search

Hilzu / express-openapi-validate

Express middleware to validate requests based on an OpenAPI 3 document
Apache License 2.0
76 stars 12 forks source link

Validate response schema #8

Closed codeclown closed 6 years ago

codeclown commented 6 years ago

To fully comply with openapi the API should also return responses according to what is defined in the spec.

I can think of two scenarios or use cases for response validation:

  1. Validate response schema in tests (best if easy to slide in to any test)
it('returns foobar name', () =>
  agent
    .get('/api/foobar')
    .expect(200)
    .then(validator.validateResponse('get', '/api/foobar'))
    .then(res => {
      assert.equal(res.name, 'Sir Smith');
    })
);
  1. Validate responses in runtime.
    • Either return a server error status code if response is not valid (probably not the best idea)
    • Or, just log a warning to console whenever an invalid response is served so devs can notice it and act upon (probably a better idea), while app still serves the response to the client
app.use(validator.logInvalidResponses());
Hilzu commented 6 years ago

I've been thinking about validating responses and I pretty much agree with you how it should work.

I'm heavily leaning towards making it easy to validate the responses in tests. Need to test it out and figure out what the API should look like.

I agree that this middleware shouldn't try to modify responses if they don't pass validations. Having an easy way to have a development time and/or opt-in response validation is something that I'm open to adding.

Hilzu commented 6 years ago

Implemented in v0.2.2