[openstack-dev] [Keystone] Use JSON Schemas to validate API requests data

Jarret Raim jarret.raim at RACKSPACE.COM
Thu Jun 6 20:15:11 UTC 2013


With JSON Schema, you can specify whether you allow unknown elements in the message. I imagine it would be up to the individual API to decide if that was warranted for a particular message.


Jarret



From: Brant Knudson <blk at acm.org<mailto:blk at acm.org>>
Reply-To: OpenStack List <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>
Date: Thursday, June 6, 2013 2:23 PM
To: OpenStack List <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>
Subject: Re: [openstack-dev] [Keystone] Use JSON Schemas to validate API requests data


Does OpenStack have a policy for handling of extra/unexpected arguments? Examples of extra arguments are unexpected query parameters on a GET request or extra fields provided in the JSON body of a POST.

Many web APIs ignore extra arguments to make it easier to add support for new features. For example, if 'GET /users' adds support for sorting with 'GET /users?sort=id' , new clients will still work with old servers, they just won't get the users back in sorted order.

If we strictly validate inputs that would make it more difficult to extend our APIs.

- Brant



On Sun, Jun 2, 2013 at 4:11 AM, Bruno Semperlotti <bruno.semperlotti at gmail.com<mailto:bruno.semperlotti at gmail.com>> wrote:
Hi,

As a first contribution, I recently worked on a small bug about bad error response when passing incorrect parameters in API requests (#1110435<https://bugs.launchpad.net/keystone/+bug/1110435>).
There is also this other bug about bad application behavior when API requests data are incorrect or missing (#999084<https://bugs.launchpad.net/keystone/+bug/999084>)

My point is that no systematic data validation seems to be made when receiving API requests, leading to potential unwanted behavior or instability.

I am working on a prototype to enable simple validation of all API requests data using json schemas and the python package jsonschema<https://pypi.python.org/pypi/jsonschema>.

As I am new in the openstack community and also because my work uses the json schema specification which is still a draft with a new package dependency, I was looking for some feedback about this idea before going on and filling a blueprint.

Regards,

--
Bruno Semperlotti

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org<mailto:OpenStack-dev at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130606/1b77bd1d/attachment.html>


More information about the OpenStack-dev mailing list