I have a problem with my task about validating fields in response. Task looks like: "I need to validate request/response body by openapi contract. If request/response body contains fields that not described in scheme, i need to throw exception or smth like that". Searching through documentation I've learned about "additionalProperties: false" tag. Maybe it works for me, but it's not working with allOf or anyOf correctly.
For example I have this type of response
responses:
"200":
description: "OK"
content:
'application/json':
schema:
anyOf:
- $ref: '#/components/schemas/PackageWithPrices'
- $ref: '#/components/schemas/FamilyPackageWithPrices'
I've tried to put "additionalPropetries: false" in every place in scheme (and going down by $ref tag too), but it's not working. It's throwing exceptions on other component of anyOf (like we have PackageWithPrices with fields "a"&"b" and we have FamilyPackageWithPrices with fields "a","b"&"c". So if we getting PackageWithPrices object it's just throwing exception like field "c" is not in your scheme (additionalProperties) and vice versa. But as I understand it doesn't need to validate by "FamilyPackageWithPrices" scheme if it founds that "PackageWithPrices" acceptable).
So, many things I already said (not correctly as I think), but the question is "How I can validate request/response body by openapi contract and schemes when they contains anyOf/allOf and I need to search for fields that is not declared in contract/scheme"
Thanks a lot!!!