# Copyright 2017 Travis Ralston
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
swagger: '2.0'
info:
  title: "Matrix Client-Server Account Identification API"
  version: "1.0.0"
host: localhost:8008
schemes:
  - https
  - http
basePath: /_matrix/client/%CLIENT_MAJOR_VERSION%
produces:
  - application/json
securityDefinitions:
  $ref: definitions/security.yaml
paths:
  "/account/whoami":
    get:
      summary: Gets information about the owner of an access token.
      description: |-
        Gets information about the owner of a given access token. 
        
        If the owner of the access token is an application service,
        the server should return the user ID making the request. The
        user ID making the request can be determined by checking to
        see if the ``user_id`` query parameter was also supplied. If
        the parameter is not present, the default application service
        user ID should be used (defined as the ``sender_localpart``
        in the registration). If the parameter is present, the given
        user ID should be verified to be both registered and in the
        application service's namespace.
      operationId: getTokenOwner
      security:
        - accessToken: []
      parameters:
        # TODO: Break this out to a template or something (and apply it everywhere)
        - in: query
          name: user_id
          type: string
          required: false
          description: |-
            The user ID to masquerade as. Only applies to application services.
      responses:
        200:
          description:
            The token belongs to a known user.
          examples:
            application/json: {
              "user_id": "@joe:example.org"
            }
          schema:
            type: object
            required: ["user_id"]
            properties:
              user_id:
                type: string
                description: The user id that owns the access token.
        401:
          description:
            The token is not recongized
          examples:
            application/json: {
              "errcode": "M_UNKNOWN_TOKEN",
              "error": "Unrecongised access token."
            }
          schema:
            "$ref": "definitions/error.yaml"
        403:
          description:
            The appservice cannot masquerade as the user or has not registered them.
          examples:
            application/json: {
              "errcode": "M_FORBIDDEN",
              "error": "Application service has not registered this user."
            }
          schema:
            "$ref": "definitions/error.yaml"
        429:
          description: This request was rate-limited.
          schema:
            "$ref": "definitions/error.yaml"
      tags:
        - User data