Json WSO2 APIM 中的架构验证失败并出现错误
Json Schema Validation failing with error in WSO2 APIM
我正在使用 wso2 apim 3.1.0 我想为 json 负载启用 json 模式验证。我已经参考了 belpw 文档以在 wso2 apim 中设置 json shema 验证
https://m-saranki.medium.com/unboxing-json-schema-validator-320-2dd944dae6c0。我正在测试以下 API 以进行 json 架构验证
openapi: "3.0.1"
info:
title: "SampleAPI"
version: "1.2.3"
servers:
-
url: "/"
security:
-
default: []
paths:
/*:
get:
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
put:
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
post:
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/User"
required: false
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
delete:
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
patch:
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
components:
schemas:
User:
required:
- "id"
properties:
id:
type: "string"
format: "uuid"
name:
type: "string"
email:
type: "string"
format: "email"
dob:
type: "string"
format: "date"
securitySchemes:
default:
type: "oauth2"
flows:
implicit:
authorizationUrl: "https://test.com"
scopes: {}
x-wso2-auth-header: "Authorization"
x-wso2-cors:
corsConfigurationEnabled: false
accessControlAllowOrigins:
- "*"
accessControlAllowCredentials: false
accessControlAllowHeaders:
- "authorization"
- "Access-Control-Allow-Origin"
- "Content-Type"
- "SOAPAction"
- "apikey"
- "Credentials"
accessControlAllowMethods:
- "GET"
- "PUT"
- "POST"
- "DELETE"
- "PATCH"
- "OPTIONS"
x-wso2-production-endpoints:
urls:
- "http://localhost:9090/Cipango-CallAS/v1/sp/1/accounts/123/call"
type: "http"
x-wso2-sandbox-endpoints:
urls:
- "http://localhost:9090/Cipango-CallAS/v1/sp/1/accounts/123/call"
type: "http"
x-wso2-basePath: "/sample/1.2.3"
x-wso2-transports:
- "http"
- "https"
x-wso2-response-cache:
enabled: false
cacheTimeoutInSeconds: 300`
但是当我使用正确的 json 负载触发请求时,我看到了以下错误消息
TID: [-1] [] [2021-10-19 16:14:48,136] WARN {org.apache.synapse.transport.passthru.SourceHandler} - I/O error: Received fatal alert: certificate_unknown
TID: [-1234] [] [2021-10-19 16:14:49,237] ERROR {org.apache.synapse.transport.passthru.ServerWorker} - Error processing POST request for : /sample/1.2.3. java.lang.IllegalArgumentException: JsonObject (through reference chain: com.google.gson.JsonArray["asBoolean"])
at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:3751)
at com.fasterxml.jackson.databind.ObjectMapper.convertValue(ObjectMapper.java:3669)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.extractReference_aroundBody26(SchemaValidator.java:547)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.extractReference(SchemaValidator.java:532)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.extractSchemaFromRequest_aroundBody18(SchemaValidator.java:327)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.extractSchemaFromRequest(SchemaValidator.java:297)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.getSchemaContent_aroundBody16(SchemaValidator.java:284)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.getSchemaContent(SchemaValidator.java:281)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.validateRequest_aroundBody8(SchemaValidator.java:211)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.validateRequest(SchemaValidator.java:209)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.handleRequest_aroundBody2(SchemaValidator.java:114)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.handleRequest(SchemaValidator.java:75)
at org.apache.synapse.rest.API.process(API.java:367)
at org.apache.synapse.rest.RESTRequestHandler.apiProcessNonDefaultStrategy(RESTRequestHandler.java:149)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:95)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:71)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:327)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:98)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:368)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:427)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:182)
at org.apache.axis2.transport.base.threads.NativeWorkerPool.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Caused by: com.fasterxml.jackson.databind.JsonMappingException: JsonObject (through reference chain: com.google.gson.JsonArray["asBoolean"])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:394)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:353)
at com.fasterxml.jackson.databind.ser.std.StdSerializer.wrapAndThrow(StdSerializer.java:316)
at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:727)
at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:155)
at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider._serialize(DefaultSerializerProvider.java:480)
at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider.serializeValue(DefaultSerializerProvider.java:319)
at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:3729)
... 25 more
Caused by: java.lang.UnsupportedOperationException: JsonObject
at com.google.gson.JsonElement.getAsBoolean(JsonElement.java:153)
at com.google.gson.JsonArray.getAsBoolean(JsonArray.java:370)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:688)
at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:719)
... 29 more
让我知道这里可能是什么问题。
- 说明
我相信您正在使用 wso2am-3.1.0 vanilla pack 以及一个自定义序列文件,该文件可能有一个使用 "json-eval($.)" 表达式。请确认。这是 wso2am-3.0.0 和 wso2am-3.1.0 香草包中的一个已知问题。
这是因为当我们在 /repository/deployment/server/synapse-configs/default/sequences 目录中的序列中使用 json-eval($.) 表达式时,当它被部署时,突触是设置 GsonJsonProvider [1] 来表示 Jayway JsonPath[2].
