wso2 ei发送请求
In my previous blog, I’ve explained how user self registration works in a nutshell. In this blog I will explain the API requests and responses. Please note that this feature is available for WSO2 IS 5.7.0 WUM updated version and will be available for WSO2 IS 5.10.0 which will be released in the near future.
在我以前的博客中 ,我简要地解释了用户自注册的工作原理。 在此博客中,我将解释API请求和响应。 请注意,此功能可用于WSO2 IS 5.7.0 WUM更新版本,并将可用于WSO2 IS 5.10.0,它将在不久的将来发布。
Before moving forward I would like to explain about the notification management mechanisms that WSO2 Identity Server Offers. The Identity Server provides the capability for the application developer to manage notifications internally or externally.
在继续之前,我想解释一下WSO2 Identity Server提供的通知管理机制。 Identity Server为应用程序开发人员提供了在内部或外部管理通知的功能。
Internal notification management: The server will send the notifications to the user and the verification will be done by the server for given confirmation codes.
内部通知管理:服务器将向用户发送通知,服务器将针对给定的确认码进行验证。
External notification management: The server will not send any notifications. This scenario is used when the developer has an in-house notification management system (separate external notification management mechanism).
外部通知管理:服务器将不发送任何通知。 当开发人员具有内部通知管理系统(单独的外部通知管理机制)时,将使用此方案。
Navigate to Main>Identity>Identity Providers>Account Management Policies>User Self Registration to activate the feature.
导航对主要>身分>身分提供者>帐户管理策略>用户自注册激活功能。
User Self-Registration configurations in resident IDP configurations 驻留IDP配置中的用户自我注册配置Also I would like to explain another property related to self registration called Enable Account Lock On Creation. When this property is enabled, the account of the user will be locked on creation. To unlock the account, the user needs to confirm the account by using the confirmation code issued by the server.
另外,我想解释一下与自我注册相关的另一个属性,即“ 启用创建帐户锁定”。 启用此属性后,用户帐户将在创建时被锁定。 要解锁帐户,用户需要使用服务器发出的确认码来确认帐户。
The feature improvement is provided for the existing User-Self Registration APIs. Therefore you can refer to the API documentation for more details. In this blog, I will only explain about the new feature.
现有的用户自行注册API提供了功能改进。 因此,您可以参考API文档以了解更多详细信息。 在此博客中,我将仅介绍新功能。
With the added functionality, the responses of the existing APIs have been improved. To support the backward compatibility, we have introduced a new property to enable detailed responses. By default, the improved responses are not returned. To enable the improved responses add the following configurations to the identity.xml file in <HOME>/repository/conf/identity folder inside <SelfRegistration> tags.
通过增加的功能,现有API的响应得到了改善。 为了支持向后兼容性,我们引入了一个新属性来启用详细响应。 默认情况下,不返回改进的响应。 要启用改进的响应,请将以下配置添加到<SelfRegistration>标记内的<HOME> / repository / conf / identity文件夹中的identity.xml文件中。
<API> <EnableDetailedResponseBody>true</EnableDetailedResponseBody> </API>(Please refer to my blog on configuring IS to support multiple notification channels for more details on configuring the server and adding channel related claims)
(有关配置服务器和添加与通道相关的声明的更多详细信息,请参阅我的博客,以将IS配置为支持多个通知渠道)
During this article, I will use the above property enabled, to demonstrate the improved API responses.
在本文中,我将使用启用的上述属性来演示改进的API响应。
In the above request note that there is separate identity claims to get the user preferred notification channel and verified notification channels.
在上述请求中,存在单独的身份声明,以获取用户首选的通知渠道和已验证的通知渠道。
{"uri": "http://wso2.org/claims/identity/preferredChannel","value": "EMAIL"}As I mentioned in my previous blog, above claim is an optional claim. When the server receives the above request, the server will validate the channel and verified claims and then notification will be triggered.
正如我在之前的博客中提到的,以上声明是可选声明。 当服务器收到上述请求时,服务器将验证频道和已验证的声明,然后将触发通知。
The API will return http code: 201 for successful user registration with the following responses. Following are the two sub scenarios.
