Cache the validationResult for the originalPath is no match is found

Chris Wiechmann · Chris Wiechmann · commit 1eef2dce7092 · 2021-12-21T17:02:44.000+01:00
#2
diff --git a/README.md b/README.md
@@ -31,6 +31,11 @@ def invoke(msg)
     def apiId = msg.get("api.id");
     // Get/Create an OpenAPIValidator instance based on the API-ID
     def validator = OpenAPIValidator.getInstance(apiId, "apiadmin", "changeme");
+    
+    // Optionally you can configure an internal cache. For more details please see:
+    // https://github.com/Axway-API-Management-Plus/openapi-validator/issues/2
+    // validator.getExposurePath2SpecifiedPathMap().setMaxSize(5000);
+    
     // Get required parameters for the validation
     def payload = bodyAsString(msg.get('content.body'));
     def path = msg.get("http.request.path");
diff --git a/src/main/java/com/axway/apim/openapi/validator/OpenAPIValidator.java b/src/main/java/com/axway/apim/openapi/validator/OpenAPIValidator.java
@@ -31,7 +31,7 @@ public class OpenAPIValidator
 	
 	private OpenApiInteractionValidator validator;
 	
-	private MaxSizeHashMap<String, String> exposurePath2SpecifiedPathMap = new MaxSizeHashMap<String, String>();
+	private MaxSizeHashMap<String, Object> exposurePath2SpecifiedPathMap = new MaxSizeHashMap<String, Object>();
 	
 	private int payloadLogMaxLength = 40;
 	
@@ -96,7 +96,7 @@ public boolean isValidRequest(String payload, String verb, String path, QueryStr
     	Utils.traceMessage("Validate request: [verb: "+verb+", path: '"+path+"', payload: '"+Utils.getContentStart(payload, payloadLogMaxLength, true)+"']", TraceLevel.INFO);
     	ValidationReport validationReport = null;
     	String originalPath = path;
-    	// The given path might be the FE-API exposed path which is not always part of the API-Specification. 
+    	// The given path might be the FE-API exposure path which is not guaranteed to be part of the API-Specification.
     	// If for example the Petstore is exposed with /petstore/v3 the path we get might be /petstore/v3/store/order/78787 
     	// and with that, the validation fails, as the specification doesn't contain this path.
     	// The following code nevertheless tries to find the matching API path by removing the first part of the path and 
@@ -105,11 +105,19 @@ public boolean isValidRequest(String payload, String verb, String path, QueryStr
     	boolean cachePath = false;
     	// Perhaps the path has already looked up and matched to the specified path (e.g. /petstore/v3/store/order/78787 --> /store/order/{orderId} 
     	if(exposurePath2SpecifiedPathMap.containsKey(path)) {
-    		// In that case perform the validation based on the cached path
-    		validationReport = validateRequest(payload, verb, exposurePath2SpecifiedPathMap.get(path), queryParams, headers);
+    		if(exposurePath2SpecifiedPathMap.get(path) instanceof ValidationReport) {
+    			// Previously with the given we got a validation error, just return the same again
+    			validationReport = (ValidationReport)exposurePath2SpecifiedPathMap.get(path);
+    		} else {
+	    		// In that case perform the validation based on the cached path
+	    		validationReport = validateRequest(payload, verb, (String)exposurePath2SpecifiedPathMap.get(path), queryParams, headers);
+    		}
     	} else {
     		// Otherwise try to find the belonging specified path
 	    	for(int i=0; i<5;i++) {
+	    		if(cachePath) {
+	    			Utils.traceMessage("Retrying validation with reduced path: '"+path+"']' ("+i+"/5)", TraceLevel.INFO);
+	    		}
 	    		validationReport = validateRequest(payload, verb, path, queryParams, headers);
 	    		if(validationReport.hasErrors()) {
 	    			if(validationReport.getMessages().toString().contains("No API path found that matches request")) {
@@ -125,7 +133,12 @@ public boolean isValidRequest(String payload, String verb, String path, QueryStr
 	    		}
 	    	}
 			if(cachePath) {
-				exposurePath2SpecifiedPathMap.put(originalPath, path);
+				if(validationReport.hasErrors() && validationReport.getMessages().toString().contains("No API path found that matches request")) {
+					// Finally no match found, cache the returned validation report
+					exposurePath2SpecifiedPathMap.put(originalPath, validationReport);
+				} else {
+					exposurePath2SpecifiedPathMap.put(originalPath, path);
+				}
 			}
     	}
     	
@@ -248,7 +261,7 @@ public void setMaxSize(int maxSize) {
 		}
 	}
 
-	public MaxSizeHashMap<String, String> getExposurePath2SpecifiedPathMap() {
+	public MaxSizeHashMap<String, Object> getExposurePath2SpecifiedPathMap() {
 		return exposurePath2SpecifiedPathMap;
 	}
 }
diff --git a/src/test/java/com/axway/apim/openapi/validator/TestOpenAPIValidator.java b/src/test/java/com/axway/apim/openapi/validator/TestOpenAPIValidator.java
@@ -126,6 +126,22 @@ public void invalidRequestWithFullPathAndPathParameter() throws IOException
     	Assert.assertFalse(validator.isValidRequest(null, verb, path, null, headers));
     }
     
+    @Test
+    public void invalidRequestNoMatchToSpec() throws IOException
+    {
+    	String swagger = Files.readFile(this.getClass().getClassLoader().getResourceAsStream(TEST_PACKAGE + "PetstoreSwagger2.0.json"));
+    	OpenAPIValidator validator = OpenAPIValidator.getInstance(swagger);
+    	
+    	String path = "/api/petstore/will/never/map/should/be/cached/anyway";
+    	String verb = "GET";
+    	HeaderSet headers = new HeaderSet();
+    	headers.addHeader("Content-Type", "application/json");
+    	
+    	Assert.assertFalse(validator.isValidRequest(null, verb, path, null, headers));
+    	// This time, it should be cached anyway
+    	Assert.assertFalse(validator.isValidRequest(null, verb, path, null, headers));
+    }
+    
     @Test
     public void validRequestExternalURLSwagger20() throws IOException
     {
