+1, looks good On 29 June 2017 at 12:27, Malintha Amarasinghe <[email protected]> wrote:
> > > On Thu, Jun 29, 2017 at 12:20 PM, Harsha Kumara <[email protected]> wrote: > >> >> >> On Thu, Jun 29, 2017 at 11:43 AM, Malintha Amarasinghe < >> [email protected]> wrote: >> >>> Hi all, >>> >>> Bhathiya and I had a discussion about this and came up with the below >>> approach regarding POST /provide-keys. >>> >>> 1.Creates a new resource in /keys collection providing the key type. >>> (Similar to semi-manual client registration). >>> >>> POST /applications/{applicationId}/keys >>> >>> *Request:* >>> >>> POST /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys >>> >>> { >>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx", >>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>> "keyType": "PRODUCTION" >>> } >>> >>> *Response* >>> >>> HTTP/1.1 201 CREATED >>> Location: https://localhost:9292/api/am/store/v1/applications/876f8fd8 >>> -269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION >>> >>> { >>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>> "supportedGrantTypes": [ >>> "client-credentials", "password" >>> ], >>> "callbackUrl": "http://localhost/callback";, >>> "keyType": "PRODUCTION" >>> } >>> >>> Seems we are thinking keyType as a resource. We will need to add a >> validation for keyType at implementation layer. +1 for the approach. >> > Yeah we will need a validation since the only allowed key types are > PRODUCTION and SANDBOX. > >> >>> 2. Get all keys >>> >>> GET /applications/{applicationId}/keys >>> >>> >>> *Request:* >>> >>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys >>> >>> >>> *Response:* >>> >>> HTTP/1.1 200 OK >>> { >>> "count": 2, >>> "items": [ >>> >>> { >>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>> "supportedGrantTypes": [ >>> "client-credentials", "password" >>> ], >>> "callbackUrl": "http://localhost/callback";, >>> "keyType": "PRODUCTION" >>> }, >>> >>> { >>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>> "supportedGrantTypes": [ >>> "client-credentials", "password" >>> ], >>> "callbackUrl": "http://localhost/callback";, >>> "keyType": "SANDBOX" >>> } >>> >>> ] >>> } >>> >>> >>> 3. Get a single key detail >>> >>> GET /applications/{applicationId}/keys/{keyType} >>> >>> *Request* >>> >>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION >>> >>> >>> *Response* >>> >>> HTTP/1.1 200 OK >>> >>> { >>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>> "supportedGrantTypes": [ >>> "client-credentials", "password" >>> ], >>> "callbackUrl": "http://localhost/callback";, >>> "keyType": "PRODUCTION" >>> } >>> >>> 4. Update a key >>> >>> PUT /applications/{applicationId}/keys/{keyType} >>> >>> *We will only allow updating supported grant types and callback URLs for >>> individual keys.* >>> >>> *Request* >>> >>> PUT /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION >>> >>> >>> { >>> "supportedGrantTypes": [ >>> "client-credentials" >>> ], >>> "callbackUrl": "http://localhost/callback-updated";, >>> } >>> >>> *Response:* >>> >>> HTTP/1.1 200 OK >>> >>> { >>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>> "supportedGrantTypes": [ >>> "client-credentials" >>> ], >>> "callbackUrl": "http://localhost/callback-updated";, >>> "keyType": "PRODUCTION" >>> } >>> >>> >>> >>> Thanks >>> Malintha >>> >>> >>> >>> On Wed, Jun 28, 2017 at 1:37 PM, Bhathiya Jayasekara <[email protected]> >>> wrote: >>> >>>> Hi all, >>>> >>>> As discussed in [1], I split generate keys operation into 2, and added >>>> "provide-keys" operation for semi-manual client registration. Here is the >>>> final list with sample requests and responses. >>>> >>>> >>>> POST /applications/{applicationId}/generate-keys >>>> >>>> { >>>> "keyType": "PRODUCTION", >>>> "grantTypesToBeSupported": [ >>>> "client-credentials", "password" >>>> ], >>>> "callbackUrl": "http://localhost/callback"} >>>> >>>> >>>> Response >>>> >>>> { >>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>> "supportedGrantTypes": [ >>>> "client-credentials", "password" >>>> ], >>>> "callbackUrl": "http://localhost/callback";, >>>> "keyType": "PRODUCTION"} >>>> >>>> >>>> >>>> POST /applications/{applicationId}/provide-keys >>>> >>>> { >>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx", >>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>> "keyType": "PRODUCTION"} >>>> >>>> >>>> Response >>>> >>>> { >>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>> "supportedGrantTypes": [ >>>> "client-credentials", "password" >>>> ], >>>> "callbackUrl": "http://localhost/callback";, >>>> "keyType": "PRODUCTION"} >>>> >>>> >>>> >>>> POST /applications/{applicationId}/generate-tokens >>>> >>>> { >>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxxx", >>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyyyyy", >>>> "validityPeriod": 3600, >>>> "scopes": "read write delete", >>>> "revokeToken": "zzzzzzzzzzzzzzzzzzzzz"} >>>> >>>> >>>> Response >>>> >>>> { >>>> "accessToken": "aaaaaaaaaaaaaaaaaaaaaaaaa", >>>> "tokenScopes": "read write", >>>> "validityTime": 3600} >>>> >>>> >>>> >>>> [1] [APIM][C5] Splitting "Generate Keys" operation in Store REST API >>>> >>>> Thanks, >>>> -- >>>> *Bhathiya Jayasekara* >>>> *Associate Technical Lead,* >>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>> >>>> *Phone: +94715478185 <+94%2071%20547%208185>* >>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>> <http://www.linkedin.com/in/bhathiyaj>* >>>> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* >>>> *Blog: http://movingaheadblog.blogspot.com >>>> <http://movingaheadblog.blogspot.com/>* >>>> >>> >>> >>> >>> -- >>> Malintha Amarasinghe >>> Software Engineer >>> *WSO2, Inc. - lean | enterprise | middleware* >>> http://wso2.com/ >>> >>> Mobile : +94 712383306 <+94%2071%20238%203306> >>> >> >> >> >> -- >> Harsha Kumara >> Software Engineer, WSO2 Inc. >> Mobile: +94775505618 <+94%2077%20550%205618> >> Blog:harshcreationz.blogspot.com >> > > > > -- > Malintha Amarasinghe > Software Engineer > *WSO2, Inc. - lean | enterprise | middleware* > http://wso2.com/ > > Mobile : +94 712383306 <+94%2071%20238%203306> > -- Regards, Uvindra Mobile: 777733962
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
