search

python-openapi / openapi-core

Openapi-core is a Python library that adds client-side and server-side support for the OpenAPI v3.0 and OpenAPI v3.1 specification.
BSD 3-Clause "New" or "Revised" License
287 stars 131 forks source link

[Bug]: Numerical strings are accepted as integers #819

Open Alopalao opened 3 months ago

Alopalao commented 3 months ago

Actual Behavior

String numerical values ("10") are accepted as integers.

Expected Behavior

Unmarshal request should return an error.

Steps to Reproduce

api.yml

openapi: 3.0.0
info:
  title: test
  version: '0.1'
servers:
  - url: /test
paths:
  /sending:
    put:
      summary: Send integer
      requestBody:
        content:
          application/json:
            schema:
              type: object
              additionalProperties: false
              properties:
                my_integer:
                  type: integer
      responses:
        200:
          description: Ok.

test_request.py

import json
from openapi_core import OpenAPI
from openapi_core.contrib.starlette import StarletteOpenAPIRequest
from starlette.requests import Request

def starlette_request(path: str):
    return Request({
        "type": "http",
        "method": "PUT",
        "path": path,
        "headers": [(b"content-type", b"application/json; charset=utf-8")],
        "query_string": "",
    })

body = json.dumps({"my_integer": "10"})
spec = OpenAPI.from_file_path("api.yml")
request = StarletteOpenAPIRequest(starlette_request("/test/sending"), body=body)
result = spec.unmarshal_request(request)
print(result.errors)

OpenAPI Core Version

0.19.0

OpenAPI Core Integration

starlette

Affected Area(s)

Unmarshaling

References

Reading the guide for OpenAPI 3.0.0 from swagger, it states that numbers in strings are not accepted as integers.

Anything else we need to know?

Is this a feature? Previously this was not the case and I found out about this change because I updated from 0.16.6 to 0.19.0.

Would you like to implement a fix?

None