From c5fda7ac68caebf0dce7b816bf9fce686a233701 Mon Sep 17 00:00:00 2001 From: Sanchith Hegde <22217505+SanchithHegde@users.noreply.github.com> Date: Wed, 1 Mar 2023 11:46:50 +0530 Subject: [PATCH] docs(openapi): document security schemes (#676) Co-authored-by: Arun Raj M --- .typos.toml | 1 - crates/api_models/src/enums.rs | 1 + crates/api_models/src/payments.rs | 1 + crates/router/src/openapi.rs | 50 ++- crates/router/src/routes/admin.rs | 27 +- crates/router/src/routes/api_keys.rs | 15 +- crates/router/src/routes/customers.rs | 14 +- crates/router/src/routes/mandates.rs | 6 +- crates/router/src/routes/payment_methods.rs | 18 +- crates/router/src/routes/payments.rs | 24 +- crates/router/src/routes/refunds.rs | 12 +- openapi/generated.json | 336 +++++++++++++++++--- 12 files changed, 419 insertions(+), 86 deletions(-) diff --git a/.typos.toml b/.typos.toml index f921000970..8626c6067a 100644 --- a/.typos.toml +++ b/.typos.toml @@ -13,7 +13,6 @@ aci = "aci" # Name of a connector encrypter = "encrypter" # Used by the `ring` crate nin = "nin" # National identification number, a field used by PayU connector substituters = "substituters" # Present in `flake.nix` -hypo_noe_lb_fur_niederosterreich_u_wien = "hypo_noe_lb_fur_niederosterreich_u_wien" # Present in openapi/generated.json FO = "FO" # Faroe Islands (the) country code [files] diff --git a/crates/api_models/src/enums.rs b/crates/api_models/src/enums.rs index ef42c72716..c3125080f3 100644 --- a/crates/api_models/src/enums.rs +++ b/crates/api_models/src/enums.rs @@ -707,6 +707,7 @@ pub enum BankNames { strum::Display, strum::EnumString, frunk::LabelledGeneric, + ToSchema, )] pub enum CardNetwork { Visa, diff --git a/crates/api_models/src/payments.rs b/crates/api_models/src/payments.rs index 02f0976835..ba192d83df 100644 --- a/crates/api_models/src/payments.rs +++ b/crates/api_models/src/payments.rs @@ -382,6 +382,7 @@ pub struct Card { #[schema(value_type = String, example = "242")] pub card_cvc: Secret, pub card_issuer: Option, + #[schema(value_type = Option, example = "Visa")] pub card_network: Option, } diff --git a/crates/router/src/openapi.rs b/crates/router/src/openapi.rs index ea1b5e20fd..9873b60d55 100644 --- a/crates/router/src/openapi.rs +++ b/crates/router/src/openapi.rs @@ -64,7 +64,6 @@ Never share your secret api keys. Keep them guarded and secure. crate::routes::refunds::refunds_retrieve, crate::routes::refunds::refunds_update, crate::routes::refunds::refunds_list, - crate::routes::refunds::refunds_create, crate::routes::admin::merchant_account_create, crate::routes::admin::retrieve_merchant_account, crate::routes::admin::update_merchant_account, @@ -142,6 +141,7 @@ Never share your secret api keys. Keep them guarded and secure. api_models::enums::MandateStatus, api_models::enums::PaymentExperience, api_models::enums::BankNames, + api_models::enums::CardNetwork, api_models::admin::PaymentConnectorCreate, api_models::admin::PaymentMethodsEnabled, api_models::payments::AddressDetails, @@ -211,6 +211,52 @@ Never share your secret api keys. Keep them guarded and secure. crate::types::api::api_keys::RetrieveApiKeyResponse, crate::types::api::api_keys::RevokeApiKeyResponse, crate::types::api::api_keys::UpdateApiKeyRequest - )) + )), + modifiers(&SecurityAddon) )] pub struct ApiDoc; + +struct SecurityAddon; + +impl utoipa::Modify for SecurityAddon { + fn modify(&self, openapi: &mut utoipa::openapi::OpenApi) { + use utoipa::openapi::security::{ApiKey, ApiKeyValue, SecurityScheme}; + + if let Some(components) = openapi.components.as_mut() { + components.add_security_schemes_from_iter([ + ( + "api_key", + SecurityScheme::ApiKey(ApiKey::Header(ApiKeyValue::with_description( + "api-key", + "API keys are the most common method of authentication and can be obtained \ + from the HyperSwitch dashboard." + ))), + ), + ( + "admin_api_key", + SecurityScheme::ApiKey(ApiKey::Header(ApiKeyValue::with_description( + "api-key", + "Admin API keys allow you to perform some privileged actions such as \ + creating a merchant account and payment connector account." + ))), + ), + ( + "publishable_key", + SecurityScheme::ApiKey(ApiKey::Header(ApiKeyValue::with_description( + "api-key", + "Publishable keys are a type of keys that can be public and have limited \ + scope of usage." + ))), + ), + ( + "ephemeral_key", + SecurityScheme::ApiKey(ApiKey::Header(ApiKeyValue::with_description( + "api-key", + "Ephemeral