ClickToCall SkypeTest Documentation

Similar documents
Using OAuth 2.0 to Access ionbiz APIs

Bambu API Documentation

ovirt SSO Specification

NIELSEN API PORTAL USER REGISTRATION GUIDE

Identity and Data Access: OpenID & OAuth

Mobile Procurement REST API (MOBPROC): Access Tokens

Integrating with ClearPass HTTP APIs

Protect Your API with OAuth 2. Rob Allen

GPII Security. Washington DC, November 2015

WEB API. Nuki Home Solutions GmbH. Münzgrabenstraße 92/ Graz Austria F

Aruba Central Application Programming Interface

Oracle Fusion Middleware. API Gateway OAuth User Guide 11g Release 2 ( )

REST API Operations. 8.0 Release. 12/1/2015 Version 8.0.0

HKWirelessHD API Specification

Tutorial: Building the Services Ecosystem

API Gateway. Version 7.5.1

sanction Documentation

OAuth and OpenID Connect (IN PLAIN ENGLISH)

NetIQ Access Manager 4.3. REST API Guide

Kinto Documentation. Release Mozilla Services Da French Team

BlackBerry AtHoc Networked Crisis Communication. BlackBerry AtHoc API Quick Start Guide

E POSTBUSINESS API Login-API Reference. Version 1.1

Advanced API Security

DJOAuth2 Documentation

Tangent MicroServices Documentation

Start To Develop THE NEXT LEVEL

Patch Server for Jamf Pro Documentation

Archer Documentation. Release 0.1. Praekelt Dev

Black Box DCX3000 / DCX1000 Using the API

MediaAUTH Draft Proposal

Inland Revenue. Build Pack. Identity and Access Services. Date: 04/09/2017 Version: 1.5 IN CONFIDENCE

Building the Modern Research Data Portal. Developer Tutorial

NetIQ Access Manager 4.4. REST API Guide

Web Based Single Sign-On and Access Control

django-oauth2-provider Documentation

fredag 7 september 12 OpenID Connect

Salesforce IoT REST API Getting Started Guide

python-oauth2 Documentation

Connect. explained. Vladimir Dzhuvinov. :

Web Messaging Configuration Guide Document Version: 1.3 May 2018

Authentication in the Cloud. Stefan Seelmann

WP Voting Plugin - Ohiowebtech Video Extension - Youtube Documentation

SAS Event Stream Processing 4.2: Security

Lab 2 Third Party API Integration, Cloud Deployment & Benchmarking

Composer Help. Web Request Common Block

Sophos Mobile Control Network Access Control interface guide. Product version: 7

ClearPass. ClearPass Extension Universal Authentication Proxy. ClearPass Extension Universal Authentication Proxy TechNote

The PureEngage Cloud API. Jim Crespino Director, Developer Enablement

Building the Modern Research Data Portal using the Globus Platform. Rachana Ananthakrishnan GlobusWorld 2017

OAuth 2 and Native Apps

Java Relying Party API v1.0 Programmer s Guide

Login with Amazon. Developer Guide for Websites

Trunk Player Documentation

Aruba Central APIs. Adolfo Bolivar April 2018

OAuth2 Autoconfig. Copyright

Field Data Integrators Anoto SharePoint Online Connection Configuration

Coveo Platform 7.0. Yammer Connector Guide

GitHub-Flask Documentation

Single Sign-On for PCF. User's Guide

Sophos Mobile. Network Access Control interface guide. Product Version: 8.1

FaxCore API Reference A web based API for sending, receiving and managing faxes through the FaxCore network.

Leveraging the Globus Platform in your Web Applications. GlobusWorld April 26, 2018 Greg Nawrocki

Login with Amazon. Getting Started Guide for Websites

flask-jwt Documentation

INSTALLATION GUIDE Spring 2017

RESTFUL WEB SERVICES - INTERVIEW QUESTIONS

BaasBox. Open Source Backend as a Service. Otto Hylli

Oracle Fusion Middleware. Oracle API Gateway OAuth User Guide 11g Release 2 ( )

Slovak Banking API Standard. Rastislav Hudec, Marcel Laznia

Django IPRestrict Documentation

I hate money. Release 1.0

VAM. CAS Installer (for 2FA) Value- Added Module (VAM) Deployment Guide

INTEGRATION MANUAL DOCUMENTATION E-COMMERCE

Copyright. Copyright Ping Identity Corporation. All rights reserved. PingAccess Server documentation Version 4.

Integrate Salesforce. EventTracker v8.x and above

OpenID Connect Opens the Door to SAS Viya APIs

Server-Side Web Programming: Python (Part 1) Copyright 2017 by Robert M. Dondero, Ph.D. Princeton University

f5-icontrol-rest Documentation

Sample Title. Dancing with the Magento 2 APIs. A guided tour of the API dance floor. DevelopersParadise 2016 / Opatija / Croatia

PAS for OpenEdge Support for JWT and OAuth Samples -

Stateless Microservice Security via JWT, TomEE and MicroProfile

Installation procedure of Naso CC for Grandstream UCM 61xx/6510

ETSI TS V ( )

FUSION REGISTRY COMMUNITY EDITION SETUP GUIDE VERSION 9. Setup Guide. This guide explains how to install and configure the Fusion Registry.

