When validating cookie parameters, the presence of required cookies is not checked #183
Description
When validating cookie parameters, no error is raised if the required cookie is missing from the request. This means that when validating a request that lacks the required cookie but otherwise is valid, the request is considered valid. The expected behavior is to return an error with details.
Versions in my go.mod
github.com/pb33f/libopenapi v0.28.0
github.com/pb33f/libopenapi-validator v0.6.4
Example
package main
import (
"fmt"
"net/http"
"github.com/pb33f/libopenapi"
"github.com/pb33f/libopenapi-validator/parameters"
)
func main() {
spec := `openapi: 3.1.0
paths:
/burgers/beef:
get:
parameters:
- name: PattyPreference
in: cookie
required: true
schema:
type: number`
doc, _ := libopenapi.NewDocument([]byte(spec))
m, _ := doc.BuildV3Model()
v := parameters.NewParameterValidator(&m.Model)
request, _ := http.NewRequest(http.MethodGet, "https://things.com/burgers/beef", nil)
//request.AddCookie(&http.Cookie{Name: "PattyPreference", Value: "1"})
valid, errors := v.ValidateCookieParams(request)
fmt.Println(valid) // valid == True, should be False
fmt.Println(errors) // errors == [], should be not empty
}