From 056a0dd8b2c74aec18fa4be15c0a07e1f6123f53 Mon Sep 17 00:00:00 2001 From: mariacarmina <50501033+mariacarmina@users.noreply.github.com> Date: Wed, 21 Dec 2022 06:36:51 -0800 Subject: [PATCH] Added auth enpoints from provider README. (#1155) * Added auth enpoints from provider README. * Removed bytes format. * Replace with placeholder values. * Added ref to networks. --- api-references/provider-rest-api.md | 80 ++++++++++++++++++++++++++++- 1 file changed, 79 insertions(+), 1 deletion(-) diff --git a/api-references/provider-rest-api.md b/api-references/provider-rest-api.md index 20af7b3a..993c904f 100644 --- a/api-references/provider-rest-api.md +++ b/api-references/provider-rest-api.md @@ -4,6 +4,9 @@ This document specifies the endpoints for Ocean Provider to be implemented by the core developers. +If you want to see the provider URLs for our supported networks, kindly +check for `Provider` component on +this [page](https://docs.oceanprotocol.com/core-concepts/networks). ### nonce endpoint #### GET /api/services/nonce @@ -194,7 +197,7 @@ Response: "r": "0xabc123...", "s": "0xabc123...", "validUntil": 123456, - } + }, "computeAddress": "0x8123jdf8sdsa..." } ``` @@ -550,3 +553,78 @@ Response: ... ] ``` + +### Authentication endpoints + +Provider offers an alternative to signing each request, by allowing users to generate auth tokens. +The generated auth token can be used until its expiration in all supported requests. +Simply omit the signature parameter and add the AuthToken request header based on a created token. + +Please note that if a signature parameter exists, it will take precedence over the AuthToken headers. +All routes that support a signature parameter support the replacement, with the exception of auth-related ones +(createAuthToken and deleteAuthToken need to be signed). + +#### GET /api/services/createAuthToken + +Allows the user to create an auth token. + +Parameters + +``` +address: String object containing consumer's address (optional) +nonce: Integer, Nonce (required) +signature: String object containg user signature (signed message) + The signature is based on hashing the following parameters: + address + nonce +expiration: valid future UTC timestamp (required) +``` + +Returns: +Created auth token. + +Example: + +``` +GET /api/services/createAuthToken?address=&&nonce=&&expiration=&signature= +``` +Inside the angular brackets, the user should provide the valid values for the request. + +Response: + +``` +{"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NjAwNTMxMjksImFkZHJlc3MiOiIweEE3OGRlYjJGYTc5NDYzOTQ1QzI0Nzk5MTA3NUUyYTBlOThCYTdBMDkifQ.QaRqYeSYxZpnFayzPmUkj8TORHHJ_vRY-GL88ZBFM0o"} +``` + + +#### DELETE /api/services/deleteAuthToken + +Allows the user to delete an existing auth token before it naturally expires. + +Parameters + +``` +address: String object containing consumer's address (optional) +nonce: Integer, Nonce (required) +signature: String object containg user signature (signed message) + The signature is based on hashing the following parameters: + address + nonce +token: token to be expired +``` + +Returns: +Success message if token is successfully deleted. +If the token is not found or already expired, returns an error message. + +Example: + +``` +DELETE /api/services/deleteAuthToken?address=&&nonce=&&token=&signature= +``` +Inside the angular brackets, the user should provide the valid values for the request. + +Response: + +``` +{"success": "Token has been deactivated."} +``` +