@djangocfg/api 2.1.441 → 2.1.442
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth-server.cjs +53 -119
- package/dist/auth-server.cjs.map +1 -1
- package/dist/auth-server.mjs +53 -119
- package/dist/auth-server.mjs.map +1 -1
- package/dist/auth.cjs +222 -277
- package/dist/auth.cjs.map +1 -1
- package/dist/auth.mjs +222 -277
- package/dist/auth.mjs.map +1 -1
- package/dist/clients.cjs +53 -119
- package/dist/clients.cjs.map +1 -1
- package/dist/clients.d.cts +50 -1
- package/dist/clients.d.ts +50 -1
- package/dist/clients.mjs +53 -119
- package/dist/clients.mjs.map +1 -1
- package/dist/hooks.cjs +102 -20
- package/dist/hooks.cjs.map +1 -1
- package/dist/hooks.d.cts +13 -0
- package/dist/hooks.d.ts +13 -0
- package/dist/hooks.mjs +102 -20
- package/dist/hooks.mjs.map +1 -1
- package/dist/index.cjs +53 -119
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +70 -5
- package/dist/index.d.ts +70 -5
- package/dist/index.mjs +53 -119
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
- package/src/_api/generated/_cfg_accounts/hooks/index.ts +1 -0
- package/src/_api/generated/_cfg_accounts/hooks/useCfgAccountsApiKeyRevealCreate.ts +64 -0
- package/src/_api/generated/_cfg_accounts/openapi.json +92 -15
- package/src/_api/generated/_cfg_accounts/schemas/APIKeyReveal.ts +13 -0
- package/src/_api/generated/_cfg_accounts/schemas/index.ts +1 -0
- package/src/_api/generated/_cfg_centrifugo/openapi.json +0 -5
- package/src/_api/generated/_cfg_totp/openapi.json +0 -5
- package/src/_api/generated/client/index.ts +1 -0
- package/src/_api/generated/core/params.gen.ts +18 -11
- package/src/_api/generated/core/types.gen.ts +6 -0
- package/src/_api/generated/openapi.json +92 -15
- package/src/_api/generated/sdk.gen.ts +57 -122
- package/src/_api/generated/types.gen.ts +38 -0
- package/src/hooks/useApiKey.ts +30 -2
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@djangocfg/api",
|
|
3
|
-
"version": "2.1.
|
|
3
|
+
"version": "2.1.442",
|
|
4
4
|
"description": "Auto-generated TypeScript API client with React hooks, SWR integration, and Zod validation for Django REST Framework backends",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"django",
|
|
@@ -84,7 +84,7 @@
|
|
|
84
84
|
"devDependencies": {
|
|
85
85
|
"@types/node": "^25.2.3",
|
|
86
86
|
"@types/react": "^19.2.15",
|
|
87
|
-
"@djangocfg/typescript-config": "^2.1.
|
|
87
|
+
"@djangocfg/typescript-config": "^2.1.442",
|
|
88
88
|
"next": "^16.2.2",
|
|
89
89
|
"react": "^19.2.4",
|
|
90
90
|
"tsup": "^8.5.0",
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
|
|
4
4
|
export { useCfgAccountsApiKeyRegenerateCreate } from "./useCfgAccountsApiKeyRegenerateCreate";
|
|
5
5
|
export { useCfgAccountsApiKeyRetrieve } from "./useCfgAccountsApiKeyRetrieve";
|
|
6
|
+
export { useCfgAccountsApiKeyRevealCreate } from "./useCfgAccountsApiKeyRevealCreate";
|
|
6
7
|
export { useCfgAccountsApiKeyTestCreate } from "./useCfgAccountsApiKeyTestCreate";
|
|
7
8
|
export { useCfgAccountsOauthConnectionsList } from "./useCfgAccountsOauthConnectionsList";
|
|
8
9
|
export { useCfgAccountsOauthDisconnectCreate } from "./useCfgAccountsOauthDisconnectCreate";
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
'use client';
|
|
2
|
+
|
|
3
|
+
// AUTO-GENERATED by openapi_processor / ts.hooks
|
|
4
|
+
// Reveal API key
|
|
5
|
+
// DO NOT EDIT — re-run `make gen`.
|
|
6
|
+
|
|
7
|
+
import useSWRMutation from "swr/mutation";
|
|
8
|
+
import type { SWRMutationConfiguration } from "swr/mutation";
|
|
9
|
+
import { CfgAccountsApiKey } from "../../sdk.gen";
|
|
10
|
+
import type { CfgAccountsApiKeyRevealCreateData, CfgAccountsApiKeyRevealCreateResponses } from "../../types.gen";
|
|
11
|
+
import { APIKeyRevealSchema } from "../schemas/APIKeyReveal";
|
|
12
|
+
|
|
13
|
+
type Args = Omit<CfgAccountsApiKeyRevealCreateData, "url">;
|
|
14
|
+
type Result = CfgAccountsApiKeyRevealCreateResponses[keyof CfgAccountsApiKeyRevealCreateResponses];
|
|
15
|
+
|
|
16
|
+
export function useCfgAccountsApiKeyRevealCreate(
|
|
17
|
+
config?: SWRMutationConfiguration<Result, Error, readonly ["cfg_accounts_api_key_reveal_create"], Args>,
|
|
18
|
+
) {
|
|
19
|
+
return useSWRMutation<Result, Error, readonly ["cfg_accounts_api_key_reveal_create"], Args>(
|
|
20
|
+
["cfg_accounts_api_key_reveal_create"] as const,
|
|
21
|
+
async (_key, { arg }: { arg: Args }) => {
|
|
22
|
+
const res = await CfgAccountsApiKey.cfgAccountsApiKeyRevealCreate({ ...arg, throwOnError: true } as never);
|
|
23
|
+
const data = res.data as Result;
|
|
24
|
+
const parsed = APIKeyRevealSchema.safeParse(data);
|
|
25
|
+
if (!parsed.success) {
|
|
26
|
+
// Log first so the failure is always visible, even if the
|
|
27
|
+
// event handler swallows it.
|
|
28
|
+
console.warn(
|
|
29
|
+
"[zod] response did not match schema",
|
|
30
|
+
{
|
|
31
|
+
operation: "cfg_accounts_api_key_reveal_create",
|
|
32
|
+
method: "POST",
|
|
33
|
+
path: "/cfg/accounts/api-key/reveal/",
|
|
34
|
+
issues: parsed.error.issues,
|
|
35
|
+
data,
|
|
36
|
+
},
|
|
37
|
+
);
|
|
38
|
+
if (typeof window !== "undefined") {
|
|
39
|
+
try {
|
|
40
|
+
window.dispatchEvent(
|
|
41
|
+
new CustomEvent("zod-validation-error", {
|
|
42
|
+
detail: {
|
|
43
|
+
operation: "cfg_accounts_api_key_reveal_create",
|
|
44
|
+
method: "POST",
|
|
45
|
+
path: "/cfg/accounts/api-key/reveal/",
|
|
46
|
+
issues: parsed.error.issues,
|
|
47
|
+
data,
|
|
48
|
+
timestamp: new Date(),
|
|
49
|
+
},
|
|
50
|
+
bubbles: true,
|
|
51
|
+
cancelable: false,
|
|
52
|
+
}),
|
|
53
|
+
);
|
|
54
|
+
} catch {
|
|
55
|
+
// Event dispatch is best-effort.
