Use defined 400 response object when request validation fails #59

quartin · 2019-12-22T22:05:39Z

Hi,

When setting up the requestBody validation, is there any way to return the defined 400 response object instead of the text/plain with the json validation info?
In the following example:

---
openapi: 3.0.0
info:
  version: 1.0.0
  title: Mock API
servers:
  - url: http://localhost:19999
paths:
  "/api/3.1/login/":
    post:
      description: Request access token
      operationId: login using client id & secret
      produces:
        - "application/json"
      requestBody:
        description: Client id and secret
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                client_id:
                  description: The ID of the client
                  type: string
                  enum:
                    - my_client_id
                client_secret:
                  description: Client secret
                  type: string
                  enum:
                    - very_secret_secret
              required:
                - client_id
                - client_secret
              additionalProperties: false
      responses:
        200:
          description: "/login response"
          content:
            application/json:
              example:
                access_token: '1234567890'
                token_type: doggie
                expires_in: 1000
        400:
          description: "Bad Request. Invalid client ID/secret"
          content:
            application/json:
              example:
                message: "Blablabla, bad request"
                documentation_url: "http://blabla.com"

I get the expected 200 OK with:

curl -X POST -H 'Content-Type:application/json' -H 'Accept-Type:application/json' -i http://localhost:19999/api/3.1/login/ \
-d '{"client_id":"my_client_id", "client_secret": "very_secret_secret"}'

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Sun, 22 Dec 2019 21:58:25 GMT
Content-Length: 82

{
  "access_token": "1234567890",
  "expires_in": 1000,
  "token_type": "doggie"
}%

But with a different client_secret other than the one defined in the schema enum I get:

curl -X POST -H 'Content-Type:application/json' -H 'Accept-Type:application/json' -i http://localhost:19999/api/3.1/login/ \ 
-d '{"client_id":"my_client_id", "client_secret": "invalid_secret"}'

HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Date: Sun, 22 Dec 2019 21:58:47 GMT
Content-Length: 271
Content-Type: text/plain; charset=utf-8

Request body has an error: doesn't input the schema: Error at "/client_secret":JSON value is not one of the allowed values
Schema:
  {
    "description": "Client secret",
    "enum": [
      "very_secret_secret"
    ],
    "type": "string"
  }

Value:
  "invalid_secret"

while what I would really like was the object I defined, i.e.:

{
  "message": "Blablabla, bad request",
  "documentation_url": "http://blabla.com"
}

Do you have any idea how I could achieve this? Thank you.

The text was updated successfully, but these errors were encountered:

danielgtaylor added enhancement New feature or request help wanted Extra attention is needed labels Jan 18, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use defined 400 response object when request validation fails #59

Use defined 400 response object when request validation fails #59

quartin commented Dec 22, 2019 •

edited

Loading

Use defined 400 response object when request validation fails #59

Use defined 400 response object when request validation fails #59

Comments

quartin commented Dec 22, 2019 • edited Loading

quartin commented Dec 22, 2019 •

edited

Loading