Merge branch 'jimcser-access-tokens' into 'master'

Documentation: Adds access token endpoints to OpenAPI See merge request gitlab-org/gitlab!58620

Merge branch 'jimcser-access-tokens' into 'master'
Documentation: Adds access token endpoints to OpenAPI See merge request gitlab-org/gitlab!58620
547d1d82 · Max Woolf · e8fd52b4 · 1ead684a · 547d1d82 · 547d1d82
Commit 547d1d82 authored May 06, 2021 by Max Woolf
4 changed files
--- a/changelogs/unreleased/jimcser-add-access-token.yml
+++ b/changelogs/unreleased/jimcser-add-access-token.yml
+---
+title: Adds access token endpoints to OpenAPI
+merge_request: 58620
+author: jimcser
+type: added
--- a/doc/api/openapi/openapi.yaml
+++ b/doc/api/openapi/openapi.yaml
@@ -4,6 +4,8 @@ tags:
    description: Version
  - name: access_requests
    description: Access requests for projects and groups
+  - name: access_tokens
+    description: Access tokens for projects
 info:
  description: |
    An OpenAPI definition for the GitLab REST API.
@@ -16,7 +18,8 @@ info:
    The feature uses the current [GitLab session cookie](https://docs.gitlab.com/ee/api/README.html#session-cookie),
    so each request is made using your account.
-    Read more at <https://docs.gitlab.com/ee/development/documentation/restful_api_styleguide.html>.
+    Instructions for using this tool can be found in [Interactive API Documentation](openapi_interactive.md).
  version: v4
  title: GitLab API
  termsOfService: 'https://about.gitlab.com/terms/'
@@ -57,6 +60,12 @@ paths:
  /v4/groups/{id}/access_requests/{user_id}/approve:
    $ref: 'v4/access_requests.yaml#/accessRequestsGroupsApprove'
-  /v4/groupss/{id}/access_requests/{user_id}:
+  /v4/groups/{id}/access_requests/{user_id}:
    $ref: 'v4/access_requests.yaml#/accessRequestsGroupsDeny'
+  # ACCESS REQUESTS (PROJECTS)
+  /v4/projects/{id}/access_tokens:
+    $ref: 'v4/access_tokens.yaml#/accessTokens'
+  /v4/projects/{id}/access_tokens/{token_id}:
+    $ref: 'v4/access_tokens.yaml#/accessTokensRevoke'
\ No newline at end of file
--- a/doc/api/openapi/v4/access_tokens.yaml
+++ b/doc/api/openapi/v4/access_tokens.yaml
+# Markdown documentation: https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/api/resource_access_tokens.md
+#/v4/projects/{id}/access_tokens
+accessTokens:
+  get:
+    description: Lists access tokens for a project
+    summary: List access tokens for a project
+    operationId: accessTokens_get
+    tags:
+      - access_tokens
+    parameters:
+      - name: id
+        in: path
+        description: The ID or URL-encoded path of the project
+        required: true
+        schema:
+          oneOf:
+            - type: integer
+            - type: string
+    responses:
+      '404':
+        description: Not Found
+      '401':
+        description: Unauthorized operation
+      '200':
+        description: Successful operation
+        content:
+          application/json:
+            schema:
+              title: AccessTokenList
+              type: object
+              properties:
+                user_id:
+                  type: integer
+                scopes:
+                  type: array
+                name:
+                  type: string
+                expires_at:
+                  type: date
+                id:
+                  type: integer
+                active:
+                  type: boolean
+                created_at:
+                  type: date
+                revoked:
+                  type: boolean
+            example:
+              "user_id": 141
+              "scopes" : ["api"]
+              "name": "token"
+              "expires_at": "2022-01-31"
+              "id": 42
+              "active": true
+              "created_at": "2021-01-20T14:13:35Z"
+              "revoked" : false
+  post:
+    description: Creates an access token for a project
+    summary: Creates an access token for a project
+    operationId: accessTokens_post
+    tags:
+      - access_tokens
+    parameters:
+      - name: id
+        in: path
+        description: The ID or URL-encoded path of the project
+        required: true
+        schema:
+          oneOf:
+            - type: integer
+            - type: string
+      - name: name
+        in: query
+        description: The name of the project access token
+        required: true
+        schema:
+          type: string
+      - name: scopes
+        in: query
+        description: Defines read and write permissions for the token
+        required: true
+        schema:
+          type: array
+          items:
+            type: string
+            enum: ["api", "read_api", "read_registry", "write_registry", "read_repository", "write_repository"]
+      - name: expires_at
+        in: query
+        description: Date when the token expires. Time of day is Midnight UTC of that date.
+        required: false
+        schema:
+          type: date
+    responses:
+      '404':
+        description: Not Found
+      '401':
+        description: Unauthorized operation
+      '200':
+        description: Successful operation
+        content:
+          application/json:
+            schema:
+              title: AccessTokenList
+              type: object
+              properties:
+                user_id:
+                  type: integer
+                scopes:
+                  type: array
+                name:
+                  type: string
+                expires_at:
+                  type: date
+                id:
+                  type: integer
+                active:
+                  type: boolean
+                created_at:
+                  type: date
+                revoked:
+                  type: boolean
+                token:
+                  type: string
+            example:
+              "user_id": 166
+              "scopes" : [
+                "api",
+                "read_repository"
+              ]
+              "name": "test"
+              "expires_at": "2022-01-31"
+              "id": 58
+              "active": true
+              "created_at": "2021-01-20T14:13:35Z"
+              "revoked" : false
+              "token" : "D4y...Wzr"
+#/v4/projects/{id}/access_tokens/{token_id}
+accessTokensRevoke:
+  delete:
+    description: Revokes an access token
+    summary: Revokes an access token
+    operationId: accessTokens_delete
+    tags:
+      - access_tokens
+    parameters:
+      - name: id
+        in: path
+        description: The ID or URL-encoded path of the project
+        required: true
+        schema:
+          oneOf:
+            - type: integer
+            - type: string
+      - name: token_id
+        in: path
+        description: The ID of the project access token
+        required: true
+        schema:
+          oneOf:
+            - type: integer
+            - type: string
+    responses:
+      '400':
+        description: Bad Request
+      '404':
+        description: Not Found
+      '204':
+        description: No content if successfully revoked
--- a/doc/api/resource_access_tokens.md
+++ b/doc/api/resource_access_tokens.md
@@ -55,6 +55,7 @@ POST projects/:id/access_tokens
 | Attribute | Type    | required | Description         |
 |-----------|---------|----------|---------------------|
+| `id` | integer/string | yes | The ID of the project |
 | `name` | String | yes | The name of the project access token  |
 | `scopes` | Array\[String] | yes | [List of scopes](../user/project/settings/project_access_tokens.md#limiting-scopes-of-a-project-access-token) |
 | `expires_at` | Date | no | The token expires at midnight UTC on that date |