Yeah +1 to make it /generate-token On Thu, Jun 29, 2017 at 12:49 PM, Bhathiya Jayasekara <[email protected]> wrote:
> yes, +1. > > On Thu, Jun 29, 2017 at 12:47 PM, Nuwan Dias <[email protected]> wrote: > >> /generate-tokens should be /generate-token right? Because we're just >> generating 1 token. >> >> On Thu, Jun 29, 2017 at 12:29 PM, Uvindra Dias Jayasinha < >> [email protected]> wrote: >> >>> +1, looks good >>> >>> On 29 June 2017 at 12:27, Malintha Amarasinghe <[email protected]> >>> wrote: >>> >>>> >>>> >>>> On Thu, Jun 29, 2017 at 12:20 PM, Harsha Kumara <[email protected]> >>>> wrote: >>>> >>>>> >>>>> >>>>> On Thu, Jun 29, 2017 at 11:43 AM, Malintha Amarasinghe < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> Bhathiya and I had a discussion about this and came up with the below >>>>>> approach regarding POST /provide-keys. >>>>>> >>>>>> 1.Creates a new resource in /keys collection providing the key type. >>>>>> (Similar to semi-manual client registration). >>>>>> >>>>>> POST /applications/{applicationId}/keys >>>>>> >>>>>> *Request:* >>>>>> >>>>>> POST /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "keyType": "PRODUCTION" >>>>>> } >>>>>> >>>>>> *Response* >>>>>> >>>>>> HTTP/1.1 201 CREATED >>>>>> Location: https://localhost:9292/api/am/ >>>>>> store/v1/applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/k >>>>>> eys/PRODUCTION >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "supportedGrantTypes": [ >>>>>> "client-credentials", "password" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback";, >>>>>> "keyType": "PRODUCTION" >>>>>> } >>>>>> >>>>>> Seems we are thinking keyType as a resource. We will need to add a >>>>> validation for keyType at implementation layer. +1 for the approach. >>>>> >>>> Yeah we will need a validation since the only allowed key types are >>>> PRODUCTION and SANDBOX. >>>> >>>>> >>>>>> 2. Get all keys >>>>>> >>>>>> GET /applications/{applicationId}/keys >>>>>> >>>>>> >>>>>> *Request:* >>>>>> >>>>>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys >>>>>> >>>>>> >>>>>> *Response:* >>>>>> >>>>>> HTTP/1.1 200 OK >>>>>> { >>>>>> "count": 2, >>>>>> "items": [ >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "supportedGrantTypes": [ >>>>>> "client-credentials", "password" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback";, >>>>>> "keyType": "PRODUCTION" >>>>>> }, >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "supportedGrantTypes": [ >>>>>> "client-credentials", "password" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback";, >>>>>> "keyType": "SANDBOX" >>>>>> } >>>>>> >>>>>> ] >>>>>> } >>>>>> >>>>>> >>>>>> 3. Get a single key detail >>>>>> >>>>>> GET /applications/{applicationId}/keys/{keyType} >>>>>> >>>>>> *Request* >>>>>> >>>>>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION >>>>>> >>>>>> >>>>>> *Response* >>>>>> >>>>>> HTTP/1.1 200 OK >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "supportedGrantTypes": [ >>>>>> "client-credentials", "password" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback";, >>>>>> "keyType": "PRODUCTION" >>>>>> } >>>>>> >>>>>> 4. Update a key >>>>>> >>>>>> PUT /applications/{applicationId}/keys/{keyType} >>>>>> >>>>>> *We will only allow updating supported grant types and callback URLs >>>>>> for individual keys.* >>>>>> >>>>>> *Request* >>>>>> >>>>>> PUT /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION >>>>>> >>>>>> >>>>>> { >>>>>> "supportedGrantTypes": [ >>>>>> "client-credentials" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback-updated";, >>>>>> } >>>>>> >>>>>> *Response:* >>>>>> >>>>>> HTTP/1.1 200 OK >>>>>> >>>>>> { >>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>> "supportedGrantTypes": [ >>>>>> "client-credentials" >>>>>> ], >>>>>> "callbackUrl": "http://localhost/callback-updated";, >>>>>> "keyType": "PRODUCTION" >>>>>> } >>>>>> >>>>>> >>>>>> >>>>>> Thanks >>>>>> Malintha >>>>>> >>>>>> >>>>>> >>>>>> On Wed, Jun 28, 2017 at 1:37 PM, Bhathiya Jayasekara < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi all, >>>>>>> >>>>>>> As discussed in [1], I split generate keys operation into 2, and >>>>>>> added "provide-keys" operation for semi-manual client registration. >>>>>>> Here is >>>>>>> the final list with sample requests and responses. >>>>>>> >>>>>>> >>>>>>> POST /applications/{applicationId}/generate-keys >>>>>>> >>>>>>> { >>>>>>> "keyType": "PRODUCTION", >>>>>>> "grantTypesToBeSupported": [ >>>>>>> "client-credentials", "password" >>>>>>> ], >>>>>>> "callbackUrl": "http://localhost/callback"} >>>>>>> >>>>>>> >>>>>>> Response >>>>>>> >>>>>>> { >>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>>> "supportedGrantTypes": [ >>>>>>> "client-credentials", "password" >>>>>>> ], >>>>>>> "callbackUrl": "http://localhost/callback";, >>>>>>> "keyType": "PRODUCTION"} >>>>>>> >>>>>>> >>>>>>> >>>>>>> POST /applications/{applicationId}/provide-keys >>>>>>> >>>>>>> { >>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx", >>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>>> "keyType": "PRODUCTION"} >>>>>>> >>>>>>> >>>>>>> Response >>>>>>> >>>>>>> { >>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx", >>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy", >>>>>>> "supportedGrantTypes": [ >>>>>>> "client-credentials", "password" >>>>>>> ], >>>>>>> "callbackUrl": "http://localhost/callback";, >>>>>>> "keyType": "PRODUCTION"} >>>>>>> >>>>>>> >>>>>>> >>>>>>> POST /applications/{applicationId}/generate-tokens >>>>>>> >>>>>>> { >>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxxx", >>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyyyyy", >>>>>>> "validityPeriod": 3600, >>>>>>> "scopes": "read write delete", >>>>>>> "revokeToken": "zzzzzzzzzzzzzzzzzzzzz"} >>>>>>> >>>>>>> >>>>>>> Response >>>>>>> >>>>>>> { >>>>>>> "accessToken": "aaaaaaaaaaaaaaaaaaaaaaaaa", >>>>>>> "tokenScopes": "read write", >>>>>>> "validityTime": 3600} >>>>>>> >>>>>>> >>>>>>> >>>>>>> [1] [APIM][C5] Splitting "Generate Keys" operation in Store REST API >>>>>>> >>>>>>> Thanks, >>>>>>> -- >>>>>>> *Bhathiya Jayasekara* >>>>>>> *Associate Technical Lead,* >>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>>>>>> >>>>>>> *Phone: +94715478185 <+94%2071%20547%208185>* >>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>>>>>> <http://www.linkedin.com/in/bhathiyaj>* >>>>>>> *Twitter: https://twitter.com/bhathiyax >>>>>>> <https://twitter.com/bhathiyax>* >>>>>>> *Blog: http://movingaheadblog.blogspot.com >>>>>>> <http://movingaheadblog.blogspot.com/>* >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Malintha Amarasinghe >>>>>> Software Engineer >>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>> http://wso2.com/ >>>>>> >>>>>> Mobile : +94 712383306 <+94%2071%20238%203306> >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Harsha Kumara >>>>> Software Engineer, WSO2 Inc. >>>>> Mobile: +94775505618 <+94%2077%20550%205618> >>>>> Blog:harshcreationz.blogspot.com >>>>> >>>> >>>> >>>> >>>> -- >>>> Malintha Amarasinghe >>>> Software Engineer >>>> *WSO2, Inc. - lean | enterprise | middleware* >>>> http://wso2.com/ >>>> >>>> Mobile : +94 712383306 <+94%2071%20238%203306> >>>> >>> >>> >>> >>> -- >>> Regards, >>> Uvindra >>> >>> Mobile: 777733962 >>> >> >> >> >> -- >> Nuwan Dias >> >> Software Architect - WSO2, Inc. http://wso2.com >> email : [email protected] >> Phone : +94 777 775 729 <077%20777%205729> >> > > > > -- > *Bhathiya Jayasekara* > *Associate Technical Lead,* > *WSO2 inc., http://wso2.com <http://wso2.com>* > > *Phone: +94715478185 <+94%2071%20547%208185>* > *LinkedIn: http://www.linkedin.com/in/bhathiyaj > <http://www.linkedin.com/in/bhathiyaj>* > *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* > *Blog: http://movingaheadblog.blogspot.com > <http://movingaheadblog.blogspot.com/>* > -- Malintha Amarasinghe Software Engineer *WSO2, Inc. - lean | enterprise | middleware* http://wso2.com/ Mobile : +94 712383306
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
