Add `Pre-signed queue' api ref

Change-Id: I7a7dfc3a30f3c9d754410fa96ec94b86f1b92ffa
This commit is contained in:
Fei Long Wang 2016-06-23 07:40:01 +12:00
parent 6e0e881890
commit 18fc577923
4 changed files with 126 additions and 1 deletions

View File

@ -167,6 +167,7 @@ _default_message_ttl:
one of the ``reserved attributes`` of Zaqar queues. The value will be
reverted to the default value after deleting it explicitly.
subscriptions:
type: list
in: body
@ -219,3 +220,44 @@ operation_status:
indicate if the actions was successful or not. Ref may contain the
information if the succeeded is False, otherwise it's null.
project_id:
type: string
in: body
required: True
description: |
The ID of current project/tenant.
pre_signed_queue_paths:
type: list
in: body
required: True
description: |
A list of paths the pre-signed queue can support. It could be a set of
``messages``, ``subscriptions``, ``claims``.
pre_signed_queue_methods:
type: list
in: body
required: True
description: |
A list of HTTP methods. The HTTP method(s) this URL was created for. By
selecting the HTTP method, its possible to give either read or read/write
access to a specific resource.
pre_signed_queue_expires:
type: string
in: body
required: True
description: |
The time to indicate when the pre-signed will be expired.
pre_signed_queue_signature:
type: list
in: body
required: True
description: |
The signature is generated after create the pre-signed URL. It can be
consumed by adding below to HTTP headers:
URL-Signature: 6a63d63242ebd18c3518871dda6fdcb6273db2672c599bf985469241e9a1c799
URL-Expires: 2015-05-31T19:00:17Z

View File

@ -247,3 +247,65 @@ Response Example
.. literalinclude:: samples/queue-stats-response.json
:language: javascript
Pre-signed queue
================
.. rest_method:: POST /v2/queues/{queue_name}/share
Create a pre-signed URL for a given queue.
.. note:
In the case of pre-signed URLs, the queue cannot be created lazily. This
is to prevent cases where queues are deleted and users still have a valid
URL. This is not a big issues in cases where theres just 1 pool. However,
if theres a deployment using more than 1 type of pool, the lazily created
queue may end up in an undesired pool and itd be possible for an attacker
to try a DoS on that pool. Therefore, whenever a pre-signed URL is created,
if a pool doesnt exist, it needs to be created.
Normal response codes: 200
Error response codes:
- BadRequest (400)
- Unauthorized (401)
- Not Found (404)
- ServiceUnavailable (503)
Request Parameters
------------------
.. rest_parameters:: parameters.yaml
- queue_name: queue_name
- paths: pre_signed_queue_paths
- methods: pre_signed_queue_methods
- expires: pre_signed_queue_expires
Request Example
---------------
.. literalinclude:: samples/queue-pre-signed-request.json
:language: javascript
Response Parameters
------------------
.. rest_parameters:: parameters.yaml
- project: project_id
- paths: pre_signed_queue_paths
- methods: pre_signed_queue_methods
- expires: pre_signed_queue_expires
- signature: pre_signed_queue_signature
Response Example
----------------
.. literalinclude:: samples/queue-pre-signed-response.json
:language: javascript

View File

@ -0,0 +1,5 @@
{
"paths": ["messages", "claims", "subscriptions"],
"methods": ["GET", "POST", "PUT", "PATCH"],
"expires": "2016-09-01T00:00:00"
}

View File

@ -0,0 +1,16 @@
{
"project": "2887aabf368046a3bb0070f1c0413470",
"paths": [
"/v2/queues/test/messages",
"/v2/queues/test/claims"
"/v2/queues/test/subscriptions"
],
"expires": "2016-09-01T00:00:00",
"methods": [
"GET",
"PATCH",
"POST",
"PUT"
],
"signature": "6a63d63242ebd18c3518871dda6fdcb6273db2672c599bf985469241e9a1c799"
}