@unispechq/unispec-schema 0.4.8 → 0.5.0

package/README.md

@@ -38,7 +38,8 @@ unispec-spec/
 │  │  └─ config/                     # Valid configuration files
 │  │     ├─ simple-multi-service.json
 │  │     ├─ registry-based.json
-│  │     └─ complete-enterprise.json
+│  │     ├─ complete-enterprise.json
+│  │     └─ bearer-token.json
 │  └─ invalid/                       # Schema violations for testing
 │     ├─ spec/                       # Invalid specifications
 │     └─ config/                     # Invalid configurations
@@ -135,6 +136,7 @@ The `examples/` directory contains comprehensive examples in JSON format:
   - `simple-multi-service.json` — Basic multi-service setup
   - `registry-based.json` — Configuration using registry references
   - `complete-enterprise.json` — Full enterprise configuration with environments
+  - `bearer-token.json` — HTTP spec retrieval protected by Bearer token
 
 ### Invalid Examples (`examples/invalid/`)
 - **Specifications** — Various schema violations for testing validation

package/examples/README.md

@@ -25,6 +25,7 @@ This directory contains example files demonstrating the UniSpec format and confi
 - `simple-multi-service.json` - Basic multi-service configuration
 - `registry-based.json` - Configuration using registry references
 - `complete-enterprise.json` - Full enterprise configuration with environments
+- `bearer-token.json` - HTTP spec retrieval protected by Bearer token
 
 ## Invalid Examples
 
@@ -54,4 +55,4 @@ These examples are intended for:
 3. **Reference** - Starting points for creating your own specifications
 4. **Documentation** - Demonstrating various features and patterns
 
-All examples are in JSON format for consistency and ease of validation against the JSON schemas.
+All examples are in JSON format for consistency and ease of validation against the JSON schemas.

package/examples/valid/config/bearer-token.json

@@ -0,0 +1,19 @@
+{
+  "version": 1,
+  "services": [
+    {
+      "name": "user-service",
+      "baseUrl": "https://user-api.example.com",
+      "spec": {
+        "type": "http",
+        "url": "https://user-api.example.com/unispec.json",
+        "authentication": {
+          "bearer": {
+            "token": "${USER_SERVICE_SPEC_BEARER_TOKEN}"
+          }
+        }
+      }
+    }
+  ]
+}
+

package/examples/valid/config/complete-enterprise.json

@@ -6,36 +6,12 @@
       "baseUrl": "https://auth.company.com",
       "spec": {
         "type": "http",
-        "url": "/unispec.json"
-      },
-      "health": {
-        "path": "/health"
-      },
-      "headers": [
-        {
-          "name": "Authorization",
-          "description": "Bearer token",
-          "required": true
-        },
-        {
-          "name": "X-Request-ID",
-          "description": "Request tracking ID",
-          "required": false
+        "url": "/unispec.json",
+        "authentication": {
+          "bearer": {
+            "token": "${AUTH_SERVICE_BEARER_TOKEN}"
+          }
         }
-      ],
-      "security": [
-        [
-          "oauth2"
-        ],
-        [
-          "apiKeyAuth"
-        ]
-      ],
-      "rateLimit": {
-        "requestsPerMinute": 2000,
-        "requestsPerHour": 100000,
-        "perUser": true,
-        "burstLimit": 500
       }
     },
     {
@@ -45,16 +21,8 @@
         "type": "file",
         "path": "./specs/catalog.json"
       },
-      "health": {
-        "path": "/ping"
-      },
       "discovery": {
         "dnsTemplate": "catalog-{env}.company.com"
-      },
-      "rateLimit": {
-        "requestsPerMinute": 5000,
-        "requestsPerDay": 1000000,
-        "perApiKey": true
       }
     },
     {
@@ -63,11 +31,6 @@
       "spec": {
         "type": "registry",
         "ref": "notification-service@v2.1.0"
-      },
-      "rateLimit": {
-        "requestsPerMinute": 10000,
-        "perUser": true,
-        "customKey": "tenantId"
       }
     }
   ],
@@ -77,29 +40,12 @@
       "overrides": {
         "services": {
           "auth-service": {
-            "baseUrl": "http://localhost:8000",
-            "rateLimit": {
-              "inherit": true,
-              "requestsPerMinute": 5000
-            }
+            "baseUrl": "http://localhost:8000"
           },
           "catalog-service": {
-            "baseUrl": "http://localhost:8001",
-            "rateLimit": {
-              "inherit": true,
-              "requestsPerMinute": 10000
-            }
+            "baseUrl": "http://localhost:8001"
           }
         }
-      },
-      "observability": {
-        "logging": {
-          "level": "debug"
-        },
-        "tracing": {
-          "enabled": true,
-          "samplingRate": 1
-        }
       }
     },
     {
@@ -107,25 +53,10 @@
       "overrides": {
         "services": {
           "auth-service": {
-            "baseUrl": "https://staging-auth.company.com",
-            "rateLimit": {
-              "inherit": true,
-              "burstLimit": 200
-            }
+            "baseUrl": "https://staging-auth.company.com"
           }
         }
       },
-      "observability": {
-        "logging": {
-          "level": "info"
-        },
-        "metrics": {
-          "enabled": true,
-          "endpoints": [
-            "/metrics"
-          ]
-        }
-      },
       "deployment": {
         "replicas": 2,
         "kubernetes": {
@@ -135,35 +66,12 @@
     },
     {
       "name": "production",
-      "observability": {
-        "logging": {
-          "level": "warn",
-          "format": "json"
-        },
-        "metrics": {
-          "enabled": true
-        },
-        "tracing": {
-          "enabled": true,
-          "samplingRate": 0.01
-        }
-      },
       "deployment": {
         "replicas": 5,
         "kubernetes": {
           "namespace": "production",
           "serviceType": "LoadBalancer"
         }
-      },
-      "dataResidency": "EU-West",
-      "audit": {
-        "enabled": true,
-        "retention": "1 year",
-        "fields": [
-          "userId",
-          "action",
-          "timestamp"
-        ]
       }
     }
   ]

package/examples/valid/config/registry-based.json

@@ -7,24 +7,6 @@
       "spec": {
         "type": "registry",
         "ref": "payment-service@v1.2.3"
-      },
-      "headers": [
-        {
-          "name": "X-API-Key",
-          "description": "API key for payment service",
-          "required": true
-        }
-      ],
-      "security": [
-        [
-          "apiKeyAuth"
-        ]
-      ],
-      "rateLimit": {
-        "requestsPerMinute": 500,
-        "requestsPerHour": 30000,
-        "perApiKey": true,
-        "customKey": "organizationId"
       }
     }
   ],
@@ -37,11 +19,7 @@
       "overrides": {
         "services": {
           "payment-service": {
-            "baseUrl": "https://staging-payments.example.com",
-            "rateLimit": {
-              "inherit": true,
-              "requestsPerMinute": 100
-            }
+            "baseUrl": "https://staging-payments.example.com"
           }
         }
       }

package/examples/valid/config/simple-multi-service.json

@@ -7,13 +7,6 @@
       "spec": {
         "type": "http",
         "url": "https://user-api.example.com/unispec.json"
-      },
-      "health": {
-        "path": "/health"
-      },
-      "rateLimit": {
-        "requestsPerMinute": 1000,
-        "perUser": true
       }
     },
     {
@@ -22,14 +15,6 @@
       "spec": {
         "type": "file",
         "path": "./order-service-spec.json"
-      },
-      "health": {
-        "path": "/ping"
-      },
-      "rateLimit": {
-        "requestsPerHour": 50000,
-        "perApiKey": true,
-        "burstLimit": 1000
       }
     }
   ],
@@ -39,34 +24,13 @@
       "overrides": {
         "services": {
           "user-service": {
-            "baseUrl": "http://localhost:3001",
-            "rateLimit": {
-              "inherit": true,
-              "requestsPerMinute": 100,
-              "perUser": false
-            }
+            "baseUrl": "http://localhost:3001"
           },
           "order-service": {
             "baseUrl": "http://localhost:3002"
           }
         }
       }
-    },
-    {
-      "name": "production",
-      "observability": {
-        "logging": {
-          "level": "info",
-          "format": "json"
-        },
-        "metrics": {
-          "enabled": true
-        },
-        "tracing": {
-          "enabled": true,
-          "samplingRate": 0.1
-        }
-      }
     }
   ]
 }

package/examples/valid/spec/graphql-simple.json

@@ -4,6 +4,9 @@
     "name": "blog-service",
     "description": "A blog service with GraphQL API",
     "version": "1.0.0",
+    "health": {
+      "path": "/health"
+    },
     "protocols": {
       "graphql": {
         "url": "/graphql",

package/examples/valid/spec/mixed-complete.json

@@ -4,6 +4,9 @@
     "name": "ecommerce-service",
     "description": "A complete e-commerce service with multiple protocols",
     "version": "2.1.0",
+    "health": {
+      "path": "/health"
+    },
     "contact": {
       "name": "API Team",
       "email": "api@ecommerce.com"

package/examples/valid/spec/rest-simple.json

@@ -4,6 +4,50 @@
     "name": "user-service",
     "description": "A simple user management service with REST API",
     "version": "1.2.3",
+    "health": {
+      "path": "/health"
+    },
+    "schemas": {
+      "UserList": {
+        "description": "List of users response",
+        "jsonSchema": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "id": {"type": "string"},
+              "name": {"type": "string"},
+              "email": {"type": "string"}
+            },
+            "required": ["id", "name", "email"]
+          }
+        }
+      },
+      "CreateUserRequest": {
+        "description": "Request to create a new user",
+        "jsonSchema": {
+          "type": "object",
+          "properties": {
+            "name": {"type": "string"},
+            "email": {"type": "string"}
+          },
+          "required": ["name", "email"]
+        }
+      },
+      "UserResponse": {
+        "description": "User creation response",
+        "jsonSchema": {
+          "type": "object",
+          "properties": {
+            "id": {"type": "string"},
+            "name": {"type": "string"},
+            "email": {"type": "string"},
+            "createdAt": {"type": "string", "format": "date-time"}
+          },
+          "required": ["id", "name", "email", "createdAt"]
+        }
+      }
+    },
     "protocols": {
       "rest": {
         "routes": [
@@ -14,7 +58,12 @@
             "method": "GET",
             "responses": {
               "200": {
-                "description": "List of users retrieved successfully"
+                "description": "List of users retrieved successfully",
+                "content": {
+                  "application/json": {
+                    "schemaRef": "UserList"
+                  }
+                }
               }
             }
           },
@@ -33,7 +82,12 @@
             },
             "responses": {
               "201": {
-                "description": "User created successfully"
+                "description": "User created successfully",
+                "content": {
+                  "application/json": {
+                    "schemaRef": "UserResponse"
+                  }
+                }
               }
             }
           }

package/examples/valid/spec/websocket-simple.json

@@ -4,6 +4,9 @@
     "name": "chat-service",
     "description": "A chat service with WebSocket API",
     "version": "1.0.0",
+    "health": {
+      "path": "/health"
+    },
     "protocols": {
       "websocket": {
         "url": "/ws",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@unispechq/unispec-schema",
-  "version": "0.4.8",
+  "version": "0.5.0",
   "description": "Official UniSpec JSON Schemas",
   "type": "module",
   "main": "index.cjs",

package/schema/types/rest.schema.json

@@ -15,7 +15,7 @@
 					"type": "string",
 					"description": "Short, human-readable summary of the route."
 				},
-								"deprecated": {
+				"deprecated": {
 					"type": "boolean",
 					"description": "Marks the route as deprecated.",
 					"default": false

package/schema/types/service.schema.json

@@ -14,6 +14,17 @@
 		"version": {
 			"$ref": "./common.schema.json#/$defs/Version"
 		},
+		"health": {
+			"type": "object",
+			"description": "Service health check endpoint definition.",
+			"properties": {
+				"path": {
+					"type": "string",
+					"description": "HTTP path for a health check endpoint (for example, /health or /ping)."
+				}
+			},
+			"additionalProperties": false
+		},
 		"contact": {
 			"type": "object",
 			"description": "Contact information for the service.",

package/schema/unispec-config.schema.json

@@ -45,28 +45,8 @@
 				"spec": {
 					"$ref": "#/$defs/SpecReference"
 				},
-				"health": {
-					"$ref": "#/$defs/Health"
-				},
 				"discovery": {
 					"$ref": "#/$defs/Discovery"
-				},
-				"headers": {
-					"type": "array",
-					"description": "HTTP headers commonly used for accessing this service's UniSpec document.",
-					"items": {
-						"$ref": "#/$defs/Header"
-					}
-				},
-				"security": {
-					"type": "array",
-					"description": "Security requirements for accessing this service's UniSpec document. Each item represents an alternative set of named security schemes.",
-					"items": {
-						"$ref": "#/$defs/SecurityRequirement"
-					}
-				},
-				"rateLimit": {
-					"$ref": "#/$defs/RateLimit"
 				}
 			},
 			"additionalProperties": false
@@ -103,6 +83,10 @@
 				"path": {
 					"type": "string",
 					"description": "Backward-compatible alias for url (for example, /unispec.yaml)."
+				},
+				"authentication": {
+					"$ref": "#/$defs/Authentication",
+					"description": "Authentication configuration for accessing the UniSpec document."
 				}
 			},
 			"oneOf": [{ "required": ["url"] }, { "required": ["path"] }],
@@ -136,17 +120,6 @@
 			},
 			"additionalProperties": false
 		},
-		"Health": {
-			"type": "object",
-			"required": ["path"],
-			"properties": {
-				"path": {
-					"type": "string",
-					"description": "HTTP path for a health check endpoint (for example, /ping)."
-				}
-			},
-			"additionalProperties": false
-		},
 		"Discovery": {
 			"type": "object",
 			"properties": {
@@ -168,18 +141,8 @@
 				"overrides": {
 					"$ref": "#/$defs/EnvironmentOverrides"
 				},
-				"observability": {
-					"$ref": "#/$defs/Observability"
-				},
 				"deployment": {
 					"$ref": "#/$defs/Deployment"
-				},
-				"dataResidency": {
-					"type": "string",
-					"description": "Geographic region where data is stored for compliance."
-				},
-				"audit": {
-					"$ref": "#/$defs/Audit"
 				}
 			},
 			"additionalProperties": false
@@ -207,164 +170,12 @@
 				"spec": {
 					"$ref": "#/$defs/SpecReference"
 				},
-				"health": {
-					"$ref": "#/$defs/Health"
-				},
 				"discovery": {
 					"$ref": "#/$defs/Discovery"
-				},
-				"headers": {
-					"type": "array",
-					"description": "HTTP headers overrides for accessing this service's UniSpec document in this environment.",
-					"items": {
-						"$ref": "#/$defs/Header"
-					}
-				},
-				"security": {
-					"type": "array",
-					"description": "Security requirements overrides for accessing this service's UniSpec document in this environment.",
-					"items": {
-						"$ref": "#/$defs/SecurityRequirement"
-					}
-				},
-				"rateLimit": {
-					"$ref": "#/$defs/RateLimit"
-				}
-			},
-			"additionalProperties": false
-		},
-		"Header": {
-			"type": "object",
-			"required": ["name"],
-			"properties": {
-				"name": {
-					"type": "string",
-					"description": "Header name (case-insensitive)."
-				},
-				"description": {
-					"type": "string",
-					"description": "Human-readable description of the header."
-				},
-				"required": {
-					"type": "boolean",
-					"description": "Whether this header is required.",
-					"default": false
-				},
-				"defaultValue": {
-					"type": "string",
-					"description": "Default value for the header."
-				}
-			},
-			"additionalProperties": false
-		},
-		"SecurityRequirement": {
-			"type": "array",
-			"description": "Alternative set of named security schemes applied to a service or operation.",
-			"items": {
-				"$ref": "./types/common.schema.json#/$defs/Identifier"
-			}
-		},
-		"Observability": {
-			"type": "object",
-			"description": "Observability configuration for the environment.",
-			"properties": {
-				"logging": {
-					"type": "object",
-					"properties": {
-						"level": {
-							"type": "string",
-							"enum": ["debug", "info", "warn", "error"],
-							"description": "Logging level."
-						},
-						"format": {
-							"type": "string",
-							"enum": ["json", "text"],
-							"description": "Log format."
-						},
-						"fields": {
-							"type": "array",
-							"items": {
-								"type": "string"
-							},
-							"description": "Additional fields to include in logs."
-						}
-					},
-					"additionalProperties": false
-				},
-				"metrics": {
-					"type": "object",
-					"properties": {
-						"enabled": {
-							"type": "boolean",
-							"description": "Whether metrics collection is enabled."
-						},
-						"endpoints": {
-							"type": "array",
-							"items": {
-								"type": "string"
-							},
-							"description": "Metrics endpoints."
-						},
-						"customMetrics": {
-							"type": "array",
-							"items": {
-								"$ref": "#/$defs/CustomMetric"
-							},
-							"description": "Custom metrics definitions."
-						}
-					},
-					"additionalProperties": false
-				},
-				"tracing": {
-					"type": "object",
-					"properties": {
-						"enabled": {
-							"type": "boolean",
-							"description": "Whether distributed tracing is enabled."
-						},
-						"samplingRate": {
-							"type": "number",
-							"minimum": 0,
-							"maximum": 1,
-							"description": "Sampling rate for traces (0.0 to 1.0)."
-						},
-						"exporter": {
-							"type": "string",
-							"description": "Tracing exporter (e.g., jaeger, zipkin)."
-						}
-					},
-					"additionalProperties": false
 				}
 			},
 			"additionalProperties": false
 		},
-		"CustomMetric": {
-			"type": "object",
-			"properties": {
-				"name": {
-					"type": "string",
-					"description": "Metric name."
-				},
-				"type": {
-					"type": "string",
-					"enum": ["counter", "gauge", "histogram", "summary"],
-					"description": "Metric type."
-				},
-				"description": {
-					"type": "string",
-					"description": "Metric description."
-				},
-				"labels": {
-					"type": "array",
-					"items": {
-						"type": "string"
-					},
-					"description": "Metric labels."
-				}
-			},
-			"required": ["name", "type"],
-			"additionalProperties": false
-		},
 		"Deployment": {
 			"type": "object",
 			"description": "Deployment configuration for the environment.",
@@ -473,85 +284,31 @@
 			},
 			"additionalProperties": false
 		},
-		"RateLimit": {
+		"Authentication": {
 			"type": "object",
-			"description": "Rate limiting configuration for the service.",
+			"description": "Authentication configuration for accessing UniSpec documents.",
+			"required": ["bearer"],
 			"properties": {
-				"inherit": {
-					"type": "boolean",
-					"description": "Whether to inherit from parent rate limit configuration. When true, only specified fields override parent values.",
-					"default": false
-				},
-				"requestsPerMinute": {
-					"type": "integer",
-					"minimum": 0,
-					"description": "Maximum requests per minute."
-				},
-				"requestsPerHour": {
-					"type": "integer",
-					"minimum": 0,
-					"description": "Maximum requests per hour."
-				},
-				"requestsPerDay": {
-					"type": "integer",
-					"minimum": 0,
-					"description": "Maximum requests per day."
-				},
-				"burstLimit": {
-					"type": "integer",
-					"minimum": 0,
-					"description": "Maximum burst requests allowed."
-				},
-				"perUser": {
-					"type": "boolean",
-					"description": "Whether rate limiting is applied per user.",
-					"default": false
-				},
-				"perApiKey": {
-					"type": "boolean",
-					"description": "Whether rate limiting is applied per API key.",
-					"default": false
-				},
-				"customKey": {
-					"type": "string",
-					"description": "Custom key for rate limiting (e.g., IP address, organization ID)."
+				"bearer": {
+					"$ref": "#/$defs/BearerAuth",
+					"description": "Bearer token authentication."
 				}
 			},
 			"additionalProperties": false
 		},
-		"Audit": {
+		"BearerAuth": {
 			"type": "object",
-			"description": "Audit configuration for compliance.",
+			"description": "Bearer token authentication configuration.",
+			"required": ["token"],
 			"properties": {
-				"enabled": {
-					"type": "boolean",
-					"description": "Whether audit logging is enabled."
-				},
-				"retention": {
+				"token": {
 					"type": "string",
-					"description": "Audit log retention period."
-				},
-				"fields": {
-					"type": "array",
-					"items": {
-						"type": "string"
-					},
-					"description": "Fields to include in audit logs."
+					"description": "Bearer token value. Can be a literal token or a reference to environment variable using ${ENV_VAR} syntax."
 				},
-				"export": {
-					"type": "object",
-					"properties": {
-						"format": {
-							"type": "string",
-							"enum": ["json", "csv"],
-							"description": "Export format."
-						},
-						"destination": {
-							"type": "string",
-							"description": "Export destination."
-						}
-					},
-					"additionalProperties": false
+				"scheme": {
+					"type": "string",
+					"description": "Token scheme (defaults to 'Bearer').",
+					"default": "Bearer"
 				}
 			},
 			"additionalProperties": false