# This is an example API definition not suited for production 
#
# In real life scenario, you must 
# 1. Ensure that the global security field has rules defined
# 2. Ensure that security operations is not empty.
#    https://learn.openapis.org/specification/security.html
#
# As per Checkov CKV_OPENAPI_4 and CKV_OPENAPI_5

openapi: 3.1.0
info:
  title: StockQuoteService
  version: 1.0.0

# security:
#   - defaultApiKey: []

components:
  schemas:
    quote:
      type: object
      properties:
        symbol:
          type: string
        price:
          type: number
        change:
          type: number
        changePercent:
          type: number
        volume:
          type: number
        timestamp:
          type: string
          format: date-time
          
paths:
  /stocks/{symbol}:
    get:
      summary: Get the latest quote for a stock
      operationId: getQuote
      parameters:
        - name: symbol
          in: path
          required: true
          schema:
            type: string
        - name: date
          in: query
          required: false
          schema:
            type: string
            format: date
      tags:
        - stocks
      responses:
        200:
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/quote'
        400:
          description: Bad Request
        401:
          description: Authentication required
        404:
          description: Not Found
      # security:
      #   - defaultApiKey: []