Skip to content
This repository has been archived by the owner on Mar 6, 2024. It is now read-only.

Request body validated not according to Swagger 2.0 spec. #6

Closed
IvanGoncharov opened this issue Apr 18, 2015 · 3 comments
Closed

Request body validated not according to Swagger 2.0 spec. #6

IvanGoncharov opened this issue Apr 18, 2015 · 3 comments

Comments

@IvanGoncharov
Copy link

According to spec swagger inside schema object support only limited subset of JSON Schema draft4 and extend it with custom keywords.

So, you don't use "discriminator" and "readOnly" keywords during validation that mean you don't fully support Swagger 2.0 spec.

Personally, I think it's a problem in Swagger spec.
So I created OAI/OpenAPI-Specification#333 feature request to make Swagger compatible with JSON Schema.
And I want library authors took part in that discussion.

@JamesMessinger
Copy link
Member

This is actually a bug in Swagger Parser, which Swagger Express Middleware uses to parse the swagger docs. Thanks for pointing it out. I'll look into it and get it fixed.

@IvanGoncharov
Copy link
Author

It's totally unrelated to Swagger Parse, probably I confused you with issue description.
Following call sequence will illustrate problem:
param-parser.js:96 req.body = parseParameter(param, req.body, param.schema);
param-parser.js:147 return new JsonSchema(schema).parse(value);
json-schema.js:46 return parseObject(this.schema, value, propPath);
json-schema.js:530 jsonValidate(schema, parsedValue, propPath || '');
json-schema.js:211 if (tv4.validate(value, schema)) {

So as you can see, tv4 used to validate body parameter according to Swagger schema object.
But JSON Schema and Swagger schema object incompatible, and that is issue in nutshell.

@IvanGoncharov
Copy link
Author

Initially I created this issue to bring attention to OAI/OpenAPI-Specification#333
So it can't be fixed without writing custom JSON schema validator which doesn't happen any time soon.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants