There is a new OAS Validation policy that is available in Apigee Hybrid and next generation SaaS. However, it's not clear if it will be made available in the current SaaS offering.
Therefore in the interim, I updated my previous example (here) to support OAS 3.0.
The updated example adds some additional functionality to include validation of:
Requirements: A dereferenced OAS in JSON format (tool https://apitools.dev/swagger-parser/online).
See attached API proxy and Postman collection for testing.
oas-validation-v3-rev3-2020-10-24.zip
oas-validation-30postman-collectionjson.zip
Hope you find this useful and if you find any errors, please let me know.
It is working when requestBody looks like below:
"requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/User" } } }, "description": "Updated user object", "required": true }
It is not working when requestBody looks like below: (One more condition must be added here)
"requestBody": { "$ref": "#/components/requestBodies/UserArray" }
I've not tried an OAS using $refs.
OAS Validation policy i can see available in apigee edge...can that now be substituted for this parser with same functionality.
thanks,
Aakash
Does it validate the form paremeters?
It should. Have you tried it?
Hi Arun,
Happy to see the new policy is getting some use.
I just tried it and verified that the new OAS Validation policy will only validate the body if the content type is application/json, as per the docs here:
It will still validate the header and query params tho.
Hi kurt,
After your last comment I checked OAS validation policy. When I try to use it I found few issues over there.
1. Error response is not well formatted
As per our business requirement we need to change it to like this.
{ "error_code": "400", "error_message": "Bad request", "error_details": [ { "id": 20030, "msg": "Missing Required Parameter grant_type" } ] }
is there any way we can change the above format, In place of the OAS default format.
2. OAS Validation policy is always given 500 internal server error as status code in place of 400 Bad Request.
You will want to handle the OAS policy fault with a FaultRule. This is the standard way of handling errors in Apigee API Proxies. At that point you can use AssignMessage to set the message to whatever you like.