PowerExchange for Facebook: How to Configure Open Authentication using the OAuth Utility

Usage of "OAuth2" policy action in CentraSite and Mediator

Datto Disaster Tracking

ChatWork API Documentation

DreamFactory Security Guide

Table of Contents. I. How do I register for a new account? II. How do I log in? (I already have a MyJohnDeere.com account.)

Azure Archival Installation Guide

Integration of the platform. Technical specifications

Integration Guide. LoginTC

Creating relying party clients using the Nimbus OAuth 2.0 SDK with OpenID Connect extensions

Exploiting and Defending: Common Web Application Vulnerabilities

Check to enable generation of refresh tokens when refreshing access tokens

Volante NACHA ISO20022 Validator AMI User Guide

Configuration Guide. Requires Vorex version 3.9 or later and VSA version or later. English

Chris Schalk Ryan Boyd

CM Social Post Documentation

Transcription:

ClickToCall SkypeTest Documentation Release 0.0.1 Andrea Mucci August 04, 2015

Contents 1 Requirements 3 2 Installation 5 3 Database Installation 7 4 Usage 9 5 Contents 11 5.1 REST API................................................ 11 5.2 Code API................................................. 16 6 Indices and tables 17 Python Module Index 19 i

ii

CLick2Call is Python project test with tornado and PostgreSQL database Server. This project was created for a demo and is not a complete click to call service. The project support: Client App registration ( oauth 2.0 ) User-Agent login create a call, not SIP signaling or RTP flux, is only a REST call that open a call SESSION terminate a call limit ongoing and outgoing call for a user ( if the user is registered with different apps, the limitation work as well ) a very basic admin REST interface to check the user call status and the call informations. Contents 1

2 Contents

CHAPTER 1 Requirements Python 2.7 Tornado 2.3 PostgreSQL 3

4 Chapter 1. Requirements

CHAPTER 2 Installation Is possible to use this project in a virtualenv, install before a virtual env: $ virtualenv venv --distribute New python executable in venv/bin/python Installing distribute...done. Installing pip...done. To activate the environment. $ source venv/bin/activate Now if you are in the root project folder you can use the requirements files to install all the the required packages $ pip install -r requirements.txt If all work well you have the project ready to use. 5

6 Chapter 2. Installation

CHAPTER 3 Database Installation The project have a sql folder with the database dump, this project work only with postgresql copy the dump file into postgrsql To modify the satabase connections parameters you need to open and modify the settings.py file under the app folder : DATABASE = { "name": "clickcall", "user": "postgres", "password": "mypassword", "host": "localhost", "port": "5432" } 7

8 Chapter 3. Database Installation

CHAPTER 4 Usage If you have activate your virtualenv you can launch the project form the root folder. $python manage.py The default value lauch a web server to the port 8888 the Web Server accept internal connections http://localhost:8888 9

10 Chapter 4. Usage

CHAPTER 5 Contents 5.1 REST API In this section will describe the REST API. 5.1.1 Authorization Process This project use the oauth 2.0 process ( Draft 31 ). The Authentications Flow processes supported are two. Application Flow Client-Side Flow Application Flow This is used if the tester is with a web server application ( php, java, python, ruby, C#, etc.). The sequence is described in this image. The scenario is redirecting the User-Agent to the login page ( popup etc.). The url to call from the Client Application is. GET http://localhost:8888/oauth/auth is Mandatory add the following parameter to this url client_id: * This is the client id added to the database in the client table * response_type: * For the Application Flow this value is code * redirect_uri: * This is the redirect uri added into the database in the client table for the client_id * scope: * The scope in this project is not processed, have only one scope and is call * Warning: This project have a test page for the redirect process, this page is http://localhost:8888/test this page return the code and the token after the grant process and the token creation! So, in conclusion the final url for the client auth is. GET http://localhost:8888/oauth/auth?client_id=<client_id>&response_type=code&redirect_uri=http://loc 11

