Hi all,
This is about caching and concurrency control headers (if-match,
if-none-match, if-modified-since, if-unmodified-since).
Since OAuth apps can be modified from IS side as well, I think we can't use
caching and concurrency control headers for above responses. So, is it ok
to drop them from API definition?
Since we're currently sending these key information in *GET
/applications/{app_id}* request as well, having those headers in here might
be a problem too. WDYT?
Thanks,
Bhathiya
On Thu, Jun 29, 2017 at 1:15 PM, Malintha Amarasinghe <[email protected]>
wrote:
> Yeah +1 to make it /generate-token
>
> On Thu, Jun 29, 2017 at 12:49 PM, Bhathiya Jayasekara <[email protected]>
> wrote:
>
>> yes, +1.
>>
>> On Thu, Jun 29, 2017 at 12:47 PM, Nuwan Dias <[email protected]> wrote:
>>
>>> /generate-tokens should be /generate-token right? Because we're just
>>> generating 1 token.
>>>
>>> On Thu, Jun 29, 2017 at 12:29 PM, Uvindra Dias Jayasinha <
>>> [email protected]> wrote:
>>>
>>>> +1, looks good
>>>>
>>>> On 29 June 2017 at 12:27, Malintha Amarasinghe <[email protected]>
>>>> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Thu, Jun 29, 2017 at 12:20 PM, Harsha Kumara <[email protected]>
>>>>> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Jun 29, 2017 at 11:43 AM, Malintha Amarasinghe <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Hi all,
>>>>>>>
>>>>>>> Bhathiya and I had a discussion about this and came up with the
>>>>>>> below approach regarding POST /provide-keys.
>>>>>>>
>>>>>>> 1.Creates a new resource in /keys collection providing the key type.
>>>>>>> (Similar to semi-manual client registration).
>>>>>>>
>>>>>>> POST /applications/{applicationId}/keys
>>>>>>>
>>>>>>> *Request:*
>>>>>>>
>>>>>>> POST /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys
>>>>>>>
>>>>>>> {
>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx",
>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>> "keyType": "PRODUCTION"
>>>>>>> }
>>>>>>>
>>>>>>> *Response*
>>>>>>>
>>>>>>> HTTP/1.1 201 CREATED
>>>>>>> Location: https://localhost:9292/api/am/
>>>>>>> store/v1/applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/k
>>>>>>> eys/PRODUCTION
>>>>>>>
>>>>>>> {
>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>> "supportedGrantTypes": [
>>>>>>> "client-credentials", "password"
>>>>>>> ],
>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>> "keyType": "PRODUCTION"
>>>>>>> }
>>>>>>>
>>>>>>> Seems we are thinking keyType as a resource. We will need to add a
>>>>>> validation for keyType at implementation layer. +1 for the approach.
>>>>>>
>>>>> Yeah we will need a validation since the only allowed key types are
>>>>> PRODUCTION and SANDBOX.
>>>>>
>>>>>>
>>>>>>> 2. Get all keys
>>>>>>>
>>>>>>> GET /applications/{applicationId}/keys
>>>>>>>
>>>>>>>
>>>>>>> *Request:*
>>>>>>>
>>>>>>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys
>>>>>>>
>>>>>>>
>>>>>>> *Response:*
>>>>>>>
>>>>>>> HTTP/1.1 200 OK
>>>>>>> {
>>>>>>> "count": 2,
>>>>>>> "items": [
>>>>>>>
>>>>>>> {
>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>> "supportedGrantTypes": [
>>>>>>> "client-credentials", "password"
>>>>>>> ],
>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>> "keyType": "PRODUCTION"
>>>>>>> },
>>>>>>>
>>>>>>> {
>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>> "supportedGrantTypes": [
>>>>>>> "client-credentials", "password"
>>>>>>> ],
>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>> "keyType": "SANDBOX"
>>>>>>> }
>>>>>>>
>>>>>>> ]
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>> 3. Get a single key detail
>>>>>>>
>>>>>>> GET /applications/{applicationId}/keys/{keyType}
>>>>>>>
>>>>>>> *Request*
>>>>>>>
>>>>>>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION
>>>>>>>
>>>>>>>
>>>>>>> *Response*
>>>>>>>
>>>>>>> HTTP/1.1 200 OK
>>>>>>>
>>>>>>> {
>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>> "supportedGrantTypes": [
>>>>>>> "client-credentials", "password"
>>>>>>> ],
>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>> "keyType": "PRODUCTION"
>>>>>>> }
>>>>>>>
>>>>>>> 4. Update a key
>>>>>>>
>>>>>>> PUT /applications/{applicationId}/keys/{keyType}
>>>>>>>
>>>>>>> *We will only allow updating supported grant types and callback URLs
>>>>>>> for individual keys.*
>>>>>>>
>>>>>>> *Request*
>>>>>>>
>>>>>>> PUT /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION
>>>>>>>
>>>>>>>
>>>>>>> {
>>>>>>> "supportedGrantTypes": [
>>>>>>> "client-credentials"
>>>>>>> ],
>>>>>>> "callbackUrl": "http://localhost/callback-updated";,
>>>>>>> }
>>>>>>>
>>>>>>> *Response:*
>>>>>>>
>>>>>>> HTTP/1.1 200 OK
>>>>>>>
>>>>>>> {
>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>> "supportedGrantTypes": [
>>>>>>> "client-credentials"
>>>>>>> ],
>>>>>>> "callbackUrl": "http://localhost/callback-updated";,
>>>>>>> "keyType": "PRODUCTION"
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Thanks
>>>>>>> Malintha
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Jun 28, 2017 at 1:37 PM, Bhathiya Jayasekara <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>> As discussed in [1], I split generate keys operation into 2, and
>>>>>>>> added "provide-keys" operation for semi-manual client registration.
