kuick/api-tools

Kuick API Tools provides a set of tools for Kuick applications.

Maintainers

Package info

github.com/milejko/kuick-api-tools

pkg:composer/kuick/api-tools

Statistics

Installs: 1 100

Dependents: 1

Suggesters: 0

Stars: 1

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v1.1.0 2026-05-14 11:25 UTC

Requires

Requires (Dev)

MIT 7d5244bb849c28a7749da3188d50b64ec33e1af2

  • Mariusz Miłejko <mariusz.woop@milejko.pl>

apitoolsKuick

This package is auto-updated.

Last update: 2026-05-14 11:34:52 UTC

README

Latest Version PHP Total Downloads GitHub Actions CI codecov Software License

API Tools for Kuick Framework

This package plugs into the Kuick Framework and automatically exposes three HTTP endpoints:

Endpoint Method Description
/api/doc GET Swagger UI (HTML)
/api/doc.json GET OpenAPI specification (JSON)
/api/ops GET System diagnostics — protected by Bearer token

Requirements

Installation

composer require kuick/api-tools

The Kuick Framework auto-discovers the route, guard, and DI config files bundled in this package — no manual wiring is required.

Endpoints

GET /api/doc

Returns a self-contained Swagger UI page that loads the OpenAPI spec from /api/doc.json. No authentication required.

GET /api/doc.json

Returns the OpenAPI specification as JSON. The spec is built at runtime by scanning #[OA\...] attributes in your project's src/ directory (via zircote/swagger-php). No authentication required.

GET /api/ops

Returns a JSON object with full system diagnostics:

{
  "request":              { ... },
  "environment":          { ... },
  "di-config":            { ... },
  "opcache-status":       { ... },
  "apcu-status":          { ... },
  "php-version":          "8.3.x",
  "php-config":           { ... },
  "php-loaded-extensions": "..."
}

Protected by Bearer token — see Configuration below.

Configuration

All settings are read from environment variables. Set them in your .env file or deployment environment.

Ops endpoint security

Environment variable DI key Default Description
API_SECURITY_OPS_GUARD_TOKEN api.security.ops.guard.token (empty) Bearer token required to access /api/ops. An empty value means all requests are rejected.

Example — calling the protected endpoint:

curl -H "Authorization: Bearer my-secret-token" https://your-app.example.com/api/ops

OpenAPI metadata

Environment variable DI key Default Description
API_OPENAPI_TITLE api.openapi.title Kuick API Tools Title shown in the Swagger UI and spec
API_OPENAPI_DESCRIPTION api.openapi.description Kuick API Tools is a set of tools for building APIs with the Kuick framework. Description shown in the spec
API_OPENAPI_VERSION api.openapi.version 3.1.0 Version string shown in the spec

Example .env snippet:

API_SECURITY_OPS_GUARD_TOKEN=my-secret-token

API_OPENAPI_TITLE=My Project API
API_OPENAPI_DESCRIPTION=Internal REST API for My Project
API_OPENAPI_VERSION=1.0.0

Annotating your API with OpenAPI attributes

DocJsonController scans $projectDir/src for swagger-php attributes at runtime. Decorate your controllers with #[OA\...] attributes to include them in the generated spec:

use OpenApi\Attributes as OA;

#[OA\Get(
    path: '/api/users',
    description: 'Returns a list of users',
    tags: ['Users'],
    responses: [
        new OA\Response(response: 200, description: 'List of users', content: new OA\JsonContent()),
    ]
)]
final class UserListController
{
    public function __invoke(): JsonResponse { ... }
}