From 0f8268c93e6210d368f9dcd1900274871a9eacdf Mon Sep 17 00:00:00 2001
From: Thomas Citharel <tcit@tcit.fr>
Date: Sun, 30 Apr 2017 09:16:55 +0200
Subject: Add client_credentials as grant_type

Therefore, username and password are no longer needed

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Allow to have global clients, auth through direct token or auth code and bring scopes

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

fix review

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

remove redirect uri requirement on specific clients

add back password and depreciate it

enforce state

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Allow apps to register themselves

A handful of changes

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

change timeout values

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

set access_token lifetime to 1 year and double for refresh_token

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
---
 src/Wallabag/ApiBundle/Controller/AnnotationRestController.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'src/Wallabag/ApiBundle/Controller/AnnotationRestController.php')

diff --git a/src/Wallabag/ApiBundle/Controller/AnnotationRestController.php b/src/Wallabag/ApiBundle/Controller/AnnotationRestController.php
index 2dd26c07..c524a24c 100644
--- a/src/Wallabag/ApiBundle/Controller/AnnotationRestController.php
+++ b/src/Wallabag/ApiBundle/Controller/AnnotationRestController.php
@@ -4,6 +4,7 @@ namespace Wallabag\ApiBundle\Controller;
 
 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Wallabag\CoreBundle\Entity\Entry;
@@ -21,7 +22,7 @@ class AnnotationRestController extends WallabagRestController
      * )
      *
      * @param Entry $entry
-     *
+     * @Security("has_role('ROLE_READ')")
      * @return JsonResponse
      */
     public function getAnnotationsAction(Entry $entry)
@@ -46,7 +47,7 @@ class AnnotationRestController extends WallabagRestController
      *
      * @param Request $request
      * @param Entry   $entry
-     *
+     * @Security("has_role('ROLE_WRITE')")
      * @return JsonResponse
      */
     public function postAnnotationAction(Request $request, Entry $entry)
@@ -72,7 +73,7 @@ class AnnotationRestController extends WallabagRestController
      *
      * @param Annotation $annotation
      * @param Request    $request
-     *
+     * @Security("has_role('ROLE_WRITE')")
      * @return JsonResponse
      */
     public function putAnnotationAction(Annotation $annotation, Request $request)
@@ -97,7 +98,7 @@ class AnnotationRestController extends WallabagRestController
      * @ParamConverter("annotation", class="WallabagAnnotationBundle:Annotation")
      *
      * @param Annotation $annotation
-     *
+     * @Security("has_role('ROLE_WRITE')")
      * @return JsonResponse
      */
     public function deleteAnnotationAction(Annotation $annotation)
-- 
cgit v1.2.3