Giter Site home page Giter Site logo

Comments (4)

tamlyn avatar tamlyn commented on July 28, 2024 1

I have encountered the same bug.

The problem is that the api-schema-builder package support's Swagger 2's basepath property but not OpenAPI 3's equivalent servers property. This means if your API has a base path, the request paths don't match and no validation occurs.

Here's a naive fix that only works if you have a single entry in your servers (which is our case). A proper solution would probably need to match against multiple servers and take into account the fact that the url property can be a full URL, not just a path.

Index: src/index.js
<+>UTF-8
===================================================================
--- src/index.js	(revision 1ad8ddd979fa84da1f4f13e2d6b46888e430a44c)
+++ src/index.js	(date 1584466506568)
@@ -38,10 +38,13 @@
     const options = getOptions(receivedOptions);
 
     const schemas = {};
+
+    const basePath = dereferenced.basePath ||
+        (dereferenced.servers && dereferenced.servers.length && dereferenced.servers[0].url) ||
+        '/';
     Object.keys(dereferenced.paths).forEach(function (currentPath) {
-        const parsedPath = dereferenced.basePath && dereferenced.basePath !== '/'
-            ? dereferenced.basePath.concat(currentPath.replace(/{/g, ':').replace(/}/g, ''))
-            : currentPath.replace(/{/g, ':').replace(/}/g, '');
+        const fullPath = basePath !== '/' ? basePath.concat(currentPath) : currentPath;
+        const parsedPath = fullPath.replace(/{/g, ':').replace(/}/g, '');
         schemas[parsedPath] = {};
         Object.keys(dereferenced.paths[currentPath])
             .filter(function (parameter) { return parameter !== 'parameters' })

from openapi-validator-middleware.

kobik avatar kobik commented on July 28, 2024

Hi @holitics,

Thanks for reporting this.
Just to make sure I understand, you expect the package to validate your schema when loading?

from openapi-validator-middleware.

holitics avatar holitics commented on July 28, 2024

from openapi-validator-middleware.

kobik avatar kobik commented on July 28, 2024

Hi guys, sorry for missing your answers.

@tamlyn, i guess you're referring to a subset of the issue reported by @holitics, but anyway PR are more than welcomed.

@holitics, this behavior can be made configurable. but we need to think carefully on this feature as we might want to allow blacklist or whitelist specific endpoints in this validation.

from openapi-validator-middleware.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.