{"openapi":"3.1.0","info":{"title":"ImmoMeetsOffice Pipeline API","summary":"Middleware-API zwischen Domus 1000 (Access) und externen Systemen.","description":"Middleware-API zwischen Domus 1000 (Microsoft Access) und externen Systemen. Verwaltet Benutzer-Registrierung, Aktivierung, Authentifizierung sowie den Empfang und die Weiterleitung von Geb\u00e4udeereignissen via Webhooks.","version":"1.0.0","contact":{"name":"immo-meets-office.de","url":"https:\/\/www.immo-meets-office.de"}},"servers":[{"url":"http:\/\/localhost\/api\/v1","description":"Production"}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"Laravel Sanctum Token (Format: ID|plaintext)"}},"schemas":{"RegisterRequest":{"type":"object","required":["email","password"],"properties":{"email":{"type":"string","format":"email","maxLength":255,"example":"user@example.com"},"password":{"type":"string","minLength":8,"example":"geheim1234"}}},"RegisterResponse":{"type":"object","properties":{"message":{"type":"string","example":"Registrierung erfolgreich. Bitte pr\u00fcfen Sie Ihr Postfach und aktivieren Sie Ihren Account mit dem zugesandten Code."},"email":{"type":"string","format":"email","example":"user@example.com"}}},"ActivateRequest":{"type":"object","required":["email","token"],"properties":{"email":{"type":"string","format":"email","example":"user@example.com"},"token":{"type":"string","example":"ABCD12","description":"6-stelliger Aktivierungscode (wird zu Gro\u00dfbuchstaben konvertiert)"}}},"ActivateResponse":{"type":"object","properties":{"message":{"type":"string","example":"Account erfolgreich aktiviert."},"api_token":{"type":"string","example":"2|XrzgVUIZ4QRC..."},"token_type":{"type":"string","example":"Bearer"},"user":{"type":"object","properties":{"id":{"type":"integer","example":1},"email":{"type":"string","format":"email"}}}}},"LoginRequest":{"type":"object","required":["email","password","api_token"],"properties":{"email":{"type":"string","format":"email","example":"user@example.com"},"password":{"type":"string","example":"geheim1234"},"api_token":{"type":"string","example":"2|XrzgVUIZ4QRC...","description":"Bearer-Token aus der Aktivierungs-E-Mail (Format: ID|plaintext)"}}},"LoginResponse":{"type":"object","properties":{"message":{"type":"string","example":"Anmeldung erfolgreich."},"token_type":{"type":"string","example":"Bearer"},"user":{"type":"object","properties":{"id":{"type":"integer","example":1},"email":{"type":"string","format":"email"}}}}},"UserResponse":{"type":"object","properties":{"id":{"type":"integer","example":1},"name":{"type":"string","example":"user"},"email":{"type":"string","format":"email"},"is_active":{"type":"boolean","example":true},"email_verified_at":{"type":["string","null"],"format":"date-time"},"created_at":{"type":"string","format":"date-time"},"updated_at":{"type":"string","format":"date-time"}}},"BuildingCreatedRequest":{"type":"object","description":"Beliebiges JSON-Objekt mit Geb\u00e4udedaten aus Domus 1000. Kein festes Schema \u2013 alle Felder werden as-is gespeichert.","additionalProperties":true,"example":{"objekt_nr":"12345","bezeichnung":"Musterstra\u00dfe 1","ort":"Berlin"}},"BuildingCreatedResponse":{"type":"object","properties":{"message":{"type":"string","example":"Daten erfolgreich gespeichert."},"id":{"type":"integer","example":42},"user_id":{"type":"integer","example":1},"token_id":{"type":"integer","example":1},"token_name":{"type":"string","example":"api-token"},"created_at":{"type":"string","format":"date-time"}}},"WebhookRequest":{"type":"object","required":["url"],"properties":{"url":{"type":"string","format":"uri","maxLength":500,"example":"https:\/\/example.com\/webhook"},"is_active":{"type":"boolean","default":true}}},"WebhookStoreResponse":{"type":"object","description":"Antwort nach Webhook-Registrierung. Das Secret wird nur hier zur\u00fcckgegeben \u2013 bitte sicher speichern.","properties":{"message":{"type":"string","example":"Webhook erfolgreich registriert."},"url":{"type":"string","format":"uri"},"secret":{"type":"string","example":"aBcDeFgH1234...","description":"40-Zeichen HMAC-Secret. Nur bei Erstellung\/Aktualisierung sichtbar. Wird f\u00fcr X-Webhook-Signature-Validierung ben\u00f6tigt."},"is_active":{"type":"boolean"}}},"WebhookShowResponse":{"type":"object","description":"Aktuelle Webhook-Konfiguration (Secret wird nicht zur\u00fcckgegeben).","properties":{"url":{"type":"string","format":"uri"},"is_active":{"type":"boolean"},"created_at":{"type":"string","format":"date-time"},"updated_at":{"type":"string","format":"date-time"}}},"ErrorResponse":{"type":"object","properties":{"message":{"type":"string"},"errors":{"type":"object","additionalProperties":{"type":"array","items":{"type":"string"}}}}}}},"paths":{"\/ping":{"get":{"tags":["System"],"summary":"Health-Check","description":"Pr\u00fcft ob die API erreichbar ist.","operationId":"ping","responses":{"200":{"description":"API ist erreichbar","content":{"application\/json":{"schema":{"type":"object","properties":{"status":{"type":"string","example":"ok"},"timestamp":{"type":"string","format":"date-time"}}}}}}}}},"\/apispecs":{"get":{"tags":["System"],"summary":"API-Spezifikation","description":"Gibt diese OpenAPI 3.1 Spezifikation als JSON zur\u00fcck. Die Server-URL wird dynamisch aus APP_URL