Difference between revisions of "BuildOIDCLogoutRequest"

From Gvp-public
Jump to navigation Jump to search
(Created page with "Test")
 
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
Test
+
{{Api_Method_Spec|
 +
Description=This method can be used to provide devices with the URL to perform the logout request.
 +
 
 +
UNIAPI also generates some additional parameters:
 +
 
 +
* '''nonce''': String value used to associate the logout process with a session identifier. Will be maintained during all the process.
 +
 
 +
This nonce has to be created by UNIAPI and will be stored in the state variable and returned to the end application. We will use this to represent the logout session during all the flow (and use it for logging and BI logs).
 +
 
 +
* '''state''': a json with some parameters is created and encoded as a base64 string, for later use:
 +
 
 +
{
 +
  "instanceId": 29,  //taken from the token
 +
  "deviceType": 401, //taken from the token,
 +
  "deviceId": 323424234, //taken from the input. Be carefull, this is not the MIB ID, is the DEVICE_ID column
 +
  "userId": 323424234, //taken from the token
 +
  "payloadDevice": "2342dsf2329fjj92332fd",  //taken from the input
 +
  "deviceCallbackUrl": "https://movistarplay.com.cl/sso" // taken from the input
 +
  "nonce":"42231976-a86d-42e2-8fe6-98f7546bdf89" // nonce generated by UNIAPI for this logout session
 +
}
 +
 
 +
==== Geo-Location ====
 +
 
 +
Geo-location is not involved in the logout phase.
 +
 
 +
==== BI ====
 +
This method creates events in KAFKA with '''topic = gvp.authentication.external''' and the following event formats:
 +
<syntaxhighlight lang="javascript">
 +
 
 +
{
 +
"ob":"25",
 +
"operation":"OID/logout",
 +
"step":"1 - BuildOIDCLogoutRequest",
 +
"transaction_id":"727fe862-3b46-43ca-8306-14b5076622f6",
 +
"timestamp":"2018-12-13T20:14:34.0875272Z",
 +
"status": "OK",  // OK if the url has been build correctly. ERROR if there was an error in the method. Fill the error with the error code and error_desc with the StatusMessage
 +
"device_type_id":"401",
 +
"device_id":"3243242334",
 +
"user_id":"",
 +
"error": "",
 +
"error_desc":""
 +
}
 +
</syntaxhighlight>
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
|Parameters=
 +
{{Api_Parameter|
 +
ParamName=payloadDevice
 +
|ParamType=String
 +
|ParamRequired=optional
 +
|ParamDescription=random hash generated by the client and stored locally, to perform security validations.
 +
}}
 +
{{Api_Parameter|
 +
ParamName=deviceCallbackUrl
 +
|ParamType=String
 +
|ParamRequired=optional
 +
|ParamDescription=the callback url where the device wants to receive the final result of the authentication process.
 +
}}
 +
{{Api_Parameter|
 +
ParamName=deviceId
 +
|ParamType=String
 +
|ParamRequired=required
 +
|ParamDescription=the ID of the device from which the logout is being performed (DEVICE_ID column)
 +
}}
 +
{{Api_Parameter|
 +
ParamName=token
 +
|ParamType=String
 +
|ParamRequired=required
 +
|ParamDescription=the logged UNIAPI token from the device app.
 +
}}
 +
|Returns=
 +
Returns a JSON object containing the generated anonymous token and its expiration time (in UnixTimestamp format).
 +
 
