Purpose
This WS allows to get nonce (one time JWT) for active client of the system.
Key points
This is a REST method used only by active client of the system.
Specification
Logic
Service logic
Fetch JWT TTL value from
JWT_LOGIN_TTL
env parameter (in minutes).Generate JWT with following parameters:
alg =
HS512
aud =
trusted-client
ifclient_type
= TRUSTED_PIS, elsemithril-login
exp = iat +
JWT_LOGIN_TTL
iat = now()
iss =
EHealth
jti = generate uuid of JWT
nbf = now() - 1 second
nonce = generate uuid of nonce
sub = nonce
typ =
access
Render a response according to specification.
Request structure
See on Apiary
Example:
Authorize
API paragraph not found
Headers
Content-Type:application/json
Request data validation
Validate request
Check
client_id
is submittedin case of error - return 422 ('can't be blank')
Check
client_id
exists in mithril databasein case of error - return 404 ('Client is not found.')
Check
client_id
is not blocked (is_blocked != true)in case of error - return 401 ('Client is blocked')
Validate client type
Get
client_type
fromclient_id
Check
client_secret
is submitted ifclient_type
= TRUSTED_PISin case of error - return 422 ('required property <property> was not present')
Check
client_secret
belongs to client (through connections table)in case of error - return 401 ('Invalid client id or secret.')
Processing
Response structure
See on Apiary
Example:
Post-processing processes
API paragraph not found