diff options
Diffstat (limited to 'doc/html/REST-API')
-rw-r--r-- | doc/html/REST-API/index.html | 431 |
1 files changed, 431 insertions, 0 deletions
diff --git a/doc/html/REST-API/index.html b/doc/html/REST-API/index.html new file mode 100644 index 00000000..2c244bca --- /dev/null +++ b/doc/html/REST-API/index.html | |||
@@ -0,0 +1,431 @@ | |||
1 | <!DOCTYPE html> | ||
2 | <!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]--> | ||
3 | <!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]--> | ||
4 | <head> | ||
5 | <meta charset="utf-8"> | ||
6 | <meta http-equiv="X-UA-Compatible" content="IE=edge"> | ||
7 | <meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
8 | |||
9 | |||
10 | <link rel="shortcut icon" href="../img/favicon.ico"> | ||
11 | <title>REST API - Shaarli Documentation</title> | ||
12 | <link href='https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700' rel='stylesheet' type='text/css'> | ||
13 | |||
14 | <link rel="stylesheet" href="../css/theme.css" type="text/css" /> | ||
15 | <link rel="stylesheet" href="../css/theme_extra.css" type="text/css" /> | ||
16 | <link rel="stylesheet" href="../css/highlight.css"> | ||
17 | <link href="../github-markdown.css" rel="stylesheet"> | ||
18 | |||
19 | <script> | ||
20 | // Current page data | ||
21 | var mkdocs_page_name = "REST API"; | ||
22 | var mkdocs_page_input_path = "REST-API.md"; | ||
23 | var mkdocs_page_url = "/REST-API/"; | ||
24 | </script> | ||
25 | |||
26 | <script src="../js/jquery-2.1.1.min.js"></script> | ||
27 | <script src="../js/modernizr-2.8.3.min.js"></script> | ||
28 | <script type="text/javascript" src="../js/highlight.pack.js"></script> | ||
29 | |||
30 | </head> | ||
31 | |||
32 | <body class="wy-body-for-nav" role="document"> | ||
33 | |||
34 | <div class="wy-grid-for-nav"> | ||
35 | |||
36 | |||
37 | <nav data-toggle="wy-nav-shift" class="wy-nav-side stickynav"> | ||
38 | <div class="wy-side-nav-search"> | ||
39 | <a href=".." class="icon icon-home"> Shaarli Documentation</a> | ||
40 | <div role="search"> | ||
41 | <form id ="rtd-search-form" class="wy-form" action="../search.html" method="get"> | ||
42 | <input type="text" name="q" placeholder="Search docs" /> | ||
43 | </form> | ||
44 | </div> | ||
45 | </div> | ||
46 | |||
47 | <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation"> | ||
48 | <ul class="current"> | ||
49 | |||
50 | |||
51 | <li class="toctree-l1"> | ||
52 | |||
53 | <a class="" href="..">Home</a> | ||
54 | </li> | ||
55 | |||
56 | <li class="toctree-l1"> | ||
57 | |||
58 | <span class="caption-text">Setup</span> | ||
59 | <ul class="subnav"> | ||
60 | <li class=""> | ||
61 | |||
62 | <a class="" href="../Download-and-Installation/">Download and Installation</a> | ||
63 | </li> | ||
64 | <li class=""> | ||
65 | |||
66 | <a class="" href="../Upgrade-and-migration/">Upgrade and migration</a> | ||
67 | </li> | ||
68 | <li class=""> | ||
69 | |||
70 | <a class="" href="../Server-requirements/">Server requirements</a> | ||
71 | </li> | ||
72 | <li class=""> | ||
73 | |||
74 | <a class="" href="../Server-configuration/">Server configuration</a> | ||
75 | </li> | ||
76 | <li class=""> | ||
77 | |||
78 | <a class="" href="../Server-security/">Server security</a> | ||
79 | </li> | ||
80 | <li class=""> | ||
81 | |||
82 | <a class="" href="../Shaarli-configuration/">Shaarli configuration</a> | ||
83 | </li> | ||
84 | <li class=""> | ||
85 | |||
86 | <a class="" href="../Plugins/">Plugins</a> | ||
87 | </li> | ||
88 | </ul> | ||
89 | </li> | ||
90 | |||
91 | <li class="toctree-l1"> | ||
92 | |||
93 | <span class="caption-text">Docker</span> | ||
94 | <ul class="subnav"> | ||
95 | <li class=""> | ||
96 | |||
97 | <a class="" href="../Docker-101/">Docker 101</a> | ||
98 | </li> | ||
99 | <li class=""> | ||
100 | |||
101 | <a class="" href="../Shaarli-images/">Shaarli images</a> | ||
102 | </li> | ||
103 | <li class=""> | ||
104 | |||
105 | <a class="" href="../Reverse-proxy-configuration/">Reverse proxy configuration</a> | ||
106 | </li> | ||
107 | <li class=""> | ||
108 | |||
109 | <a class="" href="../Docker-resources/">Docker resources</a> | ||
110 | </li> | ||
111 | </ul> | ||
112 | </li> | ||
113 | |||
114 | <li class="toctree-l1"> | ||
115 | |||
116 | <span class="caption-text">Usage</span> | ||
117 | <ul class="subnav"> | ||
118 | <li class=""> | ||
119 | |||
120 | <a class="" href="../Features/">Features</a> | ||
121 | </li> | ||
122 | <li class=""> | ||
123 | |||
124 | <a class="" href="../Bookmarklet/">Bookmarklet</a> | ||
125 | </li> | ||
126 | <li class=""> | ||
127 | |||
128 | <a class="" href="../Browsing-and-searching/">Browsing and searching</a> | ||
129 | </li> | ||
130 | <li class=""> | ||
131 | |||
132 | <a class="" href="../Firefox-share/">Firefox share</a> | ||
133 | </li> | ||
134 | <li class=""> | ||
135 | |||
136 | <a class="" href="../RSS-feeds/">RSS feeds</a> | ||
137 | </li> | ||
138 | <li class=" current"> | ||
139 | |||
140 | <a class="current" href="./">REST API</a> | ||
141 | <ul class="subnav"> | ||
142 | |||
143 | <li class="toctree-l3"><a href="#usage">Usage</a></li> | ||
144 | |||
145 | |||
146 | <li class="toctree-l3"><a href="#authentication">Authentication</a></li> | ||
147 | |||
148 | <ul> | ||
149 | |||
150 | <li><a class="toctree-l4" href="#shaarli-jwt-token">Shaarli JWT Token</a></li> | ||
151 | |||
152 | <li><a class="toctree-l4" href="#complete-example">Complete example</a></li> | ||
153 | |||
154 | </ul> | ||
155 | |||
156 | |||
157 | </ul> | ||
158 | </li> | ||
159 | </ul> | ||
160 | </li> | ||
161 | |||
162 | <li class="toctree-l1"> | ||
163 | |||
164 | <span class="caption-text">How To</span> | ||
165 | <ul class="subnav"> | ||
166 | <li class=""> | ||
167 | |||
168 | <a class="" href="../Backup,-restore,-import-and-export/">Backup, restore, import and export</a> | ||
169 | </li> | ||
170 | <li class=""> | ||
171 | |||
172 | <a class="" href="../Copy-an-existing-installation-over-SSH-and-serve-it-locally/">Copy an existing installation over SSH and serve it locally</a> | ||
173 | </li> | ||
174 | <li class=""> | ||
175 | |||
176 | <a class="" href="../Create-and-serve-multiple-Shaarlis-(farm)/">Create and serve multiple Shaarlis (farm)</a> | ||
177 | </li> | ||
178 | <li class=""> | ||
179 | |||
180 | <a class="" href="../Download-CSS-styles-from-an-OPML-list/">Download CSS styles from an OPML list</a> | ||
181 | </li> | ||
182 | <li class=""> | ||
183 | |||
184 | <a class="" href="../Datastore-hacks/">Datastore hacks</a> | ||
185 | </li> | ||
186 | </ul> | ||
187 | </li> | ||
188 | |||
189 | <li class="toctree-l1"> | ||
190 | |||
191 | <a class="" href="../Troubleshooting/">Troubleshooting</a> | ||
192 | </li> | ||
193 | |||
194 | <li class="toctree-l1"> | ||
195 | |||
196 | <span class="caption-text">Development</span> | ||
197 | <ul class="subnav"> | ||
198 | <li class=""> | ||
199 | |||
200 | <a class="" href="../Development-guidelines/">Development guidelines</a> | ||
201 | </li> | ||
202 | <li class=""> | ||
203 | |||
204 | <a class="" href="../Continuous-integration-tools/">Continuous integration tools</a> | ||
205 | </li> | ||
206 | <li class=""> | ||
207 | |||
208 | <a class="" href="../GnuPG-signature/">GnuPG signature</a> | ||
209 | </li> | ||
210 | <li class=""> | ||
211 | |||
212 | <a class="" href="../Coding-guidelines/">Coding guidelines</a> | ||
213 | </li> | ||
214 | <li class=""> | ||
215 | |||
216 | <a class="" href="../Directory-structure/">Directory structure</a> | ||
217 | </li> | ||
218 | <li class=""> | ||
219 | |||
220 | <a class="" href="../3rd-party-libraries/">3rd party libraries</a> | ||
221 | </li> | ||
222 | <li class=""> | ||
223 | |||
224 | <a class="" href="../Plugin-System/">Plugin System</a> | ||
225 | </li> | ||
226 | <li class=""> | ||
227 | |||
228 | <a class="" href="../Release-Shaarli/">Release Shaarli</a> | ||
229 | </li> | ||
230 | <li class=""> | ||
231 | |||
232 | <a class="" href="../Versioning-and-Branches/">Versioning and Branches</a> | ||
233 | </li> | ||
234 | <li class=""> | ||
235 | |||
236 | <a class="" href="../Security/">Security</a> | ||
237 | </li> | ||
238 | <li class=""> | ||
239 | |||
240 | <a class="" href="../Static-analysis/">Static analysis</a> | ||
241 | </li> | ||
242 | <li class=""> | ||
243 | |||
244 | <a class="" href="../Theming/">Theming</a> | ||
245 | </li> | ||
246 | <li class=""> | ||
247 | |||
248 | <a class="" href="../Unit-tests/">Unit tests</a> | ||
249 | </li> | ||
250 | </ul> | ||
251 | </li> | ||
252 | |||
253 | <li class="toctree-l1"> | ||
254 | |||
255 | <span class="caption-text">About</span> | ||
256 | <ul class="subnav"> | ||
257 | <li class=""> | ||
258 | |||
259 | <a class="" href="../FAQ/">FAQ</a> | ||
260 | </li> | ||
261 | <li class=""> | ||
262 | |||
263 | <a class="" href="../Community-&-Related-software/">Community & Related software</a> | ||
264 | </li> | ||
265 | </ul> | ||
266 | </li> | ||
267 | |||
268 | </ul> | ||
269 | </div> | ||
270 | | ||
271 | </nav> | ||
272 | |||
273 | <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"> | ||
274 | |||
275 | |||
276 | <nav class="wy-nav-top" role="navigation" aria-label="top navigation"> | ||
277 | <i data-toggle="wy-nav-top" class="fa fa-bars"></i> | ||
278 | <a href="..">Shaarli Documentation</a> | ||
279 | </nav> | ||
280 | |||
281 | |||
282 | <div class="wy-nav-content"> | ||
283 | <div class="rst-content"> | ||
284 | <div role="navigation" aria-label="breadcrumbs navigation"> | ||
285 | <ul class="wy-breadcrumbs"> | ||
286 | <li><a href="..">Docs</a> »</li> | ||
287 | |||
288 | |||
289 | |||
290 | <li>Usage »</li> | ||
291 | |||
292 | |||
293 | |||
294 | <li>REST API</li> | ||
295 | <li class="wy-breadcrumbs-aside"> | ||
296 | |||
297 | <a href="https://github.com/shaarli/Shaarli/edit/master/docs/REST-API.md" | ||
298 | class="icon icon-github"> Edit on GitHub</a> | ||
299 | |||
300 | </li> | ||
301 | </ul> | ||
302 | <hr/> | ||
303 | </div> | ||
304 | <div role="main"> | ||
305 | <div class="section"> | ||
306 | |||
307 | <h2 id="usage">Usage</h2> | ||
308 | <p>See the <a href="http://shaarli.github.io/api-documentation/">REST API documentation</a>.</p> | ||
309 | <h2 id="authentication">Authentication</h2> | ||
310 | <p>All requests to Shaarli's API must include a JWT token to verify their authenticity.</p> | ||
311 | <p>This token has to be included as an HTTP header called <code>Authentication: Bearer <jwt token></code>.</p> | ||
312 | <p>JWT resources :</p> | ||
313 | <ul> | ||
314 | <li><a href="https://jwt.io">jwt.io</a> (including a list of client per language).</li> | ||
315 | <li>RFC : https://tools.ietf.org/html/rfc7519</li> | ||
316 | <li>https://float-middle.com/json-web-tokens-jwt-vs-sessions/</li> | ||
317 | <li>HackerNews thread: https://news.ycombinator.com/item?id=11929267</li> | ||
318 | </ul> | ||
319 | <h3 id="shaarli-jwt-token">Shaarli JWT Token</h3> | ||
320 | <p>JWT tokens are composed by three parts, separated by a dot <code>.</code> and encoded in base64:</p> | ||
321 | <pre><code>[header].[payload].[signature] | ||
322 | </code></pre> | ||
323 | |||
324 | <h4 id="header">Header</h4> | ||
325 | <p>Shaarli only allow one hash algorithm, so the header will always be the same:</p> | ||
326 | <pre><code class="json">{ | ||
327 | "typ": "JWT", | ||
328 | "alg": "HS512" | ||
329 | } | ||
330 | </code></pre> | ||
331 | |||
332 | <p>Encoded in base64, it gives:</p> | ||
333 | <pre><code>ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ== | ||
334 | </code></pre> | ||
335 | |||
336 | <h4 id="payload">Payload</h4> | ||
337 | <p><strong>Validity duration</strong></p> | ||
