Package com.skava.web

Class CredentialsController

java.lang.Object
com.skava.web.CredentialsController
@RestController @RequestMapping("/users") public class CredentialsController extends Object
This controller class contains service end-points that are used to perform Update/Reset password and security questions. Reset password is through answering to security questions.
Author:
Infosys Equinox

  • Constructor Details

    • CredentialsController

      public CredentialsController()
      Default Constructor.

  • Method Details

    • updateUserPasssword

      @PatchMapping("/{userId}/password") public org.springframework.http.ResponseEntity<Object> updateUserPasssword(@PathVariable long userId, @RequestBody UserCredentialsRequest credentialRequest, @RequestHeader(value="x-collection-id",required=true) Long collectionId, @RequestHeader(value="x-auth-token",required=true) String authToken, @RequestParam(value="locale",required=false,defaultValue="en_US") String locale, @RequestHeader(value="x-version",required=false,defaultValue="8.19.7") String version, @RequestHeader(value="x-store-id",required=false,defaultValue="0") long storeId)
      This service endpoint is used to update the user password
      Parameters:
      userId - Indicates the user identifier for which the password has to be updated. Hold long value.
      credentialRequest - Holds UserCredentialsRequest Indicates user credential object that contains credentials like password, security questions.
      collectionId - This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      authToken - This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      locale - API Response and error messages will be responded in the locale mentioned in this parameter.
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      storeId - It Holds a valid unique identifier of the store.
      Returns:
      The ResponseEntity of Object.

    • resetUserPasssword

      @PostMapping("/password") public org.springframework.http.ResponseEntity<UserResetResponse> resetUserPasssword(@RequestBody UserResetRequest resetRequest, @RequestHeader(value="x-collection-id",required=true) Long collectionId, @RequestHeader(value="x-auth-token",required=false) String authToken, @RequestParam(value="locale",required=false,defaultValue="en_US") String locale, @RequestHeader(value="x-version",required=false,defaultValue="8.19.7") String version, @RequestHeader(value="x-store-id",required=false,defaultValue="0") long storeId)
      This service endpoint is used to send password reset request to user
      Parameters:
      resetRequest - Holds UserResetRequest Indicates user reset object that contains information like email, phonenumber, resetparam.
      collectionId - This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      authToken - This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      locale - API Response and error messages will be responded in the locale mentioned in this parameter.
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      storeId - It Holds a valid unique identifier of the store.
      Returns:
      The ResponseEntity of UserResetResponse.

    • validateResetPasssword

      @PatchMapping("/password") public org.springframework.http.ResponseEntity<Object> validateResetPasssword(@RequestBody UserResetRequest resetRequest, @RequestHeader(value="x-collection-id",required=true) Long collectionId, @RequestHeader(value="x-auth-token",required=false) String authToken, @RequestParam(value="locale",required=false,defaultValue="en_US") String locale, @RequestHeader(value="x-version",required=false,defaultValue="8.19.7") String version, @RequestHeader(value="x-store-id",required=false,defaultValue="0") long storeId)
      This service endpoint is used to validate the reset password params
      Parameters:
      resetRequest - Holds UserResetRequest Indicates user reset object that contains information like email, phonenumber, resetparam
      collectionId - This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      authToken - This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      locale - API Response and error messages will be responded in the locale mentioned in this parameter.
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      storeId - It Holds a valid unique identifier of the store.
      Returns:
      The ResponseEntity of Object.

