go-swagger - file upload - go

I'm using go-swagger for generating swagger file for our apis
I've been trying to add comments for an api that is used to upload a single file but the annotations for file and form data simply is not working
here is the comments for the said api
// swagger:route POST /admin/upload Files uploadFile
//
// Upload a file.
//
//
// Consumes:
// - multipart/form-data
//
// Produces:
// - application/json
//
// Schemes: https
//
// Deprecated: false
//
//
// Parameters:
// + name: Authorization
// in: header
// required: true
// type: string
//
// + name: file
// in: formData
// required: true
// type: file
//
// Responses:
// 200: StatusOK
// 403: Error
the generated swagger file for this:
/admin/upload:
post:
consumes:
- multipart/form-data
operationId: uploadFile
parameters:
- in: header
name: Authorization
required: true
type: string
- name: file
required: true
type: object
produces:
- application/json
responses:
"200":
description: StatusOK
schema:
$ref: '#/definitions/StatusOK'
"403":
description: Error
schema:
$ref: '#/definitions/Error'
schemes:
- https
summary: Upload a file.
tags:
- Files
as you can see it changes the file parameter type to object
anyone has any idea how I can fix this?

Related

How to describe in OpenAPI that the same response may either contain a response body, or the response body may be completely absent

Our API returns various response codes. For some response codes 4xx and above, a body may be returned. For example, an HTTP response code of 400 may be returned in several different cases described in the business logic, in some cases the response may contain a body, and in some cases the body may be completely absent.
My question is - how can I describe in the specification a situation where, for the same HTTP response code, for example, for HTTP 400, the API can return a response body or there can be no response body at all?
Addition. I am trying to describe the HTTP response code for the same endpoint.
Examples:
The response contains a body:
'400':
description: Bad Request
content:
application/json:
schema:
$ref: some_ref_here
examples:
example-1:
value:
message:
title: This email address cannot be used
detail: Use a different email address.
severity: error
headers:
Content-Type:
schema:
type: string
description: Some description.
Cache-Control:
schema:
type: string
description: Some description.
Pragma:
schema:
type: string
description: Some description.
The response does not contain a body:
'400':
description: Bad Request
headers:
Content-Type:
schema:
type: string
description: Some description.
Cache-Control:
schema:
type: string
description: Some description.
Pragma:
schema:
type: string
description: Some description.
I'm trying to specify for a 400 HTTP code that it can either contain content, or content can be completely absent.
That's the default. If the responses 'content' field is absent, it won't be validated against the provided response.
On the other hand, if you want to indicate that a response body must be present, you can do that indirectly by checking for a non-empty Content-Length or Content-Type header.

How to discover request body from Laravel to generate OpenAPI spec?

The OpenAPI spec supports request bodys (mostly useful for POST requests. etc.):
paths:
/pets:
post:
summary: Add a new pet
requestBody:
description: Optional description in *Markdown*
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Pet'
responses:
'201':
description: Created
Laravel request methods usually look something like this:
public function create(JsonRequest $request): UserResource
{
$data = $request->json()->all();
$user = User::create($data);
$user->save();
return new UserResource($user);
}
Is there a way to discover the request body (which fields it may include / requires, which types the fields have) from this to be able to include this in the API spec?

go-swagger do not validates Body in POST request

Swagger ignoring required fields in body of POST request.
Steps to reproduce:
Describe swaggerfile
swagger: "2.0"
info:
title: Sample API
description: API description in Markdown.
version: 1.0.0
host: api.example.com
schemes:
- http
paths:
/users:
post:
operationId: UserCreate
parameters:
- name: body
in: body
required: true
schema:
allOf:
- $ref: "#/definitions/ID"
- $ref: "#/definitions/User_object"
- type: object
required: # HERE! IT IS NOT WORKING
- ID
- genderCode
- birthDate
- code
produces:
- application/json
consumes:
- application/json
responses:
200:
description: "OK"
definitions:
ID:
title: ID
properties:
GUID:
type: string
description: "ID"
format: uuid
User_object:
title: User_object
properties:
genderCode:
type: string
birthDate:
type: string
format: date
code:
type: string
Generate api
swagger generate server -f swaggerfile.yaml -t api
Describe single handler:
api.UserCreateHandler = operations.UserCreateHandlerFunc(func(params operations.UserCreateParams) middleware.Responder {
return middleware.NotImplemented("MUST NOT BE PRINTED")
})
Make a request to generated api:
curl -X POST -H "Content-Type: application/json" -d '{"foo":"bar"}' localhost:{{host}}/users
Expected result:
400 Bad Request
Given result:
501 MUST NOT BE PRINTED
My personal workaround is
api.UserCreateHandler = operations.UserCreateHandlerFunc(func(params operations.UserCreateParams) middleware.Responder {
if params.Body.UserObject == (models.UserObject{}) {
return //... your BAD REQUEST type
}
return middleware.NotImplemented("MUST NOT BE PRINTED")
})

