ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Current »

Purpose

This WS allows to get nonce (one time JWT) for active client of the system.

Key points

  1. This is a REST method used only by active client of the system.

Specification

Link

https://uaehealthapi.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/oauth/get-nonce

Resource

/oauth/nonce

Scope

Not required

Components

API paragraph not found

Microservices

API paragraph not found

Protocol type

REST

Request type

GET

Sync/Async

API paragraph not found

Public/Private/Internal

Internal. Cabinet

Logic

Service logic

  1. Fetch JWT TTL value from JWT_LOGIN_TTL env parameter (in minutes).

  2. Generate JWT with following parameters:

    1. alg = HS512

    2. aud = trusted-client if client_type = TRUSTED_PIS, else mithril-login

    3. exp = iat + JWT_LOGIN_TTL

    4. iat = now()

    5. iss = EHealth

    6. jti = generate uuid of JWT

    7. nbf = now() - 1 second

    8. nonce = generate uuid of nonce

    9. sub = nonce

    10. typ = access

  3. Render a response according to specification.

Request structure

See on Apiary

Authorize

API paragraph not found

Headers

  • Content-Type:application/json

Request data validation

Validate request

  • Check client_id is submitted

    • in case of error - return 422 ('can't be blank')

  • Check client_id exists in mithril database

    • in case of error - return 404 ('Client is not found.')

  • Check client_id is not blocked (is_blocked != true)

    • in case of error - return 401 ('Client is blocked')

Validate client type

  • Get client_type from client_id

  • Check client_secret is submitted if client_type = TRUSTED_PIS

    • in case of error - return 422 ('required property <property> was not present')

  • Check client_secret belongs to client (through connections table)

    • in case of error - return 401 ('Invalid client id or secret.')

Processing

Response structure

See on Apiary

Example:

 Response example
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "token": "'eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJtaXRocmlsLWxvZ2luIiwiZXhwIjoxNTIzNDM5MjAxLCJpYXQiOjE1MjM0MzgzMDEsImlzcyI6IkVIZWFsdGgiLCJqdGkiOiJlZmUxZjA4ZS1kNGI0LTRjZWYtYTAyYy03OGVhNGExZGRhMjUiLCJuYmYiOjE1MjM0MzgzMDAsIm5vbmNlIjoxMjMsInN1YiI6MTIzLCJ0eXAiOiJhY2Nlc3MifQ.UZ6S92h3nAG"
  }
}

Post-processing processes

API paragraph not found

HTTP status codes

HTTP status code

Message

What caused the error

 200

 

 

  • No labels