API Connect

API Connect

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Validation policy - how to validate the response after invoke policy

    Posted Thu May 09, 2024 10:02 AM

    I am trying to validate the request and response using parse followed by validate policy. 

    Below is a simple policy to test this one. 

     

    I am able to validate the request message properly. The setting to validate request message set to

    I am able to capture the proper error message something like this:

    Validate: temporary:///swagger/test-dev_ai-test-app_1.0.0.json:247: [JSV0002] Invalid object: the property 'xyzID' is missing.

    But when I try to validate the response message with setting

    I am not getting proper response back. The message I get is: 

    Validate: Internal Validation Error
    Any clues here?


    ------------------------------
    Sandeepkumar Rane
    ------------------------------


  • 2.  RE: Validation policy - how to validate the response after invoke policy

    Posted Thu May 16, 2024 01:36 PM

    Hi Sandeepkumar,
    The response-param should get the validation schema from your path's response object. 

      /your-path:
    get:
      responses:
        '200':
          description: success
          schema:
            type: string  <=== or a $ref to a #/definitions (OAI2) or #/components (OAI3)
      consumes: []
      produces: []

    Without seeing the API yaml file I can only speculate that the policy can't find the response schema.  Do you have access to the DataPower logs which would provide additional detail?
    Regards,
    Steve Linn



    ------------------------------
    Steve Linn
    Senior Consulting I/T Specialist
    IBM
    ------------------------------

    Original Message


  • 3.  RE: Validation policy - how to validate the response after invoke policy

    Posted Thu September 12, 2024 09:36 AM

    Hi Sandeepkumar Rane,

      I am somehow not able to get the request json validation working. I did set the  

    I did define a api param where I have created a definition referencing the request body parameter.

    Somhow my api is accepting any json request regardless of what I have defined in the schema.

    Can you please provide your suggestions. I think I might be missing something around the body parameter in the api?

    Appreciate your help and support in this matter. thanks in advance.



    ------------------------------
    Srinivas Poram
    ------------------------------

    Original Message


  • 4.  RE: Validation policy - how to validate the response after invoke policy

    Posted Thu September 12, 2024 10:44 AM

    Hi Srinivas,
    The validation of your payloads all depends upon the complexity of your schema definition in your API.  If all you have for example is an object with a number of properties which each have a specific type (string, number, boolean), then the only validation error you get is if the validation encounters a property that as a data type that is mismatched from the schema.  In other words, the request has some property "test": 1 and yet the schema defines the test property as a string.  You can add additional restrictions into your schema to indicate specific properties within an object are required, if additional properties in that object are allowed or not, and specific limitations on values, for example minimum string length, maximum string length, a regex pattern that the string must adhere to, etc.  You can review the JSON schema specification that is supported by DataPower at https://json-schema.org/draft-04/draft-fge-json-schema-validation-00.

    Otherwise, given your payloads that you are attempting to validate, what type of errors are you expecting which are not being raised?

    Best Regards,
    Steve Linn



    ------------------------------
    Steve Linn
    Senior Consulting I/T Specialist
    IBM
    ------------------------------

    Original Message


  • 5.  RE: Validation policy - how to validate the response after invoke policy

    Posted Thu September 12, 2024 12:02 PM

    Hi Steve,

      Thank you for your response.

      I am actually just testing things out and started with a very simple json schema definition with just two fields. I am familiar with the json schema definition.

     But my issue is somehow the validate policy is not throwing any error although request payload doesnt contain the json field(lets say username for example) which i have marked as required in schema definition.

    Below is the yaml code snippet where I have defined api request body parameter referencing the simple json schema definition and 

    I have also shared the assembly screenshot which has parse policy followed by validate policy with Validate against=body-param 

    Am I missing anything? I am not seeing any validation errors even if request payload is not json definition compliant and thats my issue. 

     



    ------------------------------
    Srinivas Poram
    ------------------------------

    Original Message


  • 6.  RE: Validation policy - how to validate the response after invoke policy

    Posted Thu September 12, 2024 04:20 PM

    Hi Srinivas,
    I created a new test API and used the values from your screen shot for my in: body parameter, and my end result is as expected:

    {"httpCode":"422","httpMessage":"Unprocessable Entity","moreInformation":"Validate: temporary:///swagger/swlinnorg_sandbox_test-validate-request_1.0.0.json:89: [JSV0002] Invalid object: the property 'userid' is missing."}

    and when providing only a 3 character userid in my request:

    {"httpCode":"422","httpMessage":"Unprocessable Entity","moreInformation":"Validate: temporary:///swagger/swlinnorg_sandbox_test-validate-request_1.0.0.json:97: [JSV0005] Invalid string: the minimum length must be at least 6 (got only 3)."}

    Which unfortunately the json validation schema code presently doesn't indicate the field name in this case, just that the minimum length restriction wasn't followed.  That has been a common request in the past that would require an enhancement request to be implemented.

    My simple API:

    swagger: '2.0'
info:
  title: test-validate-request
  x-ibm-name: test-validate-request
  version: 1.0.0
x-ibm-configuration:
  cors:
    enabled: true
  gateway: datapower-api-gateway
  type: rest
  phase: realized
  enforced: true
  testable: true
  assembly:
    execute:
      - parse:
          version: 2.2.0
          title: parse
          parse-settings-reference:
            default: apic-default-parsesettings
      - validate:
          version: 2.7.0
          title: validate
          graphql-error-policy: all
          compile-settings: {}
          input: message
          output: message
          validate-against: body-param
  properties:
    target-url:
      value: http://example.com/operation-name
      description: The URL of the target service
      encoded: false
  activity-log:
    enabled: true
    success-content: activity
    error-content: payload
basePath: /test-validate-request
paths:
  /validate`:
    post:
      responses:
        '200':
          description: success
          schema:
            type: string
      consumes: []
      produces: []
    parameters:
      - name: RequestMessage
        required: true
        in: body
        schema:
          title: ReqMsg
          type: object
          properties:
            userid:
              title: UserId
              type: string
              maxLength: 10
              minLength: 6
          required:
            - userid
          example: '123456'
schemes:
  - https

    So a couple questions:
    1. What version of DataPower are you using?
    2. What type of Gateway (v5 compatible or API Gateway)? Mine is the API Gateway.

    Best Regards,

    Steve Linn



    ------------------------------
    Steve Linn
    Senior Consulting I/T Specialist
    IBM
    ------------------------------

    Original Message