@Test public void dontAllowSecurityElementsInUnsecured() throws Exception { assertOneRequestViolationThat( test( local, get("/unsec").param("access_token", "bla").header("Authorization2", "blu"), response(200, "", null)), equalTo("Header 'Authorization2' on action(GET /unsec) is not defined")); }
@Test public void undefinedResourceSecuritySchema() throws Exception { assertOneRequestViolationThat( test(undef, get("/sec"), response(200, "", null)), equalTo("Security Scheme 'c' on resource(/sec) is not defined")); }
@Test public void undefinedGlobalSecuritySchema() throws Exception { assertOneRequestViolationThat( test(undef, get("/unsec"), response(200, "", null)), equalTo("Security Scheme 'b' on Root definition is not defined")); }
@Test public void undefinedActionSecuritySchema() throws Exception { assertOneRequestViolationThat( test(undef, post("/sec"), response(200, "", null)), equalTo("Security Scheme 'd' on action(POST /sec) is not defined")); }