12 Chapter 5. Contents

After calling this url, the system automatically redirect to the Login-Page, the redirection is a 302 Status Code The login Page URL where the User-Agent is redirect is: GET http://localhost:8888/auth/login?client_id=<client_id>&response_type=code&redirect_uri=http://loc The page show JSON formatted String with the parameters attached to the URL. If the User-Agent is already Logged, the System redirect with a 303 status code to the Grant page. If the user is not logged in, is necessary to send a post to the same url, with the username and password parameters. POST http://localhost:8888/auth/login body_parms: client_id=<client_id>&response_type=code&redirect_uri=http://localhost:8888/test&scope=call&username= If the login is processed correctly, the System redirect to the Grant Page. This is the process that authorize the Application-ID take some information of the User-Agent. In a classic project this page show a form with two button, Accept Refuse. In this project is returned a json string with the parameters passed to the URL from the login page. If the User-Agent never have Grnated the Application-ID must be send a POST to the same url: POST http://localhost:8888/auth/grant body_params: client_id=<client_id>&response_type=code&redirect_uri=http://localhost:8888/test&scope=call&grant=tru In this example the User-Agent has sent grant=true so he have accepted the Application Access. Now the system redirect to the redirect_uri passed as a parameter. if you is used the test page http://localhost:8888/test you will take the code from the body that show a JSON String. The redirect is: GET http://localhost:8888/test?code=<code> After this process will be can take the token with the code returned. To obtain the token you need to send a GET to this url and with thsi parameters. GET http://localhost:8888/oauth/token?client_id=<client_id>&client_secret=<secret_id>&code=<code>&red In this URl have one new parameter client_secret. This parameter is one column in the Client Table and is the password for the Application. After call this URL, the System will be redirect to the redirect_uri, like the code step, this page show in the body a JSON string with the token code, the redirection is with a 303 status code. The url called is: GET http://localhost:8888/test#access_token=<token>&token_type=bearer&expires_in=3600 Now with the token is possible to call the REST Server. Client-Side Flow This Flow is practically the same as the Application-Flow. This is used by Javascript Application ( client-side ). In the image have the flow view of the process. This process will not request the token from a code authentication. the url flow is: GET http://localhost:8888/oauth/auth?client_id=<client_id>&response_type=token&redirect_uri=http://lo login redirection: GET http://localhost:8888/auth/login?client_id=<client_id>&response_type=token&redirect_uri=http://lo Send the post to login the user: 5.1. REST API 13

POST http://localhost:8888/auth/login body_parms: client_id=<client_id>&response_type=token&redirect_uri=http://localhost:8888/test&scope=call&username grant if is not granted, if the customer is granted will be automatically redirect to the redirect_uri: POST http://localhost:8888/auth/grant body_params: client_id=<client_id>&response_type=token&redirect_uri=http://localhost:8888/test&scope=call&grant=tr after this step, the system redirect to the page and send the parameters as: GET http://localhost:8888/test#access_token=<token>&token_type=bearer&expires_in=3600 Now is possible to call the REST Sever 5.1.2 REST Call Interface HowTo send the token for authentication Is possible to send the token in two methods. as a URL parameter: GET http://localhost:8888/rest/call?access_token=<access_token> or in the header: 14 Chapter 5. Contents

POST /rest/call HTTP/1.1 Host: localhost:8888 User-Agent: PersonalUser-Agent Authentication: Bearer <your-token> Is important to add the Bearer parameter to stay compliant with the oauth2 protocol. Make a call Send a POST to this url: POST http://localhost:8888/rest/call The parameter to send in the post is number=<number_to_call If all work well you will obtain a status code 201, in the Location header you will obtain the GET URL with the token call to get the call information: RESPONSE: HTTP/1.1 201 OK Server: xlightweb/2.6 Content-Length: 0 Location: http://localhost:8888/rest/call?token_call=<token_call> Content-Type: application/x-www-form-urlencoded Stop a Call Send a PUT to this url: PUT http://localhost:8888/rest/call And in the PUT body this parameter: token_call=<token_call> This method return a status code 200 Get Call info To get informations about a call you need to send a GET request: GET http://localhost:8888/rest/call?token_call=<token_call> Yu will obtain a JSON string or a xml string with the call information. if have some problems will return 409 error Conflict Get All Ongoing Calls To get all ongoing calls you need to send a GET to this url whitout any parameter: GET http://localhost:8888/rest/call The result is a JSON or a XML string with all the ongoing calls for the logged user. 5.1. REST API 15

5.2 Code API 5.2.1 Database Models Base Class Derived Classes Generic Classes 5.2.2 Http Handler Classes Base Classes Authentication Derived Classes REST Derived Classes 5.2.3 Exception Classes Exceptions Exception Module for Custome Errors exception core.exceptions.dbconnectionerror Exception used to raise a Database Connection Error. exception core.exceptions.dbcursorerror Exception used to raise a Cursor Connection Error. exception core.exceptions.dbqueryerror Exception used to raise a Query Connection Error. exception core.exceptions.genericexception exception core.exceptions.grantnotauthorized Exception used to raise a grant error. exception core.exceptions.objectdoesnotexist Exception used to except if the query return a value or not. exception core.exceptions.restmaxcallerror Exception used to raise the maximum ongoing call permitted. 16 Chapter 5. Contents

CHAPTER 6 Indices and tables genindex modindex search 17

18 Chapter 6. Indices and tables

Python Module Index c core.exceptions, 16 19

20 Python Module Index

Index C core.exceptions (module), 16 D DBConnectionError, 16 DBCursorError, 16 DBQueryError, 16 G GenericException, 16 GrantNotAuthorized, 16 O ObjectDoesNotExist, 16 R RestMaxCallError, 16 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback