python-openapi/openapi-corePublic

NotificationsYou must be signed in to change notification settings
Fork136
Star333

Openapi-core is a Python library that adds client-side and server-side support for the OpenAPI v3.0 and OpenAPI v3.1 specification.

License

BSD-3-Clause license

333 stars 136 forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 414 Commits
openapi_core		openapi_core
tests		tests
.bumpversion.cfg		.bumpversion.cfg
.gitignore		.gitignore
.travis.yml		.travis.yml
LICENSE		LICENSE
MANIFEST.in		MANIFEST.in
Makefile		Makefile
README.rst		README.rst
requirements.txt		requirements.txt
requirements_2.7.txt		requirements_2.7.txt
requirements_dev.txt		requirements_dev.txt
setup.cfg		setup.cfg
setup.py		setup.py

Repository files navigation

openapi-core

https://img.shields.io/codecov/c/github/p1c2u/openapi-core/master.svg?style=flat

About

Openapi-core is a Python library that adds client-side and server-side supportfor theOpenAPI Specification v3.0.0.

Installation

Recommended way (via pip):

$ pip install openapi-core

Alternatively you can download the code and install from the repository:

$ pip install -e git+https://github.com/p1c2u/openapi-core.git#egg=openapi_core

Usage

Firstly create your specification:

fromopenapi_coreimportcreate_specspec=create_spec(spec_dict)

Request

Now you can use it to validate requests

fromopenapi_core.validation.request.validatorsimportRequestValidatorvalidator=RequestValidator(spec)result=validator.validate(request)# raise errors if request invalidresult.raise_for_errors()# get list of errorserrors=result.errors

and unmarshal request data from validation result

# get parameters object with path, query, cookies and headers parametersvalidated_params=result.parameters# or specific parametersvalidated_path_params=result.parameters.path# get bodyvalidated_body=result.body# get security datavalidated_security=result.security

Request object should be instance of OpenAPIRequest class (SeeIntegrations).

Response

You can also validate responses

fromopenapi_core.validation.response.validatorsimportResponseValidatorvalidator=ResponseValidator(spec)result=validator.validate(request,response)# raise errors if response invalidresult.raise_for_errors()# get list of errorserrors=result.errors

and unmarshal response data from validation result

# get headersvalidated_headers=result.headers# get datavalidated_data=result.data

Response object should be instance of OpenAPIResponse class (SeeIntegrations).

Security

openapi-core supports security for authentication and authorization process. Security data for security schemas are accessible from security attribute of RequestValidationResult object.

For given security specification:

security:  -BasicAuth:[]  -ApiKeyAuth:[]components:securitySchemes:BasicAuth:type:httpscheme:basicApiKeyAuth:type:apiKeyin:headername:X-API-Key

you can access your security data the following:

result=validator.validate(request)# get basic auth decoded credentialsresult.security['BasicAuth']# get api keyresult.security['ApiKeyAuth']

Supported security types:

http – for Basic and Bearer HTTP authentications schemes
apiKey – for API keys and cookie authentication

Customizations

Deserializers

Pass custom defined media type deserializers dictionary with supported mimetypes as a key to RequestValidator or ResponseValidator constructor:

defprotobuf_deserializer(message):feature=route_guide_pb2.Feature()feature.ParseFromString(message)returnfeaturecustom_media_type_deserializers= {'application/protobuf':protobuf_deserializer,}validator=ResponseValidator(spec,custom_media_type_deserializers=custom_media_type_deserializers)result=validator.validate(request,response)

Formats

OpenAPI defines aformat keyword that hints at how a value should be interpreted, e.g. astring with the typedate should conform to the RFC 3339 date format.

Openapi-core comes with a set of built-in formatters, but it's also possible to add support for custom formatters for RequestValidator and ResponseValidator.

Here's how you could add support for ausdate format that handles dates of the form MM/DD/YYYY:

fromdatetimeimportdatetimeimportreclassUSDateFormatter:defvalidate(self,value)->bool:returnbool(re.match(r"^\d{1,2}/\d{1,2}/\d{4}$",value))defunmarshal(self,value):returndatetime.strptime(value,"%m/%d/%y").datecustom_formatters= {'usdate':USDateFormatter(),}validator=ResponseValidator(spec,custom_formatters=custom_formatters)result=validator.validate(request,response)

Integrations

Django

For Django 2.2 you can use DjangoOpenAPIRequest a Django request factory:

fromopenapi_core.validation.request.validatorsimportRequestValidatorfromopenapi_core.contrib.djangoimportDjangoOpenAPIRequestopenapi_request=DjangoOpenAPIRequest(django_request)validator=RequestValidator(spec)result=validator.validate(openapi_request)

You can use DjangoOpenAPIResponse as a Django response factory:

fromopenapi_core.validation.response.validatorsimportResponseValidatorfromopenapi_core.contrib.djangoimportDjangoOpenAPIResponseopenapi_response=DjangoOpenAPIResponse(django_response)validator=ResponseValidator(spec)result=validator.validate(openapi_request,openapi_response)

Falcon

This section describes integration withFalcon web framework.

Middleware

Falcon API can be integrated by FalconOpenAPIMiddleware middleware.

fromopenapi_core.contrib.falcon.middlewaresimportFalconOpenAPIMiddlewareopenapi_middleware=FalconOpenAPIMiddleware.from_spec(spec)api=falcon.API(middleware=[openapi_middleware])

Low level

For Falcon you can use FalconOpenAPIRequest a Falcon request factory:

fromopenapi_core.validation.request.validatorsimportRequestValidatorfromopenapi_core.contrib.falconimportFalconOpenAPIRequestFactoryopenapi_request=FalconOpenAPIRequestFactory.create(falcon_request)validator=RequestValidator(spec)result=validator.validate(openapi_request)

You can use FalconOpenAPIResponse as a Falcon response factory:

fromopenapi_core.validation.response.validatorsimportResponseValidatorfromopenapi_core.contrib.falconimportFalconOpenAPIResponseFactoryopenapi_response=FalconOpenAPIResponseFactory.create(falcon_response)validator=ResponseValidator(spec)result=validator.validate(openapi_request,openapi_response)

Flask

Decorator

Flask views can be integrated by FlaskOpenAPIViewDecorator decorator.

fromopenapi_core.contrib.flask.decoratorsimportFlaskOpenAPIViewDecoratoropenapi=FlaskOpenAPIViewDecorator.from_spec(spec)@app.route('/home')@openapidefhome():pass

If you want to decorate class based view you can use the decorators attribute:

classMyView(View):decorators= [openapi]

View

As an alternative to the decorator-based integration, Flask method based views can be integrated by inheritance from FlaskOpenAPIView class.

fromopenapi_core.contrib.flask.viewsimportFlaskOpenAPIViewclassMyView(FlaskOpenAPIView):passapp.add_url_rule('/home',view_func=MyView.as_view('home',spec))

Request parameters

In Flask, all unmarshalled request data are provided as Flask request object's openapi.parameters attribute

fromflask.globalsimportrequest@app.route('/browse/<id>/')@openapidefhome():browse_id=request.openapi.parameters.path['id']page=request.openapi.parameters.query.get('page',1)

Low level

You can use FlaskOpenAPIRequest a Flask/Werkzeug request factory:

fromopenapi_core.validation.request.validatorsimportRequestValidatorfromopenapi_core.contrib.flaskimportFlaskOpenAPIRequestopenapi_request=FlaskOpenAPIRequest(flask_request)validator=RequestValidator(spec)result=validator.validate(openapi_request)

You can use FlaskOpenAPIResponse as a Flask/Werkzeug response factory:

fromopenapi_core.validation.response.validatorsimportResponseValidatorfromopenapi_core.contrib.flaskimportFlaskOpenAPIResponseopenapi_response=FlaskOpenAPIResponse(flask_response)validator=ResponseValidator(spec)result=validator.validate(openapi_request,openapi_response)

Pyramid

Seepyramid_openapi3 project.

Requests

This section describes integration withRequests library.

Low level

For Requests you can use RequestsOpenAPIRequest a Requests request factory:

fromopenapi_core.validation.request.validatorsimportRequestValidatorfromopenapi_core.contrib.requestsimportRequestsOpenAPIRequestopenapi_request=RequestsOpenAPIRequest(requests_request)validator=RequestValidator(spec)result=validator.validate(openapi_request)

You can use RequestsOpenAPIResponse as a Requests response factory:

fromopenapi_core.validation.response.validatorsimportResponseValidatorfromopenapi_core.contrib.requestsimportRequestsOpenAPIResponseopenapi_response=RequestsOpenAPIResponse(requests_response)validator=ResponseValidator(spec)result=validator.validate(openapi_request,openapi_response)

Related projects

About

Openapi-core is a Python library that adds client-side and server-side support for the OpenAPI v3.0 and OpenAPI v3.1 specification.

Releases50

0.19.5 Latest

Mar 20, 2025

+ 49 releases

Sponsor this project

Packages

No packages published

Contributors58

+ 44 contributors

Movatterモバイル変換

Uh oh!

License

python-openapi/openapi-core

Folders and files

Latest commit

History

Repository files navigation

openapi-core

About

Installation

Usage

Request

Response

Security

Customizations

Deserializers

Formats

Integrations

Django

Falcon

Middleware

Low level

Flask

Decorator

View

Request parameters

Low level

Pyramid

Requests

Low level

Related projects

About

Topics

Resources

License

Security policy

Uh oh!

Stars

Watchers

Forks

Releases50

Sponsor this project

Uh oh!

Packages0

Uh oh!

Contributors58

Uh oh!

Languages

Packages