Skip to content

Commit 72c2141

Browse files
docs: apply CI-rendered README for the amended HISTORY entries
1 parent 7367413 commit 72c2141

2 files changed

Lines changed: 22 additions & 10 deletions

File tree

spp_api_v2/README.rst

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -158,11 +158,17 @@ Changelog
158158
- Auth middleware: replace the plain ``HTTPBearer`` scheme with an
159159
OAuth2 client-credentials security scheme so the OpenAPI document
160160
advertises the token endpoint and consumers (Swagger UI, QGIS, etc.)
161-
can discover how to authenticate; strip the ``Bearer`` prefix from the
162-
raw Authorization header value
163-
- Bundle schemas: document ``BundleEntry.resource`` as a polymorphic
164-
Individual/Group body instead of an opaque dict, so bundle payloads
165-
are fully described in the OpenAPI document
161+
can discover how to authenticate. The advertised ``tokenUrl`` is
162+
absolutized against the endpoint's mount path at generation time so
163+
strict RFC 3986 clients resolve it correctly. The ``Bearer`` prefix is
164+
stripped from the Authorization header when present; a raw token
165+
without the prefix is also accepted
166+
- Bundle schemas: registrant-serving endpoints document bundle entries
167+
as polymorphic Individual/Group bodies via new
168+
``RegistrantBundle``/``RegistrantBundleEntry`` subtypes, so their
169+
payloads are fully described in the OpenAPI document; the shared
170+
``BundleEntry`` stays generic because other modules reuse it for
171+
non-registrant resources
166172
- Add OpenAPI contract tests covering bundle schema rendering, the
167173
polymorphic utilities, and the overall OpenAPI document contract
168174

spp_api_v2/static/description/index.html

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -539,11 +539,17 @@ <h3><a class="toc-backref" href="#toc-entry-2">19.0.2.1.0</a></h3>
539539
<li>Auth middleware: replace the plain <tt class="docutils literal">HTTPBearer</tt> scheme with an
540540
OAuth2 client-credentials security scheme so the OpenAPI document
541541
advertises the token endpoint and consumers (Swagger UI, QGIS, etc.)
542-
can discover how to authenticate; strip the <tt class="docutils literal">Bearer</tt> prefix from the
543-
raw Authorization header value</li>
544-
<li>Bundle schemas: document <tt class="docutils literal">BundleEntry.resource</tt> as a polymorphic
545-
Individual/Group body instead of an opaque dict, so bundle payloads
546-
are fully described in the OpenAPI document</li>
542+
can discover how to authenticate. The advertised <tt class="docutils literal">tokenUrl</tt> is
543+
absolutized against the endpoint’s mount path at generation time so
544+
strict RFC 3986 clients resolve it correctly. The <tt class="docutils literal">Bearer</tt> prefix is
545+
stripped from the Authorization header when present; a raw token
546+
without the prefix is also accepted</li>
547+
<li>Bundle schemas: registrant-serving endpoints document bundle entries
548+
as polymorphic Individual/Group bodies via new
549+
<tt class="docutils literal">RegistrantBundle</tt>/<tt class="docutils literal">RegistrantBundleEntry</tt> subtypes, so their
550+
payloads are fully described in the OpenAPI document; the shared
551+
<tt class="docutils literal">BundleEntry</tt> stays generic because other modules reuse it for
552+
non-registrant resources</li>
547553
<li>Add OpenAPI contract tests covering bundle schema rendering, the
548554
polymorphic utilities, and the overall OpenAPI document contract</li>
549555
</ul>

0 commit comments

Comments
 (0)