fix: OpenAPI schema improvements and test suite updates#121
Merged
Conversation
…iance - Add missing security_boundary field to MinimalCell schema example - Fix integration test symlink to point to correct OpenAPI spec location - Update OAuth userinfo test to validate OIDC-compliant response with 'sub' field Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The clean-files target now kills any running CATS processes before attempting to remove test/outputs/cats directory. This prevents "Directory not empty" errors that occur when CATS is actively writing files during cleanup. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Regenerated api/api.go from updated OpenAPI specification - Updated test/integration go.mod and go.sum Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add null to token_type_hint enum for proper nullable enum handling - Add 400 response to GET /me/preferences and POST /me/logout - Add requestBody descriptions to POST/PUT /me/preferences - Add ThreatModel examples to POST/GET/PUT/PATCH responses - Fix JsonPatchDocument value property with oneOf types and maxItems Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add comprehensive input validation for /me/client_credentials endpoint to reject zero-width chars, control chars, and problematic Unicode, converting 500 errors to 400 Bad Request responses - Add input validation for /oauth2/revoke endpoint including token_type_hint enum validation per RFC 7009 - Add OpenAPI vendor extensions (x-skip-deleted-resource-check, x-skip-idor-check) to mark endpoints with expected behaviors - Update CATS fuzzer config to skip false positive fuzzers on marked endpoints Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add comprehensive documentation of CATS fuzzer issues discovered during API security testing, organized by severity and endpoint. Includes analysis of false positives vs genuine issues and recommendations for fixes. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add ServiceUnavailable response component and 503 responses to endpoints that depend on external services (auth, database, cache): - OAuth endpoints (/oauth2/*) - OIDC discovery endpoints (/.well-known/*) - Webhook endpoints (/webhooks/*) - Client credentials endpoints (/me/client_credentials/*) - User profile endpoints (/me) The ServiceUnavailable response includes: - Retry-After header for client retry guidance - Standard rate limit headers - Example responses for different failure scenarios Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Change user identity/authentication errors from 500 to 401 - Change UUID parse failures in auth context to 401 - Change service not initialized errors to 503 - Change feature not supported errors to 501 - Add NotImplementedError() and ServiceUnavailableError() helpers - Add Retry-After header for 503 responses - Update tests to expect correct status codes Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove 50+ unused handler methods from main.Server struct that were never called. The routing uses api.Server via RegisterHandlersWithOptions, making these duplicate methods dead code. All endpoints are already fully implemented in api/server.go and the respective handler files. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add 8 filtering parameters already documented in OpenAPI spec: - owner: partial match on owner email/display name - name: partial match on threat model name - description: partial match on description - issue_uri: partial match on issue URI - created_after/before: date range filtering on created_at - modified_after/before: date range filtering on modified_at All string filters are case-insensitive. Filters combine with AND logic and work alongside existing pagination (limit/offset) and authorization. Closes #56 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Patch updates: - alicebob/miniredis/v2: 2.36.0 → 2.36.1 - bytedance/sonic: 1.14.2 → 1.15.0 - bytedance/sonic/loader: 0.4.0 → 0.5.0 - Azure/azure-sdk-for-go/sdk/internal: 1.11.1 → 1.11.2 Minor updates: - microcosm-cc/bluemonday: 1.0.25 → 1.0.27 (fixes retracted version) - Azure/azure-sdk-for-go/sdk/azcore: 1.18.1 → 1.21.0 - Azure/azure-sdk-for-go/sdk/azidentity: 1.10.1 → 1.13.1 - Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys: 1.3.1 → 1.4.0 - AzureAD/microsoft-authentication-library-for-go: 1.4.2 → 1.6.0 - golang.org/x/time: 0.5.0 → 0.14.0 - gorilla/securecookie: 1.1.1 → 1.1.2 - gorilla/sessions: 1.2.1 → 1.4.0 - onsi/gomega: 1.18.1 → 1.39.0 - labstack/echo/v4: 4.11.4 → 4.15.0 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
…hema - Add strict JSON binding to /me/client_credentials endpoint to reject unknown fields, preventing mass assignment vulnerabilities - Add strict JSON/form binding to /oauth2/revoke endpoint with field allowlist validation for both content types - Fix diagram_crud_test.go to use correct field name "type" instead of "diagram_type" - Fix integration test framework client.go to send correct Content-Type for PATCH requests (application/json-patch+json) - Fix schema_loader.go to find project root by looking for api-schema directory instead of go.mod - Add new integration tests for client_credentials, documents, assets, webhooks, and addons endpoints - Update CLAUDE.md with CATS output locations documentation - Fix OpenAPI schema issues: JsonPatchDocument array items, timestamp maxLength, ThreatModelBase additionalProperties Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add environment variable and config file support for database connection pool tuning: - DB_MAX_OPEN_CONNS (default: 10) - DB_MAX_IDLE_CONNS (default: 2) - DB_CONN_MAX_LIFETIME (default: 240 seconds) - DB_CONN_MAX_IDLE_TIME (default: 30 seconds) Also configurable via config.yml under database.connection_pool section. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add legacy table names to drop-oracle-tables.go whitelist (WEBHOOK_URL_DENY_LIST, REFRESH_TOKENS, USER_PREFERENCES) - Handle Oracle duplicate key errors in cats-seed admin grant - Add --maxRequestsPerMinute rate limiting to CATS fuzzing script (default: 3000 = 50 req/sec) to prevent overwhelming slower backends Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Regenerated api/api.go from OpenAPI specification. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Dockerfile referenced a non-existent /app/auth/migrations directory. TMI uses GORM AutoMigrate for database migrations (schema defined in Go code), not SQL file-based migrations. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Oracle FK constraint error detection in request_utils.go - Fix PATCH /admin/users error handling for wrapped errors - Enhance OAuth2 revoke strict JSON binding to detect duplicate keys and trailing garbage - Add false positive rules for CheckDeletedResourcesNotAvailable on list endpoints and RemoveFields on oneOf endpoints Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add empty string check before calling uuid.MustParse to prevent panic when ThreatModelID is an empty string (not nil). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan
make test-unitto verify unit tests passmake test-integrationto verify integration tests passmake cats-fuzzto verify CATS security fuzzing passesmake lintto verify no linting issues🤖 Generated with Claude Code