commit e81893d4d2b0de9482b6a45f441d89ee6081d96d
parent 19e76920174261c025a03d89151d283f24a12689
Author: Joel-Haeberli <haebu@rubigen.ch>
Date: Thu, 6 Jun 2024 10:32:08 +0200
docs: REST
Diffstat:
3 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/docs/content/implementation/a-providers.tex b/docs/content/implementation/a-providers.tex
@@ -33,7 +33,7 @@ The provider client interface defines following functions:
\subsubsection{Wallee Client}
-The Wallee client is the first implementation of the provider client interface and allows the confirmation of transactions using the Wallee backend system. The backend of Wallee provides a ReST-API to their customers, which allows them to request information about payments, refunds and so on. To access the API, the consumer must authenticate themself to Wallee by using their own authentication token as explained in \autoref{sec-security-auth-wallee}.
+The Wallee client is the first implementation of the provider client interface and allows the confirmation of transactions using the Wallee backend system. The backend of Wallee provides a REST-API to their customers, which allows them to request information about payments, refunds and so on. To access the API, the consumer must authenticate themself to Wallee by using their own authentication token as explained in \autoref{sec-security-auth-wallee}.
As indicated by the provider client interface, two services of the Wallee backend are leveraged:
diff --git a/docs/content/implementation/d-security.tex b/docs/content/implementation/d-security.tex
@@ -53,7 +53,7 @@ The database user executing a database query must have enough rights to execute
\end{tabularx}
\end{table}
-\subsection{Authenticating At The Wallee ReST API}
+\subsection{Authenticating At The Wallee REST API}
\label{sec-security-auth-wallee}
The Wallee API specifies four Wallee specific headers which are used to authenticate against the API. It defines its own authentication standard and flow. The flow builds on a message authentication code (MAC) which is built on a version, user identifier, and a timestamp. For the creation of the MAC the hash based message authentication code (HMAC) SHA-512 is leveraged which takes \textit{application-user-key} (which is just an access-token the user receives when creating a new API user in the management backend of Wallee) as key and the above mentioned properties plus information about the requested HTTP method and the exactly requested path (including request parameters) as message \cite{wallee-api-authentication}. The format of the message is specified like:
diff --git a/docs/thesis.pdf b/docs/thesis.pdf
Binary files differ.
