connexion
connexion copied to clipboard
spec-first
OAS 3.0<>Swagger 2.0 Mismatch with FormData Binary Payloads
Description
When using Swagger 2.0 we can define our binary payloads like this:
- description: The file payload
format: document
in: formData
name: payload
required: true
type: file
Meaning the file would get validated as a file and if you used jsonschema's draft4_format_checker extensions, you would get a File-Like object as input.
def add_checks():
"""Extend connexion's default validation with additional checks
"""
def check_payload(payload):
"""Check whether the uploaded document is supported."""
check = validate_mimetype(payload)
payload.seek(0)
return check
draft4_format_checker.checks('binary')(check_payload)
Now using the OAS 3.0 spec, we define formdata payloads this way:
requestBody:
content:
multipart/form-data:
schema:
type: object
properties:
payload:
description: The file payload
format: binary
type: string
required:
- payload
Meaning that when validating the request the file is expected to be a string. As a hack, we now replace the File-Like objects with empty strings. This code only gets executed if the consumed mimetype (that we now need to define by the OAS 3.0 spec) is in the FORM_CONTENT_TYPES list. https://github.com/spec-first/connexion/blob/main/connexion/decorators/validation.py#L173
Because of this line and the changed spec our extended validation doesn't work anymore as it just validates an empty string. This creates a mismatch between OAS 3.0 and Swagger 2.0 functionality.
Expected behaviour
The File-Like or bytestring object gets prompted during validation.
Actual behaviour
Empty string gets validated.
Steps to reproduce
See above code scripts.
Additional info:
Output of the commands:
python --version- Python 3.8
pip show connexion | grep "^Version\:"- 2.13.0