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
return data;
|
|
59
|
+
}
|
|
60
|
+
return parsed.data as unknown as Result;
|
|
61
|
+
},
|
|
62
|
+
config,
|
|
63
|
+
);
|
|
64
|
+
}
|
|
@@ -16,7 +16,7 @@
|
|
|
16
16
|
],
|
|
17
17
|
"security": [
|
|
18
18
|
{
|
|
19
|
-
"
|
|
19
|
+
"jwtAuthWithLastLogin": []
|
|
20
20
|
},
|
|
21
21
|
{
|
|
22
22
|
"cookieAuth": []
|
|
@@ -70,7 +70,7 @@
|
|
|
70
70
|
},
|
|
71
71
|
"security": [
|
|
72
72
|
{
|
|
73
|
-
"
|
|
73
|
+
"jwtAuthWithLastLogin": []
|
|
74
74
|
},
|
|
75
75
|
{
|
|
76
76
|
"cookieAuth": []
|
|
@@ -113,6 +113,60 @@
|
|
|
113
113
|
"x-async-capable": false
|
|
114
114
|
}
|
|
115
115
|
},
|
|
116
|
+
"/cfg/accounts/api-key/reveal/": {
|
|
117
|
+
"post": {
|
|
118
|
+
"operationId": "cfg_accounts_api_key_reveal_create",
|
|
119
|
+
"description": "Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.",
|
|
120
|
+
"summary": "Reveal API key",
|
|
121
|
+
"tags": [
|
|
122
|
+
"cfg_accounts_api_key"
|
|
123
|
+
],
|
|
124
|
+
"requestBody": {
|
|
125
|
+
"content": {
|
|
126
|
+
"application/json": {
|
|
127
|
+
"schema": {
|
|
128
|
+
"$ref": "#/components/schemas/APIKeyRequest"
|
|
129
|
+
}
|
|
130
|
+
}
|
|
131
|
+
},
|
|
132
|
+
"required": true
|
|
133
|
+
},
|
|
134
|
+
"security": [
|
|
135
|
+
{
|
|
136
|
+
"jwtAuthWithLastLogin": []
|
|
137
|
+
},
|
|
138
|
+
{
|
|
139
|
+
"cookieAuth": []
|
|
140
|
+
},
|
|
141
|
+
{
|
|
142
|
+
"apiKeyAuth": []
|
|
143
|
+
}
|
|
144
|
+
],
|
|
145
|
+
"responses": {
|
|
146
|
+
"200": {
|
|
147
|
+
"content": {
|
|
148
|
+
"application/json": {
|
|
149
|
+
"schema": {
|
|
150
|
+
"$ref": "#/components/schemas/APIKeyReveal"
|
|
151
|
+
}
|
|
152
|
+
}
|
|
153
|
+
},
|
|
154
|
+
"description": ""
|
|
155
|
+
},
|
|
156
|
+
"401": {
|
|
157
|
+
"content": {
|
|
158
|
+
"application/json": {
|
|
159
|
+
"schema": {
|
|
160
|
+
"description": "Authentication credentials were not provided."
|
|
161
|
+
}
|
|
162
|
+
}
|
|
163
|
+
},
|
|
164
|
+
"description": ""
|
|
165
|
+
}
|
|
166
|
+
},
|
|
167
|
+
"x-async-capable": false
|
|
168
|
+
}
|
|
169
|
+
},
|
|
116
170
|
"/cfg/accounts/api-key/test/": {
|
|
117
171
|
"post": {
|
|
118
172
|
"operationId": "cfg_accounts_api_key_test_create",
|
|
@@ -133,7 +187,7 @@
|
|
|
133
187
|
},
|
|
134
188
|
"security": [
|
|
135
189
|
{
|
|
136
|
-
"
|
|
190
|
+
"jwtAuthWithLastLogin": []
|
|
137
191
|
},
|
|
138
192
|
{
|
|
139
193
|
"cookieAuth": []
|
|
@@ -532,7 +586,7 @@
|
|
|
532
586
|
],
|
|
533
587
|
"security": [
|
|
534
588
|
{
|
|
535
|
-
"
|
|
589
|
+
"jwtAuthWithLastLogin": []
|
|
536
590
|
},
|
|
537
591
|
{
|
|
538
592
|
"cookieAuth": []
|
|
@@ -643,7 +697,7 @@
|
|
|
643
697
|
],
|
|
644
698
|
"security": [
|
|
645
699
|
{
|
|
646
|
-
"
|
|
700
|
+
"jwtAuthWithLastLogin": []
|
|
647
701
|
},
|
|
648
702
|
{
|
|
649
703
|
"cookieAuth": []
|
|
@@ -715,7 +769,7 @@
|
|
|
715
769
|
},
|
|
716
770
|
"security": [
|
|
717
771
|
{
|
|
718
|
-
"
|
|
772
|
+
"jwtAuthWithLastLogin": []
|
|
719
773
|
},
|
|
720
774
