@@ -607,22 +607,23 @@ contain the following information about its OCM API:
607607 support at least `webdav`,
608608 any other combination of Resources and protocols is
609609 optional. Example :
610- ` json
610+ ` ` ` json
611611 {
612612 "webdav": "/remote/dav/ocm/",
613613 "webapp": "/app/ocm/",
614614 "talk": "/apps/spreed/api/"
615615 }
616- `
616+ ` ` `
617617 Fields :
618618 - webdav (string) - The top-level WebDAV [RFC4918] path at this
619619 endpoint. In order to access a Remote Resource, implementations
620- MAY use this path as a prefix, or as the full path (see sharing
621- examples).
620+ SHOULD use this path as a prefix (see sharing examples).
622621 - webapp (string) - The top-level path for web apps at this
623- endpoint. This value is provided for documentation
624- purposes, and it SHOULD NOT be intended as a prefix
625- for share requests.
622+ endpoint. In order to access a remote web app, implementations
623+ SHOULD use this path as a prefix (see sharing examples).
624+ - ssh (string) - The top-level address in the form `host:port`
625+ of an endpoint that supports ssh and scp with a public/private
626+ key based authentication.
626627 - Any additional protocol supported for this Resource type MAY be
627628 advertised here, where the value MAY correspond to
628629 a top-level URI to be used for that protocol.
@@ -770,7 +771,8 @@ To create a Share, the Sending Server SHOULD make a HTTP POST request
770771* REQUIRED protocol (object)
771772 JSON object with specific options for each protocol.
772773 The supported protocols are : - `webdav`, to access the data -
773- ` webapp` , to access remote web applications.
774+ ` webapp` , to access remote web applications - `ssh`, to access
775+ the data via a public/private key pair.
774776 Other custom protocols might be added in the future.
775777 In case a single protocol is offered, there are three ways to
776778 specify this object :
@@ -854,6 +856,21 @@ To create a Share, the Sending Server SHOULD make a HTTP POST request
854856 - OPTIONAL sharedSecret (string)
855857 An optional secret to be used to access the remote
856858 web app, for example in the form of a bearer token.
859+ * Protocol details for `ssh` MAY contain:
860+ - OPTIONAL accessType (array of strings) - The type of access
861+ being granted to the remote resource. If omitted, it defaults to
862+ `['remote']`. A subset of : - `remote` signals the recipient that
863+ the resource is available for remote access, e.g. via sshfs.
864+ - ` datatx` signals the recipient to transfer the resource
865+ from the given URI via scp. The recipient MAY delegate a
866+ third-party service to execute the data transfer on their behalf.
867+ - REQUIRED uri (string)
868+ The full address to be used for ssh or scp access, in the form
869+ ` [email protected] :port/resource/path` , where authentication is 870+ expected to take place via public/private key : the Receiving Server
871+ MUST reply to such a Share Creation Notification by sending back
872+ their public key, for the Sender Server to authorize access to the
873+ Resource.
857874
858875# # Response
859876
@@ -866,6 +883,9 @@ A 201 response status means the Share Creation Notification Request was
866883successful. In this case, the response body MUST contain a JSON
867884document representing an object with the following string fields :
868885 - REQUIRED : ` recipientDisplayName` - the Recipient's display name.
886+ - OPTIONAL : ` recipientPublicKey` - the Recipient's public key.
887+ This property MUST be returned when the protocol of the incoming
888+ share was `ssh`.
869889A 400 response status means some parameters were invalid or missing.
870890A 401 response status means the Sender cannot be authenticated as
871891a trusted service.
0 commit comments