From dae51cfd471089fa15b5feceb66af1407304fde5 Mon Sep 17 00:00:00 2001 From: Nicolai Ort Date: Tue, 22 Dec 2020 19:13:20 +0100 Subject: [PATCH] Added openapi cookie security schema ref #49 --- src/controllers/AuthController.ts | 9 +++++---- src/controllers/ImportController.ts | 2 +- src/controllers/PermissionController.ts | 2 +- src/controllers/RunnerController.ts | 2 +- src/controllers/RunnerOrganisationController.ts | 2 +- src/controllers/RunnerTeamController.ts | 2 +- src/controllers/TrackController.ts | 2 +- src/controllers/UserController.ts | 2 +- src/controllers/UserGroupController.ts | 2 +- src/loaders/openapi.ts | 6 ++++++ 10 files changed, 19 insertions(+), 12 deletions(-) diff --git a/src/controllers/AuthController.ts b/src/controllers/AuthController.ts index 98a9f85..2f571cb 100644 --- a/src/controllers/AuthController.ts +++ b/src/controllers/AuthController.ts @@ -1,4 +1,4 @@ -import { Body, CookieParam, JsonController, Param, Post, Res } from 'routing-controllers'; +import { Body, CookieParam, JsonController, Param, Post, Req, Res } from 'routing-controllers'; import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi'; import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError'; import { UserNotFoundError } from '../errors/UserErrors'; @@ -42,7 +42,7 @@ export class AuthController { @ResponseSchema(UsernameOrEmailNeededError) @ResponseSchema(PasswordNeededError) @ResponseSchema(InvalidCredentialsError) - @OpenAPI({ description: 'Create a new access token object' }) + @OpenAPI({ description: 'Create a new access token object', security: [{ "RefreshTokenCookie": [] }] }) async logout(@Body({ validate: true }) handleLogout: HandleLogout, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any) { if (refresh_token && refresh_token.length != 0 && handleLogout.token == undefined) { handleLogout.token = refresh_token; @@ -65,11 +65,12 @@ export class AuthController { @ResponseSchema(IllegalJWTError) @ResponseSchema(UserNotFoundError) @ResponseSchema(RefreshTokenCountInvalidError) - @OpenAPI({ description: 'refresh a access token' }) - async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any) { + @OpenAPI({ description: 'refresh a access token', security: [{ "RefreshTokenCookie": [] }] }) + async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any, @Req() req: any) { if (refresh_token && refresh_token.length != 0 && refreshAuth.token == undefined) { refreshAuth.token = refresh_token; } + console.log(req.headers) let auth; try { auth = await refreshAuth.toAuth(); diff --git a/src/controllers/ImportController.ts b/src/controllers/ImportController.ts index bccdfb3..a14071c 100644 --- a/src/controllers/ImportController.ts +++ b/src/controllers/ImportController.ts @@ -10,7 +10,7 @@ import { RunnerController } from './RunnerController'; @Controller() @Authorized(["RUNNER:IMPORT", "TEAM:IMPORT"]) -@OpenAPI({ security: [{ "AuthToken": [] }] }) +@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class ImportController { private runnerController: RunnerController; diff --git a/src/controllers/PermissionController.ts b/src/controllers/PermissionController.ts index 208fe6f..4d04db2 100644 --- a/src/controllers/PermissionController.ts +++ b/src/controllers/PermissionController.ts @@ -12,7 +12,7 @@ import { ResponsePrincipal } from '../models/responses/ResponsePrincipal'; @JsonController('/permissions') -@OpenAPI({ security: [{ "AuthToken": [] }] }) +@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class PermissionController { private permissionRepository: Repository; diff --git a/src/controllers/RunnerController.ts b/src/controllers/RunnerController.ts index 12569d0..91e44e9 100644 --- a/src/controllers/RunnerController.ts +++ b/src/controllers/RunnerController.ts @@ -10,7 +10,7 @@ import { ResponseEmpty } from '../models/responses/ResponseEmpty'; import { ResponseRunner } from '../models/responses/ResponseRunner'; @JsonController('/runners') -@OpenAPI({ security: [{ "AuthToken": [] }] }) +@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class RunnerController { private runnerRepository: Repository; diff --git a/src/controllers/RunnerOrganisationController.ts b/src/controllers/RunnerOrganisationController.ts index fb86cf2..ce1dd80 100644 --- a/src/controllers/RunnerOrganisationController.ts +++ b/src/controllers/RunnerOrganisationController.ts @@ -12,7 +12,7 @@ import { RunnerTeamController } from './RunnerTeamController'; @JsonController('/organisations') -@OpenAPI({ security: [{ "AuthToken": [] }] }) +@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class RunnerOrganisationController { private runnerOrganisationRepository: Repository; diff --git a/src/controllers/RunnerTeamController.ts b/src/controllers/RunnerTeamController.ts index 5040e8c..d864319 100644 --- a/src/controllers/RunnerTeamController.ts +++ b/src/controllers/RunnerTeamController.ts @@ -11,7 +11,7 @@ import { RunnerController } from './RunnerController'; @JsonController('/teams') -@OpenAPI({ security: [{ "AuthToken": [] }] }) +@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class RunnerTeamController { private runnerTeamRepository: Repository; diff --git a/src/controllers/TrackController.ts b/src/controllers/TrackController.ts index d5746ff..38c1ffc 100644 --- a/src/controllers/TrackController.ts +++ b/src/controllers/TrackController.ts @@ -9,7 +9,7 @@ import { ResponseEmpty } from '../models/responses/ResponseEmpty'; import { ResponseTrack } from '../models/responses/ResponseTrack'; @JsonController('/tracks') -@OpenAPI({ security: [{ "AuthToken": [] }] }) +@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class TrackController { private trackRepository: Repository; diff --git a/src/controllers/UserController.ts b/src/controllers/UserController.ts index 560f0c8..1d02f24 100644 --- a/src/controllers/UserController.ts +++ b/src/controllers/UserController.ts @@ -12,7 +12,7 @@ import { PermissionController } from './PermissionController'; @JsonController('/users') -@OpenAPI({ security: [{ "AuthToken": [] }] }) +@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class UserController { private userRepository: Repository; diff --git a/src/controllers/UserGroupController.ts b/src/controllers/UserGroupController.ts index ea3ab16..e56996f 100644 --- a/src/controllers/UserGroupController.ts +++ b/src/controllers/UserGroupController.ts @@ -11,7 +11,7 @@ import { PermissionController } from './PermissionController'; @JsonController('/usergroups') -@OpenAPI({ security: [{ "AuthToken": [] }] }) +@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class UserGroupController { private userGroupsRepository: Repository; diff --git a/src/loaders/openapi.ts b/src/loaders/openapi.ts index 44c6f34..049259b 100644 --- a/src/loaders/openapi.ts +++ b/src/loaders/openapi.ts @@ -29,6 +29,12 @@ export default async (app: Application) => { "scheme": "bearer", "bearerFormat": "JWT", description: "A JWT based access token. Use /api/auth/login or /api/auth/refresh to get one." + }, + "RefreshTokenCookie": { + "type": "apiKey", + "in": "cookie", + "name": "lfk_backend__refresh_token", + description: "A cookie containing a JWT based refreh token. Attention: Doesn't work in swagger-ui. Use /api/auth/login or /api/auth/refresh to get one." } } },