|
{
|
|
721
775
|
"cookieAuth": []
|
|
@@ -785,7 +839,7 @@
|
|
|
785
839
|
},
|
|
786
840
|
"security": [
|
|
787
841
|
{
|
|
788
|
-
"
|
|
842
|
+
"jwtAuthWithLastLogin": []
|
|
789
843
|
},
|
|
790
844
|
{
|
|
791
845
|
"cookieAuth": []
|
|
@@ -857,7 +911,7 @@
|
|
|
857
911
|
},
|
|
858
912
|
"security": [
|
|
859
913
|
{
|
|
860
|
-
"
|
|
914
|
+
"jwtAuthWithLastLogin": []
|
|
861
915
|
},
|
|
862
916
|
{
|
|
863
917
|
"cookieAuth": []
|
|
@@ -927,7 +981,7 @@
|
|
|
927
981
|
},
|
|
928
982
|
"security": [
|
|
929
983
|
{
|
|
930
|
-
"
|
|
984
|
+
"jwtAuthWithLastLogin": []
|
|
931
985
|
},
|
|
932
986
|
{
|
|
933
987
|
"cookieAuth": []
|
|
@@ -971,7 +1025,7 @@
|
|
|
971
1025
|
"/cfg/accounts/token/refresh/": {
|
|
972
1026
|
"post": {
|
|
973
1027
|
"operationId": "cfg_accounts_token_refresh_create",
|
|
974
|
-
"description": "Refresh JWT token.",
|
|
1028
|
+
"description": "Refresh JWT token.\n\nDPoP-aware: when the incoming refresh token is key-bound (`cnf.jkt`), the\nrotated access/refresh in the response are re-stamped with the same `cnf`\n(stock SimpleJWT drops it from the derived access), and a matching DPoP\nproof is required on the refresh request — so a stolen refresh token can't\nbe used to mint fresh tokens.",
|
|
975
1029
|
"tags": [
|
|
976
1030
|
"cfg_accounts_auth"
|
|
977
1031
|
],
|
|
@@ -1079,6 +1133,34 @@
|
|
|
1079
1133
|
"reissued_at"
|
|
1080
1134
|
]
|
|
1081
1135
|
},
|
|
1136
|
+
"APIKeyReveal": {
|
|
1137
|
+
"type": "object",
|
|
1138
|
+
"description": "Serializer for revealing the current (unrotated) full API key.",
|
|
1139
|
+
"properties": {
|
|
1140
|
+
"key": {
|
|
1141
|
+
"type": "string",
|
|
1142
|
+
"description": "Full API key (current value, not rotated)"
|
|
1143
|
+
},
|
|
1144
|
+
"created_at": {
|
|
1145
|
+
"type": "string",
|
|
1146
|
+
"format": "date-time",
|
|
1147
|
+
"description": "When the key was created"
|
|
1148
|
+
},
|
|
1149
|
+
"reissued_at": {
|
|
1150
|
+
"type": [
|
|
1151
|
+
"string",
|
|
1152
|
+
"null"
|
|
1153
|
+
],
|
|
1154
|
+
"format": "date-time",
|
|
1155
|
+
"description": "When the key was last regenerated"
|
|
1156
|
+
}
|
|
1157
|
+
},
|
|
1158
|
+
"required": [
|
|
1159
|
+
"created_at",
|
|
1160
|
+
"key",
|
|
1161
|
+
"reissued_at"
|
|
1162
|
+
]
|
|
1163
|
+
},
|
|
1082
1164
|
"APIKeyTestRequest": {
|
|
1083
1165
|
"type": "object",
|
|
1084
1166
|
"description": "Serializer for testing an API key.",
|
|
@@ -1800,11 +1882,6 @@
|
|
|
1800
1882
|
"in": "cookie",
|
|
1801
1883
|
"name": "sessionid"
|
|
1802
1884
|
},
|
|
1803
|
-
"jwtAuth": {
|
|
1804
|
-
"type": "http",
|
|
1805
|
-
"scheme": "bearer",
|
|
1806
|
-
"bearerFormat": "JWT"
|
|
1807
|
-
},
|
|
1808
1885
|
"jwtAuthWithLastLogin": {
|
|
1809
1886
|
"type": "http",
|
|
1810
1887
|
"scheme": "bearer",
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
// AUTO-GENERATED by cmdop_server / devtools.generator.ts_extras
|
|
2
|
+
// Source: OpenAPI 3.1 components.schemas
|
|
3
|
+
// DO NOT EDIT — re-run `make gen-clients`.
|
|
4
|
+
|
|
5
|
+
import { z } from "zod";
|
|
6
|
+
|
|
7
|
+
export const APIKeyRevealSchema = z.object({
|
|
8
|
+
key: z.string(),
|
|
9
|
+
created_at: z.string().datetime({ offset: true }),
|
|
10
|
+
reissued_at: z.string().datetime({ offset: true }).nullable(),
|
|
11
|
+
});
|
|
12
|
+
|
|
13
|
+
export type APIKeyReveal = z.infer<typeof APIKeyRevealSchema>;
|
|
@@ -10,6 +10,7 @@ export {
|
|
|
10
10
|
export { buildClientParams } from '../core/params.gen';
|
|
11
11
|
export { serializeQueryKeyValue } from '../core/queryKeySerializer.gen';
|
|
12
12
|
export type { ServerSentEventsResult } from '../core/serverSentEvents.gen';
|
|
13
|
+
export type { ClientMeta } from '../core/types.gen';
|
|
13
14
|
export { createClient } from './client.gen';
|
|
14
15
|
export type {
|
|
15
16
|
Client,
|
|
@@ -88,16 +88,15 @@ function buildKeyMap(fields: FieldsConfig, map?: KeyMap): KeyMap {
|
|
|
88
88
|
}
|
|
89
89
|
|
|
90
90
|
interface Params {
|
|
91
|
-
body
|
|
91
|
+
body?: unknown;
|
|
92
92
|
headers: Record<string, unknown>;
|
|
93
93
|
path: Record<string, unknown>;
|
|
94
94
|
query: Record<string, unknown>;
|
|
95
95
|
}
|
|
96
96
|
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
function stripEmptySlots(params: ParamsSlotMap): void {
|
|
97
|
+
function stripEmptySlots(params: Params): void {
|
|
100
98
|
for (const [slot, value] of Object.entries(params)) {
|
|
99
|
+
if (slot === 'body') continue;
|
|
101
100
|
if (value && typeof value === 'object' && !Array.isArray(value) && !Object.keys(value).length) {
|
|
102
101
|
delete params[slot as Slot];
|
|
103
102
|
}
|
|
@@ -105,8 +104,7 @@ function stripEmptySlots(params: ParamsSlotMap): void {
|
|
|
105
104
|
}
|
|
106
105
|
|
|
107
106
|
export function buildClientParams(args: ReadonlyArray<unknown>, fields: FieldsConfig): Params {
|
|
108
|
-
const params:
|
|
109
|
-
body: Object.create(null),
|
|
107
|
+
const params: Params = {
|
|
110
108
|
headers: Object.create(null),
|
|
111
109
|
path: Object.create(null),
|
|
112
110
|
query: Object.create(null),
|
|
@@ -114,6 +112,15 @@ export function buildClientParams(args: ReadonlyArray<unknown>, fields: FieldsCo
|
|
|
114
112
|
|
|
115
113
|
const map = buildKeyMap(fields);
|
|
116
114
|
|
|
115
|
+
function writeSlot(slot: Slot, key: string, value: unknown): void {
|
|
116
|
+
let record = params[slot] as Record<string, unknown> | undefined;
|
|
117
|
+
if (record === undefined) {
|
|
118
|
+
record = Object.create(null) as Record<string, unknown>;
|
|
119
|
+
params[slot] = record;
|
|
120
|
+
}
|
|
121
|
+
record[key] = value;
|
|
122
|
+
}
|
|
123
|
+
|
|
117
124
|
let config: FieldsConfig[number] | undefined;
|
|
118
125
|
|
|
119
126
|
for (const [index, arg] of args.entries()) {
|
|
@@ -130,7 +137,7 @@ export function buildClientParams(args: ReadonlyArray<unknown>, fields: FieldsCo
|
|
|
130
137
|
const field = map.get(config.key)!;
|
|
131
138
|
const name = field.map || config.key;
|
|
132
139
|
if (field.in) {
|
|
133
|
-
(
|
|
140
|
+
writeSlot(field.in, name, arg);
|
|
134
141
|
}
|
|
135
142
|
} else {
|
|
136
143
|
params.body = arg;
|
|
@@ -142,7 +149,7 @@ export function buildClientParams(args: ReadonlyArray<unknown>, fields: FieldsCo
|
|
|
142
149
|
if (field) {
|
|
143
150
|
if (field.in) {
|
|
144
151
|
const name = field.map || key;
|
|
145
|
-
(
|
|
152
|
+
writeSlot(field.in, name, value);
|
|
146
153
|
} else {
|
|
147
154
|
params[field.map] = value;
|
|
148
155
|
}
|
|
@@ -151,11 +158,11 @@ export function buildClientParams(args: ReadonlyArray<unknown>, fields: FieldsCo
|
|
|
151
158
|
|
|
152
159
|
if (extra) {
|
|
153
160
|
const [prefix, slot] = extra;
|
|
154
|
-
(
|
|
161
|
+
writeSlot(slot, key.slice(prefix.length), value);
|
|
155
162
|
} else if ('allowExtra' in config && config.allowExtra) {
|
|
156
163
|
for (const [slot, allowed] of Object.entries(config.allowExtra)) {
|
|
157
164
|
if (allowed) {
|
|
158
|
-
(
|
|
165
|
+
writeSlot(slot as Slot, key, value);
|
|
159
166
|
break;
|
|
160
167
|
}
|
|
161
168
|
}
|
|
@@ -167,5 +174,5 @@ export function buildClientParams(args: ReadonlyArray<unknown>, fields: FieldsCo
|
|
|
167
174
|
|
|
168
175
|
stripEmptySlots(params);
|
|
169
176
|
|
|
170
|
-
return params
|
|
177
|
+
return params;
|
|
171
178
|
}
|
|
@@ -91,6 +91,12 @@ export interface Config {
|
|
|
91
91
|
responseValidator?: (data: unknown) => Promise<unknown>;
|
|
92
92
|
}
|
|
93
93
|
|
|
94
|
+
/**
|
|
95
|
+
* Arbitrary metadata passed through the `meta` request option.
|
|
96
|
+
*/
|
|
97
|
+
// eslint-disable-next-line @typescript-eslint/no-empty-object-type
|
|
98
|
+
export interface ClientMeta {}
|
|
99
|
+
|
|
94
100
|
type IsExactlyNeverOrNeverUndefined<T> = [T] extends [never]
|
|
95
101
|
? true
|
|
96
102
|
: [T] extends [never | undefined]
|
|
@@ -16,7 +16,7 @@
|
|
|
16
16
|
],
|
|
17
17
|
"security": [
|
|
18
18
|
{
|
|
19
|
-
"
|
|
19
|
+
"jwtAuthWithLastLogin": []
|
|
20
20
|
},
|
|
21
21
|
{
|
|
22
22
|
"cookieAuth": []
|
|
@@ -70,7 +70,7 @@
|
|
|
70
70
|
},
|
|
71
71
|
"security": [
|
|
72
72
|
{
|
|
73
|
-
"
|
|
73
|
+
"jwtAuthWithLastLogin": []
|
|
74
74
|
},
|
|
75
75
|
{
|
|
76
76
|
"cookieAuth": []
|
|
@@ -113,6 +113,60 @@
|
|
|
