-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfosp.txt
1904 lines (1072 loc) · 61.8 KB
/
fosp.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Network Working Group F. Maurer
Internet-Draft September 2015
Expires: March 4, 2016
The Federated Object Sharing Protocol
fosp-00
Abstract
Federated Object Sharing Protocol (FOSP) is an application-level
protocol that allows sharing arbitrary data, setting access rights on
the shared data and receiving notifications on changes. It can be
used in a federated network, e.g. between multiple independent
providers. It was designed to be the most simple solution that
combines all these features.
Status of this Memo
This document is an Internet-Draft and is NOT offered in accordance
with Section 10 of RFC 2026, and the author does not provide the IETF
with any rights other than to publish as an Internet-Draft.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 4, 2016.
Maurer Expires March 4, 2016 [Page 1]
Internet-Draft FOSP September 2015
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1. Purpose . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.2. Conventions . . . . . . . . . . . . . . . . . . . . . . . 4
1.3. Requirements . . . . . . . . . . . . . . . . . . . . . . . 4
1.4. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5
2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.1. Users and providers . . . . . . . . . . . . . . . . . . . 6
2.2. Trees, Objects and Attachments . . . . . . . . . . . . . . 6
2.3. Network topology . . . . . . . . . . . . . . . . . . . . . 6
2.4. Messages . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.5. Bindings . . . . . . . . . . . . . . . . . . . . . . . . . 7
3. Data structure . . . . . . . . . . . . . . . . . . . . . . . . 8
3.1. Objects . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.2. Object attributes . . . . . . . . . . . . . . . . . . . . 10
3.3. Trees . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.4. Attachments . . . . . . . . . . . . . . . . . . . . . . . 12
3.5. Provisioned Objects . . . . . . . . . . . . . . . . . . . 12
4. Network Topology . . . . . . . . . . . . . . . . . . . . . . . 13
4.1. Client . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4.2. Server . . . . . . . . . . . . . . . . . . . . . . . . . . 13
5. Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.1. Types . . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.2. Request . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.2.1. Options . . . . . . . . . . . . . . . . . . . . . . . 16
5.2.2. Auth . . . . . . . . . . . . . . . . . . . . . . . . . 16
5.2.3. Get . . . . . . . . . . . . . . . . . . . . . . . . . 16
5.2.4. List . . . . . . . . . . . . . . . . . . . . . . . . . 16
5.2.5. Create . . . . . . . . . . . . . . . . . . . . . . . . 17
5.2.6. Patch . . . . . . . . . . . . . . . . . . . . . . . . 17
5.2.7. Delete . . . . . . . . . . . . . . . . . . . . . . . . 17
5.2.8. Read . . . . . . . . . . . . . . . . . . . . . . . . . 18
5.2.9. Write . . . . . . . . . . . . . . . . . . . . . . . . 18
5.3. Response . . . . . . . . . . . . . . . . . . . . . . . . . 18
5.4. Notification . . . . . . . . . . . . . . . . . . . . . . . 18
5.5. Status codes . . . . . . . . . . . . . . . . . . . . . . . 19
5.5.1. Informal 1xx . . . . . . . . . . . . . . . . . . . . . 19
5.5.2. Successful 2xx . . . . . . . . . . . . . . . . . . . . 19
5.5.3. Redirection 3xx . . . . . . . . . . . . . . . . . . . 19
5.5.4. Client error 4xx . . . . . . . . . . . . . . . . . . . 20
5.5.5. Server Error 5xx . . . . . . . . . . . . . . . . . . . 21
5.6. Forwarding . . . . . . . . . . . . . . . . . . . . . . . . 21
6. Bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
6.1. WebSocket binding . . . . . . . . . . . . . . . . . . . . 22
6.1.1. Connection Initiation . . . . . . . . . . . . . . . . 22
6.1.2. Format . . . . . . . . . . . . . . . . . . . . . . . . 22
6.1.3. Serialization . . . . . . . . . . . . . . . . . . . . 23
Maurer Expires March 4, 2016 [Page 2]
Internet-Draft FOSP September 2015
6.2. HTTPS binding . . . . . . . . . . . . . . . . . . . . . . 24
6.2.1. Mapping . . . . . . . . . . . . . . . . . . . . . . . 24
6.2.2. Session management . . . . . . . . . . . . . . . . . . 24
7. Authentication and Registration . . . . . . . . . . . . . . . 25
