Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replace /submitDiagnosis with /report #15

Open
madhavajay opened this issue May 5, 2020 · 0 comments
Open

Replace /submitDiagnosis with /report #15

madhavajay opened this issue May 5, 2020 · 0 comments

Comments

@madhavajay
Copy link
Collaborator

madhavajay commented May 5, 2020

Replace the old /submitDiagnosis endpoint with a new /report endpoint.

The only method supported on /report is POST. There are two forms of request to /report:

Initial Report

When the first report is uploaded, no upload key is included. Initial report upload is rate limited using a proof of work challenge.

Request

{
   "challenge" : {
      "challenge" : {
         "nonce" : "0e0e6fd368aac433f4b59ce218233385",
         "work_factor" : 1024
      },
      "solution" : {
         "nonce" : "15b59b443d8c662473e1534189e46f17"
      }
   },
   "report" : {
      "data" : "YtO6A+YhTu2ne8yqIywl3myGv3ZUICgvDcIMlm5y5TZMxERkg5bLKj+I"
   }
}

The object at challenge.challenge is a challenge which was previously obtained via a GET request to /challenge.

data is a Base64-encoded report.

Behavior

  1. Validate that data is not too long
  2. Validate the solution to the challenge, including validating that the challenge has not expired
  3. Allocate a new upload token, generate a new upload key, and store these along with the report data in the database
  4. Respond with the upload token and upload key

Responses

On success, respond with status code 200 and the following body:

{
   "upload_token": "123-456-9",
    "upload_key": "02f9a1d73a3d5dc00a42200002f52172",
}

On data too long, respond with status code 400 and the following body:

{
    "message": "report data too large"
}

On invalid challenge solution, respond with status code 400 and the following body:

{
    "message": "invalid solution to proof of work challenge"
}

On expired challenge, respond with status code 400 and the following body:

{
    "message": "proof of work challenge expired"
}

Subsequent Report

When subsequent reports are uploaded, the upload key generated after the first report is used to authorize the upload, and no proof of work challenge is required.

Request

{
   "upload_key": "02f9a1d73a3d5dc00a42200002f52172",
   "report" : {
      "data" : "YtO6A+YhTu2ne8yqIywl3myGv3ZUICgvDcIMlm5y5TZMxERkg5bLKj+I"
   }
}

Behavior

  1. Validate that data is not too long
  2. Check that the upload key exists in the database
  3. Publish the report

Response

On success, respond with status code 200 and the following body:

{}

On data too long, respond with status code 400 and the following body:

{
    "message": "report data too large"
}

On invalid upload key, respond with status code 403 and the following body:

{
    "message": "invalid upload key"
}
@joshlf joshlf changed the title Update /submitDiagnosis endpoint Replace /submitDiagnosis with /report May 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant