Skip to content
This repository has been archived by the owner on Jul 6, 2023. It is now read-only.

Commit

Permalink
docs: remove inline python and ruby examples
Browse files Browse the repository at this point in the history 
Thanks to issue #1853 we determined that the in-line Python example was
incorrect (out of date). Since we have a python lib that is actually
tested (most of the time), we prefer that get used instead.

Similarly, the ruby example could be out of date and no one on the
project would no, because the maintenance team doesn't know ruby. Plus,
it clearly shells out to curl... and I sure hope that's not the
canonical way to do http in ruby.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
  • Loading branch information
@phlogistonjohn
phlogistonjohn committed May 10, 2021
1 parent 69b5267 commit 9557a96
Showing 1 changed file with 0 additions and 66 deletions.
66 changes: 0 additions & 66 deletions docs/api/api.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,72 +97,6 @@ There are JWT libraries available for most languages as highlighted on [jwt.io](

`Authorization: Bearer eyJhb[...omitted for brevity...]HgQ`

### Python Example
Here is an example of how to create a token as Python client:

```python
import jwt
import datetime
import hashlib

method = 'GET'
uri = '/volumes'
secret = 'My secret'

claims = {}

# Issuer
claims['iss'] = 'admin'

# Issued at time
claims['iat'] = datetime.datetime.utcnow()

# Expiration time
claims['exp'] = datetime.datetime.utcnow() \
+ datetime.timedelta(minutes=10)

# URI tampering protection
claims['qsh'] = hashlib.sha256(method + '&' + uri).hexdigest()

print jwt.encode(claims, secret, algorithm='HS256')
```

Example output:

```
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhZG1pbiIsImlhdCI6MTQzNTY4MTY4OSwicXNoIjoiYzE2MmFjYzkwMjQyNzIxMjBiYWNmZmY3NzA5YzkzMmNjMjUyMzM3ZDBhMzBmYTE1YjAyNTAxMDA2NjY2MmJlYSIsImV4cCI6MTQzNTY4MjI4OX0.ZBd_NgzEoGckcnyY4_ypgJsN6Oi7x0KxX2w8AXVyiS8
```

### Ruby Example
Run this as: `./heketi-api.rb volumes`

```ruby
#!/usr/bin/env ruby

require 'jwt'
require 'digest'

user = "admin"
pass = "password"
server = "http://heketi.example.com:8443"

uri = "/#{ARGV[0]}"

payload = {}

headers = {
iss: 'admin',
iat: Time.now.to_i,
exp: Time.now.to_i + 600,
qsh: Digest::SHA256.hexdigest("GET&#{uri}")
}

token = JWT.encode headers, pass, 'HS256'

exec("curl -H \"Authorization: Bearer #{token}\" #{server}#{uri}")
```

Copy this example token and decode it in [jwt.io](http://jwt.io) by pasting it in the token area and changing the secret to `My secret`.

## More Information
* [JWT Specification](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html)
Expand Down

0 comments on commit 9557a96

Please sign in to comment.