openstack/barbican
Code Issues Proposed changes

Merge "Updated dev guide to include feedback from previous tech review"

Browse Source
This commit is contained in:
Jenkins 2014-10-02 03:39:00 +00:00 committed by Gerrit Code Review
commit be4a58d356
2 changed files with 265 additions and 4118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

590
docs/src/docbkx/ck-devguide.xml
View File

@ -55,7 +55,7 @@
behalf based on their requested encryption algorithm and bit behalf based on their requested encryption algorithm and bit
length. </para> length. </para>
<section xml:id="section_eow_tmw_ad"> <section xml:id="section_eow_tmw_ad">
<title>Intended Audience</title> <title>Intended audience</title>
<para>This guide assists software developers who want to develop <para>This guide assists software developers who want to develop
applications using Barbican. To use this information, you should have applications using Barbican. To use this information, you should have
access to an active OpenStack deployment and be familiar with the access to an active OpenStack deployment and be familiar with the
@ -77,13 +77,13 @@
</para> </para>
</section> </section>
<section xml:id="Additional_Resources"> <section xml:id="Additional_Resources">
<title>Additional Resources</title> <title>Additional resources</title>
<para>You can find additional information about Barbican at <para>You can find additional information about Barbican at
https://github.com/openstack/barbican. For information about https://github.com/openstack/barbican. For information about
OpenStack, refer to http://docs.openstack.org/. </para> OpenStack, refer to http://docs.openstack.org/. </para>
</section> </section>
<section xml:id="change_history"> <section xml:id="change_history">
<title>Document Change History</title> <title>Document change history</title>
<para>This version of the Developer Guide replaces and obsoletes <para>This version of the Developer Guide replaces and obsoletes
all previous versions. The most recent changes are described all previous versions. The most recent changes are described
in the table above.</para> in the table above.</para>
@ -93,9 +93,9 @@
</section> </section>
</chapter> </chapter>
<chapter xml:id="other-features"> <chapter xml:id="other-features">
<title>General API Information</title> <title>General API information</title>
<section xml:id="Core-Concepts"> <section xml:id="Core-Concepts">
<title>Barbican Core Concepts</title> <title>Barbican core concepts</title>
<para>Barbican Core Concepts</para> <para>Barbican Core Concepts</para>
<table rules="all"> <table rules="all">
<caption>Barbican Core Concepts</caption> <caption>Barbican Core Concepts</caption>
@ -144,8 +144,6 @@
xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"> xmlns:html="http://www.w3.org/1999/xhtml">
<title>Authentication</title> <title>Authentication</title>
<para><link linkend="Retrieving_Auth_Token">Retrieving the
Authentication Token</link></para>
<para>To authenticate access to OpenStack services, you must <para>To authenticate access to OpenStack services, you must
first issue an authentication request to OpenStack Identity to first issue an authentication request to OpenStack Identity to
acquire an authentication token. To request an authentication acquire an authentication token. To request an authentication
@ -164,7 +162,7 @@
For example, if the roles for a user change, existing tokens For example, if the roles for a user change, existing tokens
for that user are invalid.</para> for that user are invalid.</para>
<section xml:id="Retrieving_Auth_Token"> <section xml:id="Retrieving_Auth_Token">
<title>Retrieving the Authentication Token</title> <title>Retrieving the authentication token</title>
<para>The authenticate operation provides users with an <para>The authenticate operation provides users with an
authentication token and a list of regional cloud endpoints. authentication token and a list of regional cloud endpoints.
The sample requests and responses in this section illustrate The sample requests and responses in this section illustrate
@ -179,7 +177,7 @@
authentication token and the examples that follow show the authentication token and the examples that follow show the
request and response in JSON format.</para> request and response in JSON format.</para>
<table rules="all"> <table rules="all">
<caption>Request for Authentication Token</caption> <caption>Request for authentication token</caption>
<tbody> <tbody>
<tr> <tr>
<td colspan="1">POST </td> <td colspan="1">POST </td>
@ -200,11 +198,11 @@
(<errorcode>500</errorcode>), serviceUnavailable (<errorcode>500</errorcode>), serviceUnavailable
(<errorcode>503</errorcode>) </simpara> (<errorcode>503</errorcode>) </simpara>
<example> <example>
<title>Authentication Request for US Endpoint: JSON</title> <title>Authentication request for US endpoint: JSON</title>
<programlisting language="json"><xi:include href="./samples/reqAuthenticate.json" parse="text"/></programlisting> <programlisting language="json"><xi:include href="./samples/reqAuthenticate.json" parse="text"/></programlisting>
</example> </example>
<example xml:id="auth-response-example-json"> <example xml:id="auth-response-example-json">
<title>Authentication Response for US Endpoint: JSON</title> <title>Authentication response for US endpoint: JSON</title>
<programlistingco> <programlistingco>
<areaspec> <areaspec>
<area xml:id="response.json.token" units="linecolumn" <area xml:id="response.json.token" units="linecolumn"
@ -240,7 +238,7 @@
<section xml:id="contractVersion" <section xml:id="contractVersion"
xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"> xmlns:html="http://www.w3.org/1999/xhtml">
<title>Contract Versions</title> <title>Contract versions</title>
<para> The version defines the contract and build information <para> The version defines the contract and build information
for the API. </para> for the API. </para>
<para>The contract version denotes the data model and behavior <para>The contract version denotes the data model and behavior
@ -249,7 +247,7 @@
the API might be available at any given time and are not the API might be available at any given time and are not
guaranteed to be compatible with one another. </para> guaranteed to be compatible with one another. </para>
<example> <example>
<title>Sample Request URL for Contract Version 1.0</title> <title>Sample request URL for contract version 1.0</title>
<programlisting>https://&lt;endpoint&gt;/<emphasis role="strong">v1.0</emphasis>/1234</programlisting> <programlisting>https://&lt;endpoint&gt;/<emphasis role="strong">v1.0</emphasis>/1234</programlisting>
</example> </example>
<note> <note>
@ -259,7 +257,7 @@
<section xml:id="Request_Response_Types-d1e903" <section xml:id="Request_Response_Types-d1e903"
xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"> xmlns:html="http://www.w3.org/1999/xhtml">
<title>Request and Response Types</title> <title>Request and response types</title>
<para>The Barbican API supports JSON data serialization formats. <para>The Barbican API supports JSON data serialization formats.
You specify the request format by using the You specify the request format by using the
<code>Content-Type</code> header. The request format is <code>Content-Type</code> header. The request format is
@ -267,7 +265,7 @@
have a request body. You can specify the response format in have a request body. You can specify the response format in
requests by using the <code>Accept</code> header.</para> requests by using the <code>Accept</code> header.</para>
<table rules="all"> <table rules="all">
<caption>Response Format</caption> <caption>Response format</caption>
<?dbfo keep-together="always"?> <?dbfo keep-together="always"?>
<thead> <thead>
<tr align="center"> <tr align="center">
@ -296,16 +294,16 @@
</chapter> </chapter>
<chapter xml:id="volume" xmlns="http://docbook.org/ns/docbook" <chapter xml:id="volume" xmlns="http://docbook.org/ns/docbook"
role="api-reference"> role="api-reference">
<title>API Operations</title> <title>API operations</title>
<para>This chapter describes each of the operations. The following <para>This chapter describes each of the operations. The following
table summarizes all of the operations that are table summarizes all of the operations that are
available:</para> available:</para>
<wadl:resources href="../wadl/Barbican.wadl" <wadl:resources href="../wadl/Barbican.wadl"
xmlns:wadl="http://wadl.dev.java.net/2009/02"/> xmlns:wadl="http://wadl.dev.java.net/2009/02"/>
<section xml:id="Examples"> <section xml:id="Examples">
<title>Examples of Barbican Call Sequences</title> <title>Examples of Barbican call sequences</title>
<section xml:id="Secrets_Info"> <section xml:id="Secrets_Info">
<title>Secrets Examples</title> <title>Secrets examples</title>
<para>The secrets resource provides access to the secret and keying data <para>The secrets resource provides access to the secret and keying data
that is stored in the system. </para> that is stored in the system. </para>
<para>The secret schema represents the actual secret or key that <para>The secret schema represents the actual secret or key that
@ -325,7 +323,7 @@
<para>A secret consists of the following elements:</para> <para>A secret consists of the following elements:</para>
<para> <para>
<table rules="all"> <table rules="all">
<caption>Elements of a Secret</caption> <caption>Elements of a secret</caption>
<col width="15%"/> <col width="15%"/>
<col width="85%"/> <col width="85%"/>
<thead> <thead>
@ -397,309 +395,256 @@
</note> </note>
</para> </para>
<section xml:id="Examples_of_Secrets"> <section xml:id="Examples_of_Secrets">
<title>Examples of Secret Combinations</title> <title>Examples of secret combinations</title>
<para>This section outlines the different request sequences <para>The following request combinations are possible:</para>
you can adhere to when storing secrets. Each sequence uses <para>
different combinations for the <emphasis role="italic" <itemizedlist>
>content type</emphasis> and <emphasis role="italic" <listitem>
>content encoding</emphasis> fields. The content type and <para><link linkend="One_step_secret_using_UTF">One-step sequence to store and
content encoding information is specified either in the retrieve a plain-text secret</link>t</para>
<parameter>payload_content_type</parameter> and </listitem>
<parameter>payload_content_encoding</parameter> parameters <listitem>
of a POST request or in the <parameter>Accept</parameter> <para><link linkend="One_Step_Binary_Secret">One-step sequence to store and
and <parameter>Content-type</parameter> headers of a GET retrieve a binary secret</link></para>
request.</para> </listitem>
<para>The following request combinations are possible:</para> <listitem>
<para> <para><link linkend="Two_Step_Binary_Secret">Two-step sequence to store and
<itemizedlist> retrieve a binary secret</link></para>
<listitem> </listitem>
<para>One-step sequence to create and retrieve a secret <listitem>
using UTF-8/ASCII format</para> <para><link linkend="Two_Step_Plain_text_Secret">Two-step sequence to store and
</listitem> retrieve a plain-text secret</link></para>
<listitem> </listitem>
<para>One-step sequence to create and retrieve a secret </itemizedlist>
using binary format</para> </para>
</listitem> <section xml:id="One_step_secret_using_UTF">
<listitem> <title>One-step sequence for storing and retrieving a plain-text secret</title>
<para>Two-step sequence to create and retrieve a secret <para>The following table shows the sequence for storing and retrieving a plain-text
using binary format</para> secret. When you submit a <command>POST</command> request with the
</listitem> <parameter>payload_content_type</parameter> parameter set to
<listitem> <code>text/plain</code> and do not specify the
<para>One-step sequence to create and retrieve a secret <parameter>payload_content_encoding</parameter> parameter, the payload sent with
using plain text format</para> the <command>POST</command> request is encrypted and stored, and then a response
</listitem> is sent with a reference URL to the secret.</para>
</itemizedlist> <para>
</para> <table rules="all" width="995">
<section xml:id="One_step_secret_using_UTF"> <caption>One-step plain-text secret store and retrieve</caption>