keys provide temporary access to singular data, such as access \ + to a single customer object for a short period of time." + ))), + ), + ]); + } + } +} diff --git a/crates/router/src/routes/admin.rs b/crates/router/src/routes/admin.rs index 6cab7d6944..dc09a2214e 100644 --- a/crates/router/src/routes/admin.rs +++ b/crates/router/src/routes/admin.rs @@ -21,7 +21,8 @@ use crate::{ (status = 400, description = "Invalid data") ), tag = "Merchant Account", - operation_id = "Create a Merchant Account" + operation_id = "Create a Merchant Account", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::MerchantsAccountCreate))] pub async fn merchant_account_create( @@ -52,7 +53,8 @@ pub async fn merchant_account_create( (status = 404, description = "Merchant account not found") ), tag = "Merchant Account", - operation_id = "Retrieve a Merchant Account" + operation_id = "Retrieve a Merchant Account", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::MerchantsAccountRetrieve))] pub async fn retrieve_merchant_account( @@ -88,7 +90,8 @@ pub async fn retrieve_merchant_account( (status = 404, description = "Merchant account not found") ), tag = "Merchant Account", - operation_id = "Update a Merchant Account" + operation_id = "Update a Merchant Account", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::MerchantsAccountUpdate))] pub async fn update_merchant_account( @@ -121,7 +124,8 @@ pub async fn update_merchant_account( (status = 404, description = "Merchant account not found") ), tag = "Merchant Account", - operation_id = "Delete a Merchant Account" + operation_id = "Delete a Merchant Account", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::MerchantsAccountDelete))] // #[delete("/{id}")] @@ -157,7 +161,8 @@ pub async fn delete_merchant_account( (status = 400, description = "Missing Mandatory fields"), ), tag = "Merchant Connector Account", - operation_id = "Create a Merchant Connector" + operation_id = "Create a Merchant Connector", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentConnectorsCreate))] pub async fn payment_connector_create( @@ -194,7 +199,8 @@ pub async fn payment_connector_create( (status = 401, description = "Unauthorized request") ), tag = "Merchant Connector Account", - operation_id = "Retrieve a Merchant Connector" + operation_id = "Retrieve a Merchant Connector", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentConnectorsRetrieve))] pub async fn payment_connector_retrieve( @@ -236,7 +242,8 @@ pub async fn payment_connector_retrieve( (status = 401, description = "Unauthorized request") ), tag = "Merchant Connector Account", - operation_id = "List all Merchant Connectors" + operation_id = "List all Merchant Connectors", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentConnectorsList))] pub async fn payment_connector_list( @@ -273,7 +280,8 @@ pub async fn payment_connector_list( (status = 401, description = "Unauthorized request") ), tag = "Merchant Connector Account", - operation_id = "Update a Merchant Connector" + operation_id = "Update a Merchant Connector", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentConnectorsUpdate))] pub async fn payment_connector_update( @@ -312,7 +320,8 @@ pub async fn payment_connector_update( (status = 401, description = "Unauthorized request") ), tag = "Merchant Connector Account", - operation_id = "Delete a Merchant Connector" + operation_id = "Delete a Merchant Connector", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentConnectorsDelete))] pub async fn payment_connector_delete( diff --git a/crates/router/src/routes/api_keys.rs b/crates/router/src/routes/api_keys.rs index 6c7147da7e..9bdc873c91 100644 --- a/crates/router/src/routes/api_keys.rs +++ b/crates/router/src/routes/api_keys.rs @@ -21,7 +21,8 @@ use crate::{ (status = 400, description = "Invalid data") ), tag = "API Key", - operation_id = "Create an API Key" + operation_id = "Create an API Key", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::ApiKeyCreate))] pub async fn api_key_create( @@ -57,7 +58,8 @@ pub async fn api_key_create( (status = 404, description = "API Key not found") ), tag = "API Key", - operation_id = "Retrieve an API Key" + operation_id = "Retrieve an API Key", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::ApiKeyRetrieve))] pub async fn api_key_retrieve( @@ -90,7 +92,8 @@ pub async fn api_key_retrieve( (status = 404, description = "API Key not found") ), tag = "API Key", - operation_id = "Update an API Key" + operation_id = "Update an API Key", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::ApiKeyUpdate))] pub async fn api_key_update( @@ -125,7 +128,8 @@ pub async fn api_key_update( (status = 404, description = "API Key not found") ), tag = "API Key", - operation_id = "Revoke an API Key" + operation_id = "Revoke an API Key", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::ApiKeyRevoke))] pub async fn api_key_revoke( @@ -159,7 +163,8 @@ pub async fn api_key_revoke( (status = 200, description = "List of API Keys retrieved successfully", body = Vec), ), tag = "API Key", - operation_id = "List all API Keys associated with a merchant account" + operation_id = "List all API Keys associated with a merchant account", + security(("admin_api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::ApiKeyList))] pub async fn api_key_list( diff --git a/crates/router/src/routes/customers.rs b/crates/router/src/routes/customers.rs index 447f969aca..bf7e494c2a 100644 --- a/crates/router/src/routes/customers.rs +++ b/crates/router/src/routes/customers.rs @@ -20,8 +20,9 @@ use crate::{ (status = 200, description = "Customer Created", body = CustomerResponse), (status = 400, description = "Invalid data") ), - tag = "Customers", - operation_id = "Create a Customer" + tag = "Customers", + operation_id = "Create a Customer", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::CustomersCreate))] pub async fn customers_create( @@ -52,7 +53,8 @@ pub async fn customers_create( (status = 404, description = "Customer was not found") ), tag = "Customers", - operation_id = "Retrieve a Customer" + operation_id = "Retrieve a Customer", + security(("api_key" = []), ("ephemeral_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::CustomersRetrieve))] pub async fn customers_retrieve( @@ -95,7 +97,8 @@ pub async fn customers_retrieve( (status = 404, description = "Customer was not found") ), tag = "Customers", - operation_id = "Update a Customer" + operation_id = "Update a Customer", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::CustomersUpdate))] pub async fn customers_update( @@ -129,7 +132,8 @@ pub async fn customers_update( (status = 404, description = "Customer was not found") ), tag = "Customers", - operation_id = "Delete a Customer" + operation_id = "Delete a Customer", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::CustomersDelete))] pub async fn customers_delete( diff --git a/crates/router/src/routes/mandates.rs b/crates/router/src/routes/mandates.rs index 4d4739d26d..70643a52f8 100644 --- a/crates/router/src/routes/mandates.rs +++ b/crates/router/src/routes/mandates.rs @@ -23,7 +23,8 @@ use crate::{ (status = 404, description = "Mandate does not exist in our records") ), tag = "Mandates", - operation_id = "Retrieve a Mandate" + operation_id = "Retrieve a Mandate", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::MandatesRetrieve))] // #[get("/{id}")] @@ -60,7 +61,8 @@ pub async fn get_mandate( (status = 400, description = "Mandate does not exist in our records") ), tag = "Mandates", - operation_id = "Revoke a Mandate" + operation_id = "Revoke a Mandate", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::MandatesRevoke))] // #[post("/revoke/{id}")] diff --git a/crates/router/src/routes/payment_methods.rs b/crates/router/src/routes/payment_methods.rs index 90dc4f07d5..6872df9fe9 100644 --- a/crates/router/src/routes/payment_methods.rs +++ b/crates/router/src/routes/payment_methods.rs @@ -21,7 +21,8 @@ use crate::{ (status = 400, description = "Invalid Data") ), tag = "Payment Methods", - operation_id = "Create a Payment Method" + operation_id = "Create a Payment Method", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentMethodsCreate))] pub async fn create_payment_method_api( @@ -63,7 +64,8 @@ pub async fn create_payment_method_api( (status = 404, description = "Payment Methods does not exist in records") ), tag = "Payment Methods", - operation_id = "List all Payment Methods for a Merchant" + operation_id = "List all Payment Methods for a Merchant", + security(("api_key" = []), ("publishable_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentMethodsList))] pub async fn list_payment_method_api( @@ -110,7 +112,8 @@ pub async fn list_payment_method_api( (status = 404, description = "Payment Methods does not exist in records") ), tag = "Payment Methods", - operation_id = "List all Payment Methods for a Customer" + operation_id = "List all Payment Methods for a Customer", + security(("api_key" = []), ("ephemeral_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::CustomerPaymentMethodsList))] pub async fn list_customer_payment_method_api( @@ -154,7 +157,8 @@ pub async fn list_customer_payment_method_api( (status = 404, description = "Payment Method does not exist in records") ), tag = "Payment Methods", - operation_id = "Retrieve a Payment method" + operation_id = "Retrieve a Payment method", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentMethodsRetrieve))] pub async fn payment_method_retrieve_api( @@ -193,7 +197,8 @@ pub async fn payment_method_retrieve_api( (status = 404, description = "Payment Method does not exist in records") ), tag = "Payment Methods", - operation_id = "Update a Payment method" + operation_id = "Update a Payment method", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentMethodsUpdate))] pub async fn payment_method_update_api( @@ -236,7 +241,8 @@ pub async fn payment_method_update_api( (status = 404, description = "Payment Method does not exist in records") ), tag = "Payment Methods", - operation_id = "Delete a Payment method" + operation_id = "Delete a Payment method", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentMethodsDelete))] pub async fn payment_method_delete_api( diff --git a/crates/router/src/routes/payments.rs b/crates/router/src/routes/payments.rs index 68411f4cfc..d15674ea9e 100644 --- a/crates/router/src/routes/payments.rs +++ b/crates/router/src/routes/payments.rs @@ -22,7 +22,8 @@ use crate::{ (status = 400, description = "Missing Mandatory fields") ), tag = "Payments", - operation_id = "Create a Payment" + operation_id = "Create a Payment", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentsCreate))] // #[post("")] @@ -120,7 +121,8 @@ pub async fn payments_start( (status = 404, description = "No payment found") ), tag = "Payments", - operation_id = "Retrieve a Payment" + operation_id = "Retrieve a Payment", + security(("api_key" = []), ("publishable_key" = [])) )] #[instrument(skip(state), fields(flow = ?Flow::PaymentsRetrieve))] // #[get("/{payment_id}")] @@ -177,7 +179,8 @@ pub async fn payments_retrieve( (status = 400, description = "Missing mandatory fields") ), tag = "Payments", - operation_id = "Update a Payment" + operation_id = "Update a Payment", + security(("api_key" = []), ("publishable_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentsUpdate))] // #[post("/{payment_id}")] @@ -236,7 +239,8 @@ pub async fn payments_update( (status = 400, description = "Missing mandatory fields") ), tag = "Payments", - operation_id = "Confirm a Payment" + operation_id = "Confirm a Payment", + security(("api_key" = []), ("publishable_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentsConfirm))] // #[post("/{payment_id}/confirm")] @@ -296,7 +300,8 @@ pub async fn payments_confirm( (status = 400, description = "Missing mandatory fields") ), tag = "Payments", - operation_id = "Capture a Payment" + operation_id = "Capture a Payment", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentsCapture))] // #[post("/{payment_id}/capture")] @@ -343,7 +348,8 @@ pub async fn payments_capture( (status = 400, description = "Missing mandatory fields") ), tag = "Payments", - operation_id = "Create Session tokens for a Payment" + operation_id = "Create Session tokens for a Payment", + security(("publishable_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentsSessionToken))] pub async fn payments_connector_session( @@ -444,7 +450,8 @@ pub async fn payments_redirect_response( (status = 400, description = "Missing mandatory fields") ), tag = "Payments", - operation_id = "Cancel a Payment" + operation_id = "Cancel a Payment", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentsCancel))] // #[post("/{payment_id}/cancel")] @@ -500,7 +507,8 @@ pub async fn payments_cancel( (status = 404, description = "No payments found") ), tag = "Payments", - operation_id = "List all Payments" + operation_id = "List all Payments", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::PaymentsList))] #[cfg(feature = "olap")] diff --git a/crates/router/src/routes/refunds.rs b/crates/router/src/routes/refunds.rs index c60cf57187..c8ebcd5d50 100644 --- a/crates/router/src/routes/refunds.rs +++ b/crates/router/src/routes/refunds.rs @@ -21,7 +21,8 @@ use crate::{ (status = 400, description = "Missing Mandatory fields") ), tag = "Refunds", - operation_id = "Create a Refund" + operation_id = "Create a Refund", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::RefundsCreate))] // #[post("")] @@ -55,7 +56,8 @@ pub async fn refunds_create( (status = 404, description = "Refund does not exist in our records") ), tag = "Refunds", - operation_id = "Retrieve a Refund" + operation_id = "Retrieve a Refund", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::RefundsRetrieve))] // #[get("/{id}")] @@ -94,7 +96,8 @@ pub async fn refunds_retrieve( (status = 400, description = "Missing Mandatory fields") ), tag = "Refunds", - operation_id = "Update a Refund" + operation_id = "Update a Refund", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::RefundsUpdate))] // #[post("/{id}")] @@ -138,7 +141,8 @@ pub async fn refunds_update( (status = 404, description = "Refund does not exist in our records") ), tag = "Refunds", - operation_id = "List all Refunds" + operation_id = "List all Refunds", + security(("api_key" = [])) )] #[instrument(skip_all, fields(flow = ?Flow::RefundsList))] #[cfg(feature = "olap")] diff --git a/openapi/generated.json b/openapi/generated.json index 96bbcd11f0..00c46988fc 100644 --- a/openapi/generated.json +++ b/openapi/generated.json @@ -53,7 +53,12 @@ "description": "Invalid data" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] } }, "/accounts/{account_id}": { @@ -90,7 +95,12 @@ "description": "Merchant account not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] }, "post": { "tags": [ @@ -135,7 +145,12 @@ "description": "Merchant account not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] }, "delete": { "tags": [ @@ -170,7 +185,12 @@ "description": "Merchant account not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] } }, "/accounts/{account_id}/connectors": { @@ -213,7 +233,12 @@ "description": "Payment Connector does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] }, "post": { "tags": [ @@ -247,7 +272,12 @@ "description": "Missing Mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] } }, "/accounts/{account_id}/connectors/{connector_id}": { @@ -297,7 +327,12 @@ "description": "Payment Connector does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] }, "post": { "tags": [ @@ -355,7 +390,12 @@ "description": "Payment Connector does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] }, "delete": { "tags": [ @@ -403,7 +443,12 @@ "description": "Payment Connector does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] } }, "/api_keys/{merchant_id)": { @@ -439,7 +484,12 @@ "description": "Invalid data" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] } }, "/api_keys/{merchant_id)/{key_id}": { @@ -476,7 +526,12 @@ "description": "API Key not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] } }, "/api_keys/{merchant_id}/list": { @@ -524,7 +579,12 @@ } } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] } }, "/api_keys/{merchant_id}/{key_id}": { @@ -561,7 +621,12 @@ "description": "API Key not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] }, "post": { "tags": [ @@ -606,7 +671,12 @@ "description": "API Key not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "admin_api_key": [] + } + ] } }, "/customers": { @@ -642,7 +712,12 @@ "description": "Invalid data" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/customers/{customer_id}": { @@ -679,7 +754,15 @@ "description": "Customer was not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + }, + { + "ephemeral_key": [] + } + ] }, "post": { "tags": [ @@ -724,7 +807,12 @@ "description": "Customer was not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] }, "delete": { "tags": [ @@ -759,7 +847,12 @@ "description": "Customer was not found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/mandates/revoke/{mandate_id}": { @@ -796,7 +889,12 @@ "description": "Mandate does not exist in our records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/mandates/{mandate_id}": { @@ -833,7 +931,12 @@ "description": "Mandate does not exist in our records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/payment_methods": { @@ -869,7 +972,12 @@ "description": "Invalid Data" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/payment_methods/{account_id}": { @@ -971,7 +1079,15 @@ "description": "Payment Methods does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + }, + { + "publishable_key": [] + } + ] } }, "/payment_methods/{customer_id}": { @@ -1073,7 +1189,15 @@ "description": "Payment Methods does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + }, + { + "ephemeral_key": [] + } + ] } }, "/payment_methods/{method_id}": { @@ -1110,7 +1234,12 @@ "description": "Payment Method does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] }, "post": { "tags": [ @@ -1155,7 +1284,12 @@ "description": "Payment Method does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] }, "delete": { "tags": [ @@ -1190,7 +1324,12 @@ "description": "Payment Method does not exist in records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/payments": { @@ -1226,7 +1365,12 @@ "description": "Missing Mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/payments/list": { @@ -1334,7 +1478,12 @@ "description": "No payments found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/payments/session_tokens": { @@ -1370,7 +1519,12 @@ "description": "Missing mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "publishable_key": [] + } + ] } }, "/payments/{payment_id}": { @@ -1417,7 +1571,15 @@ "description": "No payment found" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + }, + { + "publishable_key": [] + } + ] }, "post": { "tags": [ @@ -1462,7 +1624,15 @@ "description": "Missing mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + }, + { + "publishable_key": [] + } + ] } }, "/payments/{payment_id}/cancel": { @@ -1502,7 +1672,12 @@ "description": "Missing mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/payments/{payment_id}/capture": { @@ -1549,7 +1724,12 @@ "description": "Missing mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/payments/{payment_id}/confirm": { @@ -1596,7 +1776,15 @@ "description": "Missing mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + }, + { + "publishable_key": [] + } + ] } }, "/refunds": { @@ -1632,7 +1820,12 @@ "description": "Missing Mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/refunds/list": { @@ -1729,7 +1922,12 @@ "description": "Refund does not exist in our records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } }, "/refunds/{refund_id}": { @@ -1766,7 +1964,12 @@ "description": "Refund does not exist in our records" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] }, "post": { "tags": [ @@ -1811,7 +2014,12 @@ "description": "Missing Mandatory fields" } }, - "deprecated": false + "deprecated": false, + "security": [ + { + "api_key": [] + } + ] } } }, @@ -2396,7 +2604,7 @@ "type": "string" }, "card_network": { - "type": "string" + "$ref": "#/components/schemas/CardNetwork" } } }, @@ -2460,6 +2668,22 @@ } } }, + "CardNetwork": { + "type": "string", + "enum": [ + "Visa", + "Mastercard", + "AmericanExpress", + "JCB", + "DinersClub", + "Discover", + "CartesBancaires", + "UnionPay", + "Interac", + "RuPay", + "Maestro" + ] + }, "Connector": { "type": "string", "enum": [ @@ -4092,9 +4316,7 @@ "enum": [ "card", "pay_later", - "wallet", - "klarna", - "paypal" + "wallet" ] }, "PaymentMethodData": { @@ -5081,7 +5303,7 @@ "wallet_name": { "type": "string", "enum": [ - "gpay" + "google_pay" ] } } @@ -5144,7 +5366,7 @@ "wallet_name": { "type": "string", "enum": [ - "applepay" + "apple_pay" ] } } @@ -5289,6 +5511,32 @@ } } } + }, + "securitySchemes": { + "admin_api_key": { + "type": "apiKey", + "in": "header", + "name": "api-key", + "description": "Admin API keys allow you to perform some privileged actions such as creating a merchant account and payment connector account." + }, + "api_key": { + "type": "apiKey", + "in": "header", + "name": "api-key", + "description": "API keys are the most common method of authentication and can be obtained from the HyperSwitch dashboard." + }, + "ephemeral_key": { + "type": "apiKey", + "in": "header", + "name": "api-key", + "description": "Ephemeral keys provide temporary access to singular data, such as access to a single customer object for a short period of time." + }, + "publishable_key": { + "type": "apiKey", + "in": "header", + "name": "api-key", + "description": "Publishable keys are a type of keys that can be public and have limited scope of usage." + } } }, "tags": [