aboutsummaryrefslogtreecommitdiffhomepage
path: root/doc/html/REST-API
diff options
context:
space:
mode:
authorVirtualTam <virtualtam+github@flibidi.net>2017-08-05 10:40:35 +0200
committerGitHub <noreply@github.com>2017-08-05 10:40:35 +0200
commitb4ff0afb24db6e4cb3543bbd71f01bbb0716b144 (patch)
treef86caabf507fcd44db38353092f7b4476516bcd5 /doc/html/REST-API
parent1fdb40fc169b42af7622610c4f088688de231118 (diff)
parent29712e905b8a9bdf1eaa21cbda3ca7c9eb215937 (diff)
downloadShaarli-b4ff0afb24db6e4cb3543bbd71f01bbb0716b144.tar.gz
Shaarli-b4ff0afb24db6e4cb3543bbd71f01bbb0716b144.tar.zst
Shaarli-b4ff0afb24db6e4cb3543bbd71f01bbb0716b144.zip
Merge pull request #910 from virtualtam/documentation/improvements
Include generated doc in release archives, remove HTML from SCM
Diffstat (limited to 'doc/html/REST-API')
-rw-r--r--doc/html/REST-API/index.html419
1 files changed, 0 insertions, 419 deletions
diff --git a/doc/html/REST-API/index.html b/doc/html/REST-API/index.html
deleted file mode 100644
index dae27e5c..00000000
--- a/doc/html/REST-API/index.html
+++ /dev/null
@@ -1,419 +0,0 @@
1<!DOCTYPE html>
2<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
3<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
4<head>
5 <meta charset="utf-8">
6 <meta http-equiv="X-UA-Compatible" content="IE=edge">
7 <meta name="viewport" content="width=device-width, initial-scale=1.0">
8
9
10 <link rel="shortcut icon" href="../img/favicon.ico">
11 <title>REST API - Shaarli Documentation</title>
12 <link href='https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700' rel='stylesheet' type='text/css'>
13
14 <link rel="stylesheet" href="../css/theme.css" type="text/css" />
15 <link rel="stylesheet" href="../css/theme_extra.css" type="text/css" />
16 <link rel="stylesheet" href="../css/highlight.css">
17 <link href="../github-markdown.css" rel="stylesheet">
18
19 <script>
20 // Current page data
21 var mkdocs_page_name = "REST API";
22 var mkdocs_page_input_path = "REST-API.md";
23 var mkdocs_page_url = "/REST-API/";
24 </script>
25
26 <script src="../js/jquery-2.1.1.min.js"></script>
27 <script src="../js/modernizr-2.8.3.min.js"></script>
28 <script type="text/javascript" src="../js/highlight.pack.js"></script>
29
30</head>
31
32<body class="wy-body-for-nav" role="document">
33
34 <div class="wy-grid-for-nav">
35
36
37 <nav data-toggle="wy-nav-shift" class="wy-nav-side stickynav">
38 <div class="wy-side-nav-search">
39 <a href=".." class="icon icon-home"> Shaarli Documentation</a>
40 <div role="search">
41 <form id ="rtd-search-form" class="wy-form" action="../search.html" method="get">
42 <input type="text" name="q" placeholder="Search docs" />
43 </form>
44</div>
45 </div>
46
47 <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
48 <ul class="current">
49
50
51 <li class="toctree-l1">
52
53 <a class="" href="..">Home</a>
54 </li>
55
56 <li class="toctree-l1">
57
58 <span class="caption-text">Setup</span>
59 <ul class="subnav">
60 <li class="">
61
62 <a class="" href="../Download-and-Installation/">Download and Installation</a>
63 </li>
64 <li class="">
65
66 <a class="" href="../Upgrade-and-migration/">Upgrade and migration</a>
67 </li>
68 <li class="">
69
70 <a class="" href="../Server-requirements/">Server requirements</a>
71 </li>
72 <li class="">
73
74 <a class="" href="../Server-configuration/">Server configuration</a>
75 </li>
76 <li class="">
77
78 <a class="" href="../Server-security/">Server security</a>
79 </li>
80 <li class="">
81
82 <a class="" href="../Shaarli-configuration/">Shaarli configuration</a>
83 </li>
84 <li class="">
85
86 <a class="" href="../Plugins/">Plugins</a>
87 </li>
88 </ul>
89 </li>
90
91 <li class="toctree-l1">
92
93 <span class="caption-text">Docker</span>
94 <ul class="subnav">
95 <li class="">
96
97 <a class="" href="../docker/docker-101/">Docker 101</a>
98 </li>
99 <li class="">
100
101 <a class="" href="../docker/shaarli-images/">Shaarli images</a>
102 </li>
103 <li class="">
104
105 <a class="" href="../docker/reverse-proxy-configuration/">Reverse proxy configuration</a>
106 </li>
107 <li class="">
108
109 <a class="" href="../docker/resources/">Docker resources</a>
110 </li>
111 </ul>
112 </li>
113
114 <li class="toctree-l1">
115
116 <span class="caption-text">Usage</span>
117 <ul class="subnav">
118 <li class="">
119
120 <a class="" href="../Features/">Features</a>
121 </li>
122 <li class="">
123
124 <a class="" href="../Bookmarklet/">Bookmarklet</a>
125 </li>
126 <li class="">
127
128 <a class="" href="../Browsing-and-searching/">Browsing and searching</a>
129 </li>
130 <li class="">
131
132 <a class="" href="../Firefox-share/">Firefox share</a>
133 </li>
134 <li class="">
135
136 <a class="" href="../RSS-feeds/">RSS feeds</a>
137 </li>
138 <li class=" current">
139
140 <a class="current" href="./">REST API</a>
141 <ul class="subnav">
142
143 <li class="toctree-l3"><a href="#usage">Usage</a></li>
144
145
146 <li class="toctree-l3"><a href="#authentication">Authentication</a></li>
147
148 <ul>
149
150 <li><a class="toctree-l4" href="#shaarli-jwt-token">Shaarli JWT Token</a></li>
151
152 <li><a class="toctree-l4" href="#complete-example">Complete example</a></li>
153
154 </ul>
155
156
157 </ul>
158 </li>
159 </ul>
160 </li>
161
162 <li class="toctree-l1">
163
164 <span class="caption-text">How To</span>
165 <ul class="subnav">
166 <li class="">
167
168 <a class="" href="../Backup,-restore,-import-and-export/">Backup, restore, import and export</a>
169 </li>
170 <li class="">
171
172 <a class="" href="../Various-hacks/">Various hacks</a>
173 </li>
174 </ul>
175 </li>
176
177 <li class="toctree-l1">
178
179 <a class="" href="../Troubleshooting/">Troubleshooting</a>
180 </li>
181
182 <li class="toctree-l1">
183
184 <span class="caption-text">Development</span>
185 <ul class="subnav">
186 <li class="">
187
188 <a class="" href="../Development-guidelines/">Development guidelines</a>
189 </li>
190 <li class="">
191
192 <a class="" href="../Continuous-integration-tools/">Continuous integration tools</a>
193 </li>
194 <li class="">
195
196 <a class="" href="../GnuPG-signature/">GnuPG signature</a>
197 </li>
198 <li class="">
199
200 <a class="" href="../Coding-guidelines/">Coding guidelines</a>
201 </li>
202 <li class="">
203
204 <a class="" href="../Directory-structure/">Directory structure</a>
205 </li>
206 <li class="">
207
208 <a class="" href="../3rd-party-libraries/">3rd party libraries</a>
209 </li>
210 <li class="">
211
212 <a class="" href="../Plugin-System/">Plugin System</a>
213 </li>
214 <li class="">
215
216 <a class="" href="../Release-Shaarli/">Release Shaarli</a>
217 </li>
218 <li class="">
219
220 <a class="" href="../Versioning-and-Branches/">Versioning and Branches</a>
221 </li>
222 <li class="">
223
224 <a class="" href="../Security/">Security</a>
225 </li>
226 <li class="">
227
228 <a class="" href="../Static-analysis/">Static analysis</a>
229 </li>
230 <li class="">
231
232 <a class="" href="../Theming/">Theming</a>
233 </li>
234 <li class="">
235
236 <a class="" href="../Unit-tests/">Unit tests</a>
237 </li>
238 </ul>
239 </li>
240
241 <li class="toctree-l1">
242
243 <span class="caption-text">About</span>
244 <ul class="subnav">
245 <li class="">
246
247 <a class="" href="../FAQ/">FAQ</a>
248 </li>
249 <li class="">
250
251 <a class="" href="../Community-&-Related-software/">Community & Related software</a>
252 </li>
253 </ul>
254 </li>
255
256 </ul>
257 </div>
258 &nbsp;
259 </nav>
260
261 <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
262
263
264 <nav class="wy-nav-top" role="navigation" aria-label="top navigation">
265 <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
266 <a href="..">Shaarli Documentation</a>
267 </nav>
268
269
270 <div class="wy-nav-content">
271 <div class="rst-content">
272 <div role="navigation" aria-label="breadcrumbs navigation">
273 <ul class="wy-breadcrumbs">
274 <li><a href="..">Docs</a> &raquo;</li>
275
276
277
278 <li>Usage &raquo;</li>
279
280
281
282 <li>REST API</li>
283 <li class="wy-breadcrumbs-aside">
284
285 <a href="https://github.com/shaarli/Shaarli/edit/master/docs/REST-API.md"
286 class="icon icon-github"> Edit on GitHub</a>
287
288 </li>
289 </ul>
290 <hr/>
291</div>
292 <div role="main">
293 <div class="section">
294
295 <h2 id="usage">Usage</h2>
296<p>See the <a href="http://shaarli.github.io/api-documentation/">REST API documentation</a>.</p>
297<h2 id="authentication">Authentication</h2>
298<p>All requests to Shaarli's API must include a JWT token to verify their authenticity.</p>
299<p>This token has to be included as an HTTP header called <code>Authentication: Bearer &lt;jwt token&gt;</code>.</p>
300<p>JWT resources :</p>
301<ul>
302<li><a href="https://jwt.io">jwt.io</a> (including a list of client per language).</li>
303<li>RFC : https://tools.ietf.org/html/rfc7519</li>
304<li>https://float-middle.com/json-web-tokens-jwt-vs-sessions/</li>
305<li>HackerNews thread: https://news.ycombinator.com/item?id=11929267</li>
306</ul>
307<h3 id="shaarli-jwt-token">Shaarli JWT Token</h3>
308<p>JWT tokens are composed by three parts, separated by a dot <code>.</code> and encoded in base64:</p>
309<pre><code>[header].[payload].[signature]
310</code></pre>
311
312<h4 id="header">Header</h4>
313<p>Shaarli only allow one hash algorithm, so the header will always be the same:</p>
314<pre><code class="json">{
315 &quot;typ&quot;: &quot;JWT&quot;,
316 &quot;alg&quot;: &quot;HS512&quot;
317}
318</code></pre>
319
320<p>Encoded in base64, it gives:</p>
321<pre><code>ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ==
322</code></pre>
323
324<h4 id="payload">Payload</h4>
325<p><strong>Validity duration</strong></p>
326<p>To avoid infinite token validity, JWT tokens must include their creation date in UNIX timestamp format (timezone independant - UTC) under the key <code>iat</code> (issued at). This token will be accepted during 9 minutes.</p>
327<pre><code class="json">{
328 &quot;iat&quot;: 1468663519
329}
330</code></pre>
331
332<p>See <a href="https://tools.ietf.org/html/rfc7519#section-4.1.6">RFC reference</a>.</p>
333<h4 id="signature">Signature</h4>
334<p>The signature authenticate the token validity. It contains the base64 of the header and the body, separated by a dot <code>.</code>, hashed in SHA512 with the API secret available in Shaarli administration page.</p>
335<p>Signature example with PHP:</p>
336<pre><code class="php">$content = base64_encode($header) . '.' . base64_encode($payload);
337$signature = hash_hmac('sha512', $content, $secret);
338</code></pre>
339
340<h3 id="complete-example">Complete example</h3>
341<h4 id="php">PHP</h4>
342<pre><code class="php">function generateToken($secret) {
343 $header = base64_encode('{
344 &quot;typ&quot;: &quot;JWT&quot;,
345 &quot;alg&quot;: &quot;HS512&quot;
346 }');
347 $payload = base64_encode('{
348 &quot;iat&quot;: '. time() .'
349 }');
350 $signature = hash_hmac('sha512', $header .'.'. $payload , $secret);
351 return $header .'.'. $payload .'.'. $signature;
352}
353
354$secret = 'mysecret';
355$token = generateToken($secret);
356echo $token;
357</code></pre>
358
359<blockquote>
360<p><code>ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ==.ewogICAgICAgICJpYXQiOiAxNDY4NjY3MDQ3CiAgICB9.1d2c54fa947daf594fdbf7591796195652c8bc63bffad7f6a6db2a41c313f495a542cbfb595acade79e83f3810d709b4251d7b940bbc10b531a6e6134af63a68</code></p>
361</blockquote>
362<pre><code class="php">$options = [
363 'http' =&gt; [
364 'method' =&gt; 'GET',
365 'jwt' =&gt; $token,
366 ],
367];
368$context = stream_context_create($options);
369file_get_contents($apiEndpoint, false, $context);
370</code></pre>
371
372 </div>
373 </div>
374 <footer>
375
376 <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
377
378 <a href="../Backup,-restore,-import-and-export/" class="btn btn-neutral float-right" title="Backup, restore, import and export">Next <span class="icon icon-circle-arrow-right"></span></a>
379
380
381 <a href="../RSS-feeds/" class="btn btn-neutral" title="RSS feeds"><span class="icon icon-circle-arrow-left"></span> Previous</a>
382
383 </div>
384
385
386 <hr/>
387
388 <div role="contentinfo">
389 <!-- Copyright etc -->
390
391 </div>
392
393 Built with <a href="http://www.mkdocs.org">MkDocs</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
394</footer>
395
396 </div>
397 </div>
398
399 </section>
400
401 </div>
402
403 <div class="rst-versions" role="note" style="cursor: pointer">
404 <span class="rst-current-version" data-toggle="rst-current-version">
405
406 <a href="https://github.com/shaarli/Shaarli" class="fa fa-github" style="float: left; color: #fcfcfc"> GitHub</a>
407
408
409 <span><a href="../RSS-feeds/" style="color: #fcfcfc;">&laquo; Previous</a></span>
410
411
412 <span style="margin-left: 15px"><a href="../Backup,-restore,-import-and-export/" style="color: #fcfcfc">Next &raquo;</a></span>
413
414 </span>
415</div>
416 <script src="../js/theme.js"></script>
417
418</body>
419</html>