113
113
|
"x-async-capable": false
|
|
114
114
|
}
|
|
115
115
|
},
|
|
116
|
+
"/cfg/accounts/api-key/reveal/": {
|
|
117
|
+
"post": {
|
|
118
|
+
"operationId": "cfg_accounts_api_key_reveal_create",
|
|
119
|
+
"description": "Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.",
|
|
120
|
+
"summary": "Reveal API key",
|
|
121
|
+
"tags": [
|
|
122
|
+
"cfg_accounts_api_key"
|
|
123
|
+
],
|
|
124
|
+
"requestBody": {
|
|
125
|
+
"content": {
|
|
126
|
+
"application/json": {
|
|
127
|
+
"schema": {
|
|
128
|
+
"$ref": "#/components/schemas/APIKeyRequest"
|
|
129
|
+
}
|
|
130
|
+
}
|
|
131
|
+
},
|
|
132
|
+
"required": true
|
|
133
|
+
},
|
|
134
|
+
"security": [
|
|
135
|
+
{
|
|
136
|
+
"jwtAuthWithLastLogin": []
|
|
137
|
+
},
|
|
138
|
+
{
|
|
139
|
+
"cookieAuth": []
|
|
140
|
+
},
|
|
141
|
+
{
|
|
142
|
+
"apiKeyAuth": []
|
|
143
|
+
}
|
|
144
|
+
],
|
|
145
|
+
"responses": {
|
|
146
|
+
"200": {
|
|
147
|
+
"content": {
|
|
148
|
+
"application/json": {
|
|
149
|
+
"schema": {
|
|
150
|
+
"$ref": "#/components/schemas/APIKeyReveal"
|
|
151
|
+
}
|
|
152
|
+
}
|
|
153
|
+
},
|
|
154
|
+
"description": ""
|
|
155
|
+
},
|
|
156
|
+
"401": {
|
|
157
|
+
"content": {
|
|
158
|
+
"application/json": {
|
|
159
|
+
"schema": {
|
|
160
|
+
"description": "Authentication credentials were not provided."
|
|
161
|
+
}
|
|
162
|
+
}
|
|
163
|
+
},
|
|
164
|
+
"description": ""
|
|
165
|
+
}
|
|
166
|
+
},
|
|
167
|
+
"x-async-capable": false
|
|
168
|
+
}
|
|
169
|
+
},
|
|
116
170
|
"/cfg/accounts/api-key/test/": {
|
|
117
171
|
"post": {
|
|
118
172
|
"operationId": "cfg_accounts_api_key_test_create",
|
|
@@ -133,7 +187,7 @@
|
|
|
133
187
|
},
|
|
134
188
|
"security": [
|
|
135
189
|
{
|
|
136
|
-
"
|
|
190
|
+
"jwtAuthWithLastLogin": []
|
|
137
191
|
},
|
|
138
192
|
{
|
|
139
193
|
"cookieAuth": []
|
|
@@ -524,7 +578,7 @@
|
|
|
524
578
|
],
|
|
525
579
|
"security": [
|
|
526
580
|
{
|
|
527
|
-
"
|
|
581
|
+
"jwtAuthWithLastLogin": []
|
|
528
582
|
},
|
|
529
583
|
{
|
|
530
584
|
"cookieAuth": []
|
|
@@ -635,7 +689,7 @@
|
|
|
635
689
|
],
|
|
636
690
|
"security": [
|
|
637
691
|
{
|
|
638
|
-
"
|
|
692
|
+
"jwtAuthWithLastLogin": []
|
|
639
693
|
},
|
|
640
694
|
{
|
|
641
695
|
"cookieAuth": []
|
|
@@ -707,7 +761,7 @@
|
|
|
707
761
|
},
|
|
708
762
|
"security": [
|
|
709
763
|
{
|
|
710
|
-
"
|
|
764
|
+
"jwtAuthWithLastLogin": []
|
|
711
765
|
},
|
|
712
766
|
{
|
|
713
767
|
"cookieAuth": []
|
|
@@ -777,7 +831,7 @@
|
|
|
777
831
|
},
|
|
778
832
|
"security": [
|
|
779
833
|
{
|
|
780
|
-
"
|
|
834
|
+
"jwtAuthWithLastLogin": []
|
|
781
835
|
