openapicopy.yaml

openapi: 3.0.3
info:
  title: TicketShow - OpenAPI 3.0
  description: |-
    This is a sample Pet Store Server based on the OpenAPI 3.0 specification.  You can find out more about
    Swagger at [https://swagger.io](https://swagger.io). In the third iteration of the pet store, we've switched to the design first approach!
    You can now help us improve the API whether it's by making changes to the definition itself or to the code.
    That way, with time, we can improve the API in general, and expose some of the new features in OAS3.

    _If you're looking for the Swagger 2.0/OAS 2.0 version of Petstore, then click [here](https://editor.swagger.io/?url=https://petstore.swagger.io/v2/swagger.yaml). Alternatively, you can load via the `Edit > Load Petstore OAS 2.0` menu option!_
    
    Some useful links:
    - [The Pet Store repository](https://github.com/swagger-api/swagger-petstore)
    - [The source API definition for the Pet Store](https://github.com/swagger-api/swagger-petstore/blob/master/src/main/resources/openapi.yaml)
  termsOfService: http://swagger.io/terms/
  contact:
    email: apiteam@swagger.io
  license:
    name: Apache 2.0
    url: http://www.apache.org/licenses/LICENSE-2.0.html
  version: 1.0.11
externalDocs:
  description: Find out more about Swagger
  url: http://swagger.io
servers:
  - url: http://127.0.0.1:4433
tags:
  - name: show
    description: Operations about Shows
    externalDocs:
      description: Find out more
      url: http://swagger.io
  - name: theatre
    description: Operations about Theatres
    externalDocs:
      description: Find out more about our store
      url: http://swagger.io
  - name: user
    description: Operations about user
paths:
  /api/shows:
    get:
      tags:
        - show
      summary: Get an existing show
      description: Get an existing show by Id.
      operationId: getShow
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Show'
    delete:
      tags:
        - show
      summary: Delete an existing show
      description: Get an existing show by Id.
      operationId: deleteShow
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation


    put:
      tags:
        - show
      summary: Update an existing show
      description: Update an existing show by Id
      operationId: updateshow
      requestBody:
        $ref: '#/components/requestBodies/Show'
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Show'
            application/xml:
              schema:
                $ref: '#/components/schemas/Show'
        '400':
          description: Invalid ID supplied
        '404':
          description: show not found
        '405':
          description: Validation exception

    post:
      tags:
        - show
      summary: Add a new show to the database
      description: Add a new show to the database
      operationId: addShow
      requestBody:
        description: Create a new show in the database
        content:
          application/json:
            schema:
              required:
                - name
              type: object
              properties:
                name:
                  type: string
                rating:
                  type: number
                image_url:
                  type: string
                image_sqr:
                  type: string
                tags:
                  type: string
                ticket_price:
                  type: number
                format:
                  type: string
                language:
                  type: string

        required: false

      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Show'
            application/xml:
              schema:
                $ref: '#/components/schemas/Show'
        '405':
          description: Invalid input

  /api/running:
    get:
      tags:
        - running
      summary: Get an existing running show
      description: Get an existing running show by Id.
      operationId: getRunning
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Running'
    delete:
      tags:
        - running
      summary: Delete an existing running show
      description: Delete an existing running show by Id.
      operationId: deleteRunningShow
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation


    put:
      tags:
        - running
      summary: Update an existing running show
      description: Update an existing running show
      operationId: updateRunningShow
      requestBody:
        $ref: '#/components/requestBodies/Running_i'
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Running'
            application/xml:
              schema:
                $ref: '#/components/schemas/Running'
        '400':
          description: Invalid ID supplied
        '404':
          description: Running not found
        '405':
          description: Validation exception

    post:
      tags:
        - running
      summary: Add a new show to the database
      description: Add a new show to the database
      operationId: UpdateShow
      requestBody:
        $ref: '#/components/requestBodies/Running'


      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Running'
            application/xml:
              schema:
                $ref: '#/components/schemas/Running'
        '405':
          description: Invalid input

  /api/booking:
    get:
      tags:
        - booking
      summary: Get an existing booking
      description: Get an existing booking by Id.
      operationId: getBooking
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Booking'
    delete:
      tags:
        - booking
      summary: Get an existing booking
      description: Get an existing booking by Id.
      operationId: deleteBooking
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation


    put:
      tags:
        - booking
      summary: Update an existing booking
      description: Update an existing booking by Id
      operationId: updatebooking
      requestBody:
        $ref: '#/components/requestBodies/Booking_i'
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Booking'
            application/xml:
              schema:
                $ref: '#/components/schemas/Booking'
        '400':
          description: Invalid ID supplied
        '404':
          description: booking not found
        '405':
          description: Validation exception

    post:
      tags:
        - booking
      summary: Add a new booking to the database
      description: Add a new booking to the database
      operationId: addBooking
      requestBody:
        $ref: '#/components/requestBodies/Booking'

