opensource/supermq
1
0
Fork 0
mirror of https://github.com/absmach/supermq.git synced 2026-06-23 06:30:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
658003080e4af5d869928fe522aab09c4e289570
supermq/api/openapi/auth.yml
T
Dušan Borovčanin 658003080e NOISSUE - Update Docker and Compose versions (#2159) 
Signed-off-by: Dusan Borovcanin <borovcanindusan1@gmail.com>
2024-04-10 12:02:36 +02:00

888 lines
26 KiB
YAML
Raw Blame History

# Copyright (c) Abstract Machines
# SPDX-License-Identifier: Apache-2.0
openapi: 3.0.3
info:
title: Magistrala Auth Service
description: |
This is the Auth Server based on the OpenAPI 3.0 specification. It is the HTTP API for managing platform users. You can now help us improve the API whether it's by making changes to the definition itself or to the code.
Some useful links:
- [The Magistrala repository](https://github.com/absmach/magistrala)
contact:
email: info@abstractmachines.fr
license:
name: Apache 2.0
url: https://github.com/absmach/magistrala/blob/main/LICENSE
version: 0.14.0
servers:
- url: http://localhost:8189
- url: https://localhost:8189
tags:
- name: Auth
description: Everything about your Authentication and Authorization.
externalDocs:
description: Find out more about auth
url: https://docs.magistrala.abstractmachines.fr/
- name: Keys
description: Everything about your Keys.
externalDocs:
description: Find out more about keys
url: https://docs.magistrala.abstractmachines.fr/
paths:
/domains:
post:
tags:
- Domains
summary: Adds new domain
description: |
Adds new domain.
requestBody:
$ref: "#/components/requestBodies/DomainCreateReq"
responses:
"201":
$ref: "#/components/responses/DomainCreateRes"
"400":
description: Failed due to malformed JSON.
"401":
description: Missing or invalid access token provided.
"409":
description: Failed due to using an existing alias.
"415":
description: Missing or invalid content type.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
get:
summary: Retrieves list of domains.
description: |
Retrieves list of domains that the user have access.
parameters:
- $ref: "#/components/parameters/Limit"
- $ref: "#/components/parameters/Offset"
- $ref: "#/components/parameters/Metadata"
- $ref: "#/components/parameters/Status"
- $ref: "#/components/parameters/DomainName"
- $ref: "#/components/parameters/Permission"
tags:
- Domains
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainsPageRes"
"401":
description: Missing or invalid access token provided.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}:
get:
summary: Retrieves domain information
description: |
Retrieves a specific domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainRes"
"401":
description: Missing or invalid access token provided.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
patch:
summary: Updates name, metadata, tags and alias of the domain.
description: |
Updates name, metadata, tags and alias of the domain.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
requestBody:
$ref: "#/components/requestBodies/DomainUpdateReq"
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainRes"
"400":
description: Failed due to malformed JSON.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access to domain id.
"404":
description: Failed due to non existing domain.
"415":
description: Missing or invalid content type.
"500":
$ref: "#/components/responses/ServiceError"
delete:
summary: Delete domain for a domain with the given id.
description: |
Delete domain removes a domain with the given id from repo
and removes all the things, channels, assigned users, policies related to this domain.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"204":
description: Domain deleted.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access to domain id.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/permissions:
get:
summary: Retrieves user permissions on domain.
description: |
Retrieves user permissions on domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
$ref: "#/components/responses/DomainPermissionRes"
"401":
description: Missing or invalid access token provided.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/enable:
post:
summary: Enables a domain
description: |
Enables a specific domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
description: Successfully enabled domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/disable:
post:
summary: Disable a domain
description: |
Disable a specific domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
description: Successfully disabled domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/freeze:
post:
summary: Freeze a domain
description: |
Freeze a specific domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
security:
- bearerAuth: []
responses:
"200":
description: Successfully freezed domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/users/assign:
post:
summary: Assign users to domain
description: |
Assign users to domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
requestBody:
$ref: "#/components/requestBodies/AssignUserReq"
security:
- bearerAuth: []
responses:
"200":
description: Users successfully assigned to domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"409":
description: Conflict of data.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/domains/{domainID}/users/unassign:
post:
summary: Unassign users from domain
description: |
Unassign users from domain that is identified by the domain ID.
tags:
- Domains
parameters:
- $ref: "#/components/parameters/DomainID"
requestBody:
$ref: "#/components/requestBodies/UnassignUsersReq"
security:
- bearerAuth: []
responses:
"200":
description: Users successfully unassigned from domain.
"400":
description: Failed due to malformed domain's ID.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access the domain ID.
"404":
description: A non-existent entity request.
"409":
description: Conflict of data.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/keys:
post:
tags:
- Keys
summary: Issue API key
description: |
Generates a new API key. Thew new API key will
be uniquely identified by its ID.
requestBody:
$ref: "#/components/requestBodies/KeyRequest"
responses:
"201":
description: Issued new key.
"400":
description: Failed due to malformed JSON.
"409":
description: Failed due to using already existing ID.
"415":
description: Missing or invalid content type.
"500":
$ref: "#/components/responses/ServiceError"
/keys/{keyID}:
get:
summary: Gets API key details.
description: |
Gets API key details for the given key.
tags:
- Keys
parameters:
- $ref: "#/components/parameters/ApiKeyId"
responses:
"200":
$ref: "#/components/responses/KeyRes"
"400":
description: Failed due to malformed query parameters.
"401":
description: Missing or invalid access token provided.
"500":
$ref: "#/components/responses/ServiceError"
delete:
summary: Revoke API key
description: |
Revoke API key identified by the given ID.
tags:
- Keys
parameters:
- $ref: "#/components/parameters/ApiKeyId"
responses:
"204":
description: Key revoked.
"401":
description: Missing or invalid access token provided.
"500":
$ref: "#/components/responses/ServiceError"
/policies:
post:
summary: Creates new policies.
description: |
Creates new policies. Only admin can use this endpoint. Therefore, you need an authentication token for the admin.
Also, only policies defined on the system are allowed to add. For more details, please see the docs for Authorization.
tags:
- Auth
requestBody:
$ref: "#/components/requestBodies/PoliciesReq"
responses:
"201":
description: Policies created.
"400":
description: Failed due to malformed JSON.
"401":
description: Missing or invalid access token provided.
"403":
description: Unauthorized access token provided.
"409":
description: Failed due to using an existing email address.
"415":
description: Missing or invalid content type.
"500":
$ref: "#/components/responses/ServiceError"
/policies/delete:
post:
summary: Deletes policies.
description: |
Deletes policies. Only admin can use this endpoint. Therefore, you need an authentication token for the admin.
Also, only policies defined on the system are allowed to delete. For more details, please see the docs for Authorization.
tags:
- Auth
requestBody:
$ref: "#/components/requestBodies/PoliciesReq"
responses:
"204":
description: Policies deleted.
"400":
description: Failed due to malformed JSON.
"409":
description: Failed due to using an existing email address.
"415":
description: Missing or invalid content type.
"500":
$ref: "#/components/responses/ServiceError"
/users/{memberID}/domains:
get:
tags:
- Domains
summary: List users in a group
description: |
Retrieves a list of users in a domain. Due to performance concerns, data
is retrieved in subsets. The API must ensure that the entire
dataset is consumed either by making subsequent requests, or by
increasing the subset size of the initial request.
parameters:
- $ref: "users.yml#/components/parameters/MemberID"
- $ref: "#/components/parameters/Limit"
- $ref: "#/components/parameters/Offset"
- $ref: "#/components/parameters/Metadata"
- $ref: "#/components/parameters/Status"
security:
- bearerAuth: []
responses:
"200":
$ref: "users.yml#/components/responses/UserPageRes"
"400":
description: Failed due to malformed query parameters.