7.1. Anonymous . . . . . . . . . . . . . . . . . . . . . . . . 25
7.2. SASL . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
7.3. Server to server . . . . . . . . . . . . . . . . . . . . . 26
7.4. Registration . . . . . . . . . . . . . . . . . . . . . . . 26
8. Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
8.1. Access control . . . . . . . . . . . . . . . . . . . . . . 27
8.2. Groups . . . . . . . . . . . . . . . . . . . . . . . . . . 28
8.3. Subscriptions . . . . . . . . . . . . . . . . . . . . . . 28
8.4. Attachments . . . . . . . . . . . . . . . . . . . . . . . 29
8.5. Authentication . . . . . . . . . . . . . . . . . . . . . . 29
8.6. Message forwarding . . . . . . . . . . . . . . . . . . . . 30
9. Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . 31
9.1. DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
9.2. Well known . . . . . . . . . . . . . . . . . . . . . . . . 31
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 34
Maurer Expires March 4, 2016 [Page 3]
Internet-Draft FOSP September 2015
1. Introduction
1.1. Purpose
The Federated Object Storage Protocol (FOSP) is an application-level
protocol for exchanging structured and unstructured data generated by
users of different providers. It is designed to fulfill the needs of
online social networks by combining necessary features into one
simple protocol.
FOSP aims to provide three core features:
1. Store data online and support standard operations on it.
2. Enforce access control on the data, for users from different
hosts, without central authentication.
3. Notify users when data is added, removed or has changed.
All these features must be available in a federated network.
Furthermore, some non-functional requirements are imposed. The
protocol needs to be data agnostic and should support structured,
unstructured and meta-data. It also must be as simple as possible,
e.g. it must be easy to implement and it should be possible to write
easy to deploy applications for it.
1.2. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
This document also makes use of the augmented Backus-Naur Form
([RFC5234]) to formally describe the syntax of messages.
1.3. Requirements
FOSP builds on existing protocols and data formats. The transport
protocol for FOSP messages currently is the WebSocket protocol as
defined in [RFC6455] and a HTTP ([RFC7230]) binding is in the works.
Other options may be added in the future. Objects are serialized
into the JavaScript Object Notation (JSON) according to [RFC7159].
Besides these technical dependencies, FOSP is inspired by WebDAV
([RFC4918]) and XMPP ([RFC6120]) and has similarities to LDAP
([RFC4370]).
Maurer Expires March 4, 2016 [Page 4]
Internet-Draft FOSP September 2015
1.4. Terminology
This document uses a number of terminologies to refer to concepts
found in FOSP.
provider An entity that provides storage space on the Internet for
the data of users. It is identified by a fully qualified domain
name.
server A FOSP server stores the data of users of a certain provider.
The term server applies to the the software that processes request
as well as to the machine that runs the software. For fault
tolerance and load balancing purposes, a provider might deploy
multiple servers.
client A FOSP client is a program a user uses to communicate with a
FOSP server. It facilitates accessing the data of the user that
is stored on the server.
message A message is the basic unit of communication in FOSP.
Messages come in three different flavors.
request A request is a message sent from a client to a server. It
is used to retrieve or alter data.
response A response is a message sent from a server to a client. It
is always sent as an answer to a request and contains the status
of the request and possibly data.
notification A notification is a message that is sent by servers
when changes happen to an object.
object An object is the basic unit of data in FOSP. It consists of
structured data expressed in JSON.
attachment An attachment is a binary or text file that is associated
with an object. Each object can only have one attachment.
tree The objects of a users form a tree structure. Each object has
exactly one parent object, except for the root object. There
exists exactly one tree per user.
