HI,
On Thu, Jun 29, 2017 at 2:16 PM, Bhathiya Jayasekara <[email protected]>
wrote:
> Hi all,
>
> This is about caching and concurrency control headers (if-match,
> if-none-match, if-modified-since, if-unmodified-since).
>
> Since OAuth apps can be modified from IS side as well, I think we can't
> use caching and concurrency control headers for above responses. So, is it
> ok to drop them from API definition?
>
I too think we need to drop it for the moment. If they can be modified on
IS side, we will have to verify the ETag header from IS and IS should also
support that. We will not be able to save the IS call even if we support
ETag for GET since we need to verify the ETag from IS. So in terms of GET,
we will not get any significant performance gain. However, we won't be able
to disallow concurent updates if we drop ETag support. If that is not
critical, I think we can drop ETag support.
> Since we're currently sending these key information in *GET
> /applications/{app_id}* request as well, having those headers in here
> might be a problem too. WDYT?
>
Yes IMO too, if we do not support ETags for keys, we will have to remove
them from *GET /applications/{app_id}* request as well as it includes app
keys.
Thanks!
Malintha
>
> Thanks,
> Bhathiya
>
> On Thu, Jun 29, 2017 at 1:15 PM, Malintha Amarasinghe <[email protected]>
> wrote:
>
>> Yeah +1 to make it /generate-token
>>
>> On Thu, Jun 29, 2017 at 12:49 PM, Bhathiya Jayasekara <[email protected]>
>> wrote:
>>
>>> yes, +1.
>>>
>>> On Thu, Jun 29, 2017 at 12:47 PM, Nuwan Dias <[email protected]> wrote:
>>>
>>>> /generate-tokens should be /generate-token right? Because we're just
>>>> generating 1 token.
>>>>
>>>> On Thu, Jun 29, 2017 at 12:29 PM, Uvindra Dias Jayasinha <
>>>> [email protected]> wrote:
>>>>
>>>>> +1, looks good
>>>>>
>>>>> On 29 June 2017 at 12:27, Malintha Amarasinghe <[email protected]>
>>>>> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Jun 29, 2017 at 12:20 PM, Harsha Kumara <[email protected]>
>>>>>> wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Jun 29, 2017 at 11:43 AM, Malintha Amarasinghe <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>> Bhathiya and I had a discussion about this and came up with the
>>>>>>>> below approach regarding POST /provide-keys.
>>>>>>>>
>>>>>>>> 1.Creates a new resource in /keys collection providing the key type.
>>>>>>>> (Similar to semi-manual client registration).
>>>>>>>>
>>>>>>>> POST /applications/{applicationId}/keys
>>>>>>>>
>>>>>>>> *Request:*
>>>>>>>>
>>>>>>>> POST /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "keyType": "PRODUCTION"
>>>>>>>> }
>>>>>>>>
>>>>>>>> *Response*
>>>>>>>>
>>>>>>>> HTTP/1.1 201 CREATED
>>>>>>>> Location: https://localhost:9292/api/am/
>>>>>>>> store/v1/applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/k
>>>>>>>> eys/PRODUCTION
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "supportedGrantTypes": [
>>>>>>>> "client-credentials", "password"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>>> "keyType": "PRODUCTION"
>>>>>>>> }
>>>>>>>>
>>>>>>>> Seems we are thinking keyType as a resource. We will need to add a
>>>>>>> validation for keyType at implementation layer. +1 for the approach.
>>>>>>>
>>>>>> Yeah we will need a validation since the only allowed key types are
>>>>>> PRODUCTION and SANDBOX.
