6bb35474e7dad9db3 Mon Sep 17 00:00:00 2001
From: Mohammed Rizwan <y.mohdriz@gmail.com>
Date: Tue, 2 Nov 2021 12:03:00 +0530
Subject: [PATCH 3/3] Fixing test issue

---
 .../java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java b/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
index 08900ec363..5bafa7aa3b 100644
--- a/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
+++ b/modules/swagger-parser-v3/src/test/java/io/swagger/v3/parser/test/OpenAPIV3ParserTest.java
@@ -1572,7 +1572,7 @@ public void testPetstore() throws Exception {
         SwaggerParseResult result = parser.readLocation("src/test/resources/petstore.yaml", null, options);
 
         assertNotNull(result);
-        assertTrue(result.getMessages().size()==2);
+        assertTrue(result.getMessages().size()==3);
 
         OpenAPI openAPI = result.getOpenAPI();
         Map<String, Schema> definitions = openAPI.getComponents().getSchemas();