[BUG] python-flask ignores missing required fields, and values that don't match enum
Created by: mdavis-xyz
Bug Report Checklist
-
Have you provided a full/minimal spec to reproduce the issue? -
Have you validated the input using an OpenAPI validator (example)? -
What's the version of OpenAPI Generator used? -
Have you search for related issues/PRs? -
What's the actual output vs expected output? -
[Optional] Bounty to sponsor the fix (example)
Description
python-flask
does not raise errors when required fields are missing, or they don't match a value in an enum.
openapi-generator version
openapi-generator-cli 5.0.0-SNAPSHOT
commit : 068ad02
built : 2020-07-02T17:04:18Z
OpenAPI declaration file content or url
---
swagger: "2.0"
info:
description: "API for demonstrating unit test bug"
version: "1.0.0"
title: "MWE"
host: "example.com"
basePath: "/v1"
schemes:
- "http"
paths:
/example:
post:
description: "sample call"
operationId: "sample_post"
consumes:
- "application/json"
produces:
- "application/json"
responses:
"201":
description: "pending"
schema:
$ref: "#/definitions/example-post-response"
definitions:
example-post-response:
type: "object"
required:
- "user"
properties:
user:
type: "string"
example: "User A"
description: "The user who initiated the request"
enum:
- "User B"
- "User A"
Command line used for generation
docker run --rm \
-v $PWD:/local \
openapitools/openapi-generator-cli \
generate \
-i /local/mwe.yaml \
-g python-flask \
-o /local/out-mwe \
--package-name example
Steps to reproduce
- Generate the code
- Modify
example/controllers/default_controller.py
. Replacedo some magic
to instead returnExamplePostResponse()
pip install -e output_dir
- Run
python -m example
- in another terminal run
curl http://localhost:8080/v1/example -d "param1=value1¶m2=value2" -X POST -v
- Note what's logged in both terminals
- Retry, but with
ExamplePostResponse(user='value not in enum')
expected behavior
At step 5 the server code should fail to instantiate ExamplePostResponse()
, because required field user
is missing.
It should catch this error and return 5XX to curl.
At step 7 the server should fail to instantiate ExamplePostResponse()
because the field user
has a value that's not in the enum. It should catch this error and return 5XX to the curl.
actual behavior
No error thrown at step 5 or 7. The server returns a non-compliant payload. (Also the HTTP 200 status is not one allowed in the spec.)
Related issues/PRs
-
unit tests fail out of the box because required arguments are not included
-
someone added something to do with enums in flask. The version I'm using doesn't include that part, but it looks like it provides something you could use, but isn't used automatically out of the box.
Suggest a fix
Something like:
for each field:
if field is required and field is not specified:
raise ValueError
if field is an enum, and value not in enum:
raise ValueError
Add that here: