diff --git a/openapi/stellar-disbursement-platform/main.yml b/openapi/stellar-disbursement-platform/main.yml index 061eb20d9..36ed0d535 100644 --- a/openapi/stellar-disbursement-platform/main.yml +++ b/openapi/stellar-disbursement-platform/main.yml @@ -64,7 +64,7 @@ paths: password: type: string example: - username: reece + username: johndoe@mail.com password: mysecret produces: - application/json @@ -121,40 +121,123 @@ paths: produces: - application/json security: - - oauth2: [] - /disbursements: - get: + - BearerAuth: [] + /mfa: + post: + summary: Multi-factor authentication endpoint + operationId: authenticateMFA + tags: + - Authentication + parameters: + - in: body + name: body + description: MFA request data + required: true + schema: + type: object + properties: + mfa_code: + type: string + description: Multi-factor authentication code + remember_me: + type: boolean + description: Boolean flag to remember the user + recaptcha_token: + type: string + description: Token for reCAPTCHA validation + required: + - mfa_code + - in: header + name: Device-ID + type: string + required: false + description: Identifier of the device responses: '200': - description: OK - headers: {} - examples: {} + description: Successful authentication + schema: + type: object + properties: + token: + type: string + description: Authentication token + '400': + $ref: '#/responses/BadRequestResponse' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/responses/UnauthorizedResponse' + produces: + - application/json + /forgot-password: + post: + summary: Forgot password endpoint + operationId: forgotPassword + tags: + - Authentication + parameters: + - in: body + name: body + description: Forgot password request data + required: true schema: type: object properties: - error: + email: type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + format: email + description: Email of the user + recaptcha_token: + type: string + description: Token for reCAPTCHA validation + required: + - email + responses: + '200': + description: Forgot password email sent successfully + schema: + $ref: '#/definitions/MessageResponse' + '400': + $ref: '#/responses/BadRequestResponse' + /reset-password: + post: + summary: Reset password endpoint + operationId: resetPassword + tags: + - Authentication + parameters: + - in: body + name: body + description: Reset password request data + required: true + schema: + type: object + properties: + password: + type: string + description: New password for the user + reset_token: + type: string + description: Token used to identify a valid password reset request + required: + - password + - reset_token + responses: + '200': + description: Password reset successfully + '400': + $ref: '#/responses/BadRequestResponse' + produces: + - application/json + /disbursements: + get: + responses: + '200': + description: "A list of Disbursement details" + schema: + $ref: '#/definitions/DisbursementPagination' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: List All Disbursements operationId: List All Disbursements description: '' @@ -227,161 +310,13 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] post: responses: '201': - description: Created - headers: {} - examples: - application/json: - id: 619da857-8725-4c58-933d-c120a458e0f5 - name: Disbursement Name - upload_by: - id: 88b0ad24-8bab-4f19-903f-cb2da90108a2 - name: Marcelo - total_payments: 0 - total_payments_sent: 0 - total_payments_remaining: 0 - total_payments_failed: 0 - amount_disbursed: '0.0000000' - total_amount: '0.0000000' - average_amount: '0.0000000' - country: - code: ua - name: Ukraine - language: uk - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' - wallet: - id: e2de8544-b7e2-40a9-ad40-411f70d5c4bf - name: Vibrant - homepage: https://vibrantapp.com - asset: - id: 25923001-508a-4629-9186-c41211b2a3d0 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - name: USD Coin - status: DRAFT - status_history: - - user_id: null - status: DRAFT - timestamp: '2023-02-03T10:45:51.000Z' - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' + description: "A new disbursement" schema: - type: object - properties: - id: - type: string - name: - type: string - upload_by: - type: object - properties: - id: - type: string - name: - type: string - total_payments: - type: number - total_payments_sent: - type: number - total_payments_remaining: - type: number - total_payments_failed: - type: number - amount_disbursed: - type: string - total_amount: - type: string - average_amount: - type: string - country: - type: object - properties: - code: - type: string - name: - type: string - language: - type: string - created_at: - type: string - updated_at: - type: string - wallet: - type: object - properties: - id: - type: string - name: - type: string - homepage: - type: string - asset: - type: object - properties: - id: - type: string - code: - type: string - issuer: - type: string - name: - type: string - status: - type: string - status_history: - type: array - items: - type: object - properties: - user_id: - type: string - status: - type: string - timestamp: - type: string - created_at: - type: string - updated_at: - type: string - example: - id: 619da857-8725-4c58-933d-c120a458e0f5 - name: Disbursement Name - upload_by: - id: 88b0ad24-8bab-4f19-903f-cb2da90108a2 - name: Marcelo - total_payments: 0 - total_payments_sent: 0 - total_payments_remaining: 0 - total_payments_failed: 0 - amount_disbursed: '0.0000000' - total_amount: '0.0000000' - average_amount: '0.0000000' - country: - code: ua - name: Ukraine - language: uk - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' - wallet: - id: e2de8544-b7e2-40a9-ad40-411f70d5c4bf - name: Vibrant - homepage: https://vibrantapp.com - asset: - id: 25923001-508a-4629-9186-c41211b2a3d0 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - name: USD Coin - status: DRAFT - status_history: - - user_id: null - status: DRAFT - timestamp: '2023-02-03T10:45:51.000Z' - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' + $ref: '#/definitions/Disbursement' '400': description: Bad Request headers: {} @@ -409,44 +344,9 @@ paths: status: 400 message: Invalid country code provided '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/responses/UnauthorizedResponse' '403': - description: Forbidden - headers: {} - examples: - application/json: - error: Forbidden - schema: - type: object - properties: - error: - type: string - example: - error: Forbidden + $ref: '#/responses/ForbiddenResponse' summary: Create Disbursements operationId: Create Disbursements description: '' @@ -474,268 +374,18 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /disbursements/{id}: get: responses: '200': - description: OK - headers: {} - examples: - application/json: - id: 619da857-8725-4c58-933d-c120a458e0f5 - name: Disbursement Name - upload_by: - id: 88b0ad24-8bab-4f19-903f-cb2da90108a2 - name: Marcelo - total_payments: 2 - total_payments_sent: 1 - total_payments_remaining: 1 - total_payments_failed: 0 - amount_disbursed: '75.000000' - total_amount: '150.0000000' - average_amount: '75.00000000' - country: - code: ua - name: Ukraine - language: uk - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' - wallet: - id: e2de8544-b7e2-40a9-ad40-411f70d5c4bf - name: Vibrant - homepage: https://vibrantapp.com - asset: - id: 25923001-508a-4629-9186-c41211b2a3d0 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - name: USD Coin - beneficiaries: - - id: 2ec7f1f9-add3-4e6d-9d14-bd8ac5e88872 - phone_number: '+380441234567' - payment_id: b6b667ad-6cc2-46cf-9be7-561daace7d48 - amount: '75.0000000' - stellar_address: GAUETA6XCPFIZNJQLETG5JR3GGNTJIXXRDIIY4D5QYU2JR6RPUFEUCVZ - stellar_transaction_id: >- - 614942ad90df7f8b47f8a7dfa5d8bb34e577802c7d687edd067437202959d0ef - status: SUCCESS - - payment_id: b6b667ad-6cc2-46cf-9be7-561daace7d48 - phone_number: '+380441234567' - amount: '75.0000000' - stellar_address: GAUETA6XCPFIZNJQLETG5JR3GGNTJIXXRDIIY4D5QYU2JR6RPUFEUCVZ - stellar_transaction_id: >- - 614942ad90df7f8b47f8a7dfa5d8bb34e577802c7d687edd067437202959d0ef - status: READY - status_history: - - user_id: null - status: DRAFT - timestamp: '2023-02-03T10:45:51.000Z' - - user_id: 2ec7f1f9-add3-4e6d-9d14-bd8ac5e88872 - status: DRAFT - timestamp: '2023-02-03T10:45:51.000Z' - - user_id: null - status: READY - timestamp: '2023-02-03T11:45:51.000Z' - - user_id: 2ec7f1f9-add3-4e6d-9d14-bd8ac5e88872 - status: READY - timestamp: '2023-02-03T11:45:51.000Z' - status: READY - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T11:45:51.000Z' + description: "Disbursement details" schema: - type: object - properties: - id: - type: string - name: - type: string - upload_by: - type: object - properties: - id: - type: string - name: - type: string - total_payments: - type: number - total_payments_sent: - type: number - total_payments_remaining: - type: number - total_payments_failed: - type: number - amount_disbursed: - type: string - total_amount: - type: string - average_amount: - type: string - country: - type: object - properties: - code: - type: string - name: - type: string - language: - type: string - created_at: - type: string - updated_at: - type: string - wallet: - type: object - properties: - id: - type: string - name: - type: string - homepage: - type: string - asset: - type: object - properties: - id: - type: string - code: - type: string - issuer: - type: string - name: - type: string - beneficiaries: - type: array - items: - type: object - properties: - id: - type: string - phone_number: - type: string - payment_id: - type: string - amount: - type: string - stellar_address: - type: string - stellar_transaction_id: - type: string - status: - type: string - required: - - payment_id - - phone_number - - amount - - stellar_address - - stellar_transaction_id - - status - status_history: - type: array - items: - type: object - properties: - user_id: - type: string - status: - type: string - timestamp: - type: string - required: - - user_id - - status - - timestamp - status: - type: string - created_at: - type: string - updated_at: - type: string - example: - id: 619da857-8725-4c58-933d-c120a458e0f5 - name: Disbursement Name - upload_by: - id: 88b0ad24-8bab-4f19-903f-cb2da90108a2 - name: Marcelo - total_payments: 2 - total_payments_sent: 1 - total_payments_remaining: 1 - total_payments_failed: 0 - amount_disbursed: '75.000000' - total_amount: '150.0000000' - average_amount: '75.00000000' - country: - code: ua - name: Ukraine - language: uk - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' - wallet: - id: e2de8544-b7e2-40a9-ad40-411f70d5c4bf - name: Vibrant - homepage: https://vibrantapp.com - asset: - id: 25923001-508a-4629-9186-c41211b2a3d0 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - name: USD Coin - beneficiaries: - - id: 2ec7f1f9-add3-4e6d-9d14-bd8ac5e88872 - phone_number: '+380441234567' - payment_id: b6b667ad-6cc2-46cf-9be7-561daace7d48 - amount: '75.0000000' - stellar_address: GAUETA6XCPFIZNJQLETG5JR3GGNTJIXXRDIIY4D5QYU2JR6RPUFEUCVZ - stellar_transaction_id: >- - 614942ad90df7f8b47f8a7dfa5d8bb34e577802c7d687edd067437202959d0ef - status: SUCCESS - - payment_id: b6b667ad-6cc2-46cf-9be7-561daace7d48 - phone_number: '+380441234567' - amount: '75.0000000' - stellar_address: GAUETA6XCPFIZNJQLETG5JR3GGNTJIXXRDIIY4D5QYU2JR6RPUFEUCVZ - stellar_transaction_id: >- - 614942ad90df7f8b47f8a7dfa5d8bb34e577802c7d687edd067437202959d0ef - status: READY - status_history: - - user_id: null - status: DRAFT - timestamp: '2023-02-03T10:45:51.000Z' - - user_id: 2ec7f1f9-add3-4e6d-9d14-bd8ac5e88872 - status: DRAFT - timestamp: '2023-02-03T10:45:51.000Z' - - user_id: null - status: READY - timestamp: '2023-02-03T11:45:51.000Z' - - user_id: 2ec7f1f9-add3-4e6d-9d14-bd8ac5e88872 - status: READY - timestamp: '2023-02-03T11:45:51.000Z' - status: READY - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T11:45:51.000Z' + $ref: '#/definitions/Disbursement' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' '404': description: Not Found headers: {} @@ -768,8 +418,7 @@ paths: tags: - Disbursements parameters: - - &ref_0 - name: id + - name: id in: path description: ID of the `Disbursement`. required: true @@ -777,538 +426,18 @@ paths: produces: - application/json security: - - oauth2: [] - patch: - responses: - '200': - description: OK - headers: {} - examples: - application/json: - id: 619da857-8725-4c58-933d-c120a458e0f5 - name: Disbursement Name - upload_by: - id: 88b0ad24-8bab-4f19-903f-cb2da90108a2 - name: Marcelo - total_payments: 20 - total_payments_sent: 0 - total_payments_remaining: 20 - total_payments_failed: 0 - amount_disbursed: '0.000000' - total_amount: '0.0000000' - average_amount: '0.00000000' - country: - code: ua - name: Ukraine - language: uk - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' - wallet: - id: e2de8544-b7e2-40a9-ad40-411f70d5c4bf - name: Vibrant - homepage: https://vibrantapp.com - asset: - id: 25923001-508a-4629-9186-c41211b2a3d0 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - name: USD Coin - status: DRAFT - status_history: - - user_id: null - status: DRAFT - timestamp: '2023-02-03T10:45:51.000Z' - - user_id: null - status: READY - timestamp: '2023-02-03T11:45:51.000Z' - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T11:45:51.000Z' - schema: - type: object - properties: - id: - type: string - name: - type: string - upload_by: - type: object - properties: - id: - type: string - name: - type: string - total_payments: - type: number - total_payments_sent: - type: number - total_payments_remaining: - type: number - total_payments_failed: - type: number - amount_disbursed: - type: string - total_amount: - type: string - average_amount: - type: string - country: - type: object - properties: - code: - type: string - name: - type: string - language: - type: string - created_at: - type: string - updated_at: - type: string - wallet: - type: object - properties: - id: - type: string - name: - type: string - homepage: - type: string - asset: - type: object - properties: - id: - type: string - code: - type: string - issuer: - type: string - name: - type: string - status: - type: string - status_history: - type: array - items: - type: object - properties: - user_id: - type: string - status: - type: string - timestamp: - type: string - required: - - user_id - - status - - timestamp - created_at: - type: string - updated_at: - type: string - example: - id: 619da857-8725-4c58-933d-c120a458e0f5 - name: Disbursement Name - upload_by: - id: 88b0ad24-8bab-4f19-903f-cb2da90108a2 - name: Marcelo - total_payments: 20 - total_payments_sent: 0 - total_payments_remaining: 20 - total_payments_failed: 0 - amount_disbursed: '0.000000' - total_amount: '0.0000000' - average_amount: '0.00000000' - country: - code: ua - name: Ukraine - language: uk - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' - wallet: - id: e2de8544-b7e2-40a9-ad40-411f70d5c4bf - name: Vibrant - homepage: https://vibrantapp.com - asset: - id: 25923001-508a-4629-9186-c41211b2a3d0 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - name: USD Coin - status: DRAFT - status_history: - - user_id: null - status: DRAFT - timestamp: '2023-02-03T10:45:51.000Z' - - user_id: null - status: READY - timestamp: '2023-02-03T11:45:51.000Z' - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T11:45:51.000Z' - '400': - description: Bad Request - headers: {} - examples: - application/json: - error: Bad request - extras: - status: 400 - message: Invalid country code provided - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Bad request - extras: - status: 400 - message: Invalid country code provided - '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized - '403': - description: Forbidden - headers: {} - examples: - application/json: - error: Forbidden - schema: - type: object - properties: - error: - type: string - example: - error: Forbidden - '404': - description: Not Found - headers: {} - examples: - application/json: - error: Not found - extras: - status: 404 - message: Disbursement not found - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not found - extras: - status: 404 - message: Disbursement not found - summary: Update a Disbursement - operationId: Update a Disbursement - description: '' - tags: - - Disbursements - parameters: - - *ref_0 - produces: - - application/json - security: - - oauth2: [] - delete: - responses: - '204': - description: No Content - headers: {} - examples: {} - '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized - '403': - description: Forbidden - headers: {} - examples: - application/json: - error: Forbidden - schema: - type: object - properties: - error: - type: string - example: - error: Forbidden - '404': - description: Not Found - headers: {} - examples: - application/json: - error: Not found - extras: - status: 404 - message: Disbursement not found - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not found - extras: - status: 404 - message: Disbursement not found - summary: Delete a Disbursement - operationId: Delete a Disbursement - description: '' - tags: - - Disbursements - parameters: - - *ref_0 - produces: - - application/json - security: - - oauth2: [] + - BearerAuth: [] /disbursements/{id}/receivers: get: responses: '200': - description: OK - headers: {} - examples: - application/json: - pagination: - prev: >- - /disbursements/2e15759b-8ffd-43de-b661-87a80fd70241/receivers?page=1 - next: >- - /disbursements/2e15759b-8ffd-43de-b661-87a80fd70241/receivers?page=3 - pages: 3 - total: 44 - data: - - id: 5e7a7f60-1284-4a0b-8be1-1df17ef4d7fd - phone_number: '+380507770770' - external_id: '1357' - receiver_wallet: - id: 87dae0ca-0819-4361-9af4-1760a1463dba - receiver: - id: 5e7a7f60-1284-4a0b-8be1-1df17ef4d7fd - wallet: - id: 402bf417-11bd-4903-b310-0ce5da11e029 - name: Vibrant - status: DRAFT - created_at: '2023-04-17T22:53:49.827645Z' - updated_at: '2023-04-17T22:53:49.827645Z' - payment: - id: 320828bb-3987-4bd4-aa07-037743183af0 - amount: '91.8600000' - stellar_transaction_id: '' - stellar_operation_id: '' - status: DRAFT - asset: - id: ef271bfe-1b56-4f55-8579-ae194889e745 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - created_at: '2023-04-18T16:24:16.710071Z' - updated_at: '2023-04-18T16:24:16.710071Z' - created_at: '2023-04-17T22:53:49.827645Z' - updated_at: '2023-04-17T22:53:49.827645Z' - schema: - type: object - properties: - pagination: - type: object - properties: - prev: - type: string - next: - type: string - pages: - type: number - total: - type: number - data: - type: array - items: - type: object - properties: - id: - type: string - phone_number: - type: string - external_id: - type: string - receiver_wallet: - type: object - properties: - id: - type: string - receiver: - type: object - properties: - id: - type: string - wallet: - type: object - properties: - id: - type: string - name: - type: string - status: - type: string - created_at: - type: string - updated_at: - type: string - payment: - type: object - properties: - id: - type: string - amount: - type: string - stellar_transaction_id: - type: string - stellar_operation_id: - type: string - status: - type: string - asset: - type: object - properties: - id: - type: string - code: - type: string - issuer: - type: string - created_at: - type: string - updated_at: - type: string - created_at: - type: string - updated_at: - type: string - example: - pagination: - prev: >- - /disbursements/2e15759b-8ffd-43de-b661-87a80fd70241/receivers?page=1 - next: >- - /disbursements/2e15759b-8ffd-43de-b661-87a80fd70241/receivers?page=3 - pages: 3 - total: 44 - data: - - id: 5e7a7f60-1284-4a0b-8be1-1df17ef4d7fd - phone_number: '+380507770770' - external_id: '1357' - receiver_wallet: - id: 87dae0ca-0819-4361-9af4-1760a1463dba - receiver: - id: 5e7a7f60-1284-4a0b-8be1-1df17ef4d7fd - wallet: - id: 402bf417-11bd-4903-b310-0ce5da11e029 - name: Vibrant - status: DRAFT - created_at: '2023-04-17T22:53:49.827645Z' - updated_at: '2023-04-17T22:53:49.827645Z' - payment: - id: 320828bb-3987-4bd4-aa07-037743183af0 - amount: '91.8600000' - stellar_transaction_id: '' - stellar_operation_id: '' - status: DRAFT - asset: - id: ef271bfe-1b56-4f55-8579-ae194889e745 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - created_at: '2023-04-18T16:24:16.710071Z' - updated_at: '2023-04-18T16:24:16.710071Z' - created_at: '2023-04-17T22:53:49.827645Z' - updated_at: '2023-04-17T22:53:49.827645Z' - '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized + description: "A list of Disbursement Receivers" schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/definitions/DisbursementReceiverPagination' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' '404': description: Not Found headers: {} @@ -1359,7 +488,7 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /disbursements/{id}/instructions: post: responses: @@ -1403,22 +532,9 @@ paths: foo: bar message: Not authorized '401': - description: Unauthorized - headers: {} - examples: {} + $ref: '#/responses/UnauthorizedResponse' '403': - description: Forbidden - headers: {} - examples: - application/json: - error: Forbidden - schema: - type: object - properties: - error: - type: string - example: - error: Forbidden + $ref: '#/responses/ForbiddenResponse' '404': description: Not Found headers: {} @@ -1447,27 +563,37 @@ paths: message: Disbursement not found summary: Upload Disbursement Instructions operationId: Upload Disbursement Instructions - description: '' + description: Upload a CSV file with disbursement instructions. + consumes: + - multipart/form-data tags: - Disbursements parameters: - - &ref_1 - name: id + - name: id in: path description: ID of the Disbursement required: true type: string + - name: "file" + in: "formData" + description: "Disbursement instructions file to upload. The CSV file should be in the following format: `phone,id,amount,verification`" + required: true + type: "file" produces: - application/json security: - - oauth2: [] + - BearerAuth: [] get: responses: '200': - description: OK + description: "Disbursement CSV file" headers: Content-Disposition: type: string + description: "The filename of the returned CSV file." + Content-Type: + type: string + description: "text/csv" examples: text/csv: '' '400': @@ -1497,13 +623,9 @@ paths: foo: bar message: Invalid request parameters '401': - description: Unauthorized - headers: {} - examples: {} + $ref: '#/responses/UnauthorizedResponse' '403': - description: Forbidden - headers: {} - examples: {} + $ref: '#/responses/ForbiddenResponse' '404': description: Not Found headers: {} @@ -1536,28 +658,25 @@ paths: tags: - Disbursements parameters: - - *ref_1 + - name: id + in: path + description: ID of the Disbursement + required: true + type: string produces: - text/csv - - application/json security: - - oauth2: [] + - BearerAuth: [] /disbursements/{id}/status: patch: responses: '200': - description: OK - headers: {} + description: "Message Response" + schema: + $ref: '#/definitions/MessageResponse' examples: application/json: message: Disbursement started - schema: - type: object - properties: - message: - type: string - example: - message: Disbursement started '400': description: Bad Request headers: {} @@ -1585,44 +704,9 @@ paths: status: 400 message: Disbursement is not ready to be started '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/responses/UnauthorizedResponse' '403': - description: Forbidden - headers: {} - examples: - application/json: - error: Forbidden - schema: - type: object - properties: - error: - type: string - example: - error: Forbidden + $ref: '#/responses/ForbiddenResponse' '404': description: Not Found headers: {} @@ -1663,40 +747,18 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /payments: get: responses: '200': - description: OK - headers: {} - examples: {} - '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized + description: "A paginated list of payments" schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/definitions/PaymentPagination' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: List All Payments operationId: List All Payments description: '' @@ -1770,199 +832,18 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /payments/{id}: get: responses: '200': - description: OK - headers: {} - examples: - application/json: - id: b6b667ad-6cc2-46cf-9be7-561daace7d48 - amount: '100.000000' - stellar_transaction_id: 614942ad90df7f8b47f8a7dfa5d8bb34e577802c7d687edd067437202959d0ef - stellar_operation_id: '192334871807819777' - status: DRAFT - status_history: - - status: DRAFT - status_message: Some Message - timestamp: '2023-02-03T14:33:50.000Z' - - status: READY - status_message: Some Message - timestamp: '2023-02-03T14:45:50.000Z' - disbursement: - id: 619da857-8725-4c58-933d-c120a458e0f5 - name: Disbursement Name - status: DRAFT - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' - asset: - id: 25923001-508a-4629-9186-c41211b2a3d0 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - receiver_wallet: - id: 2ec7f1f9-add3-4e6d-9d14-bd8ac5e88872 - receiver: - id: e7431183-01e4-486a-8a4d-3489bdc07a4e - wallet: - id: 25923001-b7e2-40a9-ad40-411f70d5c4bf - name: Vibrant - stellar_address: GAUETA6XCPFIZNJQLETG5JR3GGNTJIXXRDIIY4D5QYU2JR6RPUFEUCVZ - stellar_memo: some-memo - stellar_memo_type: text - status: REGISTERED - created_at: '2023-02-03T14:33:50.000Z' - updated_at: '2023-02-03T14:45:50.000Z' - created_at: '2023-02-03T14:33:50.000Z' - updated_at: '2023-02-03T14:33:50.000Z' + description: "Payment details" schema: - type: object - properties: - id: - type: string - amount: - type: string - stellar_transaction_id: - type: string - stellar_operation_id: - type: string - status: - type: string - status_history: - type: array - items: - type: object - properties: - status: - type: string - status_message: - type: string - timestamp: - type: string - required: - - status - - status_message - - timestamp - disbursement: - type: object - properties: - id: - type: string - name: - type: string - status: - type: string - created_at: - type: string - updated_at: - type: string - asset: - type: object - properties: - id: - type: string - code: - type: string - issuer: - type: string - receiver_wallet: - type: object - properties: - id: - type: string - receiver: - type: object - properties: - id: - type: string - wallet: - type: object - properties: - id: - type: string - name: - type: string - stellar_address: - type: string - stellar_memo: - type: string - stellar_memo_type: - type: string - status: - type: string - created_at: - type: string - updated_at: - type: string - created_at: - type: string - updated_at: - type: string - example: - id: b6b667ad-6cc2-46cf-9be7-561daace7d48 - amount: '100.000000' - stellar_transaction_id: 614942ad90df7f8b47f8a7dfa5d8bb34e577802c7d687edd067437202959d0ef - stellar_operation_id: '192334871807819777' - status: DRAFT - status_history: - - status: DRAFT - status_message: Some Message - timestamp: '2023-02-03T14:33:50.000Z' - - status: READY - status_message: Some Message - timestamp: '2023-02-03T14:45:50.000Z' - disbursement: - id: 619da857-8725-4c58-933d-c120a458e0f5 - name: Disbursement Name - status: DRAFT - created_at: '2023-02-03T10:45:51.000Z' - updated_at: '2023-02-03T10:45:51.000Z' - asset: - id: 25923001-508a-4629-9186-c41211b2a3d0 - code: USDC - issuer: GA5ZSEJYB37JRC5AVCIA5MOP4RHTM335X2KGX3IHOJAPP5RE34K4KZVN - receiver_wallet: - id: 2ec7f1f9-add3-4e6d-9d14-bd8ac5e88872 - receiver: - id: e7431183-01e4-486a-8a4d-3489bdc07a4e - wallet: - id: 25923001-b7e2-40a9-ad40-411f70d5c4bf - name: Vibrant - stellar_address: GAUETA6XCPFIZNJQLETG5JR3GGNTJIXXRDIIY4D5QYU2JR6RPUFEUCVZ - stellar_memo: some-memo - stellar_memo_type: text - status: REGISTERED - created_at: '2023-02-03T14:33:50.000Z' - updated_at: '2023-02-03T14:45:50.000Z' - created_at: '2023-02-03T14:33:50.000Z' - updated_at: '2023-02-03T14:33:50.000Z' + $ref: '#/definitions/Payment' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' '404': description: Not Found headers: {} @@ -2003,40 +884,18 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /receivers: get: responses: '200': - description: OK - headers: {} - examples: {} - '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized + description: "A paginated list of Receiver details" schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/definitions/ReceiverPagination' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: List All Receivers operationId: List All Receivers description: '' @@ -2109,192 +968,101 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /receivers/{id}: get: responses: '200': - description: OK - headers: {} - examples: {} - '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - extras: - status: 401 - message: Not authorized + description: "Receiver Details" schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not authorized - extras: - status: 401 - message: Not authorized + $ref: '#/definitions/Receiver' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' '404': - description: Not Found - headers: {} - examples: - application/json: - error: Not found - extras: - status: 404 - message: Receiver not found - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - status: - type: number - message: - type: string - example: - error: Not found - extras: - status: 404 - message: Receiver not found + $ref: '#/responses/NotFoundResponse' + summary: Retrieve a Receiver operationId: Retrieve a Receiver description: '' tags: - Receivers parameters: - - &ref_2 - name: id + - name: id in: path description: ID of the `Receiver`. required: true type: string produces: - application/json - security: - - oauth2: [] - patch: - responses: - '200': - description: OK - headers: {} - examples: {} - '400': - description: Bad Request - headers: {} - examples: - application/json: - error: Invalid verification value. + security: + - BearerAuth: [] + patch: + responses: + '200': + description: "Updated Receiver Details" schema: - type: object - properties: - error: - type: string - example: - error: Invalid verification value. + $ref: '#/definitions/Receiver' + '400': + $ref: '#/responses/BadRequestResponse' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized - schema: - type: object - properties: - error: - type: string - example: - error: Not authorized + $ref: '#/responses/UnauthorizedResponse' '403': - description: Forbidden - headers: {} - examples: - application/json: - error: Forbidden - schema: - type: object - properties: - error: - type: string - example: - error: Forbidden + $ref: '#/responses/ForbiddenResponse' '404': - description: Not Found - headers: {} - examples: {} + $ref: '#/responses/NotFoundResponse' summary: Update the Receiver operationId: Update the Receiver description: '' tags: - Receivers parameters: - - *ref_2 + - name: id + in: path + description: ID of the `Receiver`. + required: true + type: string + - name: body + in: body + description: List of fields to patch for the receiver + required: true + schema: + $ref: '#/definitions/PatchReceiverRequest' produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /statistics: get: responses: '200': - description: OK - headers: {} - examples: {} - '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized + description: 'General Statistics response' schema: - type: object - properties: - error: - type: string - example: - error: Not authorized + $ref: '#/definitions/GeneralStatistics' + '401': + $ref: '#/responses/UnauthorizedResponse' summary: Retrieve all Statistics operationId: Retrieve all Statistics - description: '' + description: 'All statistics, including disbursement and receiver wallet data' tags: - Statistics parameters: [] produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /statistics/disbursements/{id}: get: responses: '200': - description: OK - headers: {} - examples: {} - '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized + description: 'Returns statistics for disbursement' schema: - type: object - properties: - error: - type: string - example: - error: Not authorized + $ref: '#/definitions/DisbursementsStatistics' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: Retrieve Disbursement-specific Statistics operationId: Retrieve Disbursement-specific Statistics description: '' @@ -2309,156 +1077,83 @@ paths: produces: - application/json security: - - oauth2: [] - /registration/receiver/{token}: + - BearerAuth: [] + /wallet-registration/start: get: - responses: - '200': - description: Token is valid and the webpage will be loaded normally. - headers: {} - examples: - text/html: > - To be implementedThe website - html will show up here. - '401': - description: >- - The token is invalid or expired. If it's just expired, an SMS will - be sent to the user phone number with the new token. - headers: {} - examples: - text/html: > - To be implementedThe provided - token is invalid or expired. If it is expired, a new token will be - sent to the user phone number ⏳. summary: Load the PII Confirmation Webpage operationId: Load the PII Confirmation Webpage description: >- This is the endpoint the browser will reach with the first token, so the - user can confirm their PII information and then launch the wallet - (Vibrant) through a deep link. + user can confirm their PII