aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/api
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #727 from ArthurHoaro/api/getlinksArthurHoaro2017-01-152-0/+458
|\ | | | | REST API: implement getLinks service
| * REST API: implement getLinks serviceArthurHoaro2017-01-152-0/+458
| | | | | | | | See http://shaarli.github.io/api-documentation/#links-links-collection-get
* | API: expect JWT in the Authorization headerVirtualTam2017-01-151-3/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/pull/731 Added: - require the presence of the 'Authorization' header Changed: - use the HTTP Bearer Token authorization schema See: - https://jwt.io/introduction/#how-do-json-web-tokens-work- - https://tools.ietf.org/html/rfc6750 - http://security.stackexchange.com/q/108662 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | API: fix JWT signature verificationVirtualTam2017-01-041-6/+9
|/ | | | | | | | | | | | | | | | | | | | | | Fixes https://github.com/shaarli/Shaarli/issues/737 Added: - Base64Url utilities Fixed: - use URL-safe Base64 encoding/decoding functions - use byte representations for HMAC digests - all JWT parts are Base64Url-encoded See: - https://en.wikipedia.org/wiki/JSON_Web_Token - https://tools.ietf.org/html/rfc7519 - https://scotch.io/tutorials/the-anatomy-of-a-json-web-token - https://jwt.io/introduction/ - https://en.wikipedia.org/wiki/Base64#URL_applications - https://secure.php.net/manual/en/function.base64-encode.php#103849 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* REST API structure using Slim frameworkArthurHoaro2016-12-153-0/+503
* REST API routes are handle by Slim. * Every API controller go through ApiMiddleware which handles security. * First service implemented `/info`, for tests purpose.