Swagger refresh tokens
This commit is contained in:
Daniel Wagner-Hall
parent
0f525e18b4
commit
2e9d3d283a
1 changed files with 70 additions and 1 deletions
|
|
@ -63,7 +63,19 @@ paths:
|
||||||
description: The fully-qualified Matrix ID that has been registered.
|
description: The fully-qualified Matrix ID that has been registered.
|
||||||
access_token:
|
access_token:
|
||||||
type: string
|
type: string
|
||||||
description: An access token for the account. This access token can then be used to authorize other requests.
|
description: |-
|
||||||
|
An access token for the account.
|
||||||
|
This access token can then be used to authorize other requests.
|
||||||
|
The access token may expire at some point, and if so, it SHOULD come with a refresh_token.
|
||||||
|
There is no specific error message to indicate that a request has failed because
|
||||||
|
an access token has expired; instead, if a client has reason to believe its
|
||||||
|
access token is valid, and it receives an auth error, they should attempt to
|
||||||
|
refresh for a new token on failure, and retry the request with the new token.
|
||||||
|
refresh_token:
|
||||||
|
type: string
|
||||||
|
# TODO: Work out how to linkify /tokenrefresh
|
||||||
|
description: |-
|
||||||
|
(optional) A ``refresh_token`` may be exchanged for a new ``access_token`` using the /tokenrefresh API endpoint.
|
||||||
home_server:
|
home_server:
|
||||||
type: string
|
type: string
|
||||||
description: The hostname of the Home Server on which the account has been registered.
|
description: The hostname of the Home Server on which the account has been registered.
|
||||||
|
|
@ -77,3 +89,60 @@ paths:
|
||||||
description: This request was rate-limited.
|
description: This request was rate-limited.
|
||||||
schema:
|
schema:
|
||||||
"$ref": "definitions/error.yaml"
|
"$ref": "definitions/error.yaml"
|
||||||
|
"/tokenrefresh":
|
||||||
|
post:
|
||||||
|
summary: Exchanges a refresh token for an access token.
|
||||||
|
description: |-
|
||||||
|
Exchanges a refresh token for a new access token.
|
||||||
|
This is intended to be used if the access token has expired.
|
||||||
|
security:
|
||||||
|
- accessToken: []
|
||||||
|
parameters:
|
||||||
|
- in: body
|
||||||
|
name: body
|
||||||
|
required: true
|
||||||
|
schema:
|
||||||
|
type: object
|
||||||
|
example: |-
|
||||||
|
{
|
||||||
|
"refresh_token": "a1b2c3"
|
||||||
|
}
|
||||||
|
properties:
|
||||||
|
refresh_token:
|
||||||
|
type: string
|
||||||
|
description: The refresh token which was issued by the server.
|
||||||
|
required: ["refresh_token"]
|
||||||
|
responses:
|
||||||
|
200:
|
||||||
|
description: |-
|
||||||
|
The refresh token was accepted, and a new access token has been issued.
|
||||||
|
The passed refresh token is no longer valid, and cannot be used.
|
||||||
|
A new refresh token may have been returned.
|
||||||
|
examples:
|
||||||
|
application/json: |-
|
||||||
|
{
|
||||||
|
"access_token": "bearwithme123",
|
||||||
|
"refresh_token": "exchangewithme987"
|
||||||
|
}
|
||||||
|
schema:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
access_token:
|
||||||
|
type: string
|
||||||
|
description: |-
|
||||||
|
An access token for the account.
|
||||||
|
This access token can then be used to authorize other requests.
|
||||||
|
The access token may expire at some point, and if so, it SHOULD come with a refresh_token.
|
||||||
|
refresh_token:
|
||||||
|
type: string
|
||||||
|
description: (optional) A ``refresh_token`` may be exchanged for a new ``access_token`` using the TODO Linkify /tokenrefresh API endpoint.
|
||||||
|
403:
|
||||||
|
description: |-
|
||||||
|
The exchange attempt failed. For example, the refresh token may have already been used.
|
||||||
|
examples:
|
||||||
|
application/json: |-
|
||||||
|
{"errcode": "M_FORBIDDEN"}
|
||||||
|
429:
|
||||||
|
description: This request was rate-limited.
|
||||||
|
schema:
|
||||||
|
"$ref": "definitions/error.yaml"
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue