Skip to content

Commit

Permalink
oauth2: Add OpenAPI spec
Browse files Browse the repository at this point in the history 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
  • Loading branch information
@provokateurin
provokateurin committed Feb 28, 2023
1 parent 544e030 commit 089efa6
Show file tree
Hide file tree
Showing 3 changed files with 222 additions and 11 deletions.
17 changes: 12 additions & 5 deletions apps/oauth2/lib/Controller/LoginRedirectorController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
* @author Daniel Kesselberg <mail@danielkesselberg.de>
* @author Lukas Reschke <lukas@statuscode.ch>
* @author Roeland Jago Douma <roeland@famdouma.nl>
* @author Kate Döen <kate.doeen@nextcloud.com>
*
* @license GNU AGPL version 3 or any later version
*
Expand All @@ -27,6 +28,7 @@
*/
namespace OCA\OAuth2\Controller;

use OC\AppFramework\Http;
use OCA\OAuth2\Db\ClientMapper;
use OCA\OAuth2\Exceptions\ClientNotFoundException;
use OCP\AppFramework\Controller;
Expand Down Expand Up @@ -74,14 +76,19 @@ public function __construct(string $appName,
* @NoCSRFRequired
* @UseSession
*
* @param string $client_id
* @param string $state
* @param string $response_type
* @return Response
* Authorize the user
*
* @param string $client_id Client ID
* @param string $state State of the flow
* @param string $response_type Response type for the flow
* @return TemplateResponse<Http::STATUS_OK>|RedirectResponse
*
* 200: Client not found
* 303: Redirect to login URL
*/
public function authorize($client_id,
$state,
$response_type): Response {
$response_type) {
try {
$client = $this->clientMapper->getByIdentifier($client_id);
} catch (ClientNotFoundException $e) {
Expand Down
18 changes: 12 additions & 6 deletions apps/oauth2/lib/Controller/OauthApiController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @author Lukas Reschke <lukas@statuscode.ch>
* @author Roeland Jago Douma <roeland@famdouma.nl>
* @author Kate Döen <kate.doeen@nextcloud.com>
*
* @license GNU AGPL version 3 or any later version
*
Expand Down Expand Up @@ -82,12 +83,17 @@ public function __construct(string $appName,
* @PublicPage
* @NoCSRFRequired
*
* @param string $grant_type
* @param string $code
* @param string $refresh_token
* @param string $client_id
* @param string $client_secret
* @return JSONResponse
* Get a token
*
* @param string $grant_type Token type that should be granted
* @param string $code Code of the flow
* @param string $refresh_token Refresh token
* @param string $client_id Client ID
* @param string $client_secret Client secret
* @return JSONResponse<array{access_token: string, token_type: string, expires_in: int, refresh_token: string, user_id: string}, Http::STATUS_OK>|JSONResponse<array{error: string}, Http::STATUS_BAD_REQUEST>
*
* 200: Token returned
* 400: Getting token is not possible
*/
public function getToken($grant_type, $code, $refresh_token, $client_id, $client_secret): JSONResponse {

Expand Down
198 changes: 198 additions & 0 deletions apps/oauth2/openapi.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,198 @@
{
"openapi": "3.0.3",
"info": {
"title": "OAuth 2.0",
"description": "Allows OAuth2 compatible authentication from other web applications.",
"license": {
"name": "agpl"
},
"version": "1.14.0"
},
"paths": {
"/index.php/apps/oauth2/authorize": {
"get": {
"tags": [
"login_redirector"
],
"summary": "Authorize the user",
"operationId": "login_redirector-authorize",
"parameters": [
{
"name": "client_id",
"in": "query",
"description": "Client ID",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "state",
"in": "query",
"description": "State of the flow",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "response_type",
"in": "query",
"description": "Response type for the flow",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Client not found",
"content": {
"text/html": {
"schema": {
"type": "string"
}
}
}
},
"303": {
"description": "Redirect to login URL",
"headers": {
"Location": {
"schema": {
"type": "string"
}
}
}
}
}
}
},
"/index.php/apps/oauth2/api/v1/token": {
"post": {
"tags": [
"oauth_api"
],
"summary": "Get a token",
"operationId": "oauth_api-get-token",
"parameters": [
{
"name": "grant_type",
"in": "query",
"description": "Token type that should be granted",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "code",
"in": "query",
"description": "Code of the flow",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "refresh_token",
"in": "query",
"description": "Refresh token",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "client_id",
"in": "query",
"description": "Client ID",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "client_secret",
"in": "query",
"description": "Client secret",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Token returned",
"content": {
"application/json": {
"schema": {
"required": [
"access_token",
"token_type",
"expires_in",
"refresh_token",
"user_id"
],
"type": "object",
"properties": {
"access_token": {
"type": "string"
},
"token_type": {
"type": "string"
},
"expires_in": {
"type": "integer"
},
"refresh_token": {
"type": "string"
},
"user_id": {
"type": "string"
}
}
}
}
}
},
"400": {
"description": "Getting token is not possible",
"content": {
"application/json": {
"schema": {
"required": [
"error"
],
"type": "object",
"properties": {
"error": {
"type": "string"
}
}
}
}
}
}
}
}
}
},
"components": {
"schemas": {},
"securitySchemes": {
"basic_auth": {
"type": "http",
"scheme": "basic"
}
}
},
"security": [
{
"basic_auth": []
}
],
"tags": []
}

0 comments on commit 089efa6

Please sign in to comment.