Refresh Principal Token

Motivation

Refreshes a valid principal token

Functional design

POST /api/v2/apps/{owner}/{app}/auth/refresh

Headers

Key
Value

Content-Type

application/json

Authorization

Bearer {PrincipalToken}

Parameters

Parameter
Type
Description

owner

string

name of a user who owns the application

app

string

name of an application

Result

Code
Description
Body

200

OK

Returns a refreshed principal token, see below

400

Bad Request

401

Unauthorized

403

Forbidden

429

Too may requests, rate limiting

500+

Server errors / service unavailable

Example result 200:

{
  "principalToken": "abc.def.ghi",
  "expiresInSeconds": 3600, // seconds
  "profileWSID": 1234567890
}

Technical design

Components

  • pkg/router

    • URL path handler ~cmp.routerRefreshHandler~

      • sends APIPath_Auth_Refresh request to QueryProcessor;

  • pkg/processors/query2

    • IApiPathHandler implementation for handling APIPath_Auth_Refresh in the AppWorkspace

      • ~cmp.authRefreshHandler~

        1. extracts profile WSID from token and makes federation post to refresh token:

        2. sends federation request to refresh token: ~cmp.authRefreshHandler.refreshToken~

    • newQueryProcessorPipeline: provide API handler for APIPath_Auth_Refresh

      • ~cmp.provideAuthRefreshHandler~

    • openapi:

      • add /auth/refresh to the list of API paths; ~cmp.provideAuthRefreshPath~

  • pkg/sys/it

    • integration test for /refresh

      • ~it.TestRefresh~

Last updated

Was this helpful?