SwaggerEditor@next: How can I get more information about problems?

[Skeeve]

Q&A (please complete the following information)

• OS: macOS
• Browser: Vivaldi
• Version: 5.5.2805.35 (Stable channel) (x86_64)
• Method of installation:docker
• Swagger-Editor version: swaggerapi/swagger-editor:next-v5
• Swagger/OpenAPI version: OpenApi 3.0.3

Content & configuration

Swagger/OpenAPI definition:

openapi: 3.0.3
info:
  title: CSApi
  version: "1.1beta12"
  x-info: |
    - On-Demand IP Test
    - APIkey-login removed
    - Forbid leading and trailing blanks in values
    - more IP filtering
    - Complaints-Office reports
  description: API for accessing information in CSA Database
  contact:
    email: [email protected]
    name: Certified-Senders-Alliance
    url: "https://certified-senders.org"
servers:
  - url: "http://localhost:3181/api/v1"
    description: Developer instance
paths:
  /login:
    post:
      tags:
        - Open
      security: []
      summary: Logs in and returns the authentication cookie
      operationId: login
      x-mojo-to: "Authentication#login"
      requestBody:
        required: true
        description: |
          A JSON object containing credentials.
          (email address and password)
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserLogin'
            examples:
              User-Login:
                summary: User Login
                value:
                  email: "[email protected]"
                  password: "myS3cr1tPa55W0rd"
      responses:
        '200':
          description: |
            Successfully authenticated.

            The name of the cookie (CSApiAuth) is returned as the body of the request.

            The session ID is returned in that cookie.
            The cookie has to be included in subsequent requests.
          headers: 
            Set-Cookie:
              schema: 
                type: string
                example: "MyToken=abcde12345; Path=/; HttpOnly"
          content:
            application/json:
              schema:
                type: string
                example: "MyToken"
        '401':
          $ref: "#/components/responses/401_Unauthorized"
components:
  schemas:
    UserLogin:
      type: object
      required:
        - email
        - password
      properties:
        email:
          type: string
          format: email
        password:
          type: string
          minLength: 12
          maxLength: 1024
    Error:
      type: object
      required:
        - errors
      properties:
        errors:
          type: array
          items:
            type: object
            required:
              - message
            properties:
              message:
                type: string
              path:
                type: string
  responses:
    401_Unauthorized:
      description: Missing authorization
      content:
        application/json:
          schema:
            $ref: "#/components/schemas/Error"

Swagger-Editor configuration options:

I didn't change it

SwaggerEditor({
  // your config options here
})

?withCredentials=true

Screenshots

How can we help?

As there are more than 100 problems in my OpenAPI definition, I'd like to know how I can get more information about all problems encountered. I searched for the exact string as well as for the apilint number but couldn't find anything helpful yet.

[char0n]

Hi @Skeeve,

Thanks for the report. What your seeing are bugs in our linting system (one of which we already know of). Let's break it down:

This basically tells us, that The Responses Object defined by responses: fragment, contains keys (HTTP Status codes) that are unsupported. Our linting rules were missing rule for allowing 401 status code to be used. This was fixed in swagger-api/apidom@d8aa73a and now all HTTP status codes from IANA HTTP Status code registry are allowed. Also in future if you use non-supported HTTP Status code the following message (with better description what is wrong) will be displayed:

Responses Object uses HTTP Status Codes outside of allowed IANA HTTP Status code registry

Given that 401 code was not supported (explanation above), the object attached to that code was not parsed semantically as a Response Object. This triggered lint rule which checks if all the Responses Object values are actually Response Objects.

---

Fixes for the the fixture you provided have been released in [email protected]. The release was also deployed to https://editor-next.swagger.io/. Your fixture shouldn't now trigger any linting errors.

As there are more than 100 problems in my OpenAPI definition,

Please create separate issues with minimal OpenAPI definition fixture demonstrating the problem. We'll eliminate them one by one.

I'd like to know how I can get more information about all problems encountered. I searched for the exact string as well as for the apilint number but couldn't find anything helpful yet.

There are no more information available at this point, except for the linting message itself. If the linting message is not understandable please report it via GitHub issues, as we'll address it.

[Skeeve]

Thanks a lot for the clear explanation and your prompt support.

I will, starting Monday, report any more issues I found.