API将返回http代码:201,以成功进行用户注册并显示以下响应。 以下是两个子方案。
The user self registers with verified claims : In this scenario, if the verified claims match the preferred notification channel, the user will be created and the account will be unlocked since the user is already verified via the preferred channel. (Refer to my previous blog to read about the preferred channel selection criteria)(NOTE: The received verified claim will be set as an attribute to the user)
用户自行向已验证的声明注册:在这种情况下,如果已验证的声明与首选通知渠道匹配,则将创建用户,并且将解锁帐户,因为已通过首选渠道验证了用户。 (请参阅我以前的博客,以了解首选的频道选择条件)( 注:收到的经过验证的声明将被设置为用户的属性)
Sample Request
样品申请
curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4="Sample Response
样品响应
{"code": "USR-02004","message": "Successful user self registration with verified channel. Account verification not required.","notificationChannel": null,"confirmationCode": null}If the verified claims do not match the preferred notification channel, the user will be created and the user will be asked to verify the account via the preferred channel. (Eg: If the preferred channel is EMAIL and SMS channel is verified)
如果已验证的声明与首选通知渠道不匹配,则会创建用户,并要求用户通过首选渠道验证帐户。 (例如:如果首选渠道是EMAIL,并且SMS渠道已通过验证)
{"uri": "http://wso2.org/claims/identity/phoneVerified","value": "true"},{"uri": "http://wso2.org/claims/identity/preferredChannel","value": "EMAIL"}(NOTE: The received verified claim will be set as an attribute to the user and the account will be unlocked only upon the confirmation)
( 注意:收到的已验证声明将被设置为用户的属性,并且只有在确认后,帐户才会被解锁)
Sample Response
样品响应
{"code": "USR-02001","message": "Successful user self registration. Pending account verification","notificationChannel": "EMAIL","confirmationCode": null}2. The user self registers without verified claims : A notification will be sent to the user and the user will be asked to verify via the preferred channel (Refer to my previous blog to read about the preferred channel selection criteria). The following response will be returned by the API. (NOTE: After confirming the user account, the confirmed channel will be considered as a verified channel)
2.用户自行注册但没有经过验证的声明 :将会向用户发送通知,并要求用户通过首选渠道进行验证(请参阅我以前的博客,以了解首选渠道选择标准)。 API将返回以下响应。 ( 注意 :确认用户帐户后,已确认的频道将被视为已验证频道)
Sample Request
样品申请
curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4="Sample Response
样品响应
{"code": "USR-02001","message": "Successful user self registration. Pending account verification","notificationChannel": "SMS","confirmationCode": null}This scenario is similar to the above scenario, except for the self registration API responses. If the user self registration is successful, http code: 201 will be returned with the following responses. Following are the two sub scenarios.
除了自我注册API响应之外,此方案与以上方案类似。 如果用户自注册成功,则将返回http代码:201,并显示以下响应。 以下是两个子方案。
The user self registers with verified claims : This scenario is identical to the above scenario. In this scenario, if the verified claims match the preferred notification channel, the user will be created and the account will be unlocked since the user is already verified via the preferred channel.
用户自行注册经过验证的声明:此方案与上述方案相同。 在这种情况下,如果已验证的声明与首选通知渠道匹配,则将创建用户,并且帐户将被解锁,因为已经通过首选渠道对用户进行了验证。
{"code": "USR-02004","message": "Successful user self registration with verified channel. Account not locked on user creation.","notificationChannel": null,"confirmationCode": null}However, if the verified claims do not match the preferred notification channel, the response will be different.
但是,如果已验证的声明与首选通知渠道不匹配,则响应将有所不同。
{"code": "USR-02002", "message":"Successful user self registration. External verification required","notificationChannel": "EXTERNAL","confirmationCode": "fb03f437-a46f-4da1-8e99-fafab4aad4a4"}Note that the API has returned a confirmation code. Now the application developer has to verify the user externally and confirm the flow to IS using the returned confirmation code. I will get back to account confirmation later.
请注意,API已返回确认代码 。 现在,应用程序开发人员必须从外部验证用户,并使用返回的确认代码来确认流向IS的流程。 稍后我将返回帐户确认。
2. The user self registers without verified claims : This scenario is similar to the above except for the API response. A notification will be sent to the user and the user will be asked to verify via the preferred channel.
2.用户自行注册,没有经过验证的声明 :除了API响应外,此方案与上述情况类似。 通知将发送给用户,并要求用户通过首选渠道进行验证。
{"code": "USR-02002", "message":"Successful user self registration. External verification required","notificationChannel": "EXTERNAL","confirmationCode": "fb03f437-a46f-4da1-8e99-fafab4aad4a4"}In this scenario, the API will return a confirmation code to verify the user account externally.
在这种情况下,API将返回确认代码以从外部验证用户帐户。
When the account lock on user creation is disabled, no notifications will be sent to the user and the account of the user will not be locked. The API will return the following response.
如果禁用了用户创建帐户锁定功能,则不会向用户发送任何通知,也不会锁定用户帐户。 API将返回以下响应。
{"code": "USR-02003","message": "Successful user self registration. Account not locked on user creation","notificationChannel": null,"confirmationCode": null}However, when a user self registers with verified claims priority will be given to the verified claims.
但是,当用户使用已验证的声明进行自我注册时,将优先考虑已验证的声明。
In this scenario, if the verified claims match the preferred notification channel, the user will be created and the account will be unlocked. 在这种情况下,如果已验证的声明与首选通知渠道匹配,则将创建用户并且帐户将被解锁。If the verified claims do not match the preferred notification channel, the user will be created and the account will be unlocked since account lock on user creation is disabled.
如果验证的权利要求书不匹配的优选通知信道时,用户将被创建并账户将被解锁,因为在用户创建帐户锁定被禁用。
Not providing value to the preferred channel claim. (HTTP code: 400) Eg: Specifying preferred channel as EMAIL but not providing value for http://wso2.org/claims/emailaddress claim.
没有为首选渠道声明提供价值。 (HTTP代码:400)例如:将首选渠道指定为EMAIL,但未提供http://wso2.org/claims/emailaddress声明的值。
{"code": "USR-10002","message": "Bad Request","description": "User specified communication channel does not have any value"}If any server errors were occurred, a detailed error response will be returned by the server with Http code 500.
如果发生任何服务器错误,则服务器将使用Http代码500返回详细的错误响应。
As I explained in my previous blog, the server uses existing API for account confirmation. In here I will explain the new additions to the API request.
正如我在上一篇博客中所解释的那样,服务器使用现有的API进行帐户确认。 在这里,我将解释API请求的新增功能。
Sample Request
样品申请
curl -k -v -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d '{ "code": "84325529-8aa7-4851-8751-5980a7f2d9f7","verifiedChannel":{"type":"SMS", "claim":"http://wso2.org/claims/mobile"},"properties": []}' "https://localhost:9443/api/identity/user/v1.0/validate-code"verifiedChannel is a newly introduced parameter which is optional in the request. Let me explain the parameter a bit more.
verifyChannel是新引入的参数,在请求中是可选的。 让我再解释一下该参数。
Type: Type of the verified notification channel. Currently, IS supports only SMS and EMAIL channels. (NOTE: EXTERNAL is not a channel type)
类型:已验证的通知渠道的类型。 当前,IS仅支持SMS和EMAIL通道。 ( 注意: EXTERNAL不是通道类型)
Claim: Claim of the verified channel (NOTE: All the claims and terms are case sensitive)
声明:已验证频道的声明( 注意:所有声明和条款均区分大小写)
If the Request excluded verifiedChannel parameter, the Email Verified claim will be set to TRUE.
如果“请求排除已验证的渠道”参数,则“ 电子邮件已验证”声明将设置为TRUE 。
If the Request included the verifiedChannel parameter, and the verified channel is supported by the server, verified claim associated with that channel will be set to TRUE. If the verified channel is not supported, an error will be thrown.
如果请求包含了verifyChannel参数,并且服务器支持了已验证的频道,则与该频道关联的已验证的声明将设置为TRUE 。 如果不支持通过验证的频道,则会引发错误。
Alright folks this is how the API responds to different requests. Even through the new feature uses the existing APIs, the server requires several additional configurations to use the new feature. So make sure to check my blog on configuring user self registration to support multiple notification channels.
好的,这就是API响应不同请求的方式。 即使通过使用现有API的新功能,服务器也需要一些其他配置才能使用新功能。 因此,请确保查看我的博客,以配置用户自注册以支持多个通知渠道。
翻译自: https://medium.com/@somindagamage/requests-and-responses-of-user-self-registration-rest-apis-in-wso2-identity-server-2b854e3bdb3c
wso2 ei发送请求
相关资源:WSO2ESB汉化