Produced by Araxis Merge on 8/16/2019 12:01:56 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | Direct_DSM.zip\Direct_DSM\api\application\views\api\onboarding\services | automatic_reply_create.php | Tue Aug 13 17:31:20 2019 UTC |
| 2 | Direct_DSM.zip\Direct_DSM\api\application\views\api\onboarding\services | automatic_reply_create.php | Thu Aug 15 16:08:48 2019 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 2 | 286 |
| Changed | 1 | 2 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | <?php | |
| 2 | /** | |
| 3 | * @packag e direct-a s-a-servic e | |
| 4 | * @subpac kage views | |
| 5 | * @fileso urce | |
| 6 | */ /** */ | |
| 7 | ||
| 8 | $this->loa d->view('a pi/header' ); | |
| 9 | $this->loa d->view('a pi/nav'); | |
| 10 | ?> | |
| 11 | <h1><a hre f="/onboar ding/docum entation/" class="un derline">D ocumentati on</a> &ra rr; /direc t/automati c_reply/cr eate - GET </h1> | |
| 12 | <p>The Aut omatic Rep ly service allows au thorized a pplication s to creat e an “Out of Office” message f or a mailb ox and can accessed by sending a GET req uest to di rect/autom atic_reply /create | |
| 13 | </p> | |
| 14 | <h3>Authen tication</ h3> | |
| 15 | <p> | |
| 16 | The AP I authenti cation uti lized is b ased upon hash messa ge authent ication co de (HMAC). HMAC is a n authenti cation met hod that c ombines a cryptograp hic hash f unction wi th a secre t cryptogr aphic key. After the successfu l registra tion of an applicati on on the API, a pub lic and pr ivate key like the e xample bel ow will be provision ed for its use. | |
| 17 | </p> | |
| 18 | <p class=" code"> | |
| 19 | Public Key: eca4 15a13daaec 88cabba68b 81a2149c97 800864acd9 ef0e15b5b8 426de2464d | |
| 20 | <br/>P rivate Key : 0097cd10 9a3b72df1f 988e4a6e3e 344ecc02cd ab9a03736b c12463b7d1 b889a8 | |
| 21 | </p> | |
| 22 | <p> | |
| 23 | On eve ry request that an a pplication sends to the API th ey must in clude an A uthorizati on header. The autho rization h eader is a string th at the API will util ize to con firm the i dentity, a nd the mes sage conte nt, of the sender. T he authori zation hea der consis ts of thre e parts. T he first p art is the API ident ifier, rep resented b y the word "DAAS", w hich stand s for Dire ct as a Se rvice. The API ident ifier is f ollowed by a space t hat separa tes it fro m the iden tifying co ntent. The identifyi ng content consists of the uni que public key and t he base64 encoded HM AC hash ge nerated by the reque st content and the p rivate key , delimite d by a col on. An exa mple of th e authoriz ation head er is belo w. | |
| 24 | </p> | |
| 25 | <p class=" code"> | |
| 26 | Author ization: D AAS eca415 a13daaec88 cabba68b81 a2149c9780 0864acd9ef 0e15b5b842 6de2464d: Y2UwOTMwNG RmYzhlNTQ0 YTZiODlmMD kwYWQzOWY1 ODZmNzI4OT E5NTc3ZTYy YWE2M2EwNT hlMGIzMTZk ZTZlZA== | |
| 27 | </p> | |
| 28 | <p> | |
| 29 | The HM AC string is generat ed by runn ing an HMA C hash fun ction on a plain tex t string a nd the app lication's private k ey. The pl ain text s tring that must be h ashed usin g HMAC is constructe d as follo ws: | |
| 30 | <ul> | |
| 31 | <li>HT TP Request Type</li> | |
| 32 | <li>Da te</li> | |
| 33 | <li>Co ntent-MD5 (Optional) </li> | |
| 34 | <li>Co ntent Type (Not incl uding boun dary)</li> | |
| 35 | <li>UR I</li> | |
| 36 | </ul> | |
| 37 | These valu es are sep arated by new line c haracters ("\n"). An example o f the plai n text str ing is bel ow: | |
| 38 | </p> | |
| 39 | <p class=" code"> | |
| 40 | GET\n0 6/03/2013 12:13:56 E ST\niB94ga wbwUSiZy5F uruIOQ==\n multipart/ form-data\ n/direct/a utomatic_r eply/creat e/format/j son | |
| 41 | </p> | |
| 42 | <p> | |
| 43 | The st ring above is hashed with the applicatio n's privat e key usin g the SHA- 256 algori thm. A sni ppet of Ja vaScript c ode showin g an examp le of this is shown below: | |
| 44 | </p> | |
| 45 | <p class=" code"> | |
| 46 | var ha shString = CryptoJS. HmacSHA256 ("GET\n06/ 03/2013 12 :13:56 EDT \niB94gawb wUSiZy5Fur uIOQ==\nmu ltipart/fo rm-data\n/ direct/aut omatic_rep ly/create/ format/jso n","0097cd 109a3b72df 1f988e4a6e 3e344ecc02 cdab9a0373 6bc12463b7 d1b889a8") ; | |
| 47 | <br/>v ar base64 = encode64 (""+hashSt ring); | |
| 48 | <br/>v ar authori zation = " DAAS eca41 5a13daaec8 8cabba68b8 1a2149c978 00864acd9e f0e15b5b84 26de2464d: "+base64; | |
| 49 | </p> | |
| 50 | <p> | |
| 51 | In the example a bove the C ontent MD5 is provid ed but thi s is an op tional fie ld. If the Content M D5 header is not spe cified the n the hash should no t have the MD5 speci fied eithe r. | |
| 52 | </p> | |
| 53 | <h3>Header s</h3> | |
| 54 | <div class ="column"> | |
| 55 | <div c lass="left "> | |
| 56 | <u l> | |
| 57 | <li>Auth orization< /li> | |
| 58 | <p> | |
| 59 | The first requ ired heade r is the A uthorizati on header covered in the Authe ntication section at the top o f this pag e. | |
| 60 | </p> | |
| 61 | <li>Date or X-Daas -Date</li> | |
| 62 | <p> | |
| 63 | The second req uired head er that mu st be incl uded is th e Date hea der. Some browsers w ill not le t an appli cation spe cify the D ate header programma tically, s o in this case it is also acce ptable to use the X- Daas-Date header as the API wi ll interpr et them in terchangea bly. This header sho uld be pop ulated wit h the curr ent date a nd time, i n any stan dard forma t (includi ng time zo ne informa tion if no t time zon e agnostic ), when th e POST req uest is su bmitted. T he value s upplied in the Date header mus t match th e value us ed in the creation o f the hash string fo r the Auth orization header. | |
| 64 | </p> | |
| 65 | </ ul> | |
| 66 | </div> | |
| 67 | <div c lass="righ t"> | |
| 68 | <u l> | |
| 69 | <li>Cont ent-Type</ li> | |
| 70 | <p> | |
| 71 | The final requ ired heade r for POST requests is the Con tent-Type. The Conte nt-Type he ader must match the Content-Ty pe provide d in the h ash string for the A uthorizati on header except the hash stri ng does no t include the bounda ry paramet er of the Content-Ty pe if ther e is one ( i.e. appli cation/x-w ww-form-ur lencoded C ontent-Typ e). | |
| 72 | </p> | |
| 73 | <li>Cont ent-Md5</l i> | |
| 74 | <p> | |
| 75 | The optional h eader is t he Content -Md5 heade r. This he ader shoul d contain an MD5 has h of the e ntire POST body. If this heade r is speci fied then it must al so be incl uded in th e hash str ing for th e Authoriz ation head er. When p rovided, t his serves as an ext ra securit y precauti on above a nd beyond TLS to ens ure the PO ST request sent has not been m odified in transit. | |
| 76 | </p> | |
| 77 | </ ul> | |
| 78 | </div> | |
| 79 | </div> | |
| 80 | <h3>Argume nts</h3> | |
| 81 | <p> | |
| 82 | There are 4 argu ments that can be se nt to the create aut omatic rep ly web ser vice. | |
| 83 | </p> | |
| 84 | <div class ="column"> | |
| 85 | <div c lass="left "> | |
| 86 | <u l> | |
| 87 | <li>Mail box</li> | |
| 88 | <p> | |
| 89 | Mailbox Th is is a re quired fie ld which i dentifies which mail box’s mess ages shoul d be retur ned. This is the loc al portion of the Di rect addre ss, i.e., DNS . URL is the Di rect addre ss so that passed va lue you wo uld test.u ser. | |
| 90 | </p> | |
| 91 | <li>Cont ent</li> | |
| 92 | <p> | |
| 93 | Cont ent This i s a requir ed field w hich is th e message body of th e Automati c Reply me ssages. | |
| 94 | </p> | |
| 95 | </ ul> | |
| 96 | </div> | |
| 97 | <div c lass="righ t"> | |
| 98 | <u l> | |
| 99 | <li>Star t_at</li> | |
| 100 | <p> | |
| 101 | This is an opt ional fiel d which in cludes the current s tart date/ time or la ter date/t ime in ord er to send the autom atic reply message t o users. | |
| 102 | </p> | |
| 103 | <li>End_ at</li> | |
| 104 | <p> | |
| 105 | This is an opt ional fiel d which in cludes the current e nd date/ti me or date /time afte r the star t date in order to s end the au tomatic re ply messag es to user s. | |
| 106 | </p> | |
| 107 | </ ul> | |
| 108 | </div> | |
| 109 | </div> | |
| 110 | <h3>Exampl e Response </h3> | |
| 111 | <ul> | |
| 112 | <li>Su ccess</li> | |
| 113 | <ul> | |
| 114 | <l i>HTTP-200 , {“reques t_id”:4, “ content”: “sample me ssage for automatic reply”,“ma ilbox_id”: ”2”,”start _at”: “140 3203517”,” end_at”:” 1403203533 ”} | |
| 115 | </ li> | |
| 116 | </ul> | |
| 117 | <li>Er ror</li> | |
| 118 | <ul> | |
| 119 | <l i> | |
| 120 | HTTP-401 , {"reques t_id":5,"m essage":"A ccess Deni ed. Use No t Authoriz ed."} | |
| 121 | </ li> | |
| 122 | <l i> | |
| 123 | HTTP-403 , {"reques t_id":5,"m essage":"A ccess Deni ed. Use No t Authoriz ed."} | |
| 124 | </ li> | |
| 125 | <l i> | |
| 126 | HTTP-403 , {"reques t_id":6,"m essage":"A ccess Deni ed. User N ot Authori zed."} | |
| 127 | </ li> | |
| 128 | <l i> | |
| 129 | HTTP-422 , {"reques t_id":"886 ","fields" :["content "],"messag e":"'conte nt' is a r equired fi eld."} | |
| 130 | </ li> | |
| 131 | <l i> | |
| 132 | HTTP-422 , {"reques t_id":"894 ","message ":"'start_ at' contai ns invalid input","f ields":["s tart_at"]} | |
| 133 | </ li> | |
| 134 | </ul> | |
| 135 | </ul> | |
| 136 | <h3>Sample Code</h3> | |
| 137 | <p> | |
| 138 | Please click <a href="/onb oarding/do cumentatio n/validate _example"> here</a> t o be taken to some s ample code snippets for the va lidate web service. | |
| 139 | </p> | |
| 140 | </div> | |
| 141 | <?PHP $thi s->load->v iew('api/f ooter'); ? > | |
| 142 | </div> | |
| 143 | </body> | |
| 144 | </html> |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.