yes, +1. On Thu, Jun 29, 2017 at 12:47 PM, Nuwan Dias <[email protected]> wrote:
> /generate-tokens should be /generate-token right? Because we're just > generating 1 token. > > On Thu, Jun 29, 2017 at 12:29 PM, Uvindra Dias Jayasinha <[email protected] > > wrote: > >> +1, looks good >> >> On 29 June 2017 at 12:27, Malintha Amarasinghe <[email protected]> >> wrote: >> >>> >>> >>> On Thu, Jun 29, 2017 at 12:20 PM, Harsha Kumara <[email protected]> >>> wrote: >>> >>>> >>>> >>>> On Thu, Jun 29, 2017 at 11:43 AM, Malintha Amarasinghe < >>>> [email protected]> wrote: >>>> >>>>> Hi all, >>>>> >>>>> Bhathiya and I had a discussion about this and came up with the below >>>>> approach regarding POST /provide-keys. >>>>> >>>>> 1.Creates a new resource in /keys collection providing the key type. >>>>> (Similar to semi-manual client registration). >>>>> >>>>> POST /applications/{applicationId}/keys >>>>> >>>>> *Request:* >>>>> >>>>> POST /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys >>>>> >>>>> { >>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx", >>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>> "keyType": "PRODUCTION" >>>>> } >>>>> >>>>> *Response* >>>>> >>>>> HTTP/1.1 201 CREATED >>>>> Location: https://localhost:9292/api/am/store/v1/applications/876f8fd8 >>>>> -269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION >>>>> >>>>> { >>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>> "supportedGrantTypes": [ >>>>> "client-credentials", "password" >>>>> ], >>>>> "callbackUrl": "http://localhost/callback";, >>>>> "keyType": "PRODUCTION" >>>>> } >>>>> >>>>> Seems we are thinking keyType as a resource. We will need to add a >>>> validation for keyType at implementation layer. +1 for the approach. >>>> >>> Yeah we will need a validation since the only allowed key types are >>> PRODUCTION and SANDBOX. >>> >>>> >>>>> 2. Get all keys >>>>> >>>>> GET /applications/{applicationId}/keys >>>>> >>>>> >>>>> *Request:* >>>>> >>>>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys >>>>> >>>>> >>>>> *Response:* >>>>> >>>>> HTTP/1.1 200 OK >>>>> { >>>>> "count": 2, >>>>> "items": [ >>>>> >>>>> { >>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>> "supportedGrantTypes": [ >>>>> "client-credentials", "password" >>>>> ], >>>>> "callbackUrl": "http://localhost/callback";, >>>>> "keyType": "PRODUCTION" >>>>> }, >>>>> >>>>> { >>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>> "supportedGrantTypes": [ >>>>> "client-credentials", "password" >>>>> ], >>>>> "callbackUrl": "http://localhost/callback";, >>>>> "keyType": "SANDBOX" >>>>> } >>>>> >>>>> ] >>>>> } >>>>> >>>>> >>>>> 3. Get a single key detail >>>>> >>>>> GET /applications/{applicationId}/keys/{keyType} >>>>> >>>>> *Request* >>>>> >>>>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION >>>>> >>>>> >>>>> *Response* >>>>> >>>>> HTTP/1.1 200 OK >>>>> >>>>> { >>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>> "supportedGrantTypes": [ >>>>> "client-credentials", "password" >>>>> ], >>>>> "callbackUrl": "http://localhost/callback";, >>>>> "keyType": "PRODUCTION" >>>>> } >>>>> >>>>> 4. Update a key >>>>> >>>>> PUT /applications/{applicationId}/keys/{keyType} >>>>> >>>>> *We will only allow updating supported grant types and callback URLs >>>>> for individual keys.* >>>>> >>>>> *Request* >>>>> >>>>> PUT /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION >>>>> >>>>> >>>>> { >>>>> "supportedGrantTypes": [ >>>>> "client-credentials" >>>>> ], >>>>> "callbackUrl": "http://localhost/callback-updated";, >>>>> } >>>>> >>>>> *Response:* >>>>> >>>>> HTTP/1.1 200 OK >>>>> >>>>> { >>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>> "supportedGrantTypes": [ >>>>> "client-credentials" >>>>> ], >>>>> "callbackUrl": "http://localhost/callback-updated";, >>>>> "keyType": "PRODUCTION" >>>>> } >>>>> >>>>> >>>>> >>>>> Thanks >>>>> Malintha >>>>> >>>>> >>>>> >>>>> On Wed, Jun 28, 2017 at 1:37 PM, Bhathiya Jayasekara < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> As discussed in [1], I split generate keys operation into 2, and >>>>>> added "provide-keys" operation for semi-manual client registration. Here >>>>>> is >>>>>> the final list with sample requests and responses. >>>>>> >>>>>> >>>>>> POST /applications/{applicationId}/generate-keys >>>>>> >>>>>> { >>>>>> "keyType": "PRODUCTION", >>>>>> "grantTypesToBeSupported": [ >>>>>> "client-credentials", "password" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback"} >>>>>> >>>>>> >>>>>> Response >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "supportedGrantTypes": [ >>>>>> "client-credentials", "password" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback";, >>>>>> "keyType": "PRODUCTION"} >>>>>> >>>>>> >>>>>> >>>>>> POST /applications/{applicationId}/provide-keys >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "keyType": "PRODUCTION"} >>>>>> >>>>>> >>>>>> Response >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "supportedGrantTypes": [ >>>>>> "client-credentials", "password" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback";, >>>>>> "keyType": "PRODUCTION"} >>>>>> >>>>>> >>>>>> >>>>>> POST /applications/{applicationId}/generate-tokens >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyyyyy", >>>>>> "validityPeriod": 3600, >>>>>> "scopes": "read write delete", >>>>>> "revokeToken": "zzzzzzzzzzzzzzzzzzzzz"} >>>>>> >>>>>> >>>>>> Response >>>>>> >>>>>> { >>>>>> "accessToken": "aaaaaaaaaaaaaaaaaaaaaaaaa", >>>>>> "tokenScopes": "read write", >>>>>> "validityTime": 3600} >>>>>> >>>>>> >>>>>> >>>>>> [1] [APIM][C5] Splitting "Generate Keys" operation in Store REST API >>>>>> >>>>>> Thanks, >>>>>> -- >>>>>> *Bhathiya Jayasekara* >>>>>> *Associate Technical Lead,* >>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>> >>>>>> *Phone: +94715478185 <+94%2071%20547%208185>* >>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>> <https://twitter.com/bhathiyax>* >>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Malintha Amarasinghe >>>>> Software Engineer >>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>> http://wso2.com/ >>>>> >>>>> Mobile : +94 712383306 <+94%2071%20238%203306> >>>>> >>>> >>>> >>>> >>>> -- >>>> Harsha Kumara >>>> Software Engineer, WSO2 Inc. >>>> Mobile: +94775505618 <+94%2077%20550%205618> >>>> Blog:harshcreationz.blogspot.com >>>> >>> >>> >>> >>> -- >>> Malintha Amarasinghe >>> Software Engineer >>> *WSO2, Inc. - lean | enterprise | middleware* >>> http://wso2.com/ >>> >>> Mobile : +94 712383306 <+94%2071%20238%203306> >>> >> >> >> >> -- >> Regards, >> Uvindra >> >> Mobile: 777733962 >> > > > > -- > Nuwan Dias > > Software Architect - WSO2, Inc. http://wso2.com > email : [email protected] > Phone : +94 777 775 729 <077%20777%205729> > -- *Bhathiya Jayasekara* *Associate Technical Lead,* *WSO2 inc., http://wso2.com <http://wso2.com>* *Phone: +94715478185* *LinkedIn: http://www.linkedin.com/in/bhathiyaj <http://www.linkedin.com/in/bhathiyaj>* *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* *Blog: http://movingaheadblog.blogspot.com <http://movingaheadblog.blogspot.com/>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