338 | <p>To avoid infinite token validity, JWT tokens must include their creation date in UNIX timestamp format (timezone independant - UTC) under the key <code>iat</code> (issued at). This token will be accepted during 9 minutes.</p> | ||
339 | <pre><code class="json">{ | ||
340 | "iat": 1468663519 | ||
341 | } | ||
342 | </code></pre> | ||
343 | |||
344 | <p>See <a href="https://tools.ietf.org/html/rfc7519#section-4.1.6">RFC reference</a>.</p> | ||
345 | <h4 id="signature">Signature</h4> | ||
346 | <p>The signature authenticate the token validity. It contains the base64 of the header and the body, separated by a dot <code>.</code>, hashed in SHA512 with the API secret available in Shaarli administration page.</p> | ||
347 | <p>Signature example with PHP:</p> | ||
348 | <pre><code class="php">$content = base64_encode($header) . '.' . base64_encode($payload); | ||
349 | $signature = hash_hmac('sha512', $content, $secret); | ||
350 | </code></pre> | ||
351 | |||
352 | <h3 id="complete-example">Complete example</h3> | ||
353 | <h4 id="php">PHP</h4> | ||
354 | <pre><code class="php">function generateToken($secret) { | ||
355 | $header = base64_encode('{ | ||
356 | "typ": "JWT", | ||
357 | "alg": "HS512" | ||
358 | }'); | ||
359 | $payload = base64_encode('{ | ||
360 | "iat": '. time() .' | ||
361 | }'); | ||
362 | $signature = hash_hmac('sha512', $header .'.'. $payload , $secret); | ||
363 | return $header .'.'. $payload .'.'. $signature; | ||
364 | } | ||
365 | |||
366 | $secret = 'mysecret'; | ||
367 | $token = generateToken($secret); | ||
368 | echo $token; | ||
369 | </code></pre> | ||
370 | |||
371 | <blockquote> | ||
372 | <p><code>ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ==.ewogICAgICAgICJpYXQiOiAxNDY4NjY3MDQ3CiAgICB9.1d2c54fa947daf594fdbf7591796195652c8bc63bffad7f6a6db2a41c313f495a542cbfb595acade79e83f3810d709b4251d7b940bbc10b531a6e6134af63a68</code></p> | ||
373 | </blockquote> | ||
374 | <pre><code class="php">$options = [ | ||
375 | 'http' => [ | ||
376 | 'method' => 'GET', | ||
377 | 'jwt' => $token, | ||
378 | ], | ||
379 | ]; | ||
380 | $context = stream_context_create($options); | ||
381 | file_get_contents($apiEndpoint, false, $context); | ||
382 | </code></pre> | ||
383 | |||
384 | </div> | ||
385 | </div> | ||
386 | <footer> | ||
387 | |||
388 | <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation"> | ||
389 | |||
390 | <a href="../Backup,-restore,-import-and-export/" class="btn btn-neutral float-right" title="Backup, restore, import and export">Next <span class="icon icon-circle-arrow-right"></span></a> | ||
391 | |||
392 | |||
393 | <a href="../RSS-feeds/" class="btn btn-neutral" title="RSS feeds"><span class="icon icon-circle-arrow-left"></span> Previous</a> | ||
394 | |||
395 | </div> | ||
396 | |||
397 | |||
398 | <hr/> | ||
399 | |||
400 | <div role="contentinfo"> | ||
401 | <!-- Copyright etc --> | ||
402 | |||
403 | </div> | ||
404 | |||
405 | Built with <a href="http://www.mkdocs.org">MkDocs</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. | ||
406 | </footer> | ||
407 | |||
408 | </div> | ||
409 | </div> | ||
410 | |||
411 | </section> | ||
412 | |||
413 | </div> | ||
414 | |||
415 | <div class="rst-versions" role="note" style="cursor: pointer"> | ||
416 | <span class="rst-current-version" data-toggle="rst-current-version"> | ||
417 | |||
418 | <a href="https://github.com/shaarli/Shaarli" class="fa fa-github" style="float: left; color: #fcfcfc"> GitHub</a> | ||
419 | |||
420 | |||
421 | <span><a href="../RSS-feeds/" style="color: #fcfcfc;">« Previous</a></span> | ||
422 | |||
423 | |||
424 | <span style="margin-left: 15px"><a href="../Backup,-restore,-import-and-export/" style="color: #fcfcfc">Next »</a></span> | ||
425 | |||
426 | </span> | ||
427 | </div> | ||
428 | <script src="../js/theme.js"></script> | ||
429 | |||
430 | </body> | ||
431 | </html> | ||