Skip to content

Use defined 400 response object when request validation fails #59

New issue
New issue
Open
Open
Use defined 400 response object when request validation fails#59
Labels
enhancementNew feature or requesthelp wantedExtra attention is needed
@quartin

Description

@quartin
quartin
opened on Dec 22, 2019

Hi,

When setting up the requestBody validation, is there any way to return the defined 400 response object instead of the text/plain with the json validation info?
In the following example:

---
openapi: 3.0.0
info:
  version: 1.0.0
  title: Mock API
servers:
  - url: http://localhost:19999
paths:
  "/api/3.1/login/":
    post:
      description: Request access token
      operationId: login using client id & secret
      produces:
        - "application/json"
      requestBody:
        description: Client id and secret
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                client_id:
                  description: The ID of the client
                  type: string
                  enum:
                    - my_client_id
                client_secret:
                  description: Client secret
                  type: string
                  enum:
                    - very_secret_secret
              required:
                - client_id
                - client_secret
              additionalProperties: false
      responses:
        200:
          description: "/login response"
          content:
            application/json:
              example:
                access_token: '1234567890'
                token_type: doggie
                expires_in: 1000
        400:
          description: "Bad Request. Invalid client ID/secret"
          content:
            application/json:
              example:
                message: "Blablabla, bad request"
                documentation_url: "http://blabla.com"

I get the expected 200 OK with:

curl -X POST -H 'Content-Type:application/json' -H 'Accept-Type:application/json' -i http://localhost:19999/api/3.1/login/ \
-d '{"client_id":"my_client_id", "client_secret": "very_secret_secret"}'

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Sun, 22 Dec 2019 21:58:25 GMT
Content-Length: 82

{
  "access_token": "1234567890",
  "expires_in": 1000,
  "token_type": "doggie"
}%

But with a different client_secret other than the one defined in the schema enum I get:

curl -X POST -H 'Content-Type:application/json' -H 'Accept-Type:application/json' -i http://localhost:19999/api/3.1/login/ \ 
-d '{"client_id":"my_client_id", "client_secret": "invalid_secret"}'

HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Date: Sun, 22 Dec 2019 21:58:47 GMT
Content-Length: 271
Content-Type: text/plain; charset=utf-8

Request body has an error: doesn't input the schema: Error at "/client_secret":JSON value is not one of the allowed values
Schema:
  {
    "description": "Client secret",
    "enum": [
      "very_secret_secret"
    ],
    "type": "string"
  }

Value:
  "invalid_secret"

while what I would really like was the object I defined, i.e.:

{
  "message": "Blablabla, bad request",
  "documentation_url": "http://blabla.com"
}

Do you have any idea how I could achieve this? Thank you.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requesthelp wantedExtra attention is needed

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions