Hi Isura, According to the REST API Guidelines that we have defined across all the products, following suggestions can be made regarding the resource paths that you have proposed.
[1] Base-path "accountrecovery" has two words in it and they can be separated by a dash, i.e. as "account-recovery". [2] It seems that path "rest" does not make any sense as a resource, so it can be removed. [3] Also, all the underscore signs included in processiong-functions like "reset_password" and resource-paths like "security_questions_response" could be replaced with a dash (-). Regards, Dilan. *Dilan U. Ariyaratne* Senior Software Engineer WSO2 Inc. <http://wso2.com/> Mobile: +94766405580 <%2B94766405580> lean . enterprise . middleware On Wed, Jun 8, 2016 at 1:02 PM, Isura Karunaratne <[email protected]> wrote: > Identity Management Recovery API improvements. > > In Identity Server 5.3.0, we are going to implement Identity Management > recovery APIs as rest resources. In current implementations of IS5.0.0, > IS5.1.0 we have soap APIs for recovery scenarios. [1]. > > Captcha validation is coupled with recovery flows in existing soap API > implementation and we have improved Java API to decouple to the captcha > validation from recovery flows in new implementations. [4] > Existing soap APIs.Recover with Notification [2] > > - > > getCaptcha() - Generates a captcha. > - > > verifyUser() - Validates the captcha answer and username and returns > a new key. > - > > sendRecoveryNotification() - Send an email notification with a > confirmation code to the user. Need to provide the key from the previous > call. > - > > getCaptcha() - Generates a captcha when the user clicks on the URL. > - > > verifyConfirmationCode() - Validates the captcha answer and > confirmation code. This returns a key. > - > > updatePassword - Updates the password in the system. Need to provide > the key from the previous call, new password and returns the status of the > update, true or false. > > Recover with Secret Questions[3] > > - > > getCaptcha() - Generates a captcha. > - > > verifyUser() - Validates the captcha answer and username and returns > a new key. > - > > getUserChallengeQuestionIds() - Retrieve the claim URI IDs specified > for the user with the generated key. Need to provide the key from the > previous call. > - > > getUserChallengeQuestion() - Retrieve the user’s challenge question > for the specified claim URI ID from the previous call. Need to provide the > key from the previous call. > - > > verifyUserChallengeAnswer() - Validates the answer and confirmation > code for the specified question. Need to provide the key from the previous > call. > - > > updatePassword() - Updates the password in the system. Need to > provide the key from the previous call, the new password and return the > status of the update, i.e. true or false. > > > > > > New APIs > Recover with Notification > > - > > sendRecoveryNotification() : validate user and returns a new key > through a notification. > - > > updatePassword() : Updates the password in the system. Need to provide > the key from notification, new password > > > Recover with Secret Questions > > - > > intiateUserChallengeQuestion(); validate user and returns a question > to answer with a secret code > - > > verifyUserChallengeAnswer(); validate secret code and answer for the > question in previous step. Return a new question with new secret until > minimum number of questions are answered. > - > > updatePassword(); Updates the password in the system. Need to provide > the key from notification, new password > > > > New APIs for Multiple Questions at once > > - > > getAllChallegeQuestions(); validate user and returns all questions to > answer with a secret code > - > > validateAllChallengeAnswers(); validate code and all answers and > return a code if success > - > > updatePassword();Updates the password in the system. Need to provide > the key from notification, new password > > > > > > > > > > > > [1] https://docs.wso2.com/display/IS510/Password+Recovery > > [2] > https://docs.wso2.com/display/IS510/Password+Recovery#PasswordRecovery-Recoveryusingnotifications > > [3] > https://docs.wso2.com/display/IS510/Password+Recovery#PasswordRecovery-Recoveryusingchallengequestions > > [4] [Architecture] Decouple capcha validation from Recovery flows > > > > Sample Requests > Send Email Notification > > POST accountrecovery/rest/notification/notify > <https://localhost:9443/accountrecovery/rest/notification/notify> > > > Request Body > > { > > "userName": "testuser", > > "tenantDomain": "carbon.super", > > "userStoreDomain": "PRIMARY" > > } > > > If notifications are internally managed, > > Response Body > > HTTP 200 > > > If notifications are externally managed, > > Response Body > > { > > "user": { > > "userName": "testuser", > > "userStoreDomain": "PRIMARY", > > "tenantDomain": "carbon.super" > > }, > > "key": "f75da810-3478-47f4-80e5-c37556392015" > > } > > > > > > *Reset Password.* > > PUT /accountrecovery/rest/notification/reset_password > > Request Body > > { > > "user": { > > "userName": "test", > > "userStoreDomain": "PRIMARY", > > "tenantDomain": "carbon.super" > > }, > > "code": "e4d6041b-2ea7-4dc1-9ae2-b8e9686e1d12", > > "password": "12345" > > } > > > Response Body > > HTTP 200 > > > > > > Initiate User Challenge Question > > PUT /accountrecovery/rest/questions/initiate > > > > Request Body > > { > > "userName": "admin", > > "userStoreDomain": "PRIMARY", > > "tenantDomain": "carbon.super" > > } > > > > Response body > > { > > "question": "City where you were born ?", > > "questionSetId": "http://wso2.org/claims/challengeQuestion1";, > > "code": "786f63b6-d0b7-4bd7-991e-12e97e4602e3", > > "status": "INCOMPLETE" > > } > > > > > Validate User Challenge Question, > > POST /accountrecovery/security_questions_response > > Request Body > > { > > "user": { > > "userName": "admin", > > "userStoreDomain": "PRIMARY", > > "tenantDomain": "carbon.super" > > }, > > "key": "12454125-15145-45554155", > > "code": "fbc8e9e0-e6fd-4a75-8502-f03e5836930f", > > "answer": "colombo" > > } > > > > Response body > > { > > "question": "what is your favourite food ?", > > "questionSetId": "http://wso2.org/claims/challengeQuestion2";, > > "code": "786f63b6-d0b7-4bd7-991e-12e97e4602e3", > > "status": "INCOMPLETE" > > } > > This should be repeated until status becomes complete. > > > > Response body > > { > > “status” : “COMPLETE”, > > “key” : "3225d2dd-f5fa-44ca-9aa1-d1c32748b569" > > } > > > > Thanks > Isura > > > -- > Isura Dilhara Karunaratne > Senior Software Engineer > > Mob +94 772 254 810 > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
