Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

connexion.FlaskApp.add_api() validate_responses enables also strict_validation. #1602

Closed
MiltiadisKoutsokeras opened this issue Oct 13, 2022 · 3 comments
Closed

connexion.FlaskApp.add_api() validate_responses enables also strict_validation. #1602

MiltiadisKoutsokeras opened this issue Oct 13, 2022 · 3 comments

Comments

@MiltiadisKoutsokeras
Copy link

Description

Setting validate_responses=True in connexion.FlaskApp.add_api() also enables parameters validation as if strict_validation is enabled.

Expected behaviour

validate_responses=True should only enable response validation, without validating parameters.

Actual behaviour

Setting validate_responses=True in connexion.FlaskApp.add_api() also enables parameters validation as if strict_validation is enabled.

Steps to reproduce

Use this example:

main_app = FlaskApp(import_name='Some name here', debug=debug_mode, specification_dir='path/to/spec_dir/')
main_app.add_api(specification='path/to/spec_dir/openapi.yaml',validate_responses=True,strict_validation=False)

Additional info:

Output of the commands:

  • python --version = Python 3.9.2
  • pip show connexion | grep "^Version\:" = Version: 2.13.1
@RobbeSneyders
Copy link
Member

Hi @MiltiadisKoutsokeras, could you provide a minimal reproducible example?

Note that parameter validation is enabled by default. strict_validation only controls if parameters not defined in the spec are rejected.

@MiltiadisKoutsokeras
Copy link
Author

MiltiadisKoutsokeras commented Oct 18, 2022
edited
Loading

Hello and sorry for the delayed response.

If I set validate_responses and strict_validation to False then no parameter validation is performed on JSON request bodies before reaching my code in the endpoint handler. Maybe you refer to path/query parameters? I would like to enable request body and response validation on their own according to my deployment (debug, production, etc). Is it possible to enable JSON schema validation to JSON responses only?

By the way I need to be able to disable the default validation prior reaching my endpoint handler, bacause it seems to hang for ever on larger schemas with a lot of external references. The same schemas work as expected if I manually perform the validation with jsonschema.

Hangs like this:

DEBUG:connexion.decorators.validation:http://127.0.0.1:5000/some/endpoint validating schema...

I will try to create a minimal example project and share it once I find the time.

@RobbeSneyders
Copy link
Member

I was indeed referring to query parameters, as strict_validation only affects those.

Request body validation is enabled by default and validate_responses should not affect it. The easiest way to deactivate it is probably to pass a dummy custom validator (docs). This will be easier in Connexion 3.0.

Connexion has some difficulty handling references in the specification (#254), although I can't recall it just hanging.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RobbeSneyders @MiltiadisKoutsokeras