Maurer Expires March 4, 2016 [Page 5]
Internet-Draft FOSP September 2015
2. Overview
This section provides a short overview. It is intended to
familiarize with the concepts of FOSP. It does not contain
information that is not covered in the rest of the document except
for the information about users and providers and can be skipped.
2.1. Users and providers
FOSP concerns itself with data created by users. Users store their
content on the servers of providers and can share it by setting the
appropriate access rights for other users. Each user is registered
with one provider. The user has an unique name at the provider that
together with the domain name of the provider forms his or her
identifier, similar to an Email address. However users can still
share their content with friends that are registered with different
providers.
Providers are companies or individuals that provide storage to users.
A provider is identified by a fully qualified domain name. Similar
to Email and XMPP, everybody can be a provider by simply hosting his
or her own FOSP server. The servers of different providers
communicate to allow users of different providers to share data.
2.2. Trees, Objects and Attachments
The basic data units that can be stored on the server have a well
defined structure and we call them objects. We chose this name
because they are objects in the sense of the JSON specification.
Other familiar terms for a JSON object might be dictionary, hash map
of associative array. They consist of key-value pairs where each key
is a string and each value is one of the values allowed by JSON.
Most of the key-value pairs have a special meaning, for example there
is a key-value pair that stores the access control list.
All objects are part of a tree. For each user, one such tree exists
and the root object of the tree is named like the user. Each object
can thus be uniquely identified by its path, e.g.
[email protected]/social/me.
To store data that can not be expressed in JSON, each object can have
an attachment. The attachment has the same resource name as the
object but is modified using special requests.
2.3. Network topology
FOSP follows the client-server paradigm. The network topology is
similar to the SMTP or XMPP network. A provider operates one or more
Maurer Expires March 4, 2016 [Page 6]
Internet-Draft FOSP September 2015
server that handle the domain of the provider. A user can use a
client to connect to a server of a provider where he or she is
registered and request data.
The server can connect to a server of a different provider to forward
request it can not process itself. This is the case when the request
concerns an object that is not stored by this server because it
belongs to a user of a different provider.
2.4. Messages
The communication between FOSP clients and servers is segmented into
messages. There a three different kind of messages: requests,
responses and notifications.
To create, alter or delete objects and attachments, a client sends a
request to the server. When the request is processed, the server
sends a response. If the request concerns an object that the server
does not store, it may be forwarded to a server that does store it.
As users and clients might be interested in changes to objects and
attachments, they can subscribe to events on objects. When a server
makes changes to objects or attachments, it can send notifications to
clients that inform about events that happened.
2.5. Bindings
The messages are transported using existing protocols. A definition
of how FOSP messages are transported through an existing protocol is
called binding.
The currently defined binding is the WebSocket binding. An HTTP
binding, which will not support all FOSP features, is also being
worked on.
Maurer Expires March 4, 2016 [Page 7]
Internet-Draft FOSP September 2015
3. Data structure
FOSP allows users to store structured data in objects and everything
else in attachments, which each belong to an object. The objects are
all part of a tree and each user owns one such tree.
3.1. Objects
We refer to the basic unit of data, that can be manipulated in the
FOSP network, as an object. An object consists of key-value pairs.
The constraints for keys and values are the ones described by the
JSON specification. Each object has by default specific key value
pairs that have a special meaning, for example, the key "owner"
contains the identifier of the user who created the object. When
transferring objects in messages, the object is serialized according
to the JSON specification. In the rest of the document we will refer
to a key-value pair of an object either as an attribute or a field of
an object.
Maurer Expires March 4, 2016 [Page 8]
Internet-Draft FOSP September 2015
{
"created": "2007-03-01T13:00:00Z",
"updated": "2008-05-11T15:30:00Z",
"owner": "[email protected]",
"acl": {
"owner": {
"data": [ "read", "write" ],
"acl": [ "read", "write" ],
"subscriptions": [ "read", "write" ],
"children": [ "read", "write", "delete" ]
},
"users": {
"[email protected]": {
"data": [ "read", "not-write" ],
"acl": [ "read", "not-write" ],
"subscriptions": [ "read", "not-write" ]
}
}
},
"subscriptions": {
"users": {
"[email protected]": {
"events": [ "created", "updated" ],
"depth": 1
}
}
},
"attachment": {
"name": "hatter.jpg",
"type": "image/jpeg",
"size": 140385
},
"type": "text/plain",
"data": "Just plain text"
}
Figure 1
Each object is part of a tree of objects that belong to a user.
