146 lines
No EOL
3.7 KiB
YAML
146 lines
No EOL
3.7 KiB
YAML
openapi: 3.1.1
|
|
info:
|
|
title: Auth Service
|
|
version: 1.0.0
|
|
|
|
servers:
|
|
- url: /auth
|
|
|
|
paths:
|
|
/sign-up:
|
|
post:
|
|
summary: Sign up a new user
|
|
operationId: postSignUp
|
|
tags: [Auth]
|
|
requestBody:
|
|
required: true
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
required: [nickname, pass]
|
|
properties:
|
|
nickname:
|
|
type: string
|
|
pass:
|
|
type: string
|
|
format: password
|
|
responses:
|
|
"200":
|
|
description: Sign-up result
|
|
content:
|
|
application/json:
|
|
schema:
|
|
required:
|
|
- user_id
|
|
type: object
|
|
properties:
|
|
user_id:
|
|
type: integer
|
|
format: int64
|
|
|
|
/sign-in:
|
|
post:
|
|
summary: Sign in a user and return JWT
|
|
operationId: postSignIn
|
|
tags: [Auth]
|
|
requestBody:
|
|
required: true
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
required: [nickname, pass]
|
|
properties:
|
|
nickname:
|
|
type: string
|
|
pass:
|
|
type: string
|
|
format: password
|
|
responses:
|
|
# This one also sets two cookies: access_token and refresh_token
|
|
"200":
|
|
description: Sign-in result with JWT
|
|
content:
|
|
application/json:
|
|
schema:
|
|
required:
|
|
- user_id
|
|
- user_name
|
|
type: object
|
|
properties:
|
|
user_id:
|
|
type: integer
|
|
format: int64
|
|
user_name:
|
|
type: string
|
|
"401":
|
|
$ref: '#/components/responses/UnauthorizedError'
|
|
|
|
/get-impersonation-token:
|
|
post:
|
|
summary: Get service impersontaion token
|
|
operationId: getImpersonationToken
|
|
tags: [Auth]
|
|
security:
|
|
- bearerAuth: []
|
|
requestBody:
|
|
required: true
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
properties:
|
|
user_id:
|
|
type: integer
|
|
format: int64
|
|
external_id:
|
|
type: integer
|
|
format: int64
|
|
oneOf:
|
|
- required: ["user_id"]
|
|
- required: ["external_id"]
|
|
responses:
|
|
"200":
|
|
description: Generated impersonation access token
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
required:
|
|
- access_token
|
|
properties:
|
|
access_token:
|
|
type: string
|
|
description: JWT access token
|
|
"401":
|
|
$ref: '#/components/responses/UnauthorizedError'
|
|
|
|
/refresh-tokens:
|
|
get:
|
|
summary: Refreshes access_token and refresh_token
|
|
operationId: refreshTokens
|
|
tags: [Auth]
|
|
responses:
|
|
# This one sets two cookies: access_token and refresh_token
|
|
"200":
|
|
description: Refresh success
|
|
"400":
|
|
$ref: '#/components/responses/ClientError'
|
|
"401":
|
|
$ref: '#/components/responses/UnauthorizedError'
|
|
"500":
|
|
$ref: '#/components/responses/ServerError'
|
|
|
|
components:
|
|
securitySchemes:
|
|
bearerAuth:
|
|
type: http
|
|
scheme: bearer
|
|
responses:
|
|
UnauthorizedError:
|
|
description: Access token is missing or invalid
|
|
ServerError:
|
|
description: ServerError
|
|
ClientError:
|
|
description: ClientError |