john-odonnell
commented
4 years ago | OpenAPI entry | Conjur/config/routes.rb entry | Docs info | Notes | |
|---|---|---|---|---|
| :x: | get '/' => 'status#index' | |||
| :x: | get '/whoami' => 'status#whoami' | WhoAmI | ||
| :x: | get '/authenticators' => 'authenticate#index' | |||
| :x: | get '/:authenticator(/:service_id)/:account/status' => 'authenticate#status' | Authenticator Status | ||
| :x: | patch '/:authenticator/:service_id/:account' => 'authenticate#update_config' | |||
| :white_check_mark: | /authn/{account}/login |
get '/:authenticator(/:service_id)/:account/login' => 'authenticate#login' | Login |
|
| :x: | post '/authn-oidc(/:service_id)/:account/authenticate' => 'authenticate#authenticate_oidc' | OIDC Authenticator, Known docs issues: Add docs on using with Status API | ||
| :x: | post '/authn-gcp/:account/authenticate' => 'authenticate#authenticate_gcp' | GCP Authenticator, Known docs issues: Add docs on using with Status API | ||
| :white_check_mark: | /authn/{account}/{login}/authenticate |
post '/:authenticator(/:service_id)/:account/:id/authenticate' => 'authenticate#authenticate' | Authenticate, Azure Authenticator, Known docs issues: Missing 400 response, Add docs on using with Status API, Document IAM authenticator, Ensuring an authn-iam request header is valid |
|
| :white_check_mark: | /authn/{account}/password |
put '/authn/:account/password' => 'credentials#update_password', defaults: { authenticator: 'authn' } | Change your password | |
| :white_check_mark: | /authn/{account}/api_key |
put '/:authenticator/:account/api_key' => 'credentials#rotate_api_key' | Rotate Personal API Key, Rotate Another Role's API Key, Known docs issues: Need to update credentials required | |
| :x: | post '/authn-k8s/:service_id/inject_client_cert' => 'authenticate#k8s_inject_client_cert' | Endpoint used by authn-k8s to manage the client certificate cert injection, which is a prerequisite to hitting the authn-k8s authenticate route. |
||
| :x: | get "/roles/:account/:kind/*identifier" => "roles#graph", :constraints => QueryParameterActionRecognizer.new("graph") | |||
| :x: | get "/roles/:account/:kind/*identifier" => "roles#all_memberships", :constraints => QueryParameterActionRecognizer.new("all") | |||
| :x: | get "/roles/:account/:kind/*identifier" => "roles#direct_memberships", :constraints => QueryParameterActionRecognizer.new("memberships") | List a Role's Memberships, List a Role's Members | ||
| :white_check_mark: | /roles/{account}/{kind}/{identifier} |
get "/roles/:account/:kind/*identifier" => "roles#members", :constraints => QueryParameterActionRecognizer.new("members") | parameter "search" mentioned in spec, but not defined as an optional request body parameter | |
| :x: | post "/roles/:account/:kind/*identifier" => "roles#add_member", :constraints => QueryParameterActionRecognizer.new("members") | |||
| :x: | delete "/roles/:account/:kind/*identifier" => "roles#delete_member", :constraints => QueryParameterActionRecognizer.new("members") | |||
| :white_check_mark: | /roles/{account}/{kind}/{identifier} |
get "/roles/:account/:kind/*identifier" => "roles#show" | Show a Role | |
| :white_check_mark: | /resources/{account}/{kind}/{identifier} |
get "/resources/:account/:kind/*identifier" => 'resources#check_permission', :constraints => QueryParameterActionRecognizer.new("check") | Check Permission | |
| :white_check_mark: | /resources/{account}/{kind}/{identifier} |
get "/resources/:account/:kind/*identifier" => 'resources#permitted_roles', :constraints => QueryParameterActionRecognizer.new("permitted_roles") | Show Permitted Roles | |
| :white_check_mark: | /resources/{account}/{kind}/{identifier} |
get "/resources/:account/:kind/*identifier" => "resources#show" | Show a Resource | |
| :white_check_mark: | /resources/{account} |
get "/resources/:account/:kind" => "resources#index" | ||
| :white_check_mark: | /resources/{account} |
get "/resources/:account" => "resources#index" | List Resources | |
| :x: | get "/resources" => "resources#index" | |||
| :x: | post "/secrets/:account/:kind/*identifier" => "secrets#expire", :constraints => QueryParameterActionRecognizer.new("expirations") | |||
| :white_check_mark: | /secrets/{account}/{kind}/{identifier} |
get "/secrets/:account/:kind/*identifier" => 'secrets#show' | Retrieve a Secret | |
| :white_check_mark: | /secrets/{account}/{kind}/{identifier} |
post "/secrets/:account/:kind/*identifier" => 'secrets#create' | Set a Secret |
|
| :white_check_mark: | /secrets |
get "/secrets" => 'secrets#batch' | Batch Retrieval | |
| :white_check_mark: | /policies/{account}/policy/{identifier} |
put "/policies/:account/:kind/*identifier" => 'policies#put' | Replace a Policy | 201 response content not defined: should be "application/json" |
| :white_check_mark: | /policies/{account}/policy/{identifier} |
patch "/policies/:account/:kind/*identifier" => 'policies#patch' | Update a Policy | 201 response content not defined: should be "application/json" |
| :white_check_mark: | /policies/{account}/policy/{identifier} |
post "/policies/:account/:kind/*identifier" => 'policies#post' | Append to a Policy | 201 response content not defined: should be "application/json" |
| :white_check_mark: | /public_keys/{account}/{kind}/{identifier} |
get "/public_keys/:account/:kind/*identifier" => 'public_keys#show' | Show Public Keys | |
| :x: | post "/ca/:account/:service_id/sign" => 'certificate_authority#sign' | |||
| :white_check_mark: | /host_factories/hosts |
post "/host_factories/hosts" => 'host_factories#create_host' | Create a Host | |
| :white_check_mark: | /host_factory_tokens |
post "/host_factory_tokens" => 'host_factory_tokens#create' | Create Tokens | |
| :white_check_mark: | /host_factory_tokens/{token} |
delete "/host_factory_tokens/:id" => 'host_factory_tokens#destroy' | Revoke Tokens |
Source: Conjur OSS Route Enumeration.
We need to know what endpoints need to be documented so enumeration of them is the first step. Initial assesment can be done via the routes.rb in Conjur.
AC:
Related to #5 Related to #3 Related to #1