Merge pull request #999 from swagger-api/ticket-998

ref #998 - limit YAML input

Author: frantuma

modules/swagger-parser/pom.xml

@@ -28,23 +28,38 @@
         </profile>
     </profiles>
     <dependencies>
+        <dependency>
+            <groupId>io.swagger</groupId>
+            <artifactId>swagger-core</artifactId>
+            <version>${swagger-core-version}</version>
+        </dependency>
         <dependency>
             <groupId>org.testng</groupId>
             <artifactId>testng</artifactId>
             <version>${testng-version}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-ext</artifactId>
+            <version>${slf4j-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>${slf4j-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>commons-io</groupId>
+            <artifactId>commons-io</artifactId>
+            <version>${commons-io-version}</version>
+        </dependency>
         <dependency>
             <groupId>org.jmockit</groupId>
             <artifactId>jmockit</artifactId>
             <version>${jmockit-version}</version>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>io.swagger</groupId>
-            <artifactId>swagger-core</artifactId>
-            <version>${swagger-core-version}</version>
-        </dependency>
         <dependency>
             <groupId>${project.parent.groupId}</groupId>
             <artifactId>swagger-core</artifactId>
@@ -58,21 +73,6 @@
             <version>${junit-version}</version>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-ext</artifactId>
-            <version>${slf4j-version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
-            <version>${slf4j-version}</version>
-        </dependency>
-        <dependency>
-            <groupId>commons-io</groupId>
-            <artifactId>commons-io</artifactId>
-            <version>${commons-io-version}</version>
-        </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-simple</artifactId>

modules/swagger-parser/src/main/java/io/swagger/parser/ResolverCache.java

@@ -129,7 +129,7 @@ else if(rootPath != null) {
         }
 
         //a definition path is defined, meaning we need to "dig down" through the JSON tree and get the desired entity
-        JsonNode tree = DeserializationUtils.deserializeIntoTree(contents, file);
+        JsonNode tree = deserialize(contents, file);
 
         String[] jsonPathElements = definitionPath.split("/");
         for (String jsonPathElement : jsonPathElements) {
@@ -155,6 +155,10 @@ else if(rootPath != null) {
         return result;
     }
 
+    protected JsonNode deserialize(String contents, String file) {
+        return DeserializationUtils.deserializeIntoTree(contents, file);
+    }
+
     protected <T> void updateLocalRefs(String file, T result) {
         if(result instanceof Response) {
             Response response = (Response) result;

modules/swagger-parser/src/main/java/io/swagger/parser/Swagger20Parser.java

@@ -61,7 +61,7 @@ public SwaggerDeserializationResult readWithInfo(String location, List<Authoriza
                 ObjectMapper mapper = Json.mapper();
                 rootNode = mapper.readTree(data);
             } else {
-                rootNode = DeserializationUtils.readYamlTree(data);
+                rootNode = deserializeYaml(data);
             }
             return readWithInfo(rootNode);
         }
@@ -79,6 +79,10 @@ public SwaggerDeserializationResult readWithInfo(String location, List<Authoriza
         }
     }
 
+    protected JsonNode deserializeYaml(String data) throws IOException{
+        return DeserializationUtils.readYamlTree(data);
+    }
+
     @Override
     public Swagger read(String location, List<AuthorizationValue> auths) throws IOException {
         LOGGER.info("reading from " + location);
@@ -118,7 +122,7 @@ private Swagger convertToSwagger(String data) throws IOException {
                 ObjectMapper mapper = Json.mapper();
                 rootNode = mapper.readTree(data);
             } else {
-                rootNode = DeserializationUtils.readYamlTree(data);
+                rootNode = deserializeYaml(data);
             }
 
             if (System.getProperty("debugParser") != null) {

modules/swagger-parser/src/main/java/io/swagger/parser/SwaggerParser.java

@@ -94,6 +94,10 @@ public SwaggerDeserializationResult readWithInfo(String swaggerAsString) {
         return readWithInfo(swaggerAsString, Boolean.TRUE);
     }
 
+    protected JsonNode deserializeYaml(String data) throws IOException{
+        return DeserializationUtils.readYamlTree(data);
+    }
+
     public SwaggerDeserializationResult readWithInfo(String swaggerAsString, boolean resolve) {
         if (swaggerAsString == null || swaggerAsString.trim().isEmpty()) {
             return new SwaggerDeserializationResult().message("empty or null swagger supplied");
@@ -104,7 +108,7 @@ public SwaggerDeserializationResult readWithInfo(String swaggerAsString, boolean
                 ObjectMapper mapper = Json.mapper();
                 node = mapper.readTree(swaggerAsString);
             } else {
-                node = DeserializationUtils.readYamlTree(swaggerAsString);
+                node = deserializeYaml(swaggerAsString);
             }
 
             SwaggerDeserializationResult result = new Swagger20Parser().readWithInfo(node);