diff options
author | provokateurin <kate@provokateurin.de> | 2024-07-25 17:52:47 +0200 |
---|---|---|
committer | provokateurin <kate@provokateurin.de> | 2024-07-25 18:04:46 +0200 |
commit | 90e108e54852d65c7ca92ad70c5874236ccf3136 (patch) | |
tree | 5eab0c243c7187ae0bcea9541ec21e9dec412fef | |
parent | d5bb37ab0d872fb4bdb1ec61809c575a46341a25 (diff) | |
download | nextcloud-server-90e108e54852d65c7ca92ad70c5874236ccf3136.tar.gz nextcloud-server-90e108e54852d65c7ca92ad70c5874236ccf3136.zip |
fix(core): Document CSRF token endpoint
Signed-off-by: provokateurin <kate@provokateurin.de>
-rw-r--r-- | core/Controller/CSRFTokenController.php | 9 | ||||
-rw-r--r-- | core/openapi-full.json | 46 | ||||
-rw-r--r-- | core/openapi.json | 46 |
3 files changed, 99 insertions, 2 deletions
diff --git a/core/Controller/CSRFTokenController.php b/core/Controller/CSRFTokenController.php index 9a87fe51c47..c4e7b81279f 100644 --- a/core/Controller/CSRFTokenController.php +++ b/core/Controller/CSRFTokenController.php @@ -12,11 +12,9 @@ use OC\Security\CSRF\CsrfTokenManager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\FrontpageRoute; -use OCP\AppFramework\Http\Attribute\OpenAPI; use OCP\AppFramework\Http\JSONResponse; use OCP\IRequest; -#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] class CSRFTokenController extends Controller { public function __construct( string $appName, @@ -27,9 +25,16 @@ class CSRFTokenController extends Controller { } /** + * Returns a new CSRF token. + * * @NoAdminRequired * @NoCSRFRequired * @PublicPage + * + * @return JSONResponse<Http::STATUS_OK, array{token: string}, array{}>|JSONResponse<Http::STATUS_FORBIDDEN, array<empty>, array{}> + * + * 200: CSRF token returned + * 403: Strict cookie check failed */ #[FrontpageRoute(verb: 'GET', url: '/csrftoken')] public function index(): JSONResponse { diff --git a/core/openapi-full.json b/core/openapi-full.json index e52b62d6fa6..dbeb48dbe35 100644 --- a/core/openapi-full.json +++ b/core/openapi-full.json @@ -7731,6 +7731,52 @@ } } }, + "/index.php/csrftoken": { + "get": { + "operationId": "csrf_token-index", + "summary": "Returns a new CSRF token.", + "tags": [ + "csrf_token" + ], + "security": [ + {}, + { + "bearer_auth": [] + }, + { + "basic_auth": [] + } + ], + "responses": { + "200": { + "description": "CSRF token returned", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "token" + ], + "properties": { + "token": { + "type": "string" + } + } + } + } + } + }, + "403": { + "description": "Strict cookie check failed", + "content": { + "application/json": { + "schema": {} + } + } + } + } + } + }, "/index.php/login/v2/poll": { "post": { "operationId": "client_flow_login_v2-poll", diff --git a/core/openapi.json b/core/openapi.json index d597796f94e..abe21707db3 100644 --- a/core/openapi.json +++ b/core/openapi.json @@ -7731,6 +7731,52 @@ } } }, + "/index.php/csrftoken": { + "get": { + "operationId": "csrf_token-index", + "summary": "Returns a new CSRF token.", + "tags": [ + "csrf_token" + ], + "security": [ + {}, + { + "bearer_auth": [] + }, + { + "basic_auth": [] + } + ], + "responses": { + "200": { + "description": "CSRF token returned", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "token" + ], + "properties": { + "token": { + "type": "string" + } + } + } + } + } + }, + "403": { + "description": "Strict cookie check failed", + "content": { + "application/json": { + "schema": {} + } + } + } + } + } + }, "/index.php/login/v2/poll": { "post": { "operationId": "client_flow_login_v2-poll", |