HTTP to HTTPS redirection breaks remote reference resolution

[mxr576]

There is an HTTP to HTTPS redirect for every http://asyncapi.com... URL to https://asyncapi.com... which breaks the current implementation.

Minimal code

<?php

declare(strict_types = 1);

require __DIR__ . '/vendor/autoload.php';

$data = json_decode(file_get_contents('https://raw.githubusercontent.com/asyncapi/spec/2.0.0/examples/2.0.0/correlation-id.yml'));

// Validate
$validator = new JsonSchema\Validator;
$validator->validate($data, (object)['$ref' => 'https://raw.githubusercontent.com/asyncapi/spec-json-schemas/77c40b5aaa5515de537de3ea7eb383f4076c02d5/schemas/2.0.0.json']);

if ($validator->isValid()) {
  echo "The supplied JSON validates against the schema.\n";
} else {
  echo "JSON does not validate. Violations:\n";
  foreach ($validator->getErrors() as $error) {
    printf("[%s] %s\n", $error['property'], $error['message']);
  }
}

Unexpected result

 PHP Fatal error:  Uncaught JsonSchema\Exception\InvalidSchemaMediaTypeException: Media type application/schema+json expected in /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/Uri/UriRetriever.php:92
Stack trace:
#0 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/Uri/UriRetriever.php(209): JsonSchema\Uri\UriRetriever->confirmMediaType()
#1 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/Uri/UriRetriever.php(181): JsonSchema\Uri\UriRetriever->loadSchema()
#2 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/SchemaStorage.php(52): JsonSchema\Uri\UriRetriever->retrieve()
#3 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/SchemaStorage.php(115): JsonSchema\SchemaStorage->addSchema()
#4 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/SchemaStorage.php(138): JsonSchema\SchemaStorage->getSchema()
#5 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/SchemaStorage.php(162): JsonSchema\SchemaStorage->resolveRef()
#6 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/Constraints/Constraint.php(123): JsonSchema\SchemaStorage->resolveRefSchema()
#7 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/Constraints/SchemaConstraint.php(92): JsonSchema\Constraints\Constraint->checkUndefined()
#8 /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/Validator.php(63): JsonSchema\Constraints\SchemaConstraint->check()
#9 /mnt/files/local_mount/build/foo.php(16): JsonSchema\Validator->validate()
#10 {main}
  thrown in /mnt/files/local_mount/build/vendor/justinrainbow/json-schema/src/JsonSchema/Uri/UriRetriever.php on line 92

Additional info

Version

$ composer show justinrainbow/json-schema | grep version
versions : * 5.2.12

[DannyvdSluijs]

This is due to the FileGetContents [link] which uses the $http_response_headers predefined variable. One of the comments warns about the headers being kept when doing a redirect.
Which effectively causes the matching of the content type being done on the first header with that name, in you specific case this is the Content-Type: text/plain; charset=utf-8 for the HTTP 301.

There seems to be two options around this:

1. Use another AbstractRetriever implementation such as the Curl based one but that might cause issues with schema's which are a file reference instead of a url reference.
2. Create a PR I took the liberty of creating a PR for you. You can checkout my PR and test if the changes work for you. Please leave a comment if this does as that would help the review process.

[mxr576]

Thanks, sent my feedback on the PR!