No OneTemporary
Actions

Size

38 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/CHANGELOG.md b/CHANGELOG.md
	index b5d6ed9..64687b9 100644
	--- a/CHANGELOG.md
	+++ b/CHANGELOG.md
	@@ -1,374 +1,384 @@
	+# 3.5.2
	+
	+Thanks to the contributions of the community ❤️💙💛💜🧡
	+
	+* [jung-hunsoo](https://github.com/jung-hunsoo)
	+* [linnal](https://github.com/linnal)
	+
	+- Fix: Update README for Info from `Application.spec/2` (#174)
	+- Fix: Casting for unsupported params (#170)
	+
	# 3.5.1

	Thanks to the contributions of the community ❤️💙💛💜🧡

	* [mrmstn](https://github.com/mrmstn)

	- Fix: Issues with complex types for phoenix endpoints (#161)
	- Fix: In ExDoc-based operation spec (experimental), change key name used to define `requestBody` (#164)
	- Fix: `oneOf` schema having object schemas (#167)

	# 3.5.0

	Thanks to the contributions of the community ❤️💙💛💜🧡

	* [surik](https://github.com/surik)
	* [fmcgeough](https://github.com/fmcgeough)
	* [zero778](https://github.com/zero778)
	* [vovayartsev](https://github.com/vovayartsev)
	* [superhawk610](https://github.com/superhawk610)
	* [jung-hunsoo](https://github.com/jung-hunsoo)
	* [supermaciz](https://github.com/supermaciz)
	* [Geekfish](https://github.com/Geekfish)
	* [mrmstn](https://github.com/mrmstn)
	* [waltfy](https://github.com/waltfy)
	* [ggpasqualino](https://github.com/ggpasqualino)
	* [hauleth](https://github.com/hauleth)

	- Feature: Ability to import Open API documents instead of defining them in Elixir (#152)
	- Feature: Add `display_operation_id` option to SwaggerUI (#138)
	- Feature: Schema validation: schema type required when `properties` is present (#146)
	- Feature: Improve reporting of test assertion failures (#150)
	- Feature: Support for `min_properties` validation for Object properties (#131)
	- Feature: Support property defaults in new Cast & Validate API (#145)
	- Feature: Support for casting file uploads (#133)
	- Feature: Support "$ref" in operation's parameters (#137)
	- Feature: Experimental ExDoc-based endpoint API specifications (#162)
	- Deprecation: Deprecate old cast and validation API (#153)
	- Deprecation: Set minimum supported Elixir version to 1.7, maximum 1.9 (#130)
	- Fix: Prevent example properties with nil values from being stripped out during JSON encoding (#142)
	- Fix: casting/validating of oneOf, anyOf (#148)
	- Fix: Pass additional properties through when allowed via `additionalProperties` (#155)
	- Fix: for `allOf` definitions for multi-typed `allOf` array and complex structs with inheritance (#156)
	- Fix: Allow a root-level property of compiled schema to be a schema (#158)
	- Docs: Fix bugs and improve wording in README (#126)
	- Docs: update phoenix guide and samples (#129)
	- Docs: README instructions for separating API operation from controller (#140)

	The original cast & validation API has been deprecated and replaced with an API that was introduced in 3.2.0.
	Using the old API will now result in compiler and runtime warnings.

	Old API:
	```elixir
	defmodule PhoenixAppWeb.UserController do
	use PhoenixAppWeb, :controller
	plug OpenApiSpex.Plug.Cast
	plug OpenApiSpex.Plug.Validate
	end
	```

	Will result in:
	```
	warning: OpenApiSpex.Plug.Cast.call/2 is deprecated. Use OpenApiSpex.Plug.CastAndValidate instead
	test/support/user_controller.ex:1

	warning: OpenApiSpex.Plug.Validate.call/2 is deprecated. Use OpenApiSpex.Plug.CastAndValidate.call/2 instead
	test/support/user_controller.ex:1
	```

	New API
	```elixir
	defmodule PhoenixAppWeb.UserController do
	use PhoenixAppWeb, :controller
	plug OpenApiSpex.Plug.CastAndValidate
	end
	```

	Note that this changes the default error response. Before, it was a single, plain-text error message.
	Now, it's a list of error maps, containing more error information.

	Old API:
	```elixir
	defmodule MyAppWeb.MyControllerTest do
	use MyApp.ConnCase
	# Old module
	import OpenApiSpex.Test.Assertions

	## The test themselves don't need to change

	test "UserController produces a UsersResponse", %{conn: conn} do
	api_spec = MyApp.ApiSpec.spec()
	json =
	conn
	\|> get(user_path(conn, :index))
	\|> json_response(200)

	assert_schema(json, "UsersResponse", api_spec)
	end

	test "something" do
	api_spec = MyApp.ApiSpec.spec()
	schema = MyApp.Schemas.UsersResponse.schema()
	assert_schema(schema.example, "UsersResponse", api_spec)
	end
	end
	```

	Will produce:
	```
	warning: OpenApiSpex.Test.Assertions.assert_schema/3 is deprecated. Use OpenApiSpex.TestAssertions.assert_schema/3 instead
	test/my_controller_test.exs:21
	```

