CoCalc -- openapi.yaml

GitHub Repository: projectdiscovery/nuclei
Path: blob/dev/pkg/input/formats/testdata/openapi.yaml
²⁰⁷⁰ views
1
openapi: 3.1.0
2
info:
3
  title: VAmPI
4
  description: OpenAPI v3 specs for VAmPI
5
  version: '0.1'
6
servers:
7
  - url: http://hackthebox:5000
8
components: {}
9
paths:
10
  /createdb:
11
    get:
12
      tags:
13
        - db-init
14
      summary: Creates and populates the database with dummy data
15
      description: Creates and populates the database with dummy data
16
      operationId: api_views.main.populate_db
17
      responses:
18
        '200':
19
          description: Creates and populates the database with dummy data
20
          content:
21
            application/json:
22
              schema:
23
                type: object
24
                properties:
25
                  message:
26
                    type: string
27
                    example: 'Database populated.'
28
  /:
29
    get:
30
      tags:
31
        - home
32
      summary: VAmPI home
33
      description: >-
34
        VAmPI is a vulnerable on purpose API. It was created in order to
35
        evaluate the efficiency of third party tools in identifying
36
        vulnerabilities in APIs but it can also be used in learning/teaching
37
        purposes.
38
      operationId: api_views.main.basic
39
      responses:
40
        '200':
41
          description: Home - Help
42
          content:
43
            application/json:
44
              schema:
45
                type: object
46
                properties:
47
                  message:
48
                    type: string
49
                    example: 'VAmPI the Vulnerable API'
50
                  help:
51
                    type: string
52
                    example: 'VAmPI is a vulnerable on purpose API. It was created in order to evaluate the efficiency of third party tools in identifying vulnerabilities in APIs but it can also be used in learning/teaching purposes.'
53
                  vulnerable:
54
                    type: number
55
                    example: 1
56
  /users/v1:
57
    get:
58
      tags:
59
        - users
60
      summary: Retrieves all users
61
      description: Displays all users with basic information
62
      operationId: api_views.users.get_all_users
63
      responses:
64
        '200':
65
          description: See basic info about all users
66
          content:
67
            application/json:
68
              schema:
69
                type: array
70
                items:
71
                  type: object
72
                  properties:
73
                    email:
74
                      type: string
75
                      example: '[email protected]'
76
                    username:
77
                      type: string
78
                      example: 'name1'
79
  /users/v1/_debug:
80
    get:
81
      tags:
82
        - users
83
      summary: Retrieves all details for all users
84
      description: Displays all details for all users
85
      operationId: api_views.users.debug
86
      responses:
87
        '200':
88
          description: See all details of the users
89
          content:
90
            application/json:
91
              schema:
92
                type: array
93
                items:
94
                  type: object
95
                  properties:
96
                    admin:
97
                      type: boolean
98
                      example: false
99
                    email:
100
                      type: string
101
                      example: '[email protected]'
102
                    password:
103
                      type: string
104
                      example: 'pass1'
105
                    username:
106
                      type: string
107
                      example: 'name1'
108
  /users/v1/register:
109
    post:
110
      tags:
111
        - users
112
      summary: Register new user
113
      description: Register new user
114
      operationId: api_views.users.register_user
115
      requestBody:
116
        description: Username of the user
117
        content:
118
          application/json:
119
            schema:
120
              type: object
121
              properties:
122
                username:
123
                  type: string
124
                  example: 'John.Doe'
125
                password:
126
                  type: string
127
                  example: 'password123'
128
                email:
129
                  type: string
130
                  example: '[email protected]'
131
        required: true
132
      responses:
133
        '200':
134
          description: Sucessfully created user
135
          content:
136
            application/json:
137
              schema:
138
                type: object
139
                properties:
140
                  message:
141
                    type: string
142
                    example: 'Successfully registered. Login to receive an auth token.'
143
                  status:
144
                    type: string
145
                    enum: ['success', 'fail']
146
                    example: 'success'
147
        '400':
148
          description: Invalid request
149
          content: {}
150
  /users/v1/login:
151
    post:
152
      tags:
153
        - users
154
      summary: Login to VAmPI
155
      description: Login to VAmPI
156
      operationId: api_views.users.login_user
157
      requestBody:
158
        description: Username of the user
159
        content:
160
          application/json:
161
            schema:
162
              type: object
163
              properties:
164
                username:
165
                  type: string
166
                  example: 'John.Doe'
167
                password:
168
                  type: string
169
                  example: 'password123'
170
        required: true
171
      responses:
172
        '200':
173
          description: Sucessfully logged in user
174
          content:
175
            application/json:
176
                schema:
177
                  type: object
178
                  properties:
179
                    auth_token:
180
                      type: string
181
                      example: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NzAxNjA2MTcsImlhdCI6MTY3MDE2MDU1Nywic3ViIjoiSm9obi5Eb2UifQ.n17N4AxTbL4_z65-NR46meoytauPDjImUxrLiUMSTQw'
182
                    message:
183
                      type: string
184
                      example: 'Successfully logged in.'
