github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Updated Api (markdown)

master
jricher 2013-04-26 11:44:29 -07:00
parent 1535b77fc3
commit 588f7e608a
1 changed files with 75 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
Api.md

@ -4,7 +4,7 @@ The API may be accessed through an active web session within the application (ie
## Clients
Manages all registered clients on the system, both statically and dynamically registered.
Manages all registered clients on the system, both statically and dynamically registered. Note that in this API's data model, the **id** field is distinct from the **clientId** field used in OAuth. This is a deliberate distinction to allow the **clientId** to be edited through the API.
Endpoint: **`/api/clients`**
@ -16,7 +16,6 @@ Get a list of all clients on the system, returns results in `application/json`.
```
[
{
"id": 1,
"clientId": "client",
@ -75,14 +74,12 @@ Get a list of all clients on the system, returns results in `application/json`.
"idTokenValiditySeconds": 600,
"createdAt": null
}
]
```
*Note:* This method will return different information depending on whether or not the authorized user is an administrator. A non-administrator will get a limited set of information back:
```
[
{
"id": 1,
"clientId": "client",
@ -109,7 +106,6 @@ Create a new client on the system. Message body is an `application/json` object
```
{
"id": 1,
"clientId": "client",
"clientSecret": "secret",
"redirectUris": [
@ -361,7 +357,6 @@ Get a list of all whitelists on the system, returns results in `application/json
```
[
{
"id": 1,
"creatorUserId": "jricher",
@ -372,7 +367,6 @@ Get a list of all whitelists on the system, returns results in `application/json
"profile"
]
}
]
```
@ -384,7 +378,6 @@ Create a new whitelist on the system. Message body is an `application/json` obje
```
{
"id": 1,
"creatorUserId": "jricher",
"clientId": "client",
"allowedScopes": [
@ -447,8 +440,82 @@ Deletes the whitelist with the {id} in the URL.
Returns HTTP 200 with an empty page on success.
## Blacklists
Blacklist entries allow an administrator to determine which URLs may not be used as redirect URIs for any clients, either dynamically or statically registered.
Endpoint: **`/api/blacklist`**
### GET /api/blacklist
_Requires **ROLE_USER** or **ROLE_ADMIN** access._
Get a list of all blacklists on the system, returns results in `application/json`.
```
[
{
"id": 1,
"uri": "http://baddomain.com/"
},
{
"id": 2,
"uri": "http://evil.biz/"
}
]
```
### POST /api/blacklist
_Requires **ROLE_ADMIN** access._
Create a new blacklist on the system. Message body is an `application/json` object with all information:
```
{
"uri": "http://baddomain.com/"
}
```
The server will return an updated copy of the object in `application/json` format as described under **GET /api/blacklist/{id}** on success.
### GET /api/blacklist/{id}
_Requires **ROLE_USER** or **ROLE_ADMIN** access._
Get information about a specific blacklist identified by {id} in the url, in `application/json` format.
For example, the call to `/api/blacklist/1` would return:
```
{
"uri": "http://baddomain.com/"
}
```
### PUT /api/blacklist/{id}
_Requires **ROLE_ADMIN** access._
Update the information for the blacklist identified by {id} in the URL. The request body must be `application/json` describing the entire blacklist object:
```
{
"uri": "http://baddomain.com/"
}
```
The server will return an updated copy of the object in `application/json` format as described under **GET /api/blacklist/{id}** on success.
### DELETE /api/blacklist/{id}
_Requires **ROLE_ADMIN** access._
Deletes the blacklist with the {id} in the URL.
Returns HTTP 200 with an empty page on success.
## System Scopes
## User Site Approvals