chore: add missing security annotations to admin handlers (#2937)

ory · Dec 18, 2022 · 2f9b001 · 2f9b001
1 parent ae8ad7b
commit 2f9b001
Show file tree

Hide file tree

Showing 7 changed files with 127 additions and 4 deletions.
diff --git a/internal/client-go/api_identity.go b/internal/client-go/api_identity.go
diff --git a/internal/httpclient/api_identity.go b/internal/httpclient/api_identity.go
diff --git a/selfservice/strategy/code/strategy_recovery.go b/selfservice/strategy/code/strategy_recovery.go
@@ -139,6 +139,9 @@ type recoveryCodeForIdentity struct {
 //
 //	Schemes: http, https
 //
+//	Security:
+//		oryAccessToken:
+//
 //	Responses:
 //		201: recoveryCodeForIdentity
 //		400: errorGeneric

diff --git a/selfservice/strategy/link/strategy_recovery.go b/selfservice/strategy/link/strategy_recovery.go
@@ -130,6 +130,9 @@ type recoveryLinkForIdentity struct {
 //
 //	Schemes: http, https
 //
+//	Security:
+//	  oryAccessToken:
+//
 //	Responses:
 //	  200: recoveryLinkForIdentity
 //	  400: errorGeneric

diff --git a/session/handler.go b/session/handler.go
@@ -465,11 +465,14 @@ type disableSession struct {
 //
 //	Schemes: http, https
 //
+//	Security:
+//		oryAccessToken:
+//
 //	Responses:
-//	  204: emptyResponse
-//	  400: errorGeneric
-//	  401: errorGeneric
-//	  default: errorGeneric
+//		204: emptyResponse
+//		400: errorGeneric
+//		401: errorGeneric
+//		default: errorGeneric
 func (h *Handler) disableSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	sID, err := uuid.FromString(ps.ByName("id"))
 	if err != nil {

diff --git a/spec/api.json b/spec/api.json
@@ -3841,6 +3841,11 @@
             "description": "errorGeneric"
           }
         },
+        "security": [
+          {
+            "oryAccessToken": []
+          }
+        ],
         "summary": "Create a Recovery Code",
         "tags": [
           "identity"
@@ -3903,6 +3908,11 @@
             "description": "errorGeneric"
           }
         },
+        "security": [
+          {
+            "oryAccessToken": []
+          }
+        ],
         "summary": "Create a Recovery Link",
         "tags": [
           "identity"
@@ -4044,6 +4054,11 @@
             "description": "errorGeneric"
           }
         },
+        "security": [
+          {
+            "oryAccessToken": []
+          }
+        ],
         "summary": "Deactivate a Session",
         "tags": [
           "identity"

diff --git a/spec/swagger.json b/spec/swagger.json
@@ -660,6 +660,11 @@
     },
     "/admin/recovery/code": {
       "post": {
+        "security": [
+          {
+            "oryAccessToken": []
+          }
+        ],
         "description": "This endpoint creates a recovery code which should be given to the user in order for them to recover\n(or activate) their account.",
         "consumes": [
           "application/json"
@@ -715,6 +720,11 @@
     },
     "/admin/recovery/link": {
       "post": {
+        "security": [
+          {
+            "oryAccessToken": []
+          }
+        ],
         "description": "This endpoint creates a recovery link which should be given to the user in order for them to recover\n(or activate) their account.",
         "consumes": [
           "application/json"
@@ -902,6 +912,11 @@
         }
       },
       "delete": {
+        "security": [
+          {
+            "oryAccessToken": []
+          }
+        ],
         "description": "Calling this endpoint deactivates the specified session. Session data is not deleted.",
         "schemes": [
           "http",