Therefore, each object can be addressed by an internationalized
resource identifier (IRI [RFC3987]). The syntax for an object
borrows from the IRI definition and is as follows.
resource-id = 1*iunreserved "@" ihost ipath-absolute
Maurer Expires March 4, 2016 [Page 9]
Internet-Draft FOSP September 2015
3.2. Object attributes
Most attributes of an object have a well defined meaning. The
servers have to ensure that the content of these attributes adheres
to the specification and that users do not make changes that are not
allowed. Figure 1 shows an example of an objects with all the fields
described here. Currently we define the following attributes and
their values:
The "owner" field is set by the server on creation of the object
and contains the identifier of the user who created the object as
a string. It determines the ownership of this object and is used
when enforcing access rights. The user MUST NOT be able to set
the field to a different value.
The "created" (birth time) field is set by the server to the date
of creation of the object. It is stored as a string, formatted
according to the ISO 8601 standard and must always be in the UTC
time zone. The user MUST NOT be able to set the field to a
different value.
Similar the "updated" (modify time) is set to the current date
each time the object is altered and is not to be set by the users
directly. It is stored just like "created". In the future it
might be used to allow client side caching similar to ETags in
HTTP. The user MUST NOT be able to set the field to a different
value.
The "data" field is where the user should store the payload and
may contain any valid value. The "type" field should contain a
string that describes the content type of the "data" field,
similar to MIME types. These two fields are the only fields where
the user can store arbitrary data. The server MUST allow the user
to store any data in these fields.
Furthermore, there are the three fields "acl", "subscriptions" and
"attachment" that contain more complex objects.
The "acl" field stores information about access rights in form of an
object. It is read by the server to enforce access control.
The acl object can have the following fields: "owner", "users",
"groups", "other"
The value of the "owner" and "other" field is a set of rights
A set of rights is an object where each key identifies a certain
scope the right applies to, and the value is a string array of
Maurer Expires March 4, 2016 [Page 10]
Internet-Draft FOSP September 2015
permissions. For example, the key "acl" means that the
permissions apply to the acl field of the object. Currently
allowed values for the key are "acl", "data", "subscriptions",
"children". The permissions can be "read", "write" and "delete".
They can also be prefixed with "not-" to revoke a right, which is
necessary because rights are inherited. This will be further
explained in Section 8.1.
The value of the "users" and "groups" field is an object. In
these objects, each key identifies a user or a group and the
related value is a set of rights.
The "subscriptions" field stores information about subscriptions. It
is read by the server to determine which users have to be notified on
changes to an object.
It contains an object and each key is the identifier of a user.
The value is an object with the fields: "events" and "depth"
The value of "events" is an array of strings which identify an
event, the value of "depth" is an integer between -1 and infinity
How this field is evaluated by the server is explained
in Section 8.3.
The "attachment" field is only present if this object has an
attachment. It contains an object with three fields.
The "name" field contains a string with the file name.
The "size" field contains the number of bytes of the attached
file. The value of this field MUST be set by the server whenever
a WRITE request changes the size of the file. The value of this
field MUST NOT be set by a user.
The "type" field contains a string with the mime-type of the
attached file.
3.3. Trees
In FOSP, all objects are part of a tree of objects. Therefore, all
objects have a parent object, except for the root object of a tree.
Consequently, all objects can have child objects. For each user
there exists one tree of objects and the root node of this tree is
named like the identifier of the user. The tree of the user is
stored on the servers that are responsible for the domain of the
provider where the user is registered.