中的 JSON
由于正在加载 GsonJsonProvider,即使我们删除了 [=72] 中具有 json-eval($.) 表达式的特定序列文件=] 调解员,在我们重新启动服务器之前,问题仍然存在。
但是,如果我们在 /repository/deployment/server/synapse-configs/default/sequences 目录中的序列中根本不使用 json-eval($.) 表达式,我们将得不到当我们启用 JSON 架构验证时出现上述错误,因为 jsonsmartjsonprovider [3] 用于表示 JSON 在 Jayway JsonPath 里面。
由于 JSON 对象表示在错误情况下变得不同,因此在这种情况下会抛出 IllegalArgumentException。
- 解决方案
您可以按照下面的建议采用以下解决方案之一。
- 此问题已在最新的 WUM/updated 包中修复。如果您有 WSO2 订阅,那么您可以获得最新更新。
- 您可以部署一个新的 wso2am-3.1.0 香草包并调用 API 调用,而序列没有 json-eval($.) 表达式。
我正在使用 wso2 apim 3.1.0 我想为 json 负载启用 json 模式验证。我已经参考了 belpw 文档以在 wso2 apim 中设置 json shema 验证 https://m-saranki.medium.com/unboxing-json-schema-validator-320-2dd944dae6c0。我正在测试以下 API 以进行 json 架构验证
openapi: "3.0.1"
info:
title: "SampleAPI"
version: "1.2.3"
servers:
-
url: "/"
security:
-
default: []
paths:
/*:
get:
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
put:
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
post:
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/User"
required: false
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
delete:
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
patch:
responses:
200:
description: "OK"
security:
-
default: []
x-auth-type: "Application & Application User"
x-throttling-tier: "Unlimited"
x-wso2-application-security:
security-types:
- "oauth2"
- "basic_auth"
optional: false
components:
schemas:
User:
required:
- "id"
properties:
id:
type: "string"
format: "uuid"
name:
type: "string"
email:
type: "string"
format: "email"
dob:
type: "string"
format: "date"
securitySchemes:
default:
type: "oauth2"
flows:
implicit:
authorizationUrl: "https://test.com"
scopes: {}
x-wso2-auth-header: "Authorization"
x-wso2-cors:
corsConfigurationEnabled: false
accessControlAllowOrigins:
- "*"
accessControlAllowCredentials: false
accessControlAllowHeaders:
- "authorization"
- "Access-Control-Allow-Origin"
- "Content-Type"
- "SOAPAction"
- "apikey"
- "Credentials"
accessControlAllowMethods:
- "GET"
- "PUT"
- "POST"
- "DELETE"
- "PATCH"
- "OPTIONS"
x-wso2-production-endpoints:
urls:
- "http://localhost:9090/Cipango-CallAS/v1/sp/1/accounts/123/call"
type: "http"
x-wso2-sandbox-endpoints:
urls:
- "http://localhost:9090/Cipango-CallAS/v1/sp/1/accounts/123/call"
type: "http"
x-wso2-basePath: "/sample/1.2.3"
x-wso2-transports:
- "http"
- "https"
x-wso2-response-cache:
enabled: false
cacheTimeoutInSeconds: 300`
但是当我使用正确的 json 负载触发请求时,我看到了以下错误消息
TID: [-1] [] [2021-10-19 16:14:48,136] WARN {org.apache.synapse.transport.passthru.SourceHandler} - I/O error: Received fatal alert: certificate_unknown
TID: [-1234] [] [2021-10-19 16:14:49,237] ERROR {org.apache.synapse.transport.passthru.ServerWorker} - Error processing POST request for : /sample/1.2.3. java.lang.IllegalArgumentException: JsonObject (through reference chain: com.google.gson.JsonArray["asBoolean"])
at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:3751)
at com.fasterxml.jackson.databind.ObjectMapper.convertValue(ObjectMapper.java:3669)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.extractReference_aroundBody26(SchemaValidator.java:547)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.extractReference(SchemaValidator.java:532)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.extractSchemaFromRequest_aroundBody18(SchemaValidator.java:327)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.extractSchemaFromRequest(SchemaValidator.java:297)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.getSchemaContent_aroundBody16(SchemaValidator.java:284)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.getSchemaContent(SchemaValidator.java:281)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.validateRequest_aroundBody8(SchemaValidator.java:211)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.validateRequest(SchemaValidator.java:209)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.handleRequest_aroundBody2(SchemaValidator.java:114)
at org.wso2.carbon.apimgt.gateway.handlers.security.SchemaValidator.handleRequest(SchemaValidator.java:75)
at org.apache.synapse.rest.API.process(API.java:367)
at org.apache.synapse.rest.RESTRequestHandler.apiProcessNonDefaultStrategy(RESTRequestHandler.java:149)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:95)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:71)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:327)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:98)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:368)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:427)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:182)
at org.apache.axis2.transport.base.threads.NativeWorkerPool.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Caused by: com.fasterxml.jackson.databind.JsonMappingException: JsonObject (through reference chain: com.google.gson.JsonArray["asBoolean"])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:394)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:353)
at com.fasterxml.jackson.databind.ser.std.StdSerializer.wrapAndThrow(StdSerializer.java:316)
at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:727)
at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:155)
at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider._serialize(DefaultSerializerProvider.java:480)
at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider.serializeValue(DefaultSerializerProvider.java:319)
at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:3729)
... 25 more
Caused by: java.lang.UnsupportedOperationException: JsonObject
at com.google.gson.JsonElement.getAsBoolean(JsonElement.java:153)
at com.google.gson.JsonArray.getAsBoolean(JsonArray.java:370)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:688)
at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:719)
... 29 more
让我知道这里可能是什么问题。
- 说明
我相信您正在使用 wso2am-3.1.0 vanilla pack 以及一个自定义序列文件,该文件可能有一个使用 "json-eval($.)" 表达式。请确认。这是 wso2am-3.0.0 和 wso2am-3.1.0 香草包中的一个已知问题。
这是因为当我们在
由于正在加载 GsonJsonProvider,即使我们删除了 [=72] 中具有 json-eval($.) 表达式的特定序列文件=] 调解员,在我们重新启动服务器之前,问题仍然存在。
但是,如果我们在
由于 JSON 对象表示在错误情况下变得不同,因此在这种情况下会抛出 IllegalArgumentException。
- 解决方案
您可以按照下面的建议采用以下解决方案之一。
- 此问题已在最新的 WUM/updated 包中修复。如果您有 WSO2 订阅,那么您可以获得最新更新。
- 您可以部署一个新的 wso2am-3.1.0 香草包并调用 API 调用,而序列没有 json-eval($.) 表达式。