openapi: 3.0.3 info: title: Authorization API version: "1.0.0" description: Simple authorization endpoints for login, refresh, logout and getting current user info. servers: - url: http://localhost:8080 description: Local development server paths: /auth/login: post: summary: Obtain access and refresh tokens tags: - Auth requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/LoginRequest' responses: '200': description: Tokens issued content: application/json: schema: $ref: '#/components/schemas/TokenResponse' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' /auth/refresh: post: summary: Refresh access token using a refresh token tags: - Auth requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/RefreshRequest' responses: '200': description: New tokens content: application/json: schema: $ref: '#/components/schemas/TokenResponse' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' /auth/logout: post: summary: Revoke refresh token / logout tags: - Auth security: - bearerAuth: [] requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/RevokeRequest' responses: '204': description: Successfully logged out (no content) '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' /auth/me: get: summary: Get current authenticated user tags: - Auth security: - bearerAuth: [] responses: '200': description: Current user profile content: application/json: schema: $ref: '#/components/schemas/UserProfile' '401': $ref: '#/components/responses/Unauthorized' components: securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT schemas: LoginRequest: type: object required: - username - password properties: username: type: string example: user@example.com password: type: string format: password example: secret123 TokenResponse: type: object properties: accessToken: type: string example: eyJhbGciOi... refreshToken: type: string example: dummyr3fr3sht0k3n expiresIn: type: integer description: Seconds until access token expiration example: 3600 RefreshRequest: type: object required: - refreshToken properties: refreshToken: type: string RevokeRequest: type: object required: - refreshToken properties: refreshToken: type: string UserProfile: type: object properties: id: type: string example: "123e4567-e89b-12d3-a456-426614174000" username: type: string example: user@example.com email: type: string example: user@example.com Error: type: object properties: code: type: string example: invalid_request message: type: string example: "Detailed error message" responses: BadRequest: description: Invalid request content: application/json: schema: $ref: '#/components/schemas/Error' Unauthorized: description: Authentication failed or missing credentials content: application/json: schema: $ref: '#/components/schemas/Error'