Merge "api-ref: Correcting V3 Authentication APIs"

2016-08-11 04:52:59 +00:00 · 2016-08-11 04:52:59 +00:00 · b91f1ae08a
parent f5e33001e8 b3c838153f
commit b91f1ae08a
2 changed files with 112 additions and 100 deletions
--- a/api-ref/source/v3/authenticate-v3.inc
+++ b/api-ref/source/v3/authenticate-v3.inc
@ -104,15 +104,15 @@ Request

 .. rest_parameters:: parameters.yaml

+   - nocatalog: nocatalog
   - domain: domain
-   - name: name
+   - name: user_name
   - auth: auth
   - user: user
   - password: password
-   - id: id
+   - id: user_id
   - identity: identity
-   - methods: methods
-   - nocatalog: nocatalog
+   - methods: auth_methods_passwd

 Request Example
 ---------------
@ -127,15 +127,15 @@ Response Parameters

   - X-Subject-Token: X-Subject-Token
   - domain: domain
-   - methods: methods
+   - methods: auth_methods_passwd
   - expires_at: expires_at
   - token: token
   - extras: extras
   - user: user
   - audit_ids: audit_ids
   - issued_at: issued_at
-   - id: id
-   - name: name
+   - id: user_id
+   - name: user_name


 Password authentication with scoped authorization
@ -157,15 +157,15 @@ Request

 .. rest_parameters:: parameters.yaml

-   - name: name
+   - nocatalog: nocatalog
+   - name: user_name
   - auth: auth
   - user: user
   - scope: scope
   - password: password
-   - id: id
+   - id: user_id
   - identity: identity
-   - methods: methods
-   - nocatalog: nocatalog
+   - methods: auth_methods_passwd

 Request Example
 ---------------
@ -181,7 +181,7 @@ Response Parameters
   - X-Subject-Token: X-Subject-Token
   - domain: domain
   - region_id: region_id
-   - methods: methods
+   - methods: auth_methods_passwd
   - roles: roles
   - url: endpoint_url
   - region: endpoint_region
@ -195,9 +195,9 @@ Response Parameters
   - audit_ids: audit_ids
   - interface: endpoint_interface
   - endpoints: endpoints
-   - type: type
-   - id: id
-   - name: name
+   - type: endpoint_type
+   - id: user_id
+   - name: user_name


 Password authentication with explicit unscoped authorization
@ -219,15 +219,15 @@ Request

 .. rest_parameters:: parameters.yaml

-   - name: name
+   - nocatalog: nocatalog
+   - name: user_name
   - auth: auth
   - user: user
   - scope: scope
   - password: password
-   - id: id
+   - id: user_id
   - identity: identity
-   - methods: methods
-   - nocatalog: nocatalog
+   - methods: auth_methods_passwd

 Request Example
 ---------------
@ -242,7 +242,7 @@ Response Parameters

   - X-Subject-Token: X-Subject-Token
   - domain: domain
-   - methods: methods
+   - methods: auth_methods_passwd
   - roles: roles
   - expires_at: expires_at
   - token: token
@ -250,8 +250,8 @@ Response Parameters
   - user: user
   - audit_ids: audit_ids
   - issued_at: issued_at
-   - id: id
-   - name: name
+   - id: user_id
+   - name: user_name


 Token authentication with unscoped authorization
@ -271,12 +271,12 @@ Request

 .. rest_parameters:: parameters.yaml

-   - identity: identity
-   - token: token
-   - id: id
-   - auth: auth
-   - methods: methods
   - nocatalog: nocatalog
+   - identity: identity
+   - token: auth_token
+   - id: auth_token_id
+   - auth: auth
+   - methods: auth_methods_token

 Request Example
 ---------------
@ -311,14 +311,14 @@ Request

 .. rest_parameters:: parameters.yaml

-   - methods: methods
+   - nocatalog: nocatalog
+   - methods: auth_methods_token
   - auth: auth
-   - token: token
+   - token: auth_token
   - audit_ids: audit_ids
   - scope: scope
-   - id: id
+   - id: auth_token_id
   - identity: identity
-   - nocatalog: nocatalog

 Request Example
 ---------------
@ -367,8 +367,8 @@ Response Parameters
   - X-Subject-Token: X-Subject-Token
   - X-Auth-Token: X-Auth-Token
   - domain: domain
-   - methods: methods
-   - links: links
+   - methods: auth_methods
+   - links: domain_link_response_body
   - user: user
   - token: token
   - expires_at: expires_at
@ -378,8 +378,8 @@ Response Parameters
   - roles: roles
   - audit_ids: audit_ids
   - issued_at: issued_at
-   - id: id
-   - name: name
+   - id: user_id
+   - name: user_name

