From 4423f188e715f3f55ca9f1595a273dd3f3c49052 Mon Sep 17 00:00:00 2001 From: Blair Currey <12960453+BlairCurrey@users.noreply.github.com> Date: Thu, 21 Sep 2023 08:13:40 -0400 Subject: [PATCH] feat(open-payments): unauthenticated incoming payment get (#293) * feat(open-payments): unauthed incoming payment get * chore(open-payments): changeset * chore(open-payments): spec version bump * fix: typo * fix: typo * fix(open-payments): add optional signature params * refactor: remove some duplication * fix: wrong ref * fix: schema, type --- .changeset/silly-dragons-invite.md | 5 +++ openapi/resource-server.yaml | 44 +++++++++++++++---- .../generated/resource-server-types.ts | 24 +++++++--- 3 files changed, 60 insertions(+), 13 deletions(-) create mode 100644 .changeset/silly-dragons-invite.md diff --git a/.changeset/silly-dragons-invite.md b/.changeset/silly-dragons-invite.md new file mode 100644 index 00000000..df492cd9 --- /dev/null +++ b/.changeset/silly-dragons-invite.md @@ -0,0 +1,5 @@ +--- +'@interledger/open-payments': minor +--- + +Adds public-incoming-payment return type to incoming payment get request which should be returned for unauthenticated requests to this endpoint diff --git a/openapi/resource-server.yaml b/openapi/resource-server.yaml index 8ccc97aa..392f9f96 100644 --- a/openapi/resource-server.yaml +++ b/openapi/resource-server.yaml @@ -1,7 +1,7 @@ openapi: 3.1.0 info: title: Open Payments - version: '1.2' + version: '1.3' license: name: Apache 2.0 identifier: Apache-2.0 @@ -614,7 +614,9 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/incoming-payment-with-connection' + anyOf: + - $ref: '#/components/schemas/incoming-payment-with-connection' + - $ref: '#/components/schemas/public-incoming-payment' examples: Incoming Payment for $25 with $12.34 received so far: value: @@ -647,10 +649,10 @@ paths: $ref: '#/components/responses/403' '404': description: Incoming Payment Not Found - description: A client can fetch the latest state of an incoming payment to determine the amount received into the payment pointer. parameters: - - $ref: '#/components/parameters/signature-input' - - $ref: '#/components/parameters/signature' + - $ref: '#/components/parameters/optional-signature-input' + - $ref: '#/components/parameters/optional-signature' + description: A client can fetch the latest state of an incoming payment to determine the amount received into the payment pointer. parameters: - $ref: '#/components/parameters/id' '/incoming-payments/{id}/complete': @@ -1026,6 +1028,20 @@ components: description: Endpoint that returns unique STREAM connection credentials to establish a STREAM connection to the underlying account. readOnly: true unevaluatedProperties: false + public-incoming-payment: + title: Public Incoming Payment + description: An **incoming payment** resource with public details. + type: object + examples: + - receivedAmount: + value: '0' + assetCode: USD + assetScale: 2 + properties: + receiveAmount: + $ref: ./schemas.yaml#/components/schemas/amount + unresolvedProperites: false + outgoing-payment: title: Outgoing Payment description: 'An **outgoing payment** resource represents a payment that will be, is currently being, or has previously been, sent from the payment pointer.' @@ -1317,17 +1333,29 @@ components: name: Signature in: header schema: - type: string - example: 'Signature: sig1=:EWJgAONk3D6542Scj8g51rYeMHw96cH2XiCMxcyL511wyemGcw==:' + $ref: '#/components/parameters/optional-signature' description: 'The signature generated based on the Signature-Input, using the signing algorithm specified in the "alg" field of the JWK.' required: true signature-input: + name: Signature-Input + in: header + schema: + $ref: '#/components/parameters/optional-signature-input' + description: 'The Signature-Input field is a Dictionary structured field containing the metadata for one or more message signatures generated from components within the HTTP message. Each member describes a single message signature. The member''s key is the label that uniquely identifies the message signature within the context of the HTTP message. The member''s value is the serialization of the covered components Inner List plus all signature metadata parameters identified by the label. The following components MUST be included: - "@method" - "@target-uri" - "authorization". When the message contains a request body, the covered components MUST also include the following: - "content-digest" The keyid parameter of the signature MUST be set to the kid value of the JWK. See [ietf-httpbis-message-signatures](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures#section-4.1) for more details.' + required: true + optional-signature: + name: Signature + in: header + schema: + type: string + example: 'Signature: sig1=:EWJgAONk3D6542Scj8g51rYeMHw96cH2XiCMxcyL511wyemGcw==:' + description: 'The signature generated based on the Signature-Input, using the signing algorithm specified in the "alg" field of the JWK.' + optional-signature-input: name: Signature-Input in: header schema: type: string example: 'Signature-Input: sig1=("@method" "@target-uri" "content-digest" "content-length" "content-type");created=1618884473;keyid="gnap-rsa"' description: 'The Signature-Input field is a Dictionary structured field containing the metadata for one or more message signatures generated from components within the HTTP message. Each member describes a single message signature. The member''s key is the label that uniquely identifies the message signature within the context of the HTTP