diff --git a/signal-server-openapi.yaml b/signal-server-openapi.yaml index 70dfed9cd..aacd14d4f 100644 --- a/signal-server-openapi.yaml +++ b/signal-server-openapi.yaml @@ -564,15 +564,15 @@ paths: parameters: - name: X-Signal-ZK-Auth in: header - description: Presentation of a ZK backup auth credential acquired from /v1/archives/auth - as a base64 encoded string + description: "Presentation of a ZK backup auth credential acquired from /v1/archives/auth,\ + \ encoded in standard padded base64" required: true schema: type: string - name: X-Signal-ZK-Auth-Signature in: header - description: Signature of the ZK auth credential's presentation as a base64 - encoded string + description: "Signature of the ZK auth credential's presentation, encoded\ + \ in standard padded base64" required: true schema: type: string @@ -606,15 +606,15 @@ paths: parameters: - name: X-Signal-ZK-Auth in: header - description: Presentation of a ZK backup auth credential acquired from /v1/archives/auth - as a base64 encoded string + description: "Presentation of a ZK backup auth credential acquired from /v1/archives/auth,\ + \ encoded in standard padded base64" required: true schema: type: string - name: X-Signal-ZK-Auth-Signature in: header - description: Signature of the ZK auth credential's presentation as a base64 - encoded string + description: "Signature of the ZK auth credential's presentation, encoded\ + \ in standard padded base64" required: true schema: type: string @@ -651,15 +651,15 @@ paths: parameters: - name: X-Signal-ZK-Auth in: header - description: Presentation of a ZK backup auth credential acquired from /v1/archives/auth - as a base64 encoded string + description: "Presentation of a ZK backup auth credential acquired from /v1/archives/auth,\ + \ encoded in standard padded base64" required: true schema: type: string - name: X-Signal-ZK-Auth-Signature in: header - description: Signature of the ZK auth credential's presentation as a base64 - encoded string + description: "Signature of the ZK auth credential's presentation, encoded\ + \ in standard padded base64" required: true schema: type: string @@ -696,15 +696,15 @@ paths: parameters: - name: X-Signal-ZK-Auth in: header - description: Presentation of a ZK backup auth credential acquired from /v1/archives/auth - as a base64 encoded string + description: "Presentation of a ZK backup auth credential acquired from /v1/archives/auth,\ + \ encoded in standard padded base64" required: true schema: type: string - name: X-Signal-ZK-Auth-Signature in: header - description: Signature of the ZK auth credential's presentation as a base64 - encoded string + description: "Signature of the ZK auth credential's presentation, encoded\ + \ in standard padded base64" required: true schema: type: string @@ -754,15 +754,15 @@ paths: parameters: - name: X-Signal-ZK-Auth in: header - description: Presentation of a ZK backup auth credential acquired from /v1/archives/auth - as a base64 encoded string + description: "Presentation of a ZK backup auth credential acquired from /v1/archives/auth,\ + \ encoded in standard padded base64" required: true schema: type: string - name: X-Signal-ZK-Auth-Signature in: header - description: Signature of the ZK auth credential's presentation as a base64 - encoded string + description: "Signature of the ZK auth credential's presentation, encoded\ + \ in standard padded base64" required: true schema: type: string @@ -813,13 +813,13 @@ paths: required: true schema: type: integer - format: int32 + format: int64 - name: redemptionEndSeconds in: query required: true schema: type: integer - format: int32 + format: int64 responses: "200": content: @@ -845,15 +845,15 @@ paths: parameters: - name: X-Signal-ZK-Auth in: header - description: Presentation of a ZK backup auth credential acquired from /v1/archives/auth - as a base64 encoded string + description: "Presentation of a ZK backup auth credential acquired from /v1/archives/auth,\ + \ encoded in standard padded base64" required: true schema: type: string - name: X-Signal-ZK-Auth-Signature in: header - description: Signature of the ZK auth credential's presentation as a base64 - encoded string + description: "Signature of the ZK auth credential's presentation, encoded\ + \ in standard padded base64" required: true schema: type: string @@ -918,15 +918,15 @@ paths: parameters: - name: X-Signal-ZK-Auth in: header - description: Presentation of a ZK backup auth credential acquired from /v1/archives/auth - as a base64 encoded string + description: "Presentation of a ZK backup auth credential acquired from /v1/archives/auth,\ + \ encoded in standard padded base64" required: true schema: type: string - name: X-Signal-ZK-Auth-Signature in: header - description: Signature of the ZK auth credential's presentation as a base64 - encoded string + description: "Signature of the ZK auth credential's presentation, encoded\ + \ in standard padded base64" required: true schema: type: string @@ -1094,12 +1094,12 @@ paths: in: query schema: type: integer - format: int32 + format: int64 - name: redemptionEndSeconds in: query schema: type: integer - format: int32 + format: int64 - name: pniAsServiceId in: query schema: @@ -1258,6 +1258,10 @@ paths: in: header schema: $ref: '#/components/schemas/BasicAuthorizationHeader' + - name: User-Agent + in: header + schema: + type: string requestBody: content: application/json: @@ -1350,6 +1354,10 @@ paths: in: header schema: $ref: '#/components/schemas/BasicAuthorizationHeader' + - name: User-Agent + in: header + schema: + type: string requestBody: content: application/json: @@ -1497,6 +1505,10 @@ paths: in: query schema: type: string + default: aci + enum: + - ACI + - PNI responses: "200": description: Body contains the number of available one-time prekeys for @@ -1513,9 +1525,7 @@ paths: tags: - Keys summary: Upload new prekeys - description: |2 - Upload new prekeys for this device. Can also be used, from the primary device only, to set the account's identity - key, but this is deprecated now that accounts can be created atomically. + description: Upload new pre-keys for this device. operationId: setKeys parameters: - name: identity @@ -1527,12 +1537,10 @@ paths: (pni) identity default: aci enum: + - ACI + - PNI - aci - pni - - name: User-Agent - in: header - schema: - type: string responses: "200": description: Indicates that new keys were successfully stored. @@ -1550,13 +1558,17 @@ paths: - Keys summary: Upload a new signed prekey description: |2 - Upload a new signed elliptic-curve prekey for this device. Deprecated; use PUT /v2/keys with instead. + Upload a new signed elliptic-curve prekey for this device. Deprecated; use PUT /v2/keys instead. operationId: setSignedKey parameters: - name: identity in: query schema: type: string + default: aci + enum: + - ACI + - PNI requestBody: content: application/json: @@ -1697,16 +1709,10 @@ paths: put: tags: - Messages - summary: Send multi-recipient sealed-sender message - description: | - Deliver a common-payload message to multiple recipients. - An unidentifed-access key for all recipients must be provided, unless the message is a story. operationId: sendMultiRecipientMessage parameters: - name: Unidentified-Access-Key in: header - description: The bitwise xor of the unidentified access keys for every recipient - of the message schema: $ref: '#/components/schemas/CombinedUnidentifiedSenderAccessKeys' - name: User-Agent @@ -1715,60 +1721,33 @@ paths: type: string - name: online in: query - description: "If true, deliver the message only to recipients that are online\ - \ when it is sent" schema: type: boolean - name: ts in: query - description: The sender's timestamp for the envelope schema: type: integer format: int64 - name: urgent in: query - description: "If true, this message should cause push notifications to be\ - \ sent to recipients" schema: type: boolean default: true - name: story in: query - description: "If true, the message is a story; access tokens are not checked\ - \ and sending to nonexistent recipients is permitted" schema: type: boolean requestBody: - description: The sealed-sender multi-recipient message payload content: application/vnd.signal-messenger.mrm: schema: $ref: '#/components/schemas/MultiRecipientMessage' required: true responses: - "200": - description: Message was successfully sent to all recipients - "400": - description: The envelope specified delivery to the same recipient device - multiple times - "401": - description: The message is not a story and the unauthorized access key - is incorrect - "404": - description: The message is not a story and some of the recipient service - IDs do not correspond to registered Signal users - "409": - description: Incorrect set of devices supplied for some recipients + default: + description: default response content: - application/json: - schema: - type: string - "410": - description: Mismatched registration ids supplied for some recipient devices - content: - application/json: - schema: - type: string + application/json: {} /v1/payments/auth: get: tags: @@ -3378,7 +3357,7 @@ components: format: int32 mediaId: type: string - description: The mediaId of the object in URL-safe base64 + description: "The mediaId of the object, encoded in URL-safe padded base64" description: Detailed outcome information for each copy request in the batch CopyMediaBatchRequest: required: @@ -3412,16 +3391,18 @@ components: format: int32 mediaId: type: string - description: mediaId to copy on to the backup CDN in URL-safe base64 + description: "mediaId to copy on to the backup CDN, encoded