"401":
description: |
Missing or invalid access token provided.
This endpoint is available only for administrators.
"404":
description: A non-existent entity request.
"422":
description: Database can't process request.
"500":
$ref: "#/components/responses/ServiceError"
/health:
get:
summary: Retrieves service health check info.
tags:
- health
responses:
"200":
$ref: "#/components/responses/HealthRes"
"500":
$ref: "#/components/responses/ServiceError"
components:
schemas:
DomainReqObj:
type: object
properties:
name:
type: string
example: domainName
description: Domain name.
tags:
type: array
minItems: 0
items:
type: string
example: ["tag1", "tag2"]
description: domain tags.
metadata:
type: object
example: { "domain": "example.com" }
description: Arbitrary, object-encoded domain's data.
alias:
type: string
example: domain alias
description: Domain alias.
required:
- name
- alias
Domain:
type: object
properties:
id:
type: string
format: uuid
example: bb7edb32-2eac-4aad-aebe-ed96fe073879
description: Domain unique identifier.
name:
type: string
example: domainName
description: Domain name.
tags:
type: array
minItems: 0
items:
type: string
example: ["tag1", "tag2"]
description: domain tags.
metadata:
type: object
example: { "domain": "example.com" }
description: Arbitrary, object-encoded domain's data.
alias:
type: string
example: domain alias
description: Domain alias.
status:
type: string
description: Domain Status
format: string
example: enabled
created_by:
type: string
format: uuid
example: "0d837f56-3f8a-4e2a-9359-6347d0fc9f06 "
description: User ID of the user who created the domain.
created_at:
type: string
format: date-time
example: "2019-11-26 13:31:52"
description: Time when the domain was created.
updated_by:
type: string
format: uuid
example: "80f66b77-ed74-4e74-9f88-6cce9a0a3049"
description: User ID of the user who last updated the domain.
updated_at:
type: string
format: date-time
example: "2019-11-26 13:31:52"
description: Time when the domain was last updated.
xml:
name: domain
DomainsPage:
type: object
properties:
domains:
type: array
minItems: 0
uniqueItems: true
items:
$ref: "#/components/schemas/Domain"
total:
type: integer
example: 1
description: Total number of items.
offset:
type: integer
description: Number of items to skip during retrieval.
limit:
type: integer
example: 10
description: Maximum number of items to return in one page.
required:
- domain
- total
- offset
DomainUpdate:
type: object
properties:
name:
type: string
example: domainName
description: Domain name.
tags:
type: array
minItems: 0
items:
type: string
example: ["tag1", "tag2"]
description: domain tags.
metadata:
type: object
example: { "domain": "example.com" }
description: Arbitrary, object-encoded thing's data.
alias:
type: string
example: domain alias
description: Domain alias.
Permissions:
type: object
properties:
permissions:
type: array
minItems: 0
items:
type: string
description: Permissions
UserDomainRelationReq:
type: object
properties:
users_ids:
type: array
minItems: 1
items:
type: string
description: Users IDs
example:
[
"5dc1ce4b-7cc9-4f12-98a6-9d74cc4980bb",
"c01ed106-e52d-4aa4-bed3-39f360177cfa",
]
relation:
type: string
enum: ["administrator", "editor","viewer","member"]
example: "administrator"
description: Policy relations.
required:
- users_ids
- relation
Key:
type: object
properties:
id:
type: string
format: uuid
example: "c5747f2f-2a7c-4fe1-b41a-51a5ae290945"
description: API key unique identifier
issuer_id:
type: string
format: uuid
example: "9118de62-c680-46b7-ad0a-21748a52833a"
description: In ID of the entity that issued the token.
type:
type: integer
example: 0
description: API key type. Keys of different type are processed differently.
subject:
type: string
format: string
example: "test@example.com"
description: User's email or service identifier of API key subject.
issued_at:
type: string
format: date-time
example: "2019-11-26 13:31:52"
description: Time when the key is generated.
expires_at:
type: string
format: date-time
example: "2019-11-26 13:31:52"
description: Time when the Key expires. If this field is missing,
that means that Key is valid indefinitely.
