OpenAPI upstream request/response validation #21
Assignees
Labels
Milestone
Comments
johakoch
pushed a commit
that referenced
this issue
Sep 17, 2020
johakoch
pushed a commit
that referenced
this issue
Sep 17, 2020
johakoch
pushed a commit
that referenced
this issue
Sep 17, 2020
|
This feature is currently configured by swagger_definition = "path/to/swagger.yaml"
validate_request = true
validate_response = truein a |
2 tasks
johakoch
changed the title
|
The github.com/getkin/kin-openapi library is very handy for OpenAPI version 3. If you have a version 2 (Swagger) definition it's a lot more work. Do we need version 2 for the MVP? |
We don't need v2 support for now. |
johakoch
changed the title
We should name it |
|
Or |
sounds good. |
johakoch
pushed a commit
that referenced
this issue
Sep 18, 2020
johakoch
pushed a commit
that referenced
this issue
Sep 18, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
…ponse are always validated if openapi block is present; request is rejected if invalid and ignore_request_violations is not true; response is rejected if invalid and ignore_response_violations is not true (#21)
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
…ponse are always validated if openapi block is present; request is rejected if invalid and ignore_request_violations is not true; response is rejected if invalid and ignore_response_violations is not true (#21)
johakoch
pushed a commit
that referenced
this issue
Oct 8, 2020
…ponse are always validated if openapi block is present; request is rejected if invalid and ignore_request_violations is not true; response is rejected if invalid and ignore_response_violations is not true (#21)
malud
pushed a commit
that referenced
this issue
Dec 4, 2020
…ponse are always validated if openapi block is present; request is rejected if invalid and ignore_request_violations is not true; response is rejected if invalid and ignore_response_violations is not true (#21)
malud
pushed a commit
that referenced
this issue
Dec 4, 2020
malud
pushed a commit
that referenced
this issue
Dec 4, 2020
malud
pushed a commit
that referenced
this issue
Dec 4, 2020
malud
pushed a commit
that referenced
this issue
Dec 4, 2020
malud
pushed a commit
that referenced
this issue
Dec 8, 2020
malud
pushed a commit
that referenced
this issue
Dec 8, 2020
malud
pushed a commit
that referenced
this issue
Dec 8, 2020
malud
pushed a commit
that referenced
this issue
Dec 8, 2020
…ponse are always validated if openapi block is present; request is rejected if invalid and ignore_request_violations is not true; response is rejected if invalid and ignore_response_violations is not true (#21)
malud
pushed a commit
that referenced
this issue
Dec 8, 2020
malud
pushed a commit
that referenced
this issue
Dec 8, 2020
malud
pushed a commit
that referenced
this issue
Dec 8, 2020
malud
pushed a commit
that referenced
this issue
Dec 8, 2020
malud
pushed a commit
that referenced
this issue
Dec 9, 2020
malud
pushed a commit
that referenced
this issue
Dec 9, 2020
malud
pushed a commit
that referenced
this issue
Dec 9, 2020
malud
pushed a commit
that referenced
this issue
Dec 9, 2020
…ponse are always validated if openapi block is present; request is rejected if invalid and ignore_request_violations is not true; response is rejected if invalid and ignore_response_violations is not true (#21)
malud
pushed a commit
that referenced
this issue
Dec 9, 2020
malud
pushed a commit
that referenced
this issue
Dec 9, 2020
malud
pushed a commit
that referenced
this issue
Dec 9, 2020
malud
pushed a commit
that referenced
this issue
Dec 9, 2020
malud
pushed a commit
that referenced
this issue
Dec 14, 2020
* upstream validation: implementation, first try (#21) * add upstream swagger file, referenced in couper.hcl (#21) * rename swagger_definition -> openapi_file (#21) * openapi block with properties instead of properties only; request/response are always validated if openapi block is present; request is rejected if invalid and ignore_request_violations is not true; response is rejected if invalid and ignore_response_violations is not true (#21) * invalid upstream request gets 400 - Bad Request; invalid upstream response gets 502 - Bad Gateway (#21) * keep backend status code in log even in case of response validation error (#21) * validation message in backend log's message field (#21) * tests for validation (#21) * extracted OpenAPI validator (#21) * Fixed validation errors in openapi file to be logged as errors instead of panic (#21) * Fixup openAPI validation test * Handle body rewind Refactor openAPI error handling * Fix set getBody method first #72 Leads to getAttribute errors for recently added dynamic evals for origin, path and hostname * Add buffer stringer implementation Add stringer tool to generate for const * Add test for bufferOption interaction * rm httpbin.yaml * Fix documentation hcl format * Remove loose punctuation mark from documentation Fix couper version to latest release * Add openapi documentation and example link * Fixup obsolete conditions * Add validation exclude options Fix passing the query param * Fixup validation tests e.g. query 404 -> 404= due to our set query feature * Update validation documentation * Use req context * Fix merge openAPI and use partialContent for deprecated log * Upgrade kin-openapi dependency to latest v0.33.0 * Add documentation note about openapi3 * Add additional openapi test Remove own getBody set since openapi3 does this already (too) * Revert configurable validation exclude options * Add additonal openapi link Co-authored-by: Marcel Ludwig <marcel.ludwig@avenga.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We want to prevent invalid upstream request and responses which does not match the requirements from a given openAPI yaml file.
The text was updated successfully, but these errors were encountered: