diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2025-02-26 13:04:55 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2025-02-26 13:04:55 +0100 |
| commit | eb720241da3d786c6ec79f2325277fa4af23846f (patch) | |
| tree | 36e0e08699e55a56d247353d082cc0a2b8144999 /docs/swagger.go | |
| parent | [chore]: Bump golang.org/x/crypto from 0.33.0 to 0.34.0 (#3824) (diff) | |
| download | gotosocial-eb720241da3d786c6ec79f2325277fa4af23846f.tar.xz | |
[feature] Enforce OAuth token scopes (#3835)
* move tokenauth to apiutil
* enforce scopes
* docs
* update test models, remove deprecated "follow"
* file header
* tests
* tweak scope matcher
* simplify...
* fix tests
* log user out of settings panel in case of oauth error
Diffstat (limited to 'docs/swagger.go')
| -rw-r--r-- | docs/swagger.go | 44 |
1 files changed, 28 insertions, 16 deletions
diff --git a/docs/swagger.go b/docs/swagger.go index 73c9a3d9a..ecd03e6b9 100644 --- a/docs/swagger.go +++ b/docs/swagger.go @@ -32,32 +32,44 @@ // tokenUrl: https://example.org/oauth/token // scopes: // read: grants read access to everything -// read:accounts: grants read access to accounts -// read:blocks: grant read access to blocks -// read:custom_emojis: grant read access to custom_emojis -// read:favourites: grant read access to favourites -// read:filters: grant read access to filters -// read:follows: grant read access to follows -// read:lists: grant read access to lists -// read:media: grant read access to media -// read:mutes: grant read access to mutes -// read:search: grant read access to searches -// read:statuses: grants read access to statuses -// read:streaming: grants read access to streaming api -// read:user: grants read access to user-level info -// read:notifications: grants read access to notifications // write: grants write access to everything +// push: grants read/write access to push +// profile: grants read access to verify_credentials +// read:accounts: grants read access to accounts // write:accounts: grants write access to accounts +// read:blocks: grants read access to blocks // write:blocks: grants write access to blocks +// read:bookmarks: grants read access to bookmarks +// write:bookmarks: grants write access to bookmarks +// write:conversations: grants write access to conversations +// read:favourites: grants read access to accounts +// write:favourites: grants write access to favourites +// read:filters: grants read access to filters // write:filters: grants write access to filters +// read:follows: grants read access to follows // write:follows: grants write access to follows +// read:lists: grants read access to lists // write:lists: grants write access to lists // write:media: grants write access to media +// read:mutes: grants read access to mutes // write:mutes: grants write access to mutes +// read:notifications: grants read access to notifications +// write:notifications: grants write access to notifications +// write:reports: grants write access to reports +// read:search: grants read access to search +// read:statuses: grants read access to statuses // write:statuses: grants write access to statuses -// write:user: grants write access to user-level info // admin: grants admin access to everything -// admin:accounts: grants admin access to accounts +// admin:read: grants admin read access to everything +// admin:write: grants admin write access to everything +// admin:read:accounts: grants admin read access to accounts +// admin:write:accounts: grants write read access to accounts +// admin:read:reports: grants admin read access to reports +// admin:write:reports: grants admin write access to reports +// admin:read:domain_allows: grants admin read access to domain_allows +// admin:write:domain_allows: grants admin write access to domain_allows +// admin:read:domain_blocks: grants admin read access to domain_blocks +// admin:write:domain_blocks: grants write read access to domain_blocks // OAuth2 Application: // type: oauth2 // flow: application |