openapi_first 1.0.0.beta3 → 1.0.0.beta5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 800354f7ac2847fb16987e6961589aaebb84c161f3b76ea652a00a4cf8762fbe
-  data.tar.gz: f443b72fa8ce1103bfc5a7b30367ce96f84e0dc7ad137722424cab0ac0c13357
+  metadata.gz: 8e6c1f8f1a6fffd91827a74f95b932bfd5be9d4a897f3704efd6313bac9e6be4
+  data.tar.gz: 59041cacdcb634bb25e5d23025c0f86afe97632918f1e10d6f67409d31ba5f9b
 SHA512:
-  metadata.gz: e454ee38c95a21915869e5feae0f38f65e0aa9a0a5001b6b752043fa379836164af1bf7eac9bcff192822d66053dda00d6dfa787296cce82bccf346d218f4c6c
-  data.tar.gz: 11a0a0ac1e1bbd350d1edfe1dcae4ccae15bcfe2f1863320f30f554c3ad16934b07891c578225d2d7d128c3cb7dafd4093407c1c153713567db4db3d9c99c938
+  metadata.gz: 1955264ba1b60f477123cd1bbb71a14d611d598664965548a9ebe3c6508d5ac6e205dfe971bc7c1ebe6b27da78a48f1bf5d27239c886a9b4aa7db303224e0cfc
+  data.tar.gz: 2f25b5944e546a6619c2be01462008d358a0a80140594b0906ca62e9b152fa97b2b8225d0c137acbe29c64b7732bbd00d3f35459cd0b771b2b38c409303adde8

data/.github/workflows/ruby.yml

@@ -1,24 +1,12 @@
-name: Ruby
-
-on:
-  push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
-
+name: Test
+on: [push, pull_request]
 jobs:
-  build:
-
+  test:
     runs-on: ubuntu-latest
-
     steps:
-    - uses: actions/checkout@v2 
-    - name: Set up Ruby 2.6
-      uses: actions/setup-ruby@v1
+    - uses: actions/checkout@v3
+    - uses: ruby/setup-ruby@v1
       with:
-        ruby-version: 2.6.x
-    - name: Build and test with Rake
-      run: |
-        gem install bundler
-        bundle install --jobs 4 --retry 3
-        bundle exec rake
+        ruby-version: '3.1'
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+    - run: bundle exec rake

data/.rubocop.yml

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 3.0.5
+  TargetRubyVersion: 3.1.1
   NewCops: enable
   SuggestExtensions: false
 Style/Documentation:

data/CHANGELOG.md

@@ -2,15 +2,33 @@
 
 ## Unreleased
 
+## 1.0.0.beta5
+
+- Added: `OpenapiFirst::Config.default_options=` to set default options globally
+- Added: You can define custom error responses by subclassing `OpenapiFirst::ErrorResponse` and register it via `OpenapiFirst::Plugins.register_error_response(name, MyCustomErrorResponse)`
+
+## 1.0.0.beta4
+
+- Update json_schemer to version 2.0
+- Breaking: Requires Ruby 3.1 or later
+- Added: Parameters are available at `env[OpenapiFirst::PATH_PARAMS]`, `env[OpenapiFirst::QUERY_PARAMS]`, `env[OpenapiFirst::HEADER_PARAMS]`, `env[OpenapiFirst::COOKIE_PARAMS]` in case you need to access them separately. Merged path and query parameters are still available at `env[OpenapiFirst::PARAMS]`
+- Breaking / Added: ResponseValidation now validates response headers
+- Breaking / Added: RequestValidation now validates cookie, path and header parameters
+- Breaking: multipart File uploads are now read and then validated
+- Breaking: Remove OpenapiFirst.env method
+- Breaking: Request validation returns 400 instead of 415 if request body is required, but empty
+
 ## 1.0.0.beta3
 
 - Remove obsolete dependency: deep_merge
 - Remove obsolete dependency: hanami-utils
 
 ## 1.0.0.beta2
+
 - Fixed dependencies. Remove unused code.
 
 ## 1.0.0.beta1
+
 - Removed: `OpenapiFirst::Responder` and `OpenapiFirst::RackResponder`
 - Removed: `OpenapiFirst.app` and `OpenapiFirst.middleware`
 - Removed: `OpenapiFirst::Coverage`

data/Gemfile

@@ -6,6 +6,9 @@ source 'https://rubygems.org'
 gemspec
 
 group :test, :development do
-  gem 'pry'
+  gem 'bundler'
+  gem 'rack-test'
+  gem 'rake'
+  gem 'rspec'
   gem 'rubocop'
 end

data/Gemfile.lock

@@ -1,22 +1,19 @@
 PATH
   remote: .
   specs:
-    openapi_first (1.0.0.beta3)
+    openapi_first (1.0.0.beta5)
       hanami-router (~> 2.0.0)
       json_refs (~> 0.1, >= 0.1.7)
-      json_schemer (~> 0.2.16)
-      multi_json (~> 1.14)
-      openapi_parameters (~> 0.2)
+      json_schemer (~> 2.0.0)
+      multi_json (~> 1.15)
+      openapi_parameters (>= 0.3.1, < 2.0)
       rack (>= 2.2, < 4.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
     ast (2.4.2)
-    coderay (1.1.3)
     diff-lcs (1.5.0)
-    ecma-re-validator (0.4.0)
-      regexp_parser (~> 2.2)
     hana (1.3.7)
     hanami-router (2.0.2)
       mustermann (~> 3.0)
@@ -24,77 +21,80 @@ GEM
       rack (~> 2.0)
     hansi (0.2.1)
     json (2.6.3)
-    json_refs (0.1.7)
+    json_refs (0.1.8)
       hana
-    json_schemer (0.2.24)
-      ecma-re-validator (~> 0.3)
+    json_schemer (2.0.0)
       hana (~> 1.3)
       regexp_parser (~> 2.0)
-      uri_template (~> 0.7)
-    method_source (1.0.0)
+      simpleidn (~> 0.2)
+    language_server-protocol (3.17.0.3)
     multi_json (1.15.0)
     mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
     mustermann-contrib (3.0.0)
       hansi (~> 0.2.0)
       mustermann (= 3.0.0)
-    openapi_parameters (0.2.1)
+    openapi_parameters (0.3.1)
       rack (>= 2.2)
       zeitwerk (~> 2.6)
-    parallel (1.22.1)
-    parser (3.2.1.1)
+    parallel (1.23.0)
+    parser (3.2.2.4)
       ast (~> 2.4.1)
-    pry (0.14.2)
-      coderay (~> 1.1)
-      method_source (~> 1.0)
-    rack (2.2.6.4)
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
+      racc
+    racc (1.7.3)
+    rack (2.2.8)
+    rack-test (2.1.0)
+      rack (>= 1.3)
     rainbow (3.1.1)
-    rake (13.0.6)
-    regexp_parser (2.7.0)
-    rexml (3.2.5)
+    rake (13.1.0)
+    regexp_parser (2.8.2)
+    rexml (3.2.6)
     rspec (3.12.0)
       rspec-core (~> 3.12.0)
       rspec-expectations (~> 3.12.0)
       rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.1)
+    rspec-core (3.12.2)
       rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.2)
+    rspec-expectations (3.12.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.5)
+    rspec-mocks (3.12.6)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-support (3.12.0)
-    rubocop (1.48.1)
+    rspec-support (3.12.1)
+    rubocop (1.57.2)
       json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.0.0)
+      parser (>= 3.2.2.4)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.26.0, < 2.0)
+      rubocop-ast (>= 1.28.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.0)
+    rubocop-ast (1.30.0)
       parser (>= 3.2.1.0)
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
-    unicode-display_width (2.4.2)
-    uri_template (0.7.0)
-    zeitwerk (2.6.7)
+    simpleidn (0.2.1)
+      unf (~> 0.1.4)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.9)
+    unicode-display_width (2.5.0)
+    zeitwerk (2.6.12)
 
