Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Support question: OpenAPI 3.0.x flow mapping workarounds

See original GitHub issue

Thanks for the great library! I’m hoping to use this instead of pyyaml when parsing OpenAPI 3.0.x documents, but I’m running into an issue with the Security Requirements Object of a path item.

From that link, emphasis mine:

Each name MUST correspond to a security scheme which is declared in the Security Schemes under the Components Object. If the security scheme is of type “oauth2” or “openIdConnect”, then the value is a list of scope names required for the execution. For other security scheme types, the array MUST be empty.

This means I’ve got paths like this:

paths:
  /users/{userId}/widgets/{widgetId}/revisions:
    post:
      operationId: createWidgetRevision
      security:
        - apiToken: []

Which fails as expected with FLowMappingDisallowed:

$ ipython
Python 3.6.5 (default, Apr  1 2018, 15:30:28) 
Type 'copyright', 'credits' or 'license' for more information
IPython 6.5.0 -- An enhanced Interactive Python. Type '?' for help.

In [1]: from strictyaml import load

In [2]: doc="""paths:
   ...:   /users/{userId}/widgets/{widgetId}/revisions:
   ...:     post:
   ...:       operationId: createWidgetRevision
   ...:       security:
   ...:         - apiToken: []"""

In [3]: load(doc)
FlowMappingDisallowed [traceback clipped]

Any recommendations? There’s also a commonly-used form for an unauthenticated method with a similar issue:

paths:
  /items/{itemId}:
    put:
      operationId: updateItem
      security:
        - {}

Issue Analytics

State:
Created 5 years ago
Reactions:1
Comments:11 (6 by maintainers)

Top GitHub Comments

3reactions

crdoconnorcommented, Sep 18, 2018

Dirty load is now available and implemented in version 0.13.0:

http://hitchdev.com/strictyaml/using/alpha/restrictions/loading-dirty-yaml/

3reactions

crdoconnorcommented, Sep 13, 2018

Yeah, I’m coming around to this idea. Except for the duplicate keys thing (I don’t think anybody would actually want that), I might create a special method for parsing disallowed YAML.

I think I’ll probably have to turn off roundtripping too, since parsing this stuff opens up a can of worms that I don’t really want to get in to.

Top Results From Across the Web

OpenAPI Compatibility Chart - ReadMe Documentation

This OpenAPI Compatibility Chart aims to document every part of the OpenAPI Specification that we do and don't support, as well as any...

OpenAPI 3.0: How to Design and Document APIs ... - YouTube

The OpenAPI Specification (OAS), based on the original Swagger 2.0 specification, has emerged as the world's standard for defining and ...

OpenAPI Specification - Version 3.0.3 - Swagger

The OpenAPI Specification defines a standard interface to RESTful APIs which allows both humans and computers to understand service capabilities without ...

F.A.Q - Springdoc-openapi

How can I map Pageable (spring-data-commons) object to correct URL-Parameter in Swagger UI? The support for Pageable of spring-data-commons is available out-of- ...

Swagger; specify two responses with same code based on ...

OpenAPI 3.x ... However, it's not possible to map specific response schemas to specific parameter values. You'll need to document these specifics ...