    • updateSecurityQuestions

      @PutMapping("/{userId}/securityquestions") public org.springframework.http.ResponseEntity<List<SecurityQuestions>> updateSecurityQuestions(@PathVariable long userId, @RequestBody UserCredentialsRequest credentialRequest, @RequestHeader(value="x-collection-id",required=true) Long collectionId, @RequestHeader(value="x-auth-token",required=true) String authToken, @RequestParam(value="locale",required=false,defaultValue="en_US") String locale, @RequestHeader(value="x-version",required=false,defaultValue="8.19.7") String version, @RequestHeader(value="x-store-id",required=false,defaultValue="0") long storeId)
      This service endpoint is used to update the security questions
      Parameters:
      userId - Indicates the user identifier for which the security questions has to be updated. Holds long value.
      credentialRequest - Holds UserCredentialsRequest Indicates user credential object that contains credentials like password, security questions
      collectionId - This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      authToken - This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      locale - API Response and error messages will be responded in the locale mentioned in this parameter.
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      storeId - It Holds a valid unique identifier of the store.
      Returns:
      The ResponseEntity of List of SecurityQuestions. Returns the list of security Questions for an user.

    • getSecurityQuestions

      @GetMapping("/{userId}/securityquestions") public org.springframework.http.ResponseEntity<List<SecurityQuestions>> getSecurityQuestions(@PathVariable long userId, @RequestHeader(value="x-collection-id",required=true) Long collectionId, @RequestHeader(value="x-auth-token",required=true) String authToken, @RequestParam(value="locale",required=false,defaultValue="en_US") String locale, @RequestHeader(value="x-version",required=false,defaultValue="8.19.7") String version, @RequestHeader(value="x-store-id",required=false,defaultValue="0") long storeId)
      This service endpoint is used to load security questions with answers
      Parameters:
      userId - Indicates the user id of which user's security questions to be loaded. Holds long value.
      collectionId - This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      authToken - This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      locale - API Response and error messages will be responded in the locale mentioned in this parameter.
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      storeId - It Holds a valid unique identifier of the store.
      Returns:
      The ResponseEntity of List of SecurityQuestions. Returns the list of security Questions for an user.

    • getAllSecurityQuestions

      @PostMapping("/securityquestions") public org.springframework.http.ResponseEntity<List<SecurityQuestions>> getAllSecurityQuestions(@RequestBody UserCredentialsRequest credentialRequest, @RequestHeader(value="x-collection-id",required=true) Long collectionId, @RequestHeader(value="x-auth-token",required=false) String authToken, @RequestParam(value="locale",required=false,defaultValue="en_US") String locale, @RequestHeader(value="x-version",required=false,defaultValue="8.19.7") String version, @RequestHeader(value="x-store-id",required=false,defaultValue="0") long storeId)
      This service endpoint is used to load security questions without answers
      Parameters:
      credentialRequest - Holds UserCredentialsRequest Indicates user credential object that contains credentials like password, security questions.
      collectionId - This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      authToken - This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      locale - API Response and error messages will be responded in the locale mentioned in this parameter.
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      storeId - It Holds a valid unique identifier of the store.
      Returns:
      The ResponseEntity of List of SecurityQuestions. Returns the list of security Questions for an user.

    • validateSecurityAnswers

      @PostMapping("/securityquestions/password") public org.springframework.http.ResponseEntity<Object> validateSecurityAnswers(@RequestBody UserCredentialsRequest credentialRequest, @RequestParam(value="sendResetMail",required=false,defaultValue="false") boolean sendResetMail, @RequestHeader(value="x-collection-id",required=true) Long collectionId, @RequestHeader(value="x-auth-token",required=false) String authToken, @RequestParam(value="locale",required=false,defaultValue="en_US") String locale, @RequestHeader(value="x-version",required=false,defaultValue="8.19.7") String version, @RequestHeader(value="x-store-id",required=false,defaultValue="0") long storeId)
      This service is used to rest password by validating security questions
      Parameters:
      credentialRequest - Holds UserCredentialsRequest Indicates usercredential object that contains credentials like password, security questions.
      sendResetMail - this param holds the Reset email
      collectionId - This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      authToken - This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      locale - API Response and error messages will be responded in the locale mentioned in this parameter.
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      storeId - It Holds a valid unique identifier of the store.
      Returns:
      The ResponseEntity of Object.