<title>One-Step Sequence for Secrets Using <col width="13%"/>
UTF-8/ASCII</title> <col width="289pt"/>
<para>The following table shows the sequence for creating and <col width="25%"/>
retrieving a secret using UTF-8/ASCII format. When you <col width="34%"/>
submit a <command>POST</command> request with the <thead>
<parameter>payload_content_type</parameter> parameter set to <tr>
<code>text/plain</code> and do not specify the <th>Method</th>
<parameter>payload_content_encoding</parameter> <th>Content type</th>
parameter, the payload sent with the <command>POST</command> request <th>Content encoding</th>
will be encrypted and you should receive a response <th>Result</th>
with a secret reference URL.</para> </tr>
<para> </thead>
<table rules="all"> <tbody>
<caption>One-Step UTF-8/ASCII Secret <tr>
Create/Retrieve</caption> <td><command>POST</command> secrets</td>
<col width="21%"/> <td><code>payload_content_type</code> is set to <code>text/plain</code></td>
<col width="20%"/> <td>Not required, is ignored if provided.</td>
<col width="25%"/> <td>The supplied payload is encrypted and stored.</td>
<col width="34%"/> </tr>
<thead> <tr>
<tr> <td><command>GET</command> secrets</td>
<th>Method</th> <td><code>Accept</code> header is set to <code>application/json</code></td>
<th>Content Type</th> <td>Not required, is ignored if provided </td>
<th>Content Encoding</th> <td>Returns JSON metadata, with the <parameter>content-types</parameter>
<th>Result</th> field set to <code>"default":"text/plain"</code>.</td>
</tr> </tr>
</thead> <tr>
<tbody> <td><command>GET</command> secrets</td>
<tr> <td><code>Accept</code> header is set to <code>text/plain</code></td>
<td><command>POST</command> secrets</td> <td>Not required, is ignored if provided </td>
<td><code>text/plain</code></td> <td>Returns the decrypted plain-text payload from the previous request.</td>
<td>Must be omitted</td> </tr>
<td>The supplied payload is encrypted</td> </tbody>
</tr> </table>
<tr> </para>
<td><command>GET</command> secrets</td> </section>
<td><code>application/json</code> for <section xml:id="One_Step_Binary_Secret">
<code>Accept</code> header</td> <title>One-step sequence for storing and retrieving binary secrets</title>
<td>Not required/ignored</td> <para>The following table shows the one-step sequence for storing and retrieving a
<td>Returns JSON metadata, with binary secret. When you submit a <command>POST</command> request with the
<parameter>content-types</parameter> field set <parameter>payload_content_type</parameter> parameter set to
to <code>"default": "text/plain"</code>.</td> <code>application/octet-stream</code> and the
</tr> <parameter>payload_content_encoding</parameter> parameter set to
<tr> <code>base64</code>, the payload is converted from base64 to binary format and
<td><command>GET</command> secrets</td> encrypted and then stored. You should also receive a response with a reference URL
<td><code>text/plain</code> for <code>Accept</code> to the secret.</para>
header</td> <table rules="all">
<td>Not required/ignored</td> <caption>One-step binary secret store and retrieve</caption>
<td>Returns the decrypted payload from the previous <col width="16%"/>
request.</td> <col width="21%"/>
</tr> <col width="19%"/>
</tbody> <col width="44%"/>
</table> <thead>
</para> <tr>
</section> <th>Method</th>
<section xml:id="One_Step_Binary_Secret"> <th>Content type</th>
<title>One-Step Sequence for Binary Secrets</title> <th>Content encoding</th>
<para>The following table shows the one-step sequence for <th>Result</th>
creating and retrieving a secret using binary format. When </tr>
you submit a <command>POST</command> request with the </thead>
<parameter>payload_content_type</parameter> parameter set to <tbody>
<code>application/octet-stream</code> and the <tr>
<parameter>payload_content_encoding</parameter> <td><command>POST</command>
parameter set to <code>base64</code>, the payload </td>
will be converted from base64 to binary format and encrypted. <td><code>Content-Type</code> header is set to
You should also receive a response <code>application/octet-stream</code></td>
with a secret reference URL.</para> <td><code>base64</code></td>
