Skip to content

Commit

Permalink
v1.4.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@zeplin-dev
zeplin-dev committed Jul 13, 2021
1 parent 6ebef1a commit 81143d1
Show file tree
Hide file tree
Showing 2 changed files with 118 additions and 12 deletions.
65 changes: 58 additions & 7 deletions descriptions/main.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"info": {
"title": "Zeplin API",
"description": "Access your resources in Zeplin",
"version": "1.3.0",
"version": "1.4.0",
"contact": {
"name": "Zeplin",
"url": "https://zeplin.io",
Expand Down Expand Up @@ -68,6 +68,27 @@
"schema": {
"type": "string"
}
},
{
"name": "code_challenge",
"in": "query",
"description": "RECOMMENDED. A PKCE code challenge derived from the code verifier, to be verified against later.",
"schema": {
"type": "string"
}
},
{
"name": "code_challenge_method",
"in": "query",
"description": "RECOMMENDED. PKCE code verifier transformation method.",
"schema": {
"type": "string",
"enum": [
"plain",
"S256"
],
"default": "S256"
}
}
],
"responses": {
Expand Down Expand Up @@ -179,6 +200,30 @@
"message": "invalid_grant",
"detail": "Provided `refresh_token` is malformed"
}
},
"Code challenge is invalid": {
"value": {
"message": "invalid_grant",
"detail": "Provided `code_challenge` is invalid"
}
},
"Code challenge method is invalid": {
"value": {
"message": "invalid_grant",
"detail": "Provided `code_challenge_method` is invalid"
}
},
"Code verifier is required": {
"value": {
"message": "invalid_grant",
"detail": "`code_verifier` is required"
}
},
"Code verifier is incorrect": {
"value": {
"message": "invalid_grant",
"detail": "Provided `code_verifier` is incorrect"
}
}
}
}
Expand Down Expand Up @@ -8560,8 +8605,7 @@
"grant_type",
"code",
"redirect_uri",
"client_id",
"client_secret"
"client_id"
],
"properties": {
"grant_type": {
Expand All @@ -8584,7 +8628,11 @@
},
"client_secret": {
"type": "string",
"description": "The `client_secret` of your Zeplin app"
"description": "The `client_secret` of your Zeplin app\n\n**Note**: `client_secret` is required for `code` values obtained without using a PKCE `code_challenge` value.\n\n**Warning**: `client_secret` property should only be used in a server-side application. \nIf your Zeplin app is a public client, you should use PKCE authorization flow.\n"
},
"code_verifier": {
"type": "string",
"description": "A cryptographically random string that is used to correlate the authorization request to the token request"
}
}
},
Expand All @@ -8594,8 +8642,7 @@
"required": [
"grant_type",
"refresh_token",
"client_id",
"client_secret"
"client_id"
],
"properties": {
"grant_type": {
Expand All @@ -8614,7 +8661,11 @@
},
"client_secret": {
"type": "string",
"description": "The `client_secret` of your Zeplin app"
"description": "The `client_secret` of your Zeplin app\n\n**Note**: `client_secret` is required for `code` values obtained without using a PKCE `code_challenge` value.\n\n**Warning**: `client_secret` property should only be used in a server-side application. \nIf your Zeplin app is a public client, you should use PKCE authorization flow.\n"
},
"code_verifier": {
"type": "string",
"description": "A cryptographically random string that is used to correlate the authorization request to the token request"
}
}
},
Expand Down
65 changes: 60 additions & 5 deletions descriptions/main.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ openapi: 3.0.2
info:
title: Zeplin API
description: Access your resources in Zeplin
version: 1.3.0
version: 1.4.0
contact:
name: Zeplin
url: https://zeplin.io
Expand Down Expand Up @@ -47,6 +47,21 @@ paths:
between the request and callback.
schema:
type: string
- name: code_challenge
in: query
description: RECOMMENDED. A PKCE code challenge derived from the code verifier,
to be verified against later.
schema:
type: string
- name: code_challenge_method
in: query
description: RECOMMENDED. PKCE code verifier transformation method.
schema:
type: string
enum:
- plain
- S256
default: S256
responses:
"302":
description: User is redirected to web app for authorization
Expand Down Expand Up @@ -123,6 +138,22 @@ paths:
value:
message: invalid_grant
detail: Provided `refresh_token` is malformed
Code challenge is invalid:
value:
message: invalid_grant
detail: Provided `code_challenge` is invalid
Code challenge method is invalid:
value:
message: invalid_grant
detail: Provided `code_challenge_method` is invalid
Code verifier is required:
value:
message: invalid_grant
detail: "`code_verifier` is required"
Code verifier is incorrect:
value:
message: invalid_grant
detail: Provided `code_verifier` is incorrect
/v1/organizations:
get:
tags:
Expand Down Expand Up @@ -5766,7 +5797,6 @@ components:
- code
- redirect_uri
- client_id
- client_secret
properties:
grant_type:
type: string
Expand All @@ -5784,15 +5814,27 @@ components:
description: The `client_id` of your Zeplin app
client_secret:
type: string
description: The `client_secret` of your Zeplin app
description: >
The `client_secret` of your Zeplin app
**Note**: `client_secret` is required for `code` values obtained without using a PKCE `code_challenge` value.
**Warning**: `client_secret` property should only be used in a server-side application.
If your Zeplin app is a public client, you should use PKCE authorization flow.
code_verifier:
type: string
description: A cryptographically random string that is used to correlate the
authorization request to the token request
TokenCreateRefreshTokenBody:
title: If `grant_type` is `refresh_token`
type: object
required:
- grant_type
- refresh_token
- client_id
- client_secret
properties:
grant_type:
type: string
Expand All @@ -5807,7 +5849,20 @@ components:
description: The `client_id` of your Zeplin app
client_secret:
type: string
description: The `client_secret` of your Zeplin app
description: >
The `client_secret` of your Zeplin app
**Note**: `client_secret` is required for `code` values obtained without using a PKCE `code_challenge` value.
**Warning**: `client_secret` property should only be used in a server-side application.
If your Zeplin app is a public client, you should use PKCE authorization flow.
code_verifier:
type: string
description: A cryptographically random string that is used to correlate the
authorization request to the token request
OrganizationMemberInviteBody:
title: Organization Member Invite Body
type: object
Expand Down

0 comments on commit 81143d1

Please sign in to comment.