我有一个具有以下架构的 API 网关:
{
"swagger": "2.0",
"info": {
"description": "This is a sample server Petstore server. You can find out more about Swagger at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, #swagger](http://swagger.io/irc/). For this sample, you can use the api key `special-key` to test the authorization filters.",
"version": "1.0.0",
"title": "Swagger Petstore",
"termsOfService": "http://swagger.io/terms/",
"contact": {
"email": "<a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="d2b3a2bba6b7b3bf92a1a5b3b5b5b7a0fcbbbd" rel="noreferrer noopener nofollow">[email protected]</a>"
},
"license": {
"name": "Apache 2.0",
"url": "http://www.apache.org/licenses/LICENSE-2.0.html"
}
},
"paths": {
"/pet": {
"post": {
"summary": "Add a new pet to the store",
"description": "",
"operationId": "addPet",
"consumes": [
"application/json",
"application/xml"
],
"produces": [
"application/xml",
"application/json"
],
"parameters": [
{
"in": "body",
"name": "body",
"description": "Pet object that needs to be added to the store",
"required": true,
"schema": {
"$ref": "#/definitions/Pet"
}
}
],
"responses": {
"405": {
"description": "Invalid input"
}
}}
}},
"definitions": {
"Pet": {
"required": ["id", "name"],
"type": "object",
"properties": {
"id": {
"type": "integer",
"description": "Id of the pet",
"example": 123
},
"name": {
"type": "string",
"description": "Name of the pet",
"example": "Jammy"
},
"nickname": {
"type": "string",
"description": "Nickname of the pet",
"example": "Jam"
}
}
}
}
}
当我发送包含架构中不存在的字段的请求正文时,我没有从 API 网关收到 400 响应。我已将配置应用于验证正文、 header 、查询字符串。
这是 API 网关中的一个未解决问题吗?或者我错过了什么?
最佳答案
因此,对于 swagger v2 和 openapiv3 规范,默认行为是接受规范未定义的所有其他属性。如果您包含所需的宠物 ID 和名称以及其他未使用的属性(例如 foo 和 bar),您的发布应该会成功。
如果您希望更严格的验证在发送其他属性时失败,请在您的宠物架构中将additionalProperties 设置为 false,或者执行此操作并将规范版本更改为 3.x.x
关于amazon-web-services - AWS API Gateway (REST) - 即使存在未知属性,请求验证也会通过,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/66783377/