From 6f4edbf7cc347e723a8906602a89b001f3be70cd Mon Sep 17 00:00:00 2001 From: Eric Poirier <eric.poirier@eclipse-foundation.org> Date: Fri, 15 Nov 2019 14:06:23 -0500 Subject: [PATCH] Update the SecuritySchemes info Change-Id: I445fcc2c9ba7aa6210395ff1a6df91e40821cd38 Signed-off-by: Eric Poirier <eric.poirier@eclipse-foundation.org> --- spec/openapi.yaml | 92 +++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 86 insertions(+), 6 deletions(-) diff --git a/spec/openapi.yaml b/spec/openapi.yaml index ffa6a8e..66f78ee 100644 --- a/spec/openapi.yaml +++ b/spec/openapi.yaml @@ -1,7 +1,50 @@ openapi: 3.0.0 info: title: Eclipse RESTful API - description: "This describes the resources that make up the official Eclipse Foundation REST API.\n\nYou can contribute to this document via our [git repository](https://github.com/chrisguindon/api.eclipse.org-docs).\n\nIf you have any problems or requests please contact [Christopher Guindon](mailto:chris.guindon@eclipse-foundation.org).\n\n### Other related REST APIs\n\nAlthought they are not directly related to this API, the Eclipse forge proposes several other access points and APIs for specific tools and purposes. Please see the following resources for more details:\n\n+ [Eclipse Bugzilla](https://bugs.eclipse.org/bugs) **([Documentation](https://wiki.mozilla.org/Bugzilla:REST_API))**\n\n+ [Eclipse Gerrit](https://git.eclipse.org/r/) **([Documentation](https://gerrit-review.googlesource.com/Documentation/rest-api.html))**\n\n+ [Eclipse Jenkins](https://ci.eclipse.org/) **([Documentation](https://wiki.jenkins.io/display/JENKINS/Remote+access+API))**\n\n+ [Eclipse Marketplace](http://marketplace.eclipse.org/) **([Documentation](https://wiki.eclipse.org/Marketplace/REST))**\n\n+ [Eclipse Project Management Infrastructure (PMI)](https://wiki.eclipse.org/Project_Management_Infrastructure) **([Documentation](https://wiki.eclipse.org/Project_Management_Infrastructure#Web_APIs))**\n\n### Rate Limit\n\nThis API currently limits users to 1000 authenticated requests and 1000 anonymous requests an hour.\n\n### Pagination\n\nInformation about pagination is provided in the Link header of an API call. For example, let’s make \na curl request to the eclipse_profile API, to find out how many org_eclipse_oomph records exist for the user:\n\n```curl -I \"https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=1&pagesize=2\"```\n\nThe -I parameter indicates that we only care about the headers, not the content. \nIn examining the result, you’ll notice some information in the Link header that looks like this:\n\n```\n<https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=2&pagesize=2>; rel=\"next\", <https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=27&pagesize=2>; rel=\"last\", <https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=1&pagesize=2>; rel=\"first\", <https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=1&pagesize=2>; rel=\"self\"\n```\n\nLet’s break that down. rel=\"next\" says that the next page is page=2. This makes sense, since by default, \nall paginated queries start at page 1. rel=\"last\" provides some more information, stating that the last page of results is on page 27.\n\nKeep in mind that you should always rely on these link relations provided to you. Don’t try to guess or construct your own URL.\n\n### Caching\n\nMost responses return an ETag header. You can use the values of these headers to make subsequent \nrequests to those resources using the If-None-Match or if-Match header. For example, if the resource \nhas not changed on a GET, the server will return a 304 Not Modified.\n\nThe Etag for a blob resource is predictable. This is how we are currently generating them:\n\n```\nfunction _generate_etag($value, $application_token, $key) {\n $string = $value . $application_token . $key;\n return hash('sha256', $string, FALSE);\n}\n```\n\n### Authentication\n\n*Eclipse Api RESTful API* uses OAuth2 Authorization for protected resources.\n\n### Error States\n\nThe common [HTTP Response Status Codes](https://github.com/for-GET/know-your-http-well/blob/master/status-codes.md) \nare used." + description: | + This describes the resources that make up the official Eclipse Foundation REST API. + You can contribute to this document via our [git repository](https://github.com/chrisguindon/api.eclipse.org-docs). + If you have any problems or requests please contact [Christopher Guindon](mailto:chris.guindon@eclipse-foundation.org). + ### Other related REST APIs + Althought they are not directly related to this API, the Eclipse forge proposes several other access points and APIs for specific tools and purposes. Please see the following resources for more details: + - [Eclipse Bugzilla](https://bugs.eclipse.org/bugs) **([Documentation](https://wiki.mozilla.org/Bugzilla:REST_API))** + - [Eclipse Gerrit](https://git.eclipse.org/r/) **([Documentation](https://gerrit-review.googlesource.com/Documentation/rest-api.html))** + - [Eclipse Jenkins](https://ci.eclipse.org/) **([Documentation](https://wiki.jenkins.io/display/JENKINS/Remote+access+API))** + - [Eclipse Marketplace](http://marketplace.eclipse.org/) **([Documentation](https://wiki.eclipse.org/Marketplace/REST))** + - [Eclipse Project Management Infrastructure (PMI)](https://wiki.eclipse.org/Project_Management_Infrastructure) **([Documentation](https://wiki.eclipse.org/Project_Management_Infrastructure#Web_APIs))** + + ### Rate Limit + This API currently limits users to 1000 authenticated requests and 1000 anonymous requests an hour. + ### Pagination + Information about pagination is provided in the Link header of an API call. For example, let’s make a curl request to the eclipse_profile API, to find out how many org_eclipse_oomph records exist for the user: + ``` + curl -I \"https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=1&pagesize=2\" + ``` + The -I parameter indicates that we only care about the headers, not the content. In examining the result, you’ll notice some information in the Link header that looks like this: + ``` + <https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=2&pagesize=2>; rel="next", + <https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=27&pagesize=2>; rel="last", + <https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=1&pagesize=2>; rel="first", + <https://api.eclipse.org/api/blob/KJBNCEW08231nkJKCEW32898239?page=1&pagesize=2>; rel="self" + ``` + Let’s break that down. rel=\"next\" says that the next page is page=2. This makes sense, since by default, all paginated queries start at page 1. rel=\"last\" provides some more information, stating that the last page of results is on page 27. + Keep in mind that you should always rely on these link relations provided to you. Don’t try to guess or construct your own URL. + ### Caching + Most responses return an ETag header. You can use the values of these headers to make subsequent requests to those resources using the If-None-Match or if-Match header. For example, if the resource has not changed on a GET, the server will return a 304 Not Modified. + The Etag for a blob resource is predictable. This is how we are currently generating them: + ``` + function _generate_etag($value, $application_token, $key) { + $string = $value . $application_token . $key; + return hash('sha256', $string, FALSE); + } + ``` + + ### Error States + The common [HTTP Response Status Codes](https://github.com/for-GET/know-your-http-well/blob/master/status-codes.md) are used. + + # Authentication + Eclipse Api RESTful API uses OAuth2 Authorization for protected resources. + contact: {} version: '1.0' servers: @@ -489,6 +532,9 @@ paths: schema: type: string example: application/json + security: + - oauth2: + - 'read' responses: 200: description: '' @@ -606,6 +652,9 @@ paths: schema: type: string example: Wed, 21 Oct 2015 07:28:00 GMT + security: + - oauth2: + - 'read' responses: 200: description: '' @@ -703,6 +752,9 @@ paths: schema: type: string example: application/json + security: + - oauth2: + - 'write' responses: 204: description: '' @@ -769,6 +821,9 @@ paths: schema: type: string example: application/json + security: + - oauth2: + - 'write' responses: 200: description: '' @@ -2226,6 +2281,9 @@ paths: schema: type: integer format: int32 + security: + - oauth2: + - 'read' responses: 200: description: '' @@ -2308,6 +2366,9 @@ paths: schema: type: integer format: int32 + security: + - oauth2: + - 'read' responses: 200: description: '' @@ -2407,6 +2468,9 @@ paths: schema: type: string example: application/json + security: + - oauth2: + - 'write' responses: 200: description: '' @@ -2484,6 +2548,9 @@ paths: schema: type: string example: application/json + security: + - oauth2: + - 'write' responses: 200: description: '' @@ -2513,6 +2580,9 @@ paths: schema: type: integer format: int32 + security: + - oauth2: + - 'read' responses: 200: description: '' @@ -2618,6 +2688,9 @@ paths: example: list_name: New list name required: true + security: + - oauth2: + - 'write' responses: 204: description: '' @@ -10806,11 +10879,18 @@ components: url: https://accounts.eclipse.org/mailing-list/dash-dev email: dash-dev@eclipse.org securitySchemes: - httpBearer: - type: http - scheme: bearer -security: -- httpBearer: [] + oauth2: + description: | + Get access to data while protecting your account credentials. + OAuth2 is also a safer and more secure way to give you access. + type: oauth2 + flows: + authorizationCode: + authorizationUrl: 'https://accounts.php55.dev.docker/oauth2/authorize' + tokenUrl: 'https://accounts.php55.dev.docker/oauth2/token' + scopes: + 'write': Grants write access + 'read': Grants read access tags: - name: User Profiles description: "User information is available trought this resource. Some private information, \nis included when authenticated through OAuth with the `profile` scope." -- GitLab