>>>>>>>> Here is
>>>>>>>> the final list with sample requests and responses.
>>>>>>>>
>>>>>>>>
>>>>>>>> POST /applications/{applicationId}/generate-keys
>>>>>>>>
>>>>>>>> {
>>>>>>>> "keyType": "PRODUCTION",
>>>>>>>> "grantTypesToBeSupported": [
>>>>>>>> "client-credentials", "password"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback"}
>>>>>>>>
>>>>>>>>
>>>>>>>> Response
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "supportedGrantTypes": [
>>>>>>>> "client-credentials", "password"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>>> "keyType": "PRODUCTION"}
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> POST /applications/{applicationId}/provide-keys
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "keyType": "PRODUCTION"}
>>>>>>>>
>>>>>>>>
>>>>>>>> Response
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "supportedGrantTypes": [
>>>>>>>> "client-credentials", "password"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>>> "keyType": "PRODUCTION"}
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> POST /applications/{applicationId}/generate-tokens
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyyyyy",
>>>>>>>> "validityPeriod": 3600,
>>>>>>>> "scopes": "read write delete",
>>>>>>>> "revokeToken": "zzzzzzzzzzzzzzzzzzzzz"}
>>>>>>>>
>>>>>>>>
>>>>>>>> Response
>>>>>>>>
>>>>>>>> {
>>>>>>>> "accessToken": "aaaaaaaaaaaaaaaaaaaaaaaaa",
>>>>>>>> "tokenScopes": "read write",
>>>>>>>> "validityTime": 3600}
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> [1] [APIM][C5] Splitting "Generate Keys" operation in Store REST API
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> --
>>>>>>>> *Bhathiya Jayasekara*
>>>>>>>> *Associate Technical Lead,*
>>>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>*
>>>>>>>>
>>>>>>>> *Phone: +94715478185 <+94%2071%20547%208185>*
>>>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
>>>>>>>> <http://www.linkedin.com/in/bhathiyaj>*
>>>>>>>> *Twitter: https://twitter.com/bhathiyax
>>>>>>>> <https://twitter.com/bhathiyax>*
>>>>>>>> *Blog: http://movingaheadblog.blogspot.com
>>>>>>>> <http://movingaheadblog.blogspot.com/>*
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Malintha Amarasinghe
>>>>>>> Software Engineer
>>>>>>> *WSO2, Inc. - lean | enterprise | middleware*
>>>>>>> http://wso2.com/
>>>>>>>
>>>>>>> Mobile : +94 712383306 <+94%2071%20238%203306>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Harsha Kumara
>>>>>> Software Engineer, WSO2 Inc.
>>>>>> Mobile: +94775505618 <+94%2077%20550%205618>
>>>>>> Blog:harshcreationz.blogspot.com
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Malintha Amarasinghe
>>>>> Software Engineer
>>>>> *WSO2, Inc. - lean | enterprise | middleware*
>>>>> http://wso2.com/
>>>>>
>>>>> Mobile : +94 712383306 <+94%2071%20238%203306>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Regards,
>>>> Uvindra
>>>>
>>>> Mobile: 777733962
>>>>
>>>
>>>
>>>
>>> --
>>> Nuwan Dias
>>>
>>> Software Architect - WSO2, Inc. http://wso2.com
>>> email : [email protected]
>>> Phone : +94 777 775 729 <077%20777%205729>
>>>
>>
>>
>>
>> --
>> *Bhathiya Jayasekara*
>> *Associate Technical Lead,*
>> *WSO2 inc., http://wso2.com <http://wso2.com>*
>>
>> *Phone: +94715478185 <+94%2071%20547%208185>*
>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
>> <http://www.linkedin.com/in/bhathiyaj>*
>> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>*
>> *Blog: http://movingaheadblog.blogspot.com
>> <http://movingaheadblog.blogspot.com/>*
>>
>
>
>
> --
> Malintha Amarasinghe
> Software Engineer
> *WSO2, Inc. - lean | enterprise | middleware*
> http://wso2.com/
>
> Mobile : +94 712383306 <071%20238%203306>
>
--
*Bhathiya Jayasekara*
*Associate Technical Lead,*
*WSO2 inc., http://wso2.com <http://wso2.com>*
*Phone: +94715478185*
*LinkedIn: http://www.linkedin.com/in/bhathiyaj
<http://www.linkedin.com/in/bhathiyaj>*
*Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>*
*Blog: http://movingaheadblog.blogspot.com
<http://movingaheadblog.blogspot.com/>*
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
