aboutsummaryrefslogtreecommitdiffhomepage
path: root/doc/html/REST-API
diff options
context:
space:
mode:
Diffstat (limited to 'doc/html/REST-API')
-rw-r--r--doc/html/REST-API/index.html431
1 files changed, 431 insertions, 0 deletions
diff --git a/doc/html/REST-API/index.html b/doc/html/REST-API/index.html
new file mode 100644
index 00000000..2c244bca
--- /dev/null
+++ b/doc/html/REST-API/index.html
@@ -0,0 +1,431 @@
1<!DOCTYPE html>
2<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
3<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
4<head>
5 <meta charset="utf-8">
6 <meta http-equiv="X-UA-Compatible" content="IE=edge">
7 <meta name="viewport" content="width=device-width, initial-scale=1.0">
8
9
10 <link rel="shortcut icon" href="../img/favicon.ico">
11 <title>REST API - Shaarli Documentation</title>
12 <link href='https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700' rel='stylesheet' type='text/css'>
13
14 <link rel="stylesheet" href="../css/theme.css" type="text/css" />
15 <link rel="stylesheet" href="../css/theme_extra.css" type="text/css" />
16 <link rel="stylesheet" href="../css/highlight.css">
17 <link href="../github-markdown.css" rel="stylesheet">
18
19 <script>
20 // Current page data
21 var mkdocs_page_name = "REST API";
22 var mkdocs_page_input_path = "REST-API.md";
23 var mkdocs_page_url = "/REST-API/";
24 </script>
25
26 <script src="../js/jquery-2.1.1.min.js"></script>
27 <script src="../js/modernizr-2.8.3.min.js"></script>
28 <script type="text/javascript" src="../js/highlight.pack.js"></script>
29
30</head>
31
32<body class="wy-body-for-nav" role="document">
33
34 <div class="wy-grid-for-nav">
35
36
37 <nav data-toggle="wy-nav-shift" class="wy-nav-side stickynav">
38 <div class="wy-side-nav-search">
39 <a href=".." class="icon icon-home"> Shaarli Documentation</a>
40 <div role="search">
41 <form id ="rtd-search-form" class="wy-form" action="../search.html" method="get">
42 <input type="text" name="q" placeholder="Search docs" />
43 </form>
44</div>
45 </div>
46
47 <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
48 <ul class="current">
49
50
51 <li class="toctree-l1">
52
53 <a class="" href="..">Home</a>
54 </li>
55
56 <li class="toctree-l1">
57
58 <span class="caption-text">Setup</span>
59 <ul class="subnav">
60 <li class="">
61
62 <a class="" href="../Download-and-Installation/">Download and Installation</a>
63 </li>
64 <li class="">
65
66 <a class="" href="../Upgrade-and-migration/">Upgrade and migration</a>
67 </li>
68 <li class="">
69
70 <a class="" href="../Server-requirements/">Server requirements</a>
71 </li>
72 <li class="">
73
74 <a class="" href="../Server-configuration/">Server configuration</a>
75 </li>
76 <li class="">
77
78 <a class="" href="../Server-security/">Server security</a>
79 </li>
80 <li class="">
81
82 <a class="" href="../Shaarli-configuration/">Shaarli configuration</a>
83 </li>
84 <li class="">
85
86 <a class="" href="../Plugins/">Plugins</a>
87 </li>
88 </ul>
89 </li>
90
91 <li class="toctree-l1">
92
93 <span class="caption-text">Docker</span>
94 <ul class="subnav">
95 <li class="">
96
97 <a class="" href="../Docker-101/">Docker 101</a>
98 </li>
99 <li class="">
100
101 <a class="" href="../Shaarli-images/">Shaarli images</a>
102 </li>
103 <li class="">
104
105 <a class="" href="../Reverse-proxy-configuration/">Reverse proxy configuration</a>
106 </li>
107 <li class="">
108
109 <a class="" href="../Docker-resources/">Docker resources</a>
110 </li>
111 </ul>
112 </li>
113
114 <li class="toctree-l1">
115
116 <span class="caption-text">Usage</span>
117 <ul class="subnav">
118 <li class="">
119
120 <a class="" href="../Features/">Features</a>
121 </li>
122 <li class="">
123
124 <a class="" href="../Bookmarklet/">Bookmarklet</a>
125 </li>
126 <li class="">
127
128 <a class="" href="../Browsing-and-searching/">Browsing and searching</a>
129 </li>
130 <li class="">
131
132 <a class="" href="../Firefox-share/">Firefox share</a>
133 </li>
134 <li class="">
135
136 <a class="" href="../RSS-feeds/">RSS feeds</a>
137 </li>
138 <li class=" current">
139
140 <a class="current" href="./">REST API</a>
141 <ul class="subnav">
142
143 <li class="toctree-l3"><a href="#usage">Usage</a></li>
144
145
146 <li class="toctree-l3"><a href="#authentication">Authentication</a></li>
147
148 <ul>
149
150 <li><a class="toctree-l4" href="#shaarli-jwt-token">Shaarli JWT Token</a></li>
151
152 <li><a class="toctree-l4" href="#complete-example">Complete example</a></li>
153
154 </ul>
155
156
157 </ul>
158 </li>
159 </ul>
160 </li>
161
162 <li class="toctree-l1">
163
164 <span class="caption-text">How To</span>
165 <ul class="subnav">
166 <li class="">
167
168 <a class="" href="../Backup,-restore,-import-and-export/">Backup, restore, import and export</a>
169 </li>
170 <li class="">
171
172 <a class="" href="../Copy-an-existing-installation-over-SSH-and-serve-it-locally/">Copy an existing installation over SSH and serve it locally</a>
173 </li>
174 <li class="">
175
176 <a class="" href="../Create-and-serve-multiple-Shaarlis-(farm)/">Create and serve multiple Shaarlis (farm)</a>
177 </li>
178 <li class="">
179
180 <a class="" href="../Download-CSS-styles-from-an-OPML-list/">Download CSS styles from an OPML list</a>
181 </li>
182 <li class="">
183
184 <a class="" href="../Datastore-hacks/">Datastore hacks</a>
185 </li>
186 </ul>
187 </li>
188
189 <li class="toctree-l1">
190
191 <a class="" href="../Troubleshooting/">Troubleshooting</a>
192 </li>
193
194 <li class="toctree-l1">
195
196 <span class="caption-text">Development</span>
197 <ul class="subnav">
198 <li class="">
199
200 <a class="" href="../Development-guidelines/">Development guidelines</a>
201 </li>
202 <li class="">
203
204 <a class="" href="../Continuous-integration-tools/">Continuous integration tools</a>
205 </li>
206 <li class="">
207
208 <a class="" href="../GnuPG-signature/">GnuPG signature</a>
209 </li>
210 <li class="">
211
212 <a class="" href="../Coding-guidelines/">Coding guidelines</a>
213 </li>
214 <li class="">
215
216 <a class="" href="../Directory-structure/">Directory structure</a>
217 </li>
218 <li class="">
219
220 <a class="" href="../3rd-party-libraries/">3rd party libraries</a>
221 </li>
222 <li class="">
223
224 <a class="" href="../Plugin-System/">Plugin System</a>
225 </li>
226 <li class="">
227
228 <a class="" href="../Release-Shaarli/">Release Shaarli</a>
229 </li>
230 <li class="">
231
232 <a class="" href="../Versioning-and-Branches/">Versioning and Branches</a>
233 </li>
234 <li class="">
235
236 <a class="" href="../Security/">Security</a>
237 </li>
238 <li class="">
239
240 <a class="" href="../Static-analysis/">Static analysis</a>
241 </li>
242 <li class="">
243
244 <a class="" href="../Theming/">Theming</a>
245 </li>
246 <li class="">
247
248 <a class="" href="../Unit-tests/">Unit tests</a>
249 </li>
250 </ul>
251 </li>
252
253 <li class="toctree-l1">
254
255 <span class="caption-text">About</span>
256 <ul class="subnav">
257 <li class="">
258
259 <a class="" href="../FAQ/">FAQ</a>
260 </li>
261 <li class="">
262
263 <a class="" href="../Community-&-Related-software/">Community & Related software</a>
264 </li>
265 </ul>
266 </li>
267
268 </ul>
269 </div>
270 &nbsp;
271 </nav>
272
273 <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
274
275
276 <nav class="wy-nav-top" role="navigation" aria-label="top navigation">
277 <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
278 <a href="..">Shaarli Documentation</a>
279 </nav>
280
281
282 <div class="wy-nav-content">
283 <div class="rst-content">
284 <div role="navigation" aria-label="breadcrumbs navigation">
285 <ul class="wy-breadcrumbs">
286 <li><a href="..">Docs</a> &raquo;</li>
287
288
289
290 <li>Usage &raquo;</li>
291
292
293
294 <li>REST API</li>
295 <li class="wy-breadcrumbs-aside">
296
297 <a href="https://github.com/shaarli/Shaarli/edit/master/docs/REST-API.md"
298 class="icon icon-github"> Edit on GitHub</a>
299
300 </li>
301 </ul>
302 <hr/>
303</div>
304 <div role="main">
305 <div class="section">
306
307 <h2 id="usage">Usage</h2>
308<p>See the <a href="http://shaarli.github.io/api-documentation/">REST API documentation</a>.</p>
309<h2 id="authentication">Authentication</h2>
310<p>All requests to Shaarli's API must include a JWT token to verify their authenticity.</p>
311<p>This token has to be included as an HTTP header called <code>Authentication: Bearer &lt;jwt token&gt;</code>.</p>
312<p>JWT resources :</p>
313<ul>
314<li><a href="https://jwt.io">jwt.io</a> (including a list of client per language).</li>
315<li>RFC : https://tools.ietf.org/html/rfc7519</li>
316<li>https://float-middle.com/json-web-tokens-jwt-vs-sessions/</li>
317<li>HackerNews thread: https://news.ycombinator.com/item?id=11929267</li>
318</ul>
319<h3 id="shaarli-jwt-token">Shaarli JWT Token</h3>
320<p>JWT tokens are composed by three parts, separated by a dot <code>.</code> and encoded in base64:</p>
321<pre><code>[header].[payload].[signature]
322</code></pre>
323
324<h4 id="header">Header</h4>
325<p>Shaarli only allow one hash algorithm, so the header will always be the same:</p>
326<pre><code class="json">{
327 &quot;typ&quot;: &quot;JWT&quot;,
328 &quot;alg&quot;: &quot;HS512&quot;
329}
330</code></pre>
331
332<p>Encoded in base64, it gives:</p>
333<pre><code>ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ==
334</code></pre>
335
336<h4 id="payload">Payload</h4>
337<p><strong>Validity duration</strong></p>
338<p>To avoid infinite token validity, JWT tokens must include their creation date in UNIX timestamp format (timezone independant - UTC) under the key <code>iat</code> (issued at). This token will be accepted during 9 minutes.</p>
339<pre><code class="json">{
340 &quot;iat&quot;: 1468663519
341}
342</code></pre>
343
344<p>See <a href="https://tools.ietf.org/html/rfc7519#section-4.1.6">RFC reference</a>.</p>
345<h4 id="signature">Signature</h4>
346<p>The signature authenticate the token validity. It contains the base64 of the header and the body, separated by a dot <code>.</code>, hashed in SHA512 with the API secret available in Shaarli administration page.</p>
347<p>Signature example with PHP:</p>
348<pre><code class="php">$content = base64_encode($header) . '.' . base64_encode($payload);
349$signature = hash_hmac('sha512', $content, $secret);
350</code></pre>
351
352<h3 id="complete-example">Complete example</h3>
353<h4 id="php">PHP</h4>
354<pre><code class="php">function generateToken($secret) {
355 $header = base64_encode('{
356 &quot;typ&quot;: &quot;JWT&quot;,
357 &quot;alg&quot;: &quot;HS512&quot;
358 }');
359 $payload = base64_encode('{
360 &quot;iat&quot;: '. time() .'
361 }');
362 $signature = hash_hmac('sha512', $header .'.'. $payload , $secret);
363 return $header .'.'. $payload .'.'. $signature;
364}
365
366$secret = 'mysecret';
367$token = generateToken($secret);
368echo $token;
369</code></pre>
370
371<blockquote>
372<p><code>ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ==.ewogICAgICAgICJpYXQiOiAxNDY4NjY3MDQ3CiAgICB9.1d2c54fa947daf594fdbf7591796195652c8bc63bffad7f6a6db2a41c313f495a542cbfb595acade79e83f3810d709b4251d7b940bbc10b531a6e6134af63a68</code></p>
373</blockquote>
374<pre><code class="php">$options = [
375 'http' =&gt; [
376 'method' =&gt; 'GET',
377 'jwt' =&gt; $token,
378 ],
379];
380$context = stream_context_create($options);
381file_get_contents($apiEndpoint, false, $context);
382</code></pre>
383
384 </div>
385 </div>
386 <footer>
387
388 <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
389
390 <a href="../Backup,-restore,-import-and-export/" class="btn btn-neutral float-right" title="Backup, restore, import and export">Next <span class="icon icon-circle-arrow-right"></span></a>
391
392
393 <a href="../RSS-feeds/" class="btn btn-neutral" title="RSS feeds"><span class="icon icon-circle-arrow-left"></span> Previous</a>
394
395 </div>
396
397
398 <hr/>
399
400 <div role="contentinfo">
401 <!-- Copyright etc -->
402
403 </div>
404
405 Built with <a href="http://www.mkdocs.org">MkDocs</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
406</footer>
407
408 </div>
409 </div>
410
411 </section>
412
413 </div>
414
415 <div class="rst-versions" role="note" style="cursor: pointer">
416 <span class="rst-current-version" data-toggle="rst-current-version">
417
418 <a href="https://github.com/shaarli/Shaarli" class="fa fa-github" style="float: left; color: #fcfcfc"> GitHub</a>
419
420
421 <span><a href="../RSS-feeds/" style="color: #fcfcfc;">&laquo; Previous</a></span>
422
423
424 <span style="margin-left: 15px"><a href="../Backup,-restore,-import-and-export/" style="color: #fcfcfc">Next &raquo;</a></span>
425
426 </span>
427</div>
428 <script src="../js/theme.js"></script>
429
430</body>
431</html>