bef\u00fcllt.","operationId":"apispecs","responses":{"200":{"description":"OpenAPI 3.1 Dokument"}}}},"\/register":{"post":{"tags":["Auth"],"summary":"Benutzer registrieren","description":"Registriert einen neuen Benutzer. Versendet einen 6-stelligen Aktivierungscode per E-Mail sowie eine Benachrichtigung an den Administrator.","operationId":"register","requestBody":{"required":true,"content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/RegisterRequest"}}}},"responses":{"201":{"description":"Registrierung erfolgreich","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/RegisterResponse"}}}},"422":{"description":"E-Mail bereits registriert oder Validierungsfehler","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}}}}},"\/activate":{"post":{"tags":["Auth"],"summary":"Account aktivieren","description":"Aktiviert den Account mit dem per E-Mail zugesandten 6-stelligen Code. Gibt bei Erfolg den API-Token zur\u00fcck.","operationId":"activate","requestBody":{"required":true,"content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ActivateRequest"}}}},"responses":{"200":{"description":"Aktivierung erfolgreich","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ActivateResponse"}}}},"404":{"description":"E-Mail nicht gefunden","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}},"409":{"description":"Account bereits aktiviert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}},"422":{"description":"Aktivierungscode ung\u00fcltig","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}}}}},"\/login":{"post":{"tags":["Auth"],"summary":"Anmelden","description":"Authentifiziert einen Benutzer anhand von E-Mail, Passwort und API-Token. Pr\u00fcft Passwort per Hash und Token per SHA-256-Vergleich.","operationId":"login","requestBody":{"required":true,"content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/LoginRequest"}}}},"responses":{"200":{"description":"Anmeldung erfolgreich","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/LoginResponse"}}}},"401":{"description":"Ung\u00fcltige Anmeldedaten oder ung\u00fcltiger API-Token","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}},"403":{"description":"Account nicht aktiviert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}}}}},"\/user":{"get":{"tags":["User"],"summary":"Aktuellen Benutzer abrufen","description":"Gibt den aktuell authentifizierten Benutzer zur\u00fcck.","operationId":"getUser","security":[{"BearerAuth":[]}],"responses":{"200":{"description":"Benutzerdaten","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/UserResponse"}}}},"401":{"description":"Nicht authentifiziert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}}}}},"\/domus1000\/building\/hasbeencreated":{"post":{"tags":["Building"],"summary":"Geb\u00e4udeereignis senden","description":"Nimmt eine beliebige JSON-Nutzlast mit Geb\u00e4udedaten aus Domus 1000 entgegen, speichert sie mit Benutzer- und Token-Kontext in der Datenbank und l\u00f6st einen Webhook-Dispatch aus.","operationId":"buildingHasBeenCreated","security":[{"BearerAuth":[]}],"requestBody":{"required":true,"content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/BuildingCreatedRequest"}}}},"responses":{"201":{"description":"Daten erfolgreich gespeichert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/BuildingCreatedResponse"}}}},"401":{"description":"Nicht authentifiziert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}}}}},"\/webhook":{"post":{"tags":["Webhook"],"summary":"Webhook registrieren","description":"Registriert oder aktualisiert eine Webhook-URL. Pro Benutzer ist genau ein Webhook m\u00f6glich (updateOrCreate). Das Secret wird nur in dieser Antwort zur\u00fcckgegeben.","operationId":"storeWebhook","security":[{"BearerAuth":[]}],"requestBody":{"required":true,"content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/WebhookRequest"}}}},"responses":{"201":{"description":"Webhook erfolgreich registriert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/WebhookStoreResponse"}}}},"401":{"description":"Nicht authentifiziert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}},"422":{"description":"Validierungsfehler (z.B. ung\u00fcltige URL)","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}}}},"get":{"tags":["Webhook"],"summary":"Webhook anzeigen","description":"Gibt die aktuelle Webhook-Konfiguration des Benutzers zur\u00fcck. Das Secret wird nicht zur\u00fcckgegeben.","operationId":"showWebhook","security":[{"BearerAuth":[]}],"responses":{"200":{"description":"Webhook-Details","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/WebhookShowResponse"}}}},"401":{"description":"Nicht authentifiziert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}},"404":{"description":"Kein Webhook konfiguriert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}}}},"delete":{"tags":["Webhook"],"summary":"Webhook l\u00f6schen","description":"L\u00f6scht den Webhook des aktuellen Benutzers.","operationId":"deleteWebhook","security":[{"BearerAuth":[]}],"responses":{"200":{"description":"Webhook gel\u00f6scht","content":{"application\/json":{"schema":{"type":"object","properties":{"message":{"type":"string","example":"Webhook gel\u00f6scht."}}}}}},"401":{"description":"Nicht authentifiziert","content":{"application\/json":{"schema":{"$ref":"#\/components\/schemas\/ErrorResponse"}}}}}}}}}