OVPAY-1826 - Added YAML for one time tokens for app sales (commit from Mirjam).

src/openapi/onetimetokens/onetimetokens.yaml

@@ -0,0 +1,110 @@
+openapi: 3.0.1
+info:
+  title: Integratielaag APIs for one time tokens for a HTM customer
+  description: >-
+   Integratielaag APIs for one time tokens for a HTM customer. So that the a customer can be redirected between touchpoints, and the source of the request can be validated. NOTE : this is only to validate the redirect and the source of the redirect, touchpoint needs to make another call to take over the entra session.
+  version: "1.0"
+servers:
+  - url: https://api.integratielaag.nl/v1/touchpoint
+tags:
+  - name: OneTimeTokens
+    description: >-
+      Service Engine APIs for HTM Customers. These are NOT the CRUD APIs to access raw data in the database.
+      To be used by touchpoints to get information about HTM customers.
+paths:
+  /one-time-tokens:
+    post:
+      tags:
+        - OneTimeTokens
+      summary: Create a one time token, to be included in the redirect
+      description: |
+        Create a one time token, to be included in the redirect
+      parameters:
+        - name: Authorization
+          in: header
+          required: true
+          style: simple
+          explode: false
+          schema:
+            type: string
+            example: Bearer {WSO2 Token}
+          description: Fill in a valid WSO2 Token for the touchpoint
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/unavailable'
+            example:
+              {
+                "nonce": "randomNonce123",
+                "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q..."
+              }
+      responses:
+        "201":
+          description: OK
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/oneTimeTokenResponse"
+  /one-time-tokens/validate:
+    post:
+      tags:
+        - OneTimeTokens
+      summary: Validate a received one time token 
+      description: Validate a received one time token through the redirect, validates the source and validity of the token
+      parameters:
+        - name: Authorization
+          in: header
+          required: true
+          style: simple
+          explode: false
+          schema:
+            type: string
+            example: Bearer {WSO2 Token}
+          description: Fill in a valid WSO2 Token for the touchpoint
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/unavailable'
+            example:
+              {
+                "token": "handoff-xyz987"
+              }
+      responses:
+        "200":
+          description: OK
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/unavailable"
+              examples:
+                logged in user:
+                  summary: Logged in user
+                  description: Logged in user
+                  value: 
+                    {
+                     "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q..."
+                    } 
+                user not logged in:
+                  summary: User not logged in
+                  description: User not logged in
+                  value: 
+                    {}  
+        "400":
+          description: Bad request
+        "401":
+          description: Not authorized
+components:
+  schemas:
+    unavailable:
+      type: object
+    oneTimeTokenResponse:
+      type: object
+      properties:
+        token:        
+          type: string
+          example: "handoff-xyz987"
+        expires_in:        
+          type: integer
+          example: 120