Merge pull request #919 from swagger-api/issue-917

added form data, multipart tests

Author: fehguy

browser/swagger-client.js

@@ -571,12 +571,17 @@ Operation.prototype.getBody = function (headers, args) {
   for (var i = 0; i < this.parameters.length; i++) {
     param = this.parameters[i];
     if (typeof args[param.name] !== 'undefined') {
+      var isPassword;
+      if(param.type === 'string' && param.format === 'password') {
+        isPassword = 'password';
+      }
       if (param.in === 'body') {
         body = args[param.name];
       } else if (param.in === 'formData') {
         formParams[param.name] = {
           param: param,
-          value: args[param.name]
+          value: args[param.name],
+          password: isPassword
         };
         hasFormParams = true;
       }
@@ -608,20 +613,21 @@ Operation.prototype.getBody = function (headers, args) {
     for (key in formParams) {
       param = formParams[key].param;
       value = formParams[key].value;
+      var password = formParams[key].password;
 
       if (typeof value !== 'undefined') {
         if (Array.isArray(value)) {
           if (encoded !== '') {
             encoded += '&';
           }
-          encoded += this.encodeQueryCollection(param.collectionFormat, key, value);
+          encoded += this.encodeQueryCollection(param.collectionFormat, key, value, password);
         }
         else {
           if (encoded !== '') {
             encoded += '&';
           }
 
-          encoded += encodeURIComponent(key) + '=' + encodeURIComponent(value);
+          encoded += encodeURIComponent(key) + '=' + mask(encodeURIComponent(value), password);
         }
       }
     }
@@ -1153,7 +1159,7 @@ Operation.prototype.encodePathCollection = function (type, name, value, maskPass
   return encoded;
 };
 
-Operation.prototype.encodeQueryCollection = function (type, name, value) {
+Operation.prototype.encodeQueryCollection = function (type, name, value, maskPasswords) {
   var encoded = '';
   var i;
 
@@ -1162,7 +1168,7 @@ Operation.prototype.encodeQueryCollection = function (type, name, value) {
     for (i = 0; i < value.length; i++) {
       if (i > 0) {encoded += '&';}
 
-      encoded += this.encodeQueryKey(name) + '=' + this.encodeQueryParam(value[i]);
+      encoded += this.encodeQueryKey(name) + '=' + mask(this.encodeQueryParam(value[i]), maskPasswords);
     }
   } else {
     var separator = '';
@@ -1180,8 +1186,7 @@ Operation.prototype.encodeQueryCollection = function (type, name, value) {
         if (i !== 0) {
           encoded += '&';
         }
-
-        encoded += this.encodeQueryKey(name) + '[]=' + this.encodeQueryParam(value[i]);
+        encoded += this.encodeQueryKey(name) + '[]=' + mask(this.encodeQueryParam(value[i]), maskPasswords);
       }
     }
 

browser/swagger-client.min.js

@@ -460,6 +460,74 @@ describe('help options', function () {
     });
   });
 
+  it('shows curl for multipart/form-data with password masking', function (done) {
+    var spec = {
+      basePath: '/v2',
+      paths: {
+        '/test': {
+          post: {
+            tags: [ 'test' ],
+            operationId: 'sample',
+            consumes: ['multipart/form-data'],
+            parameters: [
+              {
+                in: 'query',
+                name: 'password',
+                type: 'string',
+                format: 'password',
+                required: true
+              }
+            ]
+          }
+        }
+      }
+    };
+
+    var client = new SwaggerClient({
+      url: 'http://petstore.swagger.io/v2/swagger.json',
+      spec: spec,
+      success: function () {
+        var msg = client.test.sample.asCurl({password: 'hidden!'});
+        expect(msg).toBe('curl -X POST --header \'Content-Type: multipart/form-data\' --header \'Accept: application/json\' {} \'http://petstore.swagger.io/v2/test?password=******\'');
+
+        done();
+      }
+    });
+  });
+
+  it('masks www-form-urlencoded passwords', function (done) {
+    var spec = {
+      paths: {
+        '/foo': {
+          delete: {
+            tags: [ 'test' ],
+            operationId: 'sample',
+            consumes: [ 'application/x-www-form-urlencoded' ],
+            parameters: [
+              {
+                in: 'formData',
+                name: 'password',
+                type: 'string',
+                format: 'password'
+              }
+            ]
+          }
+        }
+      }
+    };
+
+    var client = new SwaggerClient({
+      url: 'http://localhost:8080/petstore.yaml',
+      spec: spec,
+      success: function () {
+        var msg = client.test.sample.asCurl({password: 'hidden!'});
+        expect(msg).toBe('curl -X DELETE --header \'Content-Type: application/x-www-form-urlencoded\' --header \'Accept: application/json\' -d \'password=******\' \'http://localhost:8080/foo\'');
+        done();
+      }
+    });
+  });
+
+
   it('shows curl for multipart/form-data', function (done) {
     var spec = {
       basePath: '/v2',