Solved: Re: Apigee json schema validation

Fasaiel · 12-16-2022 12:04 PM

Hello

Currently, we are searching ways to refine and optimize our APIs. One of what we are looking for is to make json schema validation for queries, URIs for related APIs.

Is there any suggestions about how to implement this idea as l’m not able yet to find a good solution to go with it.

all answers are appreciated

thanks in advance,

Fasaiel

dchiesa1

OpenAPI Spec often includes JSON Schema. IF you are using OpenAPI Spec (fka Swagger spec) , then you can use the OASValidation policy that is builtin to APigee to get the implicit JSON schema validation.

If you don't have an OpenAPI Spec and you just want to validate a JSON payload against a schema, you need to use a Java callout or JS callout to do so. Here's an example: https://github.com/DinoChiesa/ApigeeEdge-Java-Validate-JSON-Schema

I suggest you search the Apigee community archives for more info and context. I believe this question has been discussed before.

View solution in original post

dchiesa1

OpenAPI Spec often includes JSON Schema. IF you are using OpenAPI Spec (fka Swagger spec) , then you can use the OASValidation policy that is builtin to APigee to get the implicit JSON schema validation.

If you don't have an OpenAPI Spec and you just want to validate a JSON payload against a schema, you need to use a Java callout or JS callout to do so. Here's an example: https://github.com/DinoChiesa/ApigeeEdge-Java-Validate-JSON-Schema

I suggest you search the Apigee community archives for more info and context. I believe this question has been discussed before.

Fasaiel

It’s seems like what I’m looking for . I will do investigation on it then I will write here my updates .

one thing that I’ve found but I’m not sure about how I can use it. What about the property set policy. Can I use it for validating queries parameters that common in all relevant API’s? Hopefully its clear to you

dchiesa1

@Fasaiel wrote:

What about the property set policy.

There is a thing called propertysets in Apigee, but it is not a policy. I think we call them "resources". Propertyset is a type of resource within a proxy.

Propertysets are a good way to pass a set of key/value pairs to a proxy. You can define settings like URLs or encoded keys, or any other values, and the propertyset mechanism will just load all of those values into pre-defined context variables. Your proxy can then just refer to those variables when handling requests. So it's pretty handy.

I don't see how you could use propertysets for validating that there are some common queryparams.

I guess you could have some boilerplate JavaScript which gets used by "every proxy", and it would refer to the set of required query params. You could follow a convention in which every proxy must have a propertyset that defines the list of required queryparams for that particular proxy. And then the JS would just do the validation.

This would validate only the presence of queryparams; it wouldn't validate the JSON schema of any payloads.

And you'd have to build the logic to validate the qparams yourself. This might be a small job, but I wanted to point it out.

AnkitD

@dchiesa1
I tried to import the proxy which is present in the git location : https://github.com/DinoChiesa/ApigeeEdge-Java-Validate-JSON-Schema/tree/main

Ots not importing first i was getting error because of below config
<ClassName>com.google.apigee.edgecallouts.jsonschema.ValidatorCallout</ClassName>
<ResourceURL>java://edge-custom-json-schema-validator-1.0.3.jar</ResourceURL>
In resource folder it was "edge-custom-json-schema-validator-20200203.jar "

When i changed the name in the policy
</Property>
</Properties>
<ClassName>com.google.apigee.edgecallouts.jsonschema.ValidatorCallout</ClassName>
<ResourceURL>java://edge-custom-json-schema-validator-20200203.jar</ResourceURL>
</JavaCallout>

Then I am getting below error:
"Error in deployment for environment dev.
The revision is deployed, but traffic cannot flow

Please can you import and check once thanks.

dchiesa1

let me have a look -

it sounds like I had not updated the version of the JAR in the policy configuration, when I last updated the jar. You did the right thing to correct that.

As regards the "traffic cannot flow" - that is a different problem. Let me look into it. There have been some changes in the permissions settings for Apigee for Java-based custom policies. What version of Apigee are you using?

Also, stepping back - what is the purpose of validating a payload against a JSON schema? Are you using an OpenAPI Spec? Did you know the OASValidation policy in Apigee does this schema validation for you automatically? Is that policy unsuitable for your purposes, for some reason?

ps: I think those two users you pinged..... are bots. They each "like" every post (literally every one), but never reply to anything.

AnkitD

@Fasaiel
@jestevao @Shojan
Please let me know did you also face the similar issue, or it works for you?

AnkitD

Thanks @dchiesa1 for the response.

As we legacy API that uses swagger 2.0 as well so we can't use OASValidation policy.

we found alternative option to convert swagger2.0. to openAPI3.0 using node module , but it seems like converting is not seemless we are seeing some issue as swagger file was not created properly .

So we thought of using jar file , please suggest what is the better way to do it?