Merge pull request #1341 from btcpayserver/swagger

Add Swagger and Redoc

BTCPayServer/Controllers/ManageController.APIKeys.cs

@@ -4,13 +4,13 @@ using System.Globalization;
 using System.Linq;
 using System.Threading.Tasks;
 using BTCPayServer.Data;
+using BTCPayServer.Hosting.OpenApi;
 using BTCPayServer.Models;
 using BTCPayServer.Security;
 using BTCPayServer.Security.APIKeys;
-using ExchangeSharp;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
-using Newtonsoft.Json;
+using NSwag.Annotations;
 
 namespace BTCPayServer.Controllers
 {
@@ -28,9 +28,33 @@ namespace BTCPayServer.Controllers
             });
         }
 
-        [HttpGet]
+        
+        
+        [HttpGet("api-keys/{id}/delete")]
         public async Task<IActionResult> RemoveAPIKey(string id)
         {
+            var key = await _apiKeyRepository.GetKey(id);
+            if (key == null || key.UserId != _userManager.GetUserId(User))
+            {
+                return NotFound();
+            }
+            return View("Confirm", new ConfirmModel()
+            {
+                Title = "Delete API Key "+ ( string.IsNullOrEmpty(key.Label)? string.Empty: key.Label) + "("+key.Id+")",
+                Description = "Any application using this api key will immediately lose access",
+                Action = "Delete",
+                ActionUrl = Request.GetCurrentUrl().Replace("RemoveAPIKey", "RemoveAPIKeyPost")
+            });
+        }
+
+        [HttpPost("api-keys/{id}/delete")]
+        public async Task<IActionResult> RemoveAPIKeyPost(string id)
+        {
+            var key = await _apiKeyRepository.GetKey(id);
+            if (key == null || key.UserId != _userManager.GetUserId(User))
+            {
+                return NotFound();
+            }
             await _apiKeyRepository.Remove(id, _userManager.GetUserId(User));
             TempData.SetStatusMessageModel(new StatusMessageModel()
             {
@@ -56,8 +80,16 @@ namespace BTCPayServer.Controllers
             return View("AddApiKey", await SetViewModelValues(new AddApiKeyViewModel()));
         }
 
+        /// <param name="permissions">The permissions to request. Current permissions available: ServerManagement, StoreManagement</param>
+        /// <param name="applicationName">The name of your application</param>
+        /// <param name="strict">If permissions are specified, and strict is set to false, it will allow the user to reject some of permissions the application is requesting.</param>
+        /// <param name="selectiveStores">If the application is requesting the CanModifyStoreSettings permission and selectiveStores is set to true, this allows the user to only grant permissions to selected stores under the user's control.</param>
         [HttpGet("~/api-keys/authorize")]
-        public async Task<IActionResult> AuthorizeAPIKey( string[] permissions, string applicationName = null,
+        [OpenApiTags("Authorization")]
+        [OpenApiOperation("Authorize User",
+            "Redirect the browser to this endpoint to request the user to generate an api-key with specific permissions")]
+        [IncludeInOpenApiDocs]
+        public async Task<IActionResult> AuthorizeAPIKey(string[] permissions, string applicationName = null,
             bool strict = true, bool selectiveStores = false)
         {
             if (!_btcPayServerEnvironment.IsSecure)
@@ -74,6 +106,7 @@ namespace BTCPayServer.Controllers
 
             var vm = await SetViewModelValues(new AuthorizeApiKeysViewModel()
             {
+                Label = applicationName,
                 ServerManagementPermission = permissions.Contains(APIKeyConstants.Permissions.ServerManagement),
                 StoreManagementPermission = permissions.Contains(APIKeyConstants.Permissions.StoreManagement),
                 PermissionsFormatted = permissions,
@@ -214,7 +247,10 @@ namespace BTCPayServer.Controllers
         {
             var key = new APIKeyData()
             {
-                Id = Guid.NewGuid().ToString(), Type = APIKeyType.Permanent, UserId = _userManager.GetUserId(User)
+                Id = Guid.NewGuid().ToString().Replace("-", string.Empty),
+                Type = APIKeyType.Permanent,
+                UserId = _userManager.GetUserId(User),
+                Label = viewModel.Label
             };
             key.SetPermissions(GetPermissionsFromViewModel(viewModel));
             await _apiKeyRepository.CreateKey(key);
@@ -251,6 +287,7 @@ namespace BTCPayServer.Controllers
 
         public class AddApiKeyViewModel
         {
+            public string Label { get; set; }
             public StoreData[] Stores { get; set; }
             public ApiKeyStoreMode StoreMode { get; set; }
             public List<string> SpecificStores { get; set; } = new List<string>();
@@ -277,7 +314,7 @@ namespace BTCPayServer.Controllers
             {
                 get
                 {
-                    return Permissions?.Split(";", StringSplitOptions.RemoveEmptyEntries);
+                    return Permissions?.Split(";", StringSplitOptions.RemoveEmptyEntries)?? Array.Empty<string>();
                 }
                 set
                 {

BTCPayServer/Controllers/StoresController.BTCLike.cs

@@ -141,8 +141,9 @@ namespace BTCPayServer.Controllers
         }
 
         [HttpPost]
-        [Route("{storeId}/derivations/{cryptoCode}")]
-        public async Task<IActionResult> AddDerivationScheme(string storeId, DerivationSchemeViewModel vm,
+        [Route("{storeId}/derivations/{cryptoCode}")]        
+        [ApiExplorerSettings(IgnoreApi = true)]
+        public async Task<IActionResult> AddDerivationScheme(string storeId, [FromForm] DerivationSchemeViewModel vm,
             string cryptoCode)
         {
             vm.CryptoCode = cryptoCode;