 +
'''Example:'''
 +
 
 +
{
 +
:  "StatusCode": 0,
 +
:  "Severity": 1,
 +
:  "StatusMessage": "OK",
 +
:  "Content": {
 +
:    "logoutUrl": "https://auth.global-int-next.baikalplatform.com/endsession?post_logout_redirect_uri=https://videodomain.es/endsessioncallback&id_token_hint=eyJraWQiOiI0ZjI0MzM3NTI2NThmYTBjMTg4ZDM2MTdmNmNjNDY5ZjQ5NzJiOWYiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhaTk1NjUyMzQiLCJhY3IiOiIyIiwiYXVkIjoidmlkZW8iLCJhdXRob3JpemF0aW9uX2lkIjoiYTk2MDJjM2MtYWQ2OS00NmI0LTljYjgtNWJiNDcwNGY5OGY2IiwiYW1yIjpbImZha2UyIl0sImlzcyI6Imh0dHBzOlwvXC9hdXRoLmdsb2JhbC1pbnQtbmV4dC5iYWlrYWxwbGF0Zm9ybS5jb21cLyIsImF1dGhlbnRpY2F0aW9uX2NvbnRleHQiOlt7ImlkZW50aWZpZXIiOiIrODgyNjAwMDAwMDAyIiwidHlwZSI6InBob25lX251bWJlciIsImFjdGl2YXRlZF9yb2xlcyI6WyJhZG1pbiJdfV0sImV4cCI6MTU1NTQxMDQ4MCwiaWF0IjoxNTU1NDA5ODgwLCJub25jZSI6IjNjNWUxODUwLWQ1ZTEtNDg2ZC04N2M4LTJhYWZmNjAwNzJhMyJ9.LRZdTg6tsmyjxQGpNmT6wfhjsP-nrLqOCHcLp_17edjw2-DhkxIvo52E5suGOVfDoVPGp4bsV8apz_smuNCyqN8aoXSWFOTSkqSbm6x9WKbVHD5_kyzhDOcis_DOLFb9I3htI-yNlRhv4kQCqf_oDMGpIcbdCvzffNiAzNjIEj11scHLeJ3NkdE8AcTZwxIH05QqPPCqXb9sFPJCyulFGXBPRxKy_PcDXQEqMkSv99Mt0zh1dLvkY7e3ts9PFyeLarHrimM1LXdeI1qNHK9bEsXCyzdQE3C5AwBOO6MFkIfuXkixDXYYwlX-O5O9fELAiDQa0c4YXKuxDxFwLPdA0w&state=AU_SSSSDFSDFDSSDFSDFADads",
 +
:    "nonce": "42231976-a86d-42e2-8fe6-98f7546bdf89"
 +
:  }
 +
}
 +
 
 +
 
 +
 
 +
|Exceptions=
 +
None
 +
|Cache=
 +
This method is not cached.
 +
|KnownIssues=
 +
None
 +
|VersionHistory=
 +
{{{!}} border="2" style="width:800px;" cellpadding="5" cellspacing="0"
 +
{{!}}- style="background:#88ccff;font-size:110%"
 +
! API Version Number
 +
! Change description
 +
! Changes author
 +
{{!}}- valign="top"
 +
! 7.1
 +
{{!}} Initial method documentation
 +
{{!}} Rafael Morón
 +
{{!}}}
 +
 
 +
|SeeAlso=
 +
* [[BuildOIDCAuthRequest]]
 +
* [https://wikis.tid.es/gvp-dev/index.php/External_authentication_via_4P OIDC External authentication specification]
 +
}}

Latest revision as of 13:30, 2 September 2019

Description

This method can be used to provide devices with the URL to perform the logout request.

UNIAPI also generates some additional parameters:

  • nonce: String value used to associate the logout process with a session identifier. Will be maintained during all the process.

This nonce has to be created by UNIAPI and will be stored in the state variable and returned to the end application. We will use this to represent the logout session during all the flow (and use it for logging and BI logs).

  • state: a json with some parameters is created and encoded as a base64 string, for later use:
{
  "instanceId": 29,  //taken from the token
  "deviceType": 401, //taken from the token,
  "deviceId": 323424234, //taken from the input. Be carefull, this is not the MIB ID, is the DEVICE_ID column
  "userId": 323424234, //taken from the token
  "payloadDevice": "2342dsf2329fjj92332fd",  //taken from the input
  "deviceCallbackUrl": "https://movistarplay.com.cl/sso" // taken from the input
  "nonce":"42231976-a86d-42e2-8fe6-98f7546bdf89" // nonce generated by UNIAPI for this logout session
}

Geo-Location

Geo-location is not involved in the logout phase.

BI

This method creates events in KAFKA with topic = gvp.authentication.external and the following event formats:

{
"ob":"25",
"operation":"OID/logout",
"step":"1 - BuildOIDCLogoutRequest",
"transaction_id":"727fe862-3b46-43ca-8306-14b5076622f6",
"timestamp":"2018-12-13T20:14:34.0875272Z",
"status": "OK",  // OK if the url has been build correctly. ERROR if there was an error in the method. Fill the error with the error code and error_desc with the StatusMessage
"device_type_id":"401",
"device_id":"3243242334",
"user_id":"",
"error": "",
"error_desc":""
}

Parameters

  • payloadDevice (String, optional)
random hash generated by the client and stored locally, to perform security validations.
  • deviceCallbackUrl (String, optional)
the callback url where the device wants to receive the final result of the authentication process.
  • deviceId (String, required)
the ID of the device from which the logout is being performed (DEVICE_ID column)
  • token (String, required)
the logged UNIAPI token from the device app.


Returns

Returns a JSON object containing the generated anonymous token and its expiration time (in UnixTimestamp format).

Example:

{

"StatusCode": 0,
"Severity": 1,
"StatusMessage": "OK",
"Content": {
"logoutUrl": "https://auth.global-int-next.baikalplatform.com/endsession?post_logout_redirect_uri=https://videodomain.es/endsessioncallback&id_token_hint=eyJraWQiOiI0ZjI0MzM3NTI2NThmYTBjMTg4ZDM2MTdmNmNjNDY5ZjQ5NzJiOWYiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhaTk1NjUyMzQiLCJhY3IiOiIyIiwiYXVkIjoidmlkZW8iLCJhdXRob3JpemF0aW9uX2lkIjoiYTk2MDJjM2MtYWQ2OS00NmI0LTljYjgtNWJiNDcwNGY5OGY2IiwiYW1yIjpbImZha2UyIl0sImlzcyI6Imh0dHBzOlwvXC9hdXRoLmdsb2JhbC1pbnQtbmV4dC5iYWlrYWxwbGF0Zm9ybS5jb21cLyIsImF1dGhlbnRpY2F0aW9uX2NvbnRleHQiOlt7ImlkZW50aWZpZXIiOiIrODgyNjAwMDAwMDAyIiwidHlwZSI6InBob25lX251bWJlciIsImFjdGl2YXRlZF9yb2xlcyI6WyJhZG1pbiJdfV0sImV4cCI6MTU1NTQxMDQ4MCwiaWF0IjoxNTU1NDA5ODgwLCJub25jZSI6IjNjNWUxODUwLWQ1ZTEtNDg2ZC04N2M4LTJhYWZmNjAwNzJhMyJ9.LRZdTg6tsmyjxQGpNmT6wfhjsP-nrLqOCHcLp_17edjw2-DhkxIvo52E5suGOVfDoVPGp4bsV8apz_smuNCyqN8aoXSWFOTSkqSbm6x9WKbVHD5_kyzhDOcis_DOLFb9I3htI-yNlRhv4kQCqf_oDMGpIcbdCvzffNiAzNjIEj11scHLeJ3NkdE8AcTZwxIH05QqPPCqXb9sFPJCyulFGXBPRxKy_PcDXQEqMkSv99Mt0zh1dLvkY7e3ts9PFyeLarHrimM1LXdeI1qNHK9bEsXCyzdQE3C5AwBOO6MFkIfuXkixDXYYwlX-O5O9fELAiDQa0c4YXKuxDxFwLPdA0w&state=AU_SSSSDFSDFDSSDFSDFADads",
"nonce": "42231976-a86d-42e2-8fe6-98f7546bdf89"
}

}


Exceptions

None


Caching

This method is not cached.


Known issues

None


Version history

API Version Number Change description Changes author
7.1 Initial method documentation Rafael Morón


See also