Difference between revisions of "Protocols/WebAPI/Auth/Client/client2web"
Jump to navigation
Jump to search
| Line 3: | Line 3: | ||
This page is about the client2Web method for [[Protocols/WebAPI/Auth|WebAPI authentication]]. | This page is about the client2Web method for [[Protocols/WebAPI/Auth|WebAPI authentication]]. | ||
| − | If the client wants to establish a Web authenticated session for the currently logged in user, it has to send a login request to NINA Web Authentication System with the following parameters. The request has to be signed as specified below in the [Protocols/WebAPI/Auth/Signing_Requests | + | If the client wants to establish a Web authenticated session for the currently logged in user, it has to send a login request to NINA Web Authentication System with the following parameters. The request has to be signed as specified below in the [[Protocols/WebAPI/Auth/Signing_Requests|appendix]] using the Session Key generated. |
== Initial Request == | == Initial Request == | ||
| Line 24: | Line 24: | ||
** sig_sha256 (required) | ** sig_sha256 (required) | ||
*** Base64 encoded digital signature (HMAC-SHA256) of the request using the Session Key generated as below. | *** Base64 encoded digital signature (HMAC-SHA256) of the request using the Session Key generated as below. | ||
| − | **** Session Key = base64_encode | + | **** Session Key = base64_encode[HMAC-SHA256(key, data)] where key is the user's password and data is the session secret obtained from clientLogin response. |
*** Please refer to [[Protocols/WebAPI/Auth/Signing_Requests|Signing Requests]] for information about how to generate signature. | *** Please refer to [[Protocols/WebAPI/Auth/Signing_Requests|Signing Requests]] for information about how to generate signature. | ||
Revision as of 17:08, 25 March 2020
| WebAPI Protocol |
| Basic |
| Introduction |
| Clients |
| Whimsicals |
| Host Interaction |
| Flow |
| Authentication |
| • Client |
| • WebApp |
| Other Services |
| • |
| Foodgroups |
This page is about the client2Web method for WebAPI authentication.
If the client wants to establish a Web authenticated session for the currently logged in user, it has to send a login request to NINA Web Authentication System with the following parameters. The request has to be signed as specified below in the appendix using the Session Key generated.
Initial Request
- URL
- HTTP Method
- GET or POST
- Arguments
- devId (required)
- your developer Id required to access NINA APIs
- entryType (required)
- value as "client2Web"
- ts (required)
- current timestamp in seconds since epoch used to make sure the request cannot be replayed after a few mins
- destUrl (optional)
- the destination url to redirect to after establishing web authentication session
- a (required)
- the Authentication token returned by "clientLogin" method
- sig_sha256 (required)
- Base64 encoded digital signature (HMAC-SHA256) of the request using the Session Key generated as below.
- Session Key = base64_encode[HMAC-SHA256(key, data)] where key is the user's password and data is the session secret obtained from clientLogin response.
- Please refer to Signing Requests for information about how to generate signature.
- Base64 encoded digital signature (HMAC-SHA256) of the request using the Session Key generated as below.
- devId (required)
Response Format
Upon successful validation of the request, user will be redirected to the destination URL. If no destination URL is provided, HTTP status codes will be returned as follows:
- 200 - Success; Establishes web authentication session for the user.
- 400 - Failure; Due to invalid/expired token or invalid sig_sha256 value.
