CloudServices/Sagrada/TokenServer: Difference between revisions

Jump to navigation Jump to search

CloudServices/Sagrada/TokenServer (view source)

Revision as of 21:54, 11 April 2012

1,773 bytes removed ,  11 April 2012
no edit summary
No edit summary
Line 22: Line 22:
* Needs to be a system that scales infinitely.
* Needs to be a system that scales infinitely.


= APIS v1.0 =  
= APIS =  


'''Unless stated otherwise, all APIs are using application/json for the requests and responses content types.'''
see http://docs.services.mozilla.com/token/apis.html


== GET /1.0/<app_name>/<app_version> ==
Asks for new token given some credentials in the Authorization header.
By default, the authentication scheme is Browser ID but other schemes can potentially be used if supported by the login server. '''app_name''' is the name of the application to access, like '''sync'''. '''app_version''' is the specific version number of the api that you want to access. The first /1.0/ in the URL defines the version of the sagrada token.
Example for Browser-Id:
 
<pre>
GET /1.0/sync/2.0
Host: token.services.mozilla.com
Authorization: Browser-ID <assertion>
</pre>
This API returns several values in a json mapping:
* '''oauth_consumer_key''' - a signed authorization token, containing the user's id and expiration
* '''oauth_consumer_secret''' - a secret derived from the shared secret
* '''service_entry''': a node url
Example:
<pre>
HTTP/1.1 200 OK
Content-Type: application/json
{'oauth_consumer_key': <token>,
'oauth_consumer_secret': <derived-secret>,
'service_entry': <node>,
}
</pre>
All errors are also returned as json responses, following the structure described in Cornice.
XXX need to document this in Cornice
Status codes and error codes:
* 404 : unknown URL (0), or unsupported application (1).
* 400 : malformed request - missing option or bad values(2) or malformed json (3) or unsupported authentication protocol (4)
* 401 : authentication failed or protocol not supported (5). The response in that case will contain WWW-Authenticate headers (one per supported scheme)
* 405 : unsupported method (6)
* 406 : unacceptable - the client asked for an Accept we don't support (7)
* 503 : service unavailable (ldap or snode backends may be down) (8)


= Proposed Design =
= Proposed Design =
Tarek.ziade
Confirmed users
927

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/419288"

Navigation menu