From d2245c7f2c985cae118e7152dde48dcb852b142e Mon Sep 17 00:00:00 2001
From: Jakob Ankarhem <jakob.ankarhem@jetshop.se>
Date: Tue, 31 May 2022 18:53:53 +0200
Subject: [PATCH] docs: add api documentation for oidc endpoints

---
 overseerr-api.yml | 57 +++++++++++++++++++++++++++++++++++++++++++++++
 server/index.ts   | 12 +++++-----
 2 files changed, 63 insertions(+), 6 deletions(-)

diff --git a/overseerr-api.yml b/overseerr-api.yml
index 164187de3..14fa9c063 100644
--- a/overseerr-api.yml
+++ b/overseerr-api.yml
@@ -3206,6 +3206,63 @@ paths:
                   type: string
               required:
                 - password
+  /auth/oidc-login:
+    get:
+      security: []
+      summary: Redirect to the OpenID Connect provider
+      description: Constructs the redirect URL to the OpenID Connect provider, and redirects the user to it.
+      tags:
+        - auth
+      responses:
+        '302':
+          description: Redirect to the authentication url for the OpenID Connect provider
+          headers:
+            Location:
+              schema:
+                type: string
+                example: https://example.com/auth/oidc/callback?response_type=code&client_id=client_id&redirect_uri=https%3A%2F%2Fexample.com%2Fauth%2Foidc%2Fcallback&scope=openid%20email&state=state
+            Set-Cookie:
+              schema:
+                type: string
+                example: 'oidc-state=123456789; HttpOnly; max-age=60000; Secure'
+  /auth/oidc-callback:
+    get:
+      security: []
+      summary: The callback endpoint for the OpenID Connect provider redirect
+      description: Takes the `code` and `state` parameters from the OpenID Connect provider, and exchanges them for a token.
+      parameters:
+        - in: query
+          name: code
+          required: true
+          schema:
+            type: string
+            example: '0sJj7IUW2h6aB3U6o-flioB0ARc7nW2E3PFItYd6xPKf5'
+        - in: query
+          name: state
+          required: true
+          schema:
+            type: string
+            example: '123456789'
+        - in: cookie
+          name: oidc-state
+          required: true
+          schema:
+            type: string
+            example: '123456789'
+      tags:
+        - auth
+      responses:
+        '302':
+          description: A redirect to the home page if successful or back to the login page if not
+          headers:
+            Location:
+              schema:
+                type: string
+                example: /
+            Set-Cookie:
+              schema:
+                type: string
+                example: 'token=deleted; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT'
   /user:
     get:
       summary: Get all users
diff --git a/server/index.ts b/server/index.ts
index 246b0729c..e78d5a577 100644
--- a/server/index.ts
+++ b/server/index.ts
@@ -157,12 +157,12 @@ app
     );
     const apiDocs = YAML.load(API_SPEC_PATH);
     server.use('/api-docs', swaggerUi.serve, swaggerUi.setup(apiDocs));
-    // server.use(
-    //   OpenApiValidator.middleware({
-    //     apiSpec: API_SPEC_PATH,
-    //     validateRequests: true,
-    //   })
-    // );
+    server.use(
+      OpenApiValidator.middleware({
+        apiSpec: API_SPEC_PATH,
+        validateRequests: true,
+      })
+    );
     /**
      * This is a workaround to convert dates to strings before they are validated by
      * OpenAPI validator. Otherwise, they are treated as objects instead of strings