Skip to content

Architecture Guide

This document provides an overview of the azure-functions-openapi library architecture, design decisions, and internal components.

🏗️ System Architecture

High-Level Overview

┌─────────────────────────────────────────────────────────────┐
│                    Azure Functions App                      │
├─────────────────────────────────────────────────────────────┤
│  ┌─────────────────┐                                        │
│  │   @openapi      │                                        │
│  │   Decorator     │                                        │
│  └─────────────────┘                                        │
│           │                                                  │
│           ▼                                                  │
│  ┌─────────────────────────────────────────────────────────┐ │
│  │              OpenAPI Registry                           │ │
│  └─────────────────────────────────────────────────────────┘ │
│           │                                                  │
│           ▼                                                  │
│  ┌─────────────────────────────────────────────────────────┐ │
│  │              OpenAPI Generation                         │
│  │  ┌─────────────┐  ┌─────────────┐  ┌─────────────────┐ │ │
│  │  │   JSON      │  │   YAML      │  │   Swagger UI    │ │ │
│  │  │   Spec      │  │   Spec      │  │   Rendering     │ │ │
│  │  └─────────────┘  └─────────────┘  └─────────────────┘ │ │
│  └─────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘

🔧 Core Components

1. Decorator System (decorator.py)

The @openapi decorator is the heart of the system:

@openapi(
    summary="API endpoint",
    description="Detailed description",
    tags=["API"],
    request_model=RequestModel,
    response_model=ResponseModel
)
def my_function(req: func.HttpRequest) -> func.HttpResponse:
    # Function implementation

Key Features: - Metadata Collection: Stores OpenAPI metadata in a global registry - Input Validation: Validates and sanitizes all decorator parameters - Type Safety: Full type hints and validation

2. OpenAPI Generation (openapi.py)

Converts registered metadata into OpenAPI 3.0 specifications:

# Generate OpenAPI spec
spec = generate_openapi_spec(title="My API", version="1.0.0")

# Get JSON/YAML formats
json_spec = get_openapi_json()
yaml_spec = get_openapi_yaml()

Key Features: - Schema Generation: Automatic Pydantic model to JSON Schema conversion - Error Resilience: Graceful handling of schema generation failures - Validation: Comprehensive input validation

3. Swagger UI (swagger_ui.py)

Renders interactive API documentation:

# Render Swagger UI with enhanced security
response = render_swagger_ui(
    title="API Documentation",
    openapi_url="/api/openapi.json",
    custom_csp="custom-csp-policy"
)

Key Features: - Security Headers: CSP, X-Frame-Options, X-XSS-Protection - Input Sanitization: XSS protection and content validation - Customization: Configurable CSP policies and UI options

4. Operational Concerns

This library focuses on OpenAPI generation and documentation rendering.

🔄 Data Flow

1. Function Registration

Function Definition → @openapi Decorator → Metadata Validation → Registry Storage

2. OpenAPI Generation

Registry → Schema Generation → JSON/YAML Output

3. Swagger UI Rendering

Request → Security Validation → HTML Generation → Security Headers → Response

🛡️ Security Architecture

Input Validation Pipeline

User Input → Sanitization → Validation → Processing → Response

Security Headers

  • CSP: Content Security Policy for XSS protection
  • X-Frame-Options: Clickjacking protection
  • X-XSS-Protection: XSS filtering
  • X-Content-Type-Options: MIME type sniffing protection

🔧 Extension Points

🚀 Deployment Architecture

Azure Functions Integration

Azure Functions Runtime → Function App → OpenAPI Routes → Documentation