Skip to content

API

Jump to bottom
Matthew Faltys edited this page Sep 23, 2016 · 7 revisions

Binder exposes an api for easy access to data and creating/deleting entries. The following is the specification for endpoints and their protocols.

  • /register : GET : endpoint for first time registering with a new binder instance. This must be done for every new environment unless the environment is set to be bootstrapped.

    • example: curl localhost:8000/register
    • returns : 200 : client sec, a alphanumeric string for authorizing uploads/deletes
    • returns : 400 : instance has already been registered
    • returns : 500 : server error in setting sec key in redis

  • /rotate : GET : endpoint for rotating the binder key.

    • example: curl --form sec=4fm8uR7NmJDA2lcNRIm3h6sDa localhost:8000/rotate
    • returns : 200 : new client sec, a alphanumeric string for authorizing uploads/deletes
    • returns : 400 : instance has not been registered yet
    • returns : 403 : bad authentication. hashed sec key does not match stored value
    • returns : 500 : server error while changing sec keys

  • /upload : POST : endpoint for uploading data to binder.

    • sec : security token for authorizing the upload
    • filename : the desired filename to set newly uploaded file to. (if not set, defaults to the actual filename of the uploaded file)
    • file : the actual file to be uploaded
    • path : a valid directory from the root to place the file
    • example: curl -i --form sec=4fm8uR7NmJDA2lcNRIm3h6sDa --form filename=nsproxy-9b3c7fd-linux-amd64 --form file=@nsproxy localhost:8000/upload
    • returns : 200 : upload completed successfully
    • returns : 400 : not all fields set on upload/malicious characters in filename/file
    • returns : 403 : bad authentication. hashed sec key does not match stored value
    • returns : 500 : server error in writing file

  • /remove : POST : endpoint for removing file from binder

    • sec : security token for authorizing removal
    • filename : filename of the stored file for removal
    • example: curl -i --form sec=4fm8uR7NmJDA2lcNRIm3h6sDa --form filename=nsproxy-9b3c7fd-linux-amd64 localhost:8000/remove
    • returns : 200 : file removed successfully
    • returns : 400 : not all fields set on removal/malicious characters in filename
    • returns : 403 : bad authentication. hashed sec key does not match stored value
    • returns : 500 : server error occurred during file removal

  • /setkey : POST : endpoint for uploading a secure key-value pair.

    • sec : security token for authorizing the upload
    • key : the desired key name to set
    • value : the secure content to be uploaded
    • example: curl -i -d sec=4fm8uR7NmJDA2lcNRIm3h6sDa -d key=customkey -d value="secret content" localhost:8000/setkey
    • returns : 200 : upload completed successfully
    • returns : 400 : not all fields set on upload
    • returns : 403 : bad authentication. hashed sec key does not match stored value
    • returns : 500 : server error in writing file

  • /setfile : POST : endpoint for uploading a secure file.

    • sec : security token for authorizing the upload
    • key : the desired key name to set
    • value : the secure file to be uploaded
    • example: curl -i --form sec=4fm8uR7NmJDA2lcNRIm3h6sDa --form key=customkey --form value=@secret.pem localhost:8000/setfile
    • returns : 200 : upload completed successfully
    • returns : 400 : not all fields set on upload
    • returns : 403 : bad authentication. hashed sec key does not match stored value
    • returns : 500 : server error in writing file

  • /getkey : POST : endpoint for retrieving a secure key-value pair.

    • sec : security token for authorizing the upload
    • key : the desired key name to retrieve
    • example: curl -i -d sec=4fm8uR7NmJDA2lcNRIm3h6sDa -d key=customkey localhost:8000/getkey
    • returns : 200 : completed successfully
    • returns : 400 : not all fields set
    • returns : 403 : bad authentication. hashed sec key does not match stored value
    • returns : 500 : server error in reading key

  • /getfile : POST : endpoint for retrieving a secure file.

    • sec : security token for authorizing the upload
    • key : the desired key name to retrieve
    • example: curl -i -d sec=4fm8uR7NmJDA2lcNRIm3h6sDa -d key=customkey localhost:8000/getfile
    • returns : 200 : completed successfully
    • returns : 400 : not all fields set
    • returns : 403 : bad authentication. hashed sec key does not match stored value
    • returns : 500 : server error in reading file

Clone this wiki locally