Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Add ability to ignore validation on routes to avoid 404 status for undocumented routes
See original GitHub issueI have added this library to an existing express project, however, not all the existing endpoints are documented in my OAPI spec. In this scenario, all the existing endpoints which are not documented are flagged by the SecurityValidator as non-existent. Is there a way to allow undocumented routes to bypass this middleware?
My installation
new OpenApiValidator({
apiSpec: spec,
validateRequests: true,
// validateResponses: false
}).install(app);
app.use((err, req, res, next) => {
// format error
if (typeof err.toJSON !== 'undefined') {
res.status(err.status || 500).json({
message: err.message,
errors: err.errors,
});
return;
}
next(err);
});
Stack trace
Error: not found
at Object.validationError (/usr/src/api/node_modules/express-openapi-validator/dist/middlewares/util.js:42:25)
at /usr/src/api/node_modules/express-openapi-validator/dist/middlewares/openapi.security.js:16:32
at Layer.handle [as handle_request] (/usr/src/api/node_modules/express/lib/router/layer.js:95:5)
at trim_prefix (/usr/src/api/node_modules/express/lib/router/index.js:317:13)
at /usr/src/api/node_modules/express/lib/router/index.js:284:7
at Function.process_params (/usr/src/api/node_modules/express/lib/router/index.js:335:12)
at next (/usr/src/api/node_modules/express/lib/router/index.js:275:10)
at /usr/src/api/node_modules/express-openapi-validator/dist/middlewares/openapi.multipart.js:37:13
at Layer.handle [as handle_request] (/usr/src/api/node_modules/express/lib/router/layer.js:95:5)
at trim_prefix (/usr/src/api/node_modules/express/lib/router/index.js:317:13)
at /usr/src/api/node_modules/express/lib/router/index.js:284:7
at Function.process_params (/usr/src/api/node_modules/express/lib/router/index.js:335:12)
at next (/usr/src/api/node_modules/express/lib/router/index.js:275:10)
at /usr/src/api/node_modules/express-openapi-validator/dist/middlewares/openapi.metadata.js:20:10
at Layer.handle [as handle_request] (/usr/src/api/node_modules/express/lib/router/layer.js:95:5)
at trim_prefix (/usr/src/api/node_modules/express/lib/router/index.js:317:13)
at /usr/src/api/node_modules/express/lib/router/index.js:284:7
at Function.process_params (/usr/src/api/node_modules/express/lib/router/index.js:335:12)
at next (/usr/src/api/node_modules/express/lib/router/index.js:275:10)
at /usr/src/api/src/middleware/authorization.ts:53:9
at Layer.handle [as handle_request] (/usr/src/api/node_modules/express/lib/router/layer.js:95:5)
at trim_prefix (/usr/src/api/node_modules/express/lib/router/index.js:317:13)
at /usr/src/api/node_modules/express/lib/router/index.js:284:7
at Function.process_params (/usr/src/api/node_modules/express/lib/router/index.js:335:12)
at next (/usr/src/api/node_modules/express/lib/router/index.js:275:10)
at /usr/src/api/node_modules/express-jwt/lib/index.js:128:7
at /usr/src/api/node_modules/async/lib/async.js:52:16
Based on my inspection of the code, the security middleware is installed if there are any security options present in the OAPI spec. It would be helpful if there were an option to bypass the installation of security middleware for undocumented routes.
Issue Analytics
- State:
- Created 4 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Swagger with Spring Boot 2.0 leads to 404 error page
First add SwaggerConfig.java file at the same package of your springboot file like the following example.
Read more >Handling Errors - FastAPI
The status codes in the 400 range mean that there was an error from the client. Remember all those "404 Not Found" errors...
Read more >Handling 404 Routes in React with a Not Found component
In this post you'll learn how to handle 404 routes in React Router and provide a fallback component for displaying an imfamous 404...
Read more >Requests and Actions - Lapis Reference Manual - leafo.net
These routes match the URLs verbatim. The leading / is required. The route must match the entire path of the request. That means...
Read more >HTTP Routing | Heroku Dev Center
Additionally, while HTTP/1.1 requests and responses are expected to be keep-alive by default, if the initial request had an explicit connection: ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@cdimascio
Yes, that’s the issue. The affected routes are children of the base path which I haven’t documented yet. As @Aidenir mentioned, it would be nice to incrementally apply validation by documenting existing endpoints.
I was thinking of a flag that would skip over undocumented routes, but the
ignoreRoutesyou mention is probably more flexible and useful for other purposes.@supercoffee @Aidenir please give
v2.18.0a try.ignorePathsis available there