<table rules="all"> <td>Supplied payload is converted from base64 to binary, and then
<caption>One-Step Binary Secret Create/Retrieve</caption> encrypted.</td>
<col width="16%"/> </tr>
<col width="21%"/> <tr>
<col width="19%"/> <td><command>GET</command>
<col width="44%"/> </td>
<thead> <td><code>Accept</code> header is set to <code>application/json</code></td>
<tr> <td>Not required, is ignored if provided </td>
<th>Method</th> <td>Returns JSON metadata, with the <parameter>content-types</parameter> field
<th>Content Type</th> set to <code>"default":"application/octet-stream"</code></td>
<th>Content Encoding</th> </tr>
<th>Result</th> <tr>
</tr> <td><command>GET</command></td>
</thead> <td><code>Accept</code> header is set to <code>application/octet-stream</code>
<tbody> </td>
<tr> <td>Not specified</td>
<td><command>POST</command> secrets</td> <td>Stored secret is decrypted and returned as raw binary, even if the
<td><code>application/octet-stream</code></td> <command>POST</command> request provided data in <code>base64</code>
<td><code>base64</code></td> format.</td>
<td>Supplied payload is converted from base64 to </tr>
binary, and then encrypted.</td> </tbody>
</tr> </table>
<tr> </section>
<td><command>GET</command> secrets</td> <section xml:id="Two_Step_Plain_text_Secret">
<td><code>application/json</code> for <title>Two-step sequence for storing and retrieving plain-text secrets</title>
<code>Accept</code> header</td> <para>The following table shows the two-step sequence for storing and retrieving a
<td>Not required/ignored</td> plain-text secret. First, you submit a <command>POST</command> request without
<td>JSON metadata, with the specifying a payload, <code>payload_content_type</code>, or
<parameter>content-types</parameter> field set to <code>payload_content_encoding</code>. Submitting a <command>POST</command>
<code>"default": request without this information creates metadata for the secret. To upload,
"application/octet-stream"</code></td> encrypt, and store the secret, submit a <command>PUT</command> request with the
</tr> secret's reference URL that was returned from the <command>POST</command> request,
<tr> and set the <code>Content-Type</code> header to <code>application/octet</code>
<td><command>GET</command> secrets</td> stream.</para>
<td><code>application/octet-stream</code> for <para>
<code>Accept</code> header</td> <table rules="all">
<td>Not specified</td> <caption>Two-step plain-text secret store and retrieve</caption>
<td>Previous payload is decrypted and returned as raw <col width="14%"/>
binary, even if the <command>POST</command> request <col width="23%"/>
provided data in <code>base64</code> format.</td> <col width="18%"/>
</tr> <col width="45%"/>
</tbody> <thead>
</table> <tr>
</section> <th>Method</th>
<section xml:id="Two_Step_Binary_Secret"> <th>Content type</th>
<title>Two-Step Sequence for Binary Secrets</title> <th>Content encoding</th>
<para>The following table shows the two-step sequence for <th>Result</th>
creating and retrieving a secret using binary format. First </tr>
submit a <command>POST</command> request without specifying </thead>
a payload, <code>payload_content_type</code>, or <code>payload_content_encoding</code>. <tbody>
Submitting a <command>POST</command> request without this <tr>
information creates metadata for the secret. To add payload <td><command>POST</command>
information, submit a <command>PUT</command> request with the </td>
secret id that was returned from the <command>POST</command> <td>Not required, is ignored if provided </td>
request, and set the content type to <code>application/octet</code> <td>Not required, is ignored if provided </td>
stream and the content encoding to <code>base64</code>. This will convert <td>Only metadata is created. If the
the payload from <code>base64</code> to binary format and then encrypt <parameter>payload_content_type</parameter> or
it.</para> <parameter>payload_content_encoding</parameter> parameters are provided,
<para> they are not used or saved with the metadata. The
<table rules="all"> subsequent<command>PUT</command> request determines the secret's content
<caption>Two-Step Binary Secret type.</td>
