A clean and simple way to document your code for generating OpenAPI (Swagger) specs.
Goal
Installation
$ npm install openapi-comment-parser --save
or
$ yarn add openapi-comment-parser
Usage
Create a yaml file with a base OpenAPI definition:
openapi: 3.0.0
info:
title: Title of your service
version: 1.0.0
Add the following to your code:
const openapi = require('openapi-comment-parser');
const spec = openapi();
Swagger UI Express example
Swagger UI Express is a popular module that allows you to serve OpenAPI docs from express. The result is living documentation for your API hosted from your API server via a route.
const openapi = require('openapi-comment-parser');
const swaggerUi = require('swagger-ui-express');
const spec = openapi();
app.use('/api-docs', swaggerUi.serve, swaggerUi.setup(spec));
Configuration options
There are several configuration options for parsing. For example, including and excluding certain files and paths:
const spec = openapi({
exclude: ['**/some/path/**']
});
Options
Option name | Default |
---|---|
cwd |
The directory where commentParser was called |
extension |
['.js', '.cjs', '.mjs', '.ts', '.tsx', '.jsx', '.yaml', '.yml'] |
include |
['**'] |
exclude |
A large list that covers tests, coverage, and various development configs |
excludeNodeModules |
true |
verbose |
true |
throwLevel |
off |
CLI
npm install -g openapi-comment-parser
(optional) generate a .openapirc.js
config file:
openapi-comment-parser --init
Generate an openapi.json
file:
openapi-comment-parser . openapi.json
Eslint plugin
To enable linting of the OpenAPI jsdoc comments, install the eslint
plugin:
$ npm install eslint-plugin-openapi --save-dev
or with yarn:
$ yarn add -D eslint-plugin-openapi
Then create an .eslintrc.json
:
{
"extends": ["plugin:openapi/recommended"]
}
Basic structure
You can write OpenAPI definitions in JSDoc comments or YAML files. In this guide, we use only JSDoc comments examples. However, YAML files work equally as well.
Each comment defines individual endpoints (paths) in your API, and the HTTP methods (operations) supported by these endpoints.
For example, GET /users
can be described as:
/**
* GET /users
* @summary Returns a list of users.
* @description Optional extended description in CommonMark or HTML.
* @response 200 - A JSON array of user names
* @responseContent {string[]} 200.application/json
*/
Parameters
Operations can have parameters passed via URL path (/users/{userId}
), query string (/users?role=admin
),
headers (X-CustomHeader: Value
) or cookies (Cookie: debug=0
).
You can define the parameter data types, format, whether they are required or optional, and other details:
/**
* GET /users/{userId}
* @summary Returns a user by ID.
* @pathParam {int64} userId - Parameter description in CommonMark or HTML.
* @response 200 - OK
*/
For more information, see Describing Parameters.
Request body
If an operation sends a request body, use the bodyContent
keyword to describe the body content and media type.
Use bodyRequired
to indicate that a request body is required.
/**
* POST /users
* @summary Creates a user.
* @bodyContent {User} application/json
* @bodyRequired
* @response 201 - Created
*/
For more information, see Describing Request Body.
Responses
For each operation, you can define possible status codes, such as 200 OK or 404 Not Found, and the response body content. You can also provide example responses for different content types:
/**
* GET /users/{userId}
* @summary Returns a user by ID.
* @pathParam {int64} userId - The ID of the user to return.
* @response 200 - A user object.
* @responseContent {User} 200.application/json
* @response 400 - The specified user ID is invalid (not a number).
* @response 404 - A user with the specified ID was not found.
* @response default - Unexpected error
*/
For more information, see Describing Responses.
Input and output models
You can create global components/schemas
section lets you define common data structures used in your API.
They can be referenced by name whenever a schema is required – in parameters, request bodies, and response bodies.
For example, this JSON object:
{
"id": 4,
"name": "Arthur Dent"
}
can be represented as:
components:
schemas:
User:
properties:
id:
type: integer
name:
type: string
# Both properties are required
required:
- id
- name
and then referenced in the request body schema and response body schema as follows:
/**
* GET /users/{userId}
* @summary Returns a user by ID.
* @pathParam {integer} userId
* @response 200 - OK
* @responseContent {User} 200.application/json
*/
/**
* POST /users
* @summary Creates a new user.
* @bodyContent {User} application/json
* @bodyRequired
* @response 201 - Created
*/
Authentication
The securitySchemes
and security
keywords are used to describe the authentication methods used in your API.
components:
securitySchemes:
BasicAuth:
type: http
scheme: basic
/**
* GET /users
* @security BasicAuth
*/
Supported authentication methods are:
- HTTP authentication: Basic, Bearer, and so on.
- API key as a header or query parameter or in cookies
- OAuth 2
- OpenID Connect Discovery
For more information, see Authentication.