-
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathopenapi.yaml
291 lines (286 loc) · 8.57 KB
/
openapi.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
openapi: 3.0.3
info:
title: Guest-Portal API
description: Guest-Portal API
version: 2.0.0
servers:
- url: 'http://localhost:3000'
paths:
/api/code:
post:
summary: Use a voucher code
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
code:
type: string
description: Voucher code in the format "XXXX-XXXX"
pattern: '^\d{4}-\d{4}$'
ap:
type: string
description: WAP MAC-address
pattern: '^([0-9a-f]{2}[:-]){5}([0-9a-f]{2})$'
id:
type: string
pattern: '^([0-9a-f]{2}[:-]){5}([0-9a-f]{2})$'
description: Device MAC-address
t:
type: integer
format: int64
description: UNIX timestamp when the client connected to the WLAN
responses:
'204':
description: Voucher code is accepted and the client is authorized
'403':
description: Voucher code can't be found in the database
content:
text/plain:
schema:
type: string
example: Invalid voucher code.
'422':
description: "One or more of the required arguments are missing or invalid."
content:
text/plain:
schema:
type: string
examples:
invalid_code:
value: Voucher code missing or invalid.
invalid_ap:
value: Access Point missing or invalid.
invalid_id:
value: MAC-address missing or invalid.
invalid_interval:
value: Invalid time interval. Rejoin network.
'500':
description: Unexpected response from the UniFi controller
content:
text/plain:
schema:
type: string
example: Unexpected error from UniFi controller.
put:
summary: Create a new voucher code
security:
- sessionAuth: [ ]
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
hours:
type: integer
minimum: 0
description: Number of hours until voucher expiration (optional)
data:
type: object
description: Additional data associated with the voucher (optional)
responses:
'200':
description: Successful update
content:
text/plain:
schema:
type: string
example: "1234-5678"
'401':
description: Unauthorized
'500':
description: Internal Server Error
/api/code/{voucher}:
delete:
summary: Delete voucher code
description: |
This endpoint deletes a voucher code from the system.
It requires session authentication with a valid session cookie named "authorization".
parameters:
- in: path
name: voucher
required: true
schema:
type: string
description: The voucher code to delete
security:
- sessionAuth: [ ] # Reference the security scheme
responses:
'204':
description: Voucher code deleted successfully
'400':
description: Invalid voucher code provided
'401':
description: Unauthorized - Session authentication required
'500':
description: Internal Server Error
/api/admin/{username}/register:
put:
summary: Create a new admin user
parameters:
- in: path
name: username
required: true
schema:
type: string
description: The username of the new account
security:
- sessionAuth: [ ]
responses:
'200':
description: User created
content:
text/plain:
schema:
type: string
format: uuid
'401':
description: Unauthorized
post:
summary: Populate user record with user data
parameters:
- in: path
name: username
required: true
schema:
type: string
description: The username of the new account
- in: cookie
name: challenge
required: true
description: WebAuthn challenge token, set by GET request to /register
schema:
type: string
format: uuid
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
username:
type: string
code:
type: string
format: uuid
description: UUID token received from /api/admin/{username}/register PUT request
credential:
description: WebAuthn credentials
type: object
properties:
id:
type: string
format: byte
example: "3924HhJdJMy_svnUowT8eoXrOOO6NLP8SK85q2RPxdU"
pubkey:
type: string
format: byte
example: "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgyYqQmUAmDn9J7dR5xl-HlyAA0R2XV5sgQRnSGXbLt_xCrEdD1IVvvkyTmRD16y9p3C2O4PTZ0OF_ZYD2JgTVA=="
algorithm:
type: string
example: "ES256"
authenticatorData:
description: Information about the Webauthn device
type: string
format: byte
clientData:
type: string
format: byte
responses:
'200':
description: Successfully registered
headers:
Set-Cookie:
schema:
type: string
example: authorization=abcde12345; Path=/; HttpOnly
'403':
description: Invalid user creation token
content:
text/plain:
schema:
type: string
example: "Invalid code."
/api/admin/{username}:
post:
summary: Authenticate as adminstrator
parameters:
- in: path
name: username
required: true
schema:
type: string
description: The username of the account
- in: cookie
name: challenge
required: true
description: WebAuthn challenge token, set by GET request to /login
schema:
type: string
format: uuid
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
username:
type: string
credentialId:
type: string
format: byte
authenticatorData:
description: Information about the Webauthn device
type: string
format: byte
clientData:
type: string
format: byte
signature:
type: string
format: byte
responses:
401:
description: Authentication failed
content:
text/plain:
schema:
type: string
example: 'Authentication failed'
200:
description: Authentication successful
headers:
Set-Cookie:
schema:
type: string
example: authorization=abcde12345; Path=/; HttpOnly
delete:
description: Delete an administrator
parameters:
- in: path
name: username
required: true
schema:
type: string
description: The username of the account
security:
- sessionAuth: [ ]
responses:
401:
description: Authentication failed
204:
description: User deleted successfully
security:
- sessionAuth: [ ]
components:
securitySchemes:
sessionAuth:
type: apiKey
in: cookie
name: authorization