I could see that Message Validation policy can validate that json message is well-formed ,and also xml or soap with xsd.But is there any way to validate json message against json schema?
I want to validate incoming json message against its length and data type.What is the way to do this in proxy?
Solved! Go to Solution.
You can do this in two ways
1. Node.js
There are some node.js libraries to validate a JSON.
https://www.npmjs.com/package/jsonschema
You can run these node.js validator on edge in combination of proxy chaining and achieve the desired functionality.
2. Java Callout.
There are some java libraries that can do do JSON /SOAP/XSD validation. You can write a java callout policy to validate your JSON/XML .
The policy validates the json is well formed and the various configurations in the policy allow you to check for Element count, Object count etc. but unfortunately it doesn't allow you to validate the json against a schema. You can do that using a java or javascript callout but I agree it would be a good feature to add. I might already have a feature request logged for it.
You can do this in two ways
1. Node.js
There are some node.js libraries to validate a JSON.
https://www.npmjs.com/package/jsonschema
You can run these node.js validator on edge in combination of proxy chaining and achieve the desired functionality.
2. Java Callout.
There are some java libraries that can do do JSON /SOAP/XSD validation. You can write a java callout policy to validate your JSON/XML .
The policy validates the json is well formed and the various configurations in the policy allow you to check for Element count, Object count etc. but unfortunately it doesn't allow you to validate the json against a schema. You can do that using a java or javascript callout but I agree it would be a good feature to add. I might already have a feature request logged for it.
Thanks @rajeshmishra and @arghya das
In my usecase,we need to do a json schema validation for every incoming message.And instead of using java or nodejs,it would be really nice to have it included in validation policy.
@arghya das ,could you please let us know if this feature request has been considered and will be taken up in future releases?
You don't need node.js or Java. If you look at the package tv4, there is a browser version of it. That works with the JavaScript callout policy. It only takes 2-3 lines of code to validate an incoming message against a schema. I think I have a sample...
Thanks @Srinandan Sridhar.Is it so reliable that it can it be called from production proxy?could you please share the sample?
I have used tv4 previously. I found it to be quite reliable and fast. Here are some code snippets to help you.
NOTE: I stored the schema as a variable in the file customerSchema.js. For ex:
var schema = { "$schema": "http://json-schema.org/draft-04/schema#", "id": "http://jsonschema.net", "type": "object", "properties": { . . . };
In the JavaScript Policy properties:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <Javascript async="false" continueOnError="false" enabled="true" timeLimit="200" name="Validate-Customer"> <DisplayName>Validate Customer</DisplayName> <Properties/> <IncludeURL>jsc://tv4.min.js</IncludeURL> <IncludeURL>jsc://customerSchema.js</IncludeURL> <ResourceURL>jsc://validateCustomer.js</ResourceURL> </Javascript>
In the JavaScript file:
//store the payload as JSON var body = request.content.asJSON; //validate the incoming message var result = tv4.validateMultiple(body, schema); //set the result in a variable context.setVariable("valid", result.valid);
@arghya das, Since I have included the schema as a dependency, is it loaded for every message or do we have some kind of "pre-loaded" mechanism?
@RK4 The feature request was logged a while back, but I don't think its getting addressed in the short term. For now you can go with the suggestions made by folks here. But also remember that doing this for every message would have performance implications, at least when you do this at a considerably high scale like 1000-2000 requests per second.
Thankyou @Srinandan Sridhar
I see that tv4.min.js is not included in the resources.Does it mean APIGEE supports this js without even including it?
in my case APIGEE is not supporting. I've downloaded from https://github.com/geraintluff/tv4 which is not working as expected.
Can you please explain "not working as expected"? What error/behaviour are you seeing vs expecting?
Apigee doesn't support or include tv4. You should download the latest file from: https://github.com/geraintluff/tv4
Hi Srinandan Sridhar , Can you attach the latest 'tv4.min.js' that you have refered in your proxy ?
Thanks
@RK4, I posted and article on how to use the OpenAPI Spec to validate a JSON request, using a single Javascript policy and tv4, for all the endpoints in a proxy. Check it out here: https://community.apigee.com/articles/42993/using-the-openapi-spec-to-validate-json-requests.html
Updated solution that supports OAS 2 and 3 here: https://community.apigee.com/articles/88441/validate-json-requests-using-openapi-spec-20-or-30.html