vikarti.anatra/polaris-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Support for bearer token authentication (#120)

Browse source 
* User manager can create and recognize auth tokens

* Implement HTTP bearer auth

* Use bearer auth in test-harness

* Can receive auth token via query parameter (useful for media endpoints)
This commit is contained in:
Antoine Gersant 2020-12-20 03:25:45 -08:00 committed by GitHub
parent 5e065c5e6a
commit 72c8ed9289
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 737 additions and 131 deletions
Download patch file Download diff file Expand all files Collapse all files

226
docs/swagger/polaris-api.json
View file

@ -93,7 +93,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -123,7 +125,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -151,7 +155,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -180,7 +186,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -207,7 +215,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -235,7 +245,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -265,7 +277,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -295,7 +309,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -335,7 +351,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -363,7 +381,9 @@
},
"security": [
{
"admin_http_header": [],
"admin_http_basic": [],
"admin_http_bearer": [],
"admin_query_parameter": [],
"admin_cookie": []
}
]
@ -390,7 +410,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -418,7 +440,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -436,14 +460,21 @@
"content": {
"application/json": {
"schema": {
"$ref": "#components/schemas/AuthCredentials"
"$ref": "#components/schemas/Credentials"
}
}
}
},
"responses": {
"200": {
"description": "Successful operation"
"description": "Successful operation",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/Authorization"
}
}
}
},
"401": {
"description": "Invalid credentials"
@ -475,7 +506,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -515,7 +548,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -545,7 +580,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -585,7 +622,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -615,7 +654,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -645,7 +686,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -685,7 +728,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -722,7 +767,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -768,7 +815,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -798,7 +847,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -838,7 +889,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -876,7 +929,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -904,7 +959,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -934,7 +991,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -964,7 +1023,38 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
}
},
"/lastfm/link_token": {
"get": {
"tags": [
"Last.fm"
],
"summary": "Obtain an authentication token to be used when linking a Polaris account to a Last.fm account. The token is only valid for 10 minutes.",
"operationId": "getLastFMLinkToken",
"responses": {
"200": {
"description": "Successful operation",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/LastFMLinkToken"
}
}
}
}
},
"security": [
{
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -982,6 +1072,15 @@
},
"operationId": "getLastFMLink",
"parameters": [
{
"name": "auth_token",
"in": "query",
"required": true,
"description": "Polaris authentication token received from the `lastfm/link_token` endpoint",
"schema": {
"type": "string"
}
},
{
"name": "token",
"in": "query",
@ -1025,7 +1124,9 @@
},
"security": [
{
"auth_http_header": [],
"auth_http_basic": [],
"auth_http_bearer": [],
"auth_query_parameter": [],
"auth_cookie": []
}
]
@ -1183,7 +1284,7 @@
}
}
},
"AuthCredentials": {
"Credentials": {
"type": "object",
"properties": {
"username": {
@ -1194,6 +1295,28 @@
}
}
},
"Authorization": {
"type": "object",
"properties": {
"username": {
"type": "string"
},
"token": {
"type": "string"
},
"is_admin": {
"type": "bool"
}
}
},
"LastFMLinkToken": {
"type": "object",
"properties": {
"value": {
"type": "string"
}
}
},
"CollectionFile": {
"oneOf": [
{
@ -1320,26 +1443,49 @@
}
},
"securitySchemes": {
"auth_http_header": {
"auth_http_bearer": {
"type": "http",
"scheme": "basic"
"scheme": "bearer",
"description": "An authentication token obtained in the output of the `auth` endpoint"
},
"admin_http_bearer": {
"type": "http",
"scheme": "bearer",
"description": "Identical to the auth_http_bearer scheme but only for users recognized as admin by the Polaris server"
},
"auth_query_parameter": {
"type": "apikey",
"in": "query",
"name": "auth_token",
"description": "An authentication token obtained in the output of the `auth` endpoint"
},
"admin_query_parameter": {
"type": "apikey",
"in": "query",
"name": "auth_token",
"description": "Identical to the auth_query_parameter scheme but only for users recognized as admin by the Polaris server"
},
"auth_http_basic": {
"type": "http",
"scheme": "basic",
"description": "[deprecated]"
},
"admin_http_basic": {
"type": "http",
"scheme": "basic",
"description": "[deprecated] Identical to the auth_http_basic scheme but only for users recognized as admin by the Polaris server"
},
"auth_cookie": {
"type": "apikey",
"in": "cookie",
"name": "session",
"description": "A session token obtained returned as a server cookie by making a request via the auth_http_header scheme."
},
"admin_http_header": {
"type": "http",
"scheme": "basic",
"description": "Identical to the auth_http_header scheme but only for users recognized as admin by the Polaris server"
"description": "[deprecated] A token obtained via the SET-COOKIE header in a response to a request via the auth_http_basic scheme, or a request to the `auth` endpoint."
},
"admin_cookie": {
"type": "apikey",
"in": "cookie",
"name": "session",
"description": "Identical to the auth_cookie scheme but only for users recognized as admin by the Polaris server"
"description": "[deprecated] Identical to the auth_cookie scheme but only for users recognized as admin by the Polaris server"
}
},
"links": {},