Problem
Parameters declared with in: cookie are currently dropped with a warning. Query (#63), path (#113), and header (#121) parameters all get a typed, validated per-operation Data class with a from*(Request) factory, but cookie parameters get no typing and no validation at all.
Impact
A cookie parameter's type/format/constraints (and even its presence when required) are silently unenforced. A handler relying on a spec-declared cookie has no generated typing or validation backing it. Correctness/coverage gap relative to the other three in: locations.
What correct support looks like
- synthesize a per-operation
<Operation>CookieData class with a fromCookies(Request) factory reading $request->cookies, mirroring the query/path/header pipeline through the same location-parameterized core in RequestDataSynthesizer
- run the body-class rules pipeline over each cookie param (type, format, enum, min/max, pattern, required)
- additive injection like path/header: the abstract method carries a
::fromCookies($request) docblock pointer rather than container-injecting
- reserved/framework-owned cookies handled sensibly (skip-and-warn if needed)
Current behavior (recorded in fidelity report)
in: cookie parameters are recorded in openapi-laravel.unsupported.json (the drift-checked fidelity report) as dropped-with-warning. Related implemented locations: #63 (query), #113 (path), #121 (header).
Problem
Parameters declared with
in: cookieare currently dropped with a warning. Query (#63), path (#113), and header (#121) parameters all get a typed, validated per-operation Data class with afrom*(Request)factory, but cookie parameters get no typing and no validation at all.Impact
A cookie parameter's type/format/constraints (and even its presence when
required) are silently unenforced. A handler relying on a spec-declared cookie has no generated typing or validation backing it. Correctness/coverage gap relative to the other threein:locations.What correct support looks like
<Operation>CookieDataclass with afromCookies(Request)factory reading$request->cookies, mirroring the query/path/header pipeline through the same location-parameterized core inRequestDataSynthesizer::fromCookies($request)docblock pointer rather than container-injectingCurrent behavior (recorded in fidelity report)
in: cookieparameters are recorded inopenapi-laravel.unsupported.json(the drift-checked fidelity report) as dropped-with-warning. Related implemented locations: #63 (query), #113 (path), #121 (header).