mirror of
https://github.com/nextcloud/server.git
synced 2026-06-10 17:23:59 -04:00
fix(core): Document CSRF token endpoint
Signed-off-by: provokateurin <kate@provokateurin.de>
This commit is contained in:
provokateurin
parent
d5bb37ab0d
commit
90e108e548
3 changed files with 99 additions and 2 deletions
|
|
@ -12,11 +12,9 @@ use OC\Security\CSRF\CsrfTokenManager;
|
|||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\Attribute\FrontpageRoute;
|
||||
use OCP\AppFramework\Http\Attribute\OpenAPI;
|
||||
use OCP\AppFramework\Http\JSONResponse;
|
||||
use OCP\IRequest;
|
||||
|
||||
#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
|
||||
class CSRFTokenController extends Controller {
|
||||
public function __construct(
|
||||
string $appName,
|
||||
|
|
@ -27,9 +25,16 @@ class CSRFTokenController extends Controller {
|
|||
}
|
||||
|
||||
/**
|
||||
* Returns a new CSRF token.
|
||||
*
|
||||
* @NoAdminRequired
|
||||
* @NoCSRFRequired
|
||||
* @PublicPage
|
||||
*
|
||||
* @return JSONResponse<Http::STATUS_OK, array{token: string}, array{}>|JSONResponse<Http::STATUS_FORBIDDEN, array<empty>, array{}>
|
||||
*
|
||||
* 200: CSRF token returned
|
||||
* 403: Strict cookie check failed
|
||||
*/
|
||||
#[FrontpageRoute(verb: 'GET', url: '/csrftoken')]
|
||||
public function index(): JSONResponse {
|
||||
|
|
|
|||
|
|
@ -7731,6 +7731,52 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"/index.php/csrftoken": {
|
||||
"get": {
|
||||
"operationId": "csrf_token-index",
|
||||
"summary": "Returns a new CSRF token.",
|
||||
"tags": [
|
||||
"csrf_token"
|
||||
],
|
||||
"security": [
|
||||
{},
|
||||
{
|
||||
"bearer_auth": []
|
||||
},
|
||||
{
|
||||
"basic_auth": []
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "CSRF token returned",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"type": "object",
|
||||
"required": [
|
||||
"token"
|
||||
],
|
||||
"properties": {
|
||||
"token": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"403": {
|
||||
"description": "Strict cookie check failed",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"/index.php/login/v2/poll": {
|
||||
"post": {
|
||||
"operationId": "client_flow_login_v2-poll",
|
||||
|
|
|
|||
|
|
@ -7731,6 +7731,52 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"/index.php/csrftoken": {
|
||||
"get": {
|
||||
"operationId": "csrf_token-index",
|
||||
"summary": "Returns a new CSRF token.",
|
||||
"tags": [
|
||||
"csrf_token"
|
||||
],
|
||||
"security": [
|
||||
{},
|
||||
{
|
||||
"bearer_auth": []
|
||||
},
|
||||
{
|
||||
"basic_auth": []
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "CSRF token returned",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"type": "object",
|
||||
"required": [
|
||||
"token"
|
||||
],
|
||||
"properties": {
|
||||
"token": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"403": {
|
||||
"description": "Strict cookie check failed",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"/index.php/login/v2/poll": {
|
||||
"post": {
|
||||
"operationId": "client_flow_login_v2-poll",
|
||||
|
|
|
|||
Loading…
Reference in a new issue