Uploaded image for project: 'Content Gateway'
  1. Content Gateway
  2. CGW-154

Implement backend REST API on Download Manager to get status of subscription

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • None
    • None

      Implement backend REST API on Download Manager to get status of subscription. Will be called by Keycloak to get subscription status for user, for example to show it on user profile page.
      This API is not intended to be called by clients/websites, it does not use SSO for auth, but only simple auth mechanism intended for interserver communication.
      We introduced this to keep subscription validation logic (which may/will contain use of different IT services, Terms and Group services for now, Subscription service later) on one place only (Download Manager) and simply reuse it from Keycloak.

      REST request

      url: /rest/tc/status

      http method: GET

      http params:

      • username - mandatory, username of the user we want subscription status for
      • userType - mandatory, type of username. Valid values are r for redhat.com username and j for jboss.org username
      • subscrType - mandatory, type of subscription we want status for. Valid values is RHD for 'Red Hat Developer Subscription' and JBD for 'JBoss Developer Subscription'
      • ts - caller creates this value as current timestamp (common Java long timestamp in millis from 1970) XORed with secret long. Server unXOR timestamp by the secret on his side and validates that request is not too old (so this is an authentication which prevents replay attacks also)

      http headers:

      • Accept - mandatory, defines format of response, valid values are text/xml or application/json. Use of invalid value leads to 400 - Bad Request http response.

      REST response

      http code:

      • 400 Bad request - if some input param is invalid
      • 403 Forbidden - if ts param validation falls out of allowed time range
      • 200 OK - if all params are valid. In this case body contains JSON or XML with information about subscription (latest subscription if there is longer history of them) for given user and subscription type. Information contains fields:
        • valid - true if subscription is currently valid, else false (which mean that user had never signed given subscribtion or subscription is expired already)
        • acceptanceTimestamp - timestamp of latest T&C acceptance which lead to subscription creation. Number with common java timestamp. Not present if user never signed.
        • expirationTimestamp - timestamp of subscription expiration. Number with common java timestamp. Not present if user never signed or subscription does not expire.
        • daysRemaining - number with remaining days of subscription validity. 0 for expired subscription. Not present if user never signed or subscription does not expire.
        • duration - number with duration of subscription validity in days. Not present if user never signed or subscription does not expire.

      Example is in JSON (xml will be in same structure with same names for xml elements):

      { 
  "valid": true, 
  "acceptanceTimestamp": 1370349782638, 
  "expirationTimestamp": 1401885782638, 
  "daysRemaining": 328, 
  "duration": 365 
}

              velias@redhat.com Vlastimil Eliáš
              velias@redhat.com Vlastimil Eliáš
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: