core/oc-auth
6
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
078aae81726975005340f42ba6dfc8879cd431b4
oc-auth/swagger/swagger.json
mr 078aae8172 oc-auth OAUTH2
2026-02-19 14:56:15 +01:00

965 lines
32 KiB
Go
Raw Blame History

{
"swagger": "2.0",
"info": {
"title": "oc-auth",
"description": "OpenCloud authentication services\n",
"version": "1.0.0",
"termsOfService": "http://cloud.o-forge.io/",
"contact": {
"email": "admin@o-cloud.io"
},
"license": {
"name": "AGPL",
"url": "https://www.gnu.org/licenses/agpl-3.0.html"
}
},
"basePath": "/oc/",
"paths": {
"/consent": {
"get": {
"tags": [
"oc-auth/controllersOAuthController"
],
"description": "Hydra redirects here with a consent_challenge. Auto-accepts consent with user permissions.\n\u003cbr\u003e",
"operationId": "OAuthController.Consent",
"parameters": [
{
"in": "query",
"name": "consent_challenge",
"description": "The consent challenge from Hydra",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "",
"schema": {
"$ref": "#/definitions/auth_connectors.Redirect"
}
},
"400": {
"description": "missing consent_challenge"
},
"500": {
"description": "internal error"
}
}
}
},
"/forward": {
"get": {
"tags": [
"oc-auth/controllersOAuthController"
],
"description": "Forward auth for Traefik — validates JWT via Hydra introspection\n\u003cbr\u003e",
"operationId": "OAuthController.AuthForward",
"parameters": [
{
"in": "header",
"name": "Authorization",
"description": "Bearer token",
"type": "string"
}
],
"responses": {
"200": {
"description": "{string}"
}
}
}
},
"/group/": {
"get": {
"tags": [
"group"
],
"description": "find groups\n\u003cbr\u003e",
"operationId": "GroupController.GetAll",
"responses": {
"200": {
"description": "{group} string"
}
}
}
},
"/group/clear": {
"delete": {
"tags": [
"group"
],
"description": "clear the group\n\u003cbr\u003e",
"operationId": "GroupController.Clear",
"responses": {
"200": {
"description": "{string} delete success!"
}
}
}
},
"/group/user/{id}": {
"get": {
"tags": [
"group"
],
"description": "find group by user id\n\u003cbr\u003e",
"operationId": "GroupController.GetByUser",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} string"
}
}
}
},
"/group/{id}": {
"get": {
"tags": [
"group"
],
"description": "find group by id\n\u003cbr\u003e",
"operationId": "GroupController.Get",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{group} string"
}
}
},
"post": {
"tags": [
"group"
],
"description": "create group\n\u003cbr\u003e",
"operationId": "GroupController.Create",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} create success!"
}
}
},
"delete": {
"tags": [
"group"
],
"description": "delete the group\n\u003cbr\u003e",
"operationId": "GroupController.Delete",
"parameters": [
{
"in": "path",
"name": "id",
"description": "The id you want to delete",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} delete success!"
}
}
}
},
"/group/{user_id}/{group_id}": {
"post": {
"tags": [
"group"
],
"description": "bind the group to user\n\u003cbr\u003e",
"operationId": "GroupController.Bind",
"parameters": [
{
"in": "path",
"name": "user_id",
"description": "The user_id you want to bind",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "group_id",
"description": "The group_id you want to bind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} bind success!"
}
}
},
"delete": {
"tags": [
"group"
],
"description": "unbind the group to user\n\u003cbr\u003e",
"operationId": "GroupController.UnBind",
"parameters": [
{
"in": "path",
"name": "user_id",
"description": "The group_id you want to unbind",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "group_id",
"description": "The user_id you want to unbind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} bind success!"
