-
Notifications
You must be signed in to change notification settings - Fork 283
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(plugin-ledger-connector-quorum): OpenAPI spec validation missing from plugin REST endpoints #1286
Labels
bug
Something isn't working
Comments
elenaizaguirre
added a commit
to elenaizaguirre/cactus
that referenced
this issue
Aug 31, 2021
add missing validation for quorum plugin rest endpoints Closes: hyperledger-cacti#1286 Signed-off-by: Elena Izaguirre <e.izaguirre.equiza@accenture.com>
elenaizaguirre
added a commit
to elenaizaguirre/cactus
that referenced
this issue
Sep 1, 2021
add missing validation for quorum plugin rest endpoints Closes: hyperledger-cacti#1286 Signed-off-by: Elena Izaguirre <e.izaguirre.equiza@accenture.com>
Working on this! |
elenaizaguirre
added a commit
to elenaizaguirre/cactus
that referenced
this issue
Sep 2, 2021
add missing validation for quorum plugin rest endpoints Closes: hyperledger-cacti#1286 Signed-off-by: Elena Izaguirre <e.izaguirre.equiza@accenture.com>
elenaizaguirre
added a commit
to elenaizaguirre/cactus
that referenced
this issue
Sep 14, 2021
Includes tests for endpoints deployContractSolBytecodeV1, invokeContractV1 and runTransactionV1, each of them with test cases: - Right request - Request including an invalid parameter - Request without a required parameter Closes hyperledger-cacti#1286 Relationed with hyperledger-cacti#847 Signed-off-by: Elena Izaguirre <e.izaguirre.equiza@accenture.com>
petermetz
pushed a commit
that referenced
this issue
Sep 16, 2021
Includes tests for endpoints deployContractSolBytecodeV1, invokeContractV1 and runTransactionV1, each of them with test cases: - Right request - Request including an invalid parameter - Request without a required parameter Closes #1286 Relationed with #847 Signed-off-by: Elena Izaguirre <e.izaguirre.equiza@accenture.com>
brioux
pushed a commit
to brioux/cactus
that referenced
this issue
Oct 4, 2021
Includes tests for endpoints deployContractSolBytecodeV1, invokeContractV1 and runTransactionV1, each of them with test cases: - Right request - Request including an invalid parameter - Request without a required parameter Closes hyperledger-cacti#1286 Relationed with hyperledger-cacti#847 Signed-off-by: Elena Izaguirre <e.izaguirre.equiza@accenture.com>
RafaelAPB
pushed a commit
to RafaelAPB/blockchain-integration-framework
that referenced
this issue
Mar 9, 2022
Includes tests for endpoints deployContractSolBytecodeV1, invokeContractV1 and runTransactionV1, each of them with test cases: - Right request - Request including an invalid parameter - Request without a required parameter Closes hyperledger-cacti#1286 Relationed with hyperledger-cacti#847 Signed-off-by: Elena Izaguirre <e.izaguirre.equiza@accenture.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Right now the constraints we define for request/response objects are not checked when a request comes in.
To Reproduce
Send an invalid request to some plugin endpoint that is invalid in a certain way and watch how it crashes the plugin resulting in internal server error vs. bad request.
Expected behavior
Fail with bad request even before the plugin's back-end code is reached if a request is sent that does not comply with the open api specs defined for that endpoint.
Logs/Stack traces
N/A
Screenshots
N/A
Cloud provider or hardware configuration:
N/A
Operating system name, version, build:
N/A
Hyperledger Cactus release version or commit (git rev-parse --short HEAD):
main
Hyperledger Cactus Plugins/Connectors Used
Quorum
Additional context
The interface of the web service plugins should be extended with a getOpenApiSpecs() method that returns an OpenAPI v3 spec document (see the openapi-types package)
Then the api-server calls up this method when it's installing the web services of the plugin, obtains the open api specs and creates a validator instance from it.
The text was updated successfully, but these errors were encountered: