Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Notes on how to document the new Account REST API #164

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

abstractj
Copy link

Even though it's clear that we should have everything under the REST API guidelines, I would like to remove the clutter and add the notes of my findings around the REST API documentation. So we can agree on what to do next, update the content of this document and eventually merge it with REST API guidelines.

@stianst please let me know what is missing for you or should change. The content is pretty straightforward.


### Future work items

The items below were included as nice to have because it's fairly easy to get these documents out of date and introduce it requires more discussion.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand this comment. Do you mean if they are not generated, but rather some how hand crafted?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stianst I can do some updates in this paragraph. But in summary, I'd like to split the work into 2 steps if we agree:

  1. Dynamic documentation.

That's the most important thing at the moment from my point of view. And that means that changes into the code should immediately be reflected in the OpenAPI document.

  1. Static documentation

Important, but we will only generate it at each release. That means that changes between releases won't be reflected immediately and in theory, could get out of date. That's what I meant, but of course, it's not the end of the world.

The reason why I see 1 as something more important, it's because it requires changes on Keycloak that depends on WildFly and requires more testing. And also I didn't want to introduce too many changes in one go.

The items below were included as nice to have because it's fairly easy to get these documents out of date and introduce it requires more discussion.

* Generate static HTML files for the REST API
* Generate static OpenAPI document and add to the release distribution
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a Maven plugin available that can generate the OpenAPI document without starting the server?

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not to my knowledge. But I think there is an opportunity here to collaborate with the SmallRye OpenAPI project (Red Hat's implementation of the Microprofile-OpenAPI spec) to create one. I believe it would be quite easy to integrate SmallRye OpenAPI into a maven plugin to generate the OpenAPI at build time rather than runtime. Some of the Microprofile Specification features assume things are happening at runtime (e.g. filtering, model reader, etc) but the most important part (generating an OpenAPI document from annotated JAX-RS code) can be done at build time. All we need in the SmallRye OpenAPI impl is a ShrinkWrap Archive with the compiled, annotated JAX-RS classes (and java beans). So I think a maven plugin would be fairly trivial to write.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not that I know. Maybe what Eric suggested is something to consider in the future or discuss with Quarkus team.


The items below were included as nice to have because it's fairly easy to get these documents out of date and introduce it requires more discussion.

* Generate static HTML files for the REST API
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a decent Maven plugin available that can generate HTML documentation from the OpenAPI document? It does seem like this would be incredibly useful as I doubt everyone will want to download Swagger and generate the docs themselves.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes: https://openapi-generator.tech/docs/plugins/

For ReDoc I don't think there is a maven plugin, but it's an NPM based tool - so using one of the node maven plugins (e.g. frontend-maven-plugin) is an easy option.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stianst it is not necessary to download Swagger. Once we have the OpenAPI document people can use any tool to view the documentation. Of course, from the usability standpoint is not ideal, but I think that generate the OpenAPI document should be our priority.

@EricWittmann thank you, I will give that a try.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 to the idea that the generation of the OpenAPI doc being the priority. Everything else flows well once that document exists. The trick is how/when to generate that document.

</dependency>
```

By spinning up the Keycloak server, developers should be able to send an HTTP request to http://localhost:8080/auth/openapi and get the OpenAPI document. Here is an example:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should it not rather be '/auth/openapi/account'? We'll want to have separate OpenAPI documents for different APIs, and eventually we will want this for the admin endpoints (and others) as well.

What about versioning? Would it be '/auth/openapi/account' for the latest, and then you can also grab for a previous version using '/auth/openapi/account/'?

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that Microprofile OpenAPI does not support multiple separate APIs. The specification dictates that a single OpenAPI file be accessible at the /openapi endpoint (in the case of Wildfly it would be /context/openapi I assume, although I haven't looked at how Wildfly handles this). Like all Microprofile specs, the MP-OpenAPI spec was meant to be used in single-application platforms. So if you have multiple separate APIs in the same application context, and you want to document them as separate OpenAPI files, the Microprofile-OpenAPI spec will not let you do that.

That said, I do think using the MP-OpenAPI annotations as described above is the right thing to do. It just might be the case that you will need to figure out how to leverage them in a non-standard way).

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree with Eric here. What I had in mind thinking about admin vs account endpoints make use of tags. For example:

@Tag(name="Account REST API", description="Account REST API operations."),
@Tag(name="Admin REST API", description="Admin REST API operations."),

I can do some updates into the document to cover these scenarios.

Comment on lines 105 to 114
## Swagger UI

Swagger UI allows developers to visualize and generate documentation based on the OpenAPI specification. There are several ways of doing this:

1. Inserting the URL in the [Swagger generator](https://generator.swagger.io/) which is available online. For example: http://localhost:8080/auth/openapi
2. Spinning up a Docker image:
```
docker pull swaggerapi/swagger-ui
docker run -p 80:8080 swaggerapi/swagger-ui
```

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a very popular tool and a reasonable thing to use, certainly. However in my opinion the user interface is ... not great. Before making a decision on this, take a look at ReDoc as an alternative. We use that in Apicurio Studio to visualize the API design. An example: https://studio-ws.apicur.io/sharing/76f236d3-1312-4548-a4d1-400487188c66

Functionally they are very similar, I just think the user experience for ReDoc is much better. The main difference between the two (functionally) is that Swagger UI is interactive - when configured properly it will allow users to not only view documentation but also make test API calls. Useful when your Keycloak server is running and accessible, but not when publishing API docs to a project site.

docker pull swaggerapi/swagger-ui
docker run -p 80:8080 swaggerapi/swagger-ui
```
3. [Swagger Codegen](https://github.com/swagger-api/swagger-codegen#building). The best way to generate static HTML files for documentation.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would actually recommend this instead: https://github.com/OpenAPITools/openapi-generator

Although again, I think ReDoc is a better experience for users consuming the documentation, but that's a matter of preference (ReDoc has its own CLI for generating static/publishable HTML).

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Eric, I will look into that and update the document.

@abstractj
Copy link
Author

@stianst updated with Eric's suggestion. Indeed ReDoc should be the way to go.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants