Respect JsonSerializerOptions casing for property names in validation errors #62036
Conversation
…ation errors Co-authored-by: captainsafia <[email protected]>
Copilot
AI
changed the title
src/Http/Http.Abstractions/test/Validation/ValidateContextTests.cs
Outdated
Show resolved
Hide resolved
Co-authored-by: captainsafia <[email protected]>
I've addressed all the inline comments. Made the SerializerOptions property internal, removed the test file, and updated ValidationEndpointFilterFactory to use the internal property via reflection. All changes in commit 216406a. |
… from service provider Co-authored-by: captainsafia <[email protected]>
|
@captainsafia Unfortunately I hit an unexpected error while processing your comment. I've automatically reported this to GitHub. You can ask me to try again later by mentioning me in a new comment. If you want to contact GitHub about this error, please mention the following identifier so they can better serve you: Sorry for the inconvenience! |
|
@copilot Let's try to address the review comments I left for you earlier. You were on the right track with making the |
… complex keys Co-authored-by: captainsafia <[email protected]>
…tions Co-authored-by: captainsafia <[email protected]>
|
@copilot Revert any changes made to package.json and package-lock.json files to their state in main. |
Co-authored-by: captainsafia <[email protected]>
|
Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details. Warning Firewall rules blocked me from connecting to one or more addressesI tried to connect to the following addresses, but was blocked by firewall rules:If you need me to access, download, or install something from one of these locations, you can either:
|
captainsafia
force-pushed
the
copilot/fix-61764-2
branch
from
4afa2bb to
f035b35
Compare
|
@DeagleGross @BrennanConroy Would love your review n this PR. Outside of the prompting, I ended up making local changes on Some things here:
|
There was a problem hiding this comment.
- We need to add
JsonSerializerOptionsas a property on theValidateContextsince we don't have access to theJsonOptionstype in theHttp.Abstractionsassembly in order to be able to resolve it ourselves in the ValidatableTypes. I think that probably makes the most sense for frameworks who are building on top of the abstractions API anyways.
Would this be better on ValidationOptions? We could use IPostConfigureOptions to set it once.
We should also create an API proposal issue for it. I bet copilot would do well at taking our issue template and this PR as inputs and creating an issue.
- The precedence ordering is
[Display(Name = "")], then[JsonPropertyName]then the JSON naming policy.
Does [Display(Name = "")] affect how the type gets serialized? And if not, shouldn't the validation errors match what gets serialized?
Also, do we have a test that verifies what happens when you have both [Display(Name = "")] and [JsonPropertyName] on the same property?
| @@ -106,9 +106,17 @@ public virtual async Task ValidateAsync(object? value, ValidateContext context, | |||
| // Create a validation error for each member name that is provided | |||
| foreach (var memberName in validationResult.MemberNames) | |||
| { | |||
| // Format the member name using JsonSerializerOptions naming policy if available | |||
| // Note: we don't respect [JsonPropertyName] here because we have no context of the property being validated. | |||
There was a problem hiding this comment.
Is this true? It's not like we're asking for the one and only [JsonPropertyName] used for the type represented by the ValidatableTypeInfo here. That would be impossible. Instead, we're asking for the [JsonPropertyName] for each of its member properties, right? If we didn't have any context of the property being validated here, how are we getting the name of the property at all let alone the proper casing?
I think we should probably respect all the same attributes we do in ValidatablePropertyInfo, namely [Display] (if we keep doing that) and [JsonPropertyName].
There was a problem hiding this comment.
Is this just redundant? Could it be that memberName already formatted here? I haven't run it, so it might not be the case, but we should definitely add some tests with a camel cased PropertyNamingPolicy and a capitalized first letter in the [JsonPropertyName] attribute.
There was a problem hiding this comment.
Instead, we're asking for the [JsonPropertyName] for each of its member properties, right?
This code block is invoked when are are processing the Validate method on an IValidatableContext implementor. In this case, the validationResults that we are processing are returned by the implementor and the member names might not map 100% to the properties on the class unless we did a lookup by name. The Validate_HandlesIValidatableObject_X tests demonstrate what is happening here.
| public string? LastName { get; set; } | ||
| } | ||
|
|
||
| [Fact] |
|
|
||
| // Cache the HasDisplayAttribute result to avoid repeated reflection calls | ||
| var property = DeclaringType.GetProperty(Name); | ||
| _hasDisplayAttribute = property is not null && HasDisplayAttribute(property); |
There was a problem hiding this comment.
