feat: Add OpenAPI support with comprehensive configuration options and client integration (#184)

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-12-23 18:29:21 -05:00 · 2025-06-16 17:50:51 +08:00
parent 4b3bb26301
commit 1bd4fd6d9c
16 changed files with 2284 additions and 98 deletions
--- a/docs/openapi-schema-support.md
+++ b/docs/openapi-schema-support.md
@@ -0,0 +1,149 @@
+# OpenAPI Schema Support in MCPHub
+
+MCPHub now supports both OpenAPI specification URLs and complete JSON schemas for OpenAPI server configuration. This allows you to either reference an external OpenAPI specification file or embed the complete schema directly in your configuration.
+
+## Configuration Options
+
+### 1. Using OpenAPI Specification URL (Traditional)
+
+```json
+{
+  "type": "openapi",
+  "openapi": {
+    "url": "https://api.example.com/openapi.json",
+    "version": "3.1.0",
+    "security": {
+      "type": "apiKey",
+      "apiKey": {
+        "name": "X-API-Key",
+        "in": "header",
+        "value": "your-api-key"
+      }
+    }
+  }
+}
+```
+
+### 2. Using Complete JSON Schema (New)
+
+```json
+{
+  "type": "openapi",
+  "openapi": {
+    "schema": {
+      "openapi": "3.1.0",
+      "info": {
+        "title": "My API",
+        "version": "1.0.0"
+      },
+      "servers": [
+        {
+          "url": "https://api.example.com"
+        }
+      ],
+      "paths": {
+        "/users": {
+          "get": {
+            "operationId": "getUsers",
+            "summary": "Get all users",
+            "responses": {
+              "200": {
+                "description": "List of users"
+              }
+            }
+          }
+        }
+      }
+    },
+    "version": "3.1.0",
+    "security": {
+      "type": "apiKey",
+      "apiKey": {
+        "name": "X-API-Key",
+        "in": "header",
+        "value": "your-api-key"
+      }
+    }
+  }
+}
+```
+
+## Benefits of JSON Schema Support
+
+1. **Offline Development**: No need for external URLs during development
+2. **Version Control**: Schema changes can be tracked in your configuration
+3. **Security**: No external dependencies or network calls required
+4. **Customization**: Full control over the API specification
+5. **Testing**: Easy to create test configurations with mock schemas
+
+## Frontend Form Support
+
+The web interface now includes:
+
+- **Input Mode Selection**: Choose between "Specification URL" or "JSON Schema"
+- **URL Input**: Traditional URL input field for external specifications
+- **Schema Editor**: Large text area with syntax highlighting for JSON schema input
+- **Validation**: Client-side JSON validation before submission
+- **Help Text**: Contextual help for schema format
+
+## API Validation
+
+The backend validates that:
+
+- At least one of `url` or `schema` is provided for OpenAPI servers
+- JSON schemas are properly formatted when provided
+- Security configurations are valid for both input modes
+- All required OpenAPI fields are present
+
+## Migration Guide
+
+### From URL to Schema
+
+If you want to convert an existing URL-based configuration to schema-based:
+
+1. Download your OpenAPI specification from the URL
+2. Copy the JSON content
+3. Update your configuration to use the `schema` field instead of `url`
+4. Paste the JSON content as the value of the `schema` field
+
+### Maintaining Both
+
+You can include both `url` and `schema` in your configuration. The system will prioritize the `schema` field if both are present.
+
+## Examples
+
+See the `examples/openapi-schema-config.json` file for complete configuration examples showing both URL and schema-based configurations.
+
+## Technical Implementation
+
+- **Backend**: OpenAPI client supports both SwaggerParser.dereference() with URLs and direct schema objects
+- **Frontend**: Dynamic form rendering based on selected input mode
+- **Validation**: Enhanced validation logic in server controllers
+- **Type Safety**: Updated TypeScript interfaces for both input modes
+
+## Security Considerations
+
+When using JSON schemas:
+
+- Ensure schemas are properly validated before use
+- Be aware that large schemas increase configuration file size
+- Consider using URL-based approach for frequently changing APIs
+- Store sensitive information (like API keys) in environment variables, not in schemas
+
+## Troubleshooting
+
+### Common Issues
+
+1. **Invalid JSON**: Ensure your schema is valid JSON format
+2. **Missing Required Fields**: OpenAPI schemas must include `openapi`, `info`, and `paths` fields
+3. **Schema Size**: Very large schemas may impact performance
+4. **Server Configuration**: Ensure the `servers` field in your schema points to the correct endpoints
+
+### Validation Errors
+
+The system provides detailed error messages for:
+
+- Malformed JSON in schema field
+- Missing required OpenAPI fields
+- Invalid security configurations
+- Network issues with URL-based configurations
--- a/docs/openapi-support.md
+++ b/docs/openapi-support.md
@@ -0,0 +1,172 @@
+# OpenAPI Support in MCPHub
+
+MCPHub now supports OpenAPI 3.1.1 servers as a new server type, allowing you to integrate REST APIs directly into your MCP workflow.
+
+## Features
+
+- ✅ **Full OpenAPI 3.1.1 Support**: Load and parse OpenAPI specifications
+- ✅ **Multiple Security Types**: None, API Key, HTTP Authentication, OAuth 2.0, OpenID Connect
+- ✅ **Dynamic Tool Generation**: Automatically creates MCP tools from OpenAPI operations
+- ✅ **Type Safety**: Full TypeScript support with proper type definitions
+- ✅ **Frontend Integration**: Easy-to-use forms for configuring OpenAPI servers
+- ✅ **Internationalization**: Support for English and Chinese languages
+
+## Configuration
+
+### Basic Configuration
+
+```json
+{
+  "type": "openapi",
+  "openapi": {
+    "url": "https://api.example.com/v1/openapi.json",
+    "version": "3.1.0",
+    "security": {
+      "type": "none"
+    }
+  }
+}
+```
+
+### With API Key Authentication
+
+```json
+{
+  "type": "openapi",
+  "openapi": {
+    "url": "https://api.example.com/v1/openapi.json",
+    "version": "3.1.0",
+    "security": {
+      "type": "apiKey",
+      "apiKey": {
+        "name": "X-API-Key",
+        "in": "header",
+        "value": "your-api-key-here"
+      }
+    }
+  },
+  "headers": {
+    "Accept": "application/json"
+  }
+}
+```
+
+### With HTTP Bearer Authentication
+
+```json
+{
+  "type": "openapi",
+  "openapi": {
+    "url": "https://api.example.com/v1/openapi.json",
+    "version": "3.1.0",
+    "security": {
+      "type": "http",
+      "http": {
+        "scheme": "bearer",
+        "credentials": "your-bearer-token-here"
+      }
+    }
+  }
+}
+```
+
+## Supported Security Types
+
+1. **None**: No authentication required
+2. **API Key**: API key in header or query parameter
+3. **HTTP**: Basic, Bearer, or Digest authentication
+4. **OAuth 2.0**: OAuth 2.0 access tokens
+5. **OpenID Connect**: OpenID Connect ID tokens
+
+## How It Works
+
+1. **Specification Loading**: The OpenAPI client fetches and parses the OpenAPI specification
+2. **Tool Generation**: Each operation in the spec becomes an MCP tool
+3. **Request Handling**: Tools handle parameter validation and API calls
+4. **Response Processing**: API responses are returned as tool results
+
+## Frontend Usage
+
+1. Navigate to the Servers page
+2. Click "Add Server"
+3. Select "OpenAPI" as the server type
+4. Enter the OpenAPI specification URL
+5. Configure security settings if needed
+6. Add any additional headers
+7. Save the configuration
+
+## Testing
+
+You can test the OpenAPI integration using the provided test scripts:
+
+```bash
+# Test OpenAPI client directly
+npx tsx test-openapi.ts
+
+# Test full integration
+npx tsx test-integration.ts
+```
+
+## Example: Swagger Petstore
+
+The Swagger Petstore API is a perfect example for testing:
+
+```json
+{
+  "type": "openapi",
+  "openapi": {
+    "url": "https://petstore3.swagger.io/api/v3/openapi.json",
+    "version": "3.1.0",
+    "security": {
+      "type": "none"
+    }
+  }
+}
+```
+
+This will create tools like:
+
+- `addPet`: Add a new pet to the store
+- `findPetsByStatus`: Find pets by status
+- `getPetById`: Find pet by ID
+- And many more...
+
+## Error Handling
+
+The OpenAPI client includes comprehensive error handling:
+
+- Network errors are properly caught and reported
+- Invalid specifications are rejected with clear error messages
+- API errors include response status and body information
+- Type validation ensures proper parameter handling
+
+## Limitations
+
+- Only supports OpenAPI 3.x specifications (3.0.0 and above)
+- Complex authentication flows (like OAuth 2.0 authorization code flow) require manual token management
+- Large specifications may take time to parse initially
+- Some advanced OpenAPI features may not be fully supported
+
+## Contributing
+
+To add new features or fix bugs in the OpenAPI integration:
+
+1. Backend types: `src/types/index.ts`
+2. OpenAPI client: `src/clients/openapi.ts`
+3. Service integration: `src/services/mcpService.ts`
+4. Frontend forms: `frontend/src/components/ServerForm.tsx`
+5. Internationalization: `frontend/src/locales/`
+
+## Troubleshooting
+
+**Q: My OpenAPI server won't connect**
+A: Check that the specification URL is accessible and returns valid JSON/YAML
+
+**Q: Tools aren't showing up**
+A: Verify that your OpenAPI specification includes valid operations with required fields
+
+**Q: Authentication isn't working**
+A: Double-check your security configuration matches the API's requirements
+
+**Q: Getting CORS errors**
+A: The API server needs to allow CORS requests from your MCPHub domain