Skip to content

Fix validation error for tokenEndPoint #310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mickenordin merged 2 commits into from
Dec 11, 2025
Merged

Fix validation error for tokenEndPoint #310

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7aec88b
Fix validation error for tokenEndPoint
mickenordin Dec 10, 2025
eaf4e5b
Compactify
mickenordin Dec 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 16 additions & 28 deletions spec.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,34 +231,6 @@ paths:
application/json:
schema:
$ref: "#/components/schemas/Error"
/{tokenEndPoint}:
post:
summary: Token Exchange endpoint
description: >
This optional endpoint allows to obtain a (potentially short-lived) bearer token in exchange for a secret.
See [Resource Access](https://github.com/cs3org/OCM-API/blob/develop/IETF-RFC.md#resource-access)
for more details. The actual endpoint URL is discovered via OCM provider metadata
(tokenEndPoint).
requestBody:
content:
application/x-www-form-urlencoded:
schema:
$ref: "#/components/schemas/TokenRequest"
description: Form-encoded request body.
required: true
responses:
"200":
description: Token issued.
content:
application/json:
schema:
$ref: "#/components/schemas/TokenResponse"
"400":
description: Token denied.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
components:
parameters:
id:
Expand Down Expand Up @@ -456,9 +428,25 @@ components:
-----END PUBLIC KEY-----
tokenEndPoint:
type: string
format: uri
description: >
Optional URL path of the Token Exchange endpoint to obtain bearer tokens in exchange for codes.
If the `exchange-token` capability is exposed, the tokenEndPoint MUST be advertised in the discovery response.

**Token Exchange API:**
This optional endpoint allows obtaining a (potentially short-lived) bearer token in exchange for a secret.

**HTTP Request:**
- Method: POST
- URL: The URL discovered in this field
- Content-Type: application/x-www-form-urlencoded
- Body: TokenRequest schema (form-encoded, required)

**HTTP Responses:**
- 200: Token issued (application/json with TokenResponse schema)
- 400: Token denied (application/json with Error schema)

See TokenRequest and TokenResponse schemas for the complete data structure.
example: /index.php/apps/sciencemesh/token
inviteAcceptDialog:
type: string
Expand Down
Loading