Skip to content

Instantly share code, notes, and snippets.

@ajsb85

ajsb85/ArmaditoAV-REST-API.postman_collection.json

Last active August 10, 2016 08:47
Show Gist options
  • Save ajsb85/66291d37c066e82d5ccd9cfb99798538 to your computer and use it in GitHub Desktop.
Save ajsb85/66291d37c066e82d5ccd9cfb99798538 to your computer and use it in GitHub Desktop.
Download ZIP
ArmaditoAV REST API v0.1 POSTMAN Collection v2
Raw
ArmaditoAV-REST-API.postman_collection.json
{
"variables": [],
"info": {
"name": "ArmaditoAV REST API",
"_postman_id": "df112ab6-1ff5-dbf4-81e9-e19e2822ffe8",
"description": "This POSTMAN collection documents the first version of the Armadito antivirus\nAPI that can be used by any client application to query antivirus status,\nlaunch a scan, get events....\n\n## User agent\n\nAll API paths require a 'User-Agent' HTTP header. If no 'User-Agent' is present,\na HTTP error `403` (request forbidden) will be returned.\n\nNo check is performed on the User-Agent string, so any non-empty string can\nbe used.\n\n## Session token\n\nAll API paths (except of course the '/api/register') require a session token\nthat is generated by Armadito API.\n\nThe session token must be passed in HTTP header 'X-Armadito-Token'.\n\nTo get a session token, you must first make a GET request to path '/api/register'.\nIf request is valid, it will return a JSON object containing a valid token:\n```json\n{\n \"token\": \"485994620463561099\"\n}\n```\n\nThe token is a string. In current version, this string contains only decimal\ndigits, but no assumption must be made about the content of the token string\nand content may change in future versions of the API.\n\nOnce you've finished using the API, it is recommended to clean the token\ntable using a request to '/api/unregister'.\n\n## Request data\n\nFor all requests that need data, these data must be sent as JSON objects in the\nbody of a POST request. The 'Content-Type' HTTP header must then be set to\n'application/json', otherwiser an HTTP error `415` 'unsupported media type' will\nbe returned.\n\n## Error objects\n\nAll responses that do not reply a HTTP `200` OK code will contain a JSON object\ndescribing the error, for instance:\n```json\n{\n \"code\": 415,\n \"message\": \"Unsupported Media Type. Content-Type must be application/json\"\n}\n```\n\n## Asynchronous requests\n\nMost of the API requests are asynchronous, which means that the true result of\nthe request will not be contained in the response, but must be queried after\nusing a request to the '/api/event' path.\n\nTypical workflow for an asynchronous request, for instance GET '/api/status'\n(to get the status of the antivirus), is the following:\n\n* ask for a session token using GET '/api/register'. This will return a JSON\nobject containing the token\n* do a GET '/api/status' passing the obtained session token in HTTP header\n'X-Armadito-Token'. This request will not return any data.\n* do a GET '/api/event' passing the obtained session token in HTTP header\n'X-Armadito-Token'. This request will block until an event is ready on the\nserver side. This event is returned as a JSON object in the body of the\nresponse.\n* do a GET '/api/unregister' passing the obtained session token in HTTP header\n'X-Armadito-Token'. This request will not return any data, but will close\nthe session. The session token will no longer be valid and must not be\nreused.\n",
"schema": "https://schema.getpostman.com/json/collection/v2.0.0/collection.json"
},
"item": [
{
"name": "event",
"description": "Folder for event",
"item": [
{
"name": "{{base_url}}/api/event",
"request": {
"url": "{{base_url}}/api/event",
"method": "GET",
"header": [
{
"key": "X-Armadito-Token",
"value": "{{X-Armadito-Token}}",
"description": ""
}
],
"body": {
"mode": "formdata",
"formdata": []
},
"description": "Poll server event.\n\nThis request will block until an event is ready on the server side.\nThis event is returned as a JSON object in the body of the response.\n\nThis request implements a COMET application model https://en.wikipedia.org/wiki/Comet_(programming)\n"
},
"response": []
}
]
},
{
"name": "ping",
"description": "Folder for ping",
"item": [
{
"name": "{{base_url}}/api/ping",
"request": {
"url": "{{base_url}}/api/ping",
"method": "GET",
"header": [
{
"key": "X-Armadito-Token",
"value": "{{X-Armadito-Token}}",
"description": ""
}
],
"body": {
"mode": "formdata",
"formdata": []
},
"description": "Ping the server.\n"
},
"response": []
}
]
},
{
"name": "register",
"description": "Folder for register",
"item": [
{
"name": "{{base_url}}/api/register",
"request": {
"url": "{{base_url}}/api/register",
"method": "GET",
"header": [],
"body": {
"mode": "formdata",
"formdata": []
},
"description": "Request a new session token.\n\nIf request is valid, the response will contain in body a JSON object that\ncontains the token:\n\n```json\n{\n \"token\": \"485994620463561099\"\n}\n```\n\nThis token must be stored by the application and sent in HTTP header for\nall requests that need a session token.\n"
},
"response": []
}
]
},
{
"name": "scan",
"description": "Folder for scan",
"item": [
{
"name": "{{base_url}}/api/scan",
"request": {
"url": "{{base_url}}/api/scan",
"method": "POST",
"header": [
{
"key": "X-Armadito-Token",
"value": "{{X-Armadito-Token}}",
"description": ""
}
],
"body": {
"mode": "raw",
"raw": "scan object containing the path to scan"
},
"description": "Launch a scan\n\nThe path to scan is passed as a JSON object in the body of the request.\n\nThe scan progress and results will be available by polling '/api/event' once the \n'/api/scan' request has completed. The events that will then be available are:\n* DetectionEvent\n* OnDemandProgressEvent\n* OnDemandCompletedEvent\n\nNote that this request DOES NOT wait for the end of the scan. As explained earlier,\nthis request is asynchronous.\n"
},
"response": []
}
]
},
{
"name": "status",
"description": "Folder for status",
"item": [
{
"name": "{{base_url}}/api/status",
"request": {
"url": "{{base_url}}/api/status",
"method": "GET",
"header": [
{
"key": "X-Armadito-Token",
"value": "{{X-Armadito-Token}}",
"description": ""
}
],
"body": {
"mode": "formdata",
"formdata": []
},
"description": "Get the antivirus status.\n\nThe antivirus status will be available by polling '/api/event' once the '/api/status' \nrequest has completed. The events that will then be available are:\n* StatusEvent\n\nNote that this request DOES NOT return the antivirus status as a JSON object. As \nexplained earlier, this request is asynchronous.\n"
},
"response": []
}
]
},
{
"name": "unregister",
"description": "Folder for unregister",
"item": [
{
"name": "{{base_url}}/api/unregister",
"request": {
"url": "{{base_url}}/api/unregister",
"method": "GET",
"header": [
{
"key": "X-Armadito-Token",
"value": "{{X-Armadito-Token}}",
"description": ""
}
],
"body": {
"mode": "formdata",
"formdata": []
},
"description": "Unregister a session token.\nThe token must have been obtained from a previous '/register' request.\nIf this request return a HTTP 200 OK response, the token will no longer\nbe valid and must not be reused.\n"
},
"response": []
}
]
}
]
}
@ajsb85
Copy link
Author

ajsb85 commented Aug 10, 2016
edited
Loading

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment