2019-12-02 10:03:13 +01:00
2019-11-08 10:51:31 +01:00
2019-11-25 13:48:17 +01:00
2019-11-08 11:26:34 +01:00
2019-11-28 14:35:33 +01:00
2019-12-02 10:03:13 +01:00
2019-12-02 10:03:13 +01:00
2019-10-07 13:19:28 +02:00
2019-11-07 10:22:30 +01:00
2019-11-07 16:59:09 +01:00
2019-09-30 18:20:05 +02:00
2019-11-08 11:26:34 +01:00
2019-11-08 11:26:34 +01:00
2019-10-07 13:19:28 +02:00
2019-11-28 13:56:04 +01:00

colnod-connector

Acces Management System of Colsys: Product info

TODO

  • Dry Run Mode (0.1v)
  • Logs (0.1v)
    • Timestamp
    • Id of record
    • Destination
    • Report
      • Token action to subject_id
      • Sbject action
        • action - updated, deleted, added
  • App output (0.1v)
    • To Colnod
      • Number of tokens added/deleted/updated
    • To DB
      • Number of subjects added/deleted/updated
      • Number of tokens added/deleted/updated

Requirements

  • QPSQL driver must be installed (PostgreSQL)
  • running on Qt 5.9

Qt 5

sudo apt-get install -y build-essential
sudo apt-get install -y qt5-default

PostgreSQL ( devel libs )

sudo apt-get install -y libpq-dev
sudo apt install libqt5sql5-psql # psql driver for Qt

Endpoints

  • POST /AaaManager/authSession

    • Header: Authorization: Basic =4589022lj3.....
    • password: spaceti1 -> sha512 echo spaceti1 | sha512sum
    E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0
    
    • body:
    {
       "password": "E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0",
           "username": "spaceti"
    }
    
  1. POST request - /SubjectManager/getSubjects - get subjects
  2. POST request - /SubjectManager/getSubjectsUpdated - get tokens updated after time
  3. POST request - /SubjectManager/getSubjectsDeleted - get tokens deleted after time
  4. POST request - /TokenManager/getTokens - get tokens
  5. POST request - /TokenManager/getTokensUpdated - get tokens updated after time
  6. POST request - /TokenManager/getTokensDeleted - get tokens deleted after time
  7. POST request - /TokenManager/setTokens - set tokens defined as JSON
  8. POST request - /TokenManager/deleteTokens - delete tokens define as JSON2
  9. POST request - /AccessManager/getAccessGroups - get access groups
  10. POST request - /AccessManager/getAccessGroupsUpdated
  11. POST request - /AccessManager/getAccessGroupsDeleted
  12. POST request - /AccessManager/getAccessGroupMembership
  13. POST request - /AccessManager/getAccessGroupMembershipUpdated
  14. POST request - /AccessManager/getAccessGroupMembershipDeleted
  • time = epoch time im miliseconds
    {
        "timestamp": 1568646217767
    }
    
  • JSON
    {
      "items": [
        {
          "id": "cf5cb80e-e6dd-45db-8edd-c9655447821c",
          "name": "Testovaci pokus",
          "description": "mobile",
          "tokenType": "Token",
          "tokenBits}": 32,
          "tokenData": "7B9D31",
          "timeToLive": 255,
          "authErrors": 255,
          "flags": [
            "Enabled",
            "NoValidity"
          ],
          "subjectId": "72b37f7e-5761-4e6c-8e87-20c0bed0d904"
        }
      ]
    }
    
  • JSON2
    {
        "items": [
        "7272bcf6-b5ad-46dd-99a9-0c56faddf14c"
        ]
    }
    

RestAPI definitions

  • openapi.yaml ( editor VSCode with Swagger Viewer extension - ⌘+⇧+P Preview Swagger )

Colnod Test server

Colnod server: confluence

  • URL: 192.168.1.3:8843
  • !!! No license!!! - server will shutdown after 8 hours.
    • restart: sudo service cndserver start
    • check nmap -p8443 192.168.1.3 or nc -zvw3 192.168.1.3 8443
    • user: spaceti
    • password: ``
    • sha512: E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0
curl -k --user "spaceti:E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0" -d '{"password":"E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0","username":"spaceti"}' -H "Content-Type: application/json" https://192.168.1.3:8443/AaaManager/authSession

Colnod Penta server

  • Acces through: penta-master IP: 172.16.4.4
  • URL: 192.168.254.11:8443
  • Port forwarding: ssh -L 8443:192.168.254.11:8443 penta-master
curl -k --user "spaceti:E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0" -d '{"password":"E7FEA07DBC82FB9BA34B2E453E2EFE89F0583E7187543507EF11E84726071FE428445372F2E46B455EB0C79747C51E362F403CE39473A2A8C2DFA0CE5C9826C0","username":"spaceti"}' -H "Content-Type: application/json" https://192.168.254.11:8443/AaaManager/authSession

Insomnia Rest client

Insomnia Rest

It is possible to chain requests: see doc

  • use token from login response as an Authorization header
  • use id from POST /item in PUT /items/
  • use entire body from one response to upload to another

Import workspace

Testing Blueprint API

Snowboard

Necesarry to allow

  • Self signed certificate: Stack overflow
  • Enable CORS:
    • Safari: Develop->Disable cross origin restrictions

snowboard http -c snowboard.yml --playground colnod.apib

Colnod API snowboard documentation

Install snowboard

npm install -g snowboard

Possible checks

here

Bugs and improvments for Colsys

Bugs

  • It is possible to add token with token ID (tokenData) which already exists
  • No error message, when request data are invalid in login
  • getUpdated returns valid data for invalid time (negative)

Improvements

  • it would be nice to get response messages on calling enpoints
    • setToken -> successful edit/insert
    • deleteToken -> successful
Description
No description provided
Readme 438 KiB
Languages
C++ 86.8%
Shell 9.4%
QMake 2.4%
API Blueprint 1.4%