Validate form data request bodies

Comments (4)

1. 

   Ben Sayers reporter

   • changed status to wontfix

   Need some concrete use cases before taking this on.

   • 2017-03-27T06:59:22+00:00
2. 

   Jaiden Ashmore

   I have a swagger spec for a login (application/x-www-form-urlencoded) request:

   "/login" : {
         "post" : {
           "tags" : [ "Manual" ],
           "summary" : "Login",
           "description" : "Login to the application",
           "operationId" : "login",
           "consumes" : [ "application/x-www-form-urlencoded" ],
           "parameters" : [ {
             "name" : "username",
             "in" : "formData",
             "description" : "username",
             "required" : true,
             "type" : "string"
           }, {
             "name" : "password",
             "in" : "formData",
             "description" : "password",
             "required" : true,
             "type" : "string"
           }, {
             "name" : "_csrf",
             "in" : "formData",
             "description" : "_csrf",
             "required" : true,
             "type" : "string"
           } ],
           "responses" : {
             "200" : {
               "description" : "Successfully logged in"
             },
             "401" : {
               "description" : "Incorrect credentials or user does not exist"
             }
           }
         }
       }
   

   I then have the pact specification:

     "interactions": [
       {
         "description": "a request to login to the system with the correct credentials",
         "providerState": "user exists in the system",
         "request": {
           "method": "POST",
           "path": "/login",
           "headers": {
             "Content-Type": "application/x-www-form-urlencoded"
           },
           "body": "_csrf=sometoken&username=bob&password=secret"
         },
         "response": {
           "status": 200,
           "headers": {
           }
         }
       },
       {
         "description": "a request to login to the system with the incorrect credentials",
         "providerState": "user exists in the system",
         "request": {
           "method": "POST",
           "path": "/login",
           "headers": {
             "Content-Type": "application/x-www-form-urlencoded"
           },
           "body": "_csrf=sometoken&username=bob&password=incorrect"
         },
         "response": {
           "status": 401,
           "headers": {
           }
         }
       }
     ],
   

   The result of the validation is:

   0 error(s)
   2 warning(s)
       spv.request.body.unknown: 2
   { warnings:
      [ { code: 'spv.request.body.unknown',
          message: 'No schema found for request body',
          mockDetails:
           { interactionDescription: 'a request to login to the system with the correct credentials',
             interactionState: 'user exists in the system',
             location: '[pactRoot].interactions[0].request.body',
             mockFile: 'pacts/pact.json',
             value: '_csrf=sometoken&username=bob&password=secret' },
          source: 'spec-mock-validation',
          specDetails:
           { location: '[swaggerRoot].paths./login.post',
             pathMethod: 'post',
             pathName: '/login',
             specFile: 'swagger.json',
             value:
              { tags: [Array],
                summary: 'Login',
                description: '',
                operationId: 'login',
                consumes: [Array],
                parameters: [Array],
                responses: [Object] } },
          type: 'warning' },
        { code: 'spv.request.body.unknown',
          message: 'No schema found for request body',
          mockDetails:
           { interactionDescription: 'a request to login to the system with the incorrect credentials',
             interactionState: 'user exists in the system',
             location: '[pactRoot].interactions[1].request.body',
             mockFile: 'pacts/pact.json',
             value: '_csrf=sometoken&username=bob&password=incorrect' },
          source: 'spec-mock-validation',
          specDetails:
           { location: '[swaggerRoot].paths./login.post',
             pathMethod: 'post',
             pathName: '/login',
             specFile: 'swagger.json',
             value:
              { tags: [Array],
                summary: 'Login',
                description: '',
                operationId: 'login',
                consumes: [Array],
                parameters: [Array],
                responses: [Object] } },
          type: 'warning' } ],
     errors: [] }
   

   Is this an example that you were looking for? I could look at trying to make a PR for this.

   My current workaround is to just have the spec file define the body as a string but I have lost the safety of testing the individual fields in the form.

   • 2017-07-29T02:23:14+00:00
3. 

   Ben Sayers reporter

   • changed status to open

   • 2017-07-31T07:52:58+00:00
4. 

   Ben Sayers reporter

   @jashmore_atlassian yep thats exactly what we were looking for, thanks! If you upload the Pact and Swagger files and I'll add them to the test suite once we implement this feature.

   I'd be happy to accept a PR. Since this is a reasonably large change that would likely involve adding a new external dependency it would be a good idea to discuss your plan of attack with us before you get too deep into it. It's also worth pointing out that this tool has been integrated in many critical build pipelines so we'd be insisting on high code quality and comprehensive test coverage for any changes made to the tool.

   If you don't wind up doing this work yourself the Tooling and Automation team will try to get to this feature as soon as we can. This would likely be sometime next quarter as we are heavily committed to other work during this quarter.

   • 2017-07-31T08:05:39+00:00
5. Log in to comment