-
Notifications
You must be signed in to change notification settings - Fork 9.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Appendix on RFC6570-derived behavior + allowReserved
(3.0.4)
#3818
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1, one phrasing suggestion
@darrelmiller after thinking about your comment in OAI/learn.openapis.org#100 I'm wondering if maybe I'm not giving the right guidance on the combination of In this PR, I basically suggest using single-variable templates like I'm going to move this to a draft PR because I think this needs some consideration. |
style | form | `?` | ||
allowReserved | `false` | _n/a_ | ||
allowReserved | `true` | `+` | ||
explode | `false` | _n/a_ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
RFC 6570 refers to explode as a modifier because it is a suffix added to the variable as opposed to an operator which appears as a prefix.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, yes. I was just going by the characters, not the placement, but you're right that it should be more clear.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I changed the headings to make things more clear in the latest reworking of this PR.
versions/3.0.4.md
Outdated
type: string | ||
``` | ||
|
||
This example is equivalent to RFC6570's `{?foo*,bar}`, and ***NOT*** `{?foo*}{&bar}`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{?foo*}{&bar}
Is this even a valid URI Template? If foo is empty/undefined then the resulting href would be invalid.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah that's kind of my point. I mean, it's a valid URI Tempate in the sense that it's syntactically legal (I think?) it just might not produce a valid URI. The URI Template spec is pretty intentionally blind to the context outside of the variables.
But perhaps I could note that that's why you need to do it the {?foo*,bar}
way.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I've addressed this in the latest, much-expanded version.
This aligns allowReserved with style by similarly correlating it with RFC6570 operators. This will make it easier to write a more in-depth explanation of the process in an appendix.
68b4fa2
to
8a73f7c
Compare
This is the one of several appendixes to be added to clarify the most obscure details of Parameter Object and Encoding Object serialization. This clarifies the correspondence between OAS fields and RFC6570 operators, and acknowledges that some field values and combinations do not have analogues. It provides further guidance for how to use RFC6570 implementations to support these configurations. This includes a SHOULD directive regarding using RFC6570 expansion with the non-RFC6570 styles, as the use of "explode" and "allowReserved" does not otherwise make any sense. It perhaps could be a MUST. Examples are included to show both typical usage, and how to work around the lack of exact RFC6570 equivalences for certain configurations.
Based on @darrelmiller 's comments and trying to think this through further, I have significantly expanded this and changed the recommendation regarding how to construct query strings with configurations that don't quite match RFC6570. I've also rewritten the Finally, the appendix now has several examples showing both easy and difficult cases. |
allowReserved
(3.0.4)
@darrelmiller I've added another commit that hopefully addresses all of your concerns. |
Co-authored-by: Ralf Handl <ralf.handl@sap.com>
@ralfhandl I've started a pre-release checklist and put the RFC links on it: I'm not going to change them in this PR because it would just be added noise as we don't know the target yet (and I do not want to hold this PR up for that decision- we need to do that all at once, like fixing the section links). |
This now has 2 tsc approvals, one of which was cleared by the merge conflict resolution which was trivial. So I'm going to merge this. |
parameters:
- name: foo
in: query
schema:
type: object
explode: true
- name: bar
in: query
schema:
type: string
Would it make sense to clarify in the document what's the difference between the two URL patterns? The conclusion doesn't sound right to me. Looking at the OAD fragment, I don't see why missing |
@rafalkrupinski I think this is something that folks can figure out by putting the data into an RFC6570 implementation and checking out the results. Alternatively, I think having more examples on learn.openapis.org would be great, and you could add this request to: In this case, given a path of |
Perhaps I've misunderstood. Is the appendix claiming that the OAD fragment should be interpreted as the RFC6570 template or it shouldn't? Either way, it may be my English, but I find it unclear.
|
@rafalkrupinski The point of that appendix is given in this sentence:
There is no SHOULD or SHOULD NOT, just a MAY. The authoritative requirements are given in the spec. Sometimes they are given in terms of RFC6570, and the intent was that some aspects of this part of OpenAPI could be handled by RFC6570 implementations. Since it's not trivial to figure out exactly what does and does not match RFC6570, this appendix goes through the more confusing areas and says how you can use an RFC6570 implementation, if you want to. Nothing in this appendix changes any of the text from the spec proper. It all flows from that text, but you have to have spent a lot of time with the various specifications to work it all out. In the case of the fragment you mention, there are two different ways to specify a URL query string parameter in RFC6570: using the This is an appendix because it's extra information that is essential enough to go into the spec document (because we got tons of issues opened on all of these things over the years) but not strictly necessary to implement the spec (because the spec proper says the same thing, if you really, really, really know how to put it all together). So to go back to your question: There is no SHOULD, there is a MAY. Since we defined the OAS's behavior by referencing RFC6570, there are times when you MAY safely rely on an RFC6570 implementation if you want to. This appendix helps avoid common errors in doing so, without changing the actual OAS requirements. |
I think I get it
The To me it reads like the entire first part is problematic, which implies that there's a problem with how would you normally interpret the OAD parameters as RFC6570. Let me add brackets to clarify.
If this is correct, perhaps wording like |
@rafalkrupinski good point @ralfhandl would you be willing to add this to PR #4001? |
Good point, done: 439e8eb |
Rendering with all currently open 3.0.4 changes (as of the timestamp of this edit - use the dropdown on the word "edited" in the bar for this comment) can be found here.
NOTE: The rendering will have mismatched table of contents lettering, which will be fixed when I merge the various appendix PRs and resolve conflicts along the way.
Addresses:
allowReserved
and RFC 3986 handled? #3759 (by explaining thatallowReserved
does not make illegal reserved characters legal)?+
is not a valid operator)This is the first of several appendixes to be added to clarify the most obscure details of Parameter Object and Encoding Object serialization. Future PRs will add more on serializing headers and cookies, and on the incredibly convoluted topic of percent-encoding.
Why an appendix? Because these are really fiddly details, and technically they all follow from the existing requirements. There will be other clarifications in the main text. I just need to get this really fiddly stuff out of the way so it's easier to write the major parts.
Why not put this on the Learn site? Because this is part of a larger set of serialization issues that took me several weeks to sort out, despite being very comfortable researching and reconciling RFCs in general, and being very familiar with the relevant RFCs in particular. It's too high of a bar to relegate to secondary documentation. It needs clarity in the spec, IMNSHO. [EDIT: However, the directly RFC6570-analogus parts are probably the most straightforward part of this- the complexity is in the exceptions and in related areas that I have not yet posted as PRs.]
This clarifies the correspondence between OAS fields and RFC6570 operators, and acknowledges that some field values and combinations do not have analogues. It provides further guidance for how to use RFC6570 implementations to support these configurations.
This includes a SHOULD directive regarding using RFC6570 expansion with the non-RFC6570 styles, as the use of "explode" and "allowReserved" does not otherwise make any sense. It perhaps could be a MUST.