-
Notifications
You must be signed in to change notification settings - Fork 125
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RuntimeError in ServerError should return different HTTP response codes based on the error #609
Comments
Hi @lovetodream, thanks for the feature request - yes we're having some discussions about improving this use case. Let us post here when we have more to share. |
Hi @lovetodream, the fix is likely to come with #644 |
The good news is that #626 gives us a natural spelling for expressing the different codes. We'll conform the internal RuntimeError to this protocol, once SOAR-0011 is ready to use, and adopters will be able to opt into the changed response status codes (we can't really change that for everyone, as it'd be considered a breaking change). For details, see https://forums.swift.org/t/proposal-soar-0011-improved-error-handling/74736 |
Closed #644 as a duplicate of this issue, copying over the description from there below: MotivationAt the moment, when the generated parsing code fails on the server, an error is thrown, which by default gets turned into the HTTP response status 500. However, if e.g. a required query item was missing, that should return 400, conventionally. Unfortunately, server adopters don't have a good way to even handle it in a middleware, as RuntimeError is internal. Proposed solutionDetails to be discussed, but we should offer some signal whether the underlying RuntimeError is "caused by input" (e.g. bad request) or "caused by server" (e.g. handler throws an error). Probably should also offer an "audited error string" that we guarantee is safe to send back to the caller, for example "missing required query item 'foo'". As getting a 400 without details can be infuriating. Some questions:
|
Ok now that SOAR-0011 has been implemented and landed in a release of Swift OpenAPI Runtime, this enhancement can now be implemented. Is anyone interested in contributing a fix here? I suspect it won't be too much work (marked as size S). |
I can take this on |
### Motivation apple/swift-openapi-generator#609 (comment) ### Modifications Confirm `RuntimeError` to `HTTPResponseConvertible` and provide granular status codes. ### Result Response codes for bad user input will be 4xx (instead of 500) ### Test Plan Unit tests. --------- Co-authored-by: Gayathri Sairamkrishnan <[email protected]>
This landed in main |
Hey sorry, inexperienced and making sure I understand this PR correctly. I would need a new case to be added to the enum to handle typeMismatch errors in the generated code? I cant just extend runtime since it is internal. |
Hi @alteredtech - the change described has been implemented. Can you say more about what's still missing in your view? |
I get a decoding error from the generated code from one of our testing tools. It tries overflow values. The server errors on a type mismatch.
It appears it comes from these two parts. The URI value from node decoder and universal server
I guess what I was expecting was being able to add my own runtime errors for decoding issues. Though I do think something like this would be better in package but thats my limited understanding talking. |
You can turn this standard decoding error into your own custom error, check out this proposals - you'd create your error type and conform it to the protocol, and add the middleware: https://swiftpackageindex.com/apple/swift-openapi-generator/1.5.0/documentation/swift-openapi-generator/soar-0011 |
Ah Okay, I think I am understanding a little bit better.
|
That's one way, sure. For 2, you don't need to create the middleware - it's provided by the runtime library: https://github.com/apple/swift-openapi-runtime/blob/main/Sources/OpenAPIRuntime/Interface/ErrorHandlingMiddleware.swift |
Motivation
Currently, every ServerError throws a 500 status code (at least when using hummingbird-transport).
This might be very subjective, but a response with a 500 status code indicates a problem on the server which requires immediate attention and ultimately a fix. The name indicates that some internals failed, which often isn't the case with ServerErrors.
E.g. decoding or invalid content type errors should rather be handled as bad requests, as the responsibility to provide a valid request lays on the client side, this is nothing the server can fix.
Proposed solution
Consider adding a status code property to ServerError (maybe an Optional desiredStatusCode). This can be used by server runtime authors/users to provide better status codes to their consumers and improve error monitoring.
Alternatives considered
Adding a middleware to set the status code based on
ServerError.underlyingError
. This works for many cases, but doesn't work forRuntimeError
, as it is internal, and cannot be bundled in one status code.Additional information
I am just starting to use OpenAPI, maybe I'm missing something here :)
The text was updated successfully, but these errors were encountered: