feat: Add OpenAPI documentation on controller OAuth2ProviderController web routes

[matiasperrone-exo]

Task:

Ref: https://app.clickup.com/t/86b7fjj9a

Summary by CodeRabbit

Release Notes

• Documentation
  • Added comprehensive OpenAPI/Swagger API documentation for all OAuth2 and OpenID Connect provider endpoints, including authorization, token, revocation, introspection, and discovery operations.
  • Documented complete request and response schemas for OAuth2 flows and token operations.
  • Added authentication scheme definitions for OAuth2 client credentials flow and HTTP Basic authentication.

[martinquiroga-exo]

LGTM

@matiasperrone-exo please add clickup card link to this PR

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This PR adds comprehensive OpenAPI/Swagger documentation to OAuth2/OIDC provider endpoints through PHP attribute annotations and new schema definition classes. No functional logic is modified; changes are purely documentation and API specification related.

Changes

Cohort / File(s)	Summary
OAuth2 Controller Annotations app/Http/Controllers/OAuth2/OAuth2ProviderController.php	Adds OpenAPI attribute annotations to document OAuth2/OIDC endpoints (/oauth2/auth, /oauth2/token, /oauth2/revoke, /oauth2/introspection, /oauth2/certs, /.well-known/openid-configuration, session end) with request/response schemas, parameters, and HTTP status codes.
Response Schema Definitions app/Swagger/OAuth2ProviderControllerSchemas.php	Defines five response schema classes: OAuth2TokenResponseSchema, OAuth2ErrorResponseSchema, OAuth2IntrospectionResponseSchema, JWKSResponseSchema, and OpenIDDiscoveryResponseSchema documenting token responses, error formats, introspection responses, JWKS, and OIDC discovery documents.
Request Schema Definitions app/Swagger/Requests/OAuth2AuthorizationRequestSchema.php, OAuth2EndSessionRequestSchema.php, OAuth2TokenIntrospectionRequestSchema.php, OAuth2TokenRequestSchema.php, OAuth2TokenRevocationRequestSchema.php	Adds five request schema classes documenting OAuth2/OIDC request payloads for authorization, session termination, token introspection, token requests, and token revocation with required/optional parameters and enum constraints.
Security Scheme Definitions app/Swagger/Security/OAuth2ProviderControllerSecuritySchema.php	Introduces two security scheme definitions: OAuth2 client credentials flow and HTTP Basic authentication for protecting protocol endpoints.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Documentation blooms, so clear and bright,
OAuth2 flows now shine in OpenAPI light,
Request and response schemas dance in a row,
Security schemes stand guard, a rabbity show! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 34.73% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding OpenAPI documentation annotations to the OAuth2ProviderController web routes, which is the primary focus of all file modifications.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/openapi----web---oauth2providercontroller

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[matiasperrone-exo]

Rebased

[github-actions]

📘 OpenAPI / Swagger preview

➡️ https://OpenStackweb.github.io/openstackid/openapi/pr-113/

This page is automatically updated on each push to this PR.

[martinquiroga-exo]

@matiasperrone-exo please see comments and please sign your commits or PR will be rejected.

Also, as a final note, PUT, PATCH, and DELETE are documented for /oauth2/auth but are not part of OAuth2/OIDC, so I'm not sure if they are needed but I defer to you.

[github-actions]

📘 OpenAPI / Swagger preview

➡️ https://OpenStackweb.github.io/openstackid/openapi/pr-113/

This page is automatically updated on each push to this PR.

[github-actions]

📘 OpenAPI / Swagger preview

➡️ https://OpenStackweb.github.io/openstackid/openapi/pr-113/

This page is automatically updated on each push to this PR.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@app/Swagger/OAuth2ProviderControllerSchemas.php`:
- Around line 7-172: The response schemas are missing RFC-required "required"
arrays; update the OA\Schema annotations for OAuth2TokenResponseSchema to
include required: ['access_token','token_type'], for
OAuth2IntrospectionResponseSchema add required: ['active'], for
JWKSResponseSchema add required: ['keys'], and for OpenIDDiscoveryResponseSchema
add required:
['issuer','authorization_endpoint','token_endpoint','jwks_uri','response_types_supported','subject_types_supported','id_token_signing_alg_values_supported']
by adding the required key to each corresponding #[OA\Schema(...)] attribute so
the generated docs include the mandated required fields.

In `@app/Swagger/Security/OAuth2ProviderControllerSecuritySchema.php`:
- Line 14: The Swagger OAuth2 security schema is using
L5_SWAGGER_CONST_TOKEN_URL which defaults to http://localhost/oauth/token but
your actual endpoint is /oauth2/token; update the constant value or document the
required env override so the tokenUrl points to /oauth2/token (or the correct
full URL) — locate the usage in OAuth2ProviderControllerSecuritySchema.php
referencing L5_SWAGGER_CONST_TOKEN_URL and change the configuration/ENV (or the
default in the l5-swagger config) so the swagger Authorize flow targets
/oauth2/token.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 601a3165-be20-415f-abe8-e4fa29f5c8c5

📥 Commits

Reviewing files that changed from the base of the PR and between db9f777 and 9448328.

📒 Files selected for processing (8)

• app/Http/Controllers/OAuth2/OAuth2ProviderController.php
• app/Swagger/OAuth2ProviderControllerSchemas.php
• app/Swagger/Requests/OAuth2AuthorizationRequestSchema.php
• app/Swagger/Requests/OAuth2EndSessionRequestSchema.php
• app/Swagger/Requests/OAuth2TokenIntrospectionRequestSchema.php
• app/Swagger/Requests/OAuth2TokenRequestSchema.php
• app/Swagger/Requests/OAuth2TokenRevocationRequestSchema.php
• app/Swagger/Security/OAuth2ProviderControllerSecuritySchema.php

[matiasperrone-exo]

@martinquiroga-exo please review again. All PR's requested changes and additional AI comments were added.

[github-actions]

📘 OpenAPI / Swagger preview

➡️ https://OpenStackweb.github.io/openstackid/openapi/pr-113/

This page is automatically updated on each push to this PR.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@app/Http/Controllers/OAuth2/OAuth2ProviderController.php`:
- Around line 431-440: The operationId value inside the OA\Get for the
'/oauth2/.well-known/openid-configuration' endpoint is garbled
("OAclient_secretuth2OpenIdDiscovery"); replace it with a proper camelCase
identifier such as "oauth2OpenIdDiscovery" in that OA\Get annotation, and also
change the sibling operationId "OpenIdDiscovery" (earlier in the file) to
"openIdDiscovery" to maintain camelCase consistency with other operationIds like
oauth2Token and oauth2RevokeToken.
- Around line 301-320: The OpenAPI security annotation is incorrect for the
token revoke/introspection/end-session endpoints: OAuth2ProviderSecurity (oauth2
clientCredentials) implies a Bearer token but the implementation
(ClientService::getCurrentClientAuthInfo) accepts HTTP Basic or
client_id/client_secret form params and end-session uses
id_token_hint/client_id; fix by adding a new HTTP Basic security scheme named
OAuth2ProviderClientBasic (type=http, scheme=basic, description per RFC 6749
§2.3.1) and update the annotations on the OAuth2ProviderController operations
for /oauth2/token/revoke and /oauth2/token/introspection to allow either the
OAuth2ProviderClientBasic or existing OAuth2ProviderSecurity (i.e., list both in
the security array), and remove the security annotation entirely from the
/oauth2/end-session operation so that authentication remains documented via
id_token_hint/client_id form/query params.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c11200a1-3918-4c70-8ae4-5eb3bc1ca968

📥 Commits

Reviewing files that changed from the base of the PR and between 9448328 and 03c7efc.

📒 Files selected for processing (4)

• app/Http/Controllers/OAuth2/OAuth2ProviderController.php
• app/Swagger/OAuth2ProviderControllerSchemas.php
• app/Swagger/Requests/OAuth2AuthorizationRequestSchema.php
• app/Swagger/Requests/OAuth2TokenIntrospectionRequestSchema.php

✅ Files skipped from review due to trivial changes (1)

• app/Swagger/Requests/OAuth2AuthorizationRequestSchema.php

🚧 Files skipped from review as they are similar to previous changes (1)

• app/Swagger/OAuth2ProviderControllerSchemas.php

[matiasperrone]

@matiasperrone-exo please see comments and please sign your commits or PR will be rejected.

Also, as a final note, PUT, PATCH, and DELETE are documented for /oauth2/auth but are not part of OAuth2/OIDC, so I'm not sure if they are needed but I defer to you.

fixed

[github-actions]

📘 OpenAPI / Swagger preview

➡️ https://OpenStackweb.github.io/openstackid/openapi/pr-113/

This page is automatically updated on each push to this PR.

[matiasperrone-exo]

@martinquiroga-exo please review again

[coderabbitai]

♻️ Duplicate comments (1)

app/Http/Controllers/OAuth2/OAuth2ProviderController.php (1)

426-426: ⚠️ Potential issue | 🟡 Minor

Stale "Also available at …" sentence still present in description.

A previous review asked to remove Also available at /oauth2/.well-known/openid-configuration. from this description to avoid inconsistency, and the reply was "done" — but the sentence is still here.

✏️ Proposed fix

-        description: 'Returns the OpenID Provider Configuration document per OpenID Connect Discovery 1.0. Also available at /oauth2/.well-known/openid-configuration.',
+        description: 'Returns the OpenID Provider Configuration document per OpenID Connect Discovery 1.0.',

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@app/Http/Controllers/OAuth2/OAuth2ProviderController.php` at line 426, The
description string inside OAuth2ProviderController (the OpenID Provider
Configuration response) still contains the stale sentence "Also available at
/oauth2/.well-known/openid-configuration."; locate the description assignment or
array entry (the string shown in the diff) in OAuth2ProviderController.php and
remove that trailing sentence so the description reads only "Returns the OpenID
Provider Configuration document per OpenID Connect Discovery 1.0." (ensure
punctuation remains correct).

🧹 Nitpick comments (1)

app/Http/Controllers/OAuth2/OAuth2ProviderController.php (1)

258-258: Consider allowing OAuth2ProviderClientBasic on /oauth2/token for consistency.

The sibling /oauth2/token/revoke (line 308) and /oauth2/token/introspection (line 358) endpoints list both OAuth2ProviderClientBasic and OAuth2ProviderSecurity, but /oauth2/token lists only OAuth2ProviderSecurity. The token endpoint accepts HTTP Basic client authentication per RFC 6749 §2.3.1 as well, so Swagger UI should surface that option here too.

🔧 Suggested alignment

-        security: [['OAuth2ProviderSecurity' => []]],
+        security: [['OAuth2ProviderClientBasic' => []], ['OAuth2ProviderSecurity' => []]],

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@app/Http/Controllers/OAuth2/OAuth2ProviderController.php` at line 258, The
OpenAPI security entry for the /oauth2/token operation currently lists only
'OAuth2ProviderSecurity'; update the operation's security array to also include
'OAuth2ProviderClientBasic' so the token endpoint surfaces HTTP Basic client
auth like the sibling endpoints (/oauth2/token/revoke and
/oauth2/token/introspection). Locate the security declaration for the
/oauth2/token operation in OAuth2ProviderController (the entry with security:
[['OAuth2ProviderSecurity' => []]]) and add an additional element for
'OAuth2ProviderClientBasic' to the array.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@app/Http/Controllers/OAuth2/OAuth2ProviderController.php`:
- Line 426: The description string inside OAuth2ProviderController (the OpenID
Provider Configuration response) still contains the stale sentence "Also
available at /oauth2/.well-known/openid-configuration."; locate the description
assignment or array entry (the string shown in the diff) in
OAuth2ProviderController.php and remove that trailing sentence so the
description reads only "Returns the OpenID Provider Configuration document per
OpenID Connect Discovery 1.0." (ensure punctuation remains correct).

---

Nitpick comments:
In `@app/Http/Controllers/OAuth2/OAuth2ProviderController.php`:
- Line 258: The OpenAPI security entry for the /oauth2/token operation currently
lists only 'OAuth2ProviderSecurity'; update the operation's security array to
also include 'OAuth2ProviderClientBasic' so the token endpoint surfaces HTTP
Basic client auth like the sibling endpoints (/oauth2/token/revoke and
/oauth2/token/introspection). Locate the security declaration for the
/oauth2/token operation in OAuth2ProviderController (the entry with security:
[['OAuth2ProviderSecurity' => []]]) and add an additional element for
'OAuth2ProviderClientBasic' to the array.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b9443d97-061c-43d3-8ad1-f82dd57c2e97

📥 Commits

Reviewing files that changed from the base of the PR and between 03c7efc and 4ce765c.

📒 Files selected for processing (2)

• app/Http/Controllers/OAuth2/OAuth2ProviderController.php
• app/Swagger/Security/OAuth2ProviderControllerSecuritySchema.php

[github-actions]

📘 OpenAPI / Swagger preview

➡️ https://OpenStackweb.github.io/openstackid/openapi/pr-113/

This page is automatically updated on each push to this PR.

[github-actions]

📘 OpenAPI / Swagger preview

➡️ https://OpenStackweb.github.io/openstackid/openapi/pr-113/

This page is automatically updated on each push to this PR.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

tests/TwoFactorRepositoriesTest.php (1)

69-76: Add a revoked-device negative case.

This only proves the happy path. It never asserts that getActiveByUserAndIdentifier() / getActiveByUser() exclude revoked devices, so a regression in the is_revoked filter would still pass.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/TwoFactorRepositoriesTest.php` around lines 69 - 76, Add a negative
test asserting revoked devices are excluded: after creating the active device
used in the existing assertions, create or mark a second device as revoked for
$this->user (ensure isRevoked() returns true for that entity), then call
$repo->getActiveByUserAndIdentifier($this->user, $revokedDeviceId) and assert it
returns null/false, and call $repo->getActiveByUser($this->user) and assert the
revoked device is not present in the returned collection; reference the
repository methods getActiveByUserAndIdentifier and getActiveByUser and the
entity method isRevoked to locate where to add these assertions.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@app/libs/Auth/Models/User.php`:
- Around line 2431-2434: The setter setTwoFactorEnabled currently ORs the passed
$enabled with shouldRequire2FA(), making the persisted two_factor_enabled sticky
and preventing disable; change setTwoFactorEnabled(bool $enabled) to only
persist the user's intent (assign $this->two_factor_enabled = $enabled) and keep
shouldRequire2FA() as the separate policy check used when deciding whether to
enforce 2FA at runtime (e.g., in isTwoFactorRequired or authentication flows) so
policy and stored state remain distinct.

In `@database/migrations/Version20260416194357.php`:
- Around line 33-39: Update the migration so it checks each 2FA column
individually before altering the users table: replace the single guard that uses
$builder->hasColumn("users", "two_factor_enabled") with separate checks for
"two_factor_enabled", "two_factor_method", and "two_factor_enforced_at" (use
$builder->hasColumn("users", "<column>") for each) in the up() path before
calling $builder->table(...), and mirror that logic in down() so each column is
only dropped if $builder->hasColumn("users", "<column>") returns false/true as
appropriate; keep using the existing $schema->hasTable("users"),
$builder->table(...) and the Table->boolean, Table->string, Table->dateTime
calls but gate each column operation individually.

---

Nitpick comments:
In `@tests/TwoFactorRepositoriesTest.php`:
- Around line 69-76: Add a negative test asserting revoked devices are excluded:
after creating the active device used in the existing assertions, create or mark
a second device as revoked for $this->user (ensure isRevoked() returns true for
that entity), then call $repo->getActiveByUserAndIdentifier($this->user,
$revokedDeviceId) and assert it returns null/false, and call
$repo->getActiveByUser($this->user) and assert the revoked device is not present
in the returned collection; reference the repository methods
getActiveByUserAndIdentifier and getActiveByUser and the entity method isRevoked
to locate where to add these assertions.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 9671ba06-50da-4fee-a4bd-c759623e9384

📥 Commits

Reviewing files that changed from the base of the PR and between 4ce765c and ab298f3.

📒 Files selected for processing (24)

• app/Http/Controllers/OAuth2/OAuth2ProviderController.php
• app/Repositories/DoctrineTwoFactorAuditLogRepository.php
• app/Repositories/DoctrineUserRecoveryCodeRepository.php
• app/Repositories/DoctrineUserTrustedDeviceRepository.php
• app/Repositories/RepositoriesProvider.php
• app/Swagger/OAuth2ProviderControllerSchemas.php
• app/Swagger/Requests/OAuth2AuthorizationRequestSchema.php
• app/Swagger/Requests/OAuth2EndSessionRequestSchema.php
• app/Swagger/Requests/OAuth2TokenIntrospectionRequestSchema.php
• app/Swagger/Requests/OAuth2TokenRequestSchema.php
• app/Swagger/Requests/OAuth2TokenRevocationRequestSchema.php
• app/Swagger/Security/OAuth2ProviderControllerSecuritySchema.php
• app/libs/Auth/Models/TwoFactorAuditLog.php
• app/libs/Auth/Models/User.php
• app/libs/Auth/Models/UserRecoveryCode.php
• app/libs/Auth/Models/UserTrustedDevice.php
• app/libs/Auth/Repositories/ITwoFactorAuditLogRepository.php
• app/libs/Auth/Repositories/IUserRecoveryCodeRepository.php
• app/libs/Auth/Repositories/IUserTrustedDeviceRepository.php
• config/two_factor.php
• database/migrations/Version20260416194357.php
• phpunit.xml
• tests/TwoFactorRepositoriesTest.php
• tests/unit/UserTwoFactorTest.php

✅ Files skipped from review due to trivial changes (8)

• phpunit.xml
• app/Swagger/Requests/OAuth2TokenIntrospectionRequestSchema.php
• config/two_factor.php
• app/Swagger/Requests/OAuth2TokenRevocationRequestSchema.php
• app/Swagger/Requests/OAuth2TokenRequestSchema.php
• app/Swagger/Security/OAuth2ProviderControllerSecuritySchema.php
• app/Http/Controllers/OAuth2/OAuth2ProviderController.php
• app/Swagger/OAuth2ProviderControllerSchemas.php

🚧 Files skipped from review as they are similar to previous changes (2)

• app/Swagger/Requests/OAuth2EndSessionRequestSchema.php
• app/Swagger/Requests/OAuth2AuthorizationRequestSchema.php

[martinquiroga-exo]

LGTM

[caseylocker]

@matiasperrone-exo Please see unresolved and new comments.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@app/Http/Controllers/OAuth2/OAuth2ProviderController.php`:
- Around line 93-98: The OA\Parameter calls incorrectly include an enum argument
(OA\Parameter(..., enum: [...])), which is unsupported; update the OA\Parameter
invocations for approval_prompt, access_type, response_mode,
code_challenge_method, and display inside the OAuth2ProviderController class to
remove the enum: [...] argument and keep the enum only on the nested
OA\Schema(...) (e.g., new OA\Parameter(..., schema: new OA\Schema(type:
'string', enum: [...]))); ensure no OA\Parameter retains an enum property and
that each corresponding OA\Schema retains the correct enum values.

In `@app/Swagger/Requests/OAuth2AuthorizationRequestSchema.php`:
- Line 20: The OA\Property for 'access_type' in
OAuth2AuthorizationRequestSchema.php allows any string but must match the
controller's constraint (online|offline); update the OA\Property for property:
'access_type' in the OAuth2AuthorizationRequestSchema class to include an enum
with values ['online','offline'] (and keep the default 'online' description) so
the OpenAPI GET/POST schema matches the OAuth2ProviderController's allowed
values.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 0c247a83-700e-4e27-96cb-a3cc05bf1bc2

📥 Commits

Reviewing files that changed from the base of the PR and between ab298f3 and f5d04d0.

📒 Files selected for processing (8)

• app/Http/Controllers/OAuth2/OAuth2ProviderController.php
• app/Swagger/OAuth2ProviderControllerSchemas.php
• app/Swagger/Requests/OAuth2AuthorizationRequestSchema.php
• app/Swagger/Requests/OAuth2EndSessionRequestSchema.php
• app/Swagger/Requests/OAuth2TokenIntrospectionRequestSchema.php
• app/Swagger/Requests/OAuth2TokenRequestSchema.php
• app/Swagger/Requests/OAuth2TokenRevocationRequestSchema.php
• app/Swagger/Security/OAuth2ProviderControllerSecuritySchema.php

✅ Files skipped from review due to trivial changes (4)

• app/Swagger/Requests/OAuth2TokenIntrospectionRequestSchema.php
• app/Swagger/Requests/OAuth2EndSessionRequestSchema.php
• app/Swagger/Security/OAuth2ProviderControllerSecuritySchema.php
• app/Swagger/Requests/OAuth2TokenRevocationRequestSchema.php

🚧 Files skipped from review as they are similar to previous changes (1)

• app/Swagger/OAuth2ProviderControllerSchemas.php

[caseylocker]

@matiasperrone-exo please see comments. Also make sure any commits are signed.

[github-actions]

📘 OpenAPI / Swagger preview

➡️ https://OpenStackweb.github.io/openstackid/openapi/pr-113/

This page is automatically updated on each push to this PR.

[matiasperrone-exo]

@caseylocker all your comments were addressed. Thanks for them.