IcyNetwork/IcyNet.eu
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2022-11-26. You can view files and clone it, but cannot push or open issues or pull requests.
a8a3ae3153
IcyNet.eu/API.md

3.3 KiB
Raw Blame History

IcyNet.eu API Documentation

/oauth2

OAuth 2.0 Authorization endpoints

GET /authorize +session

OAuth 2.0 Authorization dialog.

The following query parameters are expected:

  • redirect_uri - Client redirection URI, must match the redirection URI defined by client.
  • client_id - Client redirection ID.
  • response_type - Response type. Pretty much always code.
  • scope (optional) - Request additional resources. Available scopes are: privilege, email, image.
  • state (optional) - A forwarded token to prevent request forgery.

POST /token

Get an Access Token from code.

The following must be passed in the request body:

  • grant_type - One of authorization_code, client_credentials or refresh_token.
  • scope (optional) - See /authorize.

Successful response:

{
    token_type: 'bearer',
    access_token: <access token>,
    [refresh_token: <refresh token>,]
    expires_in: <seconds till token expiry>
}

A Authorization: Basic base64(client_id:client_secret) header must be present OR client_id and client_secret can also be passed in the request body. Both variants are supported by the API.

POST /introspect

Check for the validity of an Access Token.

The following must be passed in the request body:

  • token - The Access Token to introspect.

Successful response:

{
    token_type: 'bearer',
    token: <access token>,
    expires_in: <seconds till token expiry>
}

Requires client authentication, see POST /token.

GET /user

Get user information using an access token. Access token can be provided via querystring or header.

Successful response:

{
    id: <user id>,
    uuid: <user uuid>,
    username: <user username>,
    display_name: <user display_name>,
    [email: <user email address>] (requires email scope),
    [image: <URL to user's avatar file>] (requires image scope),
    [privilege: <user privilege level>] (requires privilege scope)
}

/api

Internal API endpoints.

/external

Authentication callbacks.

GET /news

Icy Network News.

GET /news/:id

Get a news article by it's ID.

POST /news/edit/:id +session

Edit a news article by it's ID. Requires a special privileged user

GET /news/all/:page

Get all news articles on :page.

POST /avatar +session

Change the avatar of the currently logged in user.

POST /remove +session

Remove the avatar of the currently logged in user.

POST /gravatar +session

Set the avatar of the currently logged in user to their Gravatar avatar.

GET /avatar +session

Get the avatar of the currently logged in user.

GET /gravatar +session

Get the Gravatar avatar of the currently logged in user, if applicable.

GET /:id

Get the avatar of the user with ID :id.

/oauth2

Special OAuth 2.0 management endpoints.

GET /authorized-clients +session

Get the authorized OAuth 2.0 clients of the currently logged in user.

POST /revoke +session

Revoke an authorized OAuth 2.0 client. Requires client_id in the body.

GET /donations

List the donations given to Icy Network.

GET /user +session

List the donations given to Icy Network by the currently logged in user.

POST /paypal/ipn

PayPal Payment Notification endpoint.