[openstack-dev] [Keystone] Use JSON Schemas to validate API requests data

Jarret Raim jarret.raim at RACKSPACE.COM
Wed Jun 5 12:32:19 UTC 2013


>I think WSME is easy to implement API schema for simple validation,
>which checks parameter types only. The schema code is so simple.
>
>On the other hand, jsonschema is easy to do it for strict validation,
>which checks parameter types, lengths, ranges and formats.
>If implementing strict validation with WSME, we need to create getter/
>setter methods for each parameter and validation code is necessary in
>getter method.

Another bonus is that the JSON Schemas are portable where WSME is not, at
least in theory. There are many people using many languages to interact
with our APIs and it would be a bonus for them to be able to use those
schemas both to validate their messages and serve as authoritative
documentation of what messages the API will accept. It also helps when the
API is returning 400 without a great error message or when you want to
generate valid messages for various testing scenarios.

As I said earlier, it doesn't appear that using WSME and JSON schema are
mutually exclusive. We are currently writing JSON schemas for barbican and
meniscus and we are also investigating WSME. Assuming we decide to use
WSME (hard decision - seems like it would require some rework), we could
adapt it to use our JSON schemas. Still need to test this theory, so don't
take it as gospel quite yet, but that's my current thinking.



Jarret Raim 




More information about the OpenStack-dev mailing list