[PM-25182] Improve swagger OperationIDs: Part 1 (#6229)

* Improve swagger OperationIDs: Part 1

* Fix tests and fmt

* Improve docs and add more tests

* Fmt

* Improve Swagger OperationIDs for Auth

* Fix review feedback

* Use generic getcustomattributes

* Format

* replace swaggerexclude by split+obsolete

* Format

* Some remaining excludes

src/Api/Auth/Controllers/AccountsController.cs

@@ -344,7 +344,6 @@ public class AccountsController : Controller
     }
 
     [HttpPut("profile")]
-    [HttpPost("profile")]
     public async Task<ProfileResponseModel> PutProfile([FromBody] UpdateProfileRequestModel model)
     {
         var user = await _userService.GetUserByPrincipalAsync(User);
@@ -363,8 +362,14 @@ public class AccountsController : Controller
         return response;
     }
 
+    [HttpPost("profile")]
+    [Obsolete("This endpoint is deprecated. Use PUT /profile instead.")]
+    public async Task<ProfileResponseModel> PostProfile([FromBody] UpdateProfileRequestModel model)
+    {
+        return await PutProfile(model);
+    }
+
     [HttpPut("avatar")]
-    [HttpPost("avatar")]
     public async Task<ProfileResponseModel> PutAvatar([FromBody] UpdateAvatarRequestModel model)
     {
         var user = await _userService.GetUserByPrincipalAsync(User);
@@ -382,6 +387,13 @@ public class AccountsController : Controller
         return response;
     }
 
+    [HttpPost("avatar")]
+    [Obsolete("This endpoint is deprecated. Use PUT /avatar instead.")]
+    public async Task<ProfileResponseModel> PostAvatar([FromBody] UpdateAvatarRequestModel model)
+    {
+        return await PutAvatar(model);
+    }
+
     [HttpGet("revision-date")]
     public async Task<long?> GetAccountRevisionDate()
     {
@@ -430,7 +442,6 @@ public class AccountsController : Controller
     }
 
     [HttpDelete]
-    [HttpPost("delete")]
     public async Task Delete([FromBody] SecretVerificationRequestModel model)
     {
         var user = await _userService.GetUserByPrincipalAsync(User);
@@ -467,6 +478,13 @@ public class AccountsController : Controller
         throw new BadRequestException(ModelState);
     }
 
+    [HttpPost("delete")]
+    [Obsolete("This endpoint is deprecated. Use DELETE / instead.")]
+    public async Task PostDelete([FromBody] SecretVerificationRequestModel model)
+    {
+        await Delete(model);
+    }
+
     [AllowAnonymous]
     [HttpPost("delete-recover")]
     public async Task PostDeleteRecover([FromBody] DeleteRecoverRequestModel model)
@@ -638,7 +656,6 @@ public class AccountsController : Controller
         await _twoFactorEmailService.SendNewDeviceVerificationEmailAsync(user);
     }
 
-    [HttpPost("verify-devices")]
     [HttpPut("verify-devices")]
     public async Task SetUserVerifyDevicesAsync([FromBody] SetVerifyDevicesRequestModel request)
     {
@@ -654,6 +671,13 @@ public class AccountsController : Controller
         await _userService.SaveUserAsync(user);
     }
 
+    [HttpPost("verify-devices")]
+    [Obsolete("This endpoint is deprecated. Use PUT /verify-devices instead.")]
+    public async Task PostSetUserVerifyDevicesAsync([FromBody] SetVerifyDevicesRequestModel request)
+    {
+        await SetUserVerifyDevicesAsync(request);
+    }
+
     private async Task<IEnumerable<Guid>> GetOrganizationIdsClaimingUserAsync(Guid userId)
     {
         var organizationsClaimingUser = await _userService.GetOrganizationsClaimingUserAsync(userId);

src/Api/Auth/Controllers/AuthRequestsController.cs

@@ -31,7 +31,7 @@ public class AuthRequestsController(
     private readonly IAuthRequestService _authRequestService = authRequestService;
 
     [HttpGet("")]
-    public async Task<ListResponseModel<AuthRequestResponseModel>> Get()
+    public async Task<ListResponseModel<AuthRequestResponseModel>> GetAll()
     {
         var userId = _userService.GetProperUserId(User).Value;
         var authRequests = await _authRequestRepository.GetManyByUserIdAsync(userId);

src/Api/Auth/Controllers/EmergencyAccessController.cs

@@ -79,7 +79,6 @@ public class EmergencyAccessController : Controller
     }
 
     [HttpPut("{id}")]
-    [HttpPost("{id}")]
     public async Task Put(Guid id, [FromBody] EmergencyAccessUpdateRequestModel model)
     {
         var emergencyAccess = await _emergencyAccessRepository.GetByIdAsync(id);
@@ -92,14 +91,27 @@ public class EmergencyAccessController : Controller
         await _emergencyAccessService.SaveAsync(model.ToEmergencyAccess(emergencyAccess), user);
     }
 
+    [HttpPost("{id}")]
+    [Obsolete("This endpoint is deprecated. Use PUT /{id} instead.")]
+    public async Task Post(Guid id, [FromBody] EmergencyAccessUpdateRequestModel model)
+    {
+        await Put(id, model);
+    }
+
     [HttpDelete("{id}")]
-    [HttpPost("{id}/delete")]
     public async Task Delete(Guid id)
     {
         var userId = _userService.GetProperUserId(User);
         await _emergencyAccessService.DeleteAsync(id, userId.Value);
     }
 
+    [HttpPost("{id}/delete")]
+    [Obsolete("This endpoint is deprecated. Use DELETE /{id} instead.")]
+    public async Task PostDelete(Guid id)
+    {
+        await Delete(id);
+    }
+
     [HttpPost("invite")]
     public async Task Invite([FromBody] EmergencyAccessInviteRequestModel model)
     {
@@ -136,7 +148,7 @@ public class EmergencyAccessController : Controller
     }
 
     [HttpPost("{id}/approve")]
-    public async Task Accept(Guid id)
+    public async Task Approve(Guid id)
     {
         var user = await _userService.GetUserByPrincipalAsync(User);
         await _emergencyAccessService.ApproveAsync(id, user);

src/Api/Auth/Controllers/TwoFactorController.cs

@@ -110,7 +110,6 @@ public class TwoFactorController : Controller
     }
 
     [HttpPut("authenticator")]
-    [HttpPost("authenticator")]
     public async Task<TwoFactorAuthenticatorResponseModel> PutAuthenticator(
         [FromBody] UpdateTwoFactorAuthenticatorRequestModel model)
     {
@@ -133,6 +132,14 @@ public class TwoFactorController : Controller
         return response;
     }
 
+    [HttpPost("authenticator")]
+    [Obsolete("This endpoint is deprecated. Use PUT /authenticator instead.")]
+    public async Task<TwoFactorAuthenticatorResponseModel> PostAuthenticator(
+        [FromBody] UpdateTwoFactorAuthenticatorRequestModel model)
+    {
+        return await PutAuthenticator(model);
+    }
+
     [HttpDelete("authenticator")]
     public async Task<TwoFactorProviderResponseModel> DisableAuthenticator(
     [FromBody] TwoFactorAuthenticatorDisableRequestModel model)
@@ -157,7 +164,6 @@ public class TwoFactorController : Controller
     }
 
     [HttpPut("yubikey")]
-    [HttpPost("yubikey")]
     public async Task<TwoFactorYubiKeyResponseModel> PutYubiKey([FromBody] UpdateTwoFactorYubicoOtpRequestModel model)
     {
         var user = await CheckAsync(model, true);
@@ -174,6 +180,13 @@ public class TwoFactorController : Controller
         return response;
     }
 
+    [HttpPost("yubikey")]
+    [Obsolete("This endpoint is deprecated. Use PUT /yubikey instead.")]
+    public async Task<TwoFactorYubiKeyResponseModel> PostYubiKey([FromBody] UpdateTwoFactorYubicoOtpRequestModel model)
+    {
+        return await PutYubiKey(model);
+    }
+
     [HttpPost("get-duo")]
     public async Task<TwoFactorDuoResponseModel> GetDuo([FromBody] SecretVerificationRequestModel model)
     {
@@ -183,7 +196,6 @@ public class TwoFactorController : Controller
     }
 
     [HttpPut("duo")]
-    [HttpPost("duo")]
     public async Task<TwoFactorDuoResponseModel> PutDuo([FromBody] UpdateTwoFactorDuoRequestModel model)
     {
         var user = await CheckAsync(model, true);
@@ -199,6 +211,13 @@ public class TwoFactorController : Controller
         return response;
     }
 
+    [HttpPost("duo")]
+    [Obsolete("This endpoint is deprecated. Use PUT /duo instead.")]
+    public async Task<TwoFactorDuoResponseModel> PostDuo([FromBody] UpdateTwoFactorDuoRequestModel model)
+    {
+        return await PutDuo(model);
+    }
+
     [HttpPost("~/organizations/{id}/two-factor/get-duo")]
     public async Task<TwoFactorDuoResponseModel> GetOrganizationDuo(string id,
         [FromBody] SecretVerificationRequestModel model)
@@ -217,7 +236,6 @@ public class TwoFactorController : Controller
     }
 
     [HttpPut("~/organizations/{id}/two-factor/duo")]
-    [HttpPost("~/organizations/{id}/two-factor/duo")]
     public async Task<TwoFactorDuoResponseModel> PutOrganizationDuo(string id,
         [FromBody] UpdateTwoFactorDuoRequestModel model)
     {
@@ -243,6 +261,14 @@ public class TwoFactorController : Controller
         return response;
     }
 
+    [HttpPost("~/organizations/{id}/two-factor/duo")]
+    [Obsolete("This endpoint is deprecated. Use PUT /organizations/{id}/two-factor/duo instead.")]
+    public async Task<TwoFactorDuoResponseModel> PostOrganizationDuo(string id,
+        [FromBody] UpdateTwoFactorDuoRequestModel model)
+    {
+        return await PutOrganizationDuo(id, model);
+    }
+
     [HttpPost("get-webauthn")]
     public async Task<TwoFactorWebAuthnResponseModel> GetWebAuthn([FromBody] SecretVerificationRequestModel model)
     {
@@ -261,7 +287,6 @@ public class TwoFactorController : Controller
     }
 
     [HttpPut("webauthn")]
-    [HttpPost("webauthn")]
     public async Task<TwoFactorWebAuthnResponseModel> PutWebAuthn([FromBody] TwoFactorWebAuthnRequestModel model)
     {
         var user = await CheckAsync(model, false);
@@ -277,6 +302,13 @@ public class TwoFactorController : Controller
         return response;
     }
 
+    [HttpPost("webauthn")]
+    [Obsolete("This endpoint is deprecated. Use PUT /webauthn instead.")]
+    public async Task<TwoFactorWebAuthnResponseModel> PostWebAuthn([FromBody] TwoFactorWebAuthnRequestModel model)
+    {
+        return await PutWebAuthn(model);
+    }
+
     [HttpDelete("webauthn")]
     public async Task<TwoFactorWebAuthnResponseModel> DeleteWebAuthn(
         [FromBody] TwoFactorWebAuthnDeleteRequestModel model)
@@ -349,7 +381,6 @@ public class TwoFactorController : Controller
     }
 
     [HttpPut("email")]
-    [HttpPost("email")]
     public async Task<TwoFactorEmailResponseModel> PutEmail([FromBody] UpdateTwoFactorEmailRequestModel model)
     {
         var user = await CheckAsync(model, false);
@@ -367,8 +398,14 @@ public class TwoFactorController : Controller
         return response;
     }
 
+    [HttpPost("email")]
+    [Obsolete("This endpoint is deprecated. Use PUT /email instead.")]
+    public async Task<TwoFactorEmailResponseModel> PostEmail([FromBody] UpdateTwoFactorEmailRequestModel model)
+    {
+        return await PutEmail(model);
+    }
+
     [HttpPut("disable")]
-    [HttpPost("disable")]
     public async Task<TwoFactorProviderResponseModel> PutDisable([FromBody] TwoFactorProviderRequestModel model)
     {
         var user = await CheckAsync(model, false);
@@ -377,8 +414,14 @@ public class TwoFactorController : Controller
         return response;
     }
 
+    [HttpPost("disable")]
+    [Obsolete("This endpoint is deprecated. Use PUT /disable instead.")]
+    public async Task<TwoFactorProviderResponseModel> PostDisable([FromBody] TwoFactorProviderRequestModel model)
+    {
+        return await PutDisable(model);
+    }
+
     [HttpPut("~/organizations/{id}/two-factor/disable")]
-    [HttpPost("~/organizations/{id}/two-factor/disable")]
     public async Task<TwoFactorProviderResponseModel> PutOrganizationDisable(string id,
         [FromBody] TwoFactorProviderRequestModel model)
     {
@@ -401,6 +444,14 @@ public class TwoFactorController : Controller
         return response;
     }
 
+    [HttpPost("~/organizations/{id}/two-factor/disable")]
+    [Obsolete("This endpoint is deprecated. Use PUT /organizations/{id}/two-factor/disable instead.")]
+    public async Task<TwoFactorProviderResponseModel> PostOrganizationDisable(string id,
+        [FromBody] TwoFactorProviderRequestModel model)
+    {
+        return await PutOrganizationDisable(id, model);
+    }
+
     [HttpPost("get-recover")]
     public async Task<TwoFactorRecoverResponseModel> GetRecover([FromBody] SecretVerificationRequestModel model)
     {