      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Booking'
            application/xml:
              schema:
                $ref: '#/components/schemas/Booking'
        '405':
          description: Invalid input

  /api/review:
    get:
      tags:
        - review
      summary: Get an existing review
      description: Get an existing review by Id.
      operationId: getReview
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Review'
    delete:
      tags:
        - review
      summary: Get an existing review
      description: Get an existing review by Id.
      operationId: deleteReview
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation


    put:
      tags:
        - review
      summary: Update an existing review
      description: Update an existing review by Id
      operationId: updatereview
      requestBody:
        $ref: '#/components/requestBodies/Review_i'
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Review'
            application/xml:
              schema:
                $ref: '#/components/schemas/Review'
        '400':
          description: Invalid ID supplied
        '404':
          description: review not found
        '405':
          description: Validation exception

    post:
      tags:
        - review
      summary: Add a new review to the database
      description: Add a new review to the database
      operationId: addReview
      requestBody:
        $ref: '#/components/requestBodies/Review'
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Review'
            application/xml:
              schema:
                $ref: '#/components/schemas/Review'
        '405':
          description: Invalid input

  /api/theatre:
    get:
      tags:
        - theatre
      summary: Get an existing theatre
      description: Get an existing theatre by Id.
      operationId: getTheatre
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Theatre'
    delete:
      tags:
        - theatre
      summary: Get an existing theatre
      description: Get an existing theatre by Id.
      operationId: deletetheatre
      parameters:
        - name: id
          in: query
          description: Id values that need to be considered for filter
          required: true
          schema:
            type: integer
      responses:
        '200':
          description: successful operation


    put:
      tags:
        - theatre
      summary: Update an existing theatre
      description: Update an existing theatre by Id
      operationId: updatetheatre
      requestBody:
        $ref: '#/components/requestBodies/Theatre_i'
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Theatre'
            application/xml:
              schema:
                $ref: '#/components/schemas/Theatre'
        '400':
          description: Invalid ID supplied
        '404':
          description: theatre not found
        '405':
          description: Validation exception

    post:
      tags:
        - theatre
      summary: Add a new theatre to the database
      description: Add a new theatre to the database
      operationId: addtheatre
      requestBody:
        $ref: '#/components/requestBodies/Theatre'

      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Theatre'
            application/xml:
              schema:
                $ref: '#/components/schemas/Theatre'
        '405':
          description: Invalid input

  /login:
    get:
      summary: Retrieve login form and/or user information
      responses:
        200:
          description: >
            Login form or user information. The JSON response will always
            carry the csrf_token information. If the caller is logged in, then
            additional information is returned. This can be very useful for single-page applications where during a force refresh, all state is lost.
            By performing this GET, the session cookie will authenticate the user and the response will contain user information.
          content:
            text/html:
              schema:
                example: render_template(SECURITY_LOGIN_USER_TEMPLATE)
            application/json:
              schema:
                allOf:
                  - $ref: '#/components/schemas/BaseJsonResponse'
                  - type: object
                    properties:
                      response:
                        type: object
                        properties:
                          identity_attributes:
                            type: array
                            description: List of allowable identities
                            items:
                              type: string
        302:
          description: Response when already logged in (non-JSON request)
          headers:
            Location:
              description: Redirect to ``SECURITY_POST_LOGIN_VIEW``
              schema:
                type: string
                format: uri
    post:
      summary: Login to application
      description: Supports both json and form request types. If the caller is already logged in, then in the form case, they are redirected to SECURITY_POST_LOGIN_VIEW, for a json request, a 400 is returned.
      parameters:
        - name: next
          in: query
          description: >
            URL to redirect to on successful login. Ignored for json request.
          schema:
            type: string
        - $ref: "#/components/parameters/include_auth_token"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/Login"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/Login"
      responses:
        200:
          description: Login response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/LoginJsonResponse"
            text/html:
              schema:
                description: Unsuccessful login
                type: string
                example: render_template(SECURITY_LOGIN_USER_TEMPLATE) with error values
        302:
          description: >
            If the caller already authenticated, the form contents is ignored and a
            redirect is done: redirect(next) or redirect(SECURITY_POST_LOGIN_VIEW).

            If the caller is NOT already authenticated, and the form contents are
            validated the caller will be redirected to:
            redirect(next) or redirect(SECURITY_POST_LOGIN_VIEW)
          headers:
            Location:
              description: Redirect to ``SECURITY_POST_LOGIN_VIEW``
              schema:
                type: string
        400:
          description: Errors while validating login, or caller already authenticated/logged in.
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /login(passwordless):
    get:
      summary: Return passwordless login form
      responses:
        200:
          description: Passwordless login form
          content:
            text/html:
              schema:
                type: string
                example: render_template(SECURITY_SEND_LOGIN_TEMPLATE)
    post:
      summary: Send passwordless login instructions email
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/EmailLink"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/EmailLink"
      responses:
        200:
          description: >
            Passwordless login response. For forms both success and validation errors.
          content:
            text/html:
              schema:
                description: Passwordless login form - with errors.
                type: string
                example: render_template(SECURITY_SEND_LOGIN_TEMPLATE)
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonResponse"
        400:
          description: Errors while validating form
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /login(passwordless)/{token}:
    parameters:
      - name: token
        in: path
        required: true
        schema:
          type: string
    get:
      summary: Login via token
      description: >
        This is the result of getting a passwordless login token and is usually
        the result of clicking the link from a passwordless email.
        This ALWAYS results in a 302 redirect.
      responses:
        302:
          description: >
            Redirects depending on success/error and whether
            __SECURITY_REDIRECT_BEHAVIOR__ == 'spa'.
          headers:
            Location:
              description: |
                On spa-success: SECURITY_POST_LOGIN_VIEW?identity={identity}&email={email}

                On spa-error-expired: SECURITY_LOGIN_ERROR_VIEW?error={msg}&identity={identity}&email={email}

                On spa-error-invalid-token: SECURITY_LOGIN_ERROR_VIEW?error={msg}

                On form-success: SECURITY_POST_LOGIN_VIEW

                On form-error-expired: SECURITY_LOGIN_VIEW

                On form-error-invalid-token: SECURITY_LOGIN_VIEW
              schema:
                type: string
  /logout:
    get:
      summary: Log out current user
      responses:
        302:
          description: Successful logout
          headers:
            Location:
              description: Redirect to ``SECURITY_POST_LOGOUT_VIEW``
              schema:
                type: string
    post:
      summary: Log out current user
      responses:
        200:
          description: Successful logout
          content:
            application/json:
              schema:
                type: object
                required: [ meta ]
                properties:
                  meta:
                    type: object
                    required: [ code ]
                    properties:
                      code:
                        type: integer
                        example: 200
                        description: Http status code
  /verify:
    get:
      summary: Basic re-authentication.
      description: >
        If an endpoint is protected with @auth_required() with a freshness declaration
        this endpoint will be called to request an already signed in user to re-authenticate.
      responses:
        200:
          description: Verify/re-authenticate form
          content:
            text/html:
              schema:
                example: render_template(SECURITY_VERIFY_TEMPLATE)
            application/json:
              schema:
                type: object
                properties:
                  has_webauthn_verify_credential:
                    type: boolean
                    description: <
                      True if caller has a registered WebAuthn Key which has a `usage` that
                      is allowed by the SECURITY_WAN_ALLOW_AS_VERIFY configuration setting.
    post:
      summary: Basic re-authentication
      parameters:
        - $ref: "#/components/parameters/include_auth_token"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/Verify"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/Verify"
      responses:
        200:
          description: Verify/re-authenticate response.
          content:
            application/json:
              schema:
                allOf:
                  - description: >
                      The user successfully re-authenticated.
                  - $ref: "#/components/schemas/JsonResponseWithToken"
            text/html:
              schema:
                description: Unsuccessful re-authentication.
                type: string
                example: render_template(SECURITY_VERIFY_TEMPLATE) with error values
        302:
          description: User successfully re-authenticated when using form based request.
          headers:
            Location:
              description: Redirect to ``next`` or ``SECURITY_POST_VERIFY_VIEW``
              schema:
                type: string
        400:
          description: Errors while validating attributes.
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /register:
    get:
      summary: Return register form
      responses:
        200:
          description: Register form
          content:
            text/html:
              schema:
                type: string
                example: render_template(SECURITY_REGISTER_USER_TEMPLATE)
        302:
          description: Response when already logged in
          headers:
            Location:
              description: Redirect to ``SECURITY_POST_LOGIN_VIEW``
              schema:
                type: string
    post:
      summary: Register new user with application
      parameters:
        - name: next
          in: query
          description: >
            URL to redirect to on successful registration. Ignored for json request.
          schema:
            type: string

      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/Register"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/RegisterForm"
      responses:
        200:
          description: Register response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonResponse"
            text/html:
              schema:
                description: Unsuccessful registration
                type: string
                example: render_template(SECURITY_REGISTER_USER_TEMPLATE) with error values
        302:
          description: >
            Successful registration with form data body.
          headers:
            Location:
              description: redirect to ``next`` or ``SECURITY_POST_REGISTER_VIEW``
              schema:
                type: string
        400:
          description: Errors while validating registration form
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /change:
    get:
      summary: Return change password form
      responses:
        200:
          description: change password form
          content:
            text/html:
              schema:
                example: render_template(SECURITY_CHANGE_PASSWORD_TEMPLATE)
            application/json:
              schema:
                allOf:
                  - $ref: '#/components/schemas/DefaultJsonResponse'
                  - type: object
                    properties:
                      response:
                        type: object
                        properties:
                          active_password:
                            type: boolean
                            description: Does user already have a password?
    post:
      summary: Change password
      parameters:
        - name: X-XSRF-Token
          in: header
          schema:
            $ref: "#/components/headers/X-CSRF-Token"
        - $ref: "#/components/parameters/include_auth_token"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/ChangePassword"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/ChangePassword"
      responses:
        200:
          description: Change password response.
          content:
            text/html:
              schema:
                description: Change form validation error.
                type: string
                example: render_template(SECURITY_CHANGE_PASSWORD_TEMPLATE) with error values
            application/json:
              schema:
                $ref: "#/components/schemas/JsonResponseWithToken"
        302:
          description: Password has been changed (non-json)
          headers:
            Location:
              description: |
                On success: Redirect to ``SECURITY_POST_CHANGE_VIEW`` or
                            ``SECURITY_POST_LOGIN_VIEW``
              schema:
                type: string
        400:
          description: Errors while validating form
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /reset:
    get:
      summary: Return reset password form
      responses:
        200:
          description: Reset password form
          content:
            text/html:
              schema:
                type: string
                example: render_template(SECURITY_FORGOT_PASSWORD_TEMPLATE)
        302:
          description: Response when already logged in
          headers:
            Location:
              description: Redirect to ``SECURITY_POST_LOGIN_VIEW``
              schema:
                type: string
    post:
      summary: Send reset password instructions email
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/EmailLink"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/EmailLink"
      responses:
        200:
          description: >
            Reset password response. For forms both success and validation errors.
          content:
            text/html:
              schema:
                description: Forgot password form - with errors.
                type: string
                example: render_template(SECURITY_FORGOT_PASSWORD_TEMPLATE)
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonResponseNoUser"
        400:
          description: Errors while validating form
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /reset/{token}:
    parameters:
      - name: token
        in: path
        required: true
        schema:
          type: string
    get:
      summary: Request to reset password
      description: >
        This is the result of getting a reset-password token and is usually
        the result of clicking the link from a reset-password email.
        If __SECURITY_REDIRECT_BEHAVIOR__ == 'spa' then a 302 is always returned.
      responses:
        200:
          description: Reset password form
          content:
            text/html:
              schema:
                type: string
                example: render_template(SECURITY_RESET_PASSWORD_TEMPLATE)
        302:
          description: >
            Redirects depending on success/error and whether
            __SECURITY_REDIRECT_BEHAVIOR__ == 'spa'.
          headers:
            Location:
              description: |
                On spa-success: SECURITY_RESET_VIEW?token={token}&identity={identity}&email={email}

                On spa-error-expired: SECURITY_RESET_ERROR_VIEW?error={msg}&identity={identity}&email={email}

                On spa-error-invalid-token: SECURITY_RESET_ERROR_VIEW?error={msg}

                On default-error: redirect(SECURITY_FORGOT_PASSWORD)
              schema:
                type: string
    post:
      summary: Reset password
      parameters:
        - $ref: "#/components/parameters/include_auth_token"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/ResetPassword"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/ResetPassword"
      responses:
        200:
          description: Reset response
          content:
            text/html:
              schema:
                description: Reset form validation error.
                type: string
                example: render_template(SECURITY_RESET_PASSWORD_TEMPLATE) with error values
            application/json:
              schema:
                $ref: "#/components/schemas/JsonResponseWithToken"
        302:
          description: Password has been reset or validation error (non-json)
          headers:
            Location:
              description: |
                On success: redirect(SECURITY_POST_RESET_VIEW) or
                    redirect(SECURITY_POST_LOGIN_VIEW)

                On invalid/expired token: redirect(SECURITY_FORGOT_PASSWORD)
              schema:
                type: string
        400:
          description: Errors while validating form
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /confirm:
    get:
      summary: Return send confirmation form
      responses:
        200:
          description: Confirmation form
          content:
            text/html:
              schema:
                example: render_template(SECURITY_SEND_CONFIRMATION_TEMPLATE)
    post:
      summary: Send confirmation email
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/EmailLink"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/EmailLink"
      responses:
        200:
          description: >
            Confirmation response. For forms both success and validation errors.
          content:
            text/html:
              schema:
                description: Confirmation form - with errors.
                type: string
                example: render_template(SECURITY_SEND_CONFIRMATION_TEMPLATE)
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonResponse"
        400:
          description: Errors while validating form
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /confirm/{token}:
    parameters:
      - name: token
        in: path
        required: true
        schema:
          type: string
    get:
      summary: Request to confirm account
      description: >
        This is the result of getting a confirmation token and is usually
        the result of clicking the link from a confirmation email.
        This ALWAYS results in a 302 redirect.
        By default (unless __SECURITY_AUTO_LOGIN_AFTER_CONFIRM__ == False), the user
        denoted by the token is logged in as a side-effect.
      responses:
        302:
          description: >
            Redirects depending on success/error and whether
            __SECURITY_REDIRECT_BEHAVIOR__ == 'spa'.
          headers:
            Location:
              description: |
                On spa-success: SECURITY_POST_CONFIRM_VIEW?identity={identity}&email={email}&{level}={msg}

                On spa-error-expired: SECURITY_CONFIRM_ERROR_VIEW?error={msg}&identity={identity}&email={email}

                On spa-error-invalid-token: SECURITY_CONFIRM_ERROR_VIEW?error={msg}

                On form-success: SECURITY_POST_CONFIRM_VIEW or
                                 SECURITY_POST_LOGIN_VIEW

                On form-success (no auto-login): SECURITY_POST_CONFIRM_VIEW or
                                 SECURITY_LOGIN_URL

                On form-error-expired: SECURITY_CONFIRM_ERROR_VIEW or
                                       SECURITY_CONFIRM_URL

                On form-error-invalid-token: SECURITY_CONFIRM_ERROR_VIEW or
                                             SECURITY_CONFIRM_URL
              schema:
                type: string
  /us-signin:
    get:
      summary: Unified Sign In.
      responses:
        200:
          description: Sign in form
          content:
            text/html:
              schema:
                example: render_template(SECURITY_US_SIGNIN_TEMPLATE)
            application/json:
              schema:
                type: object
                properties:
                  available_methods:
                    type: string
                    description: Config setting SECURITY_US_ENABLED_METHODS
                  code_methods:
                    type: string
                    description: All SECURITY_US_ENABLED_METHODS that require a code to be generated and sent.
                  identity_attributes:
                    type: string
                    description: Configuration setting SECURITY_USER_IDENTITY_ATTRIBUTES
    post:
      summary: Unified Sign In.
      parameters:
        - $ref: "#/components/parameters/include_auth_token"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/UsSignin"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/UsSignin"
      responses:
        200:
          description: Unified Sign In response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/UsSigninJsonResponse"
            text/html:
              schema:
                description: Unsuccessful sign in
                type: string
                example: render_template(SECURITY_US_SIGNIN_TEMPLATE) with error values
        302:
          description: >
            If the caller already authenticated, the form contents is ignored and a
            redirect is done: redirect(next) or redirect(SECURITY_POST_LOGIN_VIEW).

            If the caller is NOT already authenticated, and the form contents are
            validated the caller will be redirected to:
            redirect(next) or redirect(SECURITY_POST_LOGIN_VIEW)
          headers:
            Location:
              description: Redirect to ``SECURITY_POST_LOGIN_VIEW``
              schema:
                type: string
        400:
          description: Errors while validating attributes, or caller already authenticated/logged in.
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
  /us-signin/send-code:
    post:
      summary: Send Code for unified sign in.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/UsSigninSendCode"
          application/x-www-form-urlencoded:
            schema:
              $ref: "#/components/schemas/UsSigninSendCode"
      responses:
        200:
          description: Send code response
          content:
            application/json:
              schema:
                description: Code successfully sent
            text/html:
              schema:
                description: Validation error, code send error, or code successfully sent
                type: string
                example: render_template(SECURITY_US_SIGNIN_TEMPLATE) with error values
        400:
          description: Errors while validating attributes.
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"
        500:
          description: Error when trying to send code.
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/DefaultJsonErrorResponse"


components:
  parameters:
    include_auth_token:
      name: include_auth_token
      description: If set/sent, will return an Authentication Token for user
      in: query
      schema:
        type: string
  schemas:
    Review:
      type: object
      properties:
        id:
          type: integer
          format: int64
        user_id:
          type: integer
          format: int64
        show_id:
          type: integer
          format: int64
        rating:
          type: number
        review:
          type: string
      xml:
        name: review
    Running:
      type: object
      properties:
        id:
          type: integer
          format: int64
        show_id:
          type: integer
          format: int64
        theatre_id:
          type: integer
          format: int64
        date:
          type: integer
      xml:
        name: running
    Booking:
      type: object
      properties:
        id:
          type: integer
          format: int64
        user_id:
          type: integer
          format: int64
        running_id:
          type: integer
          format: int64
        seats:
          type: string
        total_price:
          type: number

      xml:
        name: booking
    Show:
      required:
        - name
      type: object
      properties:
        id:
          type: integer
          format: int64
        name:
          type: string
        rating:
          type: number
        image_url:
          type: string
        image_sqr:
          type: string
        tags:
          type: string
        ticket_price:
          type: number
        format:
          type: string
        language:
          type: string
      xml:
        name: show
    Theatre:
      properties:
        id:
          type: integer
        name:
          type: string
        place:
          type: string
        capacity:
          type: number

    Login:
      type: object
      required: [ email, password ]
      properties:
        email:
          type: string
          description: user email
        password:
          type: string
          description: Password
        remember:
          type: boolean
          description: >
            If true, will remember userid as part of cookie. There is a configuration variable DEFAULT_REMEMBER_ME that can be set. This field will override that.
        tf_validity_token:
          type: string
          description: Code verifying the user has successfully verified 2FA in the past. If verified, the user is able to skip validation of the second factor. Only used when SECURITY_TWO_FACTOR_ALWAYS_VALIDATE is False.
    LoginJsonResponse:
      type: object
      description: >
        The user successfully signed in. Note that depending on SECURITY_TWO_FACTOR configuration variables, a second form of authentication might be required.
        Note that if 2FA is not configured, none of the ``tf_`` properties will be returned.
      required: [ meta, response ]
      properties:
        meta:
          type: object
          required: [ code ]
          properties:
            code:
              type: integer
              example: 200
              description: Http status code
        response:
          type: object
          properties:
            authentication_token:
              type: string
              description: >
                Token to be used in future token-based API calls. Only returned if "include_auth_token" parameter is set.
            tf_required:
              type: boolean
              description: If two-factor authentication is required for caller.
            tf_state:
              type: string
              description: if "setup_from_login" then the caller must go through two-factor setup endpoint. If "ready" then a code has been sent and should be supplied to SECURITY_TWO_FACTOR_TOKEN_VALIDATION_URL.
            tf_method:
              type: string
              description: Which method was used to send code.
              example: "webauthn"
            tf_select:
              type: boolean
              description: <
                If user has setup multiple forms of two-factor authentication, this will be True
                and the application should prompt the user for which method they want to use.
            tf_setup_methods:
              type: array
              items:
                type: string
                description: If user has setup multiple forms of two-factor authentication they are listed

    BaseJsonResponse:
      type: object
      required: [ meta, response ]
      properties:
        meta:
          type: object
          required: [ code ]
          properties:
            code:
              type: integer
              example: 200
              description: Http status code
    DefaultJsonResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              properties:
                user:
                  type: object
                  description: >
                    By default an empty dictionary is returned. However by overriding _User::get_security_payload()_ any attributes of the User model can be returned.
                csrf_token:
                  type: string
                  description: Session CSRF token
    DefaultJsonResponseNoUser:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              properties:
                csrf_token:
                  type: string
                  description: Session CSRF token
    JsonResponseWithToken:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              properties:
                user:
                  type: object
                  description: >
                    By default an empty dictionary is returned. However by overriding _User::get_security_payload()_ any attributes of the User model can be returned.
                  properties:
                    authentication_token:
                      type: string
                      description: >
                        Token to be used in future token-based API calls.
                        Note this only returned from those APIs that accept a
                        'include_auth_token' query param.
                csrf_token:
                  type: string
                  description: Session CSRF token
    DefaultJsonErrorResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              required: [ errors ]
              description: >
                For form validation errors, the 'field_errors' key will be set with a list of errors per
                invalid form input field (i.e. a dict of 'field-name': list of error strings).
                The 'errors' key will be a simple list of both form and non-form related
                errors (all form errors will also be included here).
              properties:
                field_errors:
                  type: object
                  description: >
                    Errors per input/form field
                  additionalProperties:
                    type: array
                    items:
                      type: string
                      example: field validation error.
                      description: Error message (localized)
                errors:
                  type: array
                  items:
                    type: string
                    example: "Unauthenticated"
                    description: Error message (localized)
    Verify:
      type: object
      required: [ password ]
      properties:
        password:
          type: string
          description: Password
    Register:
      type: object
      required: [ email, password ]
      properties:
        email:
          type: string
          description: >
            user identifier. This is by default an email address, but can be any (unique)
            field that is part of the User model and is defined in the __SECURITY_USER_IDENTITY_ATTRIBUTES__ configuration variable. It will also match against numeric User model fields.
        password:
          type: string
          description: Password
    RegisterForm:
      type: object
      required: [ email, password ]
      properties:
        email:
          type: string
          description: >
            user identifier. This is by default an email address, but can be any (unique)
            field that is part of the User model and is defined in the __SECURITY_USER_IDENTITY_ATTRIBUTES__ configuration variable. It will also match against numeric User model fields.
        password:
          type: string
          description: Password
        password_confirm:
          type: string
          description: >
            If present, must re-type in password. This will not be present if the __SECURITY_CONFIRM__ configuration is true.
        next:
          type: string
          description: >
            Redirect URL. Overrides __SECURITY_POST_REGISTER_VIEW__.
    ResetPassword:
      type: object
      required: [ password, password_confirm ]
      properties:
        password:
          type: string
          description: Password
        password_confirm:
          type: string
          description: Password - again
    ChangePassword:
      type: object
      required: [ password, new_password, new_password_confirm ]
      properties:
        password:
          type: string
          description: Password
        new_password:
          type: string
          description: New password
        new_password_confirm:
          type: string
          description: New password - again
    EmailLink:
      type: object
      required: [ email ]
      properties:
        email:
          type: string
          description: >
            Email address to send link email to.
    UsSignin:
      type: object
      required: [ identity, passcode ]
      properties:
        identity:
          type: string
          description: Configured by SECURITY_USER_IDENTITY_ATTRIBUTES
          example: me@you.com, +16505551212
        passcode:
          type: string
          description: password or code
        remember:
          type: boolean
        tf_validity_token:
          type: string
          description: Code verifying the user has successfully verified 2FA in the past. If verified, the user is able to skip validation of the second factor. Only used when SECURITY_TWO_FACTOR_ALWAYS_VALIDATE is False.
    UsSigninJsonResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          description: >
            The user successfully signed in. Note that depending on SECURITY_TWO_FACTOR and SECURITY_US_MFA_REQUIRED configuration variables, a second form of authentication might be required.
          properties:
            response:
              type: object
              properties:
                authentication_token:
                  type: string
                  description: >
                    Token to be used in future token-based API calls. Only returned if "include_auth_token" parameter is set.
                tf_required:
                  type: boolean
                  description: If two-factor authentication is required for caller.
                tf_state:
                  type: string
                  description: if "setup_from_login" then the caller must go through two-factor setup endpoint. If "ready" then a code has been sent and should be supplied to SECURITY_TWO_FACTOR_TOKEN_VALIDATION_URL.
                tf_primary_method:
                  type: string
                  description: Which method was used to send code.
    UsSigninSendCode:
      type: object
      required: [ identity, chosen_method ]
      properties:
        identity:
          type: string
          description: Configured by SECURITY_USER_IDENTITY_ATTRIBUTES
          example: me@you.com, +16505551212
        chosen_method:
          type: string
          description: which method should be used to send the code, as configured with SECURITY_US_ENABLED_METHODS
    UsSigninVerify:
      type: object
      required: [ passcode ]
      properties:
        passcode:
          type: string
          description: password or code
    UsSigninVerifySendCode:
      type: object
      required: [ chosen_method ]
      properties:
        chosen_method:
          type: string
          description: which method should be used to send the code, as configured with SECURITY_US_ENABLED_METHODS
    UsSetup:
      type: object
      properties:
        chosen_method:
          type: string
          description: which method should be used to send the code, as configured with SECURITY_US_ENABLED_METHODS
        delete_method:
          type: string
          description: which previously set up method should be deleted.
        phone:
          type: string
          description: phone number (this will be normalized). Required if chosen_method == "sms".
    UsSetupJsonResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              description: Response when setting up a new method. When deleting, nothing is returned.
              properties:
                chosen_method:
                  type: string
                  description: The chosen_method as passed into API.
                phone:
                  type: string
                  description: The canonicalized phone number if setting up SMS
                authr_key:
                  type: string
                  description: TOTP key for setting up authenticator (if chosen_method == 'authenticator')
                authr_issuer:
                  type: string
                  description: Issuer as configured with TOTP_ISSUER (same as used in QRcode) (if chosen_method == 'authenticator')
                authr_username:
                  type: string
                  description: Username (same as used in QRcode) (if chosen_method == 'authenticator')
                state:
                  type: string
                  description: Opaque blob that must be pass to /us-setup/<state>. This is a signed, timed token.
    UsSetupValidateRequest:
      type: object
      required: [ passcode ]
      properties:
        passcode:
          type: string
          description: Code/Passcode as received from method being setup.
    UsSetupValidateJsonResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              properties:
                chosen_method:
                  type: string
                  description: The chosen_method as passed into API.
                phone:
                  type: string
                  description: Phone number if set.
    TfSetup:
      type: object
      required: [ setup ]
      properties:
        setup:
          type: string
          description: >
            Which method should be used to send the code, as configured with SECURITY_TWO_FACTOR_ENABLED_METHODS.
            If SECURITY_TWO_FACTOR_REQUIRED is False, the additional method 'disable' is available.
          example: sms
        phone:
          type: string
          description: phone number (this will be validated for format). Required if setup == "sms".
          example: 650-555-1212
    TfSetupJsonResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              properties:
                tf_state:
                  type: string
                  description: >
                    Current state of Two Factor configuration. Not present when disabling 2FA. This will be set to 'validating_profile'
                    indicating the caller needs to call '/tf-validate' with the correct code.
                  example: validating_profile
                tf_primary_method:
                  type: string
                  description: Current method being configured.
                  example: sms
                tf_authr_key:
                  type: string
                  description: TOTP key for setting up authenticator (if tf_primary_method == 'authenticator')
                tf_authr_issuer:
                  type: string
                  description: Issuer as configured with TOTP_ISSUER (same as used in QRcode) (if tf_primary_method == 'authenticator')
                tf_authr_username:
                  type: string
                  description: Username (same as used in QRcode) (if tf_primary_method == 'authenticator')
    TfValidateJsonResponse:
      type: object
      properties:
        user:
          type: object
          description: >
            By default an empty dictionary is returned. However by overriding _User::get_security_payload()_ any attributes of the User model can be returned.
        csrf_token:
          type: string
          description: Session CSRF token
        tf_validity_token:
          type: string
          description: A timed token that verifies that the user has successfully completed 2FA. Only sent if SECURITY_TWO_FACTOR_ALWAYS_VALIDATE is False and remember_me (from /login POST) is True

    WanRegister:
      type: object
      required: [ name, usage ]
      properties:
        name:
          type: string
          example: Wankey1
        usage:
          type: string
          enum: [ first, secondary ]
    WanRegisterJsonResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              properties:
                credential_options:
                  type: string
                wan_state:
                  type: string
    WanSignin:
      type: object
      properties:
        identity:
          type: string
          example: lp@me.com
        remember:
          type: boolean
          description: >
            If true, will remember userid as part of cookie. There is a configuration variable DEFAULT_REMEMBER_ME that can be set. This field will override that.
    WanSigninJsonResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              properties:
                credential_options:
                  type: string
                wan_state:
                  type: string
                is_secondary:
                  type: boolean
                  description: Is this sign in part of a secondary authentication.
                remember:
                  type: boolean
                  description: This is simply the same value as was passed in the body.
    WanSignin2:
      type: object
      required: [ credential ]
      properties:
        credential:
          type: string
          description: Credential returned from browser
        remember:
          type: boolean
    WanDelete:
      type: object
      required: [ name ]
      properties:
        name:
          type: string
          description: Name of WebAuthn key to delete.
    WanVerifyJsonResponse:
      allOf:
        - $ref: '#/components/schemas/BaseJsonResponse'
        - type: object
          properties:
            response:
              type: object
              properties:
                credential_options:
                  type: string
                wan_state:
                  type: string

  headers:
    X-CSRF-Token:
      description: CSRF token
      schema:
        type: string
  requestBodies:
    Show:
      description: Show object that needs to be added to the store
      content:
        application/json:
          schema:
            required:
              - name
            type: object
            properties:
              id:
                type: integer
              name:
                type: string
              rating:
                type: number
              image_url:
                type: string
              image_sqr:
                type: string
              tags:
                type: string
              ticket_price:
                type: number
              format:
                type: string
              language:
                type: string
    Show_i:
      description: Show object that needs to be added to the store
      content:
        application/json:
          schema:
            required:
              - name
            type: object
            properties:
              id:
                type: integer
              name:
                type: string
              rating:
                type: number
              image_url:
                type: string
              image_sqr:
                type: string
              tags:
                type: string
              ticket_price:
                type: number
              format:
                type: string
              language:
                type: string
            xml:
              name: show
        application/xml:
          schema:
            $ref: '#/components/schemas/Show'
    Theatre_i:
      description: Theatre object post
      content:
        application/json:
          schema:
            required:
              - name
            type: object
            properties:
              id:
                type: integer
              name:
                type: string
              place:
                type: string
              capacity:
                type: number
    Theatre:
      description: Theatre object post
      content:
        application/json:
          schema:
            required:
              - name
            type: object
            properties:
              name:
                type: string
              place:
                type: string
              capacity:
                type: number
    Booking:
      description: booking object post
      content:
        application/json:
          schema:
            required:
              - name
            type: object
            properties:
              user_id:
                type: integer
              running_id:
                type: integer
              seats:
                type: string
              total_price:
                type: number

    Review:
      description: review object post
      content:
        application/json:
          schema:
            required:
              - name
            type: object
            properties:
              user_id:
                type: integer
              show_id:
                type: integer
              rating:
                type: number
              review:
                type: string
    Running:
      description: running object post
      content:
        application/json:
          schema:
            properties:
              show_id:
                type: integer
              theatre_id:
                type: integer
              date:
                type: integer
    Booking_i:
      description: booking object post
      content:
        application/json:
          schema:
            required:
              - name
            type: object
            properties:
              id:
                type: integer
              user_id:
                type: integer
              running_id:
                type: integer
              seats:
                type: string
              total_price:
                type: number

    Review_i:
      description: review object post
      content:
        application/json:
          schema:
            properties:
              id:
                type: integer
              user_id:
                type: integer
              show_id:
                type: integer
              rating:
                type: number
              review:
                type: string
    Running_i:
      description: running object post
      content:
        application/json:
          schema:
            properties:
              id:
                type: integer
              show_id:
                type: integer
              theatre_id:
                type: integer
              date:
                type: integer

  securitySchemes:
    api_key:
      type: apiKey
      name: api_key
      in: header