Function Description

The request-validation plugin is used to validate requests forwarded to upstream services in advance. This plugin utilizes the JSON Schema mechanism for data validation, capable of validating both the body and header data of requests.

Execution Attributes

Plugin Execution Phase: Authentication Phase
Plugin Execution Priority: 220

Configuration Fields

NameData TypeRequirementsDefault ValueDescription
header_schemaobjectOptional-Configuration for JSON Schema to validate request headers
body_schemaobjectOptional-Configuration for JSON Schema to validate request body
rejected_codenumberOptional403HTTP status code returned when the request is rejected
rejected_msgstringOptional-HTTP response body returned when the request is rejected
enable_swaggerboolOptionalfalseConfiguration to enable Swagger documentation validation
enable_oas3boolOptionalfalseConfiguration to enable OAS3 documentation validation

Validation rules for header and body are the same, below is an example using body.

Configuration Examples

Enumeration (Enum) Validation

  1. body_schema:
  2.   type: object
  3.   required:
  4.     - enum_payload
  5.   properties:
  6.     enum_payload:
  7.       type: string
  8.       enum:
  9.         - enum_string_1
  10.         - enum_string_2
  11.       default: enum_string_1

Boolean Validation

  1. body_schema:
  2.   type: object
  3.   required:
  4.     - boolean_payload
  5.   properties:
  6.     boolean_payload:
  7.       type: boolean
  8.       default: true

Number Range (Number or Integer) Validation

  1. body_schema:
  2.   type: object
  3.   required:
  4.     - integer_payload
  5.   properties:
  6.     integer_payload:
  7.       type: integer
  8.       minimum: 1
  9.       maximum: 10

String Length Validation

  1. body_schema:
  2.   type: object
  3.   required:
  4.     - string_payload
  5.   properties:
  6.     string_payload:
  7.       type: string
  8.       minLength: 1
  9.       maxLength: 10

Regular Expression (Regex) Validation

  1. bodyschema:
  2.   type: object
  3.   required:
  4.     - regex_payload
  5.   properties:
  6.     regex_payload:
  7.       type: string
  8.       minLength: 1
  9.       maxLength: 10
  10.       pattern: “^[a-zA-Z0-9]+$

Array Validation

  1. body_schema:
  2.   type: object
  3.   required:
  4.     - array_payload
  5.   properties:
  6.     array_payload:
  7.       type: array
  8.       minItems: 1
  9.       items:
  10.         type: integer
  11.         minimum: 1
  12.         maximum: 10
  13.       uniqueItems: true
  14.       default: [1, 2, 3]

Combined Validation

  1. bodyschema:
  2.   type: object
  3.   required:
  4.     - boolean_payload
  5.     - array_payload
  6.     - regex_payload
  7.   properties:
  8.     boolean_payload:
  9.       type: boolean
  10.     array_payload:
  11.       type: array
  12.       minItems: 1
  13.       items:
  14.           type: integer
  15.           minimum: 1
  16.           maximum: 10
  17.       uniqueItems: true
  18.       default: [1, 2, 3]
  19.     regex_payload:
  20.       type: string
  21.       minLength: 1
  22.       maxLength: 10
  23.       pattern: “^[a-zA-Z0-9]+$

Custom Rejection Message

  1. body_schema:
  2.   type: object
  3.   required:
  4.     - boolean_payload
  5.   properties:
  6.     boolean_payload:
  7.       type: boolean
  8. rejected_code: 403
  9. rejected_msg: Request rejected