Support for Status Code and Header validation in response.

[efabris]

I defined a path in my "openapi.yml" with a response defined in this way:

      responses:
        '302':
          headers:
            Location:
              schema:
                type: string
                format: uri
          description: Authorization Response

However if i send back an empty response with a different error code, or if I send back a "302 "response with "Location" header set to a non URL string, no errors are triggered also if i set "validateResponses" to "true".

Looking in the repo code I cannot find the validation of status code and header in the response. Is this supported?

If no, i think that this type of validation could be very useful to avoid broking api specification and i think that i can work to add this type of validation, if this issue is approved as an enhancement request.

[cdimascio]

@efabris currently, only the body is validated in the response. this should be improved. would you be interested in taking a first attempt at a solution?

These are some key points to improve: (effectively the header schema must be added to the validation functions, then later the headers must be provided as input when the validation function is executed) https://github.com/cdimascio/express-openapi-validator/blob/master/src/middlewares/openapi.response.validator.ts#L249

https://github.com/cdimascio/express-openapi-validator/blob/master/src/middlewares/openapi.response.validator.ts#L172

[efabris]

@cdimascio absolutely. I will start working on it tonight.

[cdimascio]

@efabris how are things going? feel free to reach out on gitter if you need help. best

[efabris]

@cdimascio sorry but after a first look, I no longer had time to continue. The new arrival in the family, my daughter, and my job keep me very busy. I hope to be able to work on it in July.

[cdimascio]

@efabris congrats on the new arrival! let me know if you decide to pick it up in july