mirror of
https://github.com/openziti/zrok.git
synced 2024-12-04 22:11:13 +01:00
1076 lines
21 KiB
YAML
1076 lines
21 KiB
YAML
info:
|
|
description: zrok client access
|
|
title: zrok
|
|
version: 0.3.0
|
|
|
|
basePath: /api/v1
|
|
|
|
securityDefinitions:
|
|
key:
|
|
type: apiKey
|
|
in: header
|
|
name: x-token
|
|
|
|
paths:
|
|
#
|
|
# account
|
|
#
|
|
/invite:
|
|
post:
|
|
tags:
|
|
- account
|
|
operationId: invite
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/inviteRequest"
|
|
responses:
|
|
201:
|
|
description: invitation created
|
|
400:
|
|
description: invitation not created (already exists)
|
|
schema:
|
|
$ref: '#/definitions/errorMessage'
|
|
401:
|
|
description: unauthorized
|
|
500:
|
|
description: internal server error
|
|
|
|
/login:
|
|
post:
|
|
tags:
|
|
- account
|
|
operationId: login
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/loginRequest"
|
|
responses:
|
|
200:
|
|
description: login successful
|
|
schema:
|
|
$ref: "#/definitions/loginResponse"
|
|
401:
|
|
description: invalid login
|
|
|
|
/register:
|
|
post:
|
|
tags:
|
|
- account
|
|
operationId: register
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/registerRequest"
|
|
responses:
|
|
200:
|
|
description: account created
|
|
schema:
|
|
$ref: "#/definitions/registerResponse"
|
|
404:
|
|
description: request not found
|
|
422:
|
|
description: password validation failure
|
|
schema:
|
|
$ref: '#/definitions/errorMessage'
|
|
500:
|
|
description: internal server error
|
|
|
|
/resetPassword:
|
|
post:
|
|
tags:
|
|
- account
|
|
operationId: resetPassword
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/resetPasswordRequest"
|
|
responses:
|
|
200:
|
|
description: password reset
|
|
404:
|
|
description: request not found
|
|
422:
|
|
description: password validation failure
|
|
schema:
|
|
$ref: '#/definitions/errorMessage'
|
|
500:
|
|
description: internal server error
|
|
|
|
/resetPasswordRequest:
|
|
post:
|
|
tags:
|
|
- account
|
|
operationId: resetPasswordRequest
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
properties:
|
|
emailAddress:
|
|
type: string
|
|
responses:
|
|
201:
|
|
description: forgot password request created
|
|
400:
|
|
description: forgot password request not created
|
|
500:
|
|
description: internal server error
|
|
|
|
/verify:
|
|
post:
|
|
tags:
|
|
- account
|
|
operationId: verify
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/verifyRequest"
|
|
responses:
|
|
200:
|
|
description: token ready
|
|
schema:
|
|
$ref: "#/definitions/verifyResponse"
|
|
404:
|
|
description: token not found
|
|
500:
|
|
description: internal server error
|
|
|
|
#
|
|
# admin
|
|
#
|
|
/frontend:
|
|
post:
|
|
tags:
|
|
- admin
|
|
security:
|
|
- key: []
|
|
operationId: createFrontend
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/createFrontendRequest"
|
|
responses:
|
|
201:
|
|
description: frontend created
|
|
schema:
|
|
$ref: "#/definitions/createFrontendResponse"
|
|
400:
|
|
description: bad request
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
patch:
|
|
tags:
|
|
- admin
|
|
security:
|
|
- key: []
|
|
operationId: updateFrontend
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/updateFrontendRequest"
|
|
responses:
|
|
200:
|
|
description: frontend updated
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
delete:
|
|
tags:
|
|
- admin
|
|
security:
|
|
- key: []
|
|
operationId: deleteFrontend
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/deleteFrontendRequest"
|
|
responses:
|
|
200:
|
|
description: frontend deleted
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
|
|
/frontends:
|
|
get:
|
|
tags:
|
|
- admin
|
|
security:
|
|
- key: []
|
|
operationId: listFrontends
|
|
responses:
|
|
200:
|
|
description: ok
|
|
schema:
|
|
$ref: "#/definitions/publicFrontendList"
|
|
401:
|
|
description: unauthorized
|
|
500:
|
|
description: internal server error
|
|
|
|
/identity:
|
|
post:
|
|
tags:
|
|
- admin
|
|
security:
|
|
- key: []
|
|
operationId: createIdentity
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
properties:
|
|
name:
|
|
type: string
|
|
responses:
|
|
201:
|
|
description: created
|
|
schema:
|
|
properties:
|
|
identity:
|
|
type: string
|
|
cfg:
|
|
type: string
|
|
401:
|
|
description: unauthorized
|
|
500:
|
|
description: internal server error
|
|
|
|
/invite/token/generate:
|
|
post:
|
|
tags:
|
|
- admin
|
|
security:
|
|
- key: []
|
|
operationId: inviteTokenGenerate
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/inviteTokenGenerateRequest"
|
|
responses:
|
|
201:
|
|
description: invitation tokens created
|
|
400:
|
|
description: invitation tokens not created
|
|
401:
|
|
description: unauthorized
|
|
500:
|
|
description: internal server error
|
|
#
|
|
# environment
|
|
#
|
|
/enable:
|
|
post:
|
|
tags:
|
|
- environment
|
|
security:
|
|
- key: []
|
|
operationId: enable
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/enableRequest"
|
|
responses:
|
|
201:
|
|
description: environment enabled
|
|
schema:
|
|
$ref: "#/definitions/enableResponse"
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: account not found
|
|
500:
|
|
description: internal server error
|
|
|
|
/disable:
|
|
post:
|
|
tags:
|
|
- environment
|
|
security:
|
|
- key: []
|
|
operationId: disable
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/disableRequest"
|
|
responses:
|
|
200:
|
|
description: environment disabled
|
|
401:
|
|
description: invalid environment
|
|
500:
|
|
description: internal server error
|
|
|
|
#
|
|
# metadata
|
|
#
|
|
/configuration:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
operationId: configuration
|
|
responses:
|
|
200:
|
|
description: current configuration
|
|
schema:
|
|
$ref: "#/definitions/configuration"
|
|
|
|
/detail/account:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
security:
|
|
- key: []
|
|
operationId: getAccountDetail
|
|
responses:
|
|
200:
|
|
description: ok
|
|
schema:
|
|
$ref: "#/definitions/environments"
|
|
500:
|
|
description: internal server error
|
|
|
|
/detail/environment/{envZId}:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
security:
|
|
- key: []
|
|
operationId: getEnvironmentDetail
|
|
parameters:
|
|
- name: envZId
|
|
in: path
|
|
type: string
|
|
required: true
|
|
responses:
|
|
200:
|
|
description: ok
|
|
schema:
|
|
$ref: "#/definitions/environmentAndResources"
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
|
|
/detail/frontend/{feId}:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
security:
|
|
- key: []
|
|
operationId: getFrontendDetail
|
|
parameters:
|
|
- name: feId
|
|
in: path
|
|
type: integer
|
|
required: true
|
|
responses:
|
|
200:
|
|
description: ok
|
|
schema:
|
|
$ref: "#/definitions/frontend"
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
|
|
/detail/share/{shrToken}:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
security:
|
|
- key: []
|
|
operationId: getShareDetail
|
|
parameters:
|
|
- name: shrToken
|
|
in: path
|
|
type: string
|
|
required: true
|
|
responses:
|
|
200:
|
|
description: ok
|
|
schema:
|
|
$ref: "#/definitions/share"
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
|
|
/overview:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
security:
|
|
- key: []
|
|
operationId: overview
|
|
responses:
|
|
200:
|
|
description: overview returned
|
|
schema:
|
|
$ref: "#/definitions/overview"
|
|
500:
|
|
description: internal server error
|
|
schema:
|
|
$ref: "#/definitions/errorMessage"
|
|
|
|
/metrics/account:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
security:
|
|
- key: []
|
|
operationId: getAccountMetrics
|
|
parameters:
|
|
- name: duration
|
|
in: query
|
|
type: string
|
|
responses:
|
|
200:
|
|
description: account metrics
|
|
schema:
|
|
$ref: "#/definitions/metrics"
|
|
400:
|
|
description: bad request
|
|
500:
|
|
description: internal server error
|
|
|
|
/metrics/environment/{envId}:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
security:
|
|
- key: []
|
|
operationId: getEnvironmentMetrics
|
|
parameters:
|
|
- name: envId
|
|
in: path
|
|
type: string
|
|
required: true
|
|
- name: duration
|
|
in: query
|
|
type: string
|
|
responses:
|
|
200:
|
|
description: environment metrics
|
|
schema:
|
|
$ref: "#/definitions/metrics"
|
|
400:
|
|
description: bad request
|
|
401:
|
|
description: unauthorized
|
|
500:
|
|
description: internal server error
|
|
|
|
|
|
/metrics/share/{shrToken}:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
security:
|
|
- key: []
|
|
operationId: getShareMetrics
|
|
parameters:
|
|
- name: shrToken
|
|
in: path
|
|
type: string
|
|
required: true
|
|
- name: duration
|
|
in: query
|
|
type: string
|
|
responses:
|
|
200:
|
|
description: share metrics
|
|
schema:
|
|
$ref: "#/definitions/metrics"
|
|
400:
|
|
description: bad request
|
|
401:
|
|
description: unauthorized
|
|
500:
|
|
description: internal server error
|
|
|
|
|
|
/version:
|
|
get:
|
|
tags:
|
|
- metadata
|
|
operationId: version
|
|
responses:
|
|
200:
|
|
description: current server version
|
|
schema:
|
|
$ref: "#/definitions/version"
|
|
|
|
#
|
|
# share
|
|
#
|
|
/access:
|
|
post:
|
|
tags:
|
|
- share
|
|
security:
|
|
- key: []
|
|
operationId: access
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/accessRequest"
|
|
responses:
|
|
201:
|
|
description: access created
|
|
schema:
|
|
$ref: "#/definitions/accessResponse"
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
|
|
/share:
|
|
post:
|
|
tags:
|
|
- share
|
|
security:
|
|
- key: []
|
|
operationId: share
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/shareRequest"
|
|
responses:
|
|
201:
|
|
description: share created
|
|
schema:
|
|
$ref: "#/definitions/shareResponse"
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
422:
|
|
description: unprocessable
|
|
500:
|
|
description: internal server error
|
|
schema:
|
|
$ref: "#/definitions/errorMessage"
|
|
patch:
|
|
tags:
|
|
- share
|
|
security:
|
|
- key: []
|
|
operationId: updateShare
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/updateShareRequest"
|
|
responses:
|
|
200:
|
|
description: share updated
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
|
|
/unaccess:
|
|
delete:
|
|
tags:
|
|
- share
|
|
security:
|
|
- key: []
|
|
operationId: unaccess
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/unaccessRequest"
|
|
responses:
|
|
200:
|
|
description: access removed
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
|
|
/unshare:
|
|
delete:
|
|
tags:
|
|
- share
|
|
security:
|
|
- key: []
|
|
operationId: unshare
|
|
parameters:
|
|
- name: body
|
|
in: body
|
