openapi.yml

components:

  schemas:

    GrantType:
      enum:
        - password
        - authorization_code
        - client_credentials
        - refresh_token
      type: string

    TokenRequest:
      properties:
        client_id:
          description: optional client ID (as used, for example, in RFC6749's non password non refresh
            grant flow)
          example:
          type:
            - string
            - 'null'
        client_secret:
          description: optional client secret (as used, e.g., in RFC6749's non (password|refresh) grant
            flow)
          example:
          type:
            - string
            - 'null'
        grant_type:
          $ref: '#/components/schemas/GrantType'
          description: RFC6749 grant type
        password:
          description: optional password (as used, for example, in RFC6749's password grant flow)
          example: pass0
          type:
            - string
            - 'null'
        refresh_token:
          description: optional refresh token (as used, for example, in RFC6749's refresh grant flow)
          example:
          type:
            - string
            - 'null'
        username:
          description: optional username (as used, for example, in RFC6749's password grant flow)
          example: user0
          type:
            - string
            - 'null'
      required:
        - grant_type
      type: object

  securitySchemes:
    password:
      flows:
        password:
          scopes: {}
          tokenUrl: /api/token
      type: oauth2

info:
  description: ''
  license:
    name: Apache-2.0 OR MIT OR CC0
  title: serve-actix-diesel-auth-scaffold
  version: 0.0.1

openapi: 3.1.0

paths:

  /api:
    get:
      operationId: version
      responses: {}
      summary: Versions of this package and its first-party dependencies

  /api/token:
    post:
      operationId: token
      requestBody:
        content:
          application/x-www-form-urlencoded:
            schema:
              $ref: '#/components/schemas/TokenRequest'
        required: yes
      responses:
        '200':
          description: Token created
        '400':
          description: Unauthorized User
        '404':
          description: Not Found User
        '500':
          description: Bad Request
      summary: |-
        Generate a token for a grant flow.
        Implements https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.3

  /secured/logout:
    post:
      operationId: logout
      responses:
        '200':
          description: ''
      security:
        - password: []
      summary: Logout a user (uses provided Bearer token from Header)

  /secured/secret:
    get:
      operationId: secret
      responses:
        '200':
          description: secret endpoint
      security:
        - password: []
      summary: Shows secret to authenticated user (uses provided Bearer token from Header)

tags:
  - description: ''
    name: serve-actix-diesel-auth-scaffold