Option to inline allOf elements before validating
allOf validation requires the additionalProperties option to be ignored: https://bitbucket.org/atlassian/swagger-request-validator/src/master/docs/FAQ.md
We perform response validation against JSON schema, similar to how this tool performs validation, but our conversion to JSON schema inlines allOf references such that the additionalProperties: false may still be leveraged during validation. Here is said tool for reference: https://www.npmjs.com/package/openapi2schema
Here is sample OpenAPI:
openapi: 3.0.0
info:
title: Test Validation
description: >-
version: 1.0.0
servers:
- url: 'http://ebay.com'
description: QATE
paths:
/test:
get:
summary: placeholder summary
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/test'
components:
schemas:
test:
allOf:
- $ref: '#/components/schemas/typeA'
- $ref: '#/components/schemas/typeB'
typeA:
type: object
properties:
typeAValueA:
type: string
typeB:
type: object
properties:
typeBValueB:
type: string
and the resulting JSON Schema (note that I have added the additionalProperties: false to the JSON schema as a post conversion operation).
{ "type": "object", "additionalProperties": false,"properties": { "typeAValueA": { "type": "string" }, "typeBValueB": { "type": "string" } }, "$schema": "http://json-schema.org/draft-04/schema#" }
We are using the same JSON Schema Validator used in this tool.
<dependency>
<groupId>com.github.java-json-tools</groupId>
<artifactId>json-schema-validator</artifactId>
<version>2.2.14</version>
</dependency>
And it correctly flags the unexpected property in the test response:
{
"typeAValueA": "good",
"typeBValueB": "good",
"extra": "bad"
}
This example is included to demonstrate the use of inlining to address the limitations of validating allOf expressions in OpenAPI that utilize additionalProperties: false.
We are proposing that the tool have an opt-in inline operation for allOf models. If the opt-in is selected, allOf references would be inlined before being converted to JSON schema. This would allow the default state of additionalProperties to remain 'false' (IE: not ignored) to flag all unexpected fields in the response.
Comments (6)
-
-
- changed status to open
-
Issue
#313was marked as a duplicate of this issue. -
- changed status to resolved
Available in v2.18.0
-
I have exposed the
ParseOptions
from the underlyingswagger-parser
that includes aresolveCombinators
option which should do something similar to what you’re asking for.In my local testing I have confirmed that validation works as expected for
allOf
without having to disable theadditionalProperties
validation, at least for some simple cases.Please let me know if this meets your needs.
-
Still having the same problem (I guess) with following schema
Food: allOf: - $ref: "#/components/schemas/BaseEntity" required: - name - nutritions - ownerId - hidden
BaseEntity: type: object additionalProperties: true required: - id - createdAt - updatedAt properties: id: type: string createdAt: type: string updatedAt: type: string
Either this message by not using any parse options:
Object instance has properties which are not allowed by the schema: [\"createdAt\",\"id\",\"updatedAt\"]",
or this message
"Object instance has properties which are not allowed by the schema: [\"description\",\"eans\",\"foodCategoryId\",\"foodCriteria\",\"hidden\",\"imageUrl\",\"name\",\"nutritions\",\"ownerId\",\"source\",\
parseOptions.setResolveFully(true); parseOptions.setResolveCombinators(true);
- Log in to comment
I apologize for not being logged in when creating this issue. Logging a comment to associate myself with this ticket.