in URL-safe\ + \ padded base64" hmacKey: type: string - description: "A 32-byte key for the MAC, base64 encoded" + description: "A 32-byte key for the MAC, encoded in standard padded base64" encryptionKey: type: string - description: "A 32-byte encryption key for AES, base64 encoded" + description: "A 32-byte encryption key for AES, encoded in standard padded\ + \ base64" iv: type: string - description: "A 16-byte IV for AES, base64 encoded" + description: "A 16-byte IV for AES, encoded in standard padded base64" RemoteAttachment: required: - cdn @@ -3450,10 +3431,10 @@ components: properties: credential: type: array - description: A base64 encoded BackupAuthCredential + description: "A BackupAuthCredential, encoded in standard padded base64" items: type: string - description: A base64 encoded BackupAuthCredential + description: "A BackupAuthCredential, encoded in standard padded base64" format: byte redemptionTime: type: integer @@ -3486,14 +3467,14 @@ components: backupAuthCredentialRequest: type: string description: | - A BackupAuthCredentialRequest containing a blinded encrypted backup-id, encoded as a base64 string + A BackupAuthCredentialRequest containing a blinded encrypted backup-id, encoded in standard padded base64 SetPublicKeyRequest: type: object properties: backupIdPublicKey: type: string description: "The public key, serialized in libsignal's elliptic-curve public\ - \ key format and then base64-encoded." + \ key format, and encoded in standard padded base64." AttachmentDescriptorV2: type: object properties: @@ -3790,10 +3771,10 @@ components: type: string description: | The public key, serialized in libsignal's elliptic-curve public key format and then base64-encoded. - description: "A list of unsigned elliptic-curve prekeys to use for this device.\ - \ If present and not empty, replaces all stored unsigned EC prekeys for the\ - \ device; if absent or empty, any stored unsigned EC prekeys for the device\ - \ are not deleted." + description: | + A list of unsigned elliptic-curve prekeys to use for this device. If present and not empty, replaces all stored + unsigned EC prekeys for the device; if absent or empty, any stored unsigned EC prekeys for the device are not + deleted. PreKeyResponse: type: object properties: @@ -3843,36 +3824,29 @@ components: description: the number of stored one-time post-quantum prekeys for this device format: int32 - PreKeyState: - required: - - identityKey + SetKeysRequest: type: object properties: preKeys: type: array - description: "A list of unsigned elliptic-curve prekeys to use for this\ - \ device. If present and not empty, replaces all stored unsigned EC prekeys\ - \ for the device; if absent or empty, any stored unsigned EC prekeys for\ - \ the device are not deleted." + description: | + A list of unsigned elliptic-curve prekeys to use for this device. If present and not empty, replaces all stored + unsigned EC prekeys for the device; if absent or empty, any stored unsigned EC prekeys for the device are not + deleted. items: $ref: '#/components/schemas/ECPreKey' signedPreKey: $ref: '#/components/schemas/ECSignedPreKey' pqPreKeys: type: array - description: "A list of signed post-quantum one-time prekeys to use for\ - \ this device. Each key must have a valid signature from the identity\ - \ key in this request. If present and not empty, replaces all stored unsigned\ - \ PQ prekeys for the device; if absent or empty, any stored unsigned PQ\ - \ prekeys for the device are not deleted." + description: | + A list of signed post-quantum one-time prekeys to use for this device. Each key must have a valid signature from + the identity key in this request. If present and not empty, replaces all stored unsigned PQ prekeys for the + device; if absent or empty, any stored unsigned PQ prekeys for the device are not deleted. items: $ref: '#/components/schemas/KEMSignedPreKey' pqLastResortPreKey: $ref: '#/components/schemas/KEMSignedPreKey' - identityKey: - $ref: '#/components/schemas/IdentityKey' - signatureValidOnEachSignedKey: - type: boolean SpamReport: type: object properties: @@ -3897,24 +3871,6 @@ components: timestamp: type: integer format: int64 - AccountMismatchedDevices: - type: object - properties: - uuid: - type: string - description: A service identifier is a tuple of a UUID and identity type - that identifies an account and identity within the Signal service. - devices: - $ref: '#/components/schemas/MismatchedDevices' - AccountStaleDevices: - type: object - properties: - uuid: - type: string - description: A service identifier is a tuple of a UUID and identity type - that identifies an account and identity within the Signal service. - devices: - $ref: '#/components/schemas/StaleDevices' CombinedUnidentifiedSenderAccessKeys: type: object properties: