# ungleich-otp The ungleich OTP service that allows you access to the ungleich micro service infrastructure. We are using - nameko for internal communication - django for the DB + admin interface ## Status In development, pre production. ## Usage: WEB - No user interface (UI) supported (?) -> idea is to keep flow logic in ungleich-dynamicweb ## Usage: BUS ### RPC: verify(appid, token, appidtoverify, tokentoverify) Verify whether the requesting app is authenticated. This is only allowed to be used for trusted appids. Returns a JSON object: Either ``` { status: "OK", } ``` OR ``` { status: "FAIL", } ``` ### POST: /verify Not sure if this one will be publicly available. Request JSON object: ``` { version: "1", appid: "your-app-uuid", token: "current time based token", appidtoverify: "appid that wants to be authenticated", tokentoverify: "current time based token of appidtoverify", } ``` Response JSON object: Either ``` { status: "OK", } ``` OR ``` { status: "FAIL", } ``` ## Usage: REST - Use an existing token to connect to the service - All REST based messages: JSON ### POST /app/register Register a new app. Returns an app ID. Request JSON object: { version: "1", appid: "your-app-uuid", token: "current time based token", username: "user this app belongs to", appname: "name of your web app" } Response JSON object: { appid: "UUID of your app", } ### GET /app List all registered apps for the current user. Request JSON object: { version: "1", appid: "your-app-uuid", token: "current time based token" } Response JSON object: [ { name: "name of your web app" appid: "UUID of your app", }, { name: "name of your second web app" appid: "UUID of your second app", } ] ### GET /app/UUID Get seed for APP to be used as a token Request JSON object: { version: "1", appid: "your-app-uuid", token: "current time based token" } Response JSON object: { seed: "seed of your app" } ## Usage: OTP The seeds that you receive can be used for TOTP to authenticate your apps. ## Database The database saves a list of appids with their seeds and the user assignments as well as whether the appid might use the BUS interface. Fields: - appname (name chosen by the user) - appid (a random UUID) - seed (a random base32 string) - username (who this appid belongs to) - trusted (boolean, whether app is allowed to use the BUS)