OAuth2 REST API v1

Table of Contents

• /oauth2/v1/clients
  • GET /oauth2/v1/clients
  • POST /oauth2/v1/clients
• /oauth2/v1/clients/{id}
  • DELETE /oauth2/v1/clients/{id}
  • GET /oauth2/v1/clients/{id}
  • PUT /oauth2/v1/clients/{id}
• /oauth2/v1/code
  • GET /oauth2/v1/code
• /oauth2/v1/public/token
  • GET /oauth2/v1/public/token
  • POST /oauth2/v1/public/token

/oauth2/v1/clients

This REST URI path provides actions and information about OAuth2 clients

GET /oauth2/v1/clients

Description

Returns information about OAuth2 clients registered in Qorus. If username is among the parameters, only clients registered for that user are returned.

Return Value

This API returns a list of hashes with the following keys:

• client_id: (string) unique identifier of the client
• username: (string) user associated with the client
• created: (date) date of record creation
• modified: (date) date of record last modification

POST /oauth2/v1/clients

Description

Inserts OAuth2 client data in DB

Arguments

This API takes the following hash arguments (either as URI arguments or in the message body):

• client_id: (string) unique identifier of the client
• client_secret: (string) secret associated with the client
• username: (string) user associated with the client
• permissions: (list) list of permissions

Return Value

This API returns a hash with the following keys:

• inserted: (hash) hash with informataion about inserted client
  • client_id: (string) unique identifier of the client
  • username: (string) user associated with the client
  • created: (date) date of record creation
  • modified: (date) date of record las modification

Errors

• 409 Conflict: OAUTH2-EXCEPTION: this exception is thrown when any error occurs while inserting the data. More error description is part of the response.

/oauth2/v1/clients/{id}

This REST URI path provides actions and information for system functionality

DELETE /oauth2/v1/clients/{id}

Description

Deletes client info from DB

Return Value

This API returns a hash with the following keys:

• rows_deleted: (int) number of rows deleted

Errors

• 404 Not found: "404 Not Found: class \"oauth2\clients\" has no subclass <client_id>"

GET /oauth2/v1/clients/{id}

Description

Returns a hash of client information

Return Value

This API returns a hash with the following keys:

• client_id: (string) unique identifier of the client
• username: (string) user associated with the client
• created: (date) date of record creation
• modified: (date) date of record last modification
• permissions: (list of strings) client's permissions

Errors

• 404 Not found: "404 Not Found: class \"oauth2\clients\" has no subclass <client_id>"

PUT /oauth2/v1/clients/{id}

Description

Updates client info in DB

Arguments

This API takes the following hash arguments (either as URI arguments or in the message body):

• client_id: (string) unique identifier of the client
• client_secret: (string) secret associated with the client
• username: (string) user associated with the client
• permissions: (list) list of permissions

Return Value

This API returns a hash with the following keys:

• inserted: json describing inserted data

Errors

• 404 Not found: "404 Not Found: class \"oauth2\clients\" has no subclass <client_id>"

/oauth2/v1/code

This REST URI path provides OAuth2 authorization code

GET /oauth2/v1/code

Description

Returns OAuth2 authorization code for Authorization Code Grant Flow

• type : token/code to be generated (authorization code od access token)
• client_id : identification of client for which the token/code is generated

Return Value

Hash with returned code.

• code: (string) token/code value
• type: (string) type of retuned code (code = 'authorization code', token = 'access token')

/oauth2/v1/public/token

GET /oauth2/v1/public/token

Description

This URI provides methdod for obtaining access token.

Arguments

This API takes the following arguments. Not all parameters must be included in the request. Usage of the parameters depends on the grant flew used. See Get access token.

• response_type
• redirect_uri
• code
• client_id
• scope
• state
• username
• password
• refresh_token

Return Value

Returns requested access token.

• access_token
• token_type
• expires_in
• state

More info Get access token

POST /oauth2/v1/public/token

Description

This URI provides methdod for obtaining access token.

Arguments

This API takes the following arguments. Not all parameters must be included in the request. Usage of the parameters depends on the grant flew used. See Get access token.

• grant_type
• redirect_uri
• code
• client_id
• scope
• state
• username
• password
• refresh_token

Return Value

Returns requested access token.

• access_token
• token_type
• expires_in
• state

More info Get access token