Versions Compared

Old Version 23

changes.mady.by.user Bruce Hoff

Saved on

compared with

New Version 24

changes.mady.by.user Bruce Hoff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
h1. API for Authentication and

...

API for Authentication

Create User

Code Block
 Authorization


h2. API for Authentication


h3. Create User
{code}
POST https://ssl.latest.deflaux-test.appspot.com/auth/v1/user
{"userId":"demouser", "password":"demouser-pw", "email":"demouser@sagebase.org", "firstName":"demo", "lastName":"user", "displayName":"Demo User"}

...

{code}


Successful Response:

...


{code
}
HTTP/1.1 201 Created

Update User

Code Block

{code}


h3. Update User

{code}
PUT https://ssl.latest.deflaux-test.appspot.com/auth/v1/user
{"userId":"demouser", "password":"demouser-pw", "email":"demouser@sagebase.org", "firstName":"demo", "lastName":"user", "displayName":"Demo User"}
{code}


Successful Response:

...


{code
}
HTTP/1.1 200 OK

...


{code}



h3. Send Change-Password Email

...


{code
}
POST https://ssl.latest.deflaux-test.appspot.com/auth/v1/userPasswordEmail
{"userId":"demouser"}
{code}


Successful Response:

...


{code
}
HTTP/1.1 204 NO CONTENT

...


{code}

h3. Initiate Session (Login)

...



Request:

...



{code
}
POST https://ssl.latest.deflaux-test.appspot.com/auth/v1/session
{"userId":"demouser", "password":"demouser-pw"}

...

{code}


Successful Response:

...


{code
}
HTTP/1.1 201 Created
Content-Type: application/json
{"displayName":"Demo User","sessionToken":"AYcOhWIm9NdOC6BdzzzisQ00"}
{code}

Error Response, if the user authentication details are incorrect:

...


{code
}
HTTP/1.1 400 Bad Request
AuthenticationURL: https://ssl.latest.deflaux-test.appspot.com/auth/v1/session
Content-Type: application/json
{"reason":"Unable to authenticate."}
{code}




Session token is valid for a period of time, currently set to 24 hours

...

.



h3. Refresh Token (reset timer)

...



Request:

...



{code
}
PUT https://ssl.latest.deflaux-test.appspot.com/auth/v1/session
{"sessionToken":"AYcOhWIm9NdOC6BdzzzisQ00"}
{code}


Successful Response:

...


{code
}
HTTP/1.1 200 OK
{code}

Error Response, if the session token is invalid:

...


{code
}
HTTP/1.1 404 Not Found
{"reason":"Unable to validate session."}
{code}

h3. Terminate Session (Logout)

...



NOTE:

...

  _This doesn't work when deployed on AppEngine.

...

  Will retest once we make the transition to another platform.

...

_


Request:

...



{code
}
DELETE https://ssl.latest.deflaux-test.appspot.com/auth/v1/session
{"sessionToken":"AYcOhWIm9NdOC6BdzzzisQ00"}
{code}


Response:

...



{code
}
HTTP/1.1 204 NO CONTENT

...


{code}



h2. Sample commands, issued from cURL:

...



Create User:

...


curl \-k \-H "Content-Type:application/json" \-H "Accept:application/json" \-d "\{\"userId\":\"NEWuser\", \"password\":\"demouser-pw\", \"email\":\"demouser@sagebase.org\", \"firstName\":\"demo\", \"lastName\":\"user\", \"displayName\":\"Demo User\"}" \-X POST [https://ssl.latest.deflaux-test.appspot.com/auth/v1/user

...

]



Update User:

...


curl \-k \-H "Content-Type:application/json" \-H "Accept:application/json" \-d "\{\"userId\":\"NEWuser\", \"password\":\"NEWdemouser-pw\", \"email\":\"demouser@sagebase.org\", \"firstName\":\"NEWdemo\", \"lastName\":\"NEWuser\", \"displayName\":\"NEWDemo User\"}" \-X PUT [https://ssl.latest.deflaux-test.appspot.com/auth/v1/user

...

]






Send Change Password Email:
curl \-k \-H "Content-Type:application/json" \-H "Accept:application/json" \-d "\{\"userId\":\"demouser\"}" \-X POST [https://ssl.latest.deflaux-test.appspot.com/auth/v1/userPasswordEmail

...

]







Login:

...


curl \-k \-H "Content-Type:application/json" \-H "Accept:application/json" \-d "\{\"userId\":\"demouser\", \"password\":\"demouser-pw\"}" \-X POST [https://ssl.latest.deflaux-test.appspot.com/auth/v1/session]

Refresh session token:

curl \-k \-H "Content-Type:application/json" \-H "Accept:application/json" \-d "{\"sessionToken\":\"QYNoamrOKK0dBhjZOFfbAg00\"}" \-X PUT https://ssl.latest.deflaux-test.appspot.com/auth/v1/session

...








Logout:

...


curl \-k \-H "Content-Type:application/json" \-H "Accept:application/json" \-d "\{\"sessionToken\":\"QYNoamrOKK0dBhjZOFfbAg00\"}" \-X DELETE [https://ssl.latest.deflaux-test.appspot.com/auth/v1/session

...

]






Access repository services anonymously:
curl \-H Accept:application/json [http://localhost:8080/repo/v1/dataset/test

...

]






Access repository services with session token (obtained by logging in):
curl \-H Accept:application/json \-H sessionToken:AprxPRzpmaPm7FXzV1ik0w00 [http://localhost:8080/repo/v1/dataset/test

...

Authentication of Requests to Platform

Requests shall include a header named "sessionToken" whose value is that returned by the Initiate Session request, above.  (The session will timeout eventually, with a nominal duration of 30 min.)

For requests that fail to be authenticated the response will include the headers:

...

]\\




h3. Authentication of Requests to Platform

Requests shall include a header named "sessionToken" whose value is that returned by the Initiate Session request, above.  (The session will timeout eventually, with a nominal duration of 30 min.)

For requests that fail to be authenticated the response will include the headers:

WWW-Authenticate: authenticate Crowd
Crowd-Authentication-Service: [https://ssl.latest.deflaux-test.appspot.com/auth/v1/session|https://ssl.latest.deflaux-test.appspot.com/auth/v1/session

...

and a plain text body:  "The token provided was invalid or expired."

API for Authorization

]








and a plain text body:  "The token provided was invalid or expired."

h2. API for Authorization

TBD