Tharindu, IMO, we should extend key-manager interface for this implementation, because there could be instances where, some key managers does not support resource registrations OOB.
+1 for keep scopes in swagger. Regards Roshan. On Tue, Dec 5, 2017 at 7:15 AM, Tharindu Dharmarathna <[email protected]> wrote: > Hi All, > > We are going to develop Resource Registration Rest API for engaging Scope > for the resource. I had come up with below flow in order to do the above. > > > > In Above Diagram for Store Scopes, we can do below two ways. > > > 1. Store under swagger.json as security definition > 2. Store In database schema. > > If we are Storing in swagger we have following advantages and > disadvantages. > *Advantages* > > 1. The scope can easily manage as we can assign the scopes to a resource > inside the swagger. > > *Disadvantages*. > > 1. If we have lots of scopes for the API for getting the Details of the > scope we have to call the Resource Server Endpoint, therefore it may lead > to high network usage. > 2. Swagger given by user get changed by injecting our set of properties. > > I had come up with below set of resources to create scopes and assign > scopes > > > 1. /apis/{apiid}/scopes - post (add scope for api) > 2. /apis/{apiid}/scopes - get (get All the scopes for api) > 3. /apis/{apiid}/scopes/{name} - put update scope > 4. /apis/{apiid}/scopes/{name} - delete scope > 5. /apis/{apiid} - put (Apply scopes(add,update,delete) into resources) > 6. /apis/{apiid} - get (get scopes applied to a resources) > > Or We can do the below way as Reources are not consider as a sub resources > of the API > > > 1. /api1/{apiid} - (get,put) These two operations used to add > scope,update scope,delete scope,assign scopes to resources. > > > Please let us know your Ideas on this. > > Thanks > > *Tharindu Dharmarathna*Senior Software Engineer > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94779109091 <+94%2077%20910%209091>* > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
