Services/Sync/Server/Archived/0.3/API: Difference between revisions

From MozillaWiki
< Services‎ | Sync‎ | Server‎ | Archived
Jump to navigation Jump to search
 
(34 intermediate revisions by 4 users not shown)
Line 24: Line 24:
| modified
| modified
| time submitted
| time submitted
| 16
| float (2 decimal places)
| The last-modified date, in Julian date format.
| The last-modified date, in seconds since 01/01/1970 (see [http://www.ecma-international.org/publications/standards/Ecma-262.htm ecma-262]). Set by the server.
|- valign="top"
|- valign="top"
| encryption
| sortindex
| none
| none
| 256
| integer
| The URL of a Weave Encryption Record (WER) that defines how the payload is encrypted. No URL means that the payload is being sent unencrypted.
| A sort index to allow for ordered lists/trees.
|- valign="top"
|- valign="top"
| encoding
| depth
| utf-8
| none
| 16
| tinyint
| The character set of the decrypted payload.
| The depth of the node from the root of the tree. Useful as a sort key for ordered trees.
|- valign="top"
|- valign="top"
| payload
| payload
| none
| none
| 256K
| 256K
| The (possibly encrypted) JSON structure encapsulating the data of the record. This structure is defined separately for each WBO type.
| A string containing a JSON structure encapsulating the data of the record. This structure is defined separately for each WBO type. Parts of the structure may be encrypted, in which case the structure should also specify a record for decryption. [https://wiki.mozilla.org/Labs/Weave/0.3/API/Payloads Payload Definitions]
|}
|}
Weave Basic Objects and all data passed into the Weave Server should be utf-8 encoded.


=== Sample: ===
=== Sample: ===
Line 49: Line 51:
"parentid": "88C3865F-05A6-4E5C-8867-0FAC9AE264FC",
"parentid": "88C3865F-05A6-4E5C-8867-0FAC9AE264FC",
"modified": "2454725.98283",
"modified": "2454725.98283",
"encryption": "http://server/prefix/version/user/crypto-meta/B1549145-55CB-4A6B-9526-70D370821BB5",
"encryption": "",
"encoding": "shift-JIS",
"encoding": "shift-JIS",
"payload": "a89sdmawo58aqlva.8vj2w9fmq2af8vamva98fgqamff..."
"payload": "{\"encryption\":\"http://server/prefix/version/user/crypto-meta/B1549145-55CB-4A6B-9526-70D370821BB5\", \"data\": \"a89sdmawo58aqlva.8vj2w9fmq2af8vamva98fgqamff...\"}"
}
}
</pre>
</pre>


= URL Semantics =
= URL Semantics =
{| width="100%" cellpadding="3"
|- style="background-color: #efefef;"
| '''Term'''
| '''Description'''
|- valign="top"
| server
| The name of the Weave server.
|- valign="top"
| prefix
| Any added path prefix that defines the Weave namespace on that server.
|- valign="top"
| version
| The Weave API version.
|- valign="top"
| user
| The userid of the Weave user.
|- valign="top"
| collection
| A defined grouping of objects into a set. All basic objects will be a member of one collection, and it will be the access point for those objects.
|- valign="top"
| id
| The Weave Basic Object id.
|}


Authentication credentials can be checked at:
Weave URLs follow, for the most part, REST semantics. Request and response bodies are all JSON-encoded.


'''https://''server''/''prefix''/''version''/''user''/ '''
Weave uses HTTP basic auth (over SSL, so as to maintain password security). If the auth username does not match the username in the path, the server will issue an [https://wiki.mozilla.org/Labs/Weave/0.3/ResponseCodes Error Response]


'''All Protocols''': Returns 1.
The Weave API has a set of  [https://wiki.mozilla.org/Labs/Weave/0.3/ResponseCodes Weave Response Codes] to cover errors in the request or on the server side. The format of a successful response is defined in the appropriate request method section.


A WBO will always be accessible at the following URL. All URLs will have REST semantics:
== GET ==


'''https://''server''/''prefix''/''version''/''user''/''collection''/''id'' '''
'''https://''server''/0.3/user/''username''/ '''


'''GET''': Retrieve the object.
Returns a list of collections associated with the account
<br>'''PUT''': Add/update the object.
<br>'''DELETE''': Delete the object.


Batch processing can be done with:
'''https://''server''/0.3/user/''username''/''collection'' '''


'''https://''server''/''prefix''/''version''/''user''/''collection'' '''
Returns a list of the WBO ids contained in a collection. This request has additional optional parameters:


'''GET''': Returns a list of ids associated with the collection.
<br>'''POST''': Takes an array of WBOs and adds/updates them within the collection. Identical to doing a set of PUTs over /id urls.
<br>'''DELETE''': Deletes all objects in this collection.
Optional '''GET''' parameters:
{| width="100%" cellpadding="3"
{| width="100%" cellpadding="3"
|- style="background-color: #efefef;"
|- style="background-color: #efefef;"
Line 108: Line 80:
| '''Description'''  
| '''Description'''  
|- valign="top"
|- valign="top"
| wbo
| parentid
| The json objects/array of json objects to be POSTed
| Returns the ids for objects in the collection that are the children of the parent id given.
|- valign="top"
|- valign="top"
| parentid
| older
| Returns the objects in the collection that are the children of the parent id given.
| Returns only ids for objects in the collection that have been last modified before the date given.
|- valign="top"
|- valign="top"
| modified
| newer
| Returns only objects in the collection that have been modified since the date given, ordered by earliest timestamp.
| Returns only ids for objects in the collection that have been last modified since the date given.
|- valign="top"
|- valign="top"
| full
| full
| If defined, returns the full objects, rather than a group of ids.
| If defined, returns the full WBO, rather than just the id.
|- valign="top"
|- valign="top"
| limit
| limit
| Caps the number of objects that will be returned.
| Sets the maximum number of ids that will be returned.
|- valign="top"
|- valign="top"
| offset
| offset
| Skips the first n objects, for use with the limit parameter
| Skips the first n ids. For use with the limit parameter (required) to paginate through a result set.
|- valign="top"
| sort
| 'oldest' - Orders by modification date (oldest first)<br>
'newest' - Orders by modification date (newest first)<br>
'index' - Orders by the sortindex (ordered lists)<br>
'depthindex' - Orders by depth, then by sortindex (ordered trees)
|}
|}


= Response Codes =


'''200 OK''' -- Returned on a successful request. Note that this does not guarantee that the server has done anything - deleting a nonexistent object will return a 200. The request body will contain the data expected from the transaction.
'''https://''server''/0.3/user/''username''/''collection''/''id'' '''


'''400 Bad Request''' -- Will be returned if there was an error in the client's request. Details of the request will be contained in the body code:
Returns the WBO in the collection corresponding to the requested id


{| width="75%" cellpadding="3" align=center
== PUT ==
|- style="background-color: #efefef;"
| '''Code'''
| '''Description'''
|- valign="top"
| 1
| Illegal method/protocol
|- valign="top"
| 2
| Incorrect/missing captcha
|- valign="top"
| 3
| Invalid/missing username
|- valign="top"
| 4
| Attempt to overwrite data that can't be overwritted (such as creating a userid that doesn't exist)
| 5
| Userid must match account in path
| 6
| Json parse failure
| 7
| Missing password field
|}


'''https://''server''/0.3/user/''username''/''collection''/''id'' '''


'''401 Unauthorized''' -- Username and password do not allow access to the requested URL.
Adds the WBO defined in the request body to the collection. If the WBO does not contain a payload, it will only update the provided metadata fields on an already defined object.


'''404 Not Found''' -- Returned if the user does not exist. Body does not contain anything useful.
The server will return the timestamp associated with the modification.


'''503 Service Unavailable''' -- An internal error (storage failure). Please try back again later. Some explanation may be available in the body.
== POST ==


= Payloads =
'''https://''server''/0.3/user/''username''/''collection'' '''


Payloads are a hash with a required "type" key that defines the object type of the payload. Other keys will be required based on this type.
Takes an array of WBOs in the request body and iterates over them, effectively doing a series of atomic PUTs with the same timestamp.  


Here are some defined Payload Structures:
Returns a hash of successful and unsuccessful saves, including guidance as to possible errors:


== Bookmarks ==
<pre>
{"modified":1233702554.25,"success":["{GXS58IDC}12","{GXS58IDC}13","{GXS58IDC}15","{GXS58IDC}16","{GXS58IDC}18","{GXS58IDC}19"],"failed":{"{GXS58IDC}11":["invalid parentid"],"{GXS58IDC}14":["invalid parentid"],"{GXS58IDC}17":["invalid parentid"],"{GXS58IDC}20":["invalid parentid"]}}
</pre>


(needs defining)
== DELETE ==


== History ==
'''https://''server''/0.3/user/''username''/''collection'' '''


(needs defining)
Deletes the collection and all contents. Additional request parameters may modify the selection of which items to delete:
 
== Private Key ==
 
Public Key payloads must be unencrypted. Note that the key itself is still passphrase protected.


{| width="100%" cellpadding="3"
{| width="100%" cellpadding="3"
|- style="background-color: #efefef;"
|- style="background-color: #efefef;"
| style="background-color: #efefef;" | '''Parameter'''
| '''Term'''
| style="background-color: #efefef; width: 100px" | '''Default'''  
| '''Description'''  
| '''Description'''
|- valign="top"
| parentid
| Only deletes objects in the collection that are the children of the parent id given.
|- valign="top"
|- valign="top"
| key_data
| older
| required
| Only deletes objects in the collection that have been last modified before the date given.
| The private key, passphrase encrypted.
|- valign="top"
|- valign="top"
| public_key
| newer
| required
| Only deletes objects in the collection that have been last modified since the date given.
| The URI to the public key associated with this private key.
|- valign="top"
| limit
| Sets the maximum number of objects that will be deleted.
|- valign="top"
| offset
| Skips the first n objects in the defined set. Must be used with the limit parameter.
|- valign="top"
| sort
| 'oldest' - Orders by modification date (oldest first)<br>
'newest' - Orders by modification date (newest first)<br>
'index' - Orders by the sortindex (ordered lists)<br>
'depthindex' - Orders by depth, then by sortindex (ordered trees)
|}
|}


=== Sample ===
<pre>
  "payload":
  {
    "type: "private_key",
    "key_data": "nviuwc023nd210o3idn120x283cm...",
    "public_key": "A24349145-5AB-2YX-9526"
  }
</pre>
== Public Key ==


Public Key objects must be unencrypted.
'''https://''server''/0.3/user/''username''/''collection''/''id'' '''


{| width="100%" cellpadding="3"
Deletes the WBO at the location given
|- style="background-color: #efefef;"
| style="background-color: #efefef;" | '''Parameter'''
| style="background-color: #efefef; width: 100px" | '''Default'''
| '''Description'''
|- valign="top"
| key_data
| required
| The public key
|- valign="top"
| private_key
| required
| The URI to the private key associated with this private key.
|}


=== Sample ===
All delete requests return the timestamp of the action.  
<pre>  "payload":
  {
    "type: "public_key",
    "key_data": "nviuwc023nd210o3idn120x283cm...",
    "private_key": "B24349145-5AB-2YX-9526"
  }
</pre>


== Cryptometa ==
= X-If-Unmodified-Since =


Cryptometa objects must be unencrypted.
On any write transaction (PUT, POST, DELETE), this header may be added to the request, set to a timestamp. If the collection to be acted on has been modified since the timestamp given, the request will fail.


{| width="100%" cellpadding="3"
|- style="background-color: #efefef;"
| style="background-color: #efefef;" | '''Parameter'''
| style="background-color: #efefef; width: 100px" | '''Default'''
| '''Description'''
|- valign="top"
| algorithm
| required
| A hash, containing a "name" key and associated value, and any additional data required for the algorithm, such as "salt" or "iv".
|- valign="top"
| keyring
| empty
| A hash in which the keys are URLs to publickey WERs and the values are the encryption string used with that key to encrypt this record. The keys may be fully qualified URLs, or relative to the id level (thus, just the id is acceptable)
|}


=== Sample ===
= X-Weave-Alert =
<pre>
  "payload":
  {
    "type: "cryptometa",
    "algorithm":
    {
      "name": "aes-256-cbc",
      "salt": "234imasd9f8w23m7",
      "iv": "2w3kmv9821maz985"
    }
    "keyring":
    {
  "B24349145-5AB-2YX-9526": "m29f2mnvwiecvnw0ev...",
    }
  }


</pre>
This header may be sent back from any transaction, and contains potential warning messages, information, or other alerts. The contents are intended to be human-readable.

Latest revision as of 03:05, 12 July 2010

Weave 0.3 API

Release Date: TBD

Weave Basic Object (WBO)

A Weave Basic Object is the generic wrapper around all items passed into and out of the Weave server. The Weave Basic Object has the following fields:

Parameter Default Max Description
id required 64 An identifying string. For a user, the id must be unique for a WBO within a collection, though objects in different collections may have the same ID.
parentid none 64 The id of a parent object in the same collection. This allows for the creation of hierarchical structures (such as folders).
modified time submitted float (2 decimal places) The last-modified date, in seconds since 01/01/1970 (see ecma-262). Set by the server.
sortindex none integer A sort index to allow for ordered lists/trees.
depth none tinyint The depth of the node from the root of the tree. Useful as a sort key for ordered trees.
payload none 256K A string containing a JSON structure encapsulating the data of the record. This structure is defined separately for each WBO type. Parts of the structure may be encrypted, in which case the structure should also specify a record for decryption. Payload Definitions

Weave Basic Objects and all data passed into the Weave Server should be utf-8 encoded.