 Response Example
 ----------------
--- a/api-ref/source/v3/parameters.yaml
+++ b/api-ref/source/v3/parameters.yaml
@ -116,12 +116,6 @@ service_id_path:
  in: path
  required: false
  type: string
-user_id:
-  description: |
-    The user ID.
-  in: path
-  required: true
-  type: string
 user_id_path:
  description: |
    The user ID.
@ -402,6 +396,58 @@ auth:
  in: body
  required: true
  type: object
+auth_domain_id:
+  description: |
+    The ID of the domain.  If you specify a user
+    name, you must specify either a domain ID or domain name.
+  in: body
+  required: false
+  type: string
+auth_methods:
+  description: |
+    The authentication method, which is ``password``,
+    ``token``, or both methods.  Indicates the accumulated set of
+    authentication methods that were used to obtain the token. For
+    example, if the token was obtained by password authentication, it
+    contains ``password``. Later, if the token is exchanged by using
+    the token authentication method one or more times, the
+    subsequently created tokens contain both ``password`` and
+    ``token`` in their ``methods`` attribute.  Unlike multi-factor
+    authentication, the ``methods`` attribute merely indicates the
+    methods that were used to authenticate the user in exchange for a
+    token. The client is responsible for determining the total number
+    of authentication factors.
+  in: body
+  required: true
+  type: array
+auth_methods_passwd:
+  description: |
+    The authentication method. For password
+    authentication, specify ``password``.
+  in: body
+  required: true
+  type: array
+auth_methods_token:
+  description: |
+    The authentication method. For token
+    authentication, specify ``token``.
+  in: body
+  required: true
+  type: array
+auth_token:
+  description: |
+    A ``token`` object. The token authentication
+    method is used. This method is typically used in combination with
+    a request to change authorization scope.
+  in: body
+  required: true
+  type: object
+auth_token_id:
+  description: |
+    A token ID.
+  in: body
+  required: true
+  type: string
 blob:
  description: |
    The credential itself, as a serialized blob.
@ -865,6 +911,12 @@ endpoint_region:
  in: body
  required: true
  type: string
+endpoint_type:
+  description: |
+    The endpoint type.
+  in: body
+  required: true
+  type: string
 endpoint_url:
  description: |
    The endpoint URL.
@ -985,15 +1037,7 @@ groups:
  type: array
 id:
  description: |
-    The ID of the user.  Required if you do not
-    specify the user name.
-  in: body
-  required: false
-  type: string
-id_1:
-  description: |
-    The ID of the domain.  If you specify a user
-    name, you must specify either a domain ID or domain name.
+    [WIP]
  in: body
  required: false
  type: string
@ -1197,45 +1241,6 @@ links_user:
  in: body
  required: true
  type: object
-methods:
-  description: |
-    The authentication method. For password
-    authentication, specify ``password``.
-  in: body
-  required: true
-  type: array
-methods_1:
-  description: |
-    The authentication method. For token
-    authentication, specify ``token``.
-  in: body
-  required: true
-  type: array
-methods_2:
-  description: |
-    The authentication method, which is ``password``,
-    ``token``, or both methods.  Indicates the accumulated set of
-    authentication methods that were used to obtain the token. For
-    example, if the token was obtained by password authentication, it
-    contains ``password``. Later, if the token is exchanged by using
-    the token authentication method one or more times, the
-    subsequently created tokens contain both ``password`` and
-    ``token`` in their ``methods`` attribute.  Unlike multi-factor
-    authentication, the ``methods`` attribute merely indicates the
-    methods that were used to authenticate the user in exchange for a
-    token. The client is responsible for determining the total number
-    of authentication factors.
-  in: body
-  required: true
-  type: array
-name:
-  description: |
-    The user name.  Required if you do not specify
-    the ID of the user.  If you specify the user name, you must also
-    specify the domain, by ID or name.
-  in: body
-  required: false
-  type: string
 name_1:
  description: |
    The name of the domain.  If you specify a user
@ -1335,10 +1340,10 @@ parent_region_id_response_body:
  type: string
 password:
  description: |
-    The user password.
+    The ``password`` object, contains the authentication information.
  in: body
  required: true
-  type: string
+  type: object
 password_expires_at:
  description: |
    The date and time when the password expires. The time zone
@ -1682,17 +1687,9 @@ token:
  in: body
  required: true
  type: object
-token_1:
-  description: |
-    A ``token`` object. The token authentication
-    method is used. This method is typically used in combination with
-    a request to change authorization scope.
-  in: body
-  required: true
-  type: object
 type:
  description: |
-    The endpoint type.
+    [WIP]
  in: body
  required: true
  type: string
@ -1745,6 +1742,13 @@ user_domain_id_update_body:
  in: body
  required: false
  type: string
+user_id:
+  description: |
+    The ID of the user.  Required if you do not
+    specify the user name.
+  in: body
+  required: false
+  type: string
 user_id_1:
  description: |
    The ID of the user who owns the credential.
@ -1769,6 +1773,14 @@ user_id_5:
  in: body
  required: false
  type: string
+user_name:
+  description: |
+    The user name.  Required if you do not specify
+    the ID of the user.  If you specify the user name, you must also
+    specify the domain, by ID or name.
+  in: body
+  required: false
+  type: string
 user_name_create_request_body:
  description: |
    The user name. Must be unique within the owning domain.