ICCS ICT Platform REST Services usage

General

This document contains instructions and examples on how to access the ICT Platform REST services.

See ICCS ICT Platform REST APIs for an explanation on how to use the OpenAPI specifications in order to create service clients.

REST Service access

Authentication/Authorization

All Authentication and Authorization of the ICT Platform is implemented with the help of a Keycloak server. The server is deployed at https://circ4life.iccs.gr/auth/ and automatically handles all integrated applications. Any registered client application has two methods to get authorization:

OpenID Connect
EndUserModule Eco-account REST service endpoints

Direct Access Control Manager with OpenID Connect

This method of authentication is targeted to 3rd party client applications that require to integrate with ICT Platform REST Web Services. This is not suitable for consumer end-user applications. For login/logout of end-user sessions please refer to Eco-account end-user session section below.

This is the intended method for applications integrating with the following modules:

EcoCreditCalculator
EndUserModule (Only for user registration from permitted clients)
RecycleModule
RetailerModule

OpenID Connect is an identity mechanism based on OAuth 2.0 protocol. The end users of a service (humans or applications) provide their credentials and a registered Client ID into a pre-defined Token endpoint in exchange of an Access Token. The Client ID is something the administrator of the Keycloak server has already setup and the credentials can be obtained the same way or with some kind of registration. With this triplet at hand, a user or an application program can gain authorization by exchanging them for an Access Token that allows access to protected resources by supplying the token along the resource request.

The steps are the following:

Visit the OpenID Connect Discovery URL here. You should get a JSON response like this:

{
  "issuer": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE",
  "authorization_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/auth",
  "token_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token",
  "token_introspection_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token/introspect",
  "end_session_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/logout",
  "jwks_uri": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/certs",
  "grant_types_supported": ["authorization_code", "implicit", "refresh_token", "password", "client_credentials"],
  "response_types_supported": ["code", "none", "id_token", "token", "id_token token", "code id_token", "code token", "code id_token token"],
  "response_modes_supported": ["query", "fragment", "form_post"],
  "registration_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/clients-registrations/openid-connect",
  "token_endpoint_auth_methods_supported": ["private_key_jwt", "client_secret_basic", "client_secret_post", "client_secret_jwt"],
  "token_endpoint_auth_signing_alg_values_supported": ["RS256"],
  "scopes_supported": ["openid", "address", "email", "keycloak-gatekeeper", "offline_access", "phone", "profile", "roles", "web-origins"],
  "resource_registration_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/authz/protection/resource_set",
  "permission_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/authz/protection/permission",
  "policy_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/authz/protection/uma-policy",
  "introspection_endpoint": "https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token/introspect"
}

Get the token endpoint URL from the JSON property token_endpoint. This should point here.

Use HTTP POST on the token endpoint and send this URL encoded POST data body:

grant_type=password&client_id=CLIENTID&username=USERNAME&password=PASSWORD

CLIENTID, USERNAME and PASSWORD are the required triplet for gaining authorization. The Content-Type for this POST request body should be set to application/x-www-form-urlencoded. Example using GNU Wget:

wget -O- --header="Content-Type: application/x-www-form-urlencoded" --post-data="grant_type=password&client_id=CLIENTID&username=USERNAME&password=PASSWORD" https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token

If the request is properly done and the triplet is registered with the Access Control Manager, then a JSON Response is returned containing the Access and Refresh Tokens, the JSON properties are access_token and refresh_token respectively. The JSON property token_type should be bearer.
Using the Access Token we can access protected resources by including the HTTP header Authorization: Bearer ACCESS_TOKEN in our request, where ACCESS_TOKEN is the value of the access_token property in the response above. Example:
```
wget -O- --header="Accept: application/json" --header="Authorization: Bearer ACCESS_TOKEN" _PROTECTED_URL_
```
Access and Refresh Tokens have an expiration period and cannot be used after this period has elapsed. Client applications should make sure that not expired tokens are used to access protected resources. This can be done by refreshing the tokens by using the token_endpoint of the OpenID Connect Discovery URL and providing the current Refresh token as argument. The refresh process requires Refresh Tokens plus the Client ID. Example:
```
wget -O- --header="Content-Type: application/x-www-form-urlencoded" --post-data="grant_type=refresh_token&client_id=CLIENTID&refresh_token=REFRESH_TOKEN" https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token
```
If you want to end the session before the Access Token expires, you can logout by using the end_session_endpoint JSON property of the OpenID Connect Discovery URL. The logout process requires the Access and Refresh Tokens plus the Client ID. The first is passed via the bearer Authorization HTTP header and the last two in the POST data. Example:
```
wget -O- --header="Authorization: Bearer ACCESS_TOKEN" --header="Content-Type: application/x-www-form-urlencoded" --post-data="client_id=CLIENTID&refresh_token=REFRESH_TOKEN" https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/logout
```

Description	HTTP headers	POST Request Body	Endpoint URL
Get Tokens (login)	Content-Type: application/x-www-form-urlencoded	grant_type=password&client_id=CLIENTID&username=USERNAME&password=PASSWORD	token_endpoint
Refresh Tokens (after successful login)	Content-Type: application/x-www-form-urlencoded	grant_type=refresh_token&client_id=CLIENTID&refresh_token=REFRESH_TOKEN	token_endpoint
HTTP GET	Authorization: Bearer ACCESS_TOKEN	Not Available	Protected resource URL
HTTP POST	Authorization: Bearer ACCESS_TOKEN, Content-Type: application/x-www-form-urlencoded	URL encodedPOST data (e.g. prop1=val1&prop2=val2)	Protected resource URL
End session (logout)	Authorization: Bearer ACCESS_TOKEN, Content-Type: application/x-www-form-urlencoded	client_id=CLIENTID&refresh_token=REFRESH_TOKEN	end_session_endpoint

Eco-account end-user registration/resignation

Register a new Eco-account

The Eco-account registration of a new user should be allowed ONLY to client applications possessing proper permissions to use the EndUserModule REST service. Having a public endpoint for registration is a recipe for disaster and will eventually cause a Denial of Service to the ICT Platform, as every machine on the Internet that can access the public endpoint, can be set to send a very large number of requests in a constant frequency, even if the requests are not valid. To avoid having an entirely open registration API, we will limit the access of registration only to trusted client applications of CIRC4LIFE partners. The trusted applications should use the credentials of the EndUserModule from the Predefined Client IDs and Credentials for Client applications table above.

Get the bearer token as explained above in Direct Access Control Manager with OpenID Connect section for user EndUserModule, before attempting to access the registration endpoint below.

User registration endpoint: https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/register POST data form:

{
  "username": "someusernamehere",
  "password": "somepasswordhere",
  "email": "user@example.com",
	"firstname": "Firstname",
	"lastname": "Lastname",
	"birthday": "1900-01-01",
	"address": {
		"country": "GR",
		"postalcode": "15771",
		"street": "9, Iroon Politechniou Str. Zografou",
		"city": "Athens",
		"region": "Attica"
	},
	"telephone": "+302101234567",
	"imageurl": "https://circ4life.iccs.gr/images/placeholders/ecoaccount.png",
	"imageupload": null,
	"url": "https://circ4life.iccs.gr",
	"gender": "male",
	"organization": {
		"name": "ICCS",
		"url": "https://www.iccs.gr/"
	},
	"recyclebinuserid": 16004000001
}

or an absolute minimal POST data form:

{
	"username": "circ4life",
	"password": "somepasswordhere",
	"email": "user@example.com",
	"firstname": "Firstname",
	"lastname": "Lastname"
}

HTTP 200 Response:

EMPTY RESPONSE, HTTP error code 200 means success

NOTE: The Access Control Manager of the ICT Platform REQUIRES a unique username AND e-mail address per registered user. It is not possible to have 2 users sharing the same username or e-mail address. The registration will fail.

In case the registration fails and HTTP 200 is not received, the client application can use the following HTTP error codes in order to understand what happened.

