Newtonsoft.Json.Schema 未根据 JSON 模式正确验证 JSON 输入
在下面的示例中,架构验证对于以下有效负载 JSON 返回 true,即使:
为什么这些错误没有被捕获?
我们使用 Newtonsoft.Json.Schema 进行验证。
JSON 架构:
{
"openapi": "3.0.2",
"info": {
"title": "Demo API",
"version": "1.1.1",
"description": "<b>Demo version"
},
"tags": [
{
"name": "Records",
"description": "Registration"
}
],
"paths": {
"/records/AddUpdateRecord": {
"post": {
"tags": [
"Records"
],
"description": "Add or Update a Object",
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/addUpdateRecords"
}
}
}
},
"responses": {
"200": {
"description": "OK - Indicates that the request has succeeded.",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse200"
}
}
}
},
"400": {
"description": "Bad Request",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse400"
}
}
}
},
"401": {
"description": "Unauthorized "
},
"403": {
"description": "Forbidden - Unauthorized request."
},
"429": {
"description": "Too Many Requests "
},
"500": {
"description": "Internal Server Error "
}
}
}
},
"/records/AddUpdateC": {
"post": {
"tags": [
"Records"
],
"description": "Add or Update existing 1 to N Coverages.",
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/addUpdateC"
}
}
}
},
"responses": {
"200": {
"description": "OK - Indicates that the request has succeeded.",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse200"
}
}
}
},
"400": {
"description": "Bad Request ",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponseC400"
}
}
}
},
"401": {
"description": "Unauthorized ."
},
"403": {
"description": "Forbidden."
},
"429": {
"description": "Too Many Requests "
},
"500": {
"description": "Internal Server Error "
}
}
}
},
"/records/UpdateRO": {
"put": {
"tags": [
"Records"
],
"description": "Update an existing RO.",
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/updateRO"
}
}
}
},
"responses": {
"200": {
"description": "OK - Indicates that the request has succeeded.",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse200"
}
}
}
},
"400": {
"description": "Bad Request ",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse400"
}
}
}
},
"401": {
"description": "Unauthorized"
},
"403": {
"description": "Forbidden ."
},
"429": {
"description": "Too Many Requests ."
},
"500": {
"description": "Internal Server Error "
}
}
}
},
"/records/RemoveRO": {
"post": {
"tags": [
"Records"
],
"description": "Remove an existing RO",
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/removeRO"
}
}
}
},
"responses": {
"200": {
"description": "OK - Indicates that the request has succeeded.",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse200"
}
}
}
},
"400": {
"description": "Bad Request.",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse400"
}
}
}
},
"401": {
"description": "Unauthorized."
},
"403": {
"description": "Forbidden"
},
"429": {
"description": "Too Many Requests ."
},
"500": {
"description": "Internal Server Error"
}
}
}
},
"/records/MoveP": {
"post": {
"tags": [
"Records"
],
"description": "Move",
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/moveP"
}
}
}
},
"responses": {
"200": {
"description": "OK - Indicates that the request has succeeded.",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse200"
}
}
}
},
"400": {
"description": "Bad Request.",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/httpResponse400"
}
}
}
},
"401": {
"description": "Unauthorized ."
},
"403": {
"description": "Forbidden "
},
"429": {
"description": "Too Many Requests ."
},
"500": {
"description": "Internal Server Error."
}
}
}
}
},
"components": {
"schemas": {
"httpResponse200": {
"type": "object",
"properties": {
"results": {
"nullable": true,
"example": null
},
"requestGuid": {
"type": "string",
"example": "GUI"
},
"errors": {
"nullable": true,
"example": null
},
"httpStatusCode": {
"type": "integer",
"nullable": false,
"example": 200
}
}
},
"addUpdateC": {
"type": "object",
"properties": {
"iCR": {
"type": "array",
"description": "1 to N",
"items": {
"type": "object",
"properties": {
"requestGuid": {
"type": "string",
"example": "GUI",
"nullable": false
},
"iNumber": {
"type": "string",
"format": "varchar(10)",
"nullable": false
},
"eTypeRequest": {
"type": "array",
"description": "1 to N",
"items": {
"type": "object",
"properties": {
"requestGuid": {
"type": "string",
"example": "16-byte binary value",
"nullable": false
},
"eTypeECode": {
"type": "string",
"format": "varchar(3)",
"nullable": false,
"description": "List"
}
}
}
}
}
}
}
}
},
"moveP": {
"type": "object",
"properties": {
"iMPR": {
"type": "object",
"properties": {
"requestGuid": {
"type": "string",
"example": "GUID",
"nullable": false
},
"iNumber": {
"type": "string",
"format": "varchar(10)",
"nullable": false
}
}
}
}
},
"removeRO": {
"type": "object",
"properties": {
"iRROR": {
"type": "object",
"properties": {
"requestGuid": {
"type": "string",
"example": "GUID",
"nullable": false
},
"iNumber": {
"type": "string",
"format": "varchar(10)",
"nullable": false
},
"mCRO": {
"type": "number",
"format": "smallint",
"nullable": false,
"description": "List"
}
}
}
}
},
"addUpdateRecords": {
"type": "object",
"properties": {
"iROR": {
"type": "object",
"properties": {
"requestGuid": {
"type": "string",
"example": "GUID",
"nullable": false
},
"iNumber": {
"type": "string",
"format": "varchar(10)",
"nullable": false
},
"mCRO": {
"type": "number",
"format": "smallint",
"nullable": false,
"description": "List"
}
}
},
"iCR": {
"type": "array",
"description": "1 to N",
"items": {
"type": "object",
"properties": {
"requestGuid": {
"type": "string",
"example": "16-byte binary value",
"nullable": false
},
"iNumber": {
"type": "string",
"format": "varchar(10)",
"nullable": false
},
"eTypeRequest": {
"type": "array",
"description": "1 to N",
"items": {
"type": "object",
"properties": {
"requestGuid": {
"type": "string",
"example": "16-byte binary value",
"nullable": false
},
"eTypeECode": {
"type": "string",
"format": "varchar(3)",
"nullable": false,
"description": "List"
}
}
}
}
}
}
}
}
},
"updateRO": {
"type": "object",
"properties": {
"iROR": {
"type": "object",
"properties": {
"requestGuid": {
"type": "string",
"example": "GUID",
"nullable": false
},
"iNumber": {
"type": "string",
"format": "varchar(10)",
"nullable": false
},
"mCRO": {
"type": "number",
"format": "smallint",
"nullable": false,
"description": "List"
}
}
}
}
},
"httpResponse400": {
"type": "object",
"properties": {
"results": {
"nullable": true,
"example": null
},
"requestGuid": {
"type": "string",
"example": "GUI"
},
"errors": {
"type": "array",
"items": {
"type": "object",
"properties": {
"cTypeCode": {
"nullable": true,
"example": null
},
"cFormula": {
"nullable": true,
"example": null
},
"errorDescription": {
"type": "string"
}
}
}
},
"httpStatusCode": {
"type": "integer",
"nullable": false,
"example": 400
}
}
},
"httpResponseC400": {
"type": "object",
"properties": {
"results": {
"nullable": true,
"example": null
},
"requestGuid": {
"type": "string",
"example": "GUI "
},
"errors": {
"type": "array",
"items": {
"type": "object",
"properties": {
"cTypeCode": {
"nullable": true,
"example": null
},
"cFormula": {
"nullable": true,
"example": null
},
"errorDescription": {
"type": "string"
}
}
}
},
"httpStatusCode": {
"type": "integer",
"nullable": false,
"example": 400
}
}
}
}
}
}
负载 JSON:
{
"iRROR": {
"requestGuid": "GUID",
"iNumber": "12345678910111213",
"mCRO": null
}
}
C# 代码:
using (StreamReader file = File.OpenText(@"C:\\Sample\\OpenAPISpecification.json"))
using (JsonTextReader reader = new JsonTextReader(file))
{
JSchema schema = JSchema.Load(reader);
JObject json = JObject.Parse(File.ReadAllText(@"C:\\Sample\\iRROR.json"));
//validate json
IList<ValidationError> errors;
bool valid = json.IsValid(schema, out errors);
new ValidateResponse
{
Valid = valid,
Errors = errors
};
}
为什么这些错误没有被捕获?
我们使用 Newtonsoft.Json.Schema 进行验证。
为了呼应并扩展 Daniel 的评论,OpenAPI 包含模式,但它本身并不是模式。 (从技术上讲,OpenAPI 3.0 及更早版本使用的模式是修改后的 JSON Schema Draft 4。版本 3.1 直接使用 JSON Schema DRaft 2020-12。)
您需要一个 OpenAPI 工具,例如 OpenAPI.Net。