},
|
|
782
836
|
{
|
|
783
837
|
"cookieAuth": []
|
|
@@ -849,7 +903,7 @@
|
|
|
849
903
|
},
|
|
850
904
|
"security": [
|
|
851
905
|
{
|
|
852
|
-
"
|
|
906
|
+
"jwtAuthWithLastLogin": []
|
|
853
907
|
},
|
|
854
908
|
{
|
|
855
909
|
"cookieAuth": []
|
|
@@ -919,7 +973,7 @@
|
|
|
919
973
|
},
|
|
920
974
|
"security": [
|
|
921
975
|
{
|
|
922
|
-
"
|
|
976
|
+
"jwtAuthWithLastLogin": []
|
|
923
977
|
},
|
|
924
978
|
{
|
|
925
979
|
"cookieAuth": []
|
|
@@ -963,7 +1017,7 @@
|
|
|
963
1017
|
"/cfg/accounts/token/refresh/": {
|
|
964
1018
|
"post": {
|
|
965
1019
|
"operationId": "cfg_accounts_token_refresh_create",
|
|
966
|
-
"description": "Refresh JWT token.",
|
|
1020
|
+
"description": "Refresh JWT token.\n\nDPoP-aware: when the incoming refresh token is key-bound (`cnf.jkt`), the\nrotated access/refresh in the response are re-stamped with the same `cnf`\n(stock SimpleJWT drops it from the derived access), and a matching DPoP\nproof is required on the refresh request — so a stolen refresh token can't\nbe used to mint fresh tokens.",
|
|
967
1021
|
"tags": [
|
|
968
1022
|
"cfg_accounts_auth"
|
|
969
1023
|
],
|
|
@@ -1527,6 +1581,34 @@
|
|
|
1527
1581
|
"reissued_at"
|
|
1528
1582
|
]
|
|
1529
1583
|
},
|
|
1584
|
+
"APIKeyReveal": {
|
|
1585
|
+
"type": "object",
|
|
1586
|
+
"description": "Serializer for revealing the current (unrotated) full API key.",
|
|
1587
|
+
"properties": {
|
|
1588
|
+
"key": {
|
|
1589
|
+
"type": "string",
|
|
1590
|
+
"description": "Full API key (current value, not rotated)"
|
|
1591
|
+
},
|
|
1592
|
+
"created_at": {
|
|
1593
|
+
"type": "string",
|
|
1594
|
+
"format": "date-time",
|
|
1595
|
+
"description": "When the key was created"
|
|
1596
|
+
},
|
|
1597
|
+
"reissued_at": {
|
|
1598
|
+
"type": [
|
|
1599
|
+
"string",
|
|
1600
|
+
"null"
|
|
1601
|
+
],
|
|
1602
|
+
"format": "date-time",
|
|
1603
|
+
"description": "When the key was last regenerated"
|
|
1604
|
+
}
|
|
1605
|
+
},
|
|
1606
|
+
"required": [
|
|
1607
|
+
"created_at",
|
|
1608
|
+
"key",
|
|
1609
|
+
"reissued_at"
|
|
1610
|
+
]
|
|
1611
|
+
},
|
|
1530
1612
|
"APIKeyTestRequest": {
|
|
1531
1613
|
"type": "object",
|
|
1532
1614
|
"description": "Serializer for testing an API key.",
|
|
@@ -2778,11 +2860,6 @@
|
|
|
2778
2860
|
"in": "cookie",
|
|
2779
2861
|
"name": "sessionid"
|
|
2780
2862
|
},
|
|
2781
|
-
"jwtAuth": {
|
|
2782
|
-
"type": "http",
|
|
2783
|
-
"scheme": "bearer",
|
|
2784
|
-
"bearerFormat": "JWT"
|
|
2785
|
-
},
|
|
2786
2863
|
"jwtAuthWithLastLogin": {
|
|
2787
2864
|
"type": "http",
|
|
2788
2865
|
"scheme": "bearer",
|