PoliciesReqSchema:
type: object
properties:
object:
type: string
description: |
Specifies an object field for the field.
Object indicates application objects such as ThingID.
subjects:
type: array
minItems: 1
uniqueItems: true
items:
type: string
policies:
type: array
minItems: 1
uniqueItems: true
items:
type: string
parameters:
DomainID:
name: domainID
description: Unique domain identifier.
in: path
schema:
type: string
format: uuid
required: true
example: bb7edb32-2eac-4aad-aebe-ed96fe073879
Status:
name: status
description: Domain status.
in: query
schema:
type: string
default: enabled
required: false
example: enabled
DomainName:
name: name
description: Domain's name.
in: query
schema:
type: string
required: false
example: "domainName"
Permission:
name: permission
description: permission.
in: query
schema:
type: string
required: false
example: "edit"
ApiKeyId:
name: keyID
description: API Key ID.
in: path
schema:
type: string
format: uuid
required: true
Limit:
name: limit
description: Size of the subset to retrieve.
in: query
schema:
type: integer
default: 10
maximum: 100
minimum: 1
required: false
Offset:
name: offset
description: Number of items to skip during retrieval.
in: query
schema:
type: integer
default: 0
minimum: 0
required: false
Metadata:
name: metadata
description: Metadata filter. Filtering is performed matching the parameter with metadata on top level. Parameter is json.
in: query
required: false
schema:
type: object
additionalProperties: {}
Type:
name: type
description: The type of the API Key.
in: query
schema:
type: integer
default: 0
minimum: 0
required: false
Subject:
name: subject
description: The subject of an API Key
in: query
schema:
type: string
required: false
requestBodies:
DomainCreateReq:
description: JSON-formatted document describing the new domain to be registered
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/DomainReqObj"
DomainUpdateReq:
description: JSON-formated document describing the name, alias, tags, and metadata of the domain to be updated
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/DomainUpdate"
AssignUserReq:
description: JSON-formated document describing the policy related to assigning users to a domain
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/UserDomainRelationReq"
UnassignUsersReq:
description: JSON-formated document describing the policy related to unassigning users to a domain
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/UserDomainRelationReq"
KeyRequest:
description: JSON-formatted document describing key request.
required: true
content:
application/json:
schema:
type: object
properties:
type:
type: integer
example: 0
description: API key type. Keys of different type are processed differently.
duration:
type: number
format: integer
example: 23456
description: Number of seconds issued token is valid for.
PoliciesReq:
description: JSON-formatted document describing adding policies request.
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/PoliciesReqSchema"
responses:
ServiceError:
description: Unexpected server-side error occurred.
DomainCreateRes:
description: Create new domain.
headers:
Location:
schema:
type: string
format: url
description: Registered domain relative URL in the format `/domains/<domainID_id>`
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
DomainRes:
description: Data retrieved.
content:
application/json:
schema:
$ref: "#/components/schemas/Domain"
DomainPermissionRes:
description: Data retrieved.
content:
application/json:
schema:
$ref: "#/components/schemas/Permissions"
DomainsPageRes:
description: Data retrieved.
content:
application/json:
schema:
$ref: "#/components/schemas/DomainsPage"
KeyRes:
description: Data retrieved.
content:
application/json:
schema:
$ref: "#/components/schemas/Key"
HealthRes:
description: Service Health Check.
content:
application/json:
schema:
$ref: "./schemas/HealthInfo.yml"
securitySchemes:
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
description: |
* Users access: "Authorization: Bearer <user_token>"
security:
- bearerAuth: []
Reference in New Issue View Git Blame Copy Permalink