OVPAY-1826 - Added YAML for one time tokens for app sales (commit from Mirjam).

2025-12-01 10:06:39 +01:00 · 2025-12-01 10:06:39 +01:00 · f990a9844e
commit f990a9844e
parent 235ec95edb
1 changed files with 110 additions and 0 deletions
--- a/src/openapi/onetimetokens/onetimetokens.yaml
+++ b/src/openapi/onetimetokens/onetimetokens.yaml
@ -0,0 +1,110 @@
 openapi: 3.0.1
 info:
  title: Integratielaag APIs for one time tokens for a HTM customer
  description: >-
   Integratielaag APIs for one time tokens for a HTM customer. So that the a customer can be redirected between touchpoints, and the source of the request can be validated. NOTE : this is only to validate the redirect and the source of the redirect, touchpoint needs to make another call to take over the entra session.
  version: "1.0"
 servers:
  - url: https://api.integratielaag.nl/v1/touchpoint
 tags:
  - name: OneTimeTokens
    description: >-
      Service Engine APIs for HTM Customers. These are NOT the CRUD APIs to access raw data in the database.
      To be used by touchpoints to get information about HTM customers.
 paths:
  /one-time-tokens:
    post:
      tags:
        - OneTimeTokens
      summary: Create a one time token, to be included in the redirect
      description: |
        Create a one time token, to be included in the redirect
      parameters:
        - name: Authorization
          in: header
          required: true
          style: simple
          explode: false
          schema:
            type: string
            example: Bearer {WSO2 Token}
          description: Fill in a valid WSO2 Token for the touchpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/unavailable'
            example:
              {
                "nonce": "randomNonce123",
                "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q..."
              }
      responses:
        "201":
          description: OK
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/oneTimeTokenResponse"
  /one-time-tokens/validate:
    post:
      tags:
        - OneTimeTokens
      summary: Validate a received one time token 
      description: Validate a received one time token through the redirect, validates the source and validity of the token
      parameters:
        - name: Authorization
          in: header
          required: true
          style: simple
          explode: false
          schema:
            type: string
            example: Bearer {WSO2 Token}
          description: Fill in a valid WSO2 Token for the touchpoint
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/unavailable'
            example:
              {
                "token": "handoff-xyz987"
              }
      responses:
        "200":
          description: OK
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/unavailable"
              examples:
                logged in user:
                  summary: Logged in user
                  description: Logged in user
                  value: 
                    {
                     "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q..."
                    } 
                user not logged in:
                  summary: User not logged in
                  description: User not logged in
                  value: 
                    {}  
        "400":
          description: Bad request
        "401":
          description: Not authorized
 components:
  schemas:
    unavailable:
      type: object
    oneTimeTokenResponse:
      type: object
      properties:
        token:        
          type: string
          example: "handoff-xyz987"
        expires_in:        
          type: integer
          example: 120