Add documentation for authentication methods
Add swagger security definitions to settings and security parameters
to method annotations. Update the automated documentation file.
Issue: HIC-171
Change-Id: I34610f98186fb04664855ecbcfa3736b9c59c6c0
diff --git a/crashreport_stats/rest_endpoints.py b/crashreport_stats/rest_endpoints.py
index a84a152..d1dec33 100644
--- a/crashreport_stats/rest_endpoints.py
+++ b/crashreport_stats/rest_endpoints.py
@@ -13,6 +13,7 @@
from django.core.exceptions import ObjectDoesNotExist
from django.db import connection
from django.db.models.expressions import F
+from django.utils.decorators import method_decorator
from django_filters.rest_framework import (
DjangoFilterBackend,
@@ -32,6 +33,8 @@
from crashreports.permissions import (
HasRightsOrIsDeviceOwnerDeviceCreation,
HasStatsAccess,
+ SWAGGER_SECURITY_REQUIREMENTS_ALL,
+ SWAGGER_SECURITY_REQUIREMENTS_OAUTH,
)
from crashreports.response_descriptions import default_desc
@@ -75,6 +78,7 @@
@swagger_auto_schema(
operation_description="Get the update history of a device",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict(
[
default_desc(NotFound),
@@ -129,6 +133,7 @@
@swagger_auto_schema(
operation_description="Get the report history of a device",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict(
[
default_desc(NotFound),
@@ -179,6 +184,7 @@
@swagger_auto_schema(
operation_description="Get the number of devices, crashreports and "
"heartbeats",
+ security=SWAGGER_SECURITY_REQUIREMENTS_OAUTH,
responses=dict(
[
(
@@ -237,6 +243,7 @@
@swagger_auto_schema(
operation_description="Get some general statistics for a device.",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict(
[
default_desc(NotFound),
@@ -303,6 +310,7 @@
@swagger_auto_schema(
operation_description="Get a log file.",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict(
[
default_desc(NotFound),
@@ -350,6 +358,10 @@
permission_classes = (HasStatsAccess,)
+@method_decorator(
+ name="get",
+ decorator=swagger_auto_schema(security=SWAGGER_SECURITY_REQUIREMENTS_OAUTH),
+)
class _VersionStatsListView(generics.ListAPIView):
permission_classes = (HasStatsAccess,)
filter_backends = (DjangoFilterBackend,)
@@ -364,6 +376,10 @@
permission_classes = (HasStatsAccess,)
+@method_decorator(
+ name="get",
+ decorator=swagger_auto_schema(security=SWAGGER_SECURITY_REQUIREMENTS_OAUTH),
+)
class _DailyVersionStatsListView(generics.ListAPIView):
permission_classes = (HasStatsAccess,)
filter_backends = (DjangoFilterBackend,)
diff --git a/crashreports/permissions.py b/crashreports/permissions.py
index 8b10eb9..dd405ec 100644
--- a/crashreports/permissions.py
+++ b/crashreports/permissions.py
@@ -89,3 +89,12 @@
return False
return user_owns_uuid(request.user, request.data["uuid"])
return False
+
+
+# Security requirements for swagger documentation
+SWAGGER_SECURITY_REQUIREMENTS_OAUTH = [{"Google OAuth": []}]
+SWAGGER_SECURITY_REQUIREMENTS_DEVICE_TOKEN = [{"Device token authentication": []}]
+SWAGGER_SECURITY_REQUIREMENTS_ALL = (
+ SWAGGER_SECURITY_REQUIREMENTS_OAUTH
+ + SWAGGER_SECURITY_REQUIREMENTS_DEVICE_TOKEN
+)
diff --git a/crashreports/rest_api_crashreports.py b/crashreports/rest_api_crashreports.py
index 78707b9..30da54a 100644
--- a/crashreports/rest_api_crashreports.py
+++ b/crashreports/rest_api_crashreports.py
@@ -7,7 +7,10 @@
from rest_framework.response import Response
from rest_framework.exceptions import NotFound, ValidationError
-from crashreports.permissions import HasRightsOrIsDeviceOwnerDeviceCreation
+from crashreports.permissions import (
+ HasRightsOrIsDeviceOwnerDeviceCreation,
+ SWAGGER_SECURITY_REQUIREMENTS_ALL,
+)
from crashreports.serializers import CrashReportSerializer
from crashreports.models import Crashreport
from crashreports.response_descriptions import default_desc
@@ -23,12 +26,16 @@
@method_decorator(
name="get",
- decorator=swagger_auto_schema(operation_description="List crash reports"),
+ decorator=swagger_auto_schema(
+ operation_description="List crash reports",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
+ ),
)
@method_decorator(
name="post",
decorator=swagger_auto_schema(
