api-mailbox.rst (11756B)
1 .. 2 This file is part of GNU TALER. 3 Copyright (C) 2022 Taler Systems SA 4 5 TALER is free software; you can redistribute it and/or modify it under the 6 terms of the GNU Affero General Public License as published by the Free Software 7 Foundation; either version 2.1, or (at your option) any later version. 8 9 TALER is distributed in the hope that it will be useful, but WITHOUT ANY 10 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 11 A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. 12 13 You should have received a copy of the GNU Affero General Public License along with 14 TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> 15 16 @author Christian Grothoff 17 18 .. _api-mailbox: 19 20 =================== 21 Mailbox RESTful API 22 =================== 23 24 This is the API documentation for the GNU Taler Mailbox service which allows Taler 25 wallets to securely send push and pull payment requests to other wallets 26 without having to interact with the respective messaging service. 27 28 Clients (wallets) are expected to generate mailbox keys that uniquely identify 29 a mailbox as well as encryption keys that can be used to encrypt messages for 30 the mailbox (e.g. `HPKE <https://www.rfc-editor.org/rfc/rfc9180.html>`_. 31 Mailboxes must be registered along with their public key information. 32 Registration may incur costs depending on the mailbox service provider used. 33 34 The API specified here follows the :ref:`general conventions <http-common>` 35 for all details not specified in the individual requests. 36 The `glossary <https://docs.taler.net/taler-developer-manual.html#developer-glossary>`_ 37 defines all specific terms used in this section. 38 39 .. contents:: Table of Contents 40 :local: 41 42 .. include:: tos.rst 43 44 ------------------------- 45 Configuration information 46 ------------------------- 47 48 .. http:get:: /config 49 50 Return the protocol version and currency supported by this service. 51 52 **Response:** 53 54 :http:statuscode:`200 OK`: 55 The body is a `VersionResponse`. 56 57 **Details:** 58 59 .. ts:def:: VersionResponse 60 61 interface VersionResponse { 62 // libtool-style representation of the Merchant protocol version, see 63 // https://www.gnu.org/software/libtool/manual/html_node/Versioning.html#Versioning 64 // The format is "current:revision:age". 65 version: string; 66 67 // Name of the protocol. 68 name: "taler-mailbox"; 69 70 // Fee per message. 71 message_fee: Amount; 72 73 // Fixed size of message body. 74 message_body_bytes: Integer; 75 76 // Maximum number of messages in a 77 // single response. 78 message_response_limit: Integer; 79 80 // How long will the service store a message 81 // before giving up on delivery? 82 delivery_period: RelativeTime; 83 84 // How much is the cost of a single 85 // registration (update) of a mailbox 86 // May be 0 for a free update/registration. 87 registration_update_fee: Amount 88 89 // How much is the cost of a single 90 // registration period (30 days) of a mailbox 91 // May be 0 for a free registration. 92 monthly_fee: Amount 93 94 // How much is the cost to send a single 95 // message to a mailbox. 96 // May be 0 for free message sending. 97 message_fee: Amount 98 99 // How many messages can be send and 100 // are stored by the service for free. 101 // After the quota is reached, the 102 // regular message_fee applies. 103 // May be 0 for no free quota. 104 free_message_quota: Integer 105 106 } 107 108 --------------------------------- 109 Mailbox registration and metadata 110 --------------------------------- 111 112 .. http:get:: /info/$H_MAILBOX 113 114 Endpoint that returns mailbox metadata including signing and encryption keys for ``$H_MAILBOX``. 115 116 **Response** 117 118 :http:statuscode:`200 Ok`: 119 Info is returned in a `MailboxMetadata` response, 120 :http:statuscode:`404 Not Found`: 121 This mailbox is not registered. 122 :http:statuscode:`429 Too Many Requests`: 123 The system is currently experiencing a too high request 124 load and is unable to accept the message for delivery. 