openapi3filter: use FileBodyDecoder if the format is specified as binary (#1088)

* use FileBodyDecoder if the format is specified as binary

* added tests

* clean up zip test

* Update openapi3filter/req_resp_decoder.go

---------

Co-authored-by: Pierre Fenoll <[email protected]>

Author: dbarrosop

openapi3filter/req_resp_decoder.go

@@ -1233,6 +1233,13 @@ var headerCT = http.CanonicalHeaderKey("Content-Type")
 
 const prefixUnsupportedCT = "unsupported content type"
 
+func isBinary(schema *openapi3.SchemaRef) bool {
+	if schema == nil || schema.Value == nil {
+		return false
+	}
+	return schema.Value.Type.Is("string") && schema.Value.Format == "binary"
+}
+
 // decodeBody returns a decoded body.
 // The function returns ParseError when a body is invalid.
 func decodeBody(body io.Reader, header http.Header, schema *openapi3.SchemaRef, encFn EncodingFn) (
@@ -1246,8 +1253,13 @@ func decodeBody(body io.Reader, header http.Header, schema *openapi3.SchemaRef,
 			contentType = "text/plain"
 		}
 	}
+
 	mediaType := parseMediaType(contentType)
 	decoder, ok := bodyDecoders[mediaType]
+	if !ok && isBinary(schema) {
+		ok, decoder = true, FileBodyDecoder
+	}
+
 	if !ok {
 		return "", nil, &ParseError{
 			Kind:   KindUnsupportedFormat,

openapi3filter/upload_arbitrary_file_test.go

@@ -0,0 +1,116 @@
+package openapi3filter_test
+
+import (
+	"bytes"
+	"context"
+	"io"
+	"mime/multipart"
+	"net/http"
+	"net/textproto"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+
+	"github.com/getkin/kin-openapi/openapi3"
+	"github.com/getkin/kin-openapi/openapi3filter"
+	"github.com/getkin/kin-openapi/routers/gorillamux"
+)
+
+func TestValidateUploadArbitraryBinaryFile(t *testing.T) {
+	const spec = `
+openapi: 3.0.0
+info:
+  title: 'Validator'
+  version: 0.0.1
+paths:
+  /test:
+    post:
+      requestBody:
+        required: true
+        content:
+          multipart/form-data:
+            schema:
+              type: object
+              required:
+                - file
+              properties:
+                file:
+                  type: string
+                  format: binary
+      responses:
+        '200':
+          description: Created
+`
+
+	loader := openapi3.NewLoader()
+	doc, err := loader.LoadFromData([]byte(spec))
+	require.NoError(t, err)
+
+	err = doc.Validate(loader.Context)
+	require.NoError(t, err)
+
+	router, err := gorillamux.NewRouter(doc)
+	require.NoError(t, err)
+
+	tests := []struct {
+		zipData []byte
+		wantErr bool
+	}{
+		{
+			[]byte{
+				0x50, 0x4b, 0x03, 0x04, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7c, 0x7d, 0x23, 0x56, 0xcd, 0xfd, 0x67, 0xf8, 0x07, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x09, 0x00, 0x1c, 0x00, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x74, 0x78, 0x74, 0x55, 0x54, 0x09, 0x00, 0x03, 0xac, 0xce, 0xb3, 0x63, 0xaf, 0xce, 0xb3, 0x63, 0x75, 0x78, 0x0b, 0x00, 0x01, 0x04, 0xf7, 0x01, 0x00, 0x00, 0x04, 0x14, 0x00, 0x00, 0x00, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x2e, 0x0a, 0x50, 0x4b, 0x01, 0x02, 0x1e, 0x03, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7c, 0x7d, 0x23, 0x56, 0xcd, 0xfd, 0x67, 0xf8, 0x07, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x09, 0x00, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xa4, 0x81, 0x00, 0x00, 0x00, 0x00, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x74, 0x78, 0x74, 0x55, 0x54, 0x05, 0x00, 0x03, 0xac, 0xce, 0xb3, 0x63, 0x75, 0x78, 0x0b, 0x00, 0x01, 0x04, 0xf7, 0x01, 0x00, 0x00, 0x04, 0x14, 0x00, 0x00, 0x00, 0x50, 0x4b, 0x05, 0x06, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x4f, 0x00, 0x00, 0x00, 0x4a, 0x00, 0x00, 0x00, 0x00, 0x00,
+			},
+			false,
+		},
+		{
+			[]byte{
+				0x50, 0x4b, 0x05, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+			}, // No entry
+			false,
+		},
+	}
+	for _, tt := range tests {
+		body := &bytes.Buffer{}
+		writer := multipart.NewWriter(body)
+
+		{ // Add file data
+			h := make(textproto.MIMEHeader)
+			h.Set("Content-Disposition", `form-data; name="file"; filename="hello.zip"`)
+			h.Set("Content-Type", "application/zip")
+
+			fw, err := writer.CreatePart(h)
+			require.NoError(t, err)
+			_, err = io.Copy(fw, bytes.NewReader(tt.zipData))
+
+			require.NoError(t, err)
+		}
+
+		writer.Close()
+
+		req, err := http.NewRequest(http.MethodPost, "/test", bytes.NewReader(body.Bytes()))
+		require.NoError(t, err)
+
+		req.Header.Set("Content-Type", writer.FormDataContentType())
+
+		route, pathParams, err := router.FindRoute(req)
+		require.NoError(t, err)
+
+		if err = openapi3filter.ValidateRequestBody(
+			context.Background(),
+			&openapi3filter.RequestValidationInput{
+				Request:    req,
+				PathParams: pathParams,
+				Route:      route,
+			},
+			route.Operation.RequestBody.Value,
+		); err != nil {
+			if !tt.wantErr {
+				t.Errorf("got %v", err)
+			}
+			continue
+		}
+		if tt.wantErr {
+			t.Errorf("want err")
+		}
+	}
+}

openapi3filter/zip_file_upload_test.go

@@ -18,6 +18,9 @@ import (
 
 func TestValidateZipFileUpload(t *testing.T) {
 	openapi3filter.RegisterBodyDecoder("application/zip", openapi3filter.ZipFileBodyDecoder)
+	t.Cleanup(func() {
+		openapi3filter.UnregisterBodyDecoder("application/zip")
+	})
 
 	const spec = `
 openapi: 3.0.0