Maurer Expires March 4, 2016 [Page 11]
Internet-Draft FOSP September 2015
+--------------------+
+---+------------+---+
| |
| |
+---+--+ +--+---+
|config| |social|
+------+ +----+-+
|
|
++-+
+----------> |me|
| +--+
+
[email protected]/social/me
Figure 2
3.4. Attachments
As files, like pictures and documents, are also shared via social
networks, FOSP supports saving binary files. For each object, one
file can be stored as an attachment. This way, files can be
addressed with the same schema and the objects they are attached to
can provide the meta-data. If an object has a belonging file, it is
extended by a new attribute named "attachment". In this attribute,
the "size", file "name", and MIME "type" of the file is stored. The
attached file is read and written using special requests.
3.5. Provisioned Objects
Some objects in the tree of a user will be used by the server to
obtain configuration options. For example
[email protected]/config/groups will contain the mappings from
users to groups that are valid for the tree [email protected].
These objects will be created by the server when the user first
registers with it.
Maurer Expires March 4, 2016 [Page 12]
Internet-Draft FOSP September 2015
4. Network Topology
In the FOSP network, agents are either clients or servers.
4.1. Client
A user connects, using a client, to the server of their provider. We
refer to this server as the home server of the user. To manipulate
or access data, the user uses the client to send requests.
A client can be any programm that understands the FOSP protocol.
4.2. Server
A server is a software running on a machine on the internet, that
processes requests of clients. Each server belongs to one provider
that is identified by a domain name. For load balancing purposes,
more than one server per domain/provider might be used. To keep the
examples simple, we nevertheless assume that there is one server per
provider.
A request can act upon a resource. If the resource is not managed by
the server the user is connected to, the server will relay the
request to the responsible server. Hence, FOSP servers may open
connections to other FOSP servers.
Maurer Expires March 4, 2016 [Page 13]
Internet-Draft FOSP September 2015
+--------------+ +--------------+
|alice@ | |queen@ |
|wonderland.lit| |wonderland.lit|
+------------+-+ +-+------------+
| |
| |
| |
+--v--------v--+
|wonderland.lit|
| |
+---+------^---+
| |
| |
+---v------+---+
|realworld.lit |
| |
+--^-----------+
|
|
+-----------+--+
| sister@ |
| realworld.lit|
+--------------+
Figure 3
Maurer Expires March 4, 2016 [Page 14]
Internet-Draft FOSP September 2015
5. Messages
Messages are the basic unit of communication in the FOSP network.
There are three different types of messages which serve different
purposes. How a message is serialized depends on the protocol that
is used to transport the message.
5.1. Types
Each message has a specific type, which determines the kind of
purpose this message serves. The type is implicitly given in the way
that the content of the message determines it's type. For now there
are only three types of messages needed to support all functionality.
The types are requests, responses and notifications. Should there be
the need for additional types of messages, a new one can be added in
later versions of the protocol.
All messages can have headers and a body, similar to HTTP messages
and are distinguished by their main attributes. Requests and
notifications usually act on, or are emitted from an object or an
attachemnt. The identifier of the object or attachemnt is then part
of the request. If a request does not act upon an object, the
identifier is replaced with an asterisk.
5.2. Request
Requests are sent from clients to servers to authenticate or
manipulate objects. A request consists of ...
a request type
optionally an identifier of a resource that it manipulates
The content of the body depends on the type of request. For example,
the body of a GET or DELETE request is empty and the body of a CREATE
request contains the new object. In general the body is a JSON
object, except for the WRITE request that has the byte representation
of the file as the body.
The server MUST always responde to a request with a response message.
Depending on the request, the server must check access rights and
whether a certain object exits, bevor the request can be processed.
If the user does not have sufficent rights or an required object does
not exist (e.g. a parent object when creating a child), a failure
response MUST be sent. When the request is successfully processed, a
success response MUST be sent. Depending on the request, it may
contain information in its body, like the object that was requested,
or an attachment that was read.
Maurer Expires March 4, 2016 [Page 15]
Internet-Draft FOSP September 2015
The request types are described in the following sections.
