From bbedc84228a96b747092ac01e7d1561dacc61148 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 11 Jan 2025 16:49:14 +0000 Subject: [PATCH] [bot]update openapi3 schema --- api/build/core-openapi3.yaml | 90 ++++++++++++++++-------------------- 1 file changed, 41 insertions(+), 49 deletions(-) diff --git a/api/build/core-openapi3.yaml b/api/build/core-openapi3.yaml index 4c4ecfcc..6b86b4ab 100644 --- a/api/build/core-openapi3.yaml +++ b/api/build/core-openapi3.yaml @@ -210,25 +210,13 @@ paths: explode: false responses: '200': - description: JSON-Array of Object(s), each object containing "id_cert" (PEM encoded ID-Cert) and "invalidated" (boolean). An ID-Cert is considered invalidated, if the server or actor choose to revoke the validity of the ID-Cert before the lifetime of the certificate was scheduled to end. + description: JSON-Array of Object(s). content: application/json: schema: type: array items: - type: object - properties: - id_cert: - type: string - example: ------BEGIN CERTIFICATE------... - description: PEM encoded ID-Cert - invalidated: - type: boolean - example: false - description: Whether this specific id_cert has been marked as invalidated by the server. An ID-Cert is considered invalidated, if the server or actor choose to revoke the validity of the ID-Cert before the lifetime of the certificate was scheduled to end. - required: - - id_cert - - invalidated + $ref: '#/components/schemas/polyproto.core.models.CacheableIDCert' tags: - Federated Identity - Registration not required /.p2/core/v1/idcert/server: @@ -255,7 +243,7 @@ paths: content: application/json: schema: - type: string + $ref: '#/components/schemas/polyproto.core.models.CacheableIDCert' tags: - Federated Identity - Registration not required /.p2/core/v1/key/server: @@ -282,41 +270,9 @@ paths: - Sensitive Actions security: - BearerAuth: [] - get: - operationId: Unregistered_serverKey - summary: Get Server Public Key - description: Request the server's public key. - parameters: - - name: timestamp - in: query - required: false - description: |- - An optional UNIX timestamp to retrieve the public key the server had at that - point in time, instead of the current one. - schema: - type: object - properties: - timestamp: - type: integer - format: uint64 - required: - - timestamp - explode: false - responses: - '200': - description: |- - The current public key of the server, or, if specified, the public key the server had - at the specified time. The public key is being returned as a PEM encoded X.509 - `SubjectPublicKeyInfo`. - content: - application/json: - schema: - type: string - tags: - - Federated Identity - Registration not required /.p2/core/v1/keytrial: post: - operationId: Unregistered_keyTrialRedirectExtern + operationId: Unregistered_completeKeyTrial summary: Complete key trial description: |- Complete a key trial. After the successful completion of the key trial, the action that @@ -525,7 +481,9 @@ paths: get: operationId: Unregistered_getMessages summary: Fetch messages to-be-resigned - description: Fetch messages to be re-signed. + description: |- + Fetch messages to be re-signed. Must only return messages where the signatures correlate to + ID-Certs for which a key trial has been passed. parameters: - name: limit in: query @@ -1658,6 +1616,40 @@ components: type: string enum: - v1.0-alpha.1 + polyproto.core.models.CacheableIDCert: + type: object + required: + - idCertPem + - cacheNotValidBefore + - cacheNotValidAfter + - cacheSignature + properties: + idCertPem: + type: string + example: ------BEGIN CERTIFICATE------... + description: The requested ID-Cert in ASCII PEM format. + invalidatedAt: + type: integer + format: uint64 + example: 1736610000 + description: UNIX timestamp that specifies when this specific id_cert has been marked as invalidated by the server. An ID-Cert is considered invalidated, if the server or actor choose to revoke the validity of the ID-Cert before the lifetime of the certificate was scheduled to end. If this property does not exist, the ID-Cert has not been invalidated. + cacheNotValidBefore: + type: integer + format: uint64 + example: 1736606402 + description: UNIX timestamp that specifies the time from which this cache entry may be treated as valid. + cacheNotValidAfter: + type: integer + format: uint64 + example: 1736613602 + description: UNIX timestamp that specifies a time until which this cache entry may be treated as valid. + cacheSignature: + type: string + example: 7ab2bbde7fe43c7481a3a61031546bab16bc1a8735b2f0cdd519958c7f2f99f8 + minLength: 32 + maxLength: 32 + description: Signature generated by the home server. This signature can be verified using the home servers' public identity key. A server generates the `cacheSignature` by concatenating the serial number of the ID-Cert in question with the `cacheValidNotBefore` timestamp and the `cacheValidNotAfter` timestamp, then generating the signature of the resulting concatenated string using the private identity key of the server. Clients must reject certificates of which the `cacheSignature` can not be verified to be correct. + description: A cacheable response to an ID-Cert request. polyproto.core.models.ChallengeStringResponse: type: object required: