API Designer Collection Validation Incorrect with Request Header

darren.capner · June 23, 2020, 3:50am

I find the API Designer collection validation great. Though I believe there is a bug with it.

When I have a API spec in OpenAPI 3.0 in yml format, with the following section defined, the collection validation indicates an error that the Content-Type should be removed from the collection even though the API Spec and Collection both show that it should be there.

Would this happen to be with specifying the security attribute in the request?

...
security:
  - authorizer: []
...
securitySchemes:
    authorizer:
      type: "apiKey"
      name: "Authorization"
      in: "header"
      x-amazon-apigateway-authtype: "custom"

The collection was generated from the API Spec without modification before validating through API Designer.

API Spec Snippet:

/resetpassword:
    post:
      summary: Reset Password
      operationId: resetPassword
      security:
        - authorizer: []
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/ResetPasswordRequest"
            example:
              username: "{{USER_NAME}}"
              oldPassword: "{{PASSWORD}}"
              newPassword: "{{NEW_PASSWORD}}"
        required: true
      responses:
        200:
          description: "200 response"
          content: 
            application/json:
              schema:
                $ref: "#/components/schemas/ResetPasswordResponse"
              example:
                status: 200
                code: 2003
                message: "Password reset successfully."

Collection Request for ResetPassword Headers:

Content-Type:application/json
Authorization:{{ACCESS_TOKEN}}

Collection Validation Web Page for ResetPassword:

Thank you for your time and help.

sankalp0o · June 23, 2020, 10:25am

Thanks for the feedback @darren.capner, this does not seem right and we’ll take a look at it right away.

Apart from that, did you face any other issues? Or anything else we can do to make this flow more useful?

darren.capner · June 23, 2020, 12:58pm

Thank you, I am very happy your team is working on it.

I did find another issue while using this feature that I could not understand just from seeing the validation issue page. I have documented the scenario and problem here API Designer Collection Validation Incorrect with Body field value

darren.capner · August 4, 2020, 1:12pm

This has been resolved. Today, I have tested the validation for the collection against the API definition schema and it is no longer reporting errors.