 PLATFORMS
   arm64-darwin-21
+  x86_64-linux
 
 DEPENDENCIES
-  bundler (~> 2)
+  bundler
   openapi_first!
-  pry
-  rack-test (~> 1)
-  rake (~> 13)
-  rspec (~> 3)
+  rack-test
+  rake
+  rspec
   rubocop
 
 BUNDLED WITH

data/README.md

@@ -2,7 +2,7 @@
 
 [![Join the chat at https://gitter.im/openapi_first/community](https://badges.gitter.im/openapi_first/community.svg)](https://gitter.im/openapi_first/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 
-OpenapiFirst helps to implement HTTP APIs based on an [OpenAPI](https://www.openapis.org/) API description.
+OpenapiFirst helps to implement HTTP APIs based on an [OpenAPI](https://www.openapis.org/) API description. It supports OpenAPI 3.0 and 3.1.
 
 It provides these Rack middlewares:
 
@@ -10,6 +10,8 @@ It provides these Rack middlewares:
 - [`OpenapiFirst::ResponseValidation`](#response-validation) Validates the response and raises an exception if the response body is invalid.
 - [`OpenapiFirst::Router`](#openapifirstrouter) – This internal middleware is added automatically when using request/response validation. It adds the OpenAPI operation for the current request to the Rack env.
 
+Using Request and Response validation together ensures that your implementation follows exactly the API description. This enables you to use the API description as a single source of truth for your API, reason about details and use various tooling.
+
 ## Request Validation
 
 The `OpenapiFirst::RequestValidation` middleware returns a 400 status code with a body that describes the error if the request is not valid.
@@ -19,16 +21,18 @@ use OpenapiFirst::RequestValidation, spec: 'openapi.yaml'
 ```
 
 It adds these fields to the Rack env:
+
 - `env[OpenapiFirst::PARAMS]` – The parsed parameters (query, path) for the current request (string keyed)
 - `env[OpenapiFirst::REQUEST_BODY]` – The parsed request body (string keyed)
 - `env[OpenapiFirst::OPERATION]` (Added via Router) – The Operation object for the current request. This is an instance of `OpenapiFirst::Operation`.
 
 ### Options and defaults
 
-| Name           | Possible values | Description                                                                                        | Default                            |
-| :------------- | --------------- | -------------------------------------------------------------------------------------------------- | ---------------------------------- |
-| `spec:`        |                      | The path to the spec file or spec loaded via `OpenapiFirst.load`
-| `raise_error:` | `false`, `true` | If set to true the middleware raises `OpenapiFirst::RequestInvalidError` instead of returning 4xx. | `false` (don't raise an exception) |
+| Name              | Possible values                                                 | Description                                                                                        | Default                            |
+| :---------------- | --------------------------------------------------------------- | -------------------------------------------------------------------------------------------------- | ---------------------------------- |
+| `spec:`           |                                                                 | The path to the spec file or spec loaded via `OpenapiFirst.load`                                   |
+| `raise_error:`    | `false`, `true`                                                 | If set to true the middleware raises `OpenapiFirst::RequestInvalidError` instead of returning 4xx. | `false` (don't raise an exception) |
+| `error_response:` | `:default`, `:json_api`, Your implementation of `ErrorResponse` | :default                                                                                           |
 
 The error responses conform with [JSON:API](https://jsonapi.org).
 
@@ -36,7 +40,7 @@ Here's an example response body for a missing query parameter "search":
 
 ```json
 http-status: 400
-content-type: "application/vnd.api+json"
+content-type: "application/json"
 
 {
   "errors": [
@@ -72,9 +76,10 @@ This middleware adds the parsed request body to `env[OpenapiFirst::REQUEST_BODY]
 
 The middleware will return a status `415` if the requests content type does not match or `400` if the request body is invalid.
 
-### Header, Cookie, Path parameter validation
+### Header, Cookie, Query and Path parameter validation
 
-tbd.
+The `RequestValidation` middleware validates the request headers, cookies and path parameters as defined in you API description. It returns a `400` status code if the request is invalid. It adds the parsed merged _path_ and _query_ parameters to `env['openapi.params']`.
+Separate parsed parameters are made available by location at `env['openapi.path_params']`, `env['openapi.query']`, `env['openapi.headers']`, `env['openapi.cookies']` as well if you need to access them separately.
 
 ### readOnly / writeOnly properties
 
@@ -92,9 +97,9 @@ use OpenapiFirst::ResponseValidation, spec: 'openapi.yaml' if ENV['RACK_ENV'] ==
 
 ### Options
 
-| Name           | Possible values      | Description                                                                                                                                                                                                                                                     | Default                            |
-| :------------- | -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |
-| `spec:`        |                      | The path to the spec file or spec loaded via `OpenapiFirst.load`
+| Name    | Possible values | Description                                                      | Default |
+| :------ | --------------- | ---------------------------------------------------------------- | ------- |
+| `spec:` |                 | The path to the spec file or spec loaded via `OpenapiFirst.load` |
 
 ## OpenapiFirst::Router
 
@@ -104,16 +109,27 @@ This middleware is used automatically, but you can add it to the top of your mid
 use OpenapiFirst::Router, spec: './openapi/openapi.yaml'
 ```
 
-This middleware adds `env[OpenapiFirst::OPERATION]` which holds an Operation object that responds to `#operation_id`, `#path` (and `#[string]` to access raw fields).
+This middleware adds `env['openapi.operation']` which holds an instance of `OpenapiFirst::Operation` that responds to `#operation_id`, `#path` (and `#[]` to access raw fields).
 
 ### Options and defaults
 
 | Name           | Possible values      | Description                                                                                                                                                                                                                                                     | Default                            |
 | :------------- | -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |
-| `spec:`        |                      | The path to the spec file or spec loaded via `OpenapiFirst.load` |                                    |
+| `spec:`        |                      | The path to the spec file or spec loaded via `OpenapiFirst.load`                                                                                                                                                                                                |                                    |
 | `raise_error:` | `false`, `true`      | If set to true the middleware raises `OpenapiFirst::NotFoundError` when a path or method was not found in the API description. This is useful during testing to spot an incomplete API description.                                                             | `false` (don't raise an exception) |
 | `not_found:`   | `:continue`, `:halt` | If set to `:continue` the middleware will not return 404 (405, 415), but just pass handling the request to the next middleware or application in the Rack stack. If combined with `raise_error: true` `raise_error` gets preference and an exception is raised. | `:halt` (return 4xx response)      |
 
+## Global configuration
+
+You can configure default options gobally via `OpenapiFirst::Config`:
+
+```ruby
+OpenapiFirst::Config.default_options = {
+  error_response: :json_api,
+  request_validation_raise_error: true
+}
+```
+
 ## Alternatives
 
 This gem is inspired by [committee](https://github.com/interagent/committee) (Ruby) and [connexion](https://github.com/zalando/connexion) (Python).
@@ -160,9 +176,9 @@ run OpenapiFirst.app(spec, namespace: Pets)
 
 Run `bin/setup` to install dependencies.
 
-Run `bundle exec rspec` to run the tests.
+See `bundle exec rake` to run the linter and the tests.
 
-See `bundle exec rake -T` for rubygems related tasks.
+Run `bundle exec rspec` to run the tests only.
 
 ## Benchmarks
 

data/benchmarks/Gemfile.lock

@@ -1,32 +1,42 @@
 PATH
   remote: ..
   specs:
-    openapi_first (1.0.0.beta3)
+    openapi_first (1.0.0.beta5)
       hanami-router (~> 2.0.0)
       json_refs (~> 0.1, >= 0.1.7)
-      json_schemer (~> 0.2.16)
-      multi_json (~> 1.14)
-      openapi_parameters (~> 0.2)
+      json_schemer (~> 2.0.0)
+      multi_json (~> 1.15)
+      openapi_parameters (>= 0.3.1, < 2.0)
       rack (>= 2.2, < 4.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (7.0.4.3)
+    activesupport (7.1.2)
+      base64
+      bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
+      mutex_m
       tzinfo (~> 2.0)
+    base64 (0.2.0)
     benchmark-ips (2.12.0)
     benchmark-memory (0.2.0)
       memory_profiler (~> 1)
+    bigdecimal (3.1.4)
     builder (3.2.4)
     committee (5.0.0)
       json_schema (~> 0.14, >= 0.14.3)
       openapi_parser (~> 1.0)
       rack (>= 1.5)
     concurrent-ruby (1.2.2)
-    dry-core (1.0.0)
+    connection_pool (2.4.1)
+    drb (2.2.0)
+      ruby2_keywords
+    dry-core (1.0.1)
       concurrent-ruby (~> 1.0)
       zeitwerk (~> 2.6)
     dry-inflector (1.0.0)
@@ -40,10 +50,8 @@ GEM
       dry-inflector (~> 1.0)
       dry-logic (~> 1.4)
       zeitwerk (~> 2.6)
-    ecma-re-validator (0.4.0)
-      regexp_parser (~> 2.2)
-    grape (1.7.0)
-      activesupport
+    grape (2.0.0)
+      activesupport (>= 5)
       builder
       dry-types (>= 1.1)
       mustermann-grape (~> 1.0.0)
@@ -57,18 +65,17 @@ GEM
       mustermann-contrib (~> 3.0)
       rack (~> 2.0)
     hansi (0.2.1)
-    i18n (1.12.0)
+    i18n (1.14.1)
       concurrent-ruby (~> 1.0)
-    json_refs (0.1.7)
+    json_refs (0.1.8)
       hana
     json_schema (0.21.0)
-    json_schemer (0.2.24)
-      ecma-re-validator (~> 0.3)
+    json_schemer (2.0.0)
       hana (~> 1.3)
       regexp_parser (~> 2.0)
-      uri_template (~> 0.7)
+      simpleidn (~> 0.2)
     memory_profiler (1.0.1)
-    minitest (5.18.0)
+    minitest (5.20.0)
     multi_json (1.15.0)
     mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
@@ -77,36 +84,41 @@ GEM
       mustermann (= 3.0.0)
     mustermann-grape (1.0.2)
       mustermann (>= 1.0.0)
+    mutex_m (0.2.0)
     nio4r (2.5.9)
-    openapi_parameters (0.2.1)
+    openapi_parameters (0.3.1)
       rack (>= 2.2)
       zeitwerk (~> 2.6)
     openapi_parser (1.0.0)
-    puma (6.2.2)
+    puma (6.4.0)
       nio4r (~> 2.0)
-    rack (2.2.6.4)
+    rack (2.2.8)
     rack-accept (0.4.5)
       rack (>= 0.4)
-    rack-protection (3.0.6)
-      rack
-    regexp_parser (2.8.0)
-    roda (3.67.0)
+    rack-protection (3.1.0)
+      rack (~> 2.2, >= 2.2.4)
+    regexp_parser (2.8.2)
+    roda (3.73.0)
       rack
     ruby2_keywords (0.0.5)
     seg (1.2.0)
-    sinatra (3.0.6)
+    simpleidn (0.2.1)
+      unf (~> 0.1.4)
+    sinatra (3.1.0)
       mustermann (~> 3.0)
       rack (~> 2.2, >= 2.2.4)
-      rack-protection (= 3.0.6)
+      rack-protection (= 3.1.0)
       tilt (~> 2.0)
     syro (3.2.1)
       rack (>= 1.6.0)
       seg
-    tilt (2.1.0)
+    tilt (2.3.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    uri_template (0.7.0)
-    zeitwerk (2.6.7)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.9)
+    zeitwerk (2.6.12)
 
 PLATFORMS
   arm64-darwin-21

data/benchmarks/apps/openapi_first_with_plain_rack.ru

@@ -24,9 +24,9 @@ app = Rack::Builder.new do
 
