romalytvynenko
commented
6 days ago @m4tthumphrey what is the correct result?
Open m4tthumphrey opened 6 days ago
romalytvynenko
commented
6 days ago @m4tthumphrey what is the correct result?
m4tthumphrey
commented
6 days ago Should it not be ignored? Redirects cannot be used in an API, no?
romalytvynenko
commented
6 days ago @m4tthumphrey redirect is simply a response with 301 status code. Perfectly valid http stuff, I'd say :-)
Now I'm wondering about this controllers method code and what it does, and what doc you expect.
m4tthumphrey
commented
6 days ago Of course it’s valid HTTP but it shouldn’t be documented as a valid return type/response in the API doc, especially under 200.
romalytvynenko
commented
6 days ago @m4tthumphrey Why not? You can find some people submitting prs here to support redirect method properly.
Anyways, it would be helpful if you share your controller methods code and expected docs
m4tthumphrey
commented
6 days ago The method is just some boilerplate OAuth and the doc generated is exactly as expected other than the random string 200 response for the redirect. I will take a look at other redirect usage.
m4tthumphrey
commented
6 days ago Is there anyway to ignore certain responses currently? Ie prevent some responses from being part of docs? Similar to @ignoreParam etc?
romalytvynenko
commented
6 days ago @m4tthumphrey i really cannot help without examples
No way currently and I have no ideas what's needed due to no real examples
m4tthumphrey
commented
6 days ago Ok I am on my phone at the moment so will post an example when I’m back to my desk.
m4tthumphrey
commented
6 days ago So this is a chunk from the login/auth endpoint of my controller and further down are some of the error methods. The error methods document perfectly, as does the success response in the login/auth method. However, the redirect line, I would like the doc generator to completely ignore.
if ($user && $refresh) {
$access = $user->generateAccessToken();
GlobalUsersAccessLog::saveToData($user->id, 'api');
UserIp::create([
'user_id' => $user->id,
'ip_address' => $request->header('x-real-ip') ?? $request->ip(),
'logged_in_at' => Carbon::now()->toDateTimeString(),
]);
if ($request->has('redirect_url')) {
return redirect()->to($request->get('redirect_url') . '?access_token=' . $access->access_token);
}
return response()->json([
'status' => 'success',
'access_token' => $access->access_token,
'refresh_token' => $refresh->refresh_token,
'token_type' => 'bearer',
'expires_in' => env('API_ACCESS_TOKEN_TTL') * 60,
]);
}Error methods:
private function userInvalidCredentials(): JsonResponse
{
return $this->error('invalid credentials');
}
/**
* User is blocked
*
* @return JsonResponse
*/
private function userBlocked(): JsonResponse
{
return $this->error('user blocked');
}
/**
* Token has been revoked
*
* @return JsonResponse
*/
private function tokenRevoked(): JsonResponse
{
return $this->error('token revoked [refresh_token]');
}
/**
* Token has expired
*
* @return JsonResponse
*/
private function tokenExpired(): JsonResponse
{
return $this->error('token expired [refresh_token]');
}
/**
* @param string $message
* @return JsonResponse
*/
private function error(string $message): JsonResponse
{
return response()->json([
'status' => 'error',
'message' => $message,
], 401);
}
v0.11.24
The following line in a controller method is adding an additional "schema" to the
200object insideresponses. When I remove the redirect line, the{ "type": "string" }is removed from the200schema.return redirect()->to($request->get('redirect_url') . '?access_token=' . $access->access_token);