You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2015/08/20 22:49:26 UTC
[06/14] allura git commit: [#6797] apply security globally;
put bearer token option in even though it doesn't do much;
remove trait (although it might be a good option to bring back)
[#6797] apply security globally; put bearer token option in even though it doesn't do much; remove trait (although it might be a good option to bring back)
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/6f14d263
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/6f14d263
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/6f14d263
Branch: refs/heads/master
Commit: 6f14d263fce1a3a2d51ea5f71b17a185c917a909
Parents: a64a1af
Author: Dave Brondsema <da...@brondsema.net>
Authored: Mon Aug 10 17:40:06 2015 -0400
Committer: Dave Brondsema <da...@brondsema.net>
Committed: Thu Aug 20 16:49:12 2015 -0400
----------------------------------------------------------------------
Allura/docs/api-rest/api.raml | 3 ++-
Allura/docs/api-rest/resourceTypes.yaml | 1 -
Allura/docs/api-rest/securitySchemes.yaml | 25 +++++++++++++++++++++++--
Allura/docs/api-rest/traits.yaml | 8 --------
4 files changed, 25 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/6f14d263/Allura/docs/api-rest/api.raml
----------------------------------------------------------------------
diff --git a/Allura/docs/api-rest/api.raml b/Allura/docs/api-rest/api.raml
index 749e321..6f040e7 100755
--- a/Allura/docs/api-rest/api.raml
+++ b/Allura/docs/api-rest/api.raml
@@ -3,6 +3,7 @@
title: Apache Allura
version: 1
baseUri: https://{domain}/rest
+securedBy: [null, oauth_1_0, oauth_bearer_token]
resourceTypes: !include resourceTypes.yaml
traits: !include traits.yaml
@@ -15,6 +16,7 @@ baseUriParameters:
default: "forge-allura.apache.org"
+
/{neighborhood}:
description: |
Neighborhoods are groups of logically related projects, which have the same default options.
@@ -558,7 +560,6 @@ baseUriParameters:
schema: !include schemas/webhook.json
}
}
- is: [secured]
description: |
This is to manage webhooks programatically. See the [Webhook docs](https://forge-allura.apache.org/p/allura/wiki/Webhooks/) for more information.
http://git-wip-us.apache.org/repos/asf/allura/blob/6f14d263/Allura/docs/api-rest/resourceTypes.yaml
----------------------------------------------------------------------
diff --git a/Allura/docs/api-rest/resourceTypes.yaml b/Allura/docs/api-rest/resourceTypes.yaml
index 1f7b9f8..4bb176f 100755
--- a/Allura/docs/api-rest/resourceTypes.yaml
+++ b/Allura/docs/api-rest/resourceTypes.yaml
@@ -94,7 +94,6 @@
application/json:
schema: <<schema>>
- permission:
- securedBy: [null, oauth_1_0]
description: |
Checks if a given user has permissions.
get:
http://git-wip-us.apache.org/repos/asf/allura/blob/6f14d263/Allura/docs/api-rest/securitySchemes.yaml
----------------------------------------------------------------------
diff --git a/Allura/docs/api-rest/securitySchemes.yaml b/Allura/docs/api-rest/securitySchemes.yaml
index a7927cc..c4bdd06 100755
--- a/Allura/docs/api-rest/securitySchemes.yaml
+++ b/Allura/docs/api-rest/securitySchemes.yaml
@@ -4,5 +4,26 @@
type: OAuth 1.0
settings:
requestTokenUri: https://forge-allura.apache.org/rest/oauth/request_token
- authorizationUri: https://forge-allura.apache.org/rest/oauth/authorize
- tokenCredentialsUri: https://forge-allura.apache.org/rest/oauth/access_token
\ No newline at end of file
+ authorizationUri: /rest/oauth/authorize
+ tokenCredentialsUri: /rest/oauth/access_token
+
+- oauth_bearer_token:
+ description: |
+ A bearer token (aka access token) may be generated at https://forge-allura.apache.org/auth/oauth/ for simple
+ authorization via URL parameter or HTTP header.
+ type: x-OAuth-Bearer-Token
+ describedBy:
+ headers:
+ Authorization:
+ description: |
+ Used to send a bearer token. Use either this or
+ the "access_token" query string parameter.
+ type: string
+ queryParameters:
+ access_token:
+ description: |
+ Used to send a bearer token. Use either this or
+ the "Authorization" header
+ type: string
+ settings:
+ authorizationUri: https://forge-allura.apache.org//auth/oauth/
http://git-wip-us.apache.org/repos/asf/allura/blob/6f14d263/Allura/docs/api-rest/traits.yaml
----------------------------------------------------------------------
diff --git a/Allura/docs/api-rest/traits.yaml b/Allura/docs/api-rest/traits.yaml
index c1f47c5..40b39e3 100755
--- a/Allura/docs/api-rest/traits.yaml
+++ b/Allura/docs/api-rest/traits.yaml
@@ -35,14 +35,6 @@
queryParameters:
numPages:
description: The number of pages to return
-- secured:
- displayName: secured
- headers:
- Authorization:
- description: The auth token for this request
- responses:
- 401:
- description: Unauthorized
- rateLimited:
queryParameters:
numPages: