naftiko: 1.0.0-alpha2 info: label: Spring Security OAuth2 API — Token description: 'Spring Security OAuth2 API — Token. 3 operations. Lead operation: OAuth2 Token Introspection. Self-contained Naftiko capability covering one Spring Security business surface.' tags: - Spring Security - Token created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: SPRING_SECURITY_API_KEY: SPRING_SECURITY_API_KEY capability: consumes: - type: http namespace: oauth2-token baseUri: http://localhost:8080 description: Spring Security OAuth2 API — Token business capability. Self-contained, no shared references. resources: - name: oauth2-introspect path: /oauth2/introspect operations: - name: introspecttoken method: POST description: OAuth2 Token Introspection outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: oauth2-revoke path: /oauth2/revoke operations: - name: revoketoken method: POST description: OAuth2 Token Revocation outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: oauth2-token path: /oauth2/token operations: - name: issuetoken method: POST description: OAuth2 Token Endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true authentication: type: bearer token: '{{env.SPRING_SECURITY_API_KEY}}' exposes: - type: rest namespace: oauth2-token-rest port: 8080 description: REST adapter for Spring Security OAuth2 API — Token. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/oauth2/introspect name: oauth2-introspect description: REST surface for oauth2-introspect. operations: - method: POST name: introspecttoken description: OAuth2 Token Introspection call: oauth2-token.introspecttoken with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/oauth2/revoke name: oauth2-revoke description: REST surface for oauth2-revoke. operations: - method: POST name: revoketoken description: OAuth2 Token Revocation call: oauth2-token.revoketoken with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/oauth2/token name: oauth2-token description: REST surface for oauth2-token. operations: - method: POST name: issuetoken description: OAuth2 Token Endpoint call: oauth2-token.issuetoken with: body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: oauth2-token-mcp port: 9090 transport: http description: MCP adapter for Spring Security OAuth2 API — Token. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: oauth2-token-introspection description: OAuth2 Token Introspection hints: readOnly: false destructive: false idempotent: false call: oauth2-token.introspecttoken with: body: tools.body outputParameters: - type: object mapping: $. - name: oauth2-token-revocation description: OAuth2 Token Revocation hints: readOnly: false destructive: false idempotent: false call: oauth2-token.revoketoken with: body: tools.body outputParameters: - type: object mapping: $. - name: oauth2-token-endpoint description: OAuth2 Token Endpoint hints: readOnly: false destructive: false idempotent: false call: oauth2-token.issuetoken with: body: tools.body outputParameters: - type: object mapping: $.