Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Admin api updates #741

Merged
merged 4 commits into from
Oct 2, 2020
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 21 additions & 0 deletions AdminAPI.md
Original file line number Diff line number Diff line change
Expand Up @@ -88,3 +88,24 @@ When a webhook is dispatched, the record `topic` is appended as a path component
* `verified`: (string) whether the presentation is verified: `true` or `false`
* `auto_present`: (boolean) prover choice to auto-present proof as verifier requests
* `error_msg`: the previous error message

## API Standard Behaviour

The best way to develop a new admin API or protocol is to follow one of the existing protocols, such as the Credential Exchange or Presentation Exchange.

The `routes.py` file contains the API definitions - API endpoints and payload schemas (note that these are not the Aries message schemas).

The payload schemas are defined using [marshmallow](https://marshmallow.readthedocs.io/) and will be validated automatically when the API is executed (using a middleware). (This raises a status `422` HTTP response with an error message if the schema validation fails.)

API endpoints are defined using [aiohttp_apispec](https://github.com/maximdanilchenko/aiohttp-apispec) tags (e.g. `@doc`, `@request_schema`, `@response_schema` etc.) which define the input and output parameters of the endpoint. API url paths are defined in the `register()` method and added to the swagger page in the `post_process_routes()` method.

The API's should return the folowing HTTP status:

* HTTP 200 for successful API completion, with appropriate response
* HTTP 400 (or appropriate 4xx code) (with an error message) for errors on input parameters (i.e. the user can retry with different parameters and potentially get a successful API call)
* HTTP 404 if a record is expected and not found (generally for GET requests that fetch a single record)
* HTTP 500 (or appropriate 5xx code) if there is some other processing error (i.e. won't make any difference what parameters the user tries) with an error message

.. and should not return:

* HTTP 500 with a stack trace due to untrapped error (we should handle error conditions with a 400 or 404 response, and catch errors and provide a meaningful error message)