}
}
}
},
"/introspect": {
"get": {
"tags": [
"oc-auth/controllersOAuthController"
],
"description": "Introspect a token — respects Hydra's response\n\u003cbr\u003e",
"operationId": "OAuthController.Introspect",
"parameters": [
{
"in": "header",
"name": "Authorization",
"description": "Bearer token",
"type": "string"
}
],
"responses": {
"200": {
"description": "",
"schema": {
"$ref": "#/definitions/auth_connectors.IntrospectResult"
}
}
}
}
},
"/login": {
"get": {
"tags": [
"oc-auth/controllersOAuthController"
],
"description": "Hydra redirects here with a login_challenge. Returns challenge info or auto-accepts if session exists.\n\u003cbr\u003e",
"operationId": "OAuthController.GetLogin",
"parameters": [
{
"in": "query",
"name": "login_challenge",
"description": "The login challenge from Hydra",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "",
"schema": {
"$ref": "#/definitions/auth_connectors.LoginChallenge"
}
},
"400": {
"description": "missing login_challenge"
},
"500": {
"description": "internal error"
}
}
},
"post": {
"tags": [
"oc-auth/controllersOAuthController"
],
"description": "Authenticate user via LDAP and accept Hydra login challenge\n\u003cbr\u003e",
"operationId": "OAuthController.PostLogin",
"parameters": [
{
"in": "body",
"name": "body",
"description": "Login credentials and challenge",
"required": true,
"schema": {
"$ref": "#/definitions/auth_connectors.LoginRequest"
}
}
],
"responses": {
"200": {
"description": "",
"schema": {
"$ref": "#/definitions/auth_connectors.Redirect"
}
},
"401": {
"description": "invalid credentials"
},
"500": {
"description": "internal error"
}
}
}
},
"/logout": {
"get": {
"tags": [
"oc-auth/controllersOAuthController"
],
"description": "Hydra redirects here with a logout_challenge. Accepts the challenge and returns a redirect URL.\n\u003cbr\u003e",
"operationId": "OAuthController.GetLogout",
"parameters": [
{
"in": "query",
"name": "logout_challenge",
"description": "The logout challenge from Hydra",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "",
"schema": {
"$ref": "#/definitions/auth_connectors.Redirect"
}
},
"400": {
"description": "missing logout_challenge"
},
"500": {
"description": "internal error"
}
}
},
"delete": {
"tags": [
"oc-auth/controllersOAuthController"
],
"description": "Revoke an OAuth2 token\n\u003cbr\u003e",
"operationId": "OAuthController.Logout",
"parameters": [
{
"in": "header",
"name": "Authorization",
"description": "Bearer token",
"type": "string"
},
{
"in": "query",
"name": "client_id",
"description": "The client_id",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "",
"schema": {
"$ref": "#/definitions/auth_connectors.Token"
}
}
}
}
},
"/permission/": {
"get": {
"tags": [
"permission"
],
"description": "find permissions\n\u003cbr\u003e",
"operationId": "PermissionController.GetAll",
"responses": {
"200": {
"description": "{permission} string"
}
}
}
},
"/permission/clear": {
"delete": {
"tags": [
"permission"
],
"description": "clear the permission\n\u003cbr\u003e",
"operationId": "PermissionController.Clear",
"responses": {
"200": {
"description": "{string} delete success!"
}
}
}
},
"/permission/role/{id}": {
"get": {
"tags": [
"permission"
],
"description": "find permission by role id\n\u003cbr\u003e",
"operationId": "PermissionController.GetByRole",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} string"
}
}
}
},
"/permission/user/{id}": {
"get": {
"tags": [
"permission"
],
"description": "find permission by user id\n\u003cbr\u003e",
"operationId": "PermissionController.GetByUser",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} string"
}
}
}
},
"/permission/{id}/{relation}": {
"get": {
"tags": [
"permission"
],
"description": "find auth by permission\n\u003cbr\u003e",
"operationId": "PermissionController.Get",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the permission you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} models.auth"
}
}
}
},
"/permission/{permission_id}/{role_id}/{relation}": {
"post": {
"tags": [
"permission"
],
"description": "bind the permission to role\n\u003cbr\u003e",
"operationId": "PermissionController.Bind",
"parameters": [
{
"in": "path",
"name": "role_id",
"description": "The role_id you want to bind",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "method",
"description": "The method you want to relate role \u0026 permission",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "permission_id",
"description": "The permission_id you want to bind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} bind success!"
}
}
},
"delete": {
"tags": [
"permission"
],
"description": "unbind the permission to role\n\u003cbr\u003e",
"operationId": "PermissionController.UnBind",
"parameters": [
{
"in": "path",
"name": "role_id",
"description": "The role_id you want to unbind",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "relation",
"description": "The method you want to unrelate role \u0026 permission",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "permission_id",
"description": "The permission_id you want to unbind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} bind success!"
}
}
}
},
"/refresh": {
"post": {
"tags": [
"oc-auth/controllersOAuthController"
],
"description": "Exchange a refresh_token for a new token set\n\u003cbr\u003e",
"operationId": "OAuthController.Refresh",
"parameters": [
{
"in": "body",
"name": "body",
"description": "refresh_token and client_id",
"required": true,
"schema": {
"$ref": "#/definitions/object"
}
}
],
"responses": {
"200": {
"description": "",
"schema": {
"$ref": "#/definitions/auth_connectors.TokenResponse"
}
},
"401": {
"description": "invalid refresh token"
}
}
}
},
"/role/": {
"get": {
"tags": [
"role"
],
"description": "find roles\n\u003cbr\u003e",
"operationId": "RoleController.GetAll",
"responses": {
"200": {
"description": "{role} string"
}
}
}
},
"/role/clear": {
"delete": {
"tags": [
"role"
],
"description": "clear the role\n\u003cbr\u003e",
"operationId": "RoleController.Clear",
"responses": {
"200": {
"description": "{string} delete success!"
}
}
}
},
"/role/user/{id}": {
"get": {
"tags": [
"role"
],
"description": "find role by user id\n\u003cbr\u003e",
"operationId": "RoleController.GetByUser",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} string"
}
}
}
},
"/role/{id}": {
"get": {
"tags": [
"role"
],
"description": "find role by id\n\u003cbr\u003e",
"operationId": "RoleController.Get",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{role} string"
}
}
},
"post": {
"tags": [
"role"
],
"description": "create role\n\u003cbr\u003e",
"operationId": "RoleController.Create",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} create success!"
}
}
},
"delete": {
"tags": [
"role"
],
"description": "delete the role\n\u003cbr\u003e",
"operationId": "RoleController.Delete",
"parameters": [
{
"in": "path",
"name": "id",
"description": "The id you want to delete",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} delete success!"
}
}
}
},
"/role/{user_id}/{role_id}": {
"post": {
"tags": [
"role"
],
"description": "bind the role to user\n\u003cbr\u003e",
"operationId": "RoleController.Bind",
"parameters": [
{
"in": "path",
"name": "user_id",
"description": "The user_id you want to bind",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "role_id",
"description": "The role_id you want to bind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} bind success!"
}
}
},
"delete": {
"tags": [
"role"
],
"description": "unbind the role to user\n\u003cbr\u003e",
"operationId": "RoleController.UnBind",
"parameters": [
{
"in": "path",
"name": "role_id",
"description": "The role_id you want to unbind",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "user_id",
"description": "The user_id you want to unbind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} bind success!"
}
}
}
},
"/version/": {
"get": {
"tags": [
"version"
],
"description": "get version\n\u003cbr\u003e",
"operationId": "VersionController.GetAll",
"responses": {
"200": {
"description": ""
}
}
}
},
"/version/discovery": {
"get": {
"tags": [
"version"
],
"description": "get version\n\u003cbr\u003e",
"operationId": "VersionController.Get",
"responses": {
"200": {
"description": ""
}
}
}
}
},
"definitions": {
"2111.0xc0004ce750.false": {
"title": "false",
"type": "object"
},
"3850.0xc0004ce930.false": {
"title": "false",
"type": "object"
},
"auth_connectors.IntrospectResult": {
"title": "IntrospectResult",
"type": "object",
"properties": {
"active": {
"type": "boolean"
},
"client_id": {
"type": "string"
},
"exp": {
"type": "integer",
"format": "int64"
},
"ext": {
"$ref": "#/definitions/3850.0xc0004ce930.false"
},
"scope": {
"type": "string"
},
"sub": {
"type": "string"
},
"token_type": {
"type": "string"
}
}
},
"auth_connectors.LoginChallenge": {
"title": "LoginChallenge",
"type": "object",
"properties": {
"challenge": {
"type": "string"
},
"client": {
"$ref": "#/definitions/2111.0xc0004ce750.false"
},
"request_url": {
"type": "string"
},
"session_id": {
"type": "string"
},
"skip": {
"type": "boolean"
},
"subject": {
"type": "string"
}
}
},
"auth_connectors.LoginRequest": {
"title": "LoginRequest",
"type": "object",
"properties": {
"login_challenge": {
"type": "string"
},
"password": {
"type": "string"
},
"username": {
"type": "string"
}
}
},
"auth_connectors.Redirect": {
"title": "Redirect",
"type": "object",
"properties": {
"redirect_to": {
"type": "string"
}
}
},
"auth_connectors.Token": {
"title": "Token",
"type": "object",
"properties": {
"access_token": {
"type": "string"
},
"active": {
"type": "boolean"
},
"expires_in": {
"type": "integer",
"format": "int64"
},
"id_token": {
"type": "string"
},
"refresh_token": {
"type": "string"
},
"scope": {
"type": "string"
},
"token_type": {
"type": "string"
}
}
},
"auth_connectors.TokenResponse": {
"title": "TokenResponse",
"type": "object",
"properties": {
"access_token": {
"type": "string"
},
"expires_in": {
"type": "integer",
"format": "int64"
},
"id_token": {
"type": "string"
},
"refresh_token": {
"type": "string"
},
"scope": {
"type": "string"
},
"token_type": {
"type": "string"
}
}
},
"object": {
"title": "object",
"type": "object"
}
},
"tags": [
{
"name": "oc-auth/controllersOAuthController",
"description": "OAuthController handles OAuth2 login/consent provider endpoints\n"
},
{
"name": "group",
"description": "Operations about auth\n"
},
{
"name": "role",
"description": "Operations about auth\n"
},
{
"name": "permission",
"description": "Operations about auth\n"
},
{
"name": "version",
"description": "VersionController operations for Version\n"
}
]
}
Reference in New Issue View Git Blame Copy Permalink