Open
Description
I have a Postman collection from before Postman required licenses to export them. I would like to translate this into an OpenAPI format for use with Burp but it seems this tool does not account for POST routes properly. None of the post data is reflected in the OpenAPI output. From what I understand, POST data should be in the response body for OpenAPI 3.0 spec?
https://swagger.io/docs/specification/v3_0/describing-request-body/describing-request-body/
Example
python3 /opt/Openapi-Schema-Builder/openapi-schema-builder.py -i test.json -o test.openAPI
test.json
{
"info": {
"_postman_id": "8296171e-ba46-4bbe-8020-68d85a91f91b",
"name": "NAME",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Get Discovery Document",
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "https://someurl.com/.well-known/path",
"protocol": "https",
"host": [
"subdomain",
"COMPANY",
"com"
],
"path": [
".well-known",
"path"
]
}
},
"response": []
},
{
"name": "Get Bearer token",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "formdata",
"formdata": [
{
"key": "data1",
"value": "[TBD]",
"type": "text"
},
{
"key": "data2",
"value": "[bogus]",
"type": "text"
},
{
"key": "data3",
"value": "xyz",
"type": "text"
}
],
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "https://someurl.com/connect/token",
"protocol": "https",
"host": [
"subdomain",
"COMPANY",
"com"
],
"path": [
"connect",
"token"
]
}
},
"response": []
},
{
"name": "Access",
"request": {
"auth": {
"type": "bearer",
"bearer": [
{
"key": "token",
"value": "VALUE",
"type": "string"
}
]
},
"method": "POST",
"header": [],
"url": {
"raw": "https://sub.COMPANY.com/some/path",
"protocol": "https",
"host": [
"sub",
"COMPANY",
"com"
],
"path": [
"some",
"path"
]
}
},
"response": []
}
]
}
test.openAPI
{
"openapi": "3.0.0",
"info": {
"title": "NAME",
"version": "1.0.0"
},
"servers": [
{
"url": "https://someurl.com"
}
],
"paths": {
"/.well-known/path": {
"get": {
"summary": "Get Discovery Document",
"responses": {
"200": {
"description": "Successful operation"
}
}
}
},
"/connect/token": {
"post": {
"summary": "Get Bearer token",
"responses": {
"200": {
"description": "Successful operation"
}
}
}
},
"/some/path": {
"post": {
"summary": "Access",
"responses": {
"200": {
"description": "Successful operation"
}
}
}
}
}
}
Metadata
Metadata
Assignees
Labels
No labels