	New API:
	```elixir
	defmodule MyAppWeb.MyControllerTest do
	use MyApp.ConnCase
	# New module
	import OpenApiSpex.TestAssertions

	# The test themselves don't need to change,
	# but the new assertion is more discerning,
	# so it may find problems that the old API didn't.
	end
	```

	# 3.4.0

	Thanks to the contributions of the community ❤️💙💛💜🧡

	* [surik](https://github.com/surik)
	* [holsee](https://github.com/holsee)
	* [fmcgeough](https://github.com/fmcgeough)


	- Feature: the `OpenApiSpex` and `OpenApiSpex.Info` structs now support [extensions](https://swagger.io/docs/specification/openapi-extensions/) (#108) (#114)

	The `extensions` key may contain any additional data that should be included in the info, eg the `x-logo` and `x-tagGroups` extensions:

	```elixir
	spec = %OpenApi{
	info: %Info{
	title: "Test",
	version: "1.0.0",
	extensions: %{
	"x-logo" => %{
	"url" => "https://example.com/logo.png",
	"backgroundColor" => "#FFFFFF",
	"altText" => "Example logo"
	}
	}
	},
	extensions: %{
	"x-tagGroups" => [
	%{
	"name" => "Methods",
	"tags" => [
	"Search",
	"Fetch",
	"Delete"
	]
	}
	]
	},
	paths: %{ ... }
	}
	```

	- Deprecation: `OpenApiSpex.Server.from_endpoint/2` has been deprecated in favor of `OpenApiSpex.Server.from_endpoint/1`.
	Simply remove the `otp_app:` option from the call to use the new function. (#116)

	```elixir
	# server = Server.from_endpoint(Endpoint, otp_app: :my_phoenix_app)
	server = Server.from_endpoint(MyPhoenixAppWeb.Endpoint)
	```

	- Fix: The internal representation of a Phoenix Route struct changed in Phoenix 1.4.7 breaking the `OpenApiSpex.Paths.from_router/1` function. OpenApiSpex 3.4.0 will support both representations until the Phoenix API becomes stable. (#118)

	# 3.3.0

	Thanks to the contributions from the community! 👍

	* [hauleth](https://github.com/hauleth)
	* [cstaud](https://github.com/cstaud)
	* [xadhoom](https://github.com/xadhoom)
	* [nurugger07](https://github.com/nurugger07)
	* [fenollp](https://github.com/fenollp)
	* [moxley](https://github.com/moxley)

	- Feature: Enums expressed as atoms or atom-keyed maps can be cast from strings (or string-keyed maps). (#60) (#101)

	Example:

	```elixir
	parameters: [
	Operation.parameter(:sort, :query, :string, "sort direction", enum: [:asc, :desc])
	],
	```

	- Fix: Schema module references are resolved in in-line parameter/response schemas. (#77) (#105)

	Example: The response schema is given in-line as an array, but items are resolved from the `User` module.

	```elixir
	responses: %{
	200 => Operation.response(
	"User array",
	"application/json",
	%Schema{
	type: :array,
	items: MyApp.Schemas.User
	}
	)
	}
	```

	- Fix: Ensure integer query parameters are validated correctly after conversion from string. (#106)
	- Fix: Ensure integers are validated correctly against schema `minimum`, `maximum`, `exlcusiveMinimum` and `exclusiveMaximum` attributes. (#97)
	- Fix: Ensure strings are cast to `Date` or `DateTime` types when the schema format is `:date` or `:date-time`. (#90) (#94)
	- Docs: The contract for module supplied to the `PutApiSpec` plug is now documented by the `OpenApi` behaviour. (#73) (#103)
	- Docs: Poison replaced with Jason in example and tests (#104)
	- Docs: Improved documentation for combined `CastAndValidate` plug. (#91)
	- Internals: Cache mapping from phoenix controller/action to OpenApi operation. (#102)


	# 3.2.1

	Patch release for documentation updates and improved error rendering Plug when using `CastAndValidate`.

	Thanks [moxley](https://github.com/moxley)!

	- Cast and validate guide (#89)

	# 3.2.0

	This release contains many improvements and internal changes thanks to the contributions of the community!

	* [moxley](https://github.com/moxley)
	* [kpanic](https://github.com/kpanic)
	* [hauleth](https://github.com/hauleth)
	* [nurugger07](https://github.com/nurugger07)
	* [ggpasqualino](https://github.com/ggpasqualino)
	* [teamon](https://github.com/teamon)
	* [bryannaegele](https://github.com/bryannaegele)

	- Feature: Send Plug CSRF token in x-csrf-token header from Swagger UI (#82)
	- Feature: Support `Jason` library for JSON serialization (#75)
	- Feature: Combine casting and validation into a single `CastAndValidate` Plug (#69) (#86)
	- Feature: Improved performance by avoiding copying of API Spec data in each request (#83)
	- Fix: Convert `integers` to `float` when casting to `number` type (#81) (#84)
	- Fix: Validate strings without trimming whitespace first (#79)
	- Fix: Exclusive Minimum and Exclusive maximum are validated correctly (#68)
	- Fix: Report errors when unable to convert to the expected number/string/boolean type (#64)
	- Fix: Gracefully report error when failing to convert request params to an object type (#63)
	- Internals: Improved code organisation of unit test suite (#62)

	# 3.1.0

	- Add support for validating polymorphic schemas using `oneOf`, `anyOf`, `allOf`, `not` constructs.
	- Updated example apps to work with new API
	- CI has moved from travis-ci.org to travis-ci.com and now uses github apps integration.

	Thanks to [fenollp](https://github.com/fenollp) and [tapickell](https://github.com/tapickell) for contributions!

	# 3.0.0

	Major version bump as the behaviour of `OpenApiSpex.Plug.Cast` has changed (#39).
	To enable requests that contain a body as well as path or query params, the result of casting the
	request body is now placed in the `Conn.body_params` field, instead of the combined `Conn.params` field.

	This requires changing code such as Phoenix controller actions to from

	```elixir
	def create(conn, %UserRequest{user: %User{name: name, email: email}}) do
	```

	to

	```elixir
	def create(conn = %{body_params: %UserRequest{user: %User{name: name, email: email}}}, params) do
	```

	- Feature: A custom plug may be provided to render errors (#46)
	- Fix compiler warnings and improve CI process (#53)
	- Fix: Support casting GET requests without Content-Type header (#50, #49)
	- Open API Spex has been moved to the new `open-api-spex` Github organisation

	# 2.3.1

	- Docs: Update example application to include swagger generate mix task (#41)
	- Fix: Ignore charset in content-type header when looking up schema by content type. (#45)

	Thanks to [dmt](https://github.com/dmt) and [fenollp](https://github.com/fenollp) for contributions!

	# 2.3.0

	- Feature: Validate string enum types. (#33)
	- Feature: Detect and report missing API spec in `OpenApiSpex.Plug.Cast` (#37)
	- Fix: Correct atom for parameter `style` field typespec (#36)

	Thanks to [slavo2](https://github.com/slavo2) and [anagromataf](https://github.com/anagromataf) for
	contributions!

	# 2.2.0

	- Feature: Support composite schemas in `OpenApiSpex.schema`

	structs defined with `OpenApiSpex.schema` will include all properties defined in schemas
	listed in `allOf`. See the `OpenApiSpex.Schema` docs for some examples.

	- Feature: Support composite and polymorphic schemas with `OpenApiSpex.cast/3`.
	- `discriminator` is used to cast polymorphic shemas to a more specific schema.
	- `allOf` will cast all properties in each included schema
	- `oneOf` / `anyOf` will attempt to use each schema until a successful cast is made

	# 2.1.1

	- Fix: (#24, #25) Operations that define `parameters` and a `requestBody` schema can be validated.

	# 2.1.0

	- Feature: (#16) Error response from `OpenApiSpex.cast` when value contains unknown properties and schema declares `additionalProperties: false`.
	- Feature: (#20) Update swagger-ui to version 3.17.0.
	- Fix: (#17, #21, #22) Update typespecs for struct types.

	# 2.0.0

	Major version update following from API change in `OpenApiSpex.cast` and `OpenApiSpex.validate`.
	When casting/validating all parameters against an `OpenApiSpex.Operation`, the complete `Plug.Conn` struct must now be passed, where the combined params map was previously accepted.
	This allows `OpenApiSpex.cast` / `OpenApiSpex.validate` to check that the parameters are being supplied in the expected location (query, path, body, header, cookie).
	In version 2.0.0, only unexpected query parameters will cause a 422 response from `OpenApiSpex.Plug.Cast`, this may be extended in future versions to detect more invalid requests.

	Thanks [cstaud](https://github.com/cstaud), [rutho](https://github.com/ThomasRueckert), [anagromataf](https://github.com/anagromataf) for contributions!


	- Change: (#9) swagger-ui updated to 3.13.4
	- Change (#9) Unexpected query parameters will produce an error response from `OpenApiSpex.Plug.Cast`
	- Change: (#9) `OpenApiSpex.cast/4` now requires a complete `Plug.Conn` struct when casting all parameters of an `OpenApiSpex.Operation`
	- Change: (#14) `OpenApiSpex.validate/4` now requires a complete `Plug.Conn` struct when validating all parameters of an `OpenApiSpex.Operation`
	- Fix: (#11) Support resolving list of schema modules in `oneOf`, `anyOf`, etc.
	- Fix: `OpenApiSpex.schema` macro allows defining schemas without any properties
	- Fix: type declarations better reflect when `nil` is allowed


	# 1.1.4

	- `additionalProperties` is now `nil` by default, was previously `true`

	# 1.1.3

	- Fix several bugs and make some minor enhancements to schema casting and validating.
	- Add sample application to enable end-to-end testing

	# 1.1.2

	Fix openapi version output in generated spec.