information and then launch the wallet through a deep link. + Requires a valid SEP-24 token in the request. tags: - - Registration + - Wallet-Registration + produces: + - text/html parameters: - name: token - in: path - description: >- - Is a unique token that expires within a {configurable} number of - days and is sent to the user in order to start the registration - process. + in: query + description: The SEP-24 token used for authentication + required: true + type: string + - name: transaction_id + in: query + description: The transaction id associated with the SEP-24 token required: true type: string - produces: - - text/html - /registration/receiver/{token}/wallet_info: - get: responses: '200': description: Token is valid and the webpage will be loaded normally. - headers: {} - examples: - text/html: | - { - "wallet_name": "Vibrant", - "home_domain": "https://vibrantapp.com/", - "icon_url": "https://assets-global.website-files.com/5f96d344ab2f71b1d1961172/6102b8d95dca76b415a0f9bc_Logo.png", - "help_url": "https://support.vibrantapp.com/", - "apple_store_url": "https://apps.apple.com/us/app/id1514223107", - "google_store_url": "https://play.google.com/store/apps/details?id=io.sunship.app", - "pii_name": "Date of Birth", - "pii_type": "date" - } + schema: + type: string + description: HTML page content '401': - description: >- - The token is invalid or expired. If it's just expired, an SMS will - be sent to the user phone number with the new token. - headers: {} - examples: - text/html: | - { - "error": "Unauthorized.", - "extras": { - "code": "401_1", - "details": "The token is invalid or expired." - } - } - summary: Get placeholder Info - operationId: Get placeholder Info + $ref: '#/responses/UnauthorizedResponse' + '400': + $ref: '#/responses/BadRequestResponse' + /wallet-registration/otp: + post: + summary: Send OTP to the provided phone number + operationId: SendOTP description: >- - This endpoint will provide the webpage with all the info that can be - customizable depending on the wallet used. Things like wallet name, icon - and links to the store will be provided by this endpoint. + This endpoint generates a 6-digit OTP and sends it via SMS to the + phone number provided in the request body. A valid SEP-24 token should be + included in the Authorization header of the request. tags: - - Registration + - Wallet-Registration + consumes: + - application/json + produces: + - application/json parameters: - - name: token - in: path - description: >- - Is a unique token that expires within a {configurable} number of - days and is sent to the user in order to start the registration - process. + - name: body + in: body + description: Object containing phone number required: true - type: string - produces: - - text/html - /registration/receiver/{token}/send_otp: - post: - responses: - '200': - description: The OTP was successfully sent. - headers: {} - examples: - application/json: - status: ok - sanitized_phone_number: '* *** *** *415' schema: type: object properties: - status: - type: string - sanitized_phone_number: + phone_number: type: string - example: - status: ok - sanitized_phone_number: '* *** *** *415' - '401': - description: The token is invalid or expired. - headers: {} - examples: - application/json: - error: Unauthorized. - extras: - code: '401_1' - details: The token is invalid or expired. + description: Phone number to which the OTP will be sent + - name: Authorization + in: header + description: "SEP-24 token for authorization (Format: 'Bearer {token}')" + required: true + type: string + responses: + '200': + description: OTP sent successfully schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - code: - type: string - details: - type: string - example: - error: Unauthorized. - extras: - code: '401_1' - details: The token is invalid or expired. + $ref: '#/definitions/MessageResponse' + '400': + $ref: '#/responses/BadRequestResponse' + '401': + $ref: '#/responses/UnauthorizedResponse' '429': description: >- An OTP was sent to the given user recently and hasn't expired yet. Only after expired it will be sent to the user again. - headers: {} - examples: - application/json: - error: Too many requests. - extras: - code: '429_1' - details: >- - An OTP was sent to the given user recently and hasn't expired - yet. Only after expired it will be sent to the user again. schema: type: object properties: @@ -2471,107 +1166,45 @@ paths: type: string details: type: string - example: - error: Too many requests. - extras: - code: '429_1' - details: >- - An OTP was sent to the given user recently and hasn't expired - yet. Only after expired it will be sent to the user again. - summary: Send OTP to the Receiver's Phone - operationId: Send OTP to the Receiver's Phone + /wallet-registration/verification: + post: + summary: Verify Receiver Registration + operationId: VerifyReceiverRegistration description: >- - This is the endpoint that will trigger an SMS sharing an OTP with the - user phone. + This endpoint verifies the receiver's registration by validating the + OTP and other verification values provided in the request body. + A valid SEP-24 token should be included in the Authorization header of the request. tags: - - Registration + - Wallet-Registration + consumes: + - application/json + produces: + - application/json parameters: - - name: token - in: path - description: >- - Is a unique token that expires within a {configurable} number of - days and is sent to the user in order to start the registration - process. + - name: body + in: body + description: Verification data including phone number, OTP, verification value, and reCAPTCHA token + required: true + schema: + $ref: '#/definitions/ReceiverRegistrationRequest' + - name: Authorization + in: header + description: "SEP-24 token for authorization (Format: 'Bearer {token}')" required: true type: string - produces: - - application/json - /registration/receiver/{token}/validate: - post: responses: '200': - description: >- - The OTP + PII were successfully validated. This response will - comtain the link used to launch Vibrant and finalize the wallet<>SDP - registration step from there. - headers: {} - examples: - application/json: - deep_link: vibrantapp://stellar-disbursement-platform?id=1&token=123&sign=abc + description: Verification successful schema: type: object properties: - deep_link: + message: type: string - example: - deep_link: vibrantapp://stellar-disbursement-platform?id=1&token=123&sign=abc + example: "ok" '400': - description: The token, PII or OTP provided are invalid. - headers: {} - examples: - application/json: - error: Bad request. - extras: - code: '400_1' - details: The token, PII or OTP provided are incorrect. - schema: - type: object - properties: - error: - type: string - extras: - type: object - properties: - code: - type: string - details: - type: string - example: - error: Bad request. - extras: - code: '400_1' - details: The token, PII or OTP provided are incorrect. - summary: Validate OTP + PII - operationId: Validate OTP + PII - description: >- - This is the endpoint that will be used to validate the OTP + PII. It - will retiurn the deep link used to launch the wallet application - (Vibrant). - tags: - - Registration - parameters: - - name: token - in: path - description: >- - Is a unique token that expires within a {configurable} number of - days and is sent to the user in order to start the registration - process. - required: true - type: string - - name: body - in: body - schema: - type: object - properties: - pii: - type: string - otp: - type: string - example: - pii: '2000-01-01' - otp: 123abc - produces: - - application/json + $ref: '#/responses/BadRequestResponse' + '401': + $ref: '#/responses/UnauthorizedResponse' /.well-known/stellar.toml: get: responses: @@ -2591,7 +1224,7 @@ paths: This is the endpoint where the wallet will gather the SEP-10 server url and SEP-10 signing public key. tags: - - Registration + - Anchor parameters: [] produces: - text/toml @@ -2650,7 +1283,7 @@ paths: This endpoint can change, but will be provided in the tomle file under the `WEB_AUTH_ENDPOINT` variable. tags: - - Registration + - Anchor parameters: - name: account in: query @@ -2716,7 +1349,7 @@ paths: This endpoint can change, but will be provided in the tomle file under the `WEB_AUTH_ENDPOINT` variable. tags: - - Registration + - Anchor parameters: - name: body in: body @@ -2793,7 +1426,7 @@ paths: link, that should have the following format: `vibrantapp://stellar-disbursement-platform?id=1&token=123&sign=abc`. tags: - - Registration + - Anchor parameters: - name: body in: body @@ -2816,7 +1449,7 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] get: responses: '200': @@ -2868,48 +1501,20 @@ paths: This is the endpoint that will be used to verify if the Stellar public key is already registered with the SDP user. tags: - - Registration + - Anchor parameters: [] produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /profile: get: responses: '200': - description: OK - headers: {} - examples: - application/json: - first_name: FirstName - last_name: LastName - email: email@email.com - roles: - - developer - organization_name: My Organization Name + description: 'Returns user profile' schema: - type: object - properties: - first_name: - type: string - last_name: - type: string - email: - type: string - roles: - type: array - items: - type: string - organization_name: - type: string - example: - first_name: FirstName - last_name: LastName - email: email@email.com - roles: - - developer - organization_name: My Organization Name + $ref: '#/definitions/Profile' + summary: Get Profile operationId: Get Profile description: '' @@ -2919,35 +1524,21 @@ paths: produces: - application/json security: - - oauth2: [] - patch: - responses: - '200': - description: OK - headers: {} - examples: - application/json: - message: user profile updated successfully - schema: - type: object - properties: - message: - type: string - example: - message: user profile updated successfully - '401': - description: Unauthorized + - BearerAuth: [] + patch: + responses: + '200': + description: OK headers: {} examples: application/json: - error: Not authorized. + message: user profile updated successfully schema: - type: object - properties: - error: - type: string - example: - error: Not authorized. + $ref: '#/definitions/MessageResponse' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: Patch User Profile operationId: Patch User Profile description: >- @@ -2977,206 +1568,128 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /organization: get: responses: '200': - description: OK - headers: {} - examples: - application/json: - name: My Organization Name - logo_url: https://localhost:8000/organization/logo?token=mytoken - distribution_account_public_key: G... - timezone_utc_offset: '-03:00' + description: 'Returns organization details' schema: - type: object - properties: - name: - type: string - logo_url: - type: string - distribution_account_public_key: - type: string - timezone_utc_offset: - type: string - example: - name: My Organization Name - logo_url: https://localhost:8000/organization/logo?token=mytoken - distribution_account_public_key: G... - timezone_utc_offset: '-03:00' + $ref: '#/definitions/Organization' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized. - schema: - type: object - properties: - error: - type: string - example: - error: Not authorized. + $ref: '#/responses/UnauthorizedResponse' summary: Get Organization Info operationId: Get Organization Info description: '' tags: - - Profile + - Organization parameters: [] produces: - application/json security: - - oauth2: [] + - BearerAuth: [] patch: responses: '200': description: OK - headers: {} examples: application/json: message: organization profile updated successfully schema: - type: object - properties: - message: - type: string - example: - message: organization profile updated successfully + $ref: '#/definitions/MessageResponse' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized. - schema: - type: object - properties: - error: - type: string - example: - error: Not authorized. + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: Patch Organization Profile operationId: Patch Organization Profile - description: >- - Example of request in `Javascript` with `fetch`. Note that both fields - are `optional`, but, at least `one` should be sent in the request. - - - ```js - - const form = new FormData(); - - form.append("logo", "/path/to/logo/logo.png"); - - form.append("data", `{"organization_name": "My Company", - "timezone_utc_offset": "-03:00"}`); - - - const options = { - method: 'PATCH', - headers: { - Authorization: 'Bearer mytoken' - } - }; - - - options.body = form; - - - fetch('http://localhost:8000/profile/organization', options) - .then(response => response.json()) - .then(response => console.log(response)) - .catch(err => console.error(err)); - ``` - - - **Note**: *It's not necessary to set the header `Content-Type` for this - request, it's set automaticaly by the HTTP client.* tags: - - Profile + - Organization parameters: [] produces: - application/json security: - - oauth2: [] - /users: + - BearerAuth: [] + /organization/logo: get: + summary: Retrieve Organization Logo + description: Retrieves the logo of the organization + operationId: GetOrganizationLogo + tags: + - Organization + produces: + - 'application/octet-stream' responses: '200': description: OK - headers: {} - examples: - application/json: - - id: 7a4c6555-1f73-49b3-a211-f95bd2b8ec90 - first_name: John - last_name: Doe - email: email@email.com - roles: - - developer - is_active: true - - id: 5f4df1dd-c84f-482a-84ad-541ffd46e75a - first_name: Jane - last_name: Doe - email: email@email.com - roles: - - financial_controller - is_active: false + schema: + type: string + format: binary + /countries: + get: + summary: Get a list of countries supported by this organization + tags: + - Organization + responses: + '200': + description: A list of countries schema: type: array items: - type: object - properties: - id: - type: string - first_name: - type: string - last_name: - type: string - email: - type: string - roles: - type: array - items: - type: string - is_active: - type: boolean - required: - - id - - first_name - - last_name - - email - - roles - - is_active - example: - - id: 7a4c6555-1f73-49b3-a211-f95bd2b8ec90 - first_name: John - last_name: Doe - email: email@email.com - roles: - - developer - is_active: true - - id: 5f4df1dd-c84f-482a-84ad-541ffd46e75a - first_name: Jane - last_name: Doe - email: email@email.com - roles: - - financial_controller - is_active: false + $ref: '#/definitions/Country' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized. + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' + produces: + - application/json + /assets: + get: + summary: Get a list of assets supported by this organization + tags: + - Organization + responses: + '200': + description: A list of assets schema: - type: object - properties: - error: - type: string - example: - error: Not authorized. + type: array + items: + $ref: '#/definitions/Asset' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' + produces: + - application/json + /wallets: + get: + summary: Get a list of wallets supported by this organization + tags: + - Organization + responses: + '200': + description: A list of wallets + schema: + type: array + items: + $ref: '#/definitions/Wallet' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' + produces: + - application/json + /users: + get: + responses: + '200': + description: "Returns a paginated list of User Details" + schema: + $ref: '#/definitions/Users' + '401': + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: Get All Users operationId: Get All Users description: Returns all Users registered in the SDP. @@ -3186,55 +1699,17 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] post: responses: '201': description: Created - headers: {} - examples: - application/json: - id: 5ca230c9-da95-4bd1-b2a2-aa5d0df65efd - first_name: John - last_name: Doe - roles: - - business - email: email@email.com schema: - type: object - properties: - id: - type: string - first_name: - type: string - last_name: - type: string - roles: - type: array - items: - type: string - email: - type: string - example: - id: 5ca230c9-da95-4bd1-b2a2-aa5d0df65efd - first_name: John - last_name: Doe - roles: - - business - email: email@email.com + $ref: '#/definitions/User' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized. - schema: - type: object - properties: - error: - type: string - example: - error: Not authorized. + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: Create User operationId: Create User description: Creates the authentication user and sends the invitation e-mail. @@ -3265,36 +1740,21 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /users/activation: patch: responses: - '201': + '200': description: Created - headers: {} examples: application/json: message: user activation was updated successfully schema: - type: object - properties: - message: - type: string - example: - message: user activation was updated successfully + $ref: '#/definitions/User' '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized. - schema: - type: object - properties: - error: - type: string - example: - error: Not authorized. + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: Patch User Activation operationId: Patch User Activation description: Patchs the authentication user's activation in the SDP. @@ -3316,7 +1776,7 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] /users/roles: get: responses: @@ -3344,18 +1804,9 @@ paths: - business - owner '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized. - schema: - type: object - properties: - error: - type: string - example: - error: Not authorized. + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: Get All Roles operationId: Get All Roles description: Returns all roles that exists in the SDP. @@ -3365,7 +1816,7 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] patch: responses: '200': @@ -3382,18 +1833,9 @@ paths: example: message: user roles were updated successfully '401': - description: Unauthorized - headers: {} - examples: - application/json: - error: Not authorized. - schema: - type: object - properties: - error: - type: string - example: - error: Not authorized. + $ref: '#/responses/UnauthorizedResponse' + '403': + $ref: '#/responses/ForbiddenResponse' summary: Patch User Role operationId: Patch User Role description: Patchs the authentication user's roles. @@ -3418,92 +1860,697 @@ paths: produces: - application/json security: - - oauth2: [] + - BearerAuth: [] definitions: - Authentication: {} - Disbursement Collection: {} - Disbursement Details: {} - Disbursement Receivers: {} - Disbursement Instructions: {} - Disbursement Status: {} - Payment Collection: {} - Payment Detail: {} - Receiver Collection: {} - Receiver Details: {} - General Statistics: {} - Disbursements Statistics: {} - Account Collection: {} - Account Detail: {} - Webpage - PII Confirmation: {} - Vibrant - Stellar Public Key Confirmation: {} - User Profile: {} - Organization Profile: {} - Users Colletion: {} - Roles: {} -securityDefinitions: - oauth2: - type: oauth2 - flow: accessCode - authorizationUrl: '' - tokenUrl: '' - scopes: {} -tags: - - name: Authentication - description: Endpoints related to authentication. - - name: Disbursements - description: Endpoints related to disbursements. - - name: Payments - description: Endpoints related to payments. - - name: Receivers - description: >- - Endpoints related to receivers. The receiver is the user that is - going to receive the disbursement. - - name: Statistics - description: >- - Endpoints related to statistics that provide general aggregated data, as - well as disbursement-specific aggregated data. + Amount: + type: "object" + properties: + asset_code: + type: "string" + asset_issuer: + type: "string" + received_amount: + type: "string" + Asset: + type: object + properties: + id: + type: string + code: + type: string + issuer: + type: string + created_at: + type: string + format: date-time + updated_at: + type: string + format: date-time + deleted_at: + type: string + format: date-time + Country: + type: object + properties: + code: + type: string + name: + type: string + created_at: + type: string + format: date-time + updated_at: + type: string + format: date-time + Disbursement: + type: object + properties: + id: + type: string + name: + type: string + country: + $ref: '#/definitions/Country' + wallet: + $ref: '#/definitions/Wallet' + asset: + $ref: '#/definitions/Asset' + status: + $ref: '#/definitions/DisbursementStatus' + verification_field: + $ref: '#/definitions/VerificationField' + status_history: + $ref: '#/definitions/DisbursementStatusHistory' + file_name: + type: string + file_content: + type: string + format: byte + created_at: + type: string + format: date-time + updated_at: + type: string + format: date-time + + DisbursementPagination: + type: "object" + properties: + pagination: + $ref: '#/definitions/Pagination' + data: + type: "array" + items: + $ref: '#/definitions/Disbursement' + + DisbursementReceiver: + type: object + properties: + id: + type: string + email: + type: string + phone_number: + type: string + external_id: + type: string + receiver_wallet: + $ref: '#/definitions/ReceiverWallet' + payment: + $ref: '#/definitions/Payment' + created_at: + type: string + format: date-time + updated_at: + type: string + format: date-time + DisbursementReceiverPagination: + type: "object" + properties: + pagination: + $ref: '#/definitions/Pagination' + data: + type: "array" + items: + $ref: '#/definitions/DisbursementReceiver' - About the aggregated values: + DisbursementsStatistics: + type: object + properties: + payment_counters: + $ref: '#/definitions/PaymentCounters' + payment_amounts_by_asset: + type: array + items: + $ref: '#/definitions/PaymentAmountsByAsset' + receiver_wallets_counters: + $ref: '#/definitions/ReceiverWalletsCounters' + total_receivers: + type: integer + description: Total number of receivers + format: int64 - - `DRAFT` are payments that are pending staff action + DisbursementStatus: + type: string + enum: + - DRAFT + - READY + - STARTED + - PAUSED + - COMPLETED + DisbursementStatusHistory: + type: array + items: + $ref: '#/definitions/DisbursementStatusHistoryEntry' - - `READY` are payments that are pending user action + DisbursementStatusHistoryEntry: + type: object + properties: + user_id: + type: string + status: + $ref: '#/definitions/DisbursementStatus' + timestamp: + type: string + format: date-time + GeneralStatistics: + type: object + properties: + total_disbursements: + type: integer + description: Total number of disbursements + format: int64 + payment_counters: + $ref: '#/definitions/PaymentCounters' + payment_amounts_by_asset: + type: array + items: + $ref: '#/definitions/PaymentAmountsByAsset' + receiver_wallets_counters: + $ref: '#/definitions/ReceiverWalletsCounters' + total_receivers: + type: integer + description: Total number of receivers + format: int64 - - `PENDING` are payments that were already submitted to the network but - are pending network response + MessageResponse: + type: object + properties: + message: + type: string + required: + - message + Organization: + type: object + properties: + name: + type: string + logo_url: + type: string + distribution_account_public_key: + type: string + timezone_utc_offset: + type: string + example: + name: My Organization Name + logo_url: https://localhost:8000/organization/logo?token=mytoken + distribution_account_public_key: G... + timezone_utc_offset: '-03:00' + Pagination: + type: "object" + properties: + next: + type: "string" + prev: + type: "string" + pages: + type: "integer" + total: + type: "integer" - - `PAUSED` are payments that were previously queued but were paused due to - any internal process. You could say they are pending staff action + Payment: + type: object + properties: + id: + type: string + amount: + type: string + stellar_transaction_id: + type: string + stellar_operation_id: + type: string + status: + $ref: '#/definitions/PaymentStatus' + status_history: + $ref: '#/definitions/PaymentStatusHistory' + disbursement: + $ref: '#/definitions/Disbursement' + asset: + $ref: '#/definitions/Asset' + receiver_wallet: + $ref: '#/definitions/ReceiverWallet' + created_at: + type: string + format: date-time + updated_at: + type: string + format: date-time + PaymentPagination: + type: "object" + properties: + pagination: + $ref: '#/definitions/Pagination' + data: + type: "array" + items: + $ref: '#/definitions/Payment' + PaymentStatus: + type: string + enum: + - DRAFT + - READY + - PENDING + - PAUSED + - SUCCESS + - FAILED - - `SUCCESSFUL` are payments that were successfully delivered to the - receiver wallet + PaymentStatusHistory: + type: array + items: + $ref: '#/definitions/PaymentStatusHistoryEntry' + PaymentStatusHistoryEntry: + type: object + properties: + status: + $ref: '#/definitions/PaymentStatus' + status_message: + type: string + timestamp: + type: string + format: date-time - - `FAILED` are payments that were submitted to the network but did not go - through due to any reason + PaymentCounters: + type: object + properties: + draft: + type: integer + format: int64 + ready: + type: integer + format: int64 + pending: + type: integer + format: int64 + paused: + type: integer + format: int64 + success: + type: integer + format: int64 + failed: + type: integer + format: int64 + total: + type: integer + format: int64 + PaymentAmountsByAsset: + type: object + properties: + asset_code: + type: string + payment_amounts: + $ref: '#/definitions/PaymentAmounts' + PaymentAmounts: + type: object + properties: + draft: + type: string + ready: + type: string + pending: + type: string + paused: + type: string + success: + type: string + failed: + type: string + average: + type: string + total: + type: string + Profile: + type: object + properties: + first_name: + type: string + last_name: + type: string + email: + type: string + roles: + type: array + items: + type: string + organization_name: + type: string + example: + first_name: FirstName + last_name: LastName + email: email@email.com + roles: + - developer + organization_name: My Organization Name + Receiver: + type: "object" + properties: + id: + type: "string" + phone_number: + type: "string" + external_id: + type: "string" + email: + type: "string" + created_at: + type: "string" + total_payments: + type: "string" + successful_payments: + type: "string" + failed_payments: + type: "string" + remaining_payments: + type: "string" + registered_wallets: + type: "string" + received_amounts: + type: "array" + items: + $ref: '#/definitions/Amount' + wallets: + type: "array" + items: + $ref: '#/definitions/ReceiverWallet' + + ReceiverLite: + type: "object" + properties: + id: + type: "string" + + ReceiverPagination: + type: "object" + properties: + pagination: + $ref: '#/definitions/Pagination' + data: + type: "array" + items: + $ref: '#/definitions/Receiver' + + ReceiverWallet: + type: "object" + properties: + id: + type: "string" + receiver: + $ref: '#/definitions/ReceiverLite' + wallet: + $ref: '#/definitions/WalletLite' + stellar_address: + type: "string" + stellar_memo: + type: "string" + stellar_memo_type: + type: "string" + created_at: + type: "string" + updated_at: + type: "string" + invited_at: + type: "string" + last_sms_sent: + type: "string" + total_payments: + type: "string" + payments_received: + type: "string" + failed_payments: + type: "string" + remaining_payments: + type: "string" + received_amounts: + type: "array" + items: + $ref: '#/definitions/Amount' + status: + $ref: '#/definitions/ReceiversWalletStatus' + status_history: + type: "array" + items: + $ref: '#/definitions/ReceiversWalletStatusHistoryEntry' - > ATTENTION: the historical data (`successful_payments_history` field) is - still pending decision. + ReceiverWalletsCounters: + type: object + properties: + draft: + type: integer + format: int64 + ready: + type: integer + format: int64 + registered: + type: integer + format: int64 + flagged: + type: integer + format: int64 + total: + type: integer + format: int64 + + ReceiversWalletStatus: + type: "string" + enum: [ "DRAFT", "READY", "REGISTERED", "FLAGGED" ] + + ReceiversWalletStatusHistoryEntry: + type: "object" + properties: + status: + $ref: '#/definitions/ReceiversWalletStatus' + timestamp: + type: "string" + format: "date-time" + + Users: + type: array + items: + $ref: '#/definitions/User' + User: + type: object + properties: + id: + type: string + first_name: + type: string + last_name: + type: string + email: + type: string + roles: + type: array + items: + type: string + is_active: + type: boolean + required: + - id + - first_name + - last_name + - email + - roles + - is_active + example: + - id: 7a4c6555-1f73-49b3-a211-f95bd2b8ec90 + first_name: John + last_name: Doe + email: email@email.com + roles: + - developer + is_active: true + - id: 5f4df1dd-c84f-482a-84ad-541ffd46e75a + first_name: Jane + last_name: Doe + email: email@email.com + roles: + - financial_controller + is_active: false + VerificationField: + type: string + enum: + - DATE_OF_BIRTH + - PIN + - NATIONAL_ID_NUMBER + Wallet: + type: object + properties: + id: + type: string + name: + type: string + homepage: + type: string + sep_10_client_domain: + type: string + deep_link_schema: + type: string + created_at: + type: string + format: date-time + updated_at: + type: string + format: date-time - > Please don't commit to a long-lasting implementation there before - confirming it with Tori. + WalletLite: + type: "object" + properties: + id: + type: "string" + name: + type: "string" + homepage: + type: "string" - > It's likely not making into the MVP. - - name: Registration + ReceiverRegistrationRequest: + type: object + properties: + phone_number: + type: string + description: Phone number used in registration + otp: + type: string + description: One-Time Password received for verification + verification: + type: string + description: Verification value provided by the user + verification_type: + type: string + description: Type of verification value + enum: [ DATE_OF_BIRTH, PIN, NATIONAL_ID_NUMBER ] + recaptcha_token: + type: string + description: Token received from Google reCAPTCHA + PatchReceiverRequest: + type: object + properties: + date_of_birth: + type: string + description: Date of birth of the receiver + pin: + type: string + description: Personal identification number of the receiver + national_id: + type: string + description: National ID of the receiver + email: + type: string + description: Email of the receiver + external_id: + type: string + description: External ID of the receiver + example: + date_of_birth: "1980-01-01" + pin: "1234" + national_id: "123456789" + email: "john@example.com" + external_id: "external123" +responses: + UnauthorizedResponse: + description: Unauthorized + headers: { } + examples: + application/json: + error: Not authorized + extras: + status: 401 + message: Not authorized + schema: + type: object + properties: + error: + type: string + extras: + type: object + properties: + status: + type: number + message: + type: string + example: + error: Not authorized + extras: + status: 401 + message: Not authorized + ForbiddenResponse: + description: Forbidden + headers: { } + examples: + application/json: + error: Forbidden + schema: + type: object + properties: + error: + type: string + example: + error: Forbidden + BadRequestResponse: + description: Bad Request + schema: + type: object + properties: + message: + type: string + description: Details about the error + NotFoundResponse: + description: Not Found + headers: {} + examples: + application/json: + error: Not found + extras: + status: 404 + message: Resource not found + schema: + type: object + properties: + error: + type: string + extras: + type: object + properties: + status: + type: number + message: + type: string +securityDefinitions: + BearerAuth: + type: "apiKey" + name: "Authorization" + in: "header" + description: "JWT used for authorization" +tags: + - name: Authentication + description: Endpoints related to authentication. + - name: Disbursements + description: Endpoints related to disbursements. + - name: Payments + description: Endpoints related to payments. + - name: Receivers + description: >- + Endpoints related to receivers. The receiver is the user that is + going to receive the disbursement. + - name: Statistics + description: >- + Endpoints related to statistics that provide general aggregated data, as + well as disbursement-specific aggregated data. + - name: Anchor description: >- The Registration endpoints are the ones needed to register - receivers with the SDP. + receivers with the SDP. - - Some of them need to be used by the PII confirmation webpage while the - others need to be used by the wallet. + - name: Wallet-Registration + description: >- + These endpoints will be used by the PII confirmation webpage during wallet registration - name: Profile description: Endpoints related to user profiles. - name: Users