update header

Signed-off-by: ふぁ <yuki@yuki0311.com>
2026-01-11 23:50:26 +01:00 · 2023-04-20 04:09:50 +09:00 · 2023-04-20 04:09:50 +09:00 · 9fd57625e8
commit 9fd57625e8
parent 133cc17ed3
10 changed files with 526 additions and 46 deletions
--- a/src/config/parameters.yaml
+++ b/src/config/parameters.yaml
@ -25,6 +25,43 @@ paths:
            type: string
            default: "{{Query}}"
            example: "{{Query}}"
+
+        # ======== Security ========
+        - name: authorization
+          in: header
+          required: true
+          schema:
+            type: string
+            default: "Bearer AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs%3D1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnA"
+            description: "It is a constant value and does not need to be changed."
+        - name: x-twitter-active-user
+          in: header
+          required: true
+          schema:
+            type: string
+            default: "yes"
+            description: "Unknown what this value means."
+        - name: x-twitter-auth-type
+          in: header
+          required: true
+          schema:
+            type: string
+            default: "OAuth2Session"
+            description: "Unknown what this value means."
+        - name: x-twitter-client-language
+          in: header
+          required: true
+          schema:
+            type: string
+            default: "en"
+            description: "language code."
+        - name: user-agent
+          in: header
+          required: true
+          schema:
+            type: string
+            default: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"
+            description: "UserAgent, some APIs may be rejected if changed."
      responses:
        "200":
          description: ""
--- a/src/openapi/openapi-3.0.yaml
+++ b/src/openapi/openapi-3.0.yaml
@ -18,43 +18,34 @@ components:
  schemas: {}

  securitySchemes:
-    BearerAuth:
-      type: http
-      scheme: bearer
-      description: "AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs%3D1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnA"
+    # Moved to Parameters because it is not working as Security
+    # BearerAuth:
+    #   type: http
+    #   scheme: bearer
+    #   description: "AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs%3D1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnA"
+    # AuthType:
+    #   type: apiKey
+    #   in: header
+    #   name: x-twitter-auth-type
+    #   description: "OAuth2Session"

    CsrfToken:
      type: apiKey
      in: header
      name: x-csrf-token
-
-    ActiveUser:
-      type: apiKey
-      in: header
-      name: x-twitter-active-user
-      description: "yes"
-
-    AuthType:
-      type: apiKey
-      in: header
-      name: x-twitter-auth-type
-      description: "OAuth2Session"
-
-    ClientLanguage:
-      type: apiKey
-      in: header
-      name: x-twitter-client-language
-      description: "en"
-
-    CookieAuthToken:
-      type: apiKey
-      in: cookie
-      name: auth_token
+      description: "document.cookie.split('; ').find(row => row.startsWith('ct0='));"

    CookieCt0:
      type: apiKey
      in: cookie
      name: ct0
+      description: "document.cookie.split('; ').find(row => row.startsWith('ct0='));"
+
+    CookieAuthToken:
+      type: apiKey
+      in: cookie
+      name: auth_token
+      description: "HttpOnly cookie"

 tags:
  - name: timeline