[openstack-dev] [Keystone] Use JSON Schemas to validate API requests data

Ken'ichi Ohmichi oomichi at mxs.nes.nec.co.jp
Fri Jun 7 01:16:36 UTC 2013


Hi Bruno,

On Thu, 6 Jun 2013 22:16:40 +0200
Bruno Semperlotti <bruno.semperlotti at gmail.com> wrote:
> 
> Json schema has an attribute "additionalProperties": true/false. If true
> (the default), all extra properties not declared in the corresponding
> schema level are ignored and thus considered as valid.
> This allows to strictly validate expected data and gives enough flexibility
> to easily extends the API.
> 
> {
>     'type': 'object',
>     'properties': {
>         id': {'type': 'string'},
>         'name': {'type': 'string'}
>     },
>     'required':['name'],
>     'additionalProperties': true
> }
> 
> *** Valid if 'additionalProperties' is true, Invalid if
> 'additionalProperties' is false***
> {
>     'name': 'Smith',
>     'ext-region': 'US-East'
> }

Nice.
I will add a test case of additionalProperties to Oslo patch
(https://review.openstack.org/#/c/25884/) for showing its usage also.


Thanks
Ken'ichi Ohmichi

---
> On Thu, Jun 6, 2013 at 9:23 PM, Brant Knudson <blk at acm.org> wrote:
> 
> >
> > Does OpenStack have a policy for handling of extra/unexpected arguments?
> > Examples of extra arguments are unexpected query parameters on a GET
> > request or extra fields provided in the JSON body of a POST.
> >
> > Many web APIs ignore extra arguments to make it easier to add support for
> > new features. For example, if 'GET /users' adds support for sorting with
> > 'GET /users?sort=id' , new clients will still work with old servers, they
> > just won't get the users back in sorted order.
> >
> > If we strictly validate inputs that would make it more difficult to extend
> > our APIs.
> >
> > - Brant
> >
> >
> >
> > On Sun, Jun 2, 2013 at 4:11 AM, Bruno Semperlotti <
> > bruno.semperlotti at gmail.com> wrote:
> >
> >> Hi,
> >>
> >> As a first contribution, I recently worked on a small bug about bad error
> >> response when passing incorrect parameters in API requests (#1110435<https://bugs.launchpad.net/keystone/+bug/1110435>
> >> ).
> >> There is also this other bug about bad application behavior when API
> >> requests data are incorrect or missing (#999084<https://bugs.launchpad.net/keystone/+bug/999084>
> >> )
> >>
> >>  My point is that no systematic data validation seems to be made when
> >> receiving API requests, leading to potential unwanted behavior or
> >> instability.
> >>
> >> I am working on a prototype to enable simple validation of all API
> >> requests data using json schemas and the python package jsonschema<https://pypi.python.org/pypi/jsonschema>
> >> .
> >>
> >> As I am new in the openstack community and also because my work uses the
> >> json schema specification which is still a draft with a new package
> >> dependency, I was looking for some feedback about this idea before going on
> >> and filling a blueprint.
> >>
> >> Regards,
> >>
> >> --
> >> Bruno Semperlotti
> >>
> >> _______________________________________________
> >> OpenStack-dev mailing list
> >> OpenStack-dev at lists.openstack.org
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >>
> >>
> >
> > _______________________________________________
> > OpenStack-dev mailing list
> > OpenStack-dev at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >
> >



More information about the OpenStack-dev mailing list