Wrong use of oneOf in OpenAPI spec

API and Webhooks
1

Hi,

as we’re working on generating Zoom integration for our iPaaS platfrom Appmixer from your OpenAPI spec, we noticed that your OpenAPI spec is incorrect in places where you use the oneOf schema keyword. For example, in the spec downloaded from https://marketplace.zoom.us/docs/api-reference/zoom-api/methods/#overview, you can see e.g. in the definition of the /users/{userId}/meetings route the use of oneOf for the userId property:

{
  "name": "userId",
  "in": "path",
  "description": "The user ID or email address of the user. For user-level apps, pass the `me` value.",
  "required": true,
  "schema": {
    "oneOf": [
      {
        "type": "string",
        "example": "6dfgdfgdg444447b0egga"
      },
      {
        "type": "string",
        "format": "email",
        "example": "jchill@example.com"
      },
      {
        "type": "string",
        "enum": [
          "me"
        ],
        "example": "me"
      }
    ]
  }
}

The problem is that the “me” value for the userId property never passes the validation test since “me” is valid against 2 out of the 3 subschemas (it’s a string and also an enum). Therefore, the “me” value does not validate against the oneOf since in oneOf, value is only valid if it validates against EXACTLY ONE of the subschemas, not more. See oneOf, anyOf, allOf, not.

There are more occurrences of this wrong userId definition. Note that we did not check other APIs besides Zoom Meetings so the issue might be somewhere else too.

I assume the keyword should be anyOf instead.

It’d be great to have this corrected to make sure tools that generate clients based on the OpenAPI spec are valid.

Thanks!

2

Hi @david6
Thank you so much for reaching out to the Zoom Developer forum and welcome to our community!
We really appreciate your feedback!
Thanks for bringing this up to our attention and I will make sure to pass this feedback internally and will keep you updated if I hear anything about it.
Have an excellent day,
Elisa

3

This topic was automatically closed 368 days after the last reply. New replies are no longer allowed.

4

Hey everyone,

Recently we launched Zoom Rivet for Node.js. Zoom Rivet is Zoom’s Official API Library and API Wrapper.

We currently support Node.js. Java, Python, GO, C#, and other languages are coming soon or being considered.

Zoom Rivet is available on npm and can be used to automatically handle OAuth and easily call Zoom APIs like Meetings, Phone, Users, Team Chat, Chatbot, Accounts, Video SDK, and more. It even includes a Webhook server to easily receive Zoom Webhooks.

npm install @zoom/rivet

Example that handles OAuth and calls a Meeting API and listens to a webhook event:

import { MeetingsS2SAuthClient } from "@zoom/rivet/meetings";

(async () => {
   const meetingsClient = new MeetingsS2SAuthClient({
      clientId: process.env.CLIENT_ID,
      clientSecret: process.env.CLIENT_SECRET,
      webhooksSecretToken: process.env.WEBHOOKS_SECRET_TOKEN,
      accountId: process.env.ACCOUNT_ID
   });

   // Rivet Events and Endpoints Go Here

   meetingsClient.endpoints.meetings.getMeeting({
      path: { meetingId: "MEETINGID" }
   }).then((response) => {
      console.log(response)
   });

   meetingsClient.webEventConsumer.event("meeting.started", (response) => {
      console.log(response.payload);
   })

   const server = await meetingsClient.start();

   console.log(`Zoom Rivet Events Server running on: ${JSON.stringify(server.address())}`);
})();

NPM:

Docs:

Sample App:

For feedback, requests, or questions please refer to the Rivet Devforum Category:

Best,
Tommy