From eb340d1ceafadc59b3e7902a1ec664a4d6f84087 Mon Sep 17 00:00:00 2001 From: Ruben Fonseca Date: Tue, 9 Jan 2024 13:31:34 +0100 Subject: [PATCH 1/2] fix(event_handler): escape OpenAPI schema on Swagger UI --- .../event_handler/openapi/swagger_ui/html.py | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/aws_lambda_powertools/event_handler/openapi/swagger_ui/html.py b/aws_lambda_powertools/event_handler/openapi/swagger_ui/html.py index d8ffb0efa19..8ed0f778873 100644 --- a/aws_lambda_powertools/event_handler/openapi/swagger_ui/html.py +++ b/aws_lambda_powertools/event_handler/openapi/swagger_ui/html.py @@ -1,3 +1,6 @@ +import json + + def generate_swagger_html(spec: str, js_url: str, css_url: str) -> str: """ Generate Swagger UI HTML page @@ -11,6 +14,12 @@ def generate_swagger_html(spec: str, js_url: str, css_url: str) -> str: css_url: str The URL to the Swagger UI CSS file """ + + # The .replace(' or similar tags. Escaping the forward slash in @@ -41,9 +50,7 @@ def generate_swagger_html(spec: str, js_url: str, css_url: str) -> str: layout: "BaseLayout", showExtensions: true, showCommonExtensions: true, - spec: JSON.parse(` - {spec} - `.trim()), + spec: {escaped_spec}, presets: [ SwaggerUIBundle.presets.apis, SwaggerUIBundle.SwaggerUIStandalonePreset From 091308ba168c34b1d6baddcf48d9f1117d90950b Mon Sep 17 00:00:00 2001 From: Ruben Fonseca Date: Tue, 9 Jan 2024 13:54:33 +0100 Subject: [PATCH 2/2] fix: avoid the json loads/dumps --- .../event_handler/api_gateway.py | 2 +- .../event_handler/openapi/swagger_ui/html.py | 20 ++++++++++++++----- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/aws_lambda_powertools/event_handler/api_gateway.py b/aws_lambda_powertools/event_handler/api_gateway.py index 79e194e3719..70c10596463 100644 --- a/aws_lambda_powertools/event_handler/api_gateway.py +++ b/aws_lambda_powertools/event_handler/api_gateway.py @@ -1627,7 +1627,7 @@ def swagger_handler(): openapi_servers = servers or [Server(url=(base_path or "/"))] - spec = self.get_openapi_json_schema( + spec = self.get_openapi_schema( title=title, version=version, openapi_version=openapi_version, diff --git a/aws_lambda_powertools/event_handler/openapi/swagger_ui/html.py b/aws_lambda_powertools/event_handler/openapi/swagger_ui/html.py index 8ed0f778873..0868dc487f4 100644 --- a/aws_lambda_powertools/event_handler/openapi/swagger_ui/html.py +++ b/aws_lambda_powertools/event_handler/openapi/swagger_ui/html.py @@ -1,24 +1,34 @@ -import json +from typing import TYPE_CHECKING +if TYPE_CHECKING: + from aws_lambda_powertools.event_handler.openapi.models import OpenAPI -def generate_swagger_html(spec: str, js_url: str, css_url: str) -> str: + +def generate_swagger_html(spec: "OpenAPI", js_url: str, css_url: str) -> str: """ Generate Swagger UI HTML page Parameters ---------- - spec: str - The OpenAPI spec in the JSON format + spec: OpenAPI + The OpenAPI spec js_url: str The URL to the Swagger UI JavaScript file css_url: str The URL to the Swagger UI CSS file """ + from aws_lambda_powertools.event_handler.openapi.compat import model_json + # The .replace(' or similar tags. Escaping the forward slash in