[Proposal] Use swagger-codegen to generate wrapper api

[edersonbrilhante]

Description

I am using [swagger-codegen] (https://github.com/swagger-api/swagger-codegen) to generate a better mirror of defectdojo API.

This way it is not needed to add manually new paths, actions, payload, etc It is needed just to run swagger-codegen using the latest version of swagger file provided by defectdojo in /api/v2/doc/?format=openapi

Example

Here is my project running with this purpose https://github.com/William-Hill-Online/defectdojo-api-swagger

[valentijnscholten]

I think it's a great idea, but haven't looked yet into the details if it supports all operations. Not sure if everything is in the swagger spec. I remember when browsing the swagger docs on defect dojo some api features are not there.

[edersonbrilhante]

Indeed, but I downloaded with curl using token in headers, so I got details that was not available with the browser

curl -X GET  '<endpoint>/api/v2/doc/?format=openapi'  -H 'Authorization: Token<token>' 

[edersonbrilhante]

If the swagger is well configured in django-DefectDojo/dojo/api_v2/views.py I think it will not be a problem.

I saw some methods(@action) in ViewSet without swagger_auto_schema, so there are responses and request_bodys wrong. Example: api/v2/finding/ = are ok api/v2/finding//notes/ = are wrong We fixing that, I think all operations will work

[edersonbrilhante]

Hi @valentijnscholten I fixed here https://github.com/DefectDojo/django-DefectDojo/pull/2488

[alles-klar]

I created a similar project a while ago: https://github.com/alles-klar/defectdojo-api-v2-client. Generally it works fine but there are some bugs in the defectdojo swagger documentation. So for a stable api client we need to write a lot of tests. @edersonbrilhante do you have an idea how to automatically generate tests?

[edersonbrilhante]

@alles-klar My PR fixing some bugs defectdojo swagger documentation was merged to dev. I am not sure about these tests.