Problem Statement
Currently content update is done by the user who created it which creates problem and is complex in scenarios where an admin want to update content by retired user. There should be an easy way to allow users to update content at the same time it should have authentication.
Solution ApproachÂ
There should be a way to allow certain operations and for that we need to maintain master keys. These master keys would be created and stored through API by admin and would be used by anyone to bypass the current authentication mechanism which restricts some flow.
There should be APIs to create, fetch and verify the master key.
create API
No Format | ||
---|---|---|
| ||
POST /v1/masterkey/create
Request body :
{
request : {
"channel" : "sunbird"
}
}
Response body : (Success) 200
{
"id": "api.masterkey.create",
"ver": "v1",
"ts": "2019-01-29 09:17:31:909+0000",
"params": {
"resmsgid": null,
"msgid": "9db786d3-45c2-447d-b657-f9768da15652",
"err": null,
"status": "success",
"errmsg": null
},
"responseCode": "OK",
"result": {
"key" : "1fb786d3-45c2-447d-b657-f9768da15348",
"expiresOn": 604800
}
}
Response body : (Error) 400
{
"id": "api.masterkey.create",
"ver": "v1",
"ts": "2018-01-29 11:12:31:853+0000",
"params": {
"resmsgid": null,
"msgid": "8e27cbf5-e299-43b0-bca7-8347f7e5abcf",
"err": "KEY_EXISTS",
"status": "KEY_EXISTS",
"errmsg": "Key exists for given channel sunbird"
},
"responseCode": "CLIENT_ERROR",
"result": {
}
} |
The key would be stored in DB with the argument passed
Table Structure
column | type | description |
---|---|---|
channel | text | primary key consist channel name |
key | text | master key generated |
createdby | text | user who created the master key |
createddate | timestamp | created time |
In addition a TTL will be put on the entry for a set time configured in properties file
get API
No Format | ||
---|---|---|
| ||
GET /v1/masterkey/{channel}
Response body : (Success) 200
{
"id": "api.masterkey",
"ver": "v1",
"ts": "2019-01-29 09:17:31:909+0000",
"params": {
"resmsgid": null,
"msgid": "9db786d3-45c2-447d-b657-f9768da15652",
"err": null,
"status": "success",
"errmsg": null
},
"responseCode": "OK",
"result": {
"key" : "1fb786d3-45c2-447d-b657-f9768da15348",
"expiresOn": 604800
}
}
Response body : (Error) 404
{
"id": "api.masterkey",
"ver": "v1",
"ts": "2018-01-29 11:12:31:853+0000",
"params": {
"resmsgid": null,
"msgid": "8e27cbf5-e299-43b0-bca7-8347f7e5abcf",
"err": "KEY_NOT_EXISTS",
"status": "KEY_NOT_EXISTS",
"errmsg": "Key does not exists for given channel sunbird"
},
"responseCode": "RESOURCE_NOT_FOUND",
"result": {
}
} |
verify API
No Format | ||
---|---|---|
| ||
POST /v1/masterkey/verify
Request body :
{
request : {
"channel" : "sunbird",
"key" : "1fb786d3-45c2-447d-b657-f9768da15348"
}
}
Response body : (Success) 200
{
"id": "api.masterkey.verify",
"ver": "v1",
"ts": "2019-01-29 09:17:31:909+0000",
"params": {
"resmsgid": null,
"msgid": "9db786d3-45c2-447d-b657-f9768da15652",
"err": null,
"status": "success",
"errmsg": null
},
"responseCode": "OK",
"result": {
}
}
Response body : (Error) 400
{
"id": "api.masterkey.create",
"ver": "v1",
"ts": "2018-01-29 11:12:31:853+0000",
"params": {
"resmsgid": null,
"msgid": "8e27cbf5-e299-43b0-bca7-8347f7e5abcf",
"err": "INVALID_KEY",
"status": "KEY_NOT_EXISTS",
"errmsg": "Provided key for channel sunbird is invalid"
},
"responseCode": "CLIENT_ERROR",
"result": {
}
}
|