layout | navigation_weight | permalink | title | show_in_nav |
---|---|---|---|---|
default |
4 |
/project2/ |
Project 2 |
true |
In this project you will write ruby code to provide a semi-trivial HTTP API. Your code will be deployed using a single AWS Lambda function.
-
Student has leveraged JWTs to provide authorization protection to HTTP endpoints.
-
Student has utilized HTTP request methods, resources, headers, and bodies to differentiate between distinct HTTP requests.
-
Student has implemented two endpoints to an HTTP API.
-
Student can deploy code to AWS Lambda.
-
Student has compared the performance of a static site to that of a dynamic site.
https://www.youtube.com/watch?v=Z1qmUASw58E
{% if site.project2_submission %}
<{{site.project2_submission}}>
{% else %}
- Submission link will be posted at start of quarter {% endif %}
This protected endpoint is used to simply reflect the content contained within
the data
field of a valid JWT. It is a demonstration of how authorization can
be enforced on an endpoint.
-
Requires a valid token from
POST /auth/token
passed via the HTTP HeaderAuthorization
whose value isBearer <TOKEN>
. -
On success, returns a json document containing the contents of the
data
field from the provided token and responds with the status code200
. -
Responds
401
if either the token is not yet valid, or if it is expired. -
Responds
403
if a properAuthorization: Bearer <TOKEN>
header is not provided.
This endpoint is used to obtain the JWT necessary to request /
. Normally such
an endpoint would be used to authenticate a user (e.g., verify a username and
password) before returning an authorization token. For simplicity we're skiping
the authentication step and will always return a token for a valid request.
-
On success, returns a json document of the format
{"token": <GENERATED_JWT>}
with status code201
where<GENERATED_JWT>
:-
uses a
HS256
signature (the symmetric key to use is in the environment variableJWT_SECRET
) -
contains exactly three fields
-
data
which includes the request body from the HTTP requst -
exp
which is set to 5 seconds after the generation time -
nbf
which is set to 2 seconds after the generation time
-
-
-
Responds
415
if the request content type is notapplication/json
. -
Responds
422
if the body of the request is not actually json.
-
All HTTP responses should have the content type
application/json
. You shouldn't need to do anything to satisfy this requirement. -
Requests to any other resources must respond with status code
404
. -
Requests to
/
or/auth/token
which do not use the appropriate HTTP method must respond with status code405
.
The CS291 SSH jump box provides all the necessary configuration to deploy this
project to AWS. Using the *.pem
file you were shared on Google Drive, ssh
into the jump box via:
ssh -i <ACCOUNT_NAME>.pem <ACCOUNT_NAME>@ec2.cs291.com
Please note that if you have an underscore _
in your UCSBNetId, then you'll
need to replace that with a hyphen -
. For example, if your UCSBNetId is
some_student
, you should have the file some-student.pem
, and you will run
the command:
ssh -i some-student.pem [email protected]
Once on the box you can clone the template repository:
git clone https://github.com/scalableinternetservices/cs291a_project1_template.git
Then, run the file directly to ensure the example code works:
cd cs291a_project1_template
ruby function.rb
Deploy the function:
./deploy.py <ACCOUNT_NAME>
Note: Please do not do any load testing from this machine.
https://github.com/scalableinternetservices/cs291a_project1_template
Please use the following script to verify your web application: https://github.com/scalableinternetservices/ucsb_website/tree/main/scripts#project-1-verification-script
-
On average, how many successful requests can
ab
complete to/auth/token
in 8 seconds with various power-of-two concurrency levels between 1 and 256? -
Using data you've collected, describe how this service's performance compares to that of your static page from Project 0 (remeasure those results if necessary).
-
What do you suspect accounts for the difference in performance between GitHub pages and your AWS Lambda web service?
-
JSON Web Token RFC 7519 (no need to really read through this all)