API Gateway请求验证器支持格式属性吗?

huangapple go评论62阅读模式
英文:

Are format attributes supported in API Gateway request validators?

问题

I've added a request validator to my API Gateway swagger file (OAS 3.0). When I test the validation by passing in an invalid request body the error message I receive includes errors that I don't understand. Steps to reproduce are below.

  1. Create a new api gateway using the following swagger:
openapi: 3.0.0
info:
  version: "1"
  title: Request Validation Example
  description: |
    ## Request Validation
    Minimal swagger to reproduce request validation errors.

x-amazon-apigateway-request-validators: 
  all:
    validateRequestBody: true
    validateRequestParameters: true
x-amazon-apigateway-gateway-responses:
  BAD_REQUEST_BODY:
    statusCode: 400
    responseTemplates:
      application/json: |
        {
          message: $context.error.messageString
          errors: $context.error.validationErrorString
        }
paths:
  /employee:
    post:
      x-amazon-apigateway-request-validator: all
      summary: Create a new Employee
      operationId: CreateEmployee
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/Employee"
        required: true
      responses:
        "201":
          description: Created
          $ref: "#/components/responses/200"
components:
  responses:
    "200":
      description: Success
  schemas:
    Employee:
      type: object
      properties:
        id:
          type: integer
          format: int32
        phoneNumbers:
          type: array
          items:
            $ref: "#/components/schemas/PhoneNumber"
        salary:
          type: number
          format: double
      required:
        - phoneNumbers
        - salary      
    PhoneNumber:
      type: object
      properties:
        number:
          type: string
      required:
        - number
  1. Set up the integration method for the newly created employee resource, choose the mock integration.

  2. Test the employee POST method using the following request body:

{
	"id": 1,
    "phoneNumbers": [
        {
            "number": "1234567890"
        }
    ],
    "salary": 45000
}

Request validation will succeed with this request body

  1. Test the employee POST method with the following request body:
{
	"id": "1",
    "phoneNumbers": [
        {
            "number": "1234567890"
        }
    ],
    "salary": 45000
}

You will now see the following request validation error:

{
  message:  "Invalid request body"
  errors: [instance type (string) does not match any allowed primitive type (allowed: ["integer"]), format attribute "double" not supported, format attribute "int32" not supported]
}

You can see that this message includes the correct error saying that the string id doesn't match the type integer. You will also see errors regarding format attributes double and int32 not being supported, these are the errors I don't understand. As far as I know double and int32 format attributes are supported by OAS 2.0 and 3.0. Do API Gateway request validators support the double and int32 format attributes? Is the request validator incorrectly configured in my swagger definition?

Edit:
It appears that the int32 and double format attributes are known issues: https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-known-issues.html#api-gateway-known-issues-rest-apis

However, I also experience these issues using a regex in the format attribute. This isn't specifically mentioned in the known issues so still looking for information on that.

英文:

I've added a request validator to my API Gateway swagger file (OAS 3.0). When I test the validation by passing in an invalid request body the error message I receive includes errors that I don't understand. Steps to reproduce are below.

  1. Create a new api gateway using the following swagger:
openapi: 3.0.0
info:
  version: "1"
  title: Request Validation Example
  description: |
    ## Request Validation
    Minimal swagger to reproduce request validation errors.

x-amazon-apigateway-request-validators: 
  all:
    validateRequestBody: true
    validateRequestParameters: true
x-amazon-apigateway-gateway-responses:
  BAD_REQUEST_BODY:
    statusCode: 400
    responseTemplates:
      application/json: |
        {
          message: $context.error.messageString
          errors: $context.error.validationErrorString
        }
paths:
  /employee:
    post:
      x-amazon-apigateway-request-validator: all
      summary: Create a new Employee
      operationId: CreateEmployee
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/Employee"
        required: true
      responses:
        "201":
          description: Created
          $ref: "#/components/responses/200"
components:
  responses:
    "200":
      description: Success
  schemas:
    Employee:
      type: object
      properties:
        id:
          type: integer
          format: int32
        phoneNumbers:
          type: array
          items:
            $ref: "#/components/schemas/PhoneNumber"
        salary:
          type: number
          format: double
      required:
        - phoneNumbers
        - salary      
    PhoneNumber:
      type: object
      properties:
        number:
          type: string
      required:
        - number
  1. Set up the integration method for the newly created employee resource, choose the mock integration.

  2. Test the employee POST method using the following request body:

{
	"id": 1,
    "phoneNumbers": [
        {
            "number": "1234567890"
        }
    ],
    "salary": 45000
}

Request validation will succeed with this request body

  1. Test the employee POST method with the following request body:
{
	"id": "1",
    "phoneNumbers": [
        {
            "number": "1234567890"
        }
    ],
    "salary": 45000
}

You will now see the following request validation error:

{
  message:  "Invalid request body"
  errors: [instance type (string) does not match any allowed primitive type (allowed: [\"integer\"]), format attribute \"double\" not supported, format attribute \"int32\" not supported]
}

You can see that this message includes the correct error saying that the string id doesn't match the type integer. You will also see errors regarding format attributes double and int32 not being supported, these are the errors I don't understand. As far as I know double and int32 format attributes are supported by OAS 2.0 and 3.0. Do API Gateway request validators support the double and int32 format attributes? Is the request validator incorrectly configured in my swagger definition?

Edit:
It appears that the int32 and double format attributes are known issues: <https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-known-issues.html#api-gateway-known-issues-rest-apis>

However, I also experience these issues using a regex in the format attribute. This isn't specifically mentioned in the known issues so still looking for information on that.

答案1

得分: 2

我认为重要的是要注意,在OAS文档中定义的模型应该是JSONSchema,而不一定是OpenAPI。它们在运行时作为JSONSchema Draft 4进行验证,该规范不包括format属性。

有时会让人感到困惑的是import操作。当使用OpenAPI来定义您的API并导入它时,API Gateway最终会解析OAS规范模型和JSONSchema draft 4的交集

如果有JSONSchema中包含的OpenAPI Schema规范中未包含的属性(例如type: [..., null]),那么直接创建或更新API Gateway ::Model是一种解决方法。

英文:

I think it's important to note that the models defined in a OAS document are supposed to be JSONSchema, not necessarily OpenAPI. They're validated at runtime as JSONSchema Draft 4, which does not include a format attribute in the specification.

What can be confusing at times is the import operation. When using OpenAPI to define your API and importing it, API Gateway ends up parsing the intersection of the OAS specification for models and JSONSchema draft 4.

If there is an attribute of JSONSchema that you need, which is not included in OpenAPI's Schema specification, (e.g. type: [..., null]) then creating or updating an API Gateway ::Model directly is a workaround.

huangapple
  • 本文由 发表于 2020年1月4日 00:21:58
  • 转载请务必保留本文链接:https://go.coder-hub.com/59581914.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定