Versions Compared

Old Version 11

changes.mady.by.user Serhii Boldin (SoE eHealth)

Saved on

compared with

New Version Current

changes.mady.by.user Liudmyla Dobrovolska (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

Purpose

...

API paragraph not found

...

This WS allows to get nonce (one time JWT) for active client of the system.

Key points

  1. This is a REST method used only by active client of the system.

Specification

Page Properties

Link

API paragraph not foundeHealth PIS API - Apiary

Resource

/oauth/nonce

Scope

Not required

Components

API paragraph not found

Microservices

API paragraph not found

Protocol type

REST

Request type

GET

Sync/Async

API paragraph not found

Public/Private/Internal

Internal. Cabinet

Logic

...

Code Block
{
  "aud": "mithril-login",
  "exp": 1523439201,
  "iat": 1523438301,
  "iss": "EHealth",
  "jti": "efe1f08e-d4b4-4cef-a02c-78ea4a1dda25",
  "nbf": 1523438300,
  "nonce": 123,
  "sub": 123,
  "typ": "access"
}

Request structure*

See on Apiary

Example:

Expand
titleRequest example
Code Block
{
  "client_id": "30074b6e-fbab-4dc1-9d37-88c21dab1847"
}

...

Service logic

  1. Fetch JWT TTL value from JWT_LOGIN_TTL env parameter (in minutes).

  2. Generate JWT with following parameters:

    1. alg = HS512

    2. aud = trusted-client if client_type = TRUSTED_PIS, else mithril-login

    3. exp = iat + JWT_LOGIN_TTL

    4. iat = now()

    5. iss = EHealth

    6. jti = generate uuid of JWT

    7. nbf = now() - 1 second

    8. nonce = generate uuid of nonce

    9. sub = nonce

    10. typ = access

  3. Render a response according to specification.

Request structure

See on Apiary

Authorize

API paragraph not found

Headers

...

  • Content-Type:application/json

Request data validation

...

API paragraph not found

Processing*

API paragraph not found

...

Validate request

  • Check client_id is submitted

    • in case of error - return 422 ('can't be blank')

  • Check client_id exists in mithril database

    • in case of error - return 404 ('Client is not found.')

  • Check client_id is not blocked (is_blocked != true)

    • in case of error - return 401 ('Client is blocked')

Validate client type

  • Get client_type from client_id

  • Check client_secret is submitted if client_type = TRUSTED_PIS

    • in case of error - return 422 ('required property <property> was not present')

  • Check client_secret belongs to client (through connections table)

    • in case of error - return 401 ('Invalid client id or secret.')

Processing

Response structure

See on Apiary

Example:

Expand
titleResponse example
Code Block
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "token": "'eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJtaXRocmlsLWxvZ2luIiwiZXhwIjoxNTIzNDM5MjAxLCJpYXQiOjE1MjM0MzgzMDEsImlzcyI6IkVIZWFsdGgiLCJqdGkiOiJlZmUxZjA4ZS1kNGI0LTRjZWYtYTAyYy03OGVhNGExZGRhMjUiLCJuYmYiOjE1MjM0MzgzMDAsIm5vbmNlIjoxMjMsInN1YiI6MTIzLCJ0eXAiOiJhY2Nlc3MifQ.UZ6S92h3nAG"
  }
}

Post-processing processes

...

API paragraph not found

HTTP status codes

...

Page Properties

HTTP status code

Message

What caused the error

 200

 

 

...