Versions Compared

Old Version 4

changes.mady.by.user Rahul Kumar

Saved on

compared with

New Version 5

changes.mady.by.user Rahul Kumar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

There should be APIs to create, fetch get and verify the master key.

create API

...

nopaneltrue

...

it will be used to create a key with parameters channel, name and orgId. 

Approach to generate Key
  1. Create JWT token with data passed upon. A JWT token will be created using secret key and below data 
    1. channel
    2. createdBy
    3. createdOn
    4. name
    5. orgId
    6. expiresOn
  2. Custom generated time based key
key generation typepros

cons

JWTno need to store the key in DB
Custommethod is available so negligible time consumingkey needs to be stored in db


No Format
nopaneltrue
POST /v1/masterkey/create

Request body : 

{
	request : {
		"channel" : "sunbird", // channel name for which master key is generated
		"consumer" : "DikshaImplTeam", // consumer name who will use the key
		"orgId" : "01262366359399628812" // optional orgId to make the key org specific, default value is rootOrgId of channel
	}
}

Response body : (Success) 200

{
  "id": "api.masterkey.create",
  "ver": "v1",
  "ts": "2019-01-29 09:17:31:909+0000",
  "params": {
    "resmsgid": null,
    "msgid": "9db786d3-45c2-447d-b657-f9768da15652",
    "err": null,
    "status": "success",
    "errmsg": null
  },
  "responseCode": "OK",
  "result": {
		"key" : "1fb786d3-45c2-447d-b657-f9768da15348",
		"expiresOn":  604800
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjaGFubmVsIjoic3VuYmlyZCIsIm5hbWUiOiJEaWtzaGFJ bXBsVGVhbSIsImNyZWF0ZWRCeSI6MTUxNjIzOTAyMiwiY3JlYXRlZE9uIjoxNTE2MjM5MDIyLCJleHBpcmVzT24iOjE1MTYyNDkwMjIsIm9yZ0lkIjoiMjM0NTY1NDU2In0.Cs5-FW7OHip6njkQvMP6zpIVB5Q-xLLgz_jnYW3zPOw"
	}
}

Response body : (Error) 400

{
    "id": "api.masterkey.create",
    "ver": "v1",
    "ts": "2018-01-29 11:12:31:853+0000",
    "params": {
        "resmsgid": null,
        "msgid": "8e27cbf5-e299-43b0-bca7-8347f7e5abcf",
        "err": "KEY_EXISTS",
        "status": "KEY_EXISTS",
        "errmsg": "Key exists for given channel sunbird and consumer DikshaImplTeam"
    },
    "responseCode": "CLIENT_ERROR",
    "result": {
        }
}

...


Table Structure
master key generated
columntypedescription
channel*textprimary key consist user provide channel namekey
consumer*textprovided by user
orgIdtextprovided by user or root org id mapped with channel
createdbytextuser id who created the master key
createddatecreatedontimestampcreated time
In addition a TTL will be put on the entry for a set time configured in properties file
get API
...
nopaneltrue
...
expiresontimestampwhen the token will be expired
lastUpdatedBytextuser who updated the token
lastupdatedOntimestamptime when token was updated

Errors
status codeerror codeerror message
400INVALID_CHANNELChannel value is Invalid
400MANDATORY_PARAMETER_MISSINGMandatory parameter {channel, name} is missing.
400PARAMETER_MISMATCHMismatch of given parameters: channel, orgId.


get API
 No Format
nopaneltrue
POST /v1/masterkey/get

Request body : 

{
	request : {
		"channel" : "sunbird",
		"consumer" : "DikshaImplTeam"
	}
}


Response body : (Success) 200

{
  "id": "api.masterkey",
  "ver": "v1",
  "ts": "2019-01-29 09:17:31:909+0000",
  "params": {
    "resmsgid": null,
    "msgid": "9db786d3-45c2-447d-b657-f9768da15652",
    "vererr": "v1"null,
    "tsstatus": "2018-01-29 11:12:31:853+0000success",
    "paramserrmsg": {null
     },
  "resmsgidresponseCode": null"OK",
  "result":      "msgid"{
		"key" : "8e27cbf5-e299-43b0-bca7-8347f7e5abcf",
        "err": "KEY_NOT_EXISTS",
   eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjaGFubmVsIjoic3VuYmlyZCIsIm5hbWUiOiJEaWtzaGFJ bXBsVGVhbSIsImNyZWF0ZWRCeSI6MTUxNjIzOTAyMiwiY3JlYXRlZE9uIjoxNTE2MjM5MDIyLCJleHBpcmVzT24iOjE1MTYyNDkwMjIsIm9yZ0lkIjoiMjM0NTY1NDU2In0.Cs5-FW7OHip6njkQvMP6zpIVB5Q-xLLgz_jnYW3zPOw"
	}
}

Response body : (Error) 404

{
    "statusid": "KEY_NOT_EXISTSapi.masterkey",
    "ver": "v1",
    "errmsgts": "Key does not exists for given channel sunbird"
2018-01-29 11:12:31:853+0000",
    "params": {
   },     "responseCoderesmsgid": "RESOURCE_NOT_FOUND",null,
        "resultmsgid": {"8e27cbf5-e299-43b0-bca7-8347f7e5abcf",
        }
}
verify API
 No Format
nopaneltrue
POST /v1/masterkey/verify

Request body : 

{
	request : {
		"channel" : "sunbird",
		"key" : "1fb786d3-45c2-447d-b657-f9768da15348"
	}
}

Response body : (Success) 200

{
  "id": "api.masterkey.verify",
  "ver": "v1",
  "ts": "2019-01-29 09:17:31:909+0000",
  "params": {
    "resmsgid": null,
    "msgid": "9db786d3-45c2-447d-b657-f9768da15652",
    "err": null,
    "status": "success",
    "errmsg": null
  },
  "responseCode": "OK",
  "result": {
	}
}

Response body : (Error) 400

{
    "id": "api.masterkey.create""err": "KEY_NOT_EXISTS",
        "status": "KEY_NOT_EXISTS",
        "errmsg": "Key does not exists for given channel sunbird"
    },
    "responseCode": "RESOURCE_NOT_FOUND",
    "result": {
        }
}

verify API
 No Format
nopaneltrue
POST /v1/masterkey/verify

Request body : 

{
	request : {
		"key" : "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjaGFubmVsIjoic3VuYmlyZCIsIm5hbWUiOiJEaWtzaGFJ bXBsVGVhbSIsImNyZWF0ZWRCeSI6MTUxNjIzOTAyMiwiY3JlYXRlZE9uIjoxNTE2MjM5MDIyLCJleHBpcmVzT24iOjE1MTYyNDkwMjIsIm9yZ0lkIjoiMjM0NTY1NDU2In0.Cs5-FW7OHip6njkQvMP6zpIVB5Q-xLLgz_jnYW3zPOw"
	}
}

Response body : (Success) 200

{
  "id": "api.masterkey.verify",
  "ver": "v1",
  "ts": "2019-01-29 09:17:31:909+0000",
  "params": {
    "resmsgid": null,
    "msgid": "9db786d3-45c2-447d-b657-f9768da15652",
    "err": null,
    "verstatus": "v1success",
    "tserrmsg": "2018-01-29 11:12:31:853+0000",
 null
  },
  "paramsresponseCode": {"OK",
  "result": {
    		"resmsgidchannel": null"sunbird",
  		"consumer": "DikshaImplTeam",
    		"msgidcreatedBy": "8e27cbf500dd6646-e299be73-43b04fb0-bca7b676-8347f7e5abcfccd01bda085e",
        "err": "INVALID_KEY"		"createdOn":1516239022,
        "status": "KEY_NOT_EXISTS"		"expiresOn":1516249025,
        "errmsg		"orgId": "01262366359399628812"Provided
key	}
for}
channel
sunbirdResponse isbody invalid": (Error) 400

{
},     "responseCodeid": "CLIENT_ERRORapi.masterkey.create",
    "resultver": {"v1",
        }
}


approach 2:
Previous approach is configured to create a master key only based on channel. This can be modified to create a master key based on organisation too. The changes we will have is we can pass type in the request too. The generated key will be stored with type and value as (channel, abc) or (orgId, "org01") 
 No Format
nopaneltrue
Request body : 

{
	request : {
		"value" : "sunbird", 
		"type" : "channel"  //channel or orgId
	}
}
get API will be modified to include the type
GET /v1/masterkey/{type}/{value}
The verify API will include additional type parameter
 No Format
nopaneltrue
{
	request : {
		"value" : "sunbird",
		"type" : "channel",
		"key" : "1fb786d3-45c2-447d-b657-f9768da15348"
	}
}
This also means that table will have another column "type" and it will be used to fetch key accordingly.
Other behavior remains same
approach 3:
...
"ts": "2018-01-29 11:12:31:853+0000",
    "params": {
        "resmsgid": null,
        "msgid": "8e27cbf5-e299-43b0-bca7-8347f7e5abcf",
        "err": "INVALID_KEY",
        "status": "INVALID_KEY",
        "errmsg": "Provided key for channel sunbird is invalid"
    },
    "responseCode": "CLIENT_ERROR",
    "result": {
        }
}




approach 2:
In previous approach we are considering a master key which will be expired after certain duration. But it can be modified to include a refresh token which can be used to generate a new master key.  Note that refresh token has it's own expiry, post that it requires to create a new master key and refresh token by create API call.
...
 No Format
nopaneltrue
{
  "id": "api.masterkey.create",
  "ver": "v1",
  "ts": "2019-01-29 11:18:31:909+0000",
  "params": {
    "resmsgid": null,
    "msgid": "9db786d3-45c2-447d-b657-f9769da15652",
    "err": null,
    "status": "success",
    "errmsg": null
  },
  "responseCode": "OK",
  "result": {
		"key" : "3gh686e3-45c2-447d-b657-b3364da84351",
		"expiresOn":  30,
		"refreshToken": "3ab586d3-45c2-447d-b657-g9768da13730"
	}
}

Response for expired key : (Error) 400

{
    "id": "api.masterkey.create",
    "ver": "v1",
    "ts": "2018-01-29 11:21:31:853+0000",
    "params": {
        "resmsgid": null,
        "msgid": "8e27cbf5-e299-43b0-bca7-8347f7e5abcf",
        "err": "INVALID_KEY",
        "status": "INVALID_KEY",
        "errmsg": "Either the key doesn't exists or it has been expired"
    },
    "responseCode": "CLIENT_ERROR",
    "result": {
        }
}


Table structure
columntypedescription
channeltextprimary key as channel name
keytextmaster key generated
refresh_tokentextrefresh token generated
key_expirytimestamptime when current master key will be expired
createdbytextuser id of the user who created the entry
createdontimestamptime when entry was created