This service does the following process:
validates the BrowserID assertion provided on the Authorization header
allocates when necessary a node to the user for the required service
checks generation numbers and x-client-state header
returns a JSON mapping containing the following values:
- id – a signed authorization token, containing the user’s id for hthe application and the node.
- secret – a secret derived from the shared secret
- uid – the user id for this servic
- api_endpoint – the root URL for the user for the service.
Checks that the given application is one of the compatible ones.
If it’s not the case, a 404 is issued with the appropriate information.Checks for and validates the X-Client-State header.Validate that the assertion given in the request is correct.
If not, add errors in the response so that the client can know what happened.Checks that the given service do have an associated pattern in the db or in the configuration file.
If not, raises a 503 error.
Response: json