On Fri, Aug 19, 2016 at 5:20 PM, Dinusha Senanayaka <dinu...@wso2.com> wrote:
> > > On Fri, Aug 19, 2016 at 2:35 PM, Nuwan Dias <nuw...@wso2.com> wrote: > >> >> >> On Fri, Aug 19, 2016 at 1:40 PM, Sanjeewa Malalgoda <sanje...@wso2.com> >> wrote: >> >>> The purpose of implementing client tool is to ease admins/devopts task. >>> If we think of end user point of view(api creator) client tool do not help >>> much. >>> I don't believe usual API creator, publishers will use this client much. >>> If we need to let them to export API then we should give them UI option. >>> >>> So most of the time this will be use by system administrators and >>> devopts people to move artifacts between environments. In such cases >>> creating new application and embedding it to app would not be a problem. >>> And also if this is more of admin tool then we can use other securing >>> mechanisms such as basic auth. >>> >> >> The import/export tool is a client side library which consumes the >> product REST APIs. Since the REST APIs are protected over OAuth I don't >> think using Basic Auth is an option. >> > > Can we introduce a new permission/s [1] and a scope. If user is having > these permissions, which we should consider as a sys-admin and allow to > perform any of the REST API calls. Same time, if the tool need to be used > by normal creator/publisher user, we can keep the logic Kaveesha has > initially mentioned. > Sorry, I don't get the exact problem you're trying to solve. Let's say someone wants to import an API. What basically happens here is that you're creating an API somewhere. In order to do that you need to have the "creator" role (to get the required scope). So sys-admin or whoever, as long as that person has the required permissions, can perform the import function. Therefore what is the reason you would require to introduce a new permission? > > [1] API > |- import > |- export > > > Regards, > Dinusha. > > >> >>> Thanks, >>> sanjeewa. >>> >>> On Fri, Aug 19, 2016 at 12:07 PM, Kaveesha Perera <kavee...@wso2.com> >>> wrote: >>> >>>> Hi all, >>>> >>>> Currently I'm working on a client side tool that consumes REST APIs for >>>> API import/export feature of APIM (Refer to my previous email labeled [1]). >>>> There OAuth life cycle goes as follows. >>>> >>>> User asked to give a application name on the configuration file.Using >>>> that, tool create a client application calling DCR endpoint to obtain >>>> consumer keys and consumer secretes required to generate tokens that are >>>> needed for import and export of APIs. In the case where user didn't provide >>>> any application name, tool's default name will be used for the above. >>>> >>>> If the application already exists and only if the user is the owner of >>>> that particular application, consumer key and the consumer secret of the >>>> existing application will be returned by the DCR endpoint. >>>> >>>> If any feedback on this process please do reply. >>>> >>>> *[1] Facilitating Updating API with import/export tool in APIM * >>>> >>>> Regards, >>>> -- >>>> Kaveesha Perera >>>> Intern - Software Engineering >>>> >>>> mobile: 0716130471 >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> Architecture@wso2.org >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> >>> -- >>> >>> *Sanjeewa Malalgoda* >>> WSO2 Inc. >>> Mobile : +94713068779 >>> >>> <http://sanjeewamalalgoda.blogspot.com/>blog >>> :http://sanjeewamalalgoda.blogspot.com/ >>> <http://sanjeewamalalgoda.blogspot.com/> >>> >>> >>> >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Nuwan Dias >> >> Software Architect - WSO2, Inc. http://wso2.com >> email : nuw...@wso2.com >> Phone : +94 777 775 729 >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Dinusha Dilrukshi > Associate Technical Lead > WSO2 Inc.: http://wso2.com/ > Mobile: +94725255071 > Blog: http://dinushasblog.blogspot.com/ > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Nuwan Dias Software Architect - WSO2, Inc. http://wso2.com email : nuw...@wso2.com Phone : +94 777 775 729
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
