mirror of
https://github.com/GlueOps/autoglue.git
synced 2026-02-13 12:50:05 +01:00
824 lines
26 KiB
JSON
824 lines
26 KiB
JSON
{
|
|
"schemes": [
|
|
"http"
|
|
],
|
|
"swagger": "2.0",
|
|
"info": {
|
|
"description": "API for managing K3s clusters across cloud providers",
|
|
"title": "AutoGlue API",
|
|
"contact": {},
|
|
"version": "1.0"
|
|
},
|
|
"basePath": "/",
|
|
"paths": {
|
|
"/api/healthz": {
|
|
"get": {
|
|
"description": "Returns a 200 if the service is up",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"text/plain"
|
|
],
|
|
"tags": [
|
|
"health"
|
|
],
|
|
"summary": "Basic health check",
|
|
"responses": {
|
|
"200": {
|
|
"description": "ok",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/introspect": {
|
|
"post": {
|
|
"description": "Returns whether the token is active and basic metadata",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Introspect a token",
|
|
"parameters": [
|
|
{
|
|
"description": "token",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"200": {
|
|
"description": "OK",
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/login": {
|
|
"post": {
|
|
"description": "Authenticates a user and returns a JWT bearer token",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Authenticate and return a token",
|
|
"parameters": [
|
|
{
|
|
"description": "User login input",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"$ref": "#/definitions/authn.LoginInput"
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"200": {
|
|
"description": "token",
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"401": {
|
|
"description": "unauthorized",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/logout": {
|
|
"post": {
|
|
"security": [
|
|
{
|
|
"BearerAuth": []
|
|
}
|
|
],
|
|
"description": "Revoke a refresh token",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Logout user",
|
|
"parameters": [
|
|
{
|
|
"description": "refresh_token",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"204": {
|
|
"description": "no content",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/logout_all": {
|
|
"post": {
|
|
"security": [
|
|
{
|
|
"BearerAuth": []
|
|
}
|
|
],
|
|
"description": "Revokes all active refresh tokens for the authenticated user",
|
|
"produces": [
|
|
"text/plain"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Logout from all sessions",
|
|
"responses": {
|
|
"204": {
|
|
"description": "no content",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/me": {
|
|
"get": {
|
|
"security": [
|
|
{
|
|
"BearerAuth": []
|
|
}
|
|
],
|
|
"description": "Returns the authenticated user's profile and auth context",
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Get authenticated user info",
|
|
"responses": {
|
|
"200": {
|
|
"description": "OK",
|
|
"schema": {
|
|
"$ref": "#/definitions/authn.MeResponse"
|
|
}
|
|
},
|
|
"401": {
|
|
"description": "unauthorized",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/password/change": {
|
|
"post": {
|
|
"security": [
|
|
{
|
|
"BearerAuth": []
|
|
}
|
|
],
|
|
"description": "Changes the password for the authenticated user",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"text/plain"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Change password",
|
|
"parameters": [
|
|
{
|
|
"description": "current_password, new_password",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"204": {
|
|
"description": "no content",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"400": {
|
|
"description": "bad request",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/password/forgot": {
|
|
"post": {
|
|
"description": "Sends a reset token to the user's email address",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"text/plain"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Request password reset",
|
|
"parameters": [
|
|
{
|
|
"description": "email",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"204": {
|
|
"description": "no content",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/password/reset": {
|
|
"post": {
|
|
"description": "Resets the password using a valid reset token",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"text/plain"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Confirm password reset",
|
|
"parameters": [
|
|
{
|
|
"description": "token, new_password",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"204": {
|
|
"description": "no content",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"400": {
|
|
"description": "bad request",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/refresh": {
|
|
"post": {
|
|
"security": [
|
|
{
|
|
"BearerAuth": []
|
|
}
|
|
],
|
|
"description": "Use a refresh token to obtain a new access token",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Refresh access token",
|
|
"parameters": [
|
|
{
|
|
"description": "refresh_token",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"200": {
|
|
"description": "new access token",
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"401": {
|
|
"description": "unauthorized",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/refresh/rotate": {
|
|
"post": {
|
|
"security": [
|
|
{
|
|
"BearerAuth": []
|
|
}
|
|
],
|
|
"description": "Exchanges a valid refresh token for a new access and refresh token, revoking the old one",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Rotate refresh token",
|
|
"parameters": [
|
|
{
|
|
"description": "refresh_token",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"200": {
|
|
"description": "access_token, refresh_token",
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"401": {
|
|
"description": "unauthorized",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/register": {
|
|
"post": {
|
|
