[openstack-dev] [Keystone] Use JSON Schemas to validate API requests data
Dolph Mathews
dolph.mathews at gmail.com
Thu Jun 6 20:33:25 UTC 2013
Cool, I sent my email too soon!
-Dolph
On Thu, Jun 6, 2013 at 3:16 PM, Bruno Semperlotti <
bruno.semperlotti at gmail.com> wrote:
> Hi Brant,
>
> Json schema has an attribute "additionalProperties": true/false. If true
> (the default), all extra properties not declared in the corresponding
> schema level are ignored and thus considered as valid.
> This allows to strictly validate expected data and gives enough
> flexibility to easily extends the API.
>
> {
> 'type': 'object',
> 'properties': {
>
> id': {'type': 'string'},
> 'name': {'type': 'string'}
> },
> 'required':['name'],
> 'additionalProperties': true
> }
>
> *** Valid if 'additionalProperties' is true, Invalid if
> 'additionalProperties' is false***
> {
> 'name': 'Smith',
> 'ext-region': 'US-East'
> }
>
> --
> Bruno Semperlotti
>
>
> On Thu, Jun 6, 2013 at 9:23 PM, Brant Knudson <blk at acm.org> wrote:
>
>>
>> Does OpenStack have a policy for handling of extra/unexpected arguments?
>> Examples of extra arguments are unexpected query parameters on a GET
>> request or extra fields provided in the JSON body of a POST.
>>
>> Many web APIs ignore extra arguments to make it easier to add support for
>> new features. For example, if 'GET /users' adds support for sorting with
>> 'GET /users?sort=id' , new clients will still work with old servers, they
>> just won't get the users back in sorted order.
>>
>> If we strictly validate inputs that would make it more difficult to
>> extend our APIs.
>>
>> - Brant
>>
>>
>>
>> On Sun, Jun 2, 2013 at 4:11 AM, Bruno Semperlotti <
>> bruno.semperlotti at gmail.com> wrote:
>>
>>> Hi,
>>>
>>> As a first contribution, I recently worked on a small bug about bad
>>> error response when passing incorrect parameters in API requests (
>>> #1110435 <https://bugs.launchpad.net/keystone/+bug/1110435>).
>>> There is also this other bug about bad application behavior when API
>>> requests data are incorrect or missing (#999084<https://bugs.launchpad.net/keystone/+bug/999084>
>>> )
>>>
>>> My point is that no systematic data validation seems to be made when
>>> receiving API requests, leading to potential unwanted behavior or
>>> instability.
>>>
>>> I am working on a prototype to enable simple validation of all API
>>> requests data using json schemas and the python package jsonschema<https://pypi.python.org/pypi/jsonschema>
>>> .
>>>
>>> As I am new in the openstack community and also because my work uses the
>>> json schema specification which is still a draft with a new package
>>> dependency, I was looking for some feedback about this idea before going on
>>> and filling a blueprint.
>>>
>>> Regards,
>>>
>>> --
>>> Bruno Semperlotti
>>>
>>> _______________________________________________
>>> OpenStack-dev mailing list
>>> OpenStack-dev at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>>
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130606/1a7c4266/attachment.html>
More information about the OpenStack-dev
mailing list