|
schema:
|
|
$ref: "#/definitions/unshareRequest"
|
|
responses:
|
|
200:
|
|
description: share removed
|
|
401:
|
|
description: unauthorized
|
|
404:
|
|
description: not found
|
|
500:
|
|
description: internal server error
|
|
schema:
|
|
$ref: "#/definitions/errorMessage"
|
|
|
|
definitions:
|
|
accessRequest:
|
|
type: object
|
|
properties:
|
|
envZId:
|
|
type: string
|
|
shrToken:
|
|
type: string
|
|
|
|
accessResponse:
|
|
type: object
|
|
properties:
|
|
frontendToken:
|
|
type: string
|
|
backendMode:
|
|
type: string
|
|
|
|
authUser:
|
|
type: object
|
|
properties:
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
|
|
configuration:
|
|
type: object
|
|
properties:
|
|
version:
|
|
type: string
|
|
touLink:
|
|
type: string
|
|
invitesOpen:
|
|
type: boolean
|
|
requiresInviteToken:
|
|
type: boolean
|
|
inviteTokenContact:
|
|
type: string
|
|
passwordRequirements:
|
|
$ref: "#/definitions/passwordRequirements"
|
|
|
|
createFrontendRequest:
|
|
type: object
|
|
properties:
|
|
zId:
|
|
type: string
|
|
url_template:
|
|
type: string
|
|
public_name:
|
|
type: string
|
|
|
|
createFrontendResponse:
|
|
type: object
|
|
properties:
|
|
token:
|
|
type: string
|
|
|
|
deleteFrontendRequest:
|
|
type: object
|
|
properties:
|
|
frontendToken:
|
|
type: string
|
|
|
|
disableRequest:
|
|
type: object
|
|
properties:
|
|
identity:
|
|
type: string
|
|
|
|
enableRequest:
|
|
type: object
|
|
properties:
|
|
description:
|
|
type: string
|
|
host:
|
|
type: string
|
|
|
|
enableResponse:
|
|
type: object
|
|
properties:
|
|
identity:
|
|
type: string
|
|
cfg:
|
|
type: string
|
|
|
|
environment:
|
|
type: object
|
|
properties:
|
|
description:
|
|
type: string
|
|
host:
|
|
type: string
|
|
address:
|
|
type: string
|
|
zId:
|
|
type: string
|
|
activity:
|
|
$ref: "#/definitions/sparkData"
|
|
limited:
|
|
type: boolean
|
|
createdAt:
|
|
type: integer
|
|
updatedAt:
|
|
type: integer
|
|
|
|
environments:
|
|
type: array
|
|
items:
|
|
$ref: "#/definitions/environment"
|
|
|
|
environmentAndResources:
|
|
type: object
|
|
properties:
|
|
environment:
|
|
$ref: "#/definitions/environment"
|
|
frontends:
|
|
$ref: "#/definitions/frontends"
|
|
shares:
|
|
$ref: "#/definitions/shares"
|
|
|
|
errorMessage:
|
|
type: string
|
|
|
|
frontend:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
shrToken:
|
|
type: string
|
|
zId:
|
|
type: string
|
|
createdAt:
|
|
type: integer
|
|
updatedAt:
|
|
type: integer
|
|
|
|
frontends:
|
|
type: array
|
|
items:
|
|
$ref: "#/definitions/frontend"
|
|
|
|
inviteTokenGenerateRequest:
|
|
type: object
|
|
properties:
|
|
tokens:
|
|
type: array
|
|
items:
|
|
type: string
|
|
|
|
inviteRequest:
|
|
type: object
|
|
properties:
|
|
email:
|
|
type: string
|
|
token:
|
|
type: string
|
|
|
|
loginRequest:
|
|
type: object
|
|
properties:
|
|
email:
|
|
type: string
|
|
password:
|
|
type: string
|
|
|
|
loginResponse:
|
|
type: string
|
|
|
|
metrics:
|
|
type: object
|
|
properties:
|
|
scope:
|
|
type: string
|
|
id:
|
|
type: string
|
|
period:
|
|
type: number
|
|
samples:
|
|
type: array
|
|
items:
|
|
$ref: "#/definitions/metricsSample"
|
|
|
|
metricsSample:
|
|
type: object
|
|
properties:
|
|
rx:
|
|
type: number
|
|
tx:
|
|
type: number
|
|
timestamp:
|
|
type: number
|
|
|
|
overview:
|
|
type: object
|
|
properties:
|
|
accountLimited:
|
|
type: boolean
|
|
environments:
|
|
type: array
|
|
items:
|
|
$ref: "#/definitions/environmentAndResources"
|
|
|
|
passwordRequirements:
|
|
type: object
|
|
properties:
|
|
length:
|
|
type: integer
|
|
requireCapital:
|
|
type: boolean
|
|
requireNumeric:
|
|
type: boolean
|
|
requireSpecial:
|
|
type: boolean
|
|
validSpecialCharacters:
|
|
type: string
|
|
|
|
principal:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
email:
|
|
type: string
|
|
token:
|
|
type: string
|
|
limitless:
|
|
type: boolean
|
|
admin:
|
|
type: boolean
|
|
|
|
publicFrontend:
|
|
type: object
|
|
properties:
|
|
token:
|
|
type: string
|
|
zId:
|
|
type: string
|
|
urlTemplate:
|
|
type: string
|
|
publicName:
|
|
type: string
|
|
createdAt:
|
|
type: integer
|
|
updatedAt:
|
|
type: integer
|
|
|
|
publicFrontendList:
|
|
type: array
|
|
items:
|
|
$ref: "#/definitions/publicFrontend"
|
|
|
|
registerRequest:
|
|
type: object
|
|
properties:
|
|
token:
|
|
type: string
|
|
password:
|
|
type: string
|
|
|
|
registerResponse:
|
|
type: object
|
|
properties:
|
|
token:
|
|
type: string
|
|
|
|
resetPasswordRequest:
|
|
type: object
|
|
properties:
|
|
token:
|
|
type: string
|
|
password:
|
|
type: string
|
|
|
|
share:
|
|
type: object
|
|
properties:
|
|
token:
|
|
type: string
|
|
zId:
|
|
type: string
|
|
shareMode:
|
|
type: string
|
|
backendMode:
|
|
type: string
|
|
frontendSelection:
|
|
type: string
|
|
frontendEndpoint:
|
|
type: string
|
|
backendProxyEndpoint:
|
|
type: string
|
|
reserved:
|
|
type: boolean
|
|
activity:
|
|
$ref: "#/definitions/sparkData"
|
|
limited:
|
|
type: boolean
|
|
createdAt:
|
|
type: integer
|
|
updatedAt:
|
|
type: integer
|
|
|
|
shares:
|
|
type: array
|
|
items:
|
|
$ref: "#/definitions/share"
|
|
|
|
shareRequest:
|
|
type: object
|
|
properties:
|
|
envZId:
|
|
type: string
|
|
shareMode:
|
|
type: string
|
|
enum: ["public", "private"]
|
|
frontendSelection:
|
|
type: array
|
|
items:
|
|
type: string
|
|
backendMode:
|
|
type: string
|
|
enum: ["proxy", "web", "tcpTunnel", "udpTunnel", "caddy", "drive"]
|
|
backendProxyEndpoint:
|
|
type: string
|
|
authScheme:
|
|
type: string
|
|
authUsers:
|
|
type: array
|
|
items:
|
|
$ref: "#/definitions/authUser"
|
|
oauthProvider:
|
|
type: string
|
|
enum: ["github", "google"]
|
|
oauthEmailDomains:
|
|
type: array
|
|
items:
|
|
type: string
|
|
oauthAuthorizationCheckInterval:
|
|
type: string
|
|
reserved:
|
|
type: boolean
|
|
|
|
shareResponse:
|
|
type: object
|
|
properties:
|
|
frontendProxyEndpoints:
|
|
type: array
|
|
items:
|
|
type: string
|
|
shrToken:
|
|
type: string
|
|
|
|
sparkData:
|
|
type: array
|
|
items:
|
|
$ref: "#/definitions/sparkDataSample"
|
|
|
|
sparkDataSample:
|
|
type: object
|
|
properties:
|
|
rx:
|
|
type: number
|
|
tx:
|
|
type: number
|
|
|
|
unaccessRequest:
|
|
type: object
|
|
properties:
|
|
frontendToken:
|
|
type: string
|
|
envZId:
|
|
type: string
|
|
shrToken:
|
|
type: string
|
|
|
|
unshareRequest:
|
|
type: object
|
|
properties:
|
|
envZId:
|
|
type: string
|
|
shrToken:
|
|
type: string
|
|
reserved:
|
|
type: boolean
|
|
|
|
updateFrontendRequest:
|
|
type: object
|
|
properties:
|
|
frontendToken:
|
|
type: string
|
|
publicName:
|
|
type: string
|
|
urlTemplate:
|
|
type: string
|
|
|
|
updateShareRequest:
|
|
type: object
|
|
properties:
|
|
shrToken:
|
|
type: string
|
|
backendProxyEndpoint:
|
|
type: string
|
|
|
|
verifyRequest:
|
|
type: object
|
|
properties:
|
|
token:
|
|
type: string
|
|
verifyResponse:
|
|
type: object
|
|
properties:
|
|
email:
|
|
type: string
|
|
|
|
version:
|
|
type: string
|
|
|
|
produces:
|
|
- application/zrok.v1+json
|
|
consumes:
|
|
- application/zrok.v1+json
|
|
schemes:
|
|
- http
|
|
swagger: "2.0" |