📜 Hono OpenAPI

This can automatically generate the OpenAPI specification for the Hono API using your validation schema, which can be used to generate client libraries, documentation, and more.

Supported Validation Libraries:

• Zod
• Valibot
• ArkType
• TypeBox
• Effect

[!Note] This package is still in development and your feedback is highly appreciated. If you have any suggestions or issues, please let us know by creating an issue on GitHub.

Usage

Installation

You can install the package using favorite package manager.

For Zod

1pnpm add hono-openapi @hono/zod-validator zod zod-openapi

For Valibot

1pnpm add hono-openapi @hono/valibot-validator valibot @valibot/to-json-schema

For ArkType

1pnpm add hono-openapi @hono/arktype-validator arktype

For TypeBox

1pnpm add hono-openapi @hono/typebox-validator @sinclair/typebox"

For Effect

1pnpm add hono-openapi @hono/effect-validator effect

[!IMPORTANT]

Requires effect@^3.10.0. Also, use the Schema class from the effect package, as @effect/schema is not supported.

Basic Usage

Setting up your application

First, define your schemas, here is an example using Zod:

1import z from "zod";
2
3// For extending the Zod schema with OpenAPI properties
4import "zod-openapi/extend";
5
6const querySchema = z
7  .object({
8    name: z.string().optional().openapi({ example: "Steven" }),
9  })
10  .openapi({ ref: "Query" });
11
12const responseSchema = z.string().openapi({ example: "Hello Steven!" });

Extending the Zod schema with OpenAPI properties is optional, but it will help you generate the OpenAPI specification. You can learn more about it here - https://github.com/samchungy/zod-openapi.

[!Tip] The querySchema schema will be registered as "#/components/schemas/Query" refs in the OpenAPI document. If you want to register the schema as referenced components, use .openapi() method.

Next, create your route -

1import { Hono } from "hono";
2import { describeRoute } from "hono-openapi";
3import { resolver, validator as zValidator } from "hono-openapi/zod";
4
5const app = new Hono();
6
7app.get(
8  "/",
9  describeRoute({
10    description: "Say hello to the user",
11    responses: {
12      200: {
13        description: "Successful greeting response",
14        content: {
15          "text/plain": {
16            schema: resolver(responseSchema),
17          },
18        },
19      },
20    },
21  }),
22  zValidator("query", querySchema),
23  (c) => {
24    const query = c.req.valid("query");
25    return c.text(`Hello ${query?.name ?? "Hono"}!`);
26  }
27);

You might be wondering why are we importing validator from hono-openapi/zod instead of @hono/zod-validator and as zValidator? This is because hono-openapi provides a wrapper around the @hono/zod-validator to make it easier to use. The idea is if you are already using @hono/zod-validator to validate your schemas, you can easily switch to hono-openapi without changing much of your code.

Finally, generate the OpenAPI specification -

1app.get(
2  "/openapi",
3  openAPISpecs(app, {
4    documentation: {
5      info: {
6        title: "Hono",
7        version: "1.0.0",
8        description: "API for greeting users",
9      },
10      servers: [
11        {
12          url: "http://localhost:3000",
13          description: "Local server",
14        },
15      ],
16    },
17  })
18);

Now, you can access the OpenAPI specification by visiting http://localhost:3000/openapi, and you can use this specification to generate client libraries, documentation, and more. Some tools that I used to generate documentation are -

• Swagger UI
• Scalar

Scalar Example

1app.get(
2  "/docs",
3  apiReference({
4    theme: "saturn",
5    spec: {
6      url: "/openapi",
7    },
8  })
9);

And that's it! You have successfully generated the OpenAPI specification for your Hono API.

Advanced Usage

Adding Security Definitions

You can add security definitions to your OpenAPI specification by using the security property in the openAPISpecs function.

1app.get(
2  "/openapi",
3  openAPISpecs(appRouter, {
4    documentation: {
5      info: {
6        title: "Rhinobase Cloud",
7        version: "1.0.0",
8        description: "API Documentation",
9      },
10      components: {
11        securitySchemes: {
12          bearerAuth: {
13            type: "http",
14            scheme: "bearer",
15            bearerFormat: "JWT",
16          },
17        },
18      },
19      security: [
20        {
21          bearerAuth: [],
22        },
23      ],
24      servers: [
25        {
26          url: "http://localhost:3004",
27          description: "Local server",
28        },
29      ],
30    },
31  })
32);

Conditionaly Hiding Routes

You can conditionally hide routes from the OpenAPI specification by using the hide property in the describeRoute function.

1app.get(
2  "/",
3  describeRoute({
4    // ...
5    hide: process.env.NODE_ENV === "production",
6  }),
7  (c) => {
8    return c.text("Private Route");
9  }
10);

Validating Responses

[!Warning] Experimental

You can validate the responses using the validateResponse property in the describeRoute function. This will validate the response against the schema and return an error if the response is invalid.

1app.get(
2  "/",
3  describeRoute({
4    // ...
5    validateResponse: true,
6  }),
7  (c) => {
8    return c.json({ message: "This response will be validated" });
9  }
10);

Contributing

We would love to have more contributors involved!

To get started, please read our Contributing Guide.

Credits

• The idea for this project was inspired by ElysiaJS and their amazing work on generating OpenAPI specifications.
• This project would not have been possible without the work of Sam Chung and his Zod OpenAPI package.