"description": "Registers a new user and stores credentials",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Register a new user",
|
|
"parameters": [
|
|
{
|
|
"description": "User registration input",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"$ref": "#/definitions/authn.RegisterInput"
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"201": {
|
|
"description": "created",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"400": {
|
|
"description": "bad request",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/verify": {
|
|
"get": {
|
|
"description": "Verifies the user's email using a token (often from an emailed link)",
|
|
"produces": [
|
|
"text/plain"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Verify email address",
|
|
"parameters": [
|
|
{
|
|
"type": "string",
|
|
"description": "verification token",
|
|
"name": "token",
|
|
"in": "query",
|
|
"required": true
|
|
}
|
|
],
|
|
"responses": {
|
|
"204": {
|
|
"description": "no content",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"400": {
|
|
"description": "bad request",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/auth/verify/resend": {
|
|
"post": {
|
|
"description": "Sends a new email verification token if needed",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"text/plain"
|
|
],
|
|
"tags": [
|
|
"auth"
|
|
],
|
|
"summary": "Resend email verification",
|
|
"parameters": [
|
|
{
|
|
"description": "email",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"204": {
|
|
"description": "no content",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/api/v1/orgs": {
|
|
"get": {
|
|
"security": [
|
|
{
|
|
"BearerAuth": []
|
|
}
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"organizations"
|
|
],
|
|
"summary": "List organizations for user",
|
|
"responses": {
|
|
"200": {
|
|
"description": "OK",
|
|
"schema": {
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/definitions/models.Organization"
|
|
}
|
|
}
|
|
},
|
|
"401": {
|
|
"description": "unauthorized",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"post": {
|
|
"security": [
|
|
{
|
|
"BearerAuth": []
|
|
}
|
|
],
|
|
"description": "Creates a new organization and assigns the authenticated user as an admin member",
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"tags": [
|
|
"organizations"
|
|
],
|
|
"summary": "Create a new organization",
|
|
"parameters": [
|
|
{
|
|
"type": "string",
|
|
"description": "Optional organization context (ignored for creation)",
|
|
"name": "X-Org-ID",
|
|
"in": "header"
|
|
},
|
|
{
|
|
"description": "Organization Input",
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"$ref": "#/definitions/orgs.OrgInput"
|
|
}
|
|
}
|
|
],
|
|
"responses": {
|
|
"200": {
|
|
"description": "organization_id",
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"400": {
|
|
"description": "invalid input",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"401": {
|
|
"description": "unauthorized",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"500": {
|
|
"description": "internal error",
|
|
"schema": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"definitions": {
|
|
"authn.AuthClaimsDTO": {
|
|
"type": "object",
|
|
"properties": {
|
|
"aud": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"exp": {
|
|
"type": "integer"
|
|
},
|
|
"iat": {
|
|
"type": "integer"
|
|
},
|
|
"iss": {
|
|
"type": "string"
|
|
},
|
|
"nbf": {
|
|
"type": "integer"
|
|
},
|
|
"orgs": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"roles": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"sub": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"authn.LoginInput": {
|
|
"type": "object",
|
|
"properties": {
|
|
"email": {
|
|
"type": "string",
|
|
"example": "me@here.com"
|
|
},
|
|
"password": {
|
|
"type": "string",
|
|
"example": "123456"
|
|
}
|
|
}
|
|
},
|
|
"authn.MeResponse": {
|
|
"type": "object",
|
|
"properties": {
|
|
"claims": {
|
|
"$ref": "#/definitions/authn.AuthClaimsDTO"
|
|
},
|
|
"org_role": {
|
|
"type": "string"
|
|
},
|
|
"organization_id": {
|
|
"type": "string"
|
|
},
|
|
"user_id": {
|
|
"$ref": "#/definitions/authn.UserDTO"
|
|
}
|
|
}
|
|
},
|
|
"authn.RegisterInput": {
|
|
"type": "object",
|
|
"properties": {
|
|
"email": {
|
|
"type": "string",
|
|
"example": "me@here.com"
|
|
},
|
|
"name": {
|
|
"type": "string",
|
|
"example": "My Name"
|
|
},
|
|
"password": {
|
|
"type": "string",
|
|
"example": "123456"
|
|
}
|
|
}
|
|
},
|
|
"authn.UserDTO": {
|
|
"type": "object",
|
|
"properties": {
|
|
"created_at": {
|
|
"type": "string"
|
|
},
|
|
"email": {
|
|
"type": "string"
|
|
},
|
|
"email_verified": {
|
|
"type": "boolean"
|
|
},
|
|
"id": {
|
|
"type": "string"
|
|
},
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"role": {
|
|
"$ref": "#/definitions/models.Role"
|
|
},
|
|
"updated_at": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"models.Organization": {
|
|
"type": "object",
|
|
"properties": {
|
|
"created_at": {
|
|
"type": "string"
|
|
},
|
|
"id": {
|
|
"type": "string"
|
|
},
|
|
"logo": {
|
|
"type": "string"
|
|
},
|
|
"metadata": {
|
|
"type": "string"
|
|
},
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"slug": {
|
|
"type": "string"
|
|
},
|
|
"updated_at": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"models.Role": {
|
|
"type": "string",
|
|
"enum": [
|
|
"admin",
|
|
"user"
|
|
],
|
|
"x-enum-varnames": [
|
|
"RoleAdmin",
|
|
"RoleUser"
|
|
]
|
|
},
|
|
"orgs.OrgInput": {
|
|
"type": "object",
|
|
"properties": {
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"slug": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"securityDefinitions": {
|
|
"BearerAuth": {
|
|
"type": "apiKey",
|
|
"name": "Authorization",
|
|
"in": "header"
|
|
}
|
|
}
|
|
} |