fix: remove unsupported options for openapi3.0#1316
fix: remove unsupported options for openapi3.0#1316ShreyaGangishetty merged 4 commits intoaws:developfrom
Conversation
| "'AllowOrigin' is \"'*'\" or not set") | ||
|
|
||
| editor = SwaggerEditor(self.definition_body) | ||
| openapi_flag = True if self.definition_body.get("openapi") else False |
There was a problem hiding this comment.
I think it's safer to remove produces and consumes in _openapi_postprocess than doing it in swagger. So instead of passing the flag to swagger, just add this to the method _openapi_postprocess here so we don't have too many openapi/swagger if checks in swagger.py, and we also make sure we chack not only for the presence of the flag but slso that the version is 3.x.x
Codecov Report
@@ Coverage Diff @@
## develop #1316 +/- ##
==========================================
- Coverage 94.44% 94.34% -0.1%
==========================================
Files 78 78
Lines 4353 4334 -19
Branches 860 870 +10
==========================================
- Hits 4111 4089 -22
- Misses 115 116 +1
- Partials 127 129 +2
Continue to review full report at Codecov.
|
| definition_body['components'] = components | ||
| del definition_body['definitions'] | ||
|
|
||
| if definition_body.get("paths"): |
There was a problem hiding this comment.
The check for openapi3.x.x is already present in _openapi_postprocess so I haven't added that.
Updated the code with removing consumes and produces. Also, updated the code with schema for headers as per ApiGateway export output
keetonian
left a comment
keetonian
left a comment
There was a problem hiding this comment.
Looks good overall, just a few small comments
| del definition_body["paths"][path]["options"][field] | ||
| # add schema for the headers in options section for openapi3 | ||
| if field in ["responses"]: | ||
| headers = definition_body["paths"][path]["options"][field]['200']['headers'] |
There was a problem hiding this comment.
Are 200 and headers guaranteed to exist?
There was a problem hiding this comment.
Yes they are guranteed to exist if SAM generates the definition body/inline swagger. This is the part of the swagger definition sam generates: https://github.com/awslabs/serverless-application-model/blob/master/samtranslator/swagger/swagger.py#L361-L366
There was a problem hiding this comment.
Can you verify that this method doesn't run if SAM didn't generate the swagger?
There was a problem hiding this comment.
I will add a check for 200 and headers to make sure we won't throw 5xx errors if the openapi template is incorrect
| components['schemas'] = definition_body['definitions'] | ||
| definition_body['components'] = components | ||
| del definition_body['definitions'] | ||
|
|
There was a problem hiding this comment.
Please either add a comment here about what this section is trying to do or have this method call other methods with docstrings that explain what things we're changing and why.
There was a problem hiding this comment.
I have added comments for the other if statements but adding at the top level makes more sense. Thank you! I have updated with comments for this part
|
Have you checked the OpenApi spec to see if anything else in this section needs to change? (Not a whole audit of the spec, just specific to this change) |
|
I have checked openapi GH and covered related to definition body for CORS added by SAM. |
|
Thank you very much for your pull request :) I am facing issues to enabling CORS with SAM: Even though this version doesn't generate unsupported OpenApi 3.0 code, I think there are still some pieces missing. The OPTIONS method seem to be generated properly, however, the GET method doesn't seem to have the "Access-Control-Allow-Origin" header. Also, It is not possible to enable CORS in Api Gateway responses (x-amazon-apigateway-gateway-responses). Let me illustrate the issues with an example: If the scope of this PR is not to fix this, let me know and I will open an issue please. Thank you very much in advance, |
|
@JoseExposito Thank you for collecting the issues with CORS. The given example helped a lot. This PR is to make the SAM generated swagger document compatible for openapi3. In this PR I have removed the Snippet for swagger: swagger: "2.0"
info:
version: "0.0.1"
title: "AwsSamExample"
host: "xxxx"
basePath: "/Stage"
schemes:
- "https"
paths:
/mypath:
get:
responses:
200:
description: "200 response"
x-amazon-apigateway-integration:
uri: "xxxx"
responses:
default:
statusCode: "200"
passthroughBehavior: "when_no_match"
httpMethod: "POST"
type: "aws_proxy"
options:
consumes:
- "application/json"
produces:
- "application/json"
responses:
200:
description: "200 response"
headers:
Access-Control-Allow-Origin:
type: "string"
Access-Control-Allow-Methods:
type: "string"
x-amazon-apigateway-integration:
responses:
default:
statusCode: "200"
responseParameters:
method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'"
method.response.header.Access-Control-Allow-Origin: "'www.example.com'"
responseTemplates:
application/json: "{}\n"
passthroughBehavior: "when_no_match"
requestTemplates:
application/json: "{\n \"statusCode\" : 200\n}\n"
type: "mock"
snippet for openapi3 which looks similar to the one generated by SAM: openapi: "3.0.1"
info:
title: "AwsSamExample"
version: "0.0.1"
servers:
- url: "xxxx"
variables:
basePath:
default: "/Stage"
paths:
/mypath:
get:
responses:
200:
description: "200 response"
content: {}
x-amazon-apigateway-integration:
uri: "xxxx"
responses:
default:
statusCode: "200"
passthroughBehavior: "when_no_match"
httpMethod: "POST"
type: "aws_proxy"
options:
responses:
200:
description: "200 response"
headers:
Access-Control-Allow-Origin: ## these headers are added
schema:
type: "string"
Access-Control-Allow-Methods:
schema:
type: "string"
content: {}
x-amazon-apigateway-integration:
responses:
default:
statusCode: "200"
responseParameters:
method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'" ## these headers are added
method.response.header.Access-Control-Allow-Origin: "'www.example.com'"
responseTemplates:
application/json: "{}\n"
passthroughBehavior: "when_no_match"
requestTemplates:
application/json: "{\n \"statusCode\" : 200\n}\n"
type: "mock"
components: {}
It is a really cool feature to add |
| # add schema for the headers in options section for openapi3 | ||
| if field in ["responses"]: | ||
| options_path = definition_body["paths"][path]["options"] | ||
| if options_path and options_path.get(field).get('200') and options_path.get(field).\ |
There was a problem hiding this comment.
Added this line to avoid throwing 5xx errors
5 participants
Issue #, if available:
#1161
Description of changes:
removed consumes and produces from options for openapi 3.
nested the type for CORS headers under
schemaas per openapi3 spec https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#headerObjectDescription of how you validated changes:
Verified the open api definition output of SAM matches APIGW output for open api
Checklist:
make prpassesexamples/2016-10-31By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.