-
-
Notifications
You must be signed in to change notification settings - Fork 32
/
Copy pathvalidate_json_test.go
65 lines (53 loc) · 1.9 KB
/
validate_json_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
// This file is part of CycloneDX Go
//
// Licensed under the Apache License, Version 2.0 (the “License”);
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an “AS IS” BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0
// Copyright (c) OWASP Foundation. All Rights Reserved.
package cyclonedx
import (
"errors"
"fmt"
"github.com/xeipuuv/gojsonschema"
)
var jsonSchemaFiles = map[SpecVersion]string{
SpecVersion1_2: "file://./schema/bom-1.2.schema.json",
SpecVersion1_3: "file://./schema/bom-1.3.schema.json",
SpecVersion1_4: "file://./schema/bom-1.4.schema.json",
SpecVersion1_5: "file://./schema/bom-1.5.schema.json",
SpecVersion1_6: "file://./schema/bom-1.6.schema.json",
}
type jsonValidator struct{}
func newJSONValidator() validator {
return &jsonValidator{}
}
func (jv jsonValidator) Validate(bom []byte, specVersion SpecVersion) error {
schemaFilePath, ok := jsonSchemaFiles[specVersion]
if !ok {
return fmt.Errorf("no json schema known for spec version %s", specVersion)
}
schemaLoader := gojsonschema.NewReferenceLoader(schemaFilePath)
documentLoader := gojsonschema.NewBytesLoader(bom)
result, err := gojsonschema.Validate(schemaLoader, documentLoader)
if err != nil {
return fmt.Errorf("failed to validate: %w", err)
}
if result.Valid() {
return nil
}
errSummary := fmt.Sprintf("encountered %d validation errors:", len(result.Errors()))
for _, verr := range result.Errors() {
errSummary += fmt.Sprintf("\n - %s", verr.String())
}
return errors.New(errSummary)
}