I'm working on an Apigee proxy which has 2 different endpoints which have different base paths but provide similar functionality. Since the base path of the 2nd proxy endpoint is just '/' but the spec contains the full path, the OAS validation policy throws an error that 'POST operation is not available on the path.'. I have tried updating the request URL, the proxy path suffix but none of that works.
Infact as per the Apigee documentation if the <Source> is "message" it should consider the updated data for validation as per policies applied to it but this too doesn't work. It still considers the original proxy pathsuffix and throws the same error.
Is there a solution to either skip checking path for the proxy? Or considering the full URL/base path for OAS validation.
Since the base path of the 2nd proxy endpoint is just '/' but the spec contains the full path, the OAS validation policy throws an error that 'POST operation is not available on the path.'.
Are you using OpenAPI Spec v3.0 or v2.0 ? In OAS 3.0.x, you use the servers array to specify one or more base URLs for your API. This replaces the host, basePath and schemes keywords used in OpenAPI 2.0.
I just tried this in my Apigee X, and ... using OpenAPI Spec 3.0.1 , it works as expected
endpoint1 | endpoint2 | |
---|---|---|
basepath | /oas-two-specs/1 | /oas-two-specs/2 |
spec | example-1.yaml | example-2.yaml |
allowed paths | GET /products GET /products/{product-id} |
GET /members GET /members/{member-id} |
My specs are like this:
openapi: '3.0.1'
info:
description: 'This is a sample Server.'
version: 1.0.0
title: OpenAPI Specification for testing
servers:
- url: https://example.io/api/v3
paths:
/products/{product-id}:
get:
...
/products:
get:
...
Results
Request | result |
---|---|
GET /oas-two-specs/1/products | 200 OK |
GET /oas-two-specs/1/members | 500 OAS Validation failed |
GET /oas-two-specs/1/products/abc-12 | 200 OK |
GET /oas-two-specs/2/members | 200 OK |
GET /oas-two-specs/2/products |
500 OAS Validation failed |
All of this is as expected.
When I convert the 2nd proxy endpoint to use a BasePath of / in the ProxyEndpoint definition, it still works, as expected. It passes all "valid" requests and rejects invalid ones.
Request | result |
---|---|
GET /oas-two-specs/1/products | 200 OK |
GET /oas-two-specs/1/members | 500 OAS Validation failed |
GET /oas-two-specs/1/products/abc-12 | 200 OK |
GET /oas-two-specs/2/members | 500 OAS Validation failed |
GET /members | 200 OK |
GET /products | 500 OAS Validation failed |
Maybe you are doing something different?
In case it was not clear, the OASValidation policy validates that the verb + request path (minus the basepath) matches one of the verb + path patterns defined in the OpenAPI Specification. (doc)
working example attached.