Feels weird to grab the attribute, but then never actually use the value from the attribute. At that point, why not just use string.IsNullOrEmpty(DisplayName)?
There was a problem hiding this comment.
Good catch. I find it sometimes helps to ask copilot not to add any fields if you don't think it should be necessary.
There was a problem hiding this comment.
The DIsplayName property on the type infos that we generate are always non-null and default to the property name if there is no [Display] attribute so this is effectively how we check if the DisplayName that is on the property came from a [Display] attribute.
| /// When available, property names in validation errors will be formatted according to the | ||
| /// PropertyNamingPolicy and JsonPropertyName attributes. | ||
| /// </summary> | ||
| public JsonSerializerOptions? SerializerOptions { get; set; } |
There was a problem hiding this comment.
Putting it on the record that I'm not a fan of adding this to the ValidateContext. Especially if we're wanting to eventually move this API into dotnet/runtime.
There was a problem hiding this comment.
What do you think about moving it to ValidationOptions as I suggest here?
|
|
||
| /// <summary> | ||
| /// Creates a new instance of <see cref="ValidatablePropertyInfo"/>. | ||
| /// </summary> | ||
| protected ValidatablePropertyInfo( | ||
| [param: DynamicallyAccessedMembers(DynamicallyAccessedMemberTypes.PublicProperties)] | ||
| [param: DynamicallyAccessedMembers(DynamicallyAccessedMemberTypes.PublicProperties | DynamicallyAccessedMemberTypes.PublicConstructors)] |
There was a problem hiding this comment.
We do constructor lookup in HasDisplayAttribute to make sure that we are respecting [Display] attributes on constructor parameters for records.
I hadn't thought about putting this on
Yeah, if we move
It doesn't affect serialization.
I can add one to reflect |
src/Http/Http.Abstractions/src/Validation/ValidatablePropertyInfo.cs
Outdated
Show resolved
Hide resolved
| } | ||
|
|
||
| // Look for a constructor parameter matching the property name (case-insensitive) | ||
| // to account for the record scenario |
There was a problem hiding this comment.
This is for primary ctors too right?
src/Http/Http.Abstractions/src/Validation/ValidatableTypeInfo.cs
Outdated
Show resolved
Hide resolved
| @@ -28,6 +29,10 @@ public static EndpointFilterDelegate Create(EndpointFilterFactoryContext context | |||
| return next; | |||
| } | |||
|
|
|||
| var jsonOptions = context.ApplicationServices.GetService<IOptions<JsonOptions>>(); | |||
| var serializerOptions = jsonOptions?.Value?.SerializerOptions; | |||
| options.SerializerOptions = serializerOptions; | |||
There was a problem hiding this comment.
Are we at all concerned about anyone else grabbing IOptions<ValidationOptions> from DI and setting a different SerializerOptions? Or someone setting SerializerOptions at app startup but then we overwrite it here? Or someone using IOptions<ValidationOptions> elsewhere and us setting the SerializerOptions property?
|
Closing in favor of #62341. |
Summary
When configuring JSON serialization options with a custom property naming policy (like camelCase), validation error responses were not consistently following the same naming policy for property names. This created a disconnect between what clients send/expect and what the validation errors contained.
The implemented changes ensure validation errors respect the configured JSON naming policy, making them consistent with the rest of the API's JSON formatting.
Changes
SerializerOptionsproperty toValidateContextto access JSON naming policiesValidationEndpointFilterFactoryto pass the JSON options from DI to the validation contextPropertyNamingPolicyfor error key namesitems[0].productName→items[0].productName)Before
{ "type": "https://tools.ietf.org/html/rfc9110#section-15.5.41", "title": "One or more validation errors occurred.", "status": 400, "errors": { "LastName": [ "The LastName field is required." ] } }After
{ "type": "https://tools.ietf.org/html/rfc9110#section-15.5.41", "title": "One or more validation errors occurred.", "status": 400, "errors": { "lastName": [ "The LastName field is required." ] } }The implementation preserves the full compatibility with existing usage while ensuring that property names in validation errors now follow the configured naming policy.
Fixes #61764.
Warning
Firewall rules blocked me from connecting to one or more addresses
I tried to connect to the following addresses, but was blocked by firewall rules:
cdn.fwupd.org/usr/bin/fwupdmgr refresh(dns block)If you need me to access, download, or install something from one of these locations, you can either:
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.