Skip to content

API-DOC.md

Latest commit

 

History

History
317 lines (239 loc) · 7.1 KB

API-DOC.md

File metadata and controls

317 lines (239 loc) · 7.1 KB

DDoS Gameboard API documentatie

Basis for the API is: https://<domain>/api/v1

OUATH2

For security purposes you can only communicate with the api through OAuth2, we use Laravel Passport ta handle this for us It Should already be installed when finishing the Install.md by Composer

Setup

Install passport

To setup Laravel Passport before using the api make sure you run the following commands on the server in the CLI:

php artisan install
php artisan passport:client --password

Install a user and give it sole permission to handle the api

As a logged in SuperUser in the winterCMS go to the settings->administrators: (/backend/backend/users)

create a new user:

Login: api
First name: Api
Last Name: SystemOnly
Password: <A Strong Password Off Course>

Now go to permissions tab and deny all permissions but allow the permission "Access API calls", or give the user the DDOS Gameboard API User role.

Auth and get Access Token

POST:/api/authentication

BODY:

{
    "login": {api},
    "password": {That great password from earlier},
}

This call will log the status of a target to the ddosgameboard, the log text is returned to the callee when succesful

RETURNS

{
    "token_type": "Bearer",
    "expires_in": {time},
    "access_token": {hash},
    "refresh_token": {hash},
}

Refresh Access token

POST:/api/authentication/refresh

BODY:

{
    "refresh_token": {hash},
}

This Call return a new access_token and refresh_token for when your access_token has expired

RETURNS

{
    "token_type": "Bearer",
    "expires_in": {time},
    "access_token": {hash},
    "refresh_token": {hash},
}

Miscellaneous

Log status of a Target

POST:/api/v1/target/{id}/state/{state}

where {state} 0 is down and {state} 1 is up

This will log a prefixed message in the Quicklogging and Log in the gameboard about the status The user who logs will be refered as "System" and has user_id 0 in the database

RETURNS (transaction)

{

    "succes": "Target: acme.domain.nl status is: down"
}

Log as system user directly in the Gameboard

When supplying the correct Bearer Acces token you can log straight into the gamboard quicklog and log with

POST:/api/log

x-www-form-urlencoded (encoded as JSON Post form data)

{
  "log": "{custom log text}",
  "timestamp": "14:51:44"
}

ddostests

method URI description
GET /ddostests Gets all DDoS tests

JSON:

GET api/v1/ddostests
[
    {
        "id": 1,
        "start": epoch timestamp,
        "end": epoch timestamp"
        "active": boolean,
        "updated_at": timestamp
    },
     ...
]

Targets

method URI description
GET /targets Gets all targets

A target in this list has only one measurement types. Targets with multiple measurement types need to be added multiple times.

JSON:

GET api/v1/targets
[
   {
      "id": 1,
      "meassurementtype": 1,
      "value": "s3group.nl"
   },
   ...
]

Measurementtypes

method URI description
GET /measurementtypes Get values of all measurementtypes
GET /measurementtypes/{id} Get values of the specified measurementtype

JSON:

GET api/v1/measurementtypes
[
   {
      "id": 1,
      "name": "ping",
      "nodelist": 1,

   },
   ...
]

GET api/v1/measurementtypes/{id}
{
    "name": "ping",
    "nodelist": 1,
    "allnodes": 0
}

measurement types are: ping, http, smtp, dns, traceroute

nodelists

method URI description
GET /nodelists Get values of all nodelists
GET /nodelists/{id} Get values of the specified nodelist

JSON:

GET api/v1/nodelists
   {
      "1":  [
              "nrn-nl.ark",
              "ams3-nl.ark",
              "ens-nl.ark"
      ],
      ...
   }

(edited)

GET api/v1/nodelists/{id}
{
   [
       "nrn-nl.ark",
       "ams3-nl.ark",
       "ens-nl.ark"
   ]
}