OpenAPI 是描述 HTTP API 的行业标准方式,它为API开发提供了统一的规范和语言。本文将深入解析OpenAPI规范的核心要素,帮助您更好地设计、开发和管理API(完整参考请查阅OpenAPI 规范 (中文版))。
OpenAPI 官网
为什么选择OpenAPI?
在开始详细介绍规范前,我们先来了解为什么OpenAPI已成为API开发的首选标准:
- 统一标准:提供了描述RESTful API的通用语言
- 工具生态:拥有丰富的工具支持,包括代码生成、文档生成、测试工具等
- 提高效率:减少API开发中的沟通成本和误解
- 自动化:支持自动生成客户端SDK、服务器存根和文档
OpenAPI 版本号规范
OpenAPI 采用语义化版本号格式 major.minor.patch,例如 3.1.2:
- major:主版本号,表示不兼容的API变更
- minor:次版本号,表示向后兼容的功能性新增
- patch:修订号,表示向后兼容的问题修正
当前最新稳定版本是OpenAPI 3.1.0,相比3.0版本有显著改进,包括更好的JSON Schema支持。
OpenAPI 格式规范
OpenAPI 文档支持两种主流格式,且字段区分大小写:
JSON格式
JSON格式更适合程序处理和自动化工具:
{
"sports": [ "ball", "swimming" ]
}
JSON 示例
{
"title": "Sample Pet Store App",
"summary": "A pet store manager.",
"description": "This is a sample server for a pet store.",
"termsOfService": "https://example.com/terms/",
"contact": {
"name": "API Support",
"url": "https://www.example.com/support",
"email": "support@example.com"
},
"license": {
"name": "Apache 2.0",
"url": "https://www.apache.org/licenses/LICENSE-2.0.html"
},
"version": "1.0.1"
}
YAML格式
YAML格式更易于人类阅读和编写,减少了冗余符号:
title: Sample Pet Store App
summary: A pet store manager.
description: This is a sample server for a pet store.
termsOfService: https://example.com/terms/
contact:
name: API Support
url: https://www.example.com/support
email: support@example.com
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0.html
version: 1.0.1
OpenAPI 文档结构规范
OpenAPI 文档可以采用单文件或多文件组织方式:
单文件结构
适合小型API项目,所有定义都在一个文件中,便于快速浏览和编辑。
多文件结构
适合大型API项目,通过$ref
关键字在Reference Objects和Schema Object中建立引用关系,实现模块化管理。
最佳实践:
- 主文件命名为
openapi.json
或openapi.yaml
- 按资源或功能模块拆分文件
- 使用相对路径引用组件
示例目录结构:
api/
├── openapi.yaml # 主文件
├── components/ # 组件目录
│ ├── schemas/ # 数据模型
│ │ ├── User.yaml
│ │ └── Product.yaml
│ ├── parameters/ # 公共参数
│ │ └── pagination.yaml
│ └── responses/ # 公共响应
│ └── errors.yaml
└── paths/ # API路径
├── users.yaml
└── products.yaml
OpenAPI 数据类型规范
OpenAPI 的数据类型必须符合JSON Schema Specification Draft 2020-12规范:
JSON Schema规范地址:https://datatracker.ietf.org/doc/html/draft-bhutton-json-schema-00#section-4.2.1
TYPE | FORMAT | COMMENTS |
---|---|---|
integer | int32 | signed 32 bits |
integer | int64 | signed 64 bits (a.k.a long) |
number | float | 单精度浮点数 |
number | double | 双精度浮点数 |
string | date | RFC3339格式日期,如2023-01-01 |
string | date-time | RFC3339格式日期时间,如2023-01-01T12:00:00Z |
string | password | 提示UI隐藏输入内容 |
string | byte | base64编码的字符串 |
string | binary | 二进制内容的媒体类型 |
boolean | true或false | |
array | 数组类型 | |
object | 对象类型 |
OpenAPI 富文本格式规范
OpenAPI的description字段支持CommonMark markdown格式,可用于创建格式丰富的API文档:
- 支持标题、列表、表格、代码块等格式
- 可嵌入图片和链接
- 可使用HTML标签增强展示效果
最佳实践:
- 为每个API端点提供详细描述
- 使用代码示例说明请求和响应
- 添加使用注意事项和限制条件
OpenAPI 核心对象详解
Info Object
描述API的元数据信息,是OpenAPI文档的必需部分:
{
"title": "电商平台API",
"summary": "提供电商平台的所有核心功能",
"description": "本API提供商品管理、订单处理、用户认证等功能。",
"termsOfService": "https://example.com/terms/",
"contact": {
"name": "API支持团队",
"url": "https://www.example.com/support",
"email": "api-support@example.com"
},
"license": {
"name": "Apache 2.0",
"url": "https://www.apache.org/licenses/LICENSE-2.0.html"
},
"version": "2.1.3"
}
Contact Object
提供API的联系信息,帮助开发者获取支持:
{
"name": "API支持团队",
"url": "https://www.example.com/support",
"email": "api-support@example.com"
}
Server Object
定义API服务器信息,支持多环境配置:
单服务器配置:
{
"url": "https://development.gigantic-server.com/v1",
"description": "开发环境服务器"
}
多服务器配置:
{
"servers": [
{
"url": "https://development.gigantic-server.com/v1",
"description": "开发环境服务器"
},
{
"url": "https://staging.gigantic-server.com/v1",
"description": "测试环境服务器"
},
{
"url": "https://api.gigantic-server.com/v1",
"description": "生产环境服务器"
}
]
}
服务器变量:
{
"servers": [
{
"url": "https://{username}.gigantic-server.com:{port}/{basePath}",
"description": "开发服务器",
"variables": {
"username": {
"default": "demo",
"description": "用户子域名"
},
"port": {
"enum": ["8443", "443"],
"default": "8443"
},
"basePath": {
"default": "v2"
}
}
}
]
}
Components Object
定义可在整个API中复用的组件,提高代码复用率:
"components": {
"schemas": {
"GeneralError": {
"type": "object",
"properties": {
"code": {
"type": "integer",
"format": "int32"
},
"message": {
"type": "string"
}
}
},
"Category": {
"type": "object",
"properties": {
"id": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
}
}
},
"Tag": {
"type": "object",
"properties": {
"id": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
}
}
}
},
"parameters": {
"skipParam": {
"name": "skip",
"in": "query",
"description": "跳过的记录数",
"required": true,
"schema": {
"type": "integer",
"format": "int32"
}
},
"limitParam": {
"name": "limit",
"in": "query",
"description": "返回的最大记录数",
"required": true,
"schema" : {
"type": "integer",
"format": "int32"
}
}
},
"responses": {
"NotFound": {
"description": "未找到请求的资源"
},
"IllegalInput": {
"description": "请求参数不合法"
},
"GeneralError": {
"description": "通用错误",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/GeneralError"
}
}
}
}
},
"securitySchemes": {
"api_key": {
"type": "apiKey",
"name": "api_key",
"in": "header"
},
"petstore_auth": {
"type": "oauth2",
"flows": {
"implicit": {
"authorizationUrl": "https://example.org/api/oauth/dialog",
"scopes": {
"write:pets": "修改宠物信息",
"read:pets": "读取宠物信息"
}
}
}
}
}
}
Paths Object
定义API的所有路径和操作,是OpenAPI文档的核心部分:
{
"/pets": {
"get": {
"description": "返回用户可访问的所有宠物",
"operationId": "getPets",
"parameters": [
{
"name": "status",
"in": "query",
"description": "宠物状态筛选",
"schema": {
"type": "string",
"enum": ["available", "pending", "sold"]
}
},
{
"name": "limit",
"in": "query",
"description": "返回结果数量限制",
"schema": {
"type": "integer",
"format": "int32"
}
}
],
"responses": {
"200": {
"description": "宠物列表",
"content": {
"application/json": {
"schema": {
"type": "array",
"items": {
"$ref": "#/components/schemas/pet"
}
}
}
}
},
"400": {
"description": "无效的状态值",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/Error"
}
}
}
}
}
},
"post": {
"description": "添加新宠物",
"operationId": "addPet",
"requestBody": {
"description": "需要添加的宠物对象",
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/NewPet"
}
}
}
},
"responses": {
"201": {
"description": "宠物创建成功",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/Pet"
}
}
}
}
}
}
}
}
Path Item Object
描述单个路径上的所有操作:
{
"get": {
"description": "根据ID返回宠物信息",
"summary": "查找宠物",
"operationId": "getPetsById",
"responses": {
"200": {
"description": "宠物信息",
"content": {
"*/*": {
"schema": {
"type": "array",
"items": {
"$ref": "#/components/schemas/Pet"
}
}
}
}
},
"default": {
"description": "错误响应",
"content": {
"text/html": {
"schema": {
"$ref": "#/components/schemas/ErrorModel"
}
}
}
}
}
},
"put": {
"description": "更新宠物信息",
"operationId": "updatePet",
"requestBody": {
"description": "更新的宠物信息",
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/Pet"
}
}
}
},
"responses": {
"200": {
"description": "宠物更新成功",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/Pet"
}
}
}
}
}
},
"parameters": [
{
"name": "id",
"in": "path",
"description": "宠物ID",
"required": true,
"schema": {
"type": "array",
"items": {
"type": "string"
}
},
"style": "simple"
}
]
}
Operation Object
描述单个API操作的详细信息:
{
"tags": [
"pet"
],
"summary": "使用表单数据更新宠物信息",
"description": "此API允许使用表单数据更新现有宠物的名称和状态",
"operationId": "updatePetWithForm",
"parameters": [
{
"name": "petId",
"in": "path",
"description": "需要更新的宠物ID",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"content": {
"application/x-www-form-urlencoded": {
"schema": {
"type": "object",
"properties": {
"name": {
"description": "宠物的更新名称",
"type": "string"
},
"status": {
"description": "宠物的更新状态",
"type": "string",
"enum": ["available", "pending", "sold"]
}
},
"required": ["status"]
}
}
}
},
"responses": {
"200": {
"description": "宠物更新成功",
"content": {
"application/json": {},
"application/xml": {}
}
},
"405": {
"description": "方法不允许",
"content": {
"application/json": {},
"application/xml": {}
}
}
},
"security": [
{
"petstore_auth": [
"write:pets",
"read:pets"
]
}
]
}
External Documentation Object
提供外部文档链接:
{
"description": "查找更多信息",
"url": "https://example.com/docs"
}
Parameter Object
定义API操作的参数:
{
"name": "token",
"in": "header",
"description": "认证令牌",
"required": true,
"schema": {
"type": "array",
"items": {
"type": "integer",
"format": "int64"
}
},
"style": "simple"
}
参数位置(in
)可以是:
- path:路径参数,如
/users/{id}
- query:查询参数,如
/users?role=admin
- header:HTTP头参数
- cookie:Cookie参数
Request Body Object
定义API请求体:
{
"description": "添加到系统的用户信息",
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/User"
},
"examples": {
"user" : {
"summary": "用户示例",
"externalValue": "https://foo.bar/examples/user-example.json"
}
}
},
"application/xml": {
"schema": {
"$ref": "#/components/schemas/User"
},
"examples": {
"user" : {
"summary": "XML格式的用户示例",
"externalValue": "https://foo.bar/examples/user-example.xml"
}
}
},
"text/plain": {
"examples": {
"user" : {
"summary": "纯文本格式的用户示例",
"externalValue": "https://foo.bar/examples/user-example.txt"
}
}
},
"*/*": {
"examples": {
"user" : {
"summary": "其他格式的用户示例",
"externalValue": "https://foo.bar/examples/user-example.whatever"
}
}
}
}
}
Responses Object
定义API的所有可能响应:
{
"200": {
"description": "返回的宠物信息",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/Pet"
},
"examples": {
"cat": {
"summary": "猫示例",
"value": {
"id": 1,
"name": "Fluffy",
"category": {
"id": 1,
"name": "Cats"
},
"status": "available"
}
}
}
}
}
},
"404": {
"description": "宠物未找到",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/Error"
},
"example": {
"code": 404,
"message": "Pet not found"
}
}
}
},
"default": {
"description": "意外错误",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ErrorModel"
}
}
}
}
}
Header Object
定义API响应头:
{
"description": "当前周期内允许的请求数",
"schema": {
"type": "integer"
},
"example": 42
}
OpenAPI安全机制
OpenAPI支持多种安全机制,包括:
API密钥认证
"securitySchemes": {
"api_key": {
"type": "apiKey",
"name": "api_key",
"in": "header"
}
}
基本认证
"securitySchemes": {
"basicAuth": {
"type": "http",
"scheme": "basic"
}
}
Bearer令牌
"securitySchemes": {
"bearerAuth": {
"type": "http",
"scheme": "bearer",
"bearerFormat": "JWT"
}
}
OAuth2.0
"securitySchemes": {
"oauth2": {
"type": "oauth2",
"flows": {
"authorizationCode": {
"authorizationUrl": "https://example.com/oauth/authorize",
"tokenUrl": "https://example.com/oauth/token",
"scopes": {
"read": "读取权限",
"write": "写入权限",
"admin": "管理员权限"
}
}
}
}
}
OpenAPI最佳实践
API设计原则
- 使用资源导向的URL设计
- 采用一致的命名约定
- 使用适当的HTTP方法
- 提供有意义的错误响应
- 实现分页、过滤和排序
文档组织
- 按功能模块组织API
- 使用标签对API进行分类
- 提供详细的描述和示例
- 包含认证和授权信息
- 说明API限制和速率限制
版本控制
- 在URL中包含版本号(如
/v1/users
) - 使用语义化版本控制API
- 维护向后兼容性
- 提供版本迁移指南
使用 Apifox 管理 OpenAPI API
Apifox 是一款集API文档、API管理、API测试于一身的多功能API工具,是管理OpenAPI项目的理想选择。
Apifox 的 API 管理
Apifox 提供全面的API管理功能:
- 接口数管理:集中管理所有API接口
- operationID:支持OpenAPI的operationID
- Mock 功能:快速生成模拟数据
- 请求定义与示例:详细定义请求参数和提供示例
- 响应定义与示例:规范响应格式并提供示例
- 唯一标识:确保API的唯一性和可追踪性
Apifox 的自动化测试
Apifox 提供强大的自动化测试功能:
- 测试用例:支持测试多个接口或接口用例
- 测试套件:组织和管理多个测试用例
- 参数化测试:可设置循环次数、延迟时间、环境变量和线程数
- 测试报告:支持导出详细的测试报告
- 结果分析:查看单个接口的测试结果和详细参数
Mock 功能
Apifox的Mock功能让前后端开发可以并行进行:
- 定义接口响应结构
- 通过本地Mock功能生成数据
- 前端可立即开始开发,无需等待后端实现
点击"发送"按钮,即可获取Mock数据:
Mock数据
导出导入 OpenAPI
Apifox支持OpenAPI规范的导入导出,便于项目迁移和团队协作:
- 导入功能:支持从Swagger、Postman等工具导入API定义
- 导出功能:可导出为OpenAPI 3.0/2.0格式,便于与其他工具集成
导入数据
导出数据
OpenAPI的未来发展
随着API经济的蓬勃发展,OpenAPI规范也在不断演进:
- GraphQL集成:探索与GraphQL的协同工作方式
- 异步API:增强对WebSocket、MQTT等异步API的支持
- 微服务架构:更好地支持微服务API治理
- API网关集成:与主流API网关更紧密集成
关于 Apifox
Apifox是一站式API开发协作平台:
- 集成多功能:API文档、API调试、API Mock、API自动化测试于一体
- 先进工具:提供更高效的API设计、开发和测试工具
- 一体化解决方案:Apifox = Postman + Swagger + Mock + JMeter
欢迎免费体验:在线使用Apifox
结语
OpenAPI规范为API开发提供了统一的语言和标准,而Apifox等工具则进一步简化了API的设计、开发和测试流程。掌握OpenAPI规范,选择合适的工具,将显著提升您的API开发效率和质量。
您有什么关于OpenAPI规范或Apifox使用的问题和经验?欢迎在评论区分享交流!