-
Notifications
You must be signed in to change notification settings - Fork 0
/
apidocs.txt
191 lines (127 loc) · 4.59 KB
/
apidocs.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
Docs
GET
/allrooms
Params: none
Returns: JSON Map:
buildings:
array of:
name: <name of building>
rooms:
array of:
name: <name of room>
id: <id of room>
address: <address of room>
seats: <num seats in room>
building: <name of building>
current: <current occurrence in room>
chatRoomId: <id of chat room, chat room websocket location can be queried with /room/<id>>
onlineUsers: <num of users in the room>
GET
/searchrooms
Params:
q: string query
Returns: JSON Map:
query: <your query>
rooms:
array of:
name: <name of room>
id: <id of room>
address: <address of room>
seats: <num seats in room>
building: <name of building>
current: <current occurrence in room>
chatRoomId: <id of chat room, chat room websocket location can be queried with /room/<id>>
onlineUsers: <num of users in the room>
WEBSOCKET
Websocket URL: wss://<url>/chatsocket
WebSocket messages format is JSON
WebSocket messages are tables, they always contain a parameter "type" to distinguish the message type
There are WebSocket messages that you can send and ones that the server sends to you.
We'll start with the ones that you can send.
MESSAGES THAT YOU CAN SEND
LOGIN MESSAGE
"type": "login"
Send when you want to login to a room.
Params
"room": # ID of the room that you're trying to login to (you should get that from the /allrooms or /searchrooms query (String)
"username": # Your desired username (String)
optional:
"user-id" # (BigInteger) Your public user ID (RSA public key) - If you want to identify yourself. See CHALLENGE & RESPONSE LOGIN
"challenge-response" # (String) Response to your challenge
Example
{
"type": "login",
"room": "abc123",
"username": "Supergrobi"
"user-id": <your public string>
"challenge-response": <your challenge response> (base64)
}
CHAT MESSAGE
Send when you are logged in to a room, and want to send a text message.
"type": "message"
Params
"message": # The message you want to send (String)
IMAGE MESSAGE
Send when you are logged in to a room, and want to send a text message.
"type": "image"
Params
"image": # The image you want to send (Base64)
MESSAGES THAT CAN BE SENT TO YOU
ERROR MESSAGE
"type": "error"
Sent when there's an error.
Params
"reason": # Human-readable message of what happened (String)
"id": # ID of the error
CHAT MESSAGE
"type": "message"
Sent when someone wrote something.
Params
"username": # Username of the author
"user-id" # Static user ID of author
"message": # The message (String)
"time": # The time (in millis of day) of the message
IMAGE MESSAGE
"type": "image"
Sent when someone sent an image.
Params
"username": # Username of the author
"user-id" # Static user ID of author
"image": # The image (Base64 encoding, JPG or PNG)
"time": # The time (in millis of day) of the message
LOGIN INFO MESSAGE
"type": "info-login"
Sent when someone logged into your room
Params
"username": # Username of the person that logged in
"user-id" # Static user id of this person
LOGOUT INFO MESSAGE
"type": "info-logout"
Sent when someone logged out of your room
Params
"username": # Username of the person that logged out
"user-id" # Static user id of this person
CHALLENGE-RESPONSE AUTHENTICATION
To achieve unique and unfakable ids, challenge-and-response authentication is used.
Step 1: The user creates an RSA private & public key.
Step 2: The user sends their public key to the server.
Step 3: The server generates a random string and encrypts it with the user's public key.
Step 4: To prove that the user owns the private key associated to their public key, the server sends that
string to the user to be decrypted using their private key.
Step 5: The user sends the decrypted string (which should be the original random string) back to the server.
Step 6: The server checks if the returned string matches with the original string. If yes, we are done.
For a code example, see src/test/java/me.glatteis.unichat.chat/UserIdentificationTest.java
To login with a private/public RSA key pair:
1. Send a message with type challenge:
{
"type": "challenge",
"user-id": <your public key modulus>
}
2. You will receive this message:
You will receive this message:
{
"type": "challenge"
"challenge": <challenge string> (base64)
}
Decode challenge to a byte array and decrypt it with your private key. Encode the result in base64 and send it with
the login message.