OpenAPI Conformance Analyzer
Configuration Name: OpenAPIConformance
Description
OpenAPI Conformance analyzer checks the conformance of each API response to the response schema in the API definition.
Faults Reported
| Fault Identifier | Title | Summary | Solution | Severity |
|---|---|---|---|---|
| SCF-200 | Unexpected response | The response did not conform to the API definition. This is a generic CF for errors that do not have a more specific CF. | ||
| SCF-201 | Unexpected response status code | The response had a status code that is not specified for the operation in the API definition. | Modify service implementation to return only those status codes specified in the API definition, or modify the API definition to specify which status codes may be returned by the operation. | high |
| SCF-202 | Unexpected response Content-Type | The response had Content-Type that is not specified in the API definition for the status code that was received. | Modify service implementation to return only those Content-Types specified in the API definition, or modify the API definition to specify which Content-Types may be returned by the operation. | high |
| SCF-202 | Unspecified Content-Type | An operation in the API definition did not specify a Content-Type for a response. Any response produced by the service is considered conforming, which is not advised. | Modify API definition to specify which Content-Types will be sent in a response for an operation, and the schema of the response. | low |
| SCF-300 | Unspecified schema | An operation in the API definition did not specify a response schema. | Modify API definition to specify the schema of the response for each Content-Type that is returned by the operation. | low |
| SCF-301 | Type mismatch | Value does not have the type specified in the API definition. Examples: Field must be set to " + schema.Type + " or not be present Value must be an integer |
Modify service implementation to return values that conform to the API definition, or modify the API definition to specify the proper type that will be returned by an operation. | high |
| SCF-302 | Invalid enum value | Value is not one of the specified enum values for an enum type. Examples: value is not one of the allowed values |
Modify service implementation to return values that conform to the API definition, or modify the API definition to specify the proper set of allowed values for an enum type. | high |
| SCF-303 | Number format error | Value of a number type does not conform to the constraints in the API definition. Examples: number must be more than %g number must be less than %g number must be at least %g number must be at most %g Number is not a multiple of %g (NOTE: Reason is not formatted this way by openapi3filter) |
Modify service implementation to return a value that conforms to the API definition, or modify the API definition to specify the proper type that will be returned by an operation. | high |
| SCF-304 | String format error | Value of a string type does not conform to the constraints in the API definition. Examples: minimum string length is %d maximum string length is %d string doesn't match the regular expression "%s" string doesn't match the format %q (regular expression "%s") |
Modify service implementation to return a value that conforms to the API definition, or modify the API definition to specify the proper type that will be returned by an operation. | high |
| SCF-305 | Invalid string pattern constraint | The pattern constraint specified in the API definition for a string type contains an invalid regular expression. Analyzer was unable to verify that string values conform to the pattern constraint. | Modify the API definition to use a valid regular expression in the pattern constraint. | low |
| SCF-306 | Array format error | Value of an array type does not conform to the constraints in the API definition. Examples: minimum number of items is %d maximum number of items is %d duplicate items found |
Modify service implementation to return a value that conforms to the API definition, or modify the API definition to specify the proper type that will be returned by an operation. | high |
| SCF-307 | Object format error | Value of an object type does not conform to the constraints in the API definition. Examples: there must be at least %d properties there must be at most %d properties property %q is unsupported property %q is missing (NOTE: for required properties) |
Modify service implementation to return a value that conforms to the API definition, or modify the API definition to specify the proper type that will be returned by an operation. | high |
| SCF-308 | Discriminator is missing | Value of a polymorphic OneOf type is lacking the discriminator field specified in the API definition. Examples: input does not contain the discriminator property |
Modify service implementation to return a value that contains the discriminator field, or modify the API definition to not specify a discriminator in the OneOf type. | medium |
| SCF-309 | Discriminator has invalid value | Value of a polymorphic OneOf type has an invalid value in the discriminator field. Examples: input does not contain a valid discriminator value |
Modify service implementation to return a value that contains the discriminator field, or modify the API definition to not specify a discriminator in the OneOf type. | high |