	# 1.1.1

	Update swagger-ui to version 3.3.2

	# 1.1.0

	Include path to invalid element in validation errors.
	Eg: "#/user/name: Value does not match pattern: [a-zA-Z][a-zA-Z0-9_]+"

	# 1.0.1

	Cache API spec in application environment after first call to PutApiSpec plug

	# 1.0.0

	Initial release. This package is inspired by [phoenix_swagger](https://github.com/xerions/phoenix_swagger) but targets Open API Spec 3.0.


	diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
	index 0710f07..7f3327b 100644
	--- a/CONTRIBUTING.md
	+++ b/CONTRIBUTING.md
	@@ -1,39 +1,39 @@
	# Contributing

	## Open an issue

	If you've found a bug or would like to discuss a new feature, start by [opening an issue](https://github.com/open-api-spex/open_api_spex/issues/new).
	Where possible, please refer to the relevant sections of the Open API Specification 3.0 or JSON Schema Specification:

	* https://swagger.io/docs/specification/
	* https://github.com/OAI/OpenAPI-Specification/blob/OpenAPI.next/versions/3.0.0.md
	* https://json-schema.org/understanding-json-schema/


	## Send a Pull Request

	Link your pull request to the issue opened earlier, eg `fixes #123`.
	Please be patient as maintainers are generally volunteering their time to support the project 🙂

	## Get Help

	You can ask for help using OpenApiSpex by:

	* [Opening an issue](https://github.com/open-api-spex/open_api_spex/issues/new) - you may have run in to a bug or poorly documented feature!
	* Using the [open_api_spex slack channel](https://elixir-lang.slack.com/messages/CPEN5UW1X)
	* Using the [Elixir Forum thread](https://elixirforum.com/t/openapispex-openapi-swagger-3-0-for-plug-apis/15614)

	## Releasing (Maintainers Only)

	To ship a release to Hex.pm, complete the following checklist:

	- Confirm the project builds and all tests pass on your machine `mix clean; mix test`
	- If possible, look for regressions by testing `master` against a project that uses open_api_spex.
	- Confirm the docs build successfully and do not contain obvious formatting errors `mix docs; open doc/index.html`
	- Review the `CHANGELOG.md` file, adding a line for each pr / issue and a larger description for significant changes.
	- Update the `@version` attribute in `mix.exs`
	-- Update the `Installation` section of the `README.md` file with the new version
	+- Update the `Installation` section of the `README.md` file with the new version (for minor and major releases)
	- Commit and tag the `master` branch with the version and a leading `v`, eg: `v3.14.15`
	- Push master branch to `open_api_spex` repo
	- Push package to Hex: `mix hex.publish`
	- Add a release announcement to the [Elixir Forum thread](https://elixirforum.com/t/openapispex-openapi-swagger-3-0-for-plug-apis/15614)
	diff --git a/README.md b/README.md
	index f7bf433..9535260 100644
	--- a/README.md
	+++ b/README.md
	@@ -1,466 +1,466 @@
	# Open API Spex
	[![Build Status](https://travis-ci.com/open-api-spex/open_api_spex.svg?branch=master)](https://travis-ci.com/open-api-spex/open_api_spex)
	[![Hex.pm](https://img.shields.io/hexpm/v/open_api_spex.svg)](https://hex.pm/packages/open_api_spex)


	Leverage Open API Specification 3 (formerly Swagger) to document, test, validate and explore your Plug and Phoenix APIs.

	- Generate and serve a JSON Open API Spec document from your code
	- Use the spec to cast request params to well defined schema structs
	- Validate params against schemas, eliminate bad requests before they hit your controllers
	- Validate responses against schemas in tests, ensuring your docs are accurate and reliable
	- Explore the API interactively with with [SwaggerUI](https://swagger.io/swagger-ui/)

	Full documentation available on [hexdocs](https://hexdocs.pm/open_api_spex/)

	## Installation

	The package can be installed by adding `open_api_spex` to your list of dependencies in `mix.exs`:

	```elixir
	def deps do
	[
	{:open_api_spex, "~> 3.5"}
	]
	end
	```

	## Generate Spec

	Start by adding an `ApiSpec` module to your application to populate an `OpenApiSpex.OpenApi` struct.

	```elixir
	defmodule MyAppWeb.ApiSpec do
	alias OpenApiSpex.{OpenApi, Server, Info, Paths}
	alias MyAppWeb.{Endpoint, Router}
	@behaviour OpenApi

	@impl OpenApi
	def spec do
	%OpenApi{
	servers: [
	# Populate the Server info from a phoenix endpoint
	Server.from_endpoint(Endpoint)
	],
	info: %Info{
	title: "My App",
	version: "1.0"
	},
	# populate the paths from a phoenix router
	paths: Paths.from_router(Router)
	}
	\|> OpenApiSpex.resolve_schema_modules() # discover request/response schemas from path specs
	end
	end
	```

	Or you can use application's spec value in `info:` key.

	```elixir
	info: %Info{
	description: Application.spec(:my_app, :description)
	version: Application.spec(:my_app, :vsn)
	}
	```

	For each plug (controller) that will handle api requests, add an `open_api_operation` callback.
	It will be passed the plug opts that were declared in the router, this will be the action for a phoenix controller. The callback populates an `OpenApiSpex.Operation` struct describing the plug/action.

	```elixir
	defmodule MyAppWeb.UserController do
	alias OpenApiSpex.Operation
	alias MyAppWeb.Schemas.UserResponse

	@spec open_api_operation(atom) :: Operation.t()
	def open_api_operation(action) do
	operation = String.to_existing_atom("#{action}_operation")
	apply(__MODULE__, operation, [])
	end

	@spec show_operation() :: Operation.t()
	def show_operation() do
	%Operation{
	tags: ["users"],
	summary: "Show user",
	description: "Show a user by ID",
	operationId: "UserController.show",
	parameters: [
	Operation.parameter(:id, :path, :integer, "User ID", example: 123, required: true)
	],
	responses: %{
	200 => Operation.response("User", "application/json", UserResponse)
	}
	}
	end

	# Controller's `show` action
	def show(conn, %{id: id}) do
	{:ok, user} = MyApp.Users.find_by_id(id)
	json(conn, 200, user)
	end

	end
	```

	Alternatively, you can create an operation file separately using `defdelegate`.

	```elixir
	# Phoenix's controller
	defmodule MyAppWeb.UserController do
	defdelegate open_api_operation(action), to: MyAppWeb.UserApiOperation

	def show(conn, %{id: id}) do
	{:ok, user} = MyApp.Users.find_by_id(id)
	json(conn, 200, user)
	end
	end

	# Open API Spex operations
	defmodule MyAppWeb.UserApiOperation do
	alias OpenApiSpex.Operation
	alias MyAppWeb.Schemas.UserResponse

	@spec open_api_operation(atom) :: Operation.t()
	def open_api_operation(action) do
	operation = String.to_existing_atom("#{action}_operation")
	apply(__MODULE__, operation, [])
	end

	@spec show_operation() :: Operation.t()
	def show_operation() do
	%Operation{
	tags: ["users"],
	summary: "Show user",
	description: "Show a user by ID",
	operationId: "UserController.show",
	parameters: [
	Operation.parameter(:id, :path, :integer, "User ID", example: 123, required: true)
	],
	responses: %{
	200 => Operation.response("User", "application/json", UserResponse)
	}
	}
	end
	end
	```

	For examples of other action operations, see the
	[example web app](https://github.com/open-api-spex/open_api_spex/blob/master/examples/phoenix_app/lib/phoenix_app_web/controllers/user_controller.ex).

	Next, declare JSON schema modules for the request and response bodies.
	In each schema module, call `OpenApiSpex.schema/1`, passing the schema definition. The schema must
	have keys described in `OpenApiSpex.Schema.t`. This will define a `%OpenApiSpex.Schema{}` struct.
	This struct is made available from the `schema/0` public function, which is generated by `OpenApiSpex.schema/1`.

	You may optionally have the data described by the schema turned into a struct linked to the JSON schema by adding `"x-struct": __MODULE__`
	to the schema.

	```elixir
	defmodule MyAppWeb.Schemas do
	alias OpenApiSpex.Schema

	defmodule User do
	require OpenApiSpex

	OpenApiSpex.schema(%{
	title: "User",
	description: "A user of the app",
	type: :object,
	properties: %{
	id: %Schema{type: :integer, description: "User ID"},
	name: %Schema{type: :string, description: "User name", pattern: ~r/[a-zA-Z][a-zA-Z0-9_]+/},
	email: %Schema{type: :string, description: "Email address", format: :email},
	birthday: %Schema{type: :string, description: "Birth date", format: :date},
	inserted_at: %Schema{
	type: :string,
	description: "Creation timestamp",
	format: :"date-time"
	},
	updated_at: %Schema{type: :string, description: "Update timestamp", format: :"date-time"}
	},
	required: [:name, :email],
	example: %{
	"id" => 123,
	"name" => "Joe User",
	"email" => "joe@gmail.com",
	"birthday" => "1970-01-01T12:34:55Z",
	"inserted_at" => "2017-09-12T12:34:55Z",
	"updated_at" => "2017-09-13T10:11:12Z"
	}
	})
	end

	defmodule UserResponse do
	require OpenApiSpex

	OpenApiSpex.schema(%{
	title: "UserResponse",
	description: "Response schema for single user",
	type: :object,
	properties: %{
	data: User
	},
	example: %{
	"data" => %{
	"id" => 123,
	"name" => "Joe User",
	"email" => "joe@gmail.com",
	"birthday" => "1970-01-01T12:34:55Z",
	"inserted_at" => "2017-09-12T12:34:55Z",
	"updated_at" => "2017-09-13T10:11:12Z"
	}
	}
	})
	end
	end
	```

	For more examples of schema definitions, see the
	[sample Phoenix app](https://github.com/open-api-spex/open_api_spex/blob/master/examples/phoenix_app/lib/phoenix_app_web/schemas.ex)

	## Serve the Spec

	To serve the API spec from your application, first add the `OpenApiSpex.Plug.PutApiSpec` plug somewhere in the pipeline.

	```elixir
	pipeline :api do
	plug OpenApiSpex.Plug.PutApiSpec, module: MyAppWeb.ApiSpec
	end
	```

