Protocols/WebAPI/Auth/Client/client2web

From NINA Wiki
Revision as of 17:08, 25 March 2020 by AD (talk | contribs)
Jump to navigation Jump to search
WebAPI Protocol
Basic
Introduction
Clients
Whimsicals
Host Interaction
Flow
Authentication
Client
WebApp
Other Services
Foodgroups

This page is about the client2Web method for WebAPI authentication.

If the client wants to establish a Web authenticated session for the currently logged in user, it has to send a login request to NINA Web Authentication System with the following parameters. The request has to be signed as specified below in the appendix using the Session Key generated.

Initial Request

  • URL
  • HTTP Method
    • GET or POST
  • Arguments
    • devId (required)
      • your developer Id required to access NINA APIs
    • entryType (required)
      • value as "client2Web"
    • ts (required)
      • current timestamp in seconds since epoch used to make sure the request cannot be replayed after a few mins
    • destUrl (optional)
      • the destination url to redirect to after establishing web authentication session
    • a (required)
      • the Authentication token returned by "clientLogin" method
    • sig_sha256 (required)
      • Base64 encoded digital signature (HMAC-SHA256) of the request using the Session Key generated as below.
        • Session Key = base64_encode[HMAC-SHA256(key, data)] where key is the user's password and data is the session secret obtained from clientLogin response.
      • Please refer to Signing Requests for information about how to generate signature.

Response Format

Upon successful validation of the request, user will be redirected to the destination URL. If no destination URL is provided, HTTP status codes will be returned as follows:

  • 200 - Success; Establishes web authentication session for the user.
  • 400 - Failure; Due to invalid/expired token or invalid sig_sha256 value.