operation_description="Create a crash report",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
request_body=CrashReportSerializer,
responses=dict(
[
@@ -90,6 +97,7 @@
name="get",
decorator=swagger_auto_schema(
operation_description="Get a crash report",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound)]),
),
)
@@ -97,6 +105,7 @@
name="put",
decorator=swagger_auto_schema(
operation_description="Update a crash report",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound), default_desc(ValidationError)]),
),
)
@@ -104,6 +113,7 @@
name="patch",
decorator=swagger_auto_schema(
operation_description="Partially update a crash report",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound), default_desc(ValidationError)]),
),
)
@@ -111,6 +121,7 @@
name="delete",
decorator=swagger_auto_schema(
operation_description="Delete a crash report",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound)]),
),
)
diff --git a/crashreports/rest_api_devices.py b/crashreports/rest_api_devices.py
index 96923b2..08f5681 100644
--- a/crashreports/rest_api_devices.py
+++ b/crashreports/rest_api_devices.py
@@ -12,19 +12,26 @@
from rest_framework.response import Response
from crashreports.models import Device, User
-from crashreports.permissions import HasRightsOrIsDeviceOwnerDeviceCreation
+from crashreports.permissions import (
+ HasRightsOrIsDeviceOwnerDeviceCreation,
+ SWAGGER_SECURITY_REQUIREMENTS_ALL,
+)
from crashreports.serializers import DeviceSerializer, DeviceCreateSerializer
from crashreports.response_descriptions import default_desc
@method_decorator(
name="get",
- decorator=swagger_auto_schema(operation_description="List devices"),
+ decorator=swagger_auto_schema(
+ operation_description="List devices",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
+ ),
)
@method_decorator(
name="post",
decorator=swagger_auto_schema(
operation_description="Create a device",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(ValidationError)]),
),
)
@@ -42,6 +49,7 @@
name="get",
decorator=swagger_auto_schema(
operation_description="Get a device",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound)]),
),
)
@@ -49,6 +57,7 @@
name="put",
decorator=swagger_auto_schema(
operation_description="Update a device",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound), default_desc(ValidationError)]),
),
)
@@ -56,6 +65,7 @@
name="patch",
decorator=swagger_auto_schema(
operation_description="Make a partial update for a device",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound), default_desc(ValidationError)]),
),
)
@@ -63,6 +73,7 @@
name="delete",
decorator=swagger_auto_schema(
operation_description="Delete a device",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound)]),
),
)
@@ -88,6 +99,7 @@
@swagger_auto_schema(
method="post",
request_body=DeviceCreateSerializer,
+ security=[],
responses=dict(
[
default_desc(ValidationError),
diff --git a/crashreports/rest_api_heartbeats.py b/crashreports/rest_api_heartbeats.py
index 33936fd..33a6383 100644
--- a/crashreports/rest_api_heartbeats.py
+++ b/crashreports/rest_api_heartbeats.py
@@ -8,19 +8,26 @@
from rest_framework.exceptions import NotFound, ValidationError
from crashreports.models import HeartBeat
-from crashreports.permissions import HasRightsOrIsDeviceOwnerDeviceCreation
+from crashreports.permissions import (
+ HasRightsOrIsDeviceOwnerDeviceCreation,
+ SWAGGER_SECURITY_REQUIREMENTS_ALL,
+)
from crashreports.response_descriptions import default_desc
from crashreports.serializers import HeartBeatSerializer
@method_decorator(
name="get",
- decorator=swagger_auto_schema(operation_description="List heartbeats"),
+ decorator=swagger_auto_schema(
+ operation_description="List heartbeats",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
+ ),
)
@method_decorator(
name="post",
decorator=swagger_auto_schema(
operation_description="Create a heartbeat",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
request_body=HeartBeatSerializer,
responses=dict(
[
@@ -57,6 +64,7 @@
name="get",
decorator=swagger_auto_schema(
operation_description="Get a heartbeat",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound)]),