125 The response format is given by `MailboxRateLimitedResponse`_. 126 127 128 **Details:** 129 130 .. _MailboxMetadata: 131 .. ts:def:: MailboxMetadata 132 133 interface MailboxMetadata { 134 135 // The mailbox signing key. 136 // Note that ``$H_MAILBOX == H(signing_key)``. 137 // Note also how this key cannot be updated 138 // as it identifies the mailbox. 139 // Base32 crockford-encoded. 140 signing_key: string; 141 142 // Type of key. 143 // Currently only 144 // EdDSA keys are supported. 145 signing_key_type: "EdDSA"; 146 147 // The mailbox encryption key. 148 // This is a HPKE public key 149 // Currently, only the X25519 format 150 // for use in a X25519-DHKEM (RFC 9180) 151 // is supported. 152 // Base32 crockford-encoded. 153 encryption_key: string; 154 155 // Type of key. 156 // Currently only 157 // X25519 keys are supported. 158 encryption_key_type: "X25519"; 159 160 // Expiration of this mailbox. 161 // Unix epoch (seconds) 162 expiration: Timestamp; 163 164 } 165 166 167 .. http:post:: /register 168 169 Requests the registration or update of a mailbox. 170 May be used to update encryption keys. 171 May incur cost. 172 The mailbox identity is given through the keys field 173 in the ``MailboxMetadata`` field. 174 175 **Request** 176 177 The body of the request must be a ``MailboxRegistrationRequest``. 178 179 **Details:** 180 181 .. _MailboxRegistrationRequest: 182 .. ts:def:: MailboxRegistrationRequest 183 184 interface MailboxRegistrationRequest { 185 186 // Keys to add/update for the mailbox. 187 mailbox_metadata: MailboxMetadata; 188 189 // Signature by the mailbox's signing key affirming 190 // the update of keys, of purpose 191 // ``TALER_SIGNATURE_MAILBOX_REGISTER``. 192 // The signature is created over the SHA-512 hash 193 // of (encryptionKeyType||encryptionKey||expiration) 194 // Base32 crockford-encoded. 195 // The signature system is defined through the 196 // signing_key_type in the keys field. 197 signature: string; 198 199 } 200 201 **Response** 202 203 :http:statuscode:`204 No Content`: 204 Update/creation complete. 205 :http:statuscode:`403 Forbidden`: 206 The ``signature`` is invalid. 207 This response comes with a standard `ErrorDetail` response. 208 :http:statuscode:`402 Payment Required` 209 Client needs to make a Taler payment before proceeding. See 210 standard Taler payment procedure. 211 212 ---------------- 213 Sending messages 214 ---------------- 215 216 .. http:post:: /$H_MAILBOX 217 218 Puts a message into ``$H_MAILBOX``. 219 ``$H_MAILBOX`` is the SHA512 of an EdDSA public key. 220 221 **Request** 222 223 The content of the request must be the message with a size of 224 exactly message_body_bytes (see `VersionResponse`). 225 226 **Response** 227 228 :http:statuscode:`204 No Content` 229 Message was stored and will be delivered. 230 :http:statuscode:`403 Forbidden` 231 The specified order ID in the ``Mailbox-Order-Id`` header does not 232 permit sending of this message. Possible reasons include the order 233 being for a different message, unpaid or 234 malformed. 235 This response comes with a standard `ErrorDetail` response. 236 :http:statuscode:`429 Too Many Requests`: 237 The system is currently experiencing a too high request 238 load and is unable to accept the message for delivery. 239 The response format is given by `MailboxRateLimitedResponse`_. 240 :http:statuscode:`402 Payment Required` 241 Client needs to make a Taler payment before proceeding. See 242 standard Taler payment procedure. 243 244 245 **Details:** 246 247 .. _MailboxRateLimitedResponse: 248 .. ts:def:: MailboxRateLimitedResponse 249 250 interface MailboxRateLimitedResponse { 251 252 // Taler error code, TALER_EC_MAILBOX_DELIVERY_RATE_LIMITED. 253 code: Integer; 254 255 // When the client should retry. 256 retry_delay: RelativeTime; 257 258 // The human readable error message. 