x-http-method-override header support not present creating issues

[sinsharat]

Content & configuration

Swagger/OpenAPI definition:

 '/toneprovide/catalogs':
    post:
      summary: browse a catalog/category (post method made get via override header)
      description: API interaction for browsing a category
      operationId: browseCatalogs
      tags:
        - catalog-management
      consumes:
        - application/json
      produces:
        - application/json
      parameters:
        - in: header
          name: X-HTTP-Method-Override
          type: string
          required: true
        - in: query
          name: startRecord
          description: start record of the category
          required: true
          type: string
          pattern: '\d{1,8}'
        - in: query
          name: total
          description: Total numbers of categories to be fetched
          required: true
          type: string
          pattern: '\d{1,5}'
        - in: body
          name: browseCatalog
          description: browse catalog information
          required: true
          schema:
            $ref: '#/definitions/BrowseCatalog'
      responses:
        '200':
          description: Success
          headers:
            x-huawei-rbt-total-count:
              type: string
              description: Total cont available for the requested resource.
          schema:
            type: object
            required:
              - status
              - count
              - type
              - results
            properties:
              status:
                type: string
              count:
                type: integer
                format: int64
              type:
                type: string
              results:
                type: array
                items:
                  $ref: '#/definitions/CatalogInfo'
        '400':
          description: Bad Request
          schema:
            $ref: '#/definitions/ErrorResponse'
        '401':
          description: Unauthorized
          schema:
            $ref: '#/definitions/ErrorResponse'
        '403':
          description: Forbidden
          schema:
            $ref: '#/definitions/ErrorResponse'
        '500':
          description: Internal Server Error
      externalDocs:
        url: 'http://api.example.com/docs/user-operations/categories'
        description: Learn more about Video operations provided by this API.
    post:
      summary: Add a catalog/category
      description: API interaction for operator adding a category
      operationId: addCatalog
      tags:
        - catalog-management
      consumes:
        - application/json
      produces:
        - application/json
      parameters:
        - in: body
          name: catalog
          description: catalogInformation
          required: true
          schema:
            $ref: '#/definitions/Catalog'
      responses:
        '200':
          description: Success
          schema:
            type: object
            required:
              - status
              - count
              - type
              - results
            properties:
              status:
                type: string
              count:
                type: integer
                format: int64
              type:
                type: string
              results:
                type: array
                items:
                  type: string
        '400':
          description: Bad Request
          schema:
            $ref: '#/definitions/ErrorResponse'
        '401':
          description: Unauthorized
          schema:
            $ref: '#/definitions/ErrorResponse'
        '403':
          description: Forbidden
          schema:
            $ref: '#/definitions/ErrorResponse'
        '500':
          description: Internal Server Error
      externalDocs:
        url: 'http://api.example.com/docs/user-operations/categories'
        description: Learn more about Video operations provided by this API.

### Is your feature request related to a problem?
Generally PUT, DELETE and PATCH methods are not supported at the production servers. To handle this we use POST with x-http-method-override in server code to handle PUT, POST and DELETE methods. Sometimes GET request as POST as well for request which required passing too many filter requests.
### Describe the solution you'd like
<!-- A clear and concise description of what you want to happen. -->
Swagger as of now does not allow multiple POST requests for a single Url even though header difference is there.
So the only option stays here to specify them as POST, PUT, DELETE and GET only.

The issue this creates is while generating client code using swagger-codegen-cli as it create sending request for the specified methods as per the document.
### Describe alternatives you've considered
<!--
  A clear and concise description of any alternative solutions or features
  you've considered.
-->
Request you to provide how the problem can be solved.
Can such feature support be expected in future. As such issues are making using swagger un-usable.

[leggsimon]

@sinsharat do you mind just correcting the code block in this issue description? The main content is in your yaml. I think you’re just missing the 3 backticks

[sinsharat]

@leggsimon Sorry i didn't understand what you meant. The only issue in this swagger code snippet is that the first method is marked as post. If i change it to get it works fine. But since GET should not have body i wanted to make it a POST request with X-HTTP-Method-Override=GET. Similarly for X-HTTP-Method-Override=PUT and X-HTTP-Method-Override=DELETE with Request method as POST for PUT and DELETE requests respoectively as the PUT and DELETE requests are blocked at many customer site deployments for security. The real issue i am talking here is the X-HTTP-Method-Override support not present. The above code snippet gives error in swagger but works actually with spring.

[leggsimon]

@sinsharat I just meant that you’re missing ``` at the end of the actual yaml code bit. If you scroll down on your code block the “### Is your feature request related to a problem?” is at the bottom. if you put ``` before that it should move that text outside the code block

[leggsimon]

I wouldn’t have thought this is something that is likely to be supported. I don’t know much about this X-HTTP-Method-Override header but as I understand it it really just becomes an implementation detail of the internals of your API.

The only way you can interact with your API is via POST requests. The fact that internally your API requires a certain header to be set would make it a required header to your POST endpoint sure but other than that I’m not sure how you would expect this to be documented?

In my eyes it would essentially be documented the same way as a GET endpoint that accepts one of 4 types of query parameter for example. I think the only thing we could reasonably expect for this case from this project would be to have multiple examples which I think could help your case. If it would then that issue is being tracked in #2651

[sinsharat]

@leggsimon sorry for the late reply. Yes in a way i would want to support multiple POST requests for a single url distinguished by different params/headers to over come the blocking of PUT and DELETE request. I don't think this is currently supported.

[slst19]

@leggsimon @sinsharat Is there any workaround to make this work.

[tomqwpl]

I would second this request. Consider the case where you are trying to describe multiple methods in this way. In the openapi spec you have to describe one operation and then add to it the union of all things you can do with DELETE, PUT, GET etc. This makes it very unclear what applies to what. The problem is particularly problematic when it comes to then generating a client using a code generator. What you would like to end up with is a client generated that has separate methods for GET, PUT DELETE etc, and just sets the appropriate override header. I would like the override header to be hidden and not something that the user of the client has to worry about.