Versions Compared

Old Version 8

changes.mady.by.user Serhii Boldin (SoE eHealth)

Saved on

compared with

New Version Current

changes.mady.by.user Liudmyla Dobrovolska (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

Required parameters are marked with "*"

...

Purpose*

API paragraph not found

Specification*

...

Link

...

Purpose

This WS allows to get nonce (one time JWT) for active client of the system.

Key points

  1. This is a REST method used only by active client of the system.

Specification

Page Properties

Link

eHealth PIS API - Apiary

Resource

/oauth/nonce

Scope

Not required

Components

API paragraph not found

Microservices

API paragraph not found

Protocol type

REST

Request type

GET

Sync/Async

API paragraph not found

Public/Private/Internal

Internal. Cabinet

Logic

...

Code Block
{
  "aud": "mithril-login",
  "exp": 1523439201,
  "iat": 1523438301,
  "iss": "EHealth",
  "jti": "efe1f08e-d4b4-4cef-a02c-78ea4a1dda25",
  "nbf": 1523438300,
  "nonce": 123,
  "sub": 123,
  "typ": "access"
}

Request structure*

See on Apiary

Example:

Expand
titleRequest example
Code Block
{
  "client_id": "30074b6e-fbab-4dc1-9d37-88c21dab1847"
}

...

Service logic

  1. Fetch JWT TTL value from JWT_LOGIN_TTL env parameter (in minutes).

  2. Generate JWT with following parameters:

    1. alg = HS512

    2. aud = trusted-client if client_type = TRUSTED_PIS, else mithril-login

    3. exp = iat + JWT_LOGIN_TTL

    4. iat = now()

    5. iss = EHealth

    6. jti = generate uuid of JWT

    7. nbf = now() - 1 second

    8. nonce = generate uuid of nonce

    9. sub = nonce

    10. typ = access

  3. Render a response according to specification.

Request structure

See on Apiary

Authorize

API paragraph not found

Headers

...

Наприклад:

  • Content-Type:application/json

Request data validation

...

API paragraph not found

Processing*

API paragraph not found

...

Validate request

  • Check client_id is submitted

    • in case of error - return 422 ('can't be blank')

  • Check client_id exists in mithril database

    • in case of error - return 404 ('Client is not found.')

  • Check client_id is not blocked (is_blocked != true)

    • in case of error - return 401 ('Client is blocked')

Validate client type

  • Get client_type from client_id

  • Check client_secret is submitted if client_type = TRUSTED_PIS

    • in case of error - return 422 ('required property <property> was not present')

  • Check client_secret belongs to client (through connections table)

    • in case of error - return 401 ('Invalid client id or secret.')

Processing

Response structure

See on Apiary

Example:

Expand
titleResponse example
Code Block
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "token": "'eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJtaXRocmlsLWxvZ2luIiwiZXhwIjoxNTIzNDM5MjAxLCJpYXQiOjE1MjM0MzgzMDEsImlzcyI6IkVIZWFsdGgiLCJqdGkiOiJlZmUxZjA4ZS1kNGI0LTRjZWYtYTAyYy03OGVhNGExZGRhMjUiLCJuYmYiOjE1MjM0MzgzMDAsIm5vbmNlIjoxMjMsInN1YiI6MTIzLCJ0eXAiOiJhY2Nlc3MifQ.UZ6S92h3nAG"
  }
}

Post-processing processes

...

API paragraph not found

HTTP status codes

...

Page Properties

HTTP status code

Message

What caused the error

 200

 

 

...