message. The member''s value is the serialization of the covered components Inner List plus all signature metadata parameters identified by the label. The following components MUST be included: - "@method" - "@target-uri" - "authorization". When the message contains a request body, the covered components MUST also include the following: - "content-digest" The keyid parameter of the signature MUST be set to the kid value of the JWK. See [ietf-httpbis-message-signatures](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures#section-4.1) for more details.' - required: true security: - GNAP: [] diff --git a/packages/open-payments/src/openapi/generated/resource-server-types.ts b/packages/open-payments/src/openapi/generated/resource-server-types.ts index 87cfbeb7..7d6b4898 100644 --- a/packages/open-payments/src/openapi/generated/resource-server-types.ts +++ b/packages/open-payments/src/openapi/generated/resource-server-types.ts @@ -201,6 +201,13 @@ export interface components { */ ilpStreamConnection?: string; }; + /** + * Public Incoming Payment + * @description An **incoming payment** resource with public details. + */ + "public-incoming-payment": { + receiveAmount?: external["schemas.yaml"]["components"]["schemas"]["amount"]; + }; /** * Outgoing Payment * @description An **outgoing payment** resource represents a payment that will be, is currently being, or has previously been, sent from the payment pointer. @@ -314,9 +321,13 @@ export interface components { /** @description Sub-resource identifier */ id: string; /** @description The signature generated based on the Signature-Input, using the signing algorithm specified in the "alg" field of the JWK. */ - signature: string; + signature: components["parameters"]["optional-signature"]; + /** @description The Signature-Input field is a Dictionary structured field containing the metadata for one or more message signatures generated from components within the HTTP message. Each member describes a single message signature. The member's key is the label that uniquely identifies the message signature within the context of the HTTP message. The member's value is the serialization of the covered components Inner List plus all signature metadata parameters identified by the label. The following components MUST be included: - "@method" - "@target-uri" - "authorization". When the message contains a request body, the covered components MUST also include the following: - "content-digest" The keyid parameter of the signature MUST be set to the kid value of the JWK. See [ietf-httpbis-message-signatures](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures#section-4.1) for more details. */ + "signature-input": components["parameters"]["optional-signature-input"]; + /** @description The signature generated based on the Signature-Input, using the signing algorithm specified in the "alg" field of the JWK. */ + "optional-signature": string; /** @description The Signature-Input field is a Dictionary structured field containing the metadata for one or more message signatures generated from components within the HTTP message. Each member describes a single message signature. The member's key is the label that uniquely identifies the message signature within the context of the HTTP message. The member's value is the serialization of the covered components Inner List plus all signature metadata parameters identified by the label. The following components MUST be included: - "@method" - "@target-uri" - "authorization". When the message contains a request body, the covered components MUST also include the following: - "content-digest" The keyid parameter of the signature MUST be set to the kid value of the JWK. See [ietf-httpbis-message-signatures](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures#section-4.1) for more details. */ - "signature-input": string; + "optional-signature-input": string; }; } @@ -568,16 +579,19 @@ export interface operations { }; header: { /** The Signature-Input field is a Dictionary structured field containing the metadata for one or more message signatures generated from components within the HTTP message. Each member describes a single message signature. The member's key is the label that uniquely identifies the message signature within the context of the HTTP message. The member's value is the serialization of the covered components Inner List plus all signature metadata parameters identified by the label. The following components MUST be included: - "@method" - "@target-uri" - "authorization". When the message contains a request body, the covered components MUST also include the following: - "content-digest" The keyid parameter of the signature MUST be set to the kid value of the JWK. See [ietf-httpbis-message-signatures](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures#section-4.1) for more details. */ - "Signature-Input": components["parameters"]["signature-input"]; + "Signature-Input"?: components["parameters"]["optional-signature-input"]; /** The signature generated based on the Signature-Input, using the signing algorithm specified in the "alg" field of the JWK. */ - Signature: components["parameters"]["signature"]; + Signature?: components["parameters"]["optional-signature"]; }; }; responses: { /** Incoming Payment Found */ 200: { content: { - "application/json": components["schemas"]["incoming-payment-with-connection"]; + "application/json": Partial< + components["schemas"]["incoming-payment-with-connection"] + > & + Partial; }; }; 401: components["responses"]["401"];