Admin API for managing Registration Tokens #26

New Issue

jordan · 2023-09-05T21:47:47-04:00

jordan commented

2023-09-05 21:47:47 -04:00

The administrator API should provide functions for managing registration tokens. This issue documents the endpoints and how they should be implemented.

GET /_telodendria/admin/tokens

Gets a list of all tokens present, and additional information.

Requires Token	Rate Limited	Permissions
Yes	Yes	ISSUE_TOKENS

Error Response	Description
200	Token list was successfully retrieved.
403	User does not have the ISSUE_TOKENS permission.

200 Response JSON Format:

Field	Type	Description
tokens	list[TokenInfo]	A list of tokens and other information.

TokenInfo JSON Format:

Field	Type	Description
name	string	The token's name.
created_by	localpart	The user who has created token.
created_on	timestamp	The creation date of the token.
expires_on	timestamp	The token's expiration date, or 0 if it does not expire.
used	integer	The number of times the token was used.
uses	integer	The number of uses remaining for the token, or -1 if there are an unlimited number of uses remaining.

403 Response JSON Format:

Field	Type	Description
errcode	string	Set to ``M_FORBIDDEN''
error	string	Human-readable explanation of the privilege issue.

200 Response Example:

{
  "tokens": [
    {
      "name": "forbob",
      "created_by": "alice",
      "created_on": 1234567890123,
      "expires_on": 2147483647000,
      "used": 1,
      "uses": 3
    }
  ]
}

403 Response JSON Format:

{
  "errcode": "M_FORBIDDEN",
  "error": "Forbidden access. Bad permissions or not authenticated."
}

GET /_telodendria/admin/tokens/[token]

Returns information about a specific registration token.

Requires Token	Rate Limited	Permissions
Yes	Yes	ISSUE_TOKENS

Error Response	Description
200	Token information successfully retrieved.
403	User does not have the ISSUE_TOKENS permission.
404	The specified token does not exist.

200 Response JSON Format:

Field	Type	Description
name	string	The token's name.
created_by	localpart	The user who created the token.
created_on	timestamp	The creation date of the token.
expires_on	timestamp	The token's expiration date, if provided.
used	integer	The number of times the token was used.
uses	integer	The number of remaining uses for the token, if set. Otherwise, there are unlimited uses remaining.

200 Response Example:

{
  "name": "forbob",
  "created_by": "alice",
  "created_on": 1234567890123,
  "used": 1,
  "uses": 3
}

POST /_telodendria/admin/tokens

Adds a registration token, and setup expiry date and max uses.

Requires Token	Rate Limited	Permissions
Yes	Yes	ISSUE_TOKENS

Request JSON Format:

Field	Type	Description	Required
lifetime	timestamp	How long this token should be good for	NO
max_uses	integer	The maximum number of uses for this token	NO
name	string	A name for the token. If none is provided, then a name is randomly generated.	NO

Request Example:

{
  "name": "OnlyClownsM7iAhUJD",
  "expires": 2147484637000,
  "max_uses": 5
}

Error Response	Description
200	Token was successfully created.
403	User does not have the ISSUE_TOKENS permission.

200 Response JSON Format:

Field	Type	Description
name	string	The token's name.
created_by	localpart	The user who created the token.
created_on	timestamp	The creation date of the token.
expires_on	timestamp	The token's expiration date, if set. If not set, the token never expires.
used	integer	The number of times the token was used.
uses	integer	The number of uses remaining for the token, if set. If not set, the token has an unlimited number of uses.

200 Response Example:

{
  "name": "OnlyClownsM7iAhUJD",
  "created_by": "donald",
  "created_on": 1234567890123,
  "expires_on": 2147484637000,
  "used": 0,
  "uses": 5
}

403 Response JSON Format:

{
  "errcode": "M_FORBIDDEN",
  "error": "Forbidden access. Bad permissions or not authenticated."
}

DELETE /_telodendria/admin/tokens/[tokenname]

Requires Token	Rate Limited	Permissions
Yes	Yes	ISSUE_TOKENS

Description: Deletes an existing registration token.

Error Response	Description
204	Token was successfully deleted.
403	User does not have the ISSUE_TOKENS permission.

403 Response JSON Format:

{
  "errcode": "M_FORBIDDEN",
  "error": "Forbidden access. Bad permissions or not authenticated."
}

The administrator API should provide functions for managing registration tokens. This issue documents the endpoints and how they should be implemented. ### **GET** /_telodendria/admin/tokens Gets a list of *all* tokens present, and additional information. <table><tbody><tr><td>Requires Token</td><td>Rate Limited</td><td>Permissions</td></tr><tr><td>Yes</td><td>Yes</td><td>ISSUE_TOKENS</td></tr></tbody></table> <table><tbody><tr><td>Error Response</td><td>Description</td></tr><tr><td>200</td><td>Token list was successfully retrieved.</td></tr><tr><td>403</td><td>User does not have the ISSUE_TOKENS permission.</td></tr></tbody></table> 200 Response JSON Format: <table><tbody><tr><td>Field</td><td>Type</td><td>Description</td></tr><tr><td>tokens</td><td>list[TokenInfo]</td><td>A list of tokens and other information.</td></tr></tbody></table> `TokenInfo` JSON Format: <table><tbody><tr><td>Field</td><td>Type</td><td>Description</td></tr><tr><td>name</td><td>string</td><td>The token's name.</td></tr><tr><td>created_by</td><td>localpart</td><td>The user who has created token.</td></tr><tr><td>created_on</td><td>timestamp</td><td>The creation date of the token.</td></tr><tr><td>expires_on</td><td>timestamp</td><td>The token's expiration date, or 0 if it does not expire.</td></tr><tr><td>used</td><td>integer</td><td>The number of times the token was used.</td></tr><tr><td>uses</td><td>integer</td><td>The number of uses remaining for the token, or -1 if there are an unlimited number of uses remaining.</td></tr></tbody></table> 403 Response JSON Format: <table><tbody><tr><td>Field</td><td>Type</td><td>Description</td></tr><tr><td>errcode</td><td>string</td><td>Set to ``M_FORBIDDEN''</td></tr><tr><td>error</td><td>string</td><td>Human-readable explanation of the privilege issue.</td></tr></tbody></table> 200 Response Example: ```json { "tokens": [ { "name": "forbob", "created_by": "alice", "created_on": 1234567890123, "expires_on": 2147483647000, "used": 1, "uses": 3 } ] } ``` 403 Response JSON Format: ```json { "errcode": "M_FORBIDDEN", "error": "Forbidden access. Bad permissions or not authenticated." } ``` ### **GET** /_telodendria/admin/tokens/\[token\] Returns information about a specific registration token. <table><tbody><tr><td>Requires Token</td><td>Rate Limited</td><td>Permissions</td></tr><tr><td>Yes</td><td>Yes</td><td>ISSUE_TOKENS</td></tr></tbody></table> <table><tbody><tr><td>Error Response</td><td>Description</td></tr><tr><td>200</td><td>Token information successfully retrieved.</td></tr><tr><td>403</td><td>User does not have the ISSUE_TOKENS permission.</td></tr><tr><td>404</td><td>The specified token does not exist.</td></tr></tbody></table> 200 Response JSON Format: <table><tbody><tr><td>Field</td><td>Type</td><td>Description</td></tr><tr><td>name</td><td>string</td><td>The token's name.</td></tr><tr><td>created_by</td><td>localpart</td><td>The user who created the token.</td></tr><tr><td>created_on</td><td>timestamp</td><td>The creation date of the token.</td></tr><tr><td>expires_on</td><td>timestamp</td><td>The token's expiration date, if provided.</td></tr><tr><td>used</td><td>integer</td><td>The number of times the token was used.</td></tr><tr><td>uses</td><td>integer</td><td>The number of remaining uses for the token, if set. Otherwise, there are unlimited uses remaining.</td></tr></tbody></table> 200 Response Example: ```json { "name": "forbob", "created_by": "alice", "created_on": 1234567890123, "used": 1, "uses": 3 } ``` ### **POST** /_telodendria/admin/tokens Adds a registration token, and setup expiry date and max uses. <table><tbody><tr><td>Requires Token</td><td>Rate Limited</td><td>Permissions</td></tr><tr><td>Yes</td><td>Yes</td><td>ISSUE_TOKENS</td></tr></tbody></table> Request JSON Format: <table><tbody><tr><td>Field</td><td>Type</td><td>Description</td><td>Required</td></tr><tr><td>lifetime</td><td>timestamp</td><td>How long this token should be good for</td><td>NO</td></tr><tr><td>max_uses</td><td>integer</td><td>The maximum number of uses for this token</td><td>NO</td></tr><tr><td>name</td><td>string</td><td>A name for the token. If none is provided, then a name is randomly generated.</td><td>NO</td></tr></tbody></table> Request Example: ```json { "name": "OnlyClownsM7iAhUJD", "expires": 2147484637000, "max_uses": 5 } ``` <table><tbody><tr><td>Error Response</td><td>Description</td></tr><tr><td>200</td><td>Token was successfully created.</td></tr><tr><td>403</td><td>User does not have the ISSUE_TOKENS permission.</td></tr></tbody></table> 200 Response JSON Format: <table><tbody><tr><td>Field</td><td>Type</td><td>Description</td></tr><tr><td>name</td><td>string</td><td>The token's name.</td></tr><tr><td>created_by</td><td>localpart</td><td>The user who created the token.</td></tr><tr><td>created_on</td><td>timestamp</td><td>The creation date of the token.</td></tr><tr><td>expires_on</td><td>timestamp</td><td>The token's expiration date, if set. If not set, the token never expires.</td></tr><tr><td>used</td><td>integer</td><td>The number of times the token was used.</td></tr><tr><td>uses</td><td>integer</td><td>The number of uses remaining for the token, if set. If not set, the token has an unlimited number of uses.</td></tr></tbody></table> 200 Response Example: ```json { "name": "OnlyClownsM7iAhUJD", "created_by": "donald", "created_on": 1234567890123, "expires_on": 2147484637000, "used": 0, "uses": 5 } ``` 403 Response JSON Format: ```json { "errcode": "M_FORBIDDEN", "error": "Forbidden access. Bad permissions or not authenticated." } ``` ### **DELETE** /_telodendria/admin/tokens/\[tokenname\] <table><tbody><tr><td>Requires Token</td><td>Rate Limited</td><td>Permissions</td></tr><tr><td>Yes</td><td>Yes</td><td>ISSUE_TOKENS</td></tr></tbody></table> _Description:_ Deletes an existing registration token. <table><tbody><tr><td>Error Response</td><td>Description</td></tr><tr><td>204</td><td>Token was successfully deleted.</td></tr><tr><td>403</td><td>User does not have the ISSUE_TOKENS permission.</td></tr></tbody></table> 403 Response JSON Format: ```json { "errcode": "M_FORBIDDEN", "error": "Forbidden access. Bad permissions or not authenticated." } ```

jordan added the

enhancement

label 2023-09-05 21:47:47 -04:00

jordan added this to the Telodendria v1.7.0-alpha4 project 2023-09-05 21:47:48 -04:00

jordan commented

2023-09-05 21:49:12 -04:00

And here's the checklist that we can update as we implement these:

GET /_telodendria/admin/tokens
GET /_telodendria/admin/tokens/[token]
POST /_telodendria/admin/tokens
DELETE /_telodendria/admin/tokens/[token]

And here's the checklist that we can update as we implement these: - [ ] **GET** /_telodendria/admin/tokens - [ ] **GET** /_telodendria/admin/tokens/[token] - [ ] **POST** /_telodendria/admin/tokens - [ ] **DELETE** /_telodendria/admin/tokens/[token]

lda referenced this issue

2023-11-01 13:00:18 -04:00

Implement GET /_telodendria/admin/tokens #37

jordan referenced this issue

2023-11-06 15:52:55 -05:00

Implement GET /_telodendria/admin/tokens #37

jordan referenced a pull request that will close this issue

2023-11-08 13:49:59 -05:00

Implement Registration Token Administrator API #43

jordan closed this issue

2023-11-10 09:30:55 -05:00

jordan referenced this issue from a commit