Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Overriding oas3-schema for a path doesn't resolve errors on parent paths #2334

Open
bhrutledge opened this issue Nov 9, 2022 · 0 comments
Open

Overriding oas3-schema for a path doesn't resolve errors on parent paths #2334

bhrutledge opened this issue Nov 9, 2022 · 0 comments
Labels
reviewed-medium Medium bug was reviewed & kept as medium t/bug Something isn't working triaged

Comments

@bhrutledge
Copy link

Describe the bug
My OpenAPI 3.0 spec includes template variables for the authorizationCode URLs, which are supplied at runtime by the implementation. This causes errors with the default configuration:

 1150:13  error  oas3-schema  Invalid security scheme.                                        components.securitySchemes.Cognito
 1152:13  error  oas3-schema  Property "flows" is not expected to be here.                    components.securitySchemes.Cognito.flows
 1154:29  error  oas3-schema  "authorizationUrl" property must match format "uri-reference".  components.securitySchemes.Cognito.flows.authorizationCode.authorizationUrl
 1155:21  error  oas3-schema  "tokenUrl" property must match format "uri-reference".          components.securitySchemes.Cognito.flows.authorizationCode.tokenUrl

Looking at the overrides docs, I was able to silence the uri-reference errors. However, the higher-level errors remain.

To Reproduce

  1. Given this OpenAPI/AsyncAPI snippet
components:
  securitySchemes:
    Cognito:
      type: oauth2
      flows:
        authorizationCode:
          authorizationUrl: '{{ auth_url }}/login'
          tokenUrl: '{{ auth_url }}/oauth2/token'
          scopes: {}
  1. And this .spectral.yaml
formats:
  - oas3.0
extends:
  - - "spectral:oas"
    - all
overrides:
  - files:
      - "**#/components/securitySchemes/Cognito/flows/authorizationCode/authorizationUrl"
      - "**#/components/securitySchemes/Cognito/flows/authorizationCode/tokenUrl"
    rules:
      oas3-schema: "off"
  1. Run this CLI command
npx spectral lint api.yaml
  1. See error
 1150:13  error  oas3-schema  Invalid security scheme.                      components.securitySchemes.Cognito
 1152:13  error  oas3-schema  Property "flows" is not expected to be here.  components.securitySchemes.Cognito.flows

Expected behavior
No linting errors

Environment (remove any that are not applicable):

  • Spectral version: 6.6.0

Additional context

I can work around this by disabling validation for the whole scheme:

overrides:
  - files:
      - "**#/components/securitySchemes/Cognito"
    rules:
      oas3-schema: "off"

But that feels like a hack, and would miss other validation failures.
@mnaumanali94 mnaumanali94 added t/bug Something isn't working p/medium labels Nov 17, 2022
@matty-v matty-v added the reviewed-medium Medium bug was reviewed & kept as medium label Mar 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
reviewed-medium Medium bug was reviewed & kept as medium t/bug Something isn't working triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bhrutledge @matty-v @mnaumanali94