Create/Retrieve</caption> </tr>
<col width="14%"/> <tr>
<col width="23%"/> <td><command>PUT</command> secrets with base64-format secret</td>
<col width="18%"/> <td><code>Content-Type</code> header is set to <code>text/plain</code></td>
<col width="45%"/> <td>Not required, is ignored if provided</td>
<thead> <td>Supplied request body is encrypted as is.</td>
<tr> </tr>
<th>Method</th> <tr>
<th>Content Type</th> <td><command>GET</command> secrets (metadata)</td>
<th>Content Encoding</th> <td><code>Accept</code> header is set to <code>text/plain</code></td>
<th>Result</th> <td>Not required, is ignored if provided </td>
</tr> <td>Returns JSON metadata, with <parameter>content-types</parameter> field
</thead> set to <code>"default": "application/octet-stream"</code>.</td>
<tbody> </tr>
<tr> <tr>
<td><command>POST</command> secrets</td> <td><command>GET</command> secrets (decrypted)</td>
<td>Not required/ignored</td> <td><code>Accept</code> header is set to
<td>Not required/ignored</td> <code>application/octet-stream</code></td>
<td>Only metadata is created. If the <td>Not required, is ignored if provided </td>
<parameter>payload_content_type</parameter> or <td>The previous request is decrypted and returned as raw binary.</td>
<parameter>payload_content_encoding</parameter> </tr>
parameters were provided, they are not used or </tbody>
saved with the metadata. The </table>
subsequent<command>PUT</command> request </para>
determines the secret's content type.</td> </section>
</tr> <section xml:id="Two_Step_Binary_Secret">
<tr> <title>Two-step sequence for storing and retrieving binary secrets</title>
<td><command>PUT</command> secrets, first option <para>The following table shows the two-step sequence for storing and retrieving a
with content encoding set to base64</td> binary secret. First submit a <command>POST</command> request without specifying a
<td><code>Content-Type</code> header set to payload, <code>payload_content_type</code>, or
<code>application/octet-stream</code></td> <code>payload_content_encoding</code>. Submitting a <command>POST</command>
<td><code>Content-Encoding</code> header set to request without payload creates metadata for the secret. To upload base64-format
<code>base64</code></td> secrets, set the <code>Content-Encoding</code> header to <code>base64</code>. To
<td>Supplied request body is converted from upload binary secrets, do not set the <code>Content-Encoding</code> header.</para>
<code>base64</code> to binary, then <para>
encrypted.</td> <table rules="all">
</tr> <caption>Two-step binary secret store and retrieve</caption>
<tr> <col width="16%"/>
<td><command>PUT</command> secrets, second option <col width="16%"/>
as binary</td> <col width="26%"/>
<td><code>Content-Type</code> header set to <col width="42%"/>
<code>application/octet-stream</code></td> <thead>
<td>Not specified</td> <tr>
<td>Supplied request body is encrypted as is.</td> <th>Action</th>
</tr> <th>Content type</th>
<tr> <th>Content encoding</th>
<td><command>GET</command> secrets (metadata)</td> <th>Result</th>
<td><code>Accept</code> header set to </tr>
<code>application/json</code></td> </thead>
<td>Not required/ignored</td> <tbody>
<td>Returns JSON metadata, with <tr>
<parameter>content-types</parameter> field set <td><command>POST</command></td>
to <code>"default": <td>Not required, is ignored if provided </td>
"application/octet-stream"</code></td> <td>Not required, is ignored if provided </td>
</tr> <td>Only metadata is created. If the
<tr> <parameter>payload_content_type</parameter> or
<td><command>GET</command> secrets (decrypted)</td> <parameter>payload_content_encoding</parameter> parameters are provided,
<td><code>Accept</code> header set to they are not used or saved with the metadata. The subsequent
<code>application/octet-stream</code></td> <command>PUT</command> request specifies the content format for the
<td>Not required/ignored</td> secret.</td>
<td>The previous request is decrypted and returned </tr>
as raw binary.</td> <tr>
</tr> <td><command>PUT </command></td>
</tbody> <td><code>Content-Type</code> header is set to <code>text/plain</code>.</td>
</table> <td>Not required, is ignored if provided </td>
</para> <td>Supplied request body is encrypted as is.</td>
</section> </tr>
<section xml:id="Two_Step_Plain_Text_Secret"> <tr>
<title>Two-Step Sequence for Plain Text Secrets</title> <td><command>GET</command></td>
<para>The following table shows the two-step sequence for <td><code>Accept</code> header is set to <code>application/json</code>.</td>
creating and retrieving a secret using binary format. First <td>Not required, is ignored if provided </td>
submit a <command>POST</command> request without <td>Returns JSON metadata, with the <parameter>content-types</parameter>
specifying a payload, <code>payload_content_type</code>, or field set to <code>"default": "text/plain"</code>.</td>
<code>payload_content_encoding</code>. Submitting a <command>POST</command> </tr>
request without payload creates metadata for the secret. <tr>
To add payload information, submit a <td><command>GET</command></td>
<command>PUT</command> request with the secret id that <td><code>Accept</code> header is set to <code>text/plain</code>.</td>
was returned from the <command>POST</command> request, and <td>Not required, is ignored if provided </td>
set the content type to <code>text/plain</code> which will <td>The previous request is decrypted and returned as UTF-8 text.</td>
store the payload as is.</para> </tr>
<para> </tbody>
<table rules="all"> </table>
<caption>Two-Step Plain-Text Secret </para>
Create/Retrieve</caption> </section>
<col width="16%"/>
<col width="16%"/>
<col width="26%"/>
<col width="42%"/>
<thead>
<tr>
<th>Action</th>
<th>Content Type</th>
<th>Content Encoding</th>
<th>Result</th>
</tr>
</thead>
<tbody>
<tr>
<td><command>POST</command></td>
<td>Not required/ignored</td>
<td>Not required/ignored</td>
<td>Only metadata is created. If the
<parameter>payload_content_type</parameter> or
<parameter>payload_content_encoding</parameter>
parameters were provided, they are not used or
saved with the metadata. The subsequent
<command>PUT</command> request specifies the
content format for the secret.</td>
</tr>
<tr>
<td><command>PUT </command></td>
<td><code>Content-Type</code> header is set to
<code>text/plain</code>.</td>
<td>Not required/ignored</td>
<td>Supplied request body is encrypted as is.</td>
</tr>
<tr>
<td><command>GET</command></td>
<td><code>Accept</code> header is set to
<code>application/json</code>.</td>
<td>Not required/ignored</td>
<td>Returns JSON metadata, with the
<parameter>content-types</parameter> field set
to <code>"default": "text/plain"</code></td>
</tr>
<tr>
<td><command>GET</command></td>
<td><code>Accept</code> header is set to
<code>text/plain</code>.</td>
<td>Not specified</td>
<td>The previous request is decrypted and returned
as UTF-8 text.</td>
</tr>
</tbody>
</table>
</para>
</section>
</section> </section>
</section> </section>
<section xml:id="Orders_Info"> <section xml:id="Orders_Info">
<title>Orders Examples</title> <title>Orders examples</title>
<para>The orders resource allows for the generation of secret <para>The orders resource allows for the generation of secret
material by Barbican. The ordering object encapsulates the material by Barbican. The ordering object encapsulates the
workflow and history for the creation of a secret. This workflow and history for the creation of a secret. This
@ -784,13 +729,8 @@
<command>POST</command> request at a command-line <command>POST</command> request at a command-line
interface, as shown in the following example:</para> interface, as shown in the following example:</para>
<para> <para>
<example> <programlisting language="json"><xi:include href="./samples/reqCreateOrder.json" parse="text"/>
<title>Uploading an Order JSON Request
Example</title>
<programlisting language="json">
<xi:include href="./samples/reqCreateOrder.json" parse="text"/>
</programlisting> </programlisting>
</example>
</para> </para>
<para>Make sure to have a payload specified, as well as <para>Make sure to have a payload specified, as well as
a corresponding content type and content a corresponding content type and content

3793
docs/src/wadl/normalized/cq-devguide.wadl
View File

File diff suppressed because it is too large Load Diff