git.squeep.com Git - akkoma/blob - lib/pleroma/web/api_spec/operations/app_operation.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.ApiSpec.AppOperation do
   6   alias OpenApiSpex.Operation
   7   alias OpenApiSpex.Schema
   8   alias Pleroma.Web.ApiSpec.Helpers
   9
  10   @spec open_api_operation(atom) :: Operation.t()
  11   def open_api_operation(action) do
  12     operation = String.to_existing_atom("#{action}_operation")
  13     apply(__MODULE__, operation, [])
  14   end
  15
  16   @spec create_operation() :: Operation.t()
  17   def create_operation do
  18     %Operation{
  19       tags: ["apps"],
  20       summary: "Create an application",
  21       description: "Create a new application to obtain OAuth2 credentials",
  22       operationId: "AppController.create",
  23       requestBody: Helpers.request_body("Parameters", create_request(), required: true),
  24       responses: %{
  25         200 => Operation.response("App", "application/json", create_response()),
  26         422 =>
  27           Operation.response(
  28             "Unprocessable Entity",
  29             "application/json",
  30             %Schema{
  31               type: :object,
  32               description:
  33                 "If a required parameter is missing or improperly formatted, the request will fail.",
  34               properties: %{
  35                 error: %Schema{type: :string}
  36               },
  37               example: %{
  38                 "error" => "Validation failed: Redirect URI must be an absolute URI."
  39               }
  40             }
  41           )
  42       }
  43     }
  44   end
  45
  46   def verify_credentials_operation do
  47     %Operation{
  48       tags: ["apps"],
  49       summary: "Verify your app works",
  50       description: "Confirm that the app's OAuth2 credentials work.",
  51       operationId: "AppController.verify_credentials",
  52       security: [
  53         %{
  54           "oAuth" => ["read"]
  55         }
  56       ],
  57       responses: %{
  58         200 =>
  59           Operation.response("App", "application/json", %Schema{
  60             type: :object,
  61             description:
  62               "If the Authorization header was provided with a valid token, you should see your app returned as an Application entity.",
  63             properties: %{
  64               name: %Schema{type: :string},
  65               vapid_key: %Schema{type: :string},
  66               website: %Schema{type: :string, nullable: true}
  67             },
  68             example: %{
  69               "name" => "My App",
  70               "vapid_key" =>
  71                 "BCk-QqERU0q-CfYZjcuB6lnyyOYfJ2AifKqfeGIm7Z-HiTU5T9eTG5GxVA0_OH5mMlI4UkkDTpaZwozy0TzdZ2M=",
  72               "website" => "https://myapp.com/"
  73             }
  74           }),
  75         422 =>
  76           Operation.response(
  77             "Unauthorized",
  78             "application/json",
  79             %Schema{
  80               type: :object,
  81               description:
  82                 "If the Authorization header contains an invalid token, is malformed, or is not present, an error will be returned indicating an authorization failure.",
  83               properties: %{
  84                 error: %Schema{type: :string}
  85               },
  86               example: %{
  87                 "error" => "The access token is invalid."
  88               }
  89             }
  90           )
  91       }
  92     }
  93   end
  94
  95   defp create_request do
  96     %Schema{
  97       title: "AppCreateRequest",
  98       description: "POST body for creating an app",
  99       type: :object,
 100       properties: %{
 101         client_name: %Schema{type: :string, description: "A name for your application."},
 102         redirect_uris: %Schema{
 103           type: :string,
 104           description:
 105             "Where the user should be redirected after authorization. To display the authorization code to the user instead of redirecting to a web page, use `urn:ietf:wg:oauth:2.0:oob` in this parameter."
 106         },
 107         scopes: %Schema{
 108           type: :string,
 109           description: "Space separated list of scopes",
 110           default: "read"
 111         },
 112         website: %Schema{type: :string, description: "A URL to the homepage of your app"}
 113       },
 114       required: [:client_name, :redirect_uris],
 115       example: %{
 116         "client_name" => "My App",
 117         "redirect_uris" => "https://myapp.com/auth/callback",
 118         "website" => "https://myapp.com/"
 119       }
 120     }
 121   end
 122
 123   defp create_response do
 124     %Schema{
 125       title: "AppCreateResponse",
 126       description: "Response schema for an app",
 127       type: :object,
 128       properties: %{
 129         id: %Schema{type: :string},
 130         name: %Schema{type: :string},
 131         client_id: %Schema{type: :string},
 132         client_secret: %Schema{type: :string},
 133         redirect_uri: %Schema{type: :string},
 134         vapid_key: %Schema{type: :string},
 135         website: %Schema{type: :string, nullable: true}
 136       },
 137       example: %{
 138         "id" => "123",
 139         "name" => "My App",
 140         "client_id" => "TWhM-tNSuncnqN7DBJmoyeLnk6K3iJJ71KKXxgL1hPM",
 141         "client_secret" => "ZEaFUFmF0umgBX1qKJDjaU99Q31lDkOU8NutzTOoliw",
 142         "vapid_key" =>
 143           "BCk-QqERU0q-CfYZjcuB6lnyyOYfJ2AifKqfeGIm7Z-HiTU5T9eTG5GxVA0_OH5mMlI4UkkDTpaZwozy0TzdZ2M=",
 144         "website" => "https://myapp.com/"
 145       }
 146     }
 147   end
 148 end