185
                    status:
186
                      type: string
187
                      enum: ['success', 'fail']
188
                      example: 'success'
189
        '400':
190
          description: Invalid request
191
          content:
192
            application/json:
193
              schema:
194
                type: object
195
                properties:
196
                  status:
197
                    type: string
198
                    enum: ['fail']
199
                    example: 'fail'
200
                  message:
201
                    type: string
202
                    example: 'Password is not correct for the given username.'
203
  /users/v1/{username}:
204
    get:
205
      tags:
206
        - users
207
      summary: Retrieves user by username
208
      description: Displays user by username
209
      operationId: api_views.users.get_by_username
210
      parameters:
211
        - name: username
212
          in: path
213
          description: retrieve username data
214
          required: true
215
          schema:
216
            type: string
217
            example: 'John.Doe'
218
      responses:
219
        '200':
220
          description: Successfully display user info
221
          content:
222
            application/json:
223
              schema:
224
                type: array
225
                items:
226
                  type: object
227
                  properties:
228
                    username:
229
                      type: string
230
                      example: 'John.Doe'
231
                    email:
232
                      type: string
233
                      example: '[email protected]'
234
        '404':
235
          description: User not found
236
          content:
237
            application/json:
238
              schema:
239
                type: object
240
                properties:
241
                  status:
242
                    type: string
243
                    enum: ['fail']
244
                    example: 'fail'
245
                  message:
246
                    type: string
247
                    example: 'User not found'
248

249
    delete:
250
      tags:
251
        - users
252
      summary: Deletes user by username (Only Admins)
253
      description: Deletes user by username (Only Admins)
254
      operationId: api_views.users.delete_user
255
      parameters:
256
        - name: username
257
          in: path
258
          description: Delete username
259
          required: true
260
          schema:
261
            type: string
262
            example: 'name1'
263
      responses:
264
        '200':
265
          description: Sucessfully deleted user
266
          content:
267
            application/json:
268
              schema:
269
                type: object
270
                properties:
271
                  message:
272
                    type: string
273
                    example: 'User deleted.'
274
                  status:
275
                    type: string
276
                    enum: ['success', 'fail']
277
                    example: 'success'
278
        '401':
279
          description: User not authorized
280
          content:
281
            application/json:
282
              schema:
283
                type: object
284
                properties:
285
                  status:
286
                    type: string
287
                    example: 'fail'
288
                    enum: ['fail']
289
                  message:
290
                    type: string
291
                    example: 'Only Admins may delete users!'
292
        '404':
293
          description: User not found
294
          content:
295
            application/json:
296
              schema:
297
                type: object
298
                properties:
299
                  status:
300
                    type: string
301
                    example: 'fail'
302
                    enum: ['fail']
303
                  message:
304
                    type: string
305
                    example: 'User not found!'
306
  /users/v1/{username}/email:
307
    put:
308
      tags:
309
        - users
310
      summary: Update users email
311
      description: Update a single users email
312
      operationId: api_views.users.update_email
313
      parameters:
314
        - name: username
315
          in: path
316
          description: username to update email
317
          required: true
318
          schema:
319
            type: string
320
            example: 'name1'
321
      requestBody:
322
        description: field to update
323
        content:
324
          application/json:
325
            schema:
326
              type: object
327
              properties:
328
                email:
329
                  type: string
330
                  example: '[email protected]'
331
        required: true
332
      responses:
333
        '204':
334
          description: Sucessfully updated user email
335
          content: {}
336
        '400':
337
          description: Invalid request
338
          content:
339
            application/json:
340
              schema:
341
                type: object
342
                properties:
343
                  status:
344
                    type: string
345
                    enum: ['fail']
346
                    example: 'fail'
347
                  message:
348
                    type: string
349
                    example: 'Please Provide a valid email address.'
350
        '401':
351
          description: User not authorized
352
          content:
353
            application/json:
354
              schema:
355
                type: object
356
                properties:
357
                  status:
358
                    type: string
359
                    enum: ['fail']
360
                    example: 'fail'
361
                  message:
362
                    type: string
363
                    example: 'Invalid Token'
364
  /users/v1/{username}/password:
365
    put:
366
      tags:
367
        - users
368
      summary: Update users password
369
      description: Update users password
370
      operationId: api_views.users.update_password
371
      parameters:
372
        - name: username
373
          in: path
374
          description: username to update password
375
          required: true
376
          schema:
377
            type: string
378
            example: 'name1'
379
      requestBody:
380
        description: field to update
381
        content:
382
          application/json:
383
            schema:
384
              type: object
385
              properties:
386
                password:
387
                  type: string
388
                  example: 'pass4'
389
        required: true
390
      responses:
391
        '204':
392
          description: Sucessfully updated users password
393
          content: {}
394
        '400':
395
          description: Invalid request
396
          content:
397
            application/json:
398
              schema:
399
                type: object
400
                properties:
401
                  status:
402
                    type: string
403
                    enum: ['fail']
404
                    example: 'fail'
405
                  message:
406
                    type: string
407
                    example: 'Malformed Data'
408
        '401':
409
          description: User not authorized
410
          content:
411
            application/json:
412
              schema:
413
                type: object
414
                properties:
415
                  status:
416
                    type: string
417
                    enum: ['fail']
418
                    example: 'fail'
419
                  message:
420
                    type: string
421
                    example: 'Invalid Token'
422
  /books/v1:
423
    get:
424
      tags:
425
        - books
426
      summary: Retrieves all books
427
      description: Retrieves all books
428
      operationId: api_views.books.get_all_books
429
      responses:
430
        '200':
431
          description: See all books
432
          content:
433
            application/json:
434
              schema:
435
                type: object
436
                properties:
437
                  Books:
438
                    type: array
439
                    items:
440
                      type: object
441
                      properties:
442
                        book_title:
443
                          type: string
444
                        user:
445
                          type: string
446
              example:
447
                Books:
448
                  - book_title: 'bookTitle77'
449
                    user: 'name1'
450
                  - book_title: 'bookTitle85'
451
                    user: 'name2'
452
                  - book_title: 'bookTitle47'
453
                    user: 'admin'
454
    post:
455
      tags:
456
        - books
457
      summary: Add new book
458
      description: Add new book
459
      operationId: api_views.books.add_new_book
460
      requestBody:
461
        description: >-
462
          Add new book with title and secret content only available to the user
463
          who added it.
464
        content:
465
          application/json:
466
            schema:
467
              type: object
468
              properties:
469
                book_title:
470
                  type: string
471
                  example: 'book99'
472
                secret:
473
                  type: string
474
                  example: 'pass1secret'
475
        required: true
476
      responses:
477
        '200':
478
          description: Sucessfully added a book
479
          content:
480
            application/json:
481
              schema:
482
                type: object
483
                properties:
484
                  message:
485
                    type: string
486
                    example: 'Book has been added.'
487
                  status:
488
                    type: string
489
                    enum: ['success', 'fail']
490
                    example: 'success'
491
        '400':
492
          description: Invalid request
493
          content:
494
            application/json:
495
              schema:
496
                type: object
497
                properties:
498
                  status:
499
                    type: string
500
                    enum: ['fail']
501
                    example: 'fail'
502
                  message:
503
                    type: string
504
                    example: 'Book Already exists!'
505
        '401':
506
          description: User not authorized
507
          content:
508
            application/json:
509
              schema:
510
                type: object
511
                properties:
512
                  status:
513
                    type: string
514
                    enum: ['fail']
515
                    example: 'fail'
516
                  message:
517
                    type: string
518
                    example: 'Invalid Token'
519
  /books/v1/{book_title}:
520
    get:
521
      tags:
522
        - books
523
      summary: Retrieves book by title along with secret
524
      description: >-
525
        Retrieves book by title along with secret. Only the owner may retrieve
526
        it
527
      operationId: api_views.books.get_by_title
528
      parameters:
529
        - name: book_title
530
          in: path
531
          description: retrieve book data
532
          required: true
533
          schema:
534
            type: string
535
            example: 'bookTitle77'
536
      responses:
537
        '200':
538
          description: Successfully retrieve book info
539
          content:
540
            application/json:
541
              schema:
542
                type: array
543
                items:
544
                  type: object
545
                  properties:
546
                    book_title:
547
                      type: string
548
                      example: 'bookTitle77'
549
                    owner:
550
                      type: string
551
                      example: 'name1'
552
                    secret:
553
                      type: string
554
                      example: 'secret for bookTitle77'
555
        '401':
556
          description: User not authorized
557
          content:
558
            application/json:
559
              schema:
560
                type: object
561
                properties:
562
                  status:
563
                    type: string
564
                    enum: ['fail']
565
                    example: 'fail'
566
                  message:
567
                    type: string
568
                    example: 'Invalid Token'
569
        '404':
570
          description: Book not found
571
          content:
572
            application/json:
573
              schema:
574
                type: object
575
                properties:
576
                  status:
577
                    type: string
578
                    enum: ['fail']
579
                    example: 'fail'
580
                  message:
581
                    type: string
582
                    example: 'Book not found!'
583
Product

Resources

Company
