diff --git a/openapi/auth-server.yaml b/openapi/auth-server.yaml index 91fc6537..7da138aa 100644 --- a/openapi/auth-server.yaml +++ b/openapi/auth-server.yaml @@ -91,7 +91,7 @@ paths: - access properties: access: - $ref: ./schemas.yaml#/components/schemas/access + $ref: '#/components/schemas/access' client: $ref: '#/components/schemas/client' interact: @@ -303,6 +303,121 @@ paths: - token components: schemas: + access: + type: array + description: A description of the rights associated with this access token. + items: + $ref: '#/components/schemas/access-item' + uniqueItems: true + maxItems: 3 + access-item: + oneOf: + - $ref: '#/components/schemas/access-incoming' + - $ref: '#/components/schemas/access-outgoing' + - $ref: '#/components/schemas/access-quote' + description: The access associated with the access token is described using objects that each contain multiple dimensions of access. + unevaluatedProperties: false + access-incoming: + title: access-incoming + type: object + properties: + type: + type: string + enum: ['incoming-payment'] + description: The type of resource request as a string. This field defines which other fields are allowed in the request object. + actions: + type: array + description: The types of actions the client instance will take at the RS as an array of strings. + items: + type: string + enum: + - create + - complete + - read + - read-all + - list + - list-all + uniqueItems: true + identifier: + type: string + format: uri + description: A string identifier indicating a specific resource at the RS. + required: + - type + - actions + access-outgoing: + title: access-outgoing + type: object + properties: + type: + type: string + enum: ['outgoing-payment'] + description: The type of resource request as a string. This field defines which other fields are allowed in the request object. + actions: + type: array + description: The types of actions the client instance will take at the RS as an array of strings. + items: + type: string + enum: + - create + - read + - read-all + - list + - list-all + uniqueItems: true + identifier: + type: string + format: uri + description: A string identifier indicating a specific resource at the RS. + limits: + $ref: '#/components/schemas/limits-outgoing' + required: + - type + - actions + - identifier + access-quote: + title: access-quote + type: object + properties: + type: + type: string + enum: ['quote'] + description: The type of resource request as a string. This field defines which other fields are allowed in the request object. + actions: + type: array + description: The types of actions the client instance will take at the RS as an array of strings. + items: + type: string + enum: + - create + - read + - read-all + uniqueItems: true + required: + - type + - actions + access_token: + title: access_token + type: object + description: A single access token or set of access tokens that the client instance can use to call the RS on behalf of the RO. + properties: + value: + type: string + description: The value of the access token as a string. The value is opaque to the client instance. The value SHOULD be limited to ASCII characters to facilitate transmission over HTTP headers within other protocols without requiring additional encoding. + manage: + type: string + format: uri + description: The management URI for this access token. This URI MUST NOT include the access token value and SHOULD be different for each access token issued in a request. + expires_in: + type: integer + description: The number of seconds in which the access will expire. The client instance MUST NOT use the access token past this time. An RS MUST NOT accept an access token past this time. + access: + $ref: '#/components/schemas/access' + required: + - value + - manage + - access + additionalProperties: false client: title: client type: string @@ -314,6 +429,29 @@ components: A JSON Web Key Set document, including the public key that the client instance will use to protect this request and any continuation requests at the AS and any user-facing information about the client instance used in interactions, MUST be available at the payment pointer + `/jwks.json` url. If sending a grant initiation request that requires RO interaction, the payment pointer MUST serve necessary client display information. + continue: + title: continue + type: object + description: 'If the AS determines that the request can be continued with additional requests, it responds with the continue field.' + properties: + access_token: + type: object + description: 'A unique access token for continuing the request, called the "continuation access token".' + required: + - value + properties: + value: + type: string + uri: + type: string + format: uri + description: The URI at which the client instance can make continuation requests. + wait: + type: integer + description: The amount of time in integer seconds the client instance MUST wait after receiving this request continuation response and calling the continuation URI. + required: + - access_token + - uri interact-request: title: interact type: object @@ -362,51 +500,35 @@ components: required: - redirect - finish - continue: - title: continue - type: object - description: 'If the AS determines that the request can be continued with additional requests, it responds with the continue field.' - properties: - access_token: - type: object - description: 'A unique access token for continuing the request, called the "continuation access token".' - required: - - value - properties: - value: - type: string - uri: - type: string - format: uri - description: The URI at which the client instance can make continuation requests. - wait: - type: integer - description: The amount of time in integer seconds the client instance MUST wait after receiving this request continuation response and calling the continuation URI. - required: - - access_token - - uri - access_token: - title: access_token + interval: + title: Interval + type: string + description: '[ISO8601 repeating interval](https://en.wikipedia.org/wiki/ISO_8601#Repeating_intervals)' + examples: + - 'R11/2022-08-24T14:15:22Z/P1M' + - 'R/2017-03-01T13:00:00Z/2018-05-11T15:30:00Z' + - 'R-1/P1Y2M10DT2H30M/2022-05-11T15:30:00Z' + limits-outgoing: + title: limits-outgoing + description: Open Payments specific property that defines the limits under which outgoing payments can be created. type: object - description: A single access token or set of access tokens that the client instance can use to call the RS on behalf of the RO. properties: - value: - type: string - description: The value of the access token as a string. The value is opaque to the client instance. The value SHOULD be limited to ASCII characters to facilitate transmission over HTTP headers within other protocols without requiring additional encoding. - manage: - type: string - format: uri - description: The management URI for this access token. This URI MUST NOT include the access token value and SHOULD be different for each access token issued in a request. - expires_in: - type: integer - description: The number of seconds in which the access will expire. The client instance MUST NOT use the access token past this time. An RS MUST NOT accept an access token past this time. - access: - $ref: ./schemas.yaml#/components/schemas/access - required: - - value - - manage - - access - additionalProperties: false + receiver: + $ref: './schemas.yaml#/components/schemas/receiver' + sendAmount: + $ref: './schemas.yaml#/components/schemas/amount' + receiveAmount: + $ref: './schemas.yaml#/components/schemas/amount' + interval: + $ref: '#/components/schemas/interval' + anyOf: + - not: + required: + - interval + - required: + - sendAmount + - required: + - receiveAmount securitySchemes: GNAP: name: Authorization diff --git a/openapi/schemas.yaml b/openapi/schemas.yaml index 378305f1..7b3b5aa5 100644 --- a/openapi/schemas.yaml +++ b/openapi/schemas.yaml @@ -11,101 +11,6 @@ info: email: tech@interledger.org components: schemas: - access: - type: array - description: A description of the rights associated with this access token. - items: - $ref: '#/components/schemas/access-item' - uniqueItems: true - maxItems: 3 - access-item: - discriminator: - propertyName: type - oneOf: - - $ref: '#/components/schemas/access-incoming' - - $ref: '#/components/schemas/access-outgoing' - - $ref: '#/components/schemas/access-quote' - description: The access associated with the access token is described using objects that each contain multiple dimensions of access. - unevaluatedProperties: false - access-incoming: - title: access-incoming - type: object - properties: - type: - type: string - const: 'incoming-payment' - description: The type of resource request as a string. This field defines which other fields are allowed in the request object. - actions: - type: array - description: The types of actions the client instance will take at the RS as an array of strings. - items: - type: string - enum: - - create - - complete - - read - - read-all - - list - - list-all - uniqueItems: true - identifier: - type: string - format: uri - description: A string identifier indicating a specific resource at the RS. - required: - - type - - actions - access-outgoing: - title: access-outgoing - type: object - properties: - type: - type: string - const: 'outgoing-payment' - description: The type of resource request as a string. This field defines which other fields are allowed in the request object. - actions: - type: array - description: The types of actions the client instance will take at the RS as an array of strings. - items: - type: string - enum: - - create - - read - - read-all - - list - - list-all - uniqueItems: true - identifier: - type: string - format: uri - description: A string identifier indicating a specific resource at the RS. - limits: - $ref: '#/components/schemas/limits-outgoing' - required: - - type - - actions - - identifier - access-quote: - title: access-quote - type: object - properties: - type: - type: string - const: 'quote' - description: The type of resource request as a string. This field defines which other fields are allowed in the request object. - actions: - type: array - description: The types of actions the client instance will take at the RS as an array of strings. - items: - type: string - enum: - - create - - read - - read-all - uniqueItems: true - required: - - type - - actions amount: title: amount type: object @@ -133,43 +38,6 @@ components: minimum: 0 maximum: 255 description: The scale of amounts denoted in the corresponding asset code. - interval: - title: Interval - type: string - description: '[ISO8601 repeating interval](https://en.wikipedia.org/wiki/ISO_8601#Repeating_intervals)' - examples: - - 'R11/2022-08-24T14:15:22Z/P1M' - - 'R/2017-03-01T13:00:00Z/2018-05-11T15:30:00Z' - - 'R-1/P1Y2M10DT2H30M/2022-05-11T15:30:00Z' - limits-outgoing: - title: limits-outgoing - description: Open Payments specific property that defines the limits under which outgoing payments can be created. - type: [object, "null"] - properties: - receiver: - $ref: '#/components/schemas/receiver' - sendAmount: - $ref: '#/components/schemas/amount' - receiveAmount: - $ref: '#/components/schemas/amount' - interval: - $ref: '#/components/schemas/interval' - anyOf: - - not: - required: - - interval - - required: - - sendAmount - - required: - - receiveAmount - list-actions: - enum: - - list - - list-all - read-actions: - enum: - - read - - read-all receiver: title: Receiver type: string