Re: [httpapi] rfc7807 errata or just "more"
Sanjay Dalal <sanjay.dalal@cal.berkeley.edu> Mon, 18 January 2021 17:02 UTC
Return-Path: <sanjay.dalal@gmail.com>
X-Original-To: httpapi@ietfa.amsl.com
Delivered-To: httpapi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A7093A0CEE for <httpapi@ietfa.amsl.com>; Mon, 18 Jan 2021 09:02:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cal-berkeley-edu.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zyq8D0ZzoiMr for <httpapi@ietfa.amsl.com>; Mon, 18 Jan 2021 09:02:17 -0800 (PST)
Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 724593A0B91 for <httpapi@ietf.org>; Mon, 18 Jan 2021 09:02:07 -0800 (PST)
Received: by mail-ot1-x334.google.com with SMTP id 36so5384245otp.2 for <httpapi@ietf.org>; Mon, 18 Jan 2021 09:02:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cal-berkeley-edu.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WWhgGb2ZyTd7mqQ3je6X7pgRutmJahiLeuJAvlqV28k=; b=jrudiO2STS/a7UtNSq6xDmPW4zRQbhvBT/+T8R9WJ0Ek6TqrzbqC/gzn5W0Nr3Fu5R Qz+9s47kSPMbK+W3Qyl5KRF928XtlQWk1fMeU2QAv4hyZILEeDyLa2Qr6FjO+ahrNINO 5w8qv0iV5BsjYCN7uc2yKezsIEimND6MwFFJyOtXqTqx9vQwxgA3urzphIcTxoOim00H 6CG3LIqeYu0m4Aafas7rZVQIIsyZgVeauOkN0UdRpgYqAz0R21ail6ry4AjLxKJ+HhdU 0VOj3sz9KuUGS9E0DE1AJhUijNvTlcwUKmEJqkVItrivQFoLtPVG9Tw/YSbGpnsF+79r i49Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WWhgGb2ZyTd7mqQ3je6X7pgRutmJahiLeuJAvlqV28k=; b=D/vvHN0953VEjIAKcYcGohM783oILH5lhz9lDmDaIPZedjFO8A4jPvw2bEl5h+gXEe JS0j1BkDT3BBmCv+AzNVU8kkFLE8rbUkLo6s61L4LQ7zNR7pGdSsD998YJPR6obG/ppQ zYrTyG3maWpHcMVRPugKatDk0mYQwqRjC5wHE1bXcziYrLHoMo/GlJTatv8qW+eG87Bg R9+z9AWwYJjjYr4ZPNSMYf8cWpvaNtgHTVgQ/OTlO4oLc8p8f1bEbOesEH5slkx2ajX2 7Mq9zsm7Ac0JEzVgTxXBWYJxnm+pVUmRxQPvTKmDtdR6ArhivoraDE/UhiGRyYXF3zCn cSnw==
X-Gm-Message-State: AOAM532UK4C1ej9QxAAa9LKOBLJ/MzJ37NJ4boCetQVWEmmAHA75XBsN j3QfaRvSBJadBAEHEPlt+RgGWk4jfP4cLfjY+W4=
X-Google-Smtp-Source: ABdhPJyncikCVXrOg6ko1YmPJRzc27IE5r6GcVTKS5bs1je0gy6NYi1c9i8DoyrOiF8dco53f6M73c+wsegSa7HzCVg=
X-Received: by 2002:a05:6830:1349:: with SMTP id r9mr327210otq.256.1610989326597; Mon, 18 Jan 2021 09:02:06 -0800 (PST)
MIME-Version: 1.0
References: <CAC5fHGPAVBKiV81bTGpm3BwwfRT-UZw732okCA7d9TTBBwGvGQ@mail.gmail.com> <DM6PR00MB08454A51EFCF8675F426EDA7F0A69@DM6PR00MB0845.namprd00.prod.outlook.com>
In-Reply-To: <DM6PR00MB08454A51EFCF8675F426EDA7F0A69@DM6PR00MB0845.namprd00.prod.outlook.com>
From: Sanjay Dalal <sanjay.dalal@cal.berkeley.edu>
Date: Mon, 18 Jan 2021 09:01:55 -0800
Message-ID: <CAC5fHGPxen7WCCJMYEY+m4nK=mVi2YecQ+xtPuTT8i3J1Vezfg@mail.gmail.com>
To: Darrel Miller <Darrel.Miller@microsoft.com>
Cc: "httpapi@ietf.org" <httpapi@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008c84ae05b92fae20"
Archived-At: <https://mailarchive.ietf.org/arch/msg/httpapi/x-LgbTdyqtoOEC_2kO-3qwP9R5c>
Subject: Re: [httpapi] rfc7807 errata or just "more"
X-BeenThere: httpapi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Building Blocks for HTTP APIs <httpapi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/httpapi>, <mailto:httpapi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/httpapi/>
List-Post: <mailto:httpapi@ietf.org>
List-Help: <mailto:httpapi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/httpapi>, <mailto:httpapi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jan 2021 17:02:26 -0000
Hi Darrel, >Just pointing to the instances of the failures without describing what kind of failures those are would not be a great experience. I agree. However, if we have a schema that accommodates pointers to failure(s) and more details about the errors as part of RFC it would help many API developers. Such a schema could be defined in a very generic fashion like what we have attempted to do in the error catalog service API at https://github.com/sdatspun2/error-catalog-service/blob/master/ErrorResponseInErrorCatalog.md. These schemas are derived from rfc7807 and from JSON Schema spec, section 10 respectively. >That additional information about what kind of failures each of those instances experienced is going to need to be in extensions and the client will need to understand the semantics of the type...I accept there will be some scenarios where there are multiple instances of problems associated with a single resource that are homogeneous, but there are going to be just as many that are heterogenous. I don't really see the issue with using the type to define the necessary extensions. If we can provide a solution for the homogenous use case (I believe that is 80% in 80-20) and suggest to use extension for the heterogenous use case that would go a long way, imo. In fact, it would increase adoption of rfc7807 significantly. I did not use rfc7807 while designing PayPal's proprietary schema <https://github.com/paypal/api-standards/blob/master/api-style-guide.md#error-handling> for the error response. I am sure we were not alone. Thanks. sanjay On Sat, Jan 16, 2021 at 1:41 PM Darrel Miller <Darrel.Miller@microsoft.com> wrote: > Hi Sanjay, > > *From:* httpapi <httpapi-bounces@ietf.org> on behalf of Sanjay Dalal > > As you know, having multiple schema validation related errors in payload > of HTTP requests is a very common scenario for the HTTP APIs. > > I'm not sure an instances array is going to solve the issue here. In your > example, at the resource level, multiple issues have been detected as > schema validation problems and you will need some explicit type to identify > schema validation problems.. As you say there may be many validation > constraints that were violated within the response payload. However, it is > likely that they are more than one type of validation failure. Just > pointing to the instances of the failures without describing what kind of > failures those are would not be a great experience. That additional > information about what kind of failures each of those instances experienced > is going to need to be in extensions and the client will need to understand > the semantics of the type. > > I accept there will be some scenarios where there are multiple instances > of problems associated to a single resource that are homogeneous, but there > are going to be just as many that are heterogenous. I don't really see the > issue with using the type to define the necessary extensions. > > Darrel > >
- [httpapi] rfc7807 errata or just "more" Sanjay Dalal
- [httpapi] RFC for HTTP API error responses (was: … Ben Bucksch
- Re: [httpapi] RFC for HTTP API error responses (w… Salz, Rich
- Re: [httpapi] rfc7807 errata or just "more" Darrel Miller
- Re: [httpapi] rfc7807 errata or just "more" Sanjay Dalal
- Re: [httpapi] RFC for HTTP API error responses (w… Sanjay Dalal
- Re: [httpapi] RFC for HTTP API error responses (w… Darrel Miller
- Re: [httpapi] rfc7807 errata or just "more" Darrel Miller
- Re: [httpapi] rfc7807 errata or just "more" Roberto Polli
- Re: [httpapi] rfc7807 errata or just "more" Sanjay Dalal
- Re: [httpapi] rfc7807 errata or just "more" Roberto Polli