Download the PHP package lezhnev74/openapi-psr7-validator without Composer
On this page you can find all versions of the php package lezhnev74/openapi-psr7-validator. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download lezhnev74/openapi-psr7-validator
More information about lezhnev74/openapi-psr7-validator
Files in lezhnev74/openapi-psr7-validator
Package openapi-psr7-validator
Short Description Validate PSR-7 messages against OpenAPI (3.0.2) specifications expressed in YAML or JSON
License MIT
Homepage https://github.com/lezhnev74/openapi-psr7-validator
Informations about the package openapi-psr7-validator
NOTICE - THE PACKAGE HAS BEEN CONTRIBUTED TO THE PHP LEAGUE
Go to https://github.com/thephpleague/openapi-psr7-validator
This package is here for existing users only.
OpenAPI PSR-7 Message (HTTP Request/Response) Validator
This package can validate PSR-7 messages against OpenAPI (3.0.x) specifications expressed in YAML or JSON.
Installation
OpenAPI (OAS) Terms
There are some specific terms that are used in the package. These terms come from OpenAPI:
specification
- an OpenAPI document describing an API, expressed in JSON or YAML filedata
- actual thing that we validate against a specification, including body and metadataschema
- the part of the specification that describes the body of the request / responsekeyword
- properties that are used to describe the instance are called key words, or schema keywordspath
- a relative path to an individual endpointoperation
- a method that we apply on the path (likeget /password
)response
- described response (includes status code, content types etc)
How To Validate
ServerRequest Message
You can validate \Psr\Http\Message\ServerRequestInterface
instance like this:
As a result you would get and OperationAddress $match
which has matched the given request. If you already know
the operation which should match your request (i.e you have routing in your project), you can use
RouterRequestValidator
This would simplify validation a lot and give you more performance.
Request Message
You can validate \Psr\Http\Message\RequestInterface
instance like this:
Response Message
Validation of \Psr\Http\Message\ResponseInterface
is a bit more complicated
. Because you need not only YAML file and Response itself, but also you need
to know which operation this response belongs to (in terms of OpenAPI).
Example:
Reuse Schema After Validation
\OpenAPIValidation\PSR7\ValidatorBuilder
reads and compiles schema in memory as instance of \cebe\openapi\spec\OpenApi
. Validators use this instance to perform validation logic. You can reuse this instance after the validation like this:
Request Message
\Psr\Http\Message\RequestInterface
validation is not implemented.
PSR-15 Middleware
PSR-15 middleware can be used like this:
SlimFramework Middleware
Slim framework uses slightly different middleware interface, so here is an adapter which you can use like this:
Caching Layer / PSR-6 Support
PSR-7 Validator has a built-in caching layer (based on PSR-6 interfaces) which saves time on parsing OpenAPI specs. It is optional. You enable caching if you pass a configured Cache Pool Object to the static constructor like this:
You can use ->setCache($pool, $ttl)
call for both PSR-7 and PSR-15 builder in order to set
proper expiration ttl in seconds (or explicit null
)
If you want take control over the cache key for schema item, or your cache does not support cache key generation by itself
you can ->overrideCacheKey('my_custom_key')
to ensure cache uses key you want.
Standalone OpenAPI Validator
The package contains a standalone validator which can validate any data against an OpenAPI schema like this:
Custom Type Formats
As you know, OpenAPI allows you to add formats to types:
This package contains a bunch of built-in format validators:
string
type:byte
date
date-time
email
hostname
ipv4
ipv6
uri
uuid
(uuid4)
number
typefloat
double
You can also add your own formats. Like this:
Exceptions
The package throws a list of various exceptions which you can catch and handle. There are some of them:
- Schema related:
\OpenAPIValidation\Schema\Exception\KeywordMismatch
- Indicates that data was not matched against a schema's keyword\OpenAPIValidation\Schema\Exception\TypeMismatch
- Validation fortype
keyword failed against a given data. For exampletype:string
and value is12
\OpenAPIValidation\Schema\Exception\FormatMismatch
- data mismatched a given type format. For exampletype: string, format: email
won't matchnot-email
.
- PSR7 Messages related:
\OpenAPIValidation\PSR7\Exception\NoContentType
- HTTP message(request/response) contains no Content-Type header. General HTTP errors.\OpenAPIValidation\PSR7\Exception\NoPath
- path is not found in the spec\OpenAPIValidation\PSR7\Exception\NoOperation
- operation os not found in the path\OpenAPIValidation\PSR7\Exception\NoResponseCode
- response code not found under the operation in the spec- Validation exceptions (check parent exception for possible root causes):
\OpenAPIValidation\PSR7\Exception\ValidationFailed
- generic exception for failed PSR-7 message\OpenAPIValidation\PSR7\Exception\Validation\InvalidBody
- body does not match schema\OpenAPIValidation\PSR7\Exception\Validation\InvalidCookies
- cookies does not match schema or missing required cookie\OpenAPIValidation\PSR7\Exception\Validation\InvalidHeaders
- header does not match schema or missing required header\OpenAPIValidation\PSR7\Exception\Validation\InvalidPath
- path does not match pattern or pattern values does not match schema\OpenAPIValidation\PSR7\Exception\Validation\InvalidQueryArgs
- query args does not match schema or missing required argument\OpenAPIValidation\PSR7\Exception\Validation\InvalidSecurity
- request does not match security schema or invalid security headers
- Request related:
\OpenAPIValidation\PSR7\Exception\MultipleOperationsMismatchForRequest
- request matched multiple operations in the spec, but validation failed for all of them.
Testing
You can run the tests with:
Contribution Guide
Feel free to open an Issue or add a Pull request. There is a certain code style that this package follows: doctrine/coding-standard.
To conform to this style please use a git hook, shipped with this package at .githooks/pre-commit
.
How to use it:
- Clone the package locally and navigate to the folder
- Create a symlink to the hook like this:
ln -s -f ../../.githooks/pre-commit .git/hooks/pre-commit
- Add execution rights:
chmod +x .git/hooks/pre-commit
- Now commit any new changes and the code will be checked and formatted accordingly.
- If there are any issues with your code, check the log here:
.phpcs-report.txt
Credits
People:
- Dmitry Lezhnev
- Carsten Brandt
- Samuel Nela
- Pavel Batanov
- Christopher L Bray
- David Pauli
- Jason Judge
- Yannick Chenot
- TarasBK
- Jason B. Standing
- Dmytro Demchyna
- Will Chambers
- Ignacio
- A big thank you to Henrik Karlström who kind of inspired me to work on this package.
Resources:
- Icons made by Freepik, licensed by CC 3.0 BY
- cebe/php-openapi package for Reading OpenAPI files
- slim3-psr15 package for Slim middleware adapter
License
The MIT License (MIT). Please see License.md
file for more information.
TODO
- [ ] Support Discriminator Object (note: apparently, this is not so straightforward, as discriminator can point to any external scheme)
All versions of openapi-psr7-validator with dependencies
ext-json Version *
cebe/php-openapi Version ^1.2
psr/cache Version ^1.0
psr/http-message Version ^1.0
psr/http-server-middleware Version ^1.0
respect/validation Version ^1.1
riverline/multipart-parser Version ^2.0.3
webmozart/assert Version ^1.4