Defining a body field with ParamValidator::PARAM_TYPE => 'string' in a REST handler's getParamSettings() method does not actually make it reject application/json requests containing integers or booleans for this field. It doesn't get cast to a string either, so a call like $this->methodExpectingString( $request->getParsedBody()['mystringfield'] ) results in a type error in such cases.
This behavior may be necessary for other content types, but for JSON requests it seems rather unintuitive and likely to cause bugs.