go-swagger not calling my header check

I have an api generated through go-swagger. I am trying to put in a session check it is not firing as I expected. I followed an example that I found in github but didn't seem to work for me.
My code:
// Applies when the "X-Session-Key" header is set
api.SessionKeyHeaderAuth = func(token string) (interface{}, error) {
// test the token
success := routeHandler.HandleSessionHeaderKey(token)
if success{
return nil, nil
}
//We are pessimistic, if they aren't successful then we return a 401
api.Logger("Access attempt with incorrect api key auth: %s", token)
return nil, errors.New(401, "incorrect api key auth")
}
My Yaml (for the endpoint that I am curling):
/auth/logout:
post:
summary: Logs in the user
consumes:
- application/x-www-form-urlencoded
operationId: authLogoutUser
tags:
- auth
description:
Allow users to log out and their session will be terminated
produces:
- application/json
parameters:
- in: header
name: X-Session-Key
type: string
required: true
- in: header
name: X-Profile-Key
type: string
required: true
responses:
200:
description: Login Success
headers:
ProfileKeyHeader:
type: string
description: The key for the profile data
SessionKeyHeader:
type: string
description: The key for the session data
400:
description: Whether the user is not found or error while login, decided on a generic login failure error
schema:
$ref: 'definitions.yaml#/definitions/Error'
429:
description: Too many requests and being throttled
schema:
$ref: 'definitions.yaml#/definitions/Error'
500:
description: Too many requests and being throttled
schema:
$ref: 'definitions.yaml#/definitions/Error'
Any help to see what I did incorrectly would be appreciated.
So, I was being an idiot...
The issue was that I forgot to add Security to my swagger yaml. Once I did that then my function was getting called.
operationId: authLogoutUser
tags:
- auth
description:
Allow users to log out and their session will be terminated
produces:
- application/json
security:
- SessionKeyHeader: []

How to specify alternative response formats with swagger/OpenAPI?

I have a swagger.yaml something like this:
swagger: "2.0"
paths:
/something:
get:
parameters:
- name: format
in: query
type: string
pattern: '^(csv|json|xml)$'
responses:
200:
schema:
type: ?
And I want to return different formats (csv, json, xml) depending on the value of the format query parameter (eg. localhost/api/something?format=csv).
How can I specify the different response formats in the spec?
I found a workaround, by providing different endpoints:
swagger: "2.0"
paths:
/something/json:
get:
produces:
- application/json
responses:
200:
schema:
type: object
properties:
...
/something/csv:
get:
produces:
- text/csv
responses:
200:
schema:
type: string
Note the different produces: inside each get, and none at the top level.
The actual response header for the csv endpoint is:
Content-Length:64
Content-Type:text/csv; charset=utf-8
Date:Fri, 26 Aug 2016
I have also tried adding headers to the yaml (straight after the code above), but it doesn't change the actual response header:
headers:
Content-type:
type: string
description: text/csv; charset=utf-8
Content-Disposition:
type: string
description: attachment; filename=data.csv
At either endpoint I get a console message (I am building this using connexion):
Resource interpreted as Document but transferred with MIME type application/json, or
Resource interpreted as Document but transferred with MIME type text/csv
Also, the csv is interpreted as a file to download, not displayed in the browser.
...so I suspect I haven't quite got it right yet.

Resources