Changes between Version 1 and Version 2 of NewTestbedAPISpec


Ignore:
Timestamp:
Jun 26, 2013 5:47:20 PM (11 years ago)
Author:
faber
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • NewTestbedAPISpec

    v1 v2  
    1919The API is implemented using the axis web service framework, which means that javadocs are provided for the various calls.
    2020
     21Each service and call are accessed by appending servicename/operation to the base URL of the API server.  On DETERlab the base URL will be https://api.isi.deterlabnet:52323/axis2/service.  For example, one can access the getVersion operation below at https://api.isi.deterlabnet:52323/axis2/service/ApiInfo/getVersion
     22
     23Each operation returns useful parameters on success and throws a fault, called a DeterFault, on an error.  Faults are standard SOAP faults with a detail section that includes the following fields:
     24
     25 * ErrorCode - a 32-bit integer encoding the type of error.  Constants are available in the [http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/api/DeterFault.html javadoc for DeterFault].  Values are:
     26   * access - access denied
     27   * request - bad request
     28   * internal - internal server error
     29 * ErrorString - a string describing the broad error
     30 * DetailString - a string describing the details that caused the error
     31
     32The {{{ErrorString}}} and {{{ErrorCode}}} are equivalent, but the information in the {{{DetailString}}} is generally more informative about the specifics.  Request or access errors are generally correctable on the client side while internal errors are not.
     33
     34[http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/api/DeterFault.html javadoc for DeterFault]
     35
    2136== ApiInfo ==
    2237
    2338The ApiInfo service provides metadata about the running DETER API.  It also provides a simple check that a user is presenting authentication credentials correctly.
    2439
    25 The sole call in the ApiInfo service is {{{getVersion}}}, available at https://api.isi.deterlab.net:52323/axis2/services/ApiInfo/getVersion .  It takes no arguments and returns
     40[http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/api/ApiInfo.html javadoc for ApiInfo]
    2641
    27  Version::
    28   A string containing the API version number
    29  PatchLevel::
    30   A string containing the patch level
    31  KeyID::
    32   A string.  If the user presented a valid public key and passed the challenge, this is the sha1 hash of that key.  If no key was presented or an invalid one, this filed is not returned.
     42The sole operation in the ApiInfo service is {{{getVersion}}}.  The call is unauthenticated and can be made driectly from a web browser to confirm that the API is functioning and that the user can see DETERlab.
    3343
    34 [http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/api/ApiInfo.html javadoc]
     44 * '''Service:''' ApiInfo
     45 * '''Operation:''' getVersion
     46 * '''Input Parameters:'''
     47   * None
     48 * '''Return Values:'''
     49   * Version - A string containing the API version number
     50   * PatchLevel - A string containing the patch level
     51   * KeyID - A string.  If the user presented a valid public key and passed the challenge, this is the sha1 hash of that key.  If no key was presented or an invalid one, this filed is not returned.
    3552
    3653== Users ==
     
    3855The Users API is concerned with managing users and their profiles as well as authenticating to the testbed and receiving a client certificate for later calls.
    3956
     57[http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/api/Users.html javadoc for Users]
     58
     59A user can authenticate to the testbed and receive a short-lived client x.509 certificate by requesting a challenge using the {{{requestChallenge}}} operation and responding to the challenge via the {{{challengeResponse}}} operation.
     60
     61Currently only one challenge type is defined.  The challenge is an array of bytes and the response is return an SHA1 HMAC of that string keyed by the user's password.
     62
     63 * '''Service:''' Users
     64 * '''Operation:''' requestChallenge
     65 * '''Input Parameters:'''
     66   * userid - the identity to authenticate
     67 * '''Return Values:'''
     68   * Type - the kind of challenge
     69   * Data - the data needed for the challenge
     70   * Validity - number of seconds the challenge may be responded to
     71   * ChallengeID - a 64-bit identifier that allows the server to validate the reply
     72
     73 * '''Service:''' Users
     74 * '''Operation:''' challengeResponse
     75 * '''Input Parameters:'''
     76  * ResponseData - a binary string, the response to the challenge
     77  * ChallengeID - The 64-bit identifier of the challenge being responded to
     78 * '''Return Values''':
     79  * Certificate - a binary string containing a PEM-encoded X.509 certificate and private key. (Passed down the encrypted connection)
     80
     81
     82
     83