openapi-path-templating
Advanced tools
OpenAPI Path Templating parser, validator, resolver and matcher.
OpenAPI Path Templating refers to the usage of template expressions, delimited by curly braces ({}), to mark a section of a URL path as replaceable using path parameters.
Each template expression in the path MUST correspond to a path parameter that is included in the Path Item itself and/or in each of the Path Item's Operations.
An exception is if the path item is empty, for example due to ACL constraints, matching path parameters are not required.
openapi-path-templating is a parser, validator, resolver and matcher for OpenAPI Path Templating,
which played a foundational role in defining the official ANBF grammar for OpenAPI Path Templating.
It supports Path Templating defined in following OpenAPI specification versions:
| Get professionally supported openapi-path-templating with Tidelift Subscription. |
You can install openapi-path-templating using npm:
$ npm install openapi-path-templating
openapi-path-templating currently supports parsing, validation, resolution and matching.
Both parser and validator are based on a superset of ABNF (SABNF)
and use apg-lite parser generator.
Parsing a Path Templating is as simple as importing the parse function and calling it.
import { parse } from 'openapi-path-templating';
const parseResult = parse('/pets/{petId}');
parseResult.result.success; // => true
parseResult variable has the following shape:
{
result: {
success: true,
state: 101,
stateName: 'MATCH',
length: 13,
matched: 13,
maxMatched: 13,
maxTreeDepth: 20,
nodeHits: 232
},
ast: fnast {
callbacks: [
'path-template': [Function: pathTemplate],
slash: [Function: slash],
'path-literal': [Function: pathLiteral],
'template-expression': [Function: templateExpression],
'template-expression-param-name': [Function: templateExpressionParamName]
],
init: [Function (anonymous)],
ruleDefined: [Function (anonymous)],
udtDefined: [Function (anonymous)],
down: [Function (anonymous)],
up: [Function (anonymous)],
translate: [Function (anonymous)],
setLength: [Function (anonymous)],
getLength: [Function (anonymous)],
toXml: [Function (anonymous)]
}
}
import { parse } from 'openapi-path-templating';
const parseResult = parse('/pets/{petId}');
const parts = [];
parseResult.ast.translate(parts);
After running the above code, parts variable has the following shape:
[
[ 'path-template', '/pets/{petId}' ],
[ 'slash', '/' ],
[ 'path-literal', 'pets' ],
[ 'slash', '/' ],
[ 'template-expression', '{petId}' ],
[ 'template-expression-param-name', 'petId' ]
]
import { parse } from 'openapi-path-templating';
const parseResult = parse('/pets/{petId}');
const xml = parseResult.ast.toXml();
After running the above code, xml variable has the following content:
<?xml version="1.0" encoding="utf-8"?>
<root nodes="6" characters="13">
<!-- input string -->
/pets/{petId}
<node name="path-template" index="0" length="13">
/pets/{petId}
<node name="slash" index="0" length="1">
/
</node><!-- name="slash" -->
<node name="path-literal" index="1" length="4">
pets
</node><!-- name="path-literal" -->
<node name="slash" index="5" length="1">
/
</node><!-- name="slash" -->
<node name="template-expression" index="6" length="7">
{petId}
<node name="template-expression-param-name" index="7" length="5">
petId
</node><!-- name="template-expression-param-name" -->
</node><!-- name="template-expression" -->
</node><!-- name="path-template" -->
</root>
NOTE: AST can also be traversed in classical way using depth first traversal. For more information about this option please refer to apg-js and apg-js-examples.
Validating a Path Templating is as simple as importing the test function and calling it.
import { test } from 'openapi-path-templating';
test('/pets/{petId}'); // => true
test('/a{petId}'); // => true
test('/pets'); // => true
test('/pets', { strict: true }); // => false (doesn't contain any template-expression)
Resolving a Path Templating is as simple as importing the resolve function and calling it.
import { resolve } from 'openapi-path-templating';
resolve('/pets/{petId}', { petId: 3 }); // => "/pets/3"
Resolved Path Templating is automatically encoded using encodeURIComponent function. It is possible to provide a custom encoder.
import { resolve } from 'openapi-path-templating';
resolve('/pets/{petId}', { petId: '/?#' }, {
encoder: (component) => component, // no encoding
}); // => "/pets//?#"
Path templating matching in OpenAPI prioritizes concrete paths over parameterized ones, treats paths with identical structures but different parameter names as invalid, and considers paths with overlapping patterns that could match the same request as potentially ambiguous.
isIdentical
Determines whether two path templates are structurally identical, meaning they have the same sequence of literals and template expressions, regardless of template expression names. In the OpenAPI context, such identical paths are considered invalid due to potential conflicts in routing.
import { isIdentical } from 'openapi-path-templating';
isIdentical('/pets/{petId}', '/pets/{name}'); // => true
isIdentical('/pets/{petId}', '/animals/{name}'); // => false
New grammar instance can be created in following way:
import { Grammar } from 'openapi-path-templating';
const grammar = new Grammar();
To obtain original ABNF (SABNF) grammar as a string:
import { Grammar } from 'openapi-path-templating';
const grammar = new Grammar();
grammar.toString();
// or
String(grammar);
The Path Templating is defined by the following ABNF syntax
; OpenAPI Path Templating ABNF syntax
; variant of https://datatracker.ietf.org/doc/html/rfc3986#section-3.3
path-template = slash *( path-segment slash ) [ path-segment ]
path-segment = 1*( path-literal / template-expression )
slash = "/"
path-literal = 1*pchar
template-expression = "{" template-expression-param-name "}"
template-expression-param-name = 1*( %x00-7A / %x7C / %x7E-10FFFF ) ; every UTF8 character except { and } (from OpenAPI)
; https://datatracker.ietf.org/doc/html/rfc3986#section-3.3
pchar = unreserved / pct-encoded / sub-delims / ":" / "@"
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
; https://datatracker.ietf.org/doc/html/rfc3986#section-2.3
pct-encoded = "%" HEXDIG HEXDIG
; https://datatracker.ietf.org/doc/html/rfc3986#section-2.1
sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
/ "*" / "+" / "," / ";" / "="
; https://datatracker.ietf.org/doc/html/rfc3986#section-2.2
; https://datatracker.ietf.org/doc/html/rfc5234#appendix-B.1
ALPHA = %x41-5A / %x61-7A ; A-Z / a-z
DIGIT = %x30-39 ; 0-9
HEXDIG = DIGIT / "A" / "B" / "C" / "D" / "E" / "F"
openapi-path-templating is licensed under Apache 2.0 license.
openapi-path-templating comes with an explicit NOTICE file
containing additional legal notices and information.
FAQs
OpenAPI Path Templating parser, validator, resolver and matcher.
The npm package openapi-path-templating receives a total of 182,426 weekly downloads. As such, openapi-path-templating popularity was classified as popular.
We found that openapi-path-templating demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.