ungleich-otp/README.md

168 lines
2.4 KiB
Markdown
Raw Normal View History

2018-10-26 16:31:36 +00:00
# ungleich-otp
2018-10-26 17:22:17 +00:00
The ungleich OTP service that allows you access to the ungleich micro
service infrastructure.
We are using
- nameko for internal communication
- django for the DB + admin interface
2018-10-26 17:36:34 +00:00
## Status
In development, pre production.
2018-10-26 17:22:17 +00:00
## Usage: WEB
- No user interface (UI) supported (?)
-> idea is to keep flow logic in ungleich-dynamicweb
2018-10-26 17:45:36 +00:00
## Usage: BUS
### RPC: verify(appid, token, appidtoverify, tokentoverify)
Verify whether the requesting app is authenticated. This is only
allowed to be used for trusted appids.
2018-10-26 17:48:15 +00:00
Returns a JSON object:
Either
```
{
status: "OK",
}
```
OR
```
{
status: "FAIL",
}
```
2018-10-26 17:45:36 +00:00
### POST: /verify
Not sure if this one will be publicly available.
2018-10-26 17:48:15 +00:00
Request JSON object:
2018-10-26 17:45:36 +00:00
```
{
version: "1",
appid: "your-app-uuid",
token: "current time based token",
appidtoverify: "appid that wants to be authenticated",
tokentoverify: "current time based token of appidtoverify",
}
```
2018-10-26 17:48:15 +00:00
Response JSON object:
Either
```
{
status: "OK",
}
```
OR
```
{
status: "FAIL",
}
```
2018-10-26 17:45:36 +00:00
## Usage: REST
2018-10-26 17:22:17 +00:00
- Use an existing token to connect to the service
- All REST based messages: JSON
### POST /app/register
Register a new app. Returns an app ID.
2018-10-26 17:31:18 +00:00
Request JSON object:
{
2018-10-26 17:34:17 +00:00
version: "1",
2018-10-26 17:31:18 +00:00
appid: "your-app-uuid",
2018-10-26 17:34:17 +00:00
token: "current time based token",
username: "user this app belongs to",
appname: "name of your web app"
2018-10-26 17:31:18 +00:00
}
Response JSON object:
{
appid: "UUID of your app",
}
2018-10-26 17:22:17 +00:00
### GET /app
List all registered apps for the current user.
2018-10-26 17:31:18 +00:00
Request JSON object:
{
2018-10-26 17:34:17 +00:00
version: "1",
2018-10-26 17:31:18 +00:00
appid: "your-app-uuid",
token: "current time based token"
}
Response JSON object:
2018-10-26 17:22:17 +00:00
2018-10-26 17:31:18 +00:00
[
{
name: "name of your web app"
appid: "UUID of your app",
},
{
name: "name of your second web app"
appid: "UUID of your second app",
}
]
### GET /app/UUID
2018-10-26 17:22:17 +00:00
Get seed for APP to be used as a token
2018-10-26 17:31:18 +00:00
Request JSON object:
{
2018-10-26 17:34:17 +00:00
version: "1",
2018-10-26 17:31:18 +00:00
appid: "your-app-uuid",
token: "current time based token"
}
Response JSON object:
{
seed: "seed of your app"
}
2018-10-26 17:22:17 +00:00
2018-10-26 17:45:36 +00:00
2018-10-26 17:22:17 +00:00
## Usage: OTP
The seeds that you receive can be used for TOTP to authenticate your
apps.
## Database
The database saves a list of appids with their seeds and the user
assignments as well as whether the appid might use the BUS interface.
Fields:
- appname (name chosen by the user)
- appid (a random UUID)
- seed (a random base32 string)
- username (who this appid belongs to)
- trusted (boolean, whether app is allowed to use the BUS)