On Tue, Aug 20, 2019 at 6:37 PM Kasun Thennakoon <kasu...@wso2.com> wrote:
> Hi All, > > > Regarding the @Vithursa Mahendrarajah <vithu...@wso2.com>'s encoding > query params issue, > > What if we simply encode the path parameter using base64 ? > > for example > > With URL encoding: > https://localhost:9443/api/am/publisher/v1.0/roles/Internal%2Fcreator > <https://localhost:9443/api/am/publisher/v1.0/roles/Internal%2Fcreator,> > Base 64 encoding: > https://localhost:9443/api/am/publisher/v1.0/roles/SW50ZXJuYWwvRmNyZWF0b3I > <https://localhost:9443/api/am/publisher/v1.0/roles/Internal%2Fcreator,> > > well, it doesn't look nice. But certainly will work > > I think we can consider it as the roleId. /roles/{roleId}: #----------------------------------------------------- # The role existence check resource #----------------------------------------------------- head: summary: | Check given role is already exist parameters: - $ref : '#/parameters/roleId' # Role Id roleId: name: roleId in: path description: | The base64 encoded format of the role name. required: true type: string The only issue is that all the other places we are using ids in UUID format and here we have a difference. Apart from that, this makes everything else safe and simple; 1. No need to split and separate user store from the UI from the separate characters. We just need to base64 encode and pass it to the REST API. 2. Support multiple character types: @Harsha Kumara <hars...@wso2.com> I think different character issue will also be solved with this? Hence, +1 from me for the suggested approach. Thanks! Malintha > > Thanks > ~KasunTe > > On Tue, Aug 20, 2019 at 4:45 PM Bhathiya Jayasekara <bhath...@wso2.com> > wrote: > >> >> >> On Tue, Aug 20, 2019 at 4:38 PM Harsha Kumara <hars...@wso2.com> wrote: >> >>> >>> This is a good finding. Given this issue, I don't think it is a good >>>>>>> idea to proceed with the encoded slash in the path. >>>>>>> >>>>>>>> >>>>>>>> Alternatively, we can pass user-store in following ways: >>>>>>>> >>>>>>>> 1. /roles/{rolename}?userstore={userstore} >>>>>>>> 2. /userstore/{userstore}/roles/{roleName} >>>>>>>> 3. /roles/{rolename}/userstore/{userstore} >>>>>>>> 4. Or, need to have a configurable character to differentiate >>>>>>>> user-store and role name. For instance, roles/{userstore}*-* >>>>>>>> {roleName} >>>>>>>> >>>>>>>> Which way we can implement? Appreciate your suggestions regarding >>>>>>>> this. >>>>>>>> >>>>>>> >>>>>>> How do we treat Internal roles? Can we treat "Internal" as a user >>>>>>> store? >>>>>>> >>>>>>> Eg: check if "Internal/subscriber" is available: >>>>>>> >>>>>>> HEAD /roles/subscriber?userStore=Internal >>>>>>> >>>>>>> Is this a valid way of representing it? >>>>>>> >>>>>> >>>>>> If we're not allowed to create secondary userstores with the name >>>>>> "Internal", this should be ok. >>>>>> >>>>> For internal roles should be pass this at all? >>>>> >>>> >>>> That should be the behavior for the users in the primary user store >>>> right? >>>> >>> I meant userstore name shouldn't be mandatory parameter for checking >>> internal role existence. If not user store means we can treat it as a >>> internal role? >>> >> >> We can't I think. There should be a way to differentiate primary >> userstore users and internal users. >> >> Thanks, >> Bhathiya >> >> >>> >>>> Thanks, >>>> Bhathiya >>>> >>>> >>>>> >>>>>> Thanks, >>>>>> Bhathiya >>>>>> >>>>>> >>>>>>> >>>>>>> >>>>>>>> >>>>>>>> [1] https://issues.apache.org/jira/browse/CXF-4207 >>>>>>>> [2] >>>>>>>> https://github.com/wso2/carbon-apimgt/blob/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/impl/WebAppAuthenticatorImpl.java#L138 >>>>>>>> [3] >>>>>>>> https://github.com/wso2/carbon-apimgt/blob/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/impl/WebAppAuthenticatorImpl.java#L113 >>>>>>>> [4] >>>>>>>> https://serverfault.com/questions/914847/stop-apache-from-decoding-characters-from-uri-for-path-info >>>>>>>> [5] https://backstage.forgerock.com/knowledge/kb/article/a59558448 >>>>>>>> [6] >>>>>>>> http://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#System_Properties >>>>>>>> <http://tomcat.apache.org/tomcat-9.0-doc/security-howto.html> >>>>>>>> >>>>>>>> <http://tomcat.apache.org/tomcat-9.0-doc/security-howto.html> >>>>>>>> Thanks, >>>>>>>> Vithursa >>>>>>>> >>>>>>>> On Fri, Aug 16, 2019 at 11:07 AM Vithursa Mahendrarajah < >>>>>>>> vithu...@wso2.com> wrote: >>>>>>>> >>>>>>>>> Ack, will do that. >>>>>>>>> >>>>>>>>> On Fri, Aug 16, 2019 at 12:16 AM Harsha Kumara <hars...@wso2.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> @Vithursa Mahendrarajah <vithu...@wso2.com> Once you implement, >>>>>>>>>> let's add several test cases with special characters, secondary user >>>>>>>>>> store >>>>>>>>>> roles and etc. >>>>>>>>>> >>>>>>>>>> On Thu, Aug 15, 2019 at 4:16 PM Vithursa Mahendrarajah < >>>>>>>>>> vithu...@wso2.com> wrote: >>>>>>>>>> >>>>>>>>>>> Hi all, >>>>>>>>>>> >>>>>>>>>>> Thanks for the suggestions. As per the suggestions, we have >>>>>>>>>>> decided to go with HEAD request option. As mentioned earlier in this >>>>>>>>>>> thread, following are the scenarios where role validation is >>>>>>>>>>> required: >>>>>>>>>>> >>>>>>>>>>> 1. API Design phase - >>>>>>>>>>> - Publisher access control - check whether the role exists >>>>>>>>>>> and the logged-in user has the role >>>>>>>>>>> - Store visibility - check whether the role exists or not >>>>>>>>>>> 2. API Manage phase - when adding new scope - check whether >>>>>>>>>>> the role exists or not >>>>>>>>>>> >>>>>>>>>>> We have decided to add the OAuth2 scope as apim:api_create as >>>>>>>>>>> these functionalities are used by API creator. >>>>>>>>>>> >>>>>>>>>>> As per the offline discussion had with @Malintha Amarasinghe >>>>>>>>>>> <malint...@wso2.com> and @Kasun Thennakoon <kasu...@wso2.com>, >>>>>>>>>>> when checking whether the logged-in user has particular role, >>>>>>>>>>> claims in ID >>>>>>>>>>> token stored in browser local storage could be used. By considering >>>>>>>>>>> the >>>>>>>>>>> possibility of manipulating the ID token in local storage, >>>>>>>>>>> complexity in >>>>>>>>>>> handling when using secondary userstore and the security concerns in >>>>>>>>>>> exposing roles assigned to particular user, we have decided to >>>>>>>>>>> introduce another REST API to check whether the logged-in user has >>>>>>>>>>> the >>>>>>>>>>> given role as this would be more cleaner. >>>>>>>>>>> >>>>>>>>>>> Please find the REST API definition as follows: >>>>>>>>>>> >>>>>>>>>>> ###################################################### >>>>>>>>>>> # The Role Name Existence >>>>>>>>>>> ###################################################### >>>>>>>>>>> /roles/{roleName}: >>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>> # The role name existence check resource >>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>> head: >>>>>>>>>>> security: >>>>>>>>>>> - OAuth2Security: >>>>>>>>>>> - apim:api_create >>>>>>>>>>> summary: >>>>>>>>>>> Check given role name already exists >>>>>>>>>>> description: >>>>>>>>>>> Using this operation, to check whether given role already >>>>>>>>>>> exists >>>>>>>>>>> parameters: >>>>>>>>>>> - $ref : '#/parameters/roleName' >>>>>>>>>>> responses: >>>>>>>>>>> 200: >>>>>>>>>>> description: >>>>>>>>>>> OK. >>>>>>>>>>> Requested role name is returned. >>>>>>>>>>> 404: >>>>>>>>>>> description: >>>>>>>>>>> Not Found. >>>>>>>>>>> Requested role name does not exist. >>>>>>>>>>> >>>>>>>>>>> ###################################################### >>>>>>>>>>> # The Role Name Existence for the logged-in user >>>>>>>>>>> ###################################################### >>>>>>>>>>> /me/roles/{roleName}: >>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>> # Validate role against a user >>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>> head: >>>>>>>>>>> security: >>>>>>>>>>> - OAuth2Security: >>>>>>>>>>> - apim:api_create >>>>>>>>>>> summary: >>>>>>>>>>> Validate whether the logged-in user has the given role >>>>>>>>>>> description: >>>>>>>>>>> Using this operation, logged-in user can check whether he >>>>>>>>>>> has given role. >>>>>>>>>>> parameters: >>>>>>>>>>> - $ref : '#/parameters/roleName' >>>>>>>>>>> responses: >>>>>>>>>>> 200: >>>>>>>>>>> description: >>>>>>>>>>> OK. >>>>>>>>>>> Logged-in user has the role. >>>>>>>>>>> 404: >>>>>>>>>>> description: >>>>>>>>>>> Not Found. >>>>>>>>>>> Logged-in user does not have the role. >>>>>>>>>>> >>>>>>>>>>> Appreciate any feedback on this. >>>>>>>>>>> >>>>>>>>>>> Thanks, >>>>>>>>>>> Vithursa >>>>>>>>>>> >>>>>>>>>>> On Thu, Aug 15, 2019 at 11:35 AM Naduni Pamudika < >>>>>>>>>>> nad...@wso2.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> +Vithursa Mahendrarajah <vithu...@wso2.com> >>>>>>>>>>>> >>>>>>>>>>>> On Mon, Aug 12, 2019 at 5:26 PM Sanjeewa Malalgoda < >>>>>>>>>>>> sanje...@wso2.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Thu, Aug 8, 2019 at 9:08 PM Malintha Amarasinghe < >>>>>>>>>>>>> malint...@wso2.com> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> When we return a 404, it implies that the URL (or the >>>>>>>>>>>>>> resource) does not exist. Here the URL/resource is >>>>>>>>>>>>>> */validate-role *(a controller resource) which always exists >>>>>>>>>>>>>> so it is wrong to return a 404 at any case. >>>>>>>>>>>>>> >>>>>>>>>>>>> Yes agree with this and controller resource(as query params >>>>>>>>>>>>> optional controller resource will be resource) is not ideal for >>>>>>>>>>>>> this. >>>>>>>>>>>>> Using head would be good option. Like nirmal mentioned any >>>>>>>>>>>>> additional parameters related to filter criteria can be passed as >>>>>>>>>>>>> query >>>>>>>>>>>>> parameters. >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks, >>>>>>>>>>>>> sanjeewa/ >>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks! >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Thu, Aug 8, 2019 at 7:12 PM Menaka Jayawardena < >>>>>>>>>>>>>> men...@wso2.com> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi Naduni, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Wh the GET request always returns 200? >>>>>>>>>>>>>>> Can't we set the status code 404 if the role is not found? >>>>>>>>>>>>>>> So we can check the response status from the UI. We do not want >>>>>>>>>>>>>>> to read the >>>>>>>>>>>>>>> body then. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Thu, Aug 8, 2019 at 6:05 PM Naduni Pamudika < >>>>>>>>>>>>>>> nad...@wso2.com> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thanks all for the suggestions. With the GET method @Bhathiya >>>>>>>>>>>>>>>> Jayasekara <bhath...@wso2.com> suggested, we have the >>>>>>>>>>>>>>>> following 2 options now. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> 1. *HEAD /roles/{roleName}* >>>>>>>>>>>>>>>> 2. *GET /validate-role?role=rolename* >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> If we go with the option 1, it will simplify the work in >>>>>>>>>>>>>>>> the UI side while doing the role validations by using the Rest >>>>>>>>>>>>>>>> API since we >>>>>>>>>>>>>>>> can do the validation by looking at the status code (If the >>>>>>>>>>>>>>>> role exists it >>>>>>>>>>>>>>>> is a 200 and if not it is a 404). If we go with the option 2, >>>>>>>>>>>>>>>> it will >>>>>>>>>>>>>>>> always return a 200 status code and we need to check the >>>>>>>>>>>>>>>> response body to >>>>>>>>>>>>>>>> validate a particular role name (We can send >>>>>>>>>>>>>>>> *isRoleExist=true* and *isRoleExist=false* in the response >>>>>>>>>>>>>>>> body depending on the existence of a role name). >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Since most of us are +1 with the option 2, shall we move >>>>>>>>>>>>>>>> forward with the GET method? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>> Naduni >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 7:27 PM Bhathiya Jayasekara < >>>>>>>>>>>>>>>> bhath...@wso2.com> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 6:24 PM Malintha Amarasinghe < >>>>>>>>>>>>>>>>> malint...@wso2.com> wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:39 PM Harsha Kumara < >>>>>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:37 PM Malintha Amarasinghe < >>>>>>>>>>>>>>>>>>> malint...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:35 PM Harsha Kumara < >>>>>>>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Let's say if someone wants to check existence of role >>>>>>>>>>>>>>>>>>>>> foo in user store TEST. He will do a call /roke/TEST/foo >>>>>>>>>>>>>>>>>>>>> which isn't valid >>>>>>>>>>>>>>>>>>>>> request right? >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> @Harsha Kumara <hars...@wso2.com> we need to URL >>>>>>>>>>>>>>>>>>>> encode the role name. The request will become >>>>>>>>>>>>>>>>>>>> /roles/TEST%2Ffoo >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Yes that's true. Again some customers might have >>>>>>>>>>>>>>>>>>> different letters in their role names. Might note be a good >>>>>>>>>>>>>>>>>>> idea to include >>>>>>>>>>>>>>>>>>> as a path parameter. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Even if we add as a query param, that will go as part of >>>>>>>>>>>>>>>>>> the URL which might lead to similar issues? We may need to >>>>>>>>>>>>>>>>>> test this for >>>>>>>>>>>>>>>>>> query parameters as well. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> I preferred the HEAD method due to the simpleness ( only >>>>>>>>>>>>>>>>>> need to respond with 204 or 404 without any payload based on >>>>>>>>>>>>>>>>>> the >>>>>>>>>>>>>>>>>> availability of the role) and RESTfulness (consider a role >>>>>>>>>>>>>>>>>> as a resource >>>>>>>>>>>>>>>>>> and do a fetch on it in the usual way). HEAD is the usual >>>>>>>>>>>>>>>>>> way for checking >>>>>>>>>>>>>>>>>> the existence of a resource. However, we do not have the >>>>>>>>>>>>>>>>>> need for >>>>>>>>>>>>>>>>>> implementing a GET here for now. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> This is actually my worry is. I don't think we'll ever >>>>>>>>>>>>>>>>> have to give a /roles/{role} in the publisher APIs. So having >>>>>>>>>>>>>>>>> a HEAD >>>>>>>>>>>>>>>>> without a GET feels strange to me. Maybe it's just me. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>> Bhathiya >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:33 PM Mushthaq Rumy < >>>>>>>>>>>>>>>>>>>>> musht...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Adding [Architecture] >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:30 PM Mushthaq Rumy < >>>>>>>>>>>>>>>>>>>>>> musht...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Since we will be UserStoreManager, this should cover >>>>>>>>>>>>>>>>>>>>>>> the secondary user stores as well. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Thanks & Regards, >>>>>>>>>>>>>>>>>>>>>>> Mushthaq >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:28 PM Harsha Kumara < >>>>>>>>>>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> What happen if the role is from secondary user >>>>>>>>>>>>>>>>>>>>>>>> store? >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:24 PM Naduni Pamudika < >>>>>>>>>>>>>>>>>>>>>>>> nad...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> We are planning to add a REST API endpoint to APIM >>>>>>>>>>>>>>>>>>>>>>>>> 3.0 Publisher Rest APIs and the intention is to check >>>>>>>>>>>>>>>>>>>>>>>>> the existence of a >>>>>>>>>>>>>>>>>>>>>>>>> particular role name. This will be used in order to >>>>>>>>>>>>>>>>>>>>>>>>> manage roles when >>>>>>>>>>>>>>>>>>>>>>>>> enabling Publisher Access Control and Store >>>>>>>>>>>>>>>>>>>>>>>>> Visibility and when adding >>>>>>>>>>>>>>>>>>>>>>>>> Scopes. >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> The swagger definition for the new endpoint would >>>>>>>>>>>>>>>>>>>>>>>>> be as follows. >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>>>>>>>>>>>>>> # The Role Name Existence >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>>>>>>>>>>>>>> /roles/{roleName}: >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>>>>>>>>>>>>>>>> # The role name existence check resource >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>>>>>>>>>>>>>>>> head: >>>>>>>>>>>>>>>>>>>>>>>>> security: >>>>>>>>>>>>>>>>>>>>>>>>> - OAuth2Security: >>>>>>>>>>>>>>>>>>>>>>>>> - apim:api_view >>>>>>>>>>>>>>>>>>>>>>>>> summary: | >>>>>>>>>>>>>>>>>>>>>>>>> Check given role name is already exist >>>>>>>>>>>>>>>>>>>>>>>>> description: | >>>>>>>>>>>>>>>>>>>>>>>>> Using this operation, you can check a >>>>>>>>>>>>>>>>>>>>>>>>> given role name is already used. You need to provide >>>>>>>>>>>>>>>>>>>>>>>>> the role name you want >>>>>>>>>>>>>>>>>>>>>>>>> to check. >>>>>>>>>>>>>>>>>>>>>>>>> parameters: >>>>>>>>>>>>>>>>>>>>>>>>> - $ref : '#/parameters/roleName' >>>>>>>>>>>>>>>>>>>>>>>>> responses: >>>>>>>>>>>>>>>>>>>>>>>>> 200: >>>>>>>>>>>>>>>>>>>>>>>>> description: | >>>>>>>>>>>>>>>>>>>>>>>>> OK. >>>>>>>>>>>>>>>>>>>>>>>>> Requested role name is returned. >>>>>>>>>>>>>>>>>>>>>>>>> 404: >>>>>>>>>>>>>>>>>>>>>>>>> description: | >>>>>>>>>>>>>>>>>>>>>>>>> Not Found. >>>>>>>>>>>>>>>>>>>>>>>>> Requested role name does not exist. >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>>>>>>>>>>>>>> # Role Name >>>>>>>>>>>>>>>>>>>>>>>>> roleName: >>>>>>>>>>>>>>>>>>>>>>>>> name: roleName >>>>>>>>>>>>>>>>>>>>>>>>> in: path >>>>>>>>>>>>>>>>>>>>>>>>> description: | >>>>>>>>>>>>>>>>>>>>>>>>> The role name >>>>>>>>>>>>>>>>>>>>>>>>> required: true >>>>>>>>>>>>>>>>>>>>>>>>> type: string >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> It is a HEAD method (*/roles/{roleName}*) which >>>>>>>>>>>>>>>>>>>>>>>>> will return a 200 status code if the given role name >>>>>>>>>>>>>>>>>>>>>>>>> exists and a 404 >>>>>>>>>>>>>>>>>>>>>>>>> status code if the give role name is not found. >>>>>>>>>>>>>>>>>>>>>>>>> Sample requests and >>>>>>>>>>>>>>>>>>>>>>>>> responses are given below. >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Request: >>>>>>>>>>>>>>>>>>>>>>>>> HEAD >>>>>>>>>>>>>>>>>>>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/valid-role >>>>>>>>>>>>>>>>>>>>>>>>> HTTP/1.1 >>>>>>>>>>>>>>>>>>>>>>>>> Authorization: Bearer >>>>>>>>>>>>>>>>>>>>>>>>> ae4eae22-3f65-387b-a171-d37eaa366fa8 >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Response: >>>>>>>>>>>>>>>>>>>>>>>>> HTTP/1.1 200 OK >>>>>>>>>>>>>>>>>>>>>>>>> Connection: keep-alive >>>>>>>>>>>>>>>>>>>>>>>>> Content-Length: 0 >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Request: >>>>>>>>>>>>>>>>>>>>>>>>> HEAD >>>>>>>>>>>>>>>>>>>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/invalid-role >>>>>>>>>>>>>>>>>>>>>>>>> HTTP/1.1 >>>>>>>>>>>>>>>>>>>>>>>>> Authorization: Bearer >>>>>>>>>>>>>>>>>>>>>>>>> ae4eae22-3f65-387b-a171-d37eaa366fa8 >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Response: >>>>>>>>>>>>>>>>>>>>>>>>> HTTP/1.1 404 Not Found >>>>>>>>>>>>>>>>>>>>>>>>> Connection: keep-alive >>>>>>>>>>>>>>>>>>>>>>>>> Content-Length: 0 >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Are we good to have the endpoint definition as >>>>>>>>>>>>>>>>>>>>>>>>> this? Appreciate your inputs to proceed further. >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>> Naduni >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>> *Naduni Pamudika* | Senior Software Engineer | >>>>>>>>>>>>>>>>>>>>>>>>> WSO2 Inc. >>>>>>>>>>>>>>>>>>>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) >>>>>>>>>>>>>>>>>>>>>>>>> nad...@wso2.com >>>>>>>>>>>>>>>>>>>>>>>>> [image: http://wso2.com/signature] >>>>>>>>>>>>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>> Mushthaq Rumy >>>>>>>>>>>>>>>>>>>>>>> *Senior Software Engineer* >>>>>>>>>>>>>>>>>>>>>>> Mobile : +94 (0) 779 492140 >>>>>>>>>>>>>>>>>>>>>>> Email : musht...@wso2.com >>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com/ >>>>>>>>>>>>>>>>>>>>>>> lean . enterprise . middleware. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>> Mushthaq Rumy >>>>>>>>>>>>>>>>>>>>>> *Senior Software Engineer* >>>>>>>>>>>>>>>>>>>>>> Mobile : +94 (0) 779 492140 >>>>>>>>>>>>>>>>>>>>>> Email : musht...@wso2.com >>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com/ >>>>>>>>>>>>>>>>>>>>>> lean . enterprise . middleware. >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>> Malintha Amarasinghe >>>>>>>>>>>>>>>>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>>>>>>>>>>>>>>>> http://wso2.com/ >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Mobile : +94 712383306 >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>> Malintha Amarasinghe >>>>>>>>>>>>>>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>>>>>>>>>>>>>> http://wso2.com/ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Mobile : +94 712383306 >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. >>>>>>>>>>>>>>>>> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc. >>>>>>>>>>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) >>>>>>>>>>>>>>>> nad...@wso2.com >>>>>>>>>>>>>>>> [image: http://wso2.com/signature] >>>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> *Menaka Jayawardena* >>>>>>>>>>>>>>> Senior Software Engineer | WSO2 Inc. >>>>>>>>>>>>>>> +94 71 350 5470 | +94 76 717 2511 | men...@wso2.com >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> <https://wso2.com/signature> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> Malintha Amarasinghe >>>>>>>>>>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>>>>>>>>>> http://wso2.com/ >>>>>>>>>>>>>> >>>>>>>>>>>>>> Mobile : +94 712383306 >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> *Sanjeewa Malalgoda* >>>>>>>>>>>>> Software Architect | Associate Director, Engineering - WSO2 >>>>>>>>>>>>> Inc. >>>>>>>>>>>>> (m) +94 712933253 | (e) sanje...@wso2.com | (b) Blogger >>>>>>>>>>>>> <http://sanjeewamalalgoda.blogspot.com>, Medium >>>>>>>>>>>>> <https://medium.com/@sanjeewa190> >>>>>>>>>>>>> >>>>>>>>>>>>> GET INTEGRATION AGILE <https://wso2.com/signature> >>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc. >>>>>>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) >>>>>>>>>>>> nad...@wso2.com >>>>>>>>>>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Vithursa Mahendrarajah >>>>>>>>>>> Software Engineer >>>>>>>>>>> WSO2 Inc. - http ://wso2.com >>>>>>>>>>> Mobile : +947*66695643* <+94%2077%20819%201300> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> * <http://wso2.com/signature> <http://wso2.com/signature> >>>>>>>>>>> <http://wso2.com/signature>* >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> >>>>>>>>>> *Harsha Kumara* >>>>>>>>>> >>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>> Mobile: +94775505618 >>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>> >>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Vithursa Mahendrarajah >>>>>>>>> Software Engineer >>>>>>>>> WSO2 Inc. - http ://wso2.com >>>>>>>>> Mobile : +947*66695643* <+94%2077%20819%201300> >>>>>>>>> >>>>>>>>> >>>>>>>>> * <http://wso2.com/signature> <http://wso2.com/signature> >>>>>>>>> <http://wso2.com/signature>* >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Vithursa Mahendrarajah >>>>>>>> Software Engineer >>>>>>>> WSO2 Inc. - http ://wso2.com >>>>>>>> Mobile : +947*66695643* <+94%2077%20819%201300> >>>>>>>> >>>>>>>> >>>>>>>> * <http://wso2.com/signature> <http://wso2.com/signature> >>>>>>>> <http://wso2.com/signature>* >>>>>>>> >>>>>>> >>>>>> >>>>>> -- >>>>>> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. >>>>>> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com >>>>>> >>>>>> >>>>>> >>>>> >>>>> -- >>>>> >>>>> *Harsha Kumara* >>>>> >>>>> Technical Lead, WSO2 Inc. >>>>> Mobile: +94775505618 >>>>> Email: hars...@wso2.coim >>>>> Blog: harshcreationz.blogspot.com >>>>> >>>>> GET INTEGRATION AGILE >>>>> Integration Agility for Digitally Driven Business >>>>> >>>> >>>> >>>> -- >>>> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. >>>> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com >>>> >>>> >>>> >>> >>> -- >>> >>> *Harsha Kumara* >>> >>> Technical Lead, WSO2 Inc. >>> Mobile: +94775505618 >>> Email: hars...@wso2.coim >>> Blog: harshcreationz.blogspot.com >>> >>> GET INTEGRATION AGILE >>> Integration Agility for Digitally Driven Business >>> >> >> >> -- >> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. >> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com >> >> >> > > -- > *Kasun Thennakoon* | Senior Software Engineer | WSO2 Inc. > (m) +94 711661919 | (w) +94 11 214 5345 | (e) kasu...@wso2.com > GET INTEGRATION AGILE > Integration Agility for Digitally Driven Business > -- Malintha Amarasinghe *WSO2, Inc. - lean | enterprise | middleware* http://wso2.com/ Mobile : +94 712383306
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