Sample:

{
	"id": "B1549145-55CB-4A6B-9526-70D370821BB5",
	"parentid": "88C3865F-05A6-4E5C-8867-0FAC9AE264FC",
	"modified": "2454725.98283",
	"encryption": "",
	"encoding": "shift-JIS",
	"payload": "{\"encryption\":\"http://server/prefix/version/user/crypto-meta/B1549145-55CB-4A6B-9526-70D370821BB5\", \"data\": \"a89sdmawo58aqlva.8vj2w9fmq2af8vamva98fgqamff...\"}"
}

URL Semantics

Weave URLs follow, for the most part, REST semantics. Request and response bodies are all JSON-encoded.

Weave uses HTTP basic auth (over SSL, so as to maintain password security). If the auth username does not match the username in the path, the server will issue an Error Response

The Weave API has a set of Weave Response Codes to cover errors in the request or on the server side. The format of a successful response is defined in the appropriate request method section.

GET

https://server/0.3/user/username/

Returns a list of collections associated with the account

https://server/0.3/user/username/collection

Returns a list of the WBO ids contained in a collection. This request has additional optional parameters:

Term Description
parentid Returns the ids for objects in the collection that are the children of the parent id given.
older Returns only ids for objects in the collection that have been last modified before the date given.
newer Returns only ids for objects in the collection that have been last modified since the date given.
full If defined, returns the full WBO, rather than just the id.
limit Sets the maximum number of ids that will be returned.
offset Skips the first n ids. For use with the limit parameter (required) to paginate through a result set.
sort 'oldest' - Orders by modification date (oldest first)

'newest' - Orders by modification date (newest first)
'index' - Orders by the sortindex (ordered lists)
'depthindex' - Orders by depth, then by sortindex (ordered trees)


https://server/0.3/user/username/collection/id

Returns the WBO in the collection corresponding to the requested id

PUT

https://server/0.3/user/username/collection/id

Adds the WBO defined in the request body to the collection. If the WBO does not contain a payload, it will only update the provided metadata fields on an already defined object.

The server will return the timestamp associated with the modification.

POST

https://server/0.3/user/username/collection

Takes an array of WBOs in the request body and iterates over them, effectively doing a series of atomic PUTs with the same timestamp.

Returns a hash of successful and unsuccessful saves, including guidance as to possible errors: 

{"modified":1233702554.25,"success":["{GXS58IDC}12","{GXS58IDC}13","{GXS58IDC}15","{GXS58IDC}16","{GXS58IDC}18","{GXS58IDC}19"],"failed":{"{GXS58IDC}11":["invalid parentid"],"{GXS58IDC}14":["invalid parentid"],"{GXS58IDC}17":["invalid parentid"],"{GXS58IDC}20":["invalid parentid"]}}

DELETE

https://server/0.3/user/username/collection

Deletes the collection and all contents. Additional request parameters may modify the selection of which items to delete:

Term Description
parentid Only deletes objects in the collection that are the children of the parent id given.
older Only deletes objects in the collection that have been last modified before the date given.
newer Only deletes objects in the collection that have been last modified since the date given.
limit Sets the maximum number of objects that will be deleted.
offset Skips the first n objects in the defined set. Must be used with the limit parameter.
sort 'oldest' - Orders by modification date (oldest first)

'newest' - Orders by modification date (newest first)
'index' - Orders by the sortindex (ordered lists)
'depthindex' - Orders by depth, then by sortindex (ordered trees)


https://server/0.3/user/username/collection/id

Deletes the WBO at the location given

All delete requests return the timestamp of the action.

X-If-Unmodified-Since

On any write transaction (PUT, POST, DELETE), this header may be added to the request, set to a timestamp. If the collection to be acted on has been modified since the timestamp given, the request will fail.


X-Weave-Alert

This header may be sent back from any transaction, and contains potential warning messages, information, or other alerts. The contents are intended to be human-readable.

Retrieved from "https://wiki.allizom.org/index.php?title=Services/Sync/Server/Archived/0.3/API&oldid=237537"