259 hint: string; 260 261 } 262 263 ------------------ 264 Receiving messages 265 ------------------ 266 267 .. http:get:: /$H_MAILBOX 268 269 Endpoint that returns unread messages in ``$H_MAILBOX``. 270 The number of messages returned by the service can be limited. 271 If the request is simply repeated, the same messages will be 272 returned again (or possibly more if additional messages arrived 273 and the total number is below the service's current internal limit). 274 To receive additional messages, the client generally has to first 275 explicitly delete already downloaded messages from the mailbox. 276 If messages are returned, the ``ETag`` header will be set 277 containing the ID of the first message 278 for use in any potential delete requests that require the message ID. 279 280 **Request:** 281 282 :query timeout_ms=NUMBER: *Optional.* If specified, 283 the Mailbox service will wait up to ``NUMBER`` 284 milliseconds for the arrival of new messages 285 before sending the HTTP response. Note that if the 286 mailbox is non-empty, the service will always return 287 immediately with the messages in the mailbox, and not 288 wait for additional messages to arrive. 289 290 **Response** 291 292 :http:statuscode:`200 Ok`: 293 Messages are returned in binary format, 256 bytes per message, 294 starting with the ephemeral key and followed by 295 the encrypted body. Messages are not encapsulated in JSON! 296 :http:statuscode:`204 No Content`: 297 The mailbox is empty. 298 :http:statuscode:`429 Too Many Requests`: 299 The system is currently experiencing a too high request 300 load and is unable to accept the message for delivery. 301 The response format is given by `MailboxRateLimitedResponse`_. 302 303 .. http:delete:: /$ADDRESS 304 305 Requests the deletion of already received messages from the 306 mailbox. Here, ``$ADDRESS`` must be the EdDSA public key 307 of the mailbox (not the hash!). 308 The ``ETag`` header returned by a GET request for messages 309 returns the ID for the first message received. 310 This allows the caller to select a range of messages starting 311 from the first message received in the last GET call 312 to delete. 313 314 **Request** 315 316 The header ``Match-If`` must be set to the ID of the first message 317 to delete. 318 The ``ETag`` value is retrieved when receiving messages via a GET 319 request. 320 For example, a ``Match-If`` header value of 2 and a count field of 321 5 will delete messages from ID 2 to N such that up to 5 messages are 322 deleted. 323 The ``Taler-Mailbox-Delete-Signature`` header must be set with a 324 Base32-Crockfor encoded signature over four 32 bit values in 325 network byte order: ``NBO(16)||NBO(TALER_SIGNATURE_MAILBOX_DELETE_MESSAGES)||NBO(Etag)||NBO(count)`` 326 where ``TALER_SIGNATURE_MAILBOX_DELETE_MESSAGES`` is a signature purpose value registered in 327 GANA. 328 329 :query count=NUMBER: *Optional.* If specified, 330 the Mailbox service will delete up to ``NUMBER`` 331 of new messages starting from the ID provided 332 in ``Match-If``. 333 If the parameter is not provided, only a single 334 message will be deleted. 335 336 337 **Details:** 338 339 .. _MessageDeletionRequest: 340 .. ts:def:: MessageDeletionRequest 341 342 interface MessageDeletionRequest { 343 344 // Number of messages to delete. (Starting from the beginning 345 // of the latest GET response). 346 count: Integer; 347 348 // Signature by the mailbox's private key affirming 349 // the deletion of the messages, of purpuse 350 // ``TALER_SIGNATURE_MAILBOX_DELETE_MESSAGES``. 351 signature: string; 352 353 } 354 355 **Response** 356 357 :http:statuscode:`204 No Content`: 358 Deletion complete. 359 :http:statuscode:`403 Forbidden`: 360 The ``signature`` is invalid. 361 This response comes with a standard `ErrorDetail` response. 362 :http:statuscode:`404 Not found`: 363 The checksum does not match the messages currently at the 364 head of the mailbox, or ``count`` is larger 365 than the number of messages currently in the mailbox. 366 This response comes with a standard `ErrorDetail` response. 367 368