>>>>>>
>>>>>>>
>>>>>>>> 2. Get all keys
>>>>>>>>
>>>>>>>> GET /applications/{applicationId}/keys
>>>>>>>>
>>>>>>>>
>>>>>>>> *Request:*
>>>>>>>>
>>>>>>>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys
>>>>>>>>
>>>>>>>>
>>>>>>>> *Response:*
>>>>>>>>
>>>>>>>> HTTP/1.1 200 OK
>>>>>>>> {
>>>>>>>> "count": 2,
>>>>>>>> "items": [
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "supportedGrantTypes": [
>>>>>>>> "client-credentials", "password"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>>> "keyType": "PRODUCTION"
>>>>>>>> },
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "supportedGrantTypes": [
>>>>>>>> "client-credentials", "password"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>>> "keyType": "SANDBOX"
>>>>>>>> }
>>>>>>>>
>>>>>>>> ]
>>>>>>>> }
>>>>>>>>
>>>>>>>>
>>>>>>>> 3. Get a single key detail
>>>>>>>>
>>>>>>>> GET /applications/{applicationId}/keys/{keyType}
>>>>>>>>
>>>>>>>> *Request*
>>>>>>>>
>>>>>>>> GET /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION
>>>>>>>>
>>>>>>>>
>>>>>>>> *Response*
>>>>>>>>
>>>>>>>> HTTP/1.1 200 OK
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "supportedGrantTypes": [
>>>>>>>> "client-credentials", "password"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>>> "keyType": "PRODUCTION"
>>>>>>>> }
>>>>>>>>
>>>>>>>> 4. Update a key
>>>>>>>>
>>>>>>>> PUT /applications/{applicationId}/keys/{keyType}
>>>>>>>>
>>>>>>>> *We will only allow updating supported grant types and callback
>>>>>>>> URLs for individual keys.*
>>>>>>>>
>>>>>>>> *Request*
>>>>>>>>
>>>>>>>> PUT /applications/876f8fd8-269a-41db-b1cf-e4efe8a8426d/keys/PRODUCTION
>>>>>>>>
>>>>>>>>
>>>>>>>> {
>>>>>>>> "supportedGrantTypes": [
>>>>>>>> "client-credentials"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback-updated";,
>>>>>>>> }
>>>>>>>>
>>>>>>>> *Response:*
>>>>>>>>
>>>>>>>> HTTP/1.1 200 OK
>>>>>>>>
>>>>>>>> {
>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>> "supportedGrantTypes": [
>>>>>>>> "client-credentials"
>>>>>>>> ],
>>>>>>>> "callbackUrl": "http://localhost/callback-updated";,
>>>>>>>> "keyType": "PRODUCTION"
>>>>>>>> }
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Thanks
>>>>>>>> Malintha
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, Jun 28, 2017 at 1:37 PM, Bhathiya Jayasekara <
>>>>>>>> [email protected]> wrote:
>>>>>>>>
>>>>>>>>> Hi all,
>>>>>>>>>
>>>>>>>>> As discussed in [1], I split generate keys operation into 2, and
>>>>>>>>> added "provide-keys" operation for semi-manual client registration.
>>>>>>>>> Here is
>>>>>>>>> the final list with sample requests and responses.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> POST /applications/{applicationId}/generate-keys
>>>>>>>>>
>>>>>>>>> {
>>>>>>>>> "keyType": "PRODUCTION",
>>>>>>>>> "grantTypesToBeSupported": [
>>>>>>>>> "client-credentials", "password"
>>>>>>>>> ],
>>>>>>>>> "callbackUrl": "http://localhost/callback"}
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Response
>>>>>>>>>
>>>>>>>>> {
>>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>>> "supportedGrantTypes": [
>>>>>>>>> "client-credentials", "password"
>>>>>>>>> ],
>>>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>>>> "keyType": "PRODUCTION"}
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> POST /applications/{applicationId}/provide-keys
>>>>>>>>>
>>>>>>>>> {
>>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx",
>>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>>> "keyType": "PRODUCTION"}
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Response
>>>>>>>>>
>>>>>>>>> {
>>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>>>>>>>> "supportedGrantTypes": [
>>>>>>>>> "client-credentials", "password"
>>>>>>>>> ],
>>>>>>>>> "callbackUrl": "http://localhost/callback";,
>>>>>>>>> "keyType": "PRODUCTION"}
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> POST /applications/{applicationId}/generate-tokens
>>>>>>>>>
>>>>>>>>> {
>>>>>>>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxxx",
>>>>>>>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyyyyy",
>>>>>>>>> "validityPeriod": 3600,
>>>>>>>>> "scopes": "read write delete",
>>>>>>>>> "revokeToken": "zzzzzzzzzzzzzzzzzzzzz"}
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Response
>>>>>>>>>
>>>>>>>>> {
>>>>>>>>> "accessToken": "aaaaaaaaaaaaaaaaaaaaaaaaa",
>>>>>>>>> "tokenScopes": "read write",
>>>>>>>>> "validityTime": 3600}
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> [1] [APIM][C5] Splitting "Generate Keys" operation in Store REST
>>>>>>>>> API
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> --
>>>>>>>>> *Bhathiya Jayasekara*
>>>>>>>>> *Associate Technical Lead,*
>>>>>>>>> *WSO2 inc., http://wso2.com <http://wso2.com>*
>>>>>>>>>
>>>>>>>>> *Phone: +94715478185 <+94%2071%20547%208185>*
>>>>>>>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
>>>>>>>>> <http://www.linkedin.com/in/bhathiyaj>*
>>>>>>>>> *Twitter: https://twitter.com/bhathiyax
>>>>>>>>> <https://twitter.com/bhathiyax>*
>>>>>>>>> *Blog: http://movingaheadblog.blogspot.com
>>>>>>>>> <http://movingaheadblog.blogspot.com/>*
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Malintha Amarasinghe
>>>>>>>> Software Engineer
>>>>>>>> *WSO2, Inc. - lean | enterprise | middleware*
>>>>>>>> http://wso2.com/
>>>>>>>>
>>>>>>>> Mobile : +94 712383306 <+94%2071%20238%203306>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Harsha Kumara
>>>>>>> Software Engineer, WSO2 Inc.
>>>>>>> Mobile: +94775505618 <+94%2077%20550%205618>
>>>>>>> Blog:harshcreationz.blogspot.com
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Malintha Amarasinghe
>>>>>> Software Engineer
>>>>>> *WSO2, Inc. - lean | enterprise | middleware*
>>>>>> http://wso2.com/
>>>>>>
>>>>>> Mobile : +94 712383306 <+94%2071%20238%203306>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Regards,
>>>>> Uvindra
>>>>>
>>>>> Mobile: 777733962
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Nuwan Dias
>>>>
>>>> Software Architect - WSO2, Inc. http://wso2.com
>>>> email : [email protected]
>>>> Phone : +94 777 775 729 <077%20777%205729>
>>>>
>>>
>>>
>>>
>>> --
>>> *Bhathiya Jayasekara*
>>> *Associate Technical Lead,*
>>> *WSO2 inc., http://wso2.com <http://wso2.com>*
>>>
>>> *Phone: +94715478185 <+94%2071%20547%208185>*
>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
>>> <http://www.linkedin.com/in/bhathiyaj>*
>>> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>*
>>> *Blog: http://movingaheadblog.blogspot.com
>>> <http://movingaheadblog.blogspot.com/>*
>>>
>>
>>
>>
>> --
>> Malintha Amarasinghe
>> Software Engineer
>> *WSO2, Inc. - lean | enterprise | middleware*
>> http://wso2.com/
>>
>> Mobile : +94 712383306 <071%20238%203306>
>>
>
>
>
> --
> *Bhathiya Jayasekara*
> *Associate Technical Lead,*
> *WSO2 inc., http://wso2.com <http://wso2.com>*
>
> *Phone: +94715478185 <+94%2071%20547%208185>*
> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
> <http://www.linkedin.com/in/bhathiyaj>*
> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>*
> *Blog: http://movingaheadblog.blogspot.com
> <http://movingaheadblog.blogspot.com/>*
>
--
Malintha Amarasinghe
Software Engineer
*WSO2, Inc. - lean | enterprise | middleware*
http://wso2.com/
Mobile : +94 712383306
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