	Now the spec will be available for use in downstream plugs.
	The `OpenApiSpex.Plug.RenderSpec` plug will render the spec as JSON:

	```elixir
	scope "/api" do
	pipe_through :api
	resources "/users", MyAppWeb.UserController, only: [:create, :index, :show]
	get "/openapi", OpenApiSpex.Plug.RenderSpec, []
	end
	```

	## Generating the Spec

	Optionally, you can create a mix task to write the swagger file to disk:

	```elixir
	defmodule Mix.Tasks.MyApp.OpenApiSpec do
	def run([output_file]) do
	MyAppWeb.Endpoint.start_link() # Required if using for OpenApiSpex.Server.from_endpoint/1

	json =
	MyAppWeb.ApiSpec.spec()
	\|> Jason.encode!(pretty: true)

	:ok = File.write!(output_file, json)
	end
	end
	```

	Generate the file with: `mix my_app.openapispec spec.json`

	## Serve Swagger UI

	Once your API spec is available through a route (see "Serve the Spec"), the `OpenApiSpex.Plug.SwaggerUI` plug can be used to
	serve a SwaggerUI interface. The `path:` plug option must be supplied to give the path to the API spec.

	All JavaScript and CSS assets are sourced from cdnjs.cloudflare.com, rather than vendoring into this package.

	```elixir
	scope "/" do
	pipe_through :browser # Use the default browser stack

	get "/", MyAppWeb.PageController, :index
	get "/swaggerui", OpenApiSpex.Plug.SwaggerUI, path: "/api/openapi"
	end

	scope "/api" do
	pipe_through :api

	resources "/users", MyAppWeb.UserController, only: [:create, :index, :show]
	get "/openapi", OpenApiSpex.Plug.RenderSpec, []
	end
	```

	## Importing an existing schema file

	> :warning: This functionality currently converts Strings into Atoms, which makes it potentially [vulnerable to DoS attacks](https://til.hashrocket.com/posts/gkwwfy9xvw-converting-strings-to-atoms-safely). We recommend that you load Open API Schemas from known files during application startup and not dynamically from external sources at runtime.

	OpenApiSpex has functionality to import an existing schema, casting it into an %OpenApi{} struct. This means you can load a schema that is JSON or YAML encoded. See the example below:

	```elixir
	# Importing an existing JSON encoded schema
	open_api_spec_from_json = "encoded_schema.json"
	\|> File.read!()
	\|> Jason.decode!()
	\|> OpenApiSpex.OpenApi.Decode.decode()

	# Importing an existing YAML encoded schema
	open_api_spec_from_yaml = "encoded_schema.yaml"
	\|> YamlElixir.read_all_from_file!()
	\|> OpenApiSpex.OpenApi.Decode.decode()
	```

	You can then use the loaded spec to with `OpenApiSpex.cast_and_validate/4`, like:

	```elixir
	{:ok, _} = OpenApiSpex.cast_and_validate(
	open_api_spec_from_json, # or open_api_spec_from_yaml
	spec.paths["/some_path"].post,
	test_conn,
	"application/json"
	)
	```

	## Validating and Casting Params

	OpenApiSpex can automatically validate requests before they reach the controller action function. Or if you prefer,
	you can explicitly call on OpenApiSpex to cast and validate the params within the controller action. This section
	describes the former.

	First, the `plug OpenApiSpex.Plug.PutApiSpec` needs to be called in the Router, as described above.

	Add the `OpenApiSpex.Plug.CastAndValidate` plug to a controller to validate request parameters and to cast to Elixir types defined by the operation schema.

	```elixir
	# Phoenix
	plug OpenApiSpex.Plug.CastAndValidate
	# Plug
	plug OpenApiSpex.Plug.CastAndValidate, operation_id: "UserController.create
	```

	For Phoenix apps, the `operation_id` can be inferred from the contents of `conn.private`.

	```elixir
	defmodule MyAppWeb.UserController do
	use MyAppWeb, :controller
	alias OpenApiSpex.Operation
	alias MyAppWeb.Schemas.{User, UserRequest, UserResponse}

	plug OpenApiSpex.Plug.CastAndValidate

	def open_api_operation(action) do
	apply(__MODULE__, :"#{action}_operation", [])
	end

	def create_operation do
	import Operation
	%Operation{
	tags: ["users"],
	summary: "Create user",
	description: "Create a user",
	operationId: "UserController.create",
	parameters: [
	parameter(:id, :query, :integer, "user ID")
	],
	requestBody: request_body("The user attributes", "application/json", UserRequest),
	responses: %{
	201 => response("User", "application/json", UserResponse)
	}
	}
	end

	def create(conn = %{body_params: %UserRequest{user: %User{name: name, email: email, birthday: birthday = %Date{}}}}, %{id: id}) do
	# conn.body_params cast to UserRequest struct
	# conn.params.id cast to integer
	end
	end
	```

	Now the client will receive a 422 response whenever the request fails to meet the validation rules from the api spec.

	The response body will include the validation error message:

	```json
	{
	"errors": [
	{
	"message": "Invalid format. Expected :date",
	"source": {
	"pointer": "/data/birthday"
	},
	"title": "Invalid value"
	}
	]
	}
	```

	See also `OpenApiSpex.cast_value/3` for casting and validating outside of a `plug` pipeline.

	## Validate Examples

	As schemas evolve, you may want to confirm that the examples given match the schemas.
	Use the `OpenApiSpex.TestAssertions` module to assert on schema validations.

	```elixir
	use ExUnit.Case
	import OpenApiSpex.TestAssertions

	test "UsersResponse example matches schema" do
	api_spec = MyAppWeb.ApiSpec.spec()
	schema = MyAppWeb.Schemas.UsersResponse.schema()
	assert_schema(schema.example, "UsersResponse", api_spec)
	end
	```

	## Validate Responses

	API responses can be tested against schemas using `OpenApiSpex.TestAssertions` also:

	```elixir
	use MyAppWeb.ConnCase
	import OpenApiSpex.TestAssertions

	test "UserController produces a UsersResponse", %{conn: conn} do
	api_spec = MyAppWeb.ApiSpec.spec()
	json =
	conn
	\|> get(user_path(conn, :index))
	\|> json_response(200)

	assert_schema(json, "UsersResponse", api_spec)
	end
	```

	## Experimental ExDoc-Based API Specifications

	Starting with version 3.5.0, a new, experimental API is available to specify endpoints from the controller,
	using ExDoc tags. See the example below.

	Because this feature is experimental, it is likely to change in the future, until it becomes stable. Use
	at your own risk.

	```elixir
	defmodule MyAppWeb.UserController do
	use MyAppWeb, :controller
	use OpenApiSpex.Controller

	@doc """
	List users
	"""
	@doc responses: %{
	200 => {"Users", "application/json", MyAppWeb.Schema.Users}
	}
	def index(conn, _params) do
	{:ok, users} = MyApp.Users.all()

	json(conn, users)
	end

	@doc """
	Update user
	"""
	@doc parameters: [
	id: [in: :query, type: :string, required: true, description: "User ID"]
	- ],
	+ ]
	@doc request_body: {"Request body to update a User", "application/json", User, required: true}
	@doc responses: %{
	200 => {"User", "application/json", MyAppWeb.Schema.User}
	}
	def update(conn, %{id: id}) do
	with {:ok, user} <- MyApp.Users.update(conn.body_params) do
	json(conn, user)
	end
	end
	end
	```
	diff --git a/lib/open_api_spex/controller.ex b/lib/open_api_spex/controller.ex
	index 728e02b..ada14a6 100644
	--- a/lib/open_api_spex/controller.ex
	+++ b/lib/open_api_spex/controller.ex
	@@ -1,180 +1,180 @@
	defmodule OpenApiSpex.Controller do
	@moduledoc ~S'''
	Generation of OpenAPI documentation via ExDoc documentation and tags.

	## Supported OpenAPI fields

	Attribute `operationId` is automatically provided by the implementation
	and cannot be changed in any way. It is constructed as `Module.Name.function_name`
	in the same way as function references in backtraces.

	### `description` and `summary`

	Description of endpoint will be filled with documentation string in the same
	manner as ExDocs, so first line will be used as a `summary` and whole
	documentation will be used as `description` field.

	### `parameters`

	Parameters of the endpoint are defined by `:parameters` tag which should be
	map or keyword list that is formed as:

	```
	[
	param_name: definition
	]
	```

	Where `definition` is `OpenApiSpex.Parameter.t()` structure or map or keyword
	list that accepts the same arguments.

	### `responses`

	Responses are controlled by `:responses` tag. Responses must be defined as
	a map or keyword list in form of:

	```
	%{
	200 => {"Response name", "application/json", schema},
	:not_found => {"Response name", "application/json", schema}
	}
	```

	Where atoms are the same as `Plug.Conn.Status.code/1` values.

	### `requestBody`

	Controlled by `:request_body` parameter and is defined as a tuple in form
	- `{description, mime, schema}` or `{description, mime, schema, opts} that
	+ `{description, mime, schema}` or `{description, mime, schema, opts}` that
	matches the arguments of `OpenApiSpex.Operation.request_body/3` or
	`OpenApiSpex.Operation.request_body/4`, respectively.

	```
	@doc request_body: {
	"CartUpdateRequest",
	"application/vnd.api+json",
	CartUpdateRequest,
	required: true
	}
	```

	### `tags`

	Tags are controlled by `:tags` attribute. In contrast to other attributes, this
	one will also inherit all tags defined as a module documentation attributes.

	## Example

	```
	defmodule FooController do
	use MyAppWeb, :controller
	use #{inspect(__MODULE__)}

	@moduledoc tags: ["Foos"]

	@doc """
	Endpoint summary

	Endpoint description...
	"""
	@doc parameters: [
	id: [in: :path, type: :string, required: true]
	],
	request_body: {"Request body to update Foo", "application/json", FooUpdateBody, required: true},
	responses: [
	ok: {"Foo document", "application/json", FooSchema}
	]
	def update(conn, %{id: id}) do
	foo_params = conn.body_params
	# …
	end
	end
	```
	'''

	alias OpenApiSpex.Operation

	defmacro __using__(_opts) do
	quote do
	@doc false
	@spec open_api_operation(atom()) :: OpenApiSpex.Operation.t()
	def open_api_operation(name),
	do: unquote(__MODULE__).__api_operation__(__MODULE__, name)

	defoverridable open_api_operation: 1
	end
	end

	@doc false
	@spec __api_operation__(module(), atom()) :: Operation.t() \| nil
	def __api_operation__(mod, name) do
	with {:ok, {mod_meta, summary, docs, meta}} <- get_docs(mod, name) do
	%Operation{
	description: docs,
	operationId: "#{inspect(mod)}.#{name}",
	parameters: build_parameters(meta),
	requestBody: build_request_body(meta),
	responses: build_responses(meta),
	summary: summary,
	tags: Map.get(mod_meta, :tags, []) ++ Map.get(meta, :tags, [])
	}
	else
	_ -> nil
	end
	end

	defp get_docs(module, name) do
	{:docs_v1, _anno, _lang, _format, _module_doc, mod_meta, mod_docs} = Code.fetch_docs(module)

	{_, _, _, docs, meta} =
	Enum.find(mod_docs, fn
	{{:function, ^name, _}, _, _, _, _} -> true
	_ -> false
	end)

	if docs == :none do
	:error
	else
	docs = Map.get(docs, "en", "")

	[summary \| _] = String.split(docs, ~r/\n\s*\n/, parts: 2)

	{:ok, {mod_meta, summary, docs, meta}}
	end
	end

	defp build_parameters(%{parameters: params}) do
	for {name, options} <- params do
	{location, options} = Keyword.pop(options, :in, :query)
	{type, options} = Keyword.pop(options, :type, :string)
	{description, options} = Keyword.pop(options, :description, :string)

	Operation.parameter(name, location, type, description, options)
	end
	end

	defp build_parameters(_), do: []

	defp build_responses(%{responses: responses}) do
	for {status, {description, mime, schema}} <- responses, into: %{} do
	{Plug.Conn.Status.code(status), Operation.response(description, mime, schema)}
	end
	end

	defp build_responses(_), do: []

	defp build_request_body(%{body: {name, mime, schema}}) do
	IO.warn("Using :body key for requestBody is deprecated. Please use :request_body instead.")
	Operation.request_body(name, mime, schema)
	end

	defp build_request_body(%{request_body: {name, mime, schema}}) do
	Operation.request_body(name, mime, schema)
	end

	defp build_request_body(%{request_body: {name, mime, schema, opts}}) do
	Operation.request_body(name, mime, schema, opts)
	end

	defp build_request_body(_), do: nil
	end
	diff --git a/mix.exs b/mix.exs
	index 9081694..5a95c78 100644
	--- a/mix.exs
	+++ b/mix.exs
	@@ -1,64 +1,64 @@
	defmodule OpenApiSpex.Mixfile do
	use Mix.Project

	- @version "3.5.1"
	+ @version "3.5.2"

	def project do
	[
	app: :open_api_spex,
	version: @version,
	elixir: "~> 1.7",
	elixirc_paths: elixirc_paths(Mix.env()),
	start_permanent: Mix.env() == :prod,
	description: description(),
	package: package(),
	deps: deps(),
	consolidate_protocols: Mix.env() != :test,
	source_url: "https://github.com/open-api-spex/open_api_spex",
	homepage_url: "https://github.com/open-api-spex/open_api_spex",
	docs: [extras: ["README.md"], main: "readme", source_ref: "v#{@version}"],
	dialyzer: [
	plt_add_apps: [:mix, :jason, :poison],
	plt_add_deps: :apps_direct,
	flags: ["-Werror_handling", "-Wno_unused", "-Wunmatched_returns", "-Wunderspecs"],
	remove_defaults: [:unknown]
	]
	]
	end

	defp elixirc_paths(:test), do: ["lib", "test/support"]
	defp elixirc_paths(_), do: ["lib"]

	# Run "mix help compile.app" to learn about applications.
	def application, do: [extra_applications: []]

	defp description() do
	"Leverage Open Api Specification 3 (swagger) to document, test, validate and explore your Plug and Phoenix APIs."
	end

	defp package() do
	[
	name: "open_api_spex",
	files: ["lib", "mix.exs", "README.md", "LICENSE", "CHANGELOG.md"],
	maintainers: [
	"Mike Buhot (m.buhot@gmail.com)",
	"Moxley Stratton",
	"Pierre Fenoll (pierrefenoll@gmail.com)"
	],
	licenses: ["Mozilla Public License, version 2.0"],
	links: %{"GitHub" => "https://github.com/open-api-spex/open_api_spex"}
	]
	end

	# Run "mix help deps" to learn about dependencies.
	defp deps do
	[
	{:poison, "~> 3.1", optional: true},
	{:jason, "~> 1.0", optional: true},
	{:plug, "~> 1.7"},
	{:phoenix, "~> 1.3", only: [:dev, :test]},
	{:ex_doc, "~> 0.19", only: :dev, runtime: false},
	{:dialyxir, "~> 0.5", only: [:dev, :test], runtime: false}
	]
	end
	end

File Metadata

Mime Type: text/x-diff
Expires: Wed, Nov 27, 12:23 AM (1 d, 14 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 40521
Default Alt Text: (38 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions