Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validator does not seem to validate against OpenAPI 3.0 schema #105

Closed
holitics opened this issue Feb 8, 2020 · 4 comments · Fixed by PayU/api-schema-builder#46
Closed

Validator does not seem to validate against OpenAPI 3.0 schema #105

holitics opened this issue Feb 8, 2020 · 4 comments · Fixed by PayU/api-schema-builder#46

Comments

@holitics
Copy link

holitics commented Feb 8, 2020

If I specify the "basePath" parameter (from v2) in my schema, it will validate correctly (but then my schema is not valid according to the OpenAPI 3.x specification). If I remove the "basePath" parameter from the schema, it will not validate. If I add the "servers" parameter with the url value according to OpenAPI 3.0, it seems to ignore it and will not validate.

e.g. (this works):

basePath: /api/v1/node-api-data

e.g. (this does not work):

servers:
- url: /api/v1/node-api-data
@kobik
Copy link
Collaborator

kobik commented Feb 9, 2020

Hi @holitics,

Thanks for reporting this.
Just to make sure I understand, you expect the package to validate your schema when loading?

@holitics
Copy link
Author

holitics commented Feb 9, 2020 via email

@tamlyn
Copy link

tamlyn commented Mar 17, 2020

I have encountered the same bug.

The problem is that the api-schema-builder package support's Swagger 2's basepath property but not OpenAPI 3's equivalent servers property. This means if your API has a base path, the request paths don't match and no validation occurs.

Here's a naive fix that only works if you have a single entry in your servers (which is our case). A proper solution would probably need to match against multiple servers and take into account the fact that the url property can be a full URL, not just a path.

Index: src/index.js
<+>UTF-8
===================================================================
--- src/index.js	(revision 1ad8ddd979fa84da1f4f13e2d6b46888e430a44c)
+++ src/index.js	(date 1584466506568)
@@ -38,10 +38,13 @@
     const options = getOptions(receivedOptions);
 
     const schemas = {};
+
+    const basePath = dereferenced.basePath ||
+        (dereferenced.servers && dereferenced.servers.length && dereferenced.servers[0].url) ||
+        '/';
     Object.keys(dereferenced.paths).forEach(function (currentPath) {
-        const parsedPath = dereferenced.basePath && dereferenced.basePath !== '/'
-            ? dereferenced.basePath.concat(currentPath.replace(/{/g, ':').replace(/}/g, ''))
-            : currentPath.replace(/{/g, ':').replace(/}/g, '');
+        const fullPath = basePath !== '/' ? basePath.concat(currentPath) : currentPath;
+        const parsedPath = fullPath.replace(/{/g, ':').replace(/}/g, '');
         schemas[parsedPath] = {};
         Object.keys(dereferenced.paths[currentPath])
             .filter(function (parameter) { return parameter !== 'parameters' })

@kobik
Copy link
Collaborator

kobik commented Apr 13, 2020

Hi guys, sorry for missing your answers.

@tamlyn, i guess you're referring to a subset of the issue reported by @holitics, but anyway PR are more than welcomed.

@holitics, this behavior can be made configurable. but we need to think carefully on this feature as we might want to allow blacklist or whitelist specific endpoints in this validation.

@tamlyn tamlyn mentioned this issue Apr 15, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support for servers and base path in OAS 3 tamlyn/api-schema-builder
3 participants
@tamlyn @kobik @holitics