This is so called REST interface to Vifib which uses HTTP protocol.
"API_BASE" is server side path of the interface. In case of Vifib.net it is...
In order to authenticate into API X509 key/certificate can be used. It is possible to obtain them from SlapOS Master, like https:///www.vifib.net
As API is going to be used in environments which support TLS communication channel, but do not, or support is cumbersome, support X509 keys OAuth-2 will be proposed by library.
Note: This authentication mechanism will change. Avoid implementation for now.
In case if client of API does not fulfill X509 authentication it has a chance to use token based authentication (after obtaining proper token).
Client application HAVE TO use "Authorization" header, even if OAuth-2 allows other ways (like having token in GET parameter or as form one). They were not implemented as begin fragile from security point of view.
Example of using Bearer token:
GET /API_BASE/instance/{instance_id} HTTP/1.1
Host: example.com
Accept: application/json
Authorization: Bearer 7Fjfp0ZBr1KtDRbnfVdmIw
It is possible to use Facebook and Google as Authorization Server with Oauth 2.0 access tokens. Client shall fetch access_token as described in:
Such token shall be passed in Authorization header, in case of Facebook:
GET /API_BASE/instance/{instance_id} HTTP/1.1
Host: example.com
Accept: application/json
Authorization: Facebook retrieved_access_token
and in case of Google:
GET /API_BASE/instance/{instance_id} HTTP/1.1
Host: example.com
Accept: application/json
Authorization: Google retrieved_access_token
The client is responsible for having its own application ID and configure it that user basic information and email will be available after using access_token, for example by fetching token after query like:
https://www.facebook.com/dialog/oauth?client_id=FB_ID&response_type=token&redirect_uri=APP_URL&scope=email
While passing access token Vifib.net server will contact proper Authorization Server (Google or Facebook) and use proper user profile. In case of first time usage of the service the user will be automatically created, so application shall be prepared to support HTTP "202 Accepted" code, as described in Response status code.
While requesting Facebook access token it is required to set scope value to email.
Vifib.net will use those data to create users.
While requesting Google access token it is required to set scope value to https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email.
Vifib.net will use those data to create users.
SlapOS master will support both XML and JSON formats for input and output.
GET requests will return a "200 OK" response if the resource is successfully retrieved. In case if client will set "If-Midified-Since" header the response could be "304 Not Modified". Also GET will return "Last-Modified" headers.
POST requests which create a resource we will return a "201 Created" response if successful.
POST requests which perform some other action such as sending a campaign will return a "200 OK" response if successful.
PUT requests will return a "200 OK" response if the resource is successfully updated and "204 No Content" in case if no modification was applied..
OPTIONS requests will return "204 No Content" response with headers informing about possible method usage.
"202 Accepted" with json response with status can be returned in order to indicate that request was correct, but some asynchronous opertions are disallow to finish it, for example user being in creation process:
HTTP/1.1 202 Accepted
Content-Type: application/json; charset=utf-8
{
"status": "User under creation."
}
The request body does not follow the API (one argument is missing or malformed). The full information is available as text body:
HTTP/1.1 400 Bad Request
Content-Type: application/json
{
"computer_id": "Parameter is missing"
}
The request is not authorised. The response will contain location to a server which is capable to provide access credentials.
For servers using Bearer token authentication:
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Bearer realm="example.com"
Location: https://authserv.example.com/path-to-auth
The request can not be fulfilled because account is locked.
Request to non existing resource made.
Unexpected error.
Ask for list of instances.
Request:
GET /API_BASE/instance HTTP/1.1
Host: example.com
Accept: application/json
No Expected Request Body
Expected Response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"list": ["http://one.example.com/one", "http://two.example.com/something"]
}
Additional Responses:
HTTP/1.1 204 No Content
In case where not instances are available.
Request a new instantiation of a software.
Request:
POST /API_BASE/instance HTTP/1.1
Host: example.com
Accept: application/json
Content-Type: application/json; charset=utf-8
Expected Request Body:
{
"status": "started",
"slave": false,
"title": "My unique instance",
"software_release": "http://example.com/example.cfg",
"software_type": "type_provided_by_the_software",
"parameter": {
"Custom1": "one string",
"Custom2": "one float",
"Custom3": [
"abc",
"def"
]
},
"sla": {
"computer_id": "COMP-0"
}
}
Expected Response:
HTTP/1.1 201 Created
Content-Type: application/json; charset=utf-8
Location: http://maybeother.example.com/some/url/instance_id
{
"status": "started",
"connection": {
"custom_connection_parameter_1": "foo",
"custom_connection_parameter_2": "bar"
}
}
Additional Responses:
HTTP/1.1 202 Accepted
Content-Type: application/json; charset=utf-8
{
"status": "processing"
}
The request has been accepted for processing
Error Responses:
Request all instance information.
Request:
GET /API_BASE/<instance_path> HTTP/1.1
Host: example.com
Accept: application/json
Route values:
No Expected Request Body
Expected Response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"title": "The Instance Title",
"status": "start", # one of: start, stop, destroy
"software_release": "http://example.com/example.cfg",
"software_type": "type_provided_by_the_software",
"slave": False, # one of: True, False
"connection": {
"custom_connection_parameter_1": "foo",
"custom_connection_parameter_2": "bar"
},
"parameter": {
"Custom1": "one string",
"Custom2": "one float",
"Custom3": ["abc", "def"],
},
"sla": {
"computer_id": "COMP-0",
}
"children_id_list": ["subinstance1", "subinstance2"],
"partition": {
"public_ip": ["::1", "91.121.63.94"],
"private_ip": ["127.0.0.1"],
"tap_interface": "tap2",
},
}
Error Responses:
Request the instance certificates.
Request:
GET /API_BASE/<instance_path>/certificate HTTP/1.1
Host: example.com
Accept: application/json
Route values:
No Expected Request Body
Expected Response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"ssl_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADAN...h2VSZRlSN\n-----END PRIVATE KEY-----",
"ssl_certificate": "-----BEGIN CERTIFICATE-----\nMIIEAzCCAuugAwIBAgICHQI...ulYdXJabLOeCOA=\n-----END CERTIFICATE-----",
}
Error Responses:
Trigger the re-instantiation of all partitions in the instance tree
Request:
POST /API_BASE/<instance_path>/bang HTTP/1.1
Host: example.com
Accept: application/json
Content-Type: application/json; charset=utf-8
Route values:
Expected Request Body:
{
"log": "Explain why this method was called",
}
Expected Response:
HTTP/1.1 204 No Content
Modify the instance information and status.
Request:
PUT /API_BASE/<instance_path> HTTP/1.1
Host: example.com
Accept: application/json
Content-Type: application/json; charset=utf-8
Expected Request Body:
{
"title": "The New Instance Title",
"connection": {
"custom_connection_parameter_1": "foo",
"custom_connection_parameter_2": "bar"
}
}
Where connection and title are optional.
Setting different.
Expected Response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"connection": "Modified",
"title": "Modified."
}
Additional Responses:
HTTP/1.1 204 No Content
When nothing was modified.
Error Responses:
Add a new computer in the system.
Request:
POST /API_BASE/computer HTTP/1.1
Host: example.com
Accept: application/json
Content-Type: application/json; charset=utf-8
Expected Request Body:
{
"title": "My unique computer",
}
Expected Response:
HTTP/1.1 201 Created
Content-Type: application/json; charset=utf-8
Location: http://maybeother.example.com/some/url/computer_id-0
{
"ssl_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADAN...h2VSZRlSN\n-----END PRIVATE KEY-----",
"ssl_certificate": "-----BEGIN CERTIFICATE-----\nMIIEAzCCAuugAwIBAgICHQI...ulYdXJabLOeCOA=\n-----END CERTIFICATE-----",
}
Error Responses:
Get the status of a computer
Request:
GET /API_BASE/<computer_path> HTTP/1.1
Host: example.com
Accept: application/json
Route values:
No Expected Request Body
Expected Response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"computer_id": "COMP-0",
"software": [
{
"software_release": "http://example.com/example.cfg",
"status": "install" # one of: install, uninstall
},
],
"partition": [
{
"title": "slapart1",
"instance_id": "foo",
"status": "start", # one of: start, stop, destroy
"software_release": "http://example.com/example.cfg"
},
{
"title": "slapart2",
"instance_id": "bar",
"status": "stop", # one of: start, stop, destroy
"software_release": "http://example.com/example.cfg"
},
],
}
Modify computer information in the system
Request:
PUT /API_BASE/<computer_path> HTTP/1.1
Host: example.com
Accept: application/json
Content-Type: application/json; charset=utf-8
Route values:
Expected Request Body:
{
"partition": [
{
"title": "part1",
"public_ip": "::1",
"private_ip": "127.0.0.1",
"tap_interface": "tap2",
},
],
"software": [
{
"software_release": "http://example.com/example.cfg",
"status": "installed", # one of: installed, uninstalled, error
"log": "Installation log"
},
],
}
Where partition and software keys are optional, but at least one is required.
Expected Response:
HTTP/1.1 204 No Content
Request to supply a new software release on a computer
Request:
POST /API_BASE/<computer_path>/supply HTTP/1.1
Host: example.com
Accept: application/json
Content-Type: application/json; charset=utf-8
Route values:
Expected Request Body:
{
"software_release": "http://example.com/example.cfg"
}
Expected Response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Request update on all partitions
Request:
POST /API_BASE/<computer_path>/bang HTTP/1.1
Host: example.com
Accept: application/json
Content-Type: application/json; charset=utf-8
Route values:
Expected Request Body:
{
"log": "Explain why this method was called",
}
Expected Response:
HTTP/1.1 204 No Content
Report computer usage
Request:
POST /API_BASE/<computer_path>/report HTTP/1.1
Host: example.com
Accept: application/json
Content-Type: application/json; charset=utf-8
Route values:
Expected Request Body:
{
"title": "Resource consumptions",
"start_date": "2011/11/15",
"stop_date": "2011/11/16",
"movement": [
{
"resource": "CPU Consumption",
"title": "line 1",
"reference": "slappart0",
"quantity": 42.42
}
]
}
Expected Response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8