5.2.1. Options
The OPTIONS request is used to discover the capabilities of the
server. Currently, the only use is to detect supported SASL
mechanisms. When detecting capabilities of the whole server, the
request URL is replaced by "*".
The server MUST return a 200 response and a body that contains
information about it's capabilities. The returned object MUST
contain a field named "sasl" which in turn contains an object with a
field named "mechanisms". This field contains an array of all
supported SASL mechanisms.
In the future, the OPTIONS request might be used to discover allowed
operations on resources.
5.2.2. Auth
The AUTH request is used to authenticate the client. The
authentication uses the SASL framework. How SASL messages are
transported is defined in Section 7.2. Multiple requests might be
needed to successfully authenticate, depending on the mechanism.
The server verifies that the authentication is successfull and sents
a success response or a failed response otherwise. All future
request are made in the name of this authenticated user. How the
state is kept depends on the transport protocol used. It can for
example either be a tied to network connection, or be a cookie
supplied in each request.
5.2.3. Get
The GET request is used to retrieve an object. The resource
identifier in the request denotes the object that should be returned.
The server MUST ignore any content in the body of the request.
If the request was successfull, the object is returned in the body of
the response.. Even on success, not the whole object might be
returned as the user might have the right to read some attributes but
not others.
5.2.4. List
The LIST request is used to discover all child objects of a certain
object. The resource identifier specifies the object of which the
children should be returned.
Maurer Expires March 4, 2016 [Page 16]
Internet-Draft FOSP September 2015
If successfull, the response contains an array of names of the child
objects.
5.2.5. Create
The CREATE request is used to store new objects on the server. The
resource identifier is the desired location for the new object. The
body containes the object to store.
On success, an empty success response is returned and the object is
stored at the given location.
5.2.6. Patch
The PATCH request is used to update an already existing object on the
server. The resource identifier specifies the object that should be
updated. The body containes an object with the differences that
should be applied to the object. The semantics of the patch object
and the algorithm to apply it are the ones defined in [RFC7396].
The differences are merged into the object as follows. If the
original object does not have an attribute the differences object
has, the attribute is copied to the object. If the original object
already has an attribute the differences object has and the new value
is "null", the attribute is deleted from the object. If the original
object already has an attribute the differences object has and the
value is not "null", the attribute is replaced with the new attribute
except when the value of the old and the new attribute are both an
object. In this case the merging is done on the attribute recursivly
as it is on the whole object.
On success, the updated object is returned.
5.2.7. Delete
The DELETE request is used to remove an object from a tree. The
resource identifier specifies the object that should be removed.
If the object that should be deleted has children, the DELETE request
MUST fail and a 409 response MUST be returned. In the future, a
header might be supported to enable recursive deleting of objects.
If successfull, a succeeded message is returned and the object is
permanently removed.
Maurer Expires March 4, 2016 [Page 17]
Internet-Draft FOSP September 2015
5.2.8. Read
The READ request is used to read the attachment. The resource
identifier specifies the object of which the attachment should be
read.
The success response body contains the raw bytes of the attachment.
5.2.9. Write
The WRITE request is used to write to the attachment. The resource
identifier specifies the object of which the attachment should be
written. The body contains the raw bytes of the attachment.
The success response is empty.
5.3. Response
Responses are sent from servers to clients when a request has been
processed. A response has ...
a type, either "SUCCEEDED" or "FAILED".
a status code, an integer greater zero.
The body of a response depends on the request that is answered. For
a CREATE or DELETE request it would be empty, for a GET request it
would be the object that was requested. In case of a READ request it
would contain the raw bytes of the attachment.
The status code is explained in Section 5.5.
An FAILED response SHOULD contain an object describing the error that
occured. The object should contain a "message" attribute with a
string value that explains the error.
5.4. Notification
Notifications are sent from servers to clients when objects change
and the client has subscribed to those changes. A notification
consists of ...
an event which is one of "CREATED", "UPDATED" or "DELETED".
a resource identifier.