),
)
@@ -64,6 +72,7 @@
name="put",
decorator=swagger_auto_schema(
operation_description="Update a heartbeat",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound), default_desc(ValidationError)]),
),
)
@@ -71,6 +80,7 @@
name="patch",
decorator=swagger_auto_schema(
operation_description="Partially update a heartbeat",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound), default_desc(ValidationError)]),
),
)
@@ -78,6 +88,7 @@
name="delete",
decorator=swagger_auto_schema(
operation_description="Delete a heartbeat",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound)]),
),
)
diff --git a/crashreports/rest_api_logfiles.py b/crashreports/rest_api_logfiles.py
index 6563caa..2ffe36b 100644
--- a/crashreports/rest_api_logfiles.py
+++ b/crashreports/rest_api_logfiles.py
@@ -26,12 +26,16 @@
HasRightsOrIsDeviceOwnerDeviceCreation,
user_owns_uuid,
user_is_hiccup_staff,
+ SWAGGER_SECURITY_REQUIREMENTS_ALL,
)
@method_decorator(
name="get",
- decorator=swagger_auto_schema(operation_description="List log files"),
+ decorator=swagger_auto_schema(
+ operation_description="List log files",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
+ ),
)
class ListCreateView(generics.ListAPIView):
"""Endpoint for listing log files."""
@@ -45,6 +49,7 @@
name="get",
decorator=swagger_auto_schema(
operation_description="Get a log file",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound)]),
),
)
@@ -52,6 +57,7 @@
name="put",
decorator=swagger_auto_schema(
operation_description="Update a log file",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound), default_desc(ValidationError)]),
),
)
@@ -59,6 +65,7 @@
name="patch",
decorator=swagger_auto_schema(
operation_description="Partially update a log file",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound), default_desc(ValidationError)]),
),
)
@@ -66,6 +73,7 @@
name="delete",
decorator=swagger_auto_schema(
operation_description="Delete a log file",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
responses=dict([default_desc(NotFound)]),
),
)
@@ -81,6 +89,7 @@
@swagger_auto_schema(
method="post",
+ security=SWAGGER_SECURITY_REQUIREMENTS_ALL,
request_body=LogFileSerializer,
responses=dict(
[
diff --git a/documentation/api-endpoints.md b/documentation/api-endpoints.md
index 177bc4f..a6bf64a 100644
--- a/documentation/api-endpoints.md
+++ b/documentation/api-endpoints.md
@@ -54,6 +54,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -134,6 +142,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -177,6 +193,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -243,6 +267,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -324,6 +356,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -366,6 +406,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -446,6 +494,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -530,6 +586,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -632,6 +696,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -699,6 +771,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -781,6 +861,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -824,6 +912,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -905,6 +1001,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -966,6 +1070,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1037,6 +1149,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1079,6 +1199,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1157,6 +1285,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1238,6 +1374,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1295,6 +1439,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1350,6 +1502,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1433,6 +1593,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1477,6 +1645,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1538,6 +1714,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1608,6 +1792,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1651,6 +1843,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1720,6 +1920,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1802,6 +2010,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1845,6 +2061,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1905,6 +2129,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -1974,6 +2206,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2016,6 +2256,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2095,6 +2343,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2138,6 +2394,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2195,6 +2459,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2258,6 +2530,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2300,6 +2580,14 @@
* hiccup
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2377,6 +2665,14 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2431,6 +2727,14 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2487,6 +2791,14 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2530,6 +2842,14 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+|**apiKey**|**[Device token authentication](#device-token-authentication)**|
+
+
#### Example HTTP request
##### Request path
@@ -2594,6 +2914,13 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+
+
#### Example HTTP request
##### Request path
@@ -2660,6 +2987,13 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+
+
#### Example HTTP request
##### Request path
@@ -2704,6 +3038,13 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+
+
#### Example HTTP request
##### Request path
@@ -2768,6 +3109,13 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+
+
#### Example HTTP request
##### Request path
@@ -2834,6 +3182,13 @@
* hiccup_stats
+#### Security
+
+|Type|Name|
+|---|---|
+|**oauth2**|**[Google OAuth](#google-oauth)**|
+
+
#### Example HTTP request
##### Request path
@@ -3018,9 +3373,22 @@
<a name="securityscheme"></a>
## Security
-<a name="basic"></a>
-### basic
-*Type* : basic
+<a name="device-token-authentication"></a>
+### Device token authentication
+Authenticate using a token that was returned on successful registration of a new device. The token can only be used to authenticate requests that target the device with the matching UUID. The token has to be put in the request header: 'Authorization: Token <AUTH_TOKEN>'
+
+*Type* : apiKey
+*Name* : Authorization
+*In* : HEADER
+
+
+<a name="google-oauth"></a>
+### Google OAuth
+Authenticate using a Google account. Only E-mail addresses in the @fairphone.com domain are allowed.
+
+*Type* : oauth2
+*Flow* : implicit
+*Token URL* : /accounts/google/login/callback/
diff --git a/documentation/swagger.properties b/documentation/swagger.properties
index 3f6948d..31dd818 100644
--- a/documentation/swagger.properties
+++ b/documentation/swagger.properties
@@ -1,5 +1,5 @@
swagger2markup.markupLanguage=MARKDOWN
swagger2markup.generatedExamplesEnabled=true
swagger2markup.flatBodyEnabled=true
-swagger2markup.pathSecuritySectionEnabled=false
+swagger2markup.pathSecuritySectionEnabled=true
swagger2markup.interDocumentCrossReferencesEnabled=true
diff --git a/hiccup/settings.py b/hiccup/settings.py
index 833c02d..9cdb991 100644
--- a/hiccup/settings.py
+++ b/hiccup/settings.py
@@ -204,7 +204,33 @@
# Automatic documentation generation
# https://drf-yasg.readthedocs.io/en/stable/index.html
-SWAGGER_SETTINGS = {"DEFAULT_INFO": "hiccup.urls.api_info"}
+SWAGGER_SETTINGS = {
+ "DEFAULT_INFO": "hiccup.urls.api_info",
+ "SECURITY_DEFINITIONS": {
+ "Device token authentication": {
+ "type": "apiKey",
+ "name": "Authorization",
+ "in": "header",
+ "description": (
+ "Authenticate using a token that was returned on successful "
+ "registration of a new device. The token can only be used to "
+ "authenticate requests that target the device with the "
+ "matching UUID. The token has to be put in the request header: "
+ "'Authorization: Token <AUTH_TOKEN>'"
+ ),
+ },
+ "Google OAuth": {
+ "type": "oauth2",
+ "flow": "implicit",
+ "authorizationUrl": "/accounts/google/login/callback/",
+ "scopes": {},
+ "description": (
+ "Authenticate using a Google account. Only E-mail addresses "
+ "in the @fairphone.com domain are allowed."
+ ),
+ },
+ },
+}
try:
from local_settings import * # noqa: F403,F401 pylint: disable=W0401,W0614