Skip to content

Latest commit

 

History

History
75 lines (48 loc) · 5.26 KB

json-validation.md

File metadata and controls

75 lines (48 loc) · 5.26 KB
description
This page provides the technical details of the JSON Validation policy

JSON Validation

Overview

You can use the json-validation policy to validate JSON payloads. This policy uses JSON Schema Validator. For more information about JSON Schema Validator, go to json-schema-validator.

When request validation fails, it returns 400 BAD REQUEST and when response validation fails, with a custom error message body, it returns 500 INTERNAL ERROR. It can inject processing report messages into request metrics for analytics.

Functional and implementation information for the json-validation policy is organized into the following sections:

Examples

{% hint style="warning" %} You can apply this policy to only v2 APIs and v4 HTTP proxy APIs. You cannot apply this policy to v4 message APIs or v4 TCP proxy APIs. {% endhint %}

{% tabs %} {% tab title="HTTP proxy API example" %} Sample policy configuration:

{
	"errorMessage": "Json payload invalid",
	"schema": "{\"title\": \"Person\", \"type\": \"object\", \"properties\": {\"name\": {\"type\": \"string\"}}, \"required\": [\"name\"]}",
	"validateUnchecked": false,
	"deepCheck": false,
	"straightResponseMode": false
}

{% endtab %} {% endtabs %}

Configuration

Phases

the json-validation policy supports the the phases that are checked below:

v2 PhasesCompatible?v4 PhasesCompatible?
onRequestfalseonRequestfalse
onResponsefalseonResponsefalse
onRequestContenttrueonMessageRequestfalse
onResponseContenttrueonMessageResponsefalse

Options

You can configure the json-validation policy with the following options:

PropertyRequiredDescriptionTypeDefault
scopetruePolicy scope from where the policy is executedPolicy scopeREQUEST_CONTENT
errorMessagetrueCustom error message in JSON format. Spel is allowed.string{"error":"Bad request"}
schematrueJson schema.string
deepCheckfalseValidate descendant even if JSON parent container is invalidbooleanfalse
validateUncheckedfalseUnchecked validation means that conditions which would normally cause the processing to stop with an exception are instead inserted into the resulting report. Warning: this means that anomalous events like an unresolvable JSON Reference, or an invalid schema, are masked!.booleanfalse
straightRespondModefalseOnly for RESPONSE scope. Straight respond mode means that responses failed to validate still will be sent to user without replacement. Validation failures messages are still being written to the metrics for further inspection.booleanfalse

Compatibility matrix

The following table shows is the compatibility matrix for API Management (APIM) and the json-validation policy:

Plugin VersionSupported APIM versions
1.xAll

Errors

PhaseHTTP status codeError template key
onRequestContent400

Invalid payload

Invalid JSON schema

Invalid error message JSON format

onResponseContent500

Invalid payload

Invalid JSON schema

Invalid error message JSON format

To override the default response provided by the policy, you can use the response template feature. These templates must be defined at the API level. For more information about the templates, see the API Console Response Templates option in the API Proxy menu.

The policy sends the following error keys:

KeyParameters
JSON_INVALID_PAYLOAD-
JSON_INVALID_FORMAT-
JSON_INVALID_RESPONSE_PAYLOAD-
JSON_INVALID_RESPONSE_FORMAT-

Changelogs

{% @github-files/github-code-block url="https://github.com/gravitee-io/gravitee-policy-json-validation/blob/master/CHANGELOG.md" %}