   not_found = ->(_env) { [404, {}, []] }
 
-  run lambda do |env|
+  run(lambda do |env|
     handlers.fetch(env[OpenapiFirst::OPERATION]&.operation_id, not_found).call(env)
-  end
+  end)
 end
 
 run app

data/lib/openapi_first/body_parser_middleware.rb

@@ -4,29 +4,16 @@ require 'multi_json'
 
 module OpenapiFirst
   class BodyParserMiddleware
-    def initialize(app, options = {})
+    def initialize(app)
       @app = app
-      @raise = options.fetch(:raise_error, false)
     end
 
-    RACK_INPUT = 'rack.input'
     ROUTER_PARSED_BODY = 'router.parsed_body'
+    private_constant :ROUTER_PARSED_BODY
 
     def call(env)
       env[ROUTER_PARSED_BODY] = parse_body(env)
       @app.call(env)
-    rescue BodyParsingError => e
-      raise if @raise
-
-      err = { title: "Failed to parse body as #{env['CONTENT_TYPE']}", status: '400' }
-      err[:detail] = e.cause unless ENV['RACK_ENV'] == 'production'
-      errors = [err]
-
-      Rack::Response.new(
-        MultiJson.dump(errors: errors),
-        400,
-        Rack::CONTENT_TYPE => 'application/vnd.api+json'
-      ).finish
     end
 
     private
@@ -40,8 +27,8 @@ module OpenapiFirst
       return request.POST if request.form_data?
 
       body
-    rescue MultiJson::ParseError => e
-      raise BodyParsingError, e
+    rescue MultiJson::ParseError
+      raise BodyParsingError, 'Failed to parse body as application/json'
     end
 
     def read_body(request)

data/lib/openapi_first/config.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module OpenapiFirst
+  class Config
+    def initialize(error_response: :default, request_validation_raise_error: false)
+      @error_response = Plugins.find_error_response(error_response)
+      @request_validation_raise_error = request_validation_raise_error
+    end
+
+    attr_reader :error_response, :request_validation_raise_error
+
+    def self.default_options
+      @default_options ||= new
+    end
+
+    def self.default_options=(options)
+      @default_options = new(**options)
+    end
+  end
+end

data/lib/openapi_first/definition.rb

@@ -3,6 +3,7 @@
 require_relative 'operation'
 
 module OpenapiFirst
+  # Represents an OpenAPI API Description document
   class Definition
     attr_reader :filepath, :operations
 
@@ -11,9 +12,15 @@ module OpenapiFirst
       methods = %w[get head post put patch delete trace options]
       @operations = resolved['paths'].flat_map do |path, path_item|
         path_item.slice(*methods).map do |request_method, _operation_object|
-          Operation.new(path, request_method, path_item)
+          Operation.new(path, request_method, path_item, openapi_version: detect_version(resolved))
         end
       end
     end
+
+    private
+
+    def detect_version(resolved)
+      (resolved['openapi'] || resolved['swagger'])[0..2]
+    end
   end
 end

data/lib/openapi_first/error_response.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module OpenapiFirst
+  # This is the base class for error responses
+  class ErrorResponse
+    ## @param request [Hash] The Rack request env
+    ## @param request_validation_error [OpenapiFirst::RequestValidationError]
+    def initialize(env, request_validation_error)
+      @env = env
+      @request_validation_error = request_validation_error
+    end
+
+    extend Forwardable
+
+    attr_reader :env, :request_validation_error
+
+    def_delegators :@request_validation_error, :status, :location, :schema_validation
+
+    def validation_output
+      schema_validation&.output
+    end
+
+    def schema
+      schema_validation&.schema
+    end
+
+    def data
+      schema_validation&.data
+    end
+
+    def message
+      request_validation_error.message
+    end
+
+    def render
+      Rack::Response.new(body, status, Rack::CONTENT_TYPE => content_type).finish
+    end
+
+    def content_type = 'application/json'
+
+    def body
+      raise NotImplementedError
+    end
+  end
+end