{ "swagger": "2.0", "info": { "description": "AuthMS 统一密钥管理服务,提供密钥的集中存储、版本管理、轮换和吊销功能", "title": "Secret Service API", "contact": {}, "version": "1.0.0" }, "basePath": "/api/v1", "paths": { "/admin/secrets": { "get": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "管理端分页列出密钥。支持按前缀过滤和状态过滤,返回密钥列表及分页信息。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "列出密钥", "parameters": [ { "type": "string", "description": "前缀过滤", "name": "prefix", "in": "query" }, { "type": "string", "description": "状态过滤", "name": "status", "in": "query" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页数量", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "密钥列表", "schema": { "$ref": "#/definitions/dto.ListResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "资源不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "管理端创建新密钥", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "创建密钥", "parameters": [ { "description": "密钥信息", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.StoreSecretRequest" } } ], "responses": { "201": { "description": "创建的密钥", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } } } } }, "/admin/secrets/batch-delete": { "post": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "批量软删除多个密钥。每个密钥独立处理,部分失败不影响其他密钥。软删除后数据保留至清理期后永久删除。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "批量删除密钥", "parameters": [ { "description": "批量删除请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchRevokeRequest" } } ], "responses": { "200": { "description": "删除结果", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_BatchResult" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "资源不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/batch-revoke": { "post": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "批量吊销多个密钥。每个密钥独立处理,部分失败不影响其他密钥。返回成功和失败的密钥列表。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "批量吊销密钥", "parameters": [ { "description": "批量吊销请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchRevokeRequest" } } ], "responses": { "200": { "description": "吊销结果", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_BatchResult" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "资源不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/detail": { "get": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "管理端获取密钥详情,包含元数据(描述、创建时间、更新时间)和所有版本信息。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "获取密钥详情", "parameters": [ { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true } ], "responses": { "200": { "description": "密钥详情及版本列表", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretDetailResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "密钥不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/encryption-keys": { "get": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "获取系统当前的加密密钥信息,包括 AES 加密密钥的标识、算法和状态。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "获取加密密钥列表", "responses": { "200": { "description": "加密密钥信息", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_EncryptionKeysDetailResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "资源不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/jwt/keys": { "get": { "security": [ { "InternalAPIKeyAuth": [] } ], "description": "列出所有 JWT 密钥及相关信息,包括密钥类型(RSA/EC)、算法(RS256/ES256)、指纹、创建时间和状态等。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "列出 JWT 密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true } ], "responses": { "200": { "description": "JWT 密钥列表", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTKeysListResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/policy": { "get": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "获取当前租户的密钥管理策略配置,包括自动轮换周期、最小密钥长度、版本保留数等策略参数。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "获取密钥策略", "responses": { "200": { "description": "策略配置", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretPolicyResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "策略不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "put": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "创建或更新当前租户的密钥管理策略配置。支持配置自动轮换周期、最小密钥长度、版本保留数等参数。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "更新密钥策略", "parameters": [ { "description": "策略配置", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretPolicyRequest" } } ], "responses": { "200": { "description": "更新后的策略", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretPolicyResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "资源不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "delete": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "删除当前租户的密钥管理策略配置。删除后服务将使用系统默认策略。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "删除密钥策略", "responses": { "200": { "description": "删除成功", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "策略不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/revoke": { "post": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "管理端吊销密钥,将状态设为 revoked。吊销后密钥值不可再获取,已有版本保留审计记录。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "吊销密钥", "parameters": [ { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true } ], "responses": { "200": { "description": "ok", "schema": { "type": "string" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "密钥不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/rotate": { "post": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "管理端轮换密钥值,创建新版本。旧版本保留用于回滚和审计追溯。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "轮换密钥", "parameters": [ { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true }, { "description": "新密钥值", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.RotateSecretRequest" } } ], "responses": { "200": { "description": "轮换后的密钥信息", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "密钥不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "409": { "description": "密钥版本冲突", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/update": { "post": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "管理端更新密钥的描述和/或元数据。至少提供一个更新字段。仅更新元信息,不改变密钥值。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "更新密钥元数据", "parameters": [ { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true }, { "description": "更新信息", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.UpdateSecretRequest" } } ], "responses": { "200": { "description": "更新后的密钥信息", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "密钥不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/versions": { "get": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "管理端列出密钥的所有历史版本,按版本号降序排列,包含每个版本的状态和创建时间。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "列出密钥版本", "parameters": [ { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true } ], "responses": { "200": { "description": "密钥版本列表", "schema": { "$ref": "#/definitions/dto.DataResponse-array_gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretVersionResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "密钥不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/versions/value": { "post": { "security": [ { "ApiKeyAuth": [] }, { "bearerAuth": [] } ], "description": "管理端获取指定版本的密钥明文值。返回密钥值、版本号及状态。读取后密钥值会在内存中安全擦除。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "获取版本密钥值", "parameters": [ { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true }, { "description": "版本号", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretVersionQuery" } } ], "responses": { "200": { "description": "指定版本的密钥明文值", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretValueResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "密钥或版本不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/secrets/{key}": { "delete": { "security": [ { "bearerAuth": [] } ], "description": "管理端删除单个密钥", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "删除密钥", "parameters": [ { "type": "string", "description": "密钥路径", "name": "key", "in": "path", "required": true } ], "responses": { "200": { "description": "ok", "schema": { "type": "string" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } }, "403": { "description": "禁止访问", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } }, "404": { "description": "密钥不存在", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.SimpleResponse" } } } } }, "/internal/jwt/keys": { "get": { "security": [ { "InternalAPIKeyAuth": [] } ], "description": "列出所有 JWT 密钥及相关信息,包括密钥类型(RSA/EC)、算法(RS256/ES256)、指纹、创建时间和状态等。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "列出 JWT 密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true } ], "responses": { "200": { "description": "JWT 密钥列表", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTKeysListResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/jwt/private-key": { "get": { "security": [ { "InternalAPIKeyAuth": [] } ], "description": "获取 JWT RS256 签名私钥(PEM 格式)。仅内部服务调用,用于签发 JWT Token。自动生成或使用已存储的 RSA 2048 位密钥对。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "获取 JWT 签名私钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true } ], "responses": { "200": { "description": "JWT 签名私钥", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTKeyResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/jwt/rotate": { "post": { "security": [ { "InternalAPIKeyAuth": [] } ], "description": "轮换 JWT RS256 密钥对,生成新的 RSA 2048 位密钥对并返回新私钥。旧公钥保留用于验证过渡期,旧私钥安全擦除。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "轮换 JWT 签名密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true } ], "responses": { "200": { "description": "新生成的 JWT 密钥对", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTKeyResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/secrets": { "get": { "security": [ { "ApiKeyAuth": [] } ], "description": "通过内部 API 分页列出密钥。支持按前缀过滤,返回密钥列表及分页信息。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "列出密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true }, { "type": "string", "description": "前缀过滤", "name": "prefix", "in": "query" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页数量", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "密钥列表", "schema": { "$ref": "#/definitions/dto.ListResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "ApiKeyAuth": [] } ], "description": "通过内部 API 存储密钥。支持设置密钥路径、值、描述、TTL 及元数据。返回创建的密钥信息。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "存储密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true }, { "description": "密钥信息", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.StoreSecretRequest" } } ], "responses": { "201": { "description": "创建的密钥信息", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/secrets/batch": { "post": { "security": [ { "ApiKeyAuth": [] } ], "description": "通过内部 API 批量获取多个密钥的明文值。返回每个密钥的值或错误信息,部分失败不影响其他密钥获取。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "批量获取密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true }, { "description": "密钥路径列表", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchGetRequest" } } ], "responses": { "200": { "description": "批量获取结果", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_BatchGetResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/secrets/revoke": { "post": { "security": [ { "ApiKeyAuth": [] } ], "description": "通过内部 API 吊销密钥,将状态设为 revoked。吊销后密钥值不可再获取。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "内部吊销密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true }, { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true } ], "responses": { "200": { "description": "ok", "schema": { "type": "string" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/secrets/rotate": { "post": { "security": [ { "ApiKeyAuth": [] } ], "description": "通过内部 API 轮换密钥值,创建新版本。旧版本保留用于回滚。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "内部轮换密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true }, { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true }, { "description": "新密钥值", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.RotateSecretRequest" } } ], "responses": { "200": { "description": "轮换后的密钥信息", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/secrets/update": { "post": { "security": [ { "ApiKeyAuth": [] } ], "description": "通过内部 API 更新密钥的描述和/或元数据。至少提供一个更新字段。仅更新元信息,不改变密钥值。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "内部更新密钥元数据", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true }, { "type": "string", "description": "密钥路径", "name": "key", "in": "query", "required": true }, { "description": "更新信息", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.UpdateSecretRequest" } } ], "responses": { "200": { "description": "更新后的密钥信息", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/secrets/{key}": { "get": { "security": [ { "ApiKeyAuth": [] } ], "description": "通过内部 API 获取密钥明文值。需要 X-API-Key 和 X-Tenant-ID header。返回密钥值、版本号及状态信息。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "获取密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true }, { "type": "string", "description": "密钥路径", "name": "key", "in": "path", "required": true } ], "responses": { "200": { "description": "密钥明文值及版本信息", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretValueResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "delete": { "security": [ { "ApiKeyAuth": [] } ], "description": "通过内部 API 软删除密钥。密钥标记为已删除状态,数据保留至清理期后永久删除。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "删除密钥", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "type": "string", "description": "租户 ID", "name": "X-Tenant-ID", "in": "header", "required": true }, { "type": "string", "description": "密钥路径", "name": "key", "in": "path", "required": true } ], "responses": { "200": { "description": "ok", "schema": { "type": "string" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未授权", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/transmission/decrypt": { "post": { "security": [ { "InternalAPIKeyAuth": [] } ], "description": "用 transmission RSA 私钥解密前端 RSA-OAEP 加密的密码。仅内部服务调用。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务 - 内部接口" ], "summary": "解密传输密码", "parameters": [ { "type": "string", "description": "内部 API 密钥", "name": "X-API-Key", "in": "header", "required": true }, { "description": "解密请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.TransmissionDecryptRequest" } } ], "responses": { "200": { "description": "解密后的明文密码", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_TransmissionDecryptResponse" } } } } }, "/public/jwt/public-key": { "get": { "description": "获取 JWT RS256 验证公钥(PEM 格式)。公开端点,无需认证,用于验证 JWT Token 签名。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "获取 JWT 验证公钥", "responses": { "200": { "description": "JWT 验证公钥", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTPublicKeyResponse" } }, "400": { "description": "请求参数错误", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/public/transmission/public-key": { "get": { "description": "获取用于密码非对称加密传输的 RSA-2048 公钥(PEM 格式)。公开端点,无需认证。前端用此公钥执行 RSA-OAEP 加密后传输密码。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "密钥服务" ], "summary": "获取密码传输公钥", "responses": { "200": { "description": "密码传输公钥", "schema": { "$ref": "#/definitions/dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTPublicKeyResponse" } }, "500": { "description": "服务器内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } } }, "definitions": { "dto.DataResponse-array_gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretVersionResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "type": "array", "items": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretVersionResponse" } }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_BatchGetResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchGetResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_BatchResult": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchResult" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_EncryptionKeysDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.EncryptionKeysDetailResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTKeyResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.JWTKeyResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTKeysListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.JWTKeysListResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_JWTPublicKeyResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.JWTPublicKeyResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretDetailResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretPolicyResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretPolicyResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretValueResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretValueResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_TransmissionDecryptResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.TransmissionDecryptResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.FieldViolation": { "type": "object", "properties": { "code": { "description": "Code 是错误代码(可选)\n用于程序识别错误类型,如 \"required\", \"format\", \"range\"", "type": "string" }, "description": { "description": "Description 是人类可读的错误描述\n应该说明违反了什么规则,如 \"必须是一个有效的邮箱地址\"", "type": "string" }, "field": { "description": "Field 是错误字段的路径\n使用点号表示嵌套字段,如 \"user.email\" 或 \"addresses[0].city\"", "type": "string" }, "value": { "description": "Value 是导致错误的值(可选,开发模式下使用)\n生产环境可能不返回此字段以避免泄露敏感信息" } } }, "dto.ListResponse-gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto_SecretResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PageInfo": { "type": "object", "properties": { "has_next": { "description": "HasNext indicates whether there is a next page", "type": "boolean" }, "has_prev": { "description": "HasPrev indicates whether there is a previous page", "type": "boolean" }, "page": { "description": "Page is the current page number (1-based)", "type": "integer" }, "page_size": { "description": "PageSize is the number of items per page", "type": "integer" }, "total": { "description": "Total is the total number of items across all pages", "type": "integer" }, "total_pages": { "description": "TotalPages is the total number of pages", "type": "integer" } } }, "dto.Problem": { "type": "object", "properties": { "code": { "description": "Code 是业务错误码\n用于程序处理特定错误场景\n示例:30101001", "type": "integer" }, "detail": { "description": "Detail 是针对此具体错误实例的人类可读解释\n可以包含具体的错误细节,如\"Field 'email' is required\"", "type": "string" }, "errors": { "description": "Errors 是字段级验证错误列表(扩展字段)\n遵循 Web API 标准实践,每个错误包含字段名和错误信息", "type": "array", "items": { "$ref": "#/definitions/dto.FieldViolation" } }, "i18n_args": { "description": "I18nArgs 是国际化参数\n用于动态填充翻译模板", "type": "object", "additionalProperties": {} }, "i18n_key": { "description": "I18nKey 是国际化键\n用于客户端本地化错误消息\n示例:\"error.user_not_found\"", "type": "string" }, "instance": { "description": "Instance 是发生问题的具体URI引用\n通常是请求的URL,可能包含查询参数\n示例:\"/api/v1/users?limit=invalid\"", "type": "string" }, "request_id": { "description": "RequestID 是请求唯一标识\n用于日志关联和问题追踪\n示例:\"req_550e8400-e29b-41d4-a716-446655440000\"", "type": "string" }, "retry_after": { "description": "RetryAfter 用于 429 Too Many Requests 响应\n指示客户端应在多少秒后重试请求(RFC 6585)", "type": "integer" }, "service": { "description": "Service 是服务名\n用于微服务架构中定位错误来源\n示例:\"auth-service\"", "type": "string" }, "span_id": { "description": "SpanID 是当前 span 标识\n用于精确定位分布式链路中的当前节点", "type": "string" }, "status": { "description": "Status 是产生的HTTP状态码\n用于客户端区分问题类型,不随Accept-Language变化\n示例:400, 401, 403, 404, 500", "type": "integer" }, "timestamp": { "description": "Timestamp 是错误发生时间\nISO 8601 格式\n示例:\"2026-04-03T12:00:00Z\"", "type": "string" }, "title": { "description": "Title 是简短、人类可读的问题类型摘要\n相同的 Type 应该始终有相同的 Title(不随实例变化)\n示例:\"Invalid Request Parameters\"", "type": "string" }, "trace_id": { "description": "TraceID 是分布式追踪标识\n遵循 W3C Trace Context 标准\n示例:\"00-0af7651916cd43dd8448eb211c80319c-b7ad6b7169203331-01\"", "type": "string" }, "type": { "description": "Type 是标识问题类型的URI引用\n当该URI被解引用时,应提供人类可读的文档\n示例:\"https://api.example.com/errors/invalid-request\"", "type": "string" } } }, "dto.SimpleResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchGetRequest": { "type": "object", "required": [ "keys" ], "properties": { "keys": { "type": "array", "items": { "type": "string" } } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchGetResponse": { "type": "object", "properties": { "errors": { "type": "array", "items": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretErrorResponse" } }, "values": { "type": "array", "items": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretValueResponse" } } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchKeyError": { "type": "object", "properties": { "error": { "type": "string" }, "key": { "type": "string" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchResult": { "type": "object", "properties": { "errors": { "type": "array", "items": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchKeyError" } }, "succeeded": { "type": "array", "items": { "type": "string" } } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.BatchRevokeRequest": { "type": "object", "required": [ "keys" ], "properties": { "keys": { "type": "array", "maxItems": 100, "minItems": 1, "items": { "type": "string" } } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.EncryptionKeyInfo": { "type": "object", "properties": { "algorithm": { "type": "string" }, "key_id": { "type": "string" }, "secrets_count": { "type": "integer" }, "services_using": { "type": "array", "items": { "type": "string" } }, "status": { "type": "string" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.EncryptionKeysDetailResponse": { "type": "object", "properties": { "keys": { "type": "array", "items": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.EncryptionKeyInfo" } } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.JWTKeyInfo": { "type": "object", "properties": { "algorithm": { "type": "string" }, "created_at": { "type": "string" }, "fingerprint": { "type": "string" }, "has_private_key": { "type": "boolean" }, "has_public_key": { "type": "boolean" }, "key_id": { "type": "string" }, "key_size": { "type": "integer" }, "key_type": { "type": "string" }, "status": { "type": "string" }, "updated_at": { "type": "string" }, "version": { "type": "integer" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.JWTKeyResponse": { "type": "object", "properties": { "private_key": { "type": "string", "example": "-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.JWTKeysListResponse": { "type": "object", "properties": { "keys": { "type": "array", "items": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.JWTKeyInfo" } } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.JWTPublicKeyResponse": { "type": "object", "properties": { "public_key": { "type": "string", "example": "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.RotateSecretRequest": { "type": "object", "required": [ "value" ], "properties": { "value": { "type": "string" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretDetailResponse": { "type": "object", "properties": { "app_id": { "type": "string" }, "created_at": { "type": "string", "example": "2025-01-15T10:30:00Z" }, "description": { "type": "string", "example": "JWT signing key" }, "expires_at": { "type": "string" }, "id": { "type": "string", "example": "sec_abc123" }, "key": { "type": "string", "example": "jwt_secret" }, "metadata": { "type": "object", "additionalProperties": true }, "notify_before": { "type": "integer" }, "status": { "type": "string", "example": "active" }, "updated_at": { "type": "string" }, "version": { "type": "integer", "example": 1 }, "versions": { "type": "array", "items": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretVersionResponse" } } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretErrorResponse": { "type": "object", "properties": { "error": { "type": "string", "example": "secret not found" }, "key": { "type": "string", "example": "missing.secret" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretPolicyRequest": { "type": "object", "properties": { "auto_rotate_days": { "type": "integer" }, "default_ttl": { "$ref": "#/definitions/time.Duration" }, "max_ttl": { "$ref": "#/definitions/time.Duration" }, "max_versions": { "type": "integer" }, "notification_days_before": { "type": "integer" }, "require_rotation_for_fallback_keys": { "type": "boolean" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretPolicyResponse": { "type": "object", "properties": { "auto_rotate_days": { "type": "integer" }, "default_ttl": { "$ref": "#/definitions/time.Duration" }, "max_ttl": { "$ref": "#/definitions/time.Duration" }, "max_versions": { "type": "integer" }, "notification_days_before": { "type": "integer" }, "require_rotation_for_fallback_keys": { "type": "boolean" }, "tenant_id": { "type": "string" }, "updated_at": { "type": "string" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretResponse": { "type": "object", "properties": { "app_id": { "type": "string" }, "created_at": { "type": "string", "example": "2025-01-15T10:30:00Z" }, "description": { "type": "string", "example": "JWT signing key" }, "expires_at": { "type": "string" }, "id": { "type": "string", "example": "sec_abc123" }, "key": { "type": "string", "example": "jwt_secret" }, "metadata": { "type": "object", "additionalProperties": true }, "notify_before": { "type": "integer" }, "status": { "type": "string", "example": "active" }, "updated_at": { "type": "string" }, "version": { "type": "integer", "example": 1 } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretValueResponse": { "type": "object", "properties": { "encoding": { "type": "string", "example": "utf-8" }, "key": { "type": "string", "example": "jwt_secret" }, "status": { "type": "string" }, "value": { "type": "string", "example": "my-secret-value" }, "version": { "type": "integer" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretVersionQuery": { "type": "object", "required": [ "version" ], "properties": { "version": { "type": "integer" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.SecretVersionResponse": { "type": "object", "properties": { "created_at": { "type": "string", "example": "2025-01-15T10:30:00Z" }, "created_by": { "type": "string" }, "version": { "type": "integer", "example": 1 } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.StoreSecretRequest": { "type": "object", "required": [ "key", "value" ], "properties": { "description": { "type": "string", "maxLength": 1024 }, "expires_at": { "type": "string" }, "key": { "type": "string", "maxLength": 512 }, "metadata": { "type": "object", "additionalProperties": true }, "notify_before": { "type": "integer" }, "value": { "type": "string" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.TransmissionDecryptRequest": { "type": "object", "required": [ "ciphertext" ], "properties": { "ciphertext": { "description": "base64(RSA-OAEP encrypted password)", "type": "string" }, "key_id": { "description": "公钥 ID (预留多密钥支持)", "type": "string" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.TransmissionDecryptResponse": { "type": "object", "properties": { "plaintext": { "type": "string" } } }, "gitee_com_linmes_authms_micro-services_secret-service_internal_handler_dto.UpdateSecretRequest": { "type": "object", "properties": { "description": { "type": "string", "maxLength": 1024 }, "expires_at": { "type": "string" }, "metadata": { "type": "object", "additionalProperties": true }, "notify_before": { "type": "integer" }, "value": { "type": "string" } } }, "time.Duration": { "type": "integer", "enum": [ -9223372036854775808, 9223372036854775807, 1, 1000, 1000000, 1000000000, 60000000000, 3600000000000 ], "x-enum-varnames": [ "minDuration", "maxDuration", "Nanosecond", "Microsecond", "Millisecond", "Second", "Minute", "Hour" ] } }, "securityDefinitions": { "ApiKeyAuth": { "type": "apiKey", "name": "X-API-Key", "in": "header" }, "bearerAuth": { "description": "Type \"Bearer\" followed by a space and JWT token.", "type": "apiKey", "name": "Authorization", "in": "header" } }, "tags": [ { "description": "密钥管理:创建、轮换、撤销、版本管理", "name": "密钥服务" }, { "description": "JWT 签名密钥管理:RSA密钥对生成与轮换", "name": "jwt-keys" } ] }