x-http-method-override header support not present creating issues

[sinsharat]

Content & configuration

Swagger/OpenAPI definition:

'/toneprovide/catalogs':
   post:
     summary: browse a catalog/category (post method made get via override header)
     description: API interaction for browsing a category
     operationId: browseCatalogs
     tags:
       - catalog-management
     consumes:
       - application/json
     produces:
       - application/json
     parameters:
       - in: header
         name: X-HTTP-Method-Override
         type: string
         required: true
       - in: query
         name: startRecord
         description: start record of the category
         required: true
         type: string
         pattern: '\d{1,8}'
       - in: query
         name: total
         description: Total numbers of categories to be fetched
         required: true
         type: string
         pattern: '\d{1,5}'
       - in: body
         name: browseCatalog
         description: browse catalog information
         required: true
         schema:
           $ref: '#/definitions/BrowseCatalog'
     responses:
       '200':
         description: Success
         headers:
           x-huawei-rbt-total-count:
             type: string
             description: Total cont available for the requested resource.
         schema:
           type: object
           required:
             - status
             - count
             - type
             - results
           properties:
             status:
               type: string
             count:
               type: integer
               format: int64
             type:
               type: string
             results:
               type: array
               items:
                 $ref: '#/definitions/CatalogInfo'
       '400':
         description: Bad Request
         schema:
           $ref: '#/definitions/ErrorResponse'
       '401':
         description: Unauthorized
         schema:
           $ref: '#/definitions/ErrorResponse'
       '403':
         description: Forbidden
         schema:
           $ref: '#/definitions/ErrorResponse'
       '500':
         description: Internal Server Error
     externalDocs:
       url: 'http://api.example.com/docs/user-operations/categories'
       description: Learn more about Video operations provided by this API.
   post:
     summary: Add a catalog/category
     description: API interaction for operator adding a category
     operationId: addCatalog
     tags:
       - catalog-management
     consumes:
       - application/json
     produces:
       - application/json
     parameters:
       - in: body
         name: catalog
         description: catalogInformation
         required: true
         schema:
           $ref: '#/definitions/Catalog'
     responses:
       '200':
         description: Success
         schema:
           type: object
           required:
             - status
             - count
             - type
             - results
           properties:
             status:
               type: string
             count:
               type: integer
               format: int64
             type:
               type: string
             results:
               type: array
               items:
                 type: string
       '400':
         description: Bad Request
         schema:
           $ref: '#/definitions/ErrorResponse'
       '401':
         description: Unauthorized
         schema:
           $ref: '#/definitions/ErrorResponse'
       '403':
         description: Forbidden
         schema:
           $ref: '#/definitions/ErrorResponse'
       '500':
         description: Internal Server Error
     externalDocs:
       url: 'http://api.example.com/docs/user-operations/categories'
       description: Learn more about Video operations provided by this API.

### Is your feature request related to a problem?
Generally PUT, DELETE and PATCH methods are not supported at the production servers. To handle this we use POST with x-http-method-override in server code to handle PUT, POST and DELETE methods. Sometimes GET request as POST as well for request which required passing too many filter requests.
### Describe the solution you'd like
<!-- A clear and concise description of what you want to happen. -->
Swagger as of now does not allow multiple POST requests for a single Url even though header difference is there.
So the only option stays here to specify them as POST, PUT, DELETE and GET only.

The issue this creates is while generating client code using swagger-codegen-cli as it create sending request for the specified methods as per the document.
### Describe alternatives you've considered
<!--
 A clear and concise description of any alternative solutions or features
 you've considered.
-->
Request you to provide how the problem can be solved.
Can such feature support be expected in future. As such issues are making using swagger un-usable.

[leggsimon]

@sinsharat do you mind just correcting the code block in this issue description? The main content is in your yaml. I think you’re just missing the 3 backticks

[sinsharat]

@leggsimon Sorry i didn't understand what you meant. The only issue in this swagger code snippet is that the first method is marked as post. If i change it to get it works fine. But since GET should not have body i wanted to make it a POST request with X-HTTP-Method-Override=GET. Similarly for X-HTTP-Method-Override=PUT and X-HTTP-Method-Override=DELETE with Request method as POST for PUT and DELETE requests respoectively as the PUT and DELETE requests are blocked at many customer site deployments for security. The real issue i am talking here is the X-HTTP-Method-Override support not present. The above code snippet gives error in swagger but works actually with spring.

[leggsimon]

@sinsharat I just meant that you’re missing ``` at the end of the actual yaml code bit. If you scroll down on your code block the “### Is your feature request related to a problem?” is at the bottom. if you put ``` before that it should move that text outside the code block

[leggsimon]

I wouldn’t have thought this is something that is likely to be supported. I don’t know much about this X-HTTP-Method-Override header but as I understand it it really just becomes an implementation detail of the internals of your API.

The only way you can interact with your API is via POST requests. The fact that internally your API requires a certain header to be set would make it a required header to your POST endpoint sure but other than that I’m not sure how you would expect this to be documented?

In my eyes it would essentially be documented the same way as a GET endpoint that accepts one of 4 types of query parameter for example. I think the only thing we could reasonably expect for this case from this project would be to have multiple examples which I think could help your case. If it would then that issue is being tracked in #2651

[sinsharat]

@leggsimon sorry for the late reply. Yes in a way i would want to support multiple POST requests for a single url distinguished by different params/headers to over come the blocking of PUT and DELETE request. I don't think this is currently supported.

[slst19]

@leggsimon @sinsharat Is there any workaround to make this work.

[tomqwpl]

I would second this request. Consider the case where you are trying to describe multiple methods in this way. In the openapi spec you have to describe one operation and then add to it the union of all things you can do with DELETE, PUT, GET etc. This makes it very unclear what applies to what. The problem is particularly problematic when it comes to then generating a client using a code generator. What you would like to end up with is a client generated that has separate methods for GET, PUT DELETE etc, and just sets the appropriate override header. I would like the override header to be hidden and not something that the user of the client has to worry about.