HTTP Response Error Code	Error Description	Client recommended action
400	Malformed user registration form, client has sent a malformed registration form	Inform the user that he has entered invalid data in the registration form. Which field is wrong is the responsibility of the client to showcase according to the OpenAPI specification
401	Authentication denied, client tried to access the endpoint with wrong credentials	The client applications should use the credentials of the EndUserModule from the Predefined Client IDs and Credentials for Client applications page (requires developer authentication).
403	Authentication required, client tried to access the endpoint without authorization token	Client must access endpoint with Access Token
409	Eco-account already exists, client has sent a new registration with an existing username or email	Inform the user that the username and/or email he has chosen is already registered by another user
500	Eco-account already exists, client has sent a new registration with an existing username or email	Inform user that there is a problem with back-end EndUserModuleWS service and he should try later (ICCS should get a notification in case of this)

Send a Password Reset Email to an existing Eco-account

The Eco-account Reset Password of an existing user should be allowed ONLY to client applications possessing proper permissions to use the EndUserModule REST service. The trusted applications should use the credentials of the EndUserModule from the Predefined Client IDs and Credentials for Client applications table above.

Get the bearer token as explained above in Direct Access Control Manager with OpenID Connect section for user EndUserModule, before attempting to access the registration endpoint below.
User reset password Email endpoint: https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/forgot_password POST data form:
```
{
	"email": "user@example.com"
}
```
HTTP 200 Response:
```
EMPTY RESPONSE, HTTP error code 200 means success
```

Once success is received, the user should check his Email inbox with Reset Password instructions and perform them.

Update an existing Eco-account

End-users applications should be able to change the account details of a registered user. CAUTION: This endpoint should be accessed by the logged in Eco-account user that wishes to update his account profile details. An account updated can cause the change of password credential and email address for future notifications, so only the user that owns the account should be able to perform it. The restrictions applied to fields that can be updated are the same as in the registration form. A registered user can change everything after registration EXCEPT the username. If an updated field cannot be shared between users, like email and recyclebinuserid, the system will refuse to perform the update if the new value is already used by another user. The POST data form for updates does not require any field to be present, all fields are optional. Only the fields that are present will be updated, so a form should contain from one up to all possible fields. See EcoAccountUpdateForm in End User Module OpenAPI specification.

Eco-account update endpoint: https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/update POST data form:

{
  "password": "123456789012345",
  "email": "user@example.com",
  "firstname": "Firstname",
  "lastname": "Lastname",
  "birthday": "1900-01-01",
  "address": {
    "country": "GR",
    "postalcode": "15771",
    "street": "9, Iroon Politechniou Str. Zografou",
    "city": "Athens",
    "region": "Attica"
  },
  "telephone": "+302101234567",
  "imageurl": "https://circ4life.iccs.gr/images/placeholders/ecoaccount.png",
  "imageupload": null,
  "url": "https://circ4life.iccs.gr",
  "gender": "Male",
  "organization": {
    "name": "ICCS",
    "url": "https://www.iccs.gr/"
  },
  "recyclebinuserid": 12345678901
}

HTTP 200 Response:

EMPTY RESPONSE, HTTP error code 200 means success

Instead of providing all fields, as mentioned above you can use minimal POST data forms for changing specific fields:

Email update POST data form:
```
{
  "email": "user@example.com"
}
```
Password update POST data form:
```
{
  "password": "123456789012345"
}
```

Resign an existing Eco-account

End-users applications should be able to un-register a registered user. CAUTION: This endpoint should be accessed by the logged in Eco-account user that we wish to resign from the system. A resignation causes a removal of the account from the Access Control Manager and a removal of the Eco-account record from the database, including user historic data. This action CANNOT be reverted. Be extra careful when you use this from your client application and also make sure there is a CLEAR user dialog before performing a call, so the user is absolutely sure the he wishes his Eco-account destruction.

Login Eco-account user via Login endpoint: https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/login
User resignation endpoint: https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/resignation POST data form:
```
{
  "email": "user@example.com"
}
```
HTTP 200 Response:
```
EMPTY RESPONSE, HTTP error code 200 means success
```

Eco-account end-user session

End-users that want to access their Eco-account enabled Application (e.g. mobile phone app) should use the EndUserModule login/logout endpoints. These endpoints are designed as target of login and logout session forms. The Client ID is not required once a proper registration is done, only the pair of username/email and password credentials.

{
	"username": "user@example.com",
	"password": "somepasswordhere"
}

HTTP 200 Response:

{
  "accesstoken":"ACCESS_TOKEN",
  "refreshtoken": "REFRESH_TOKEN"
}

Logout endpoint: https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/logout POST data form:
```
{
	"refreshtoken": "__REPLACE_WITH_REFRESH_TOKEN__"
}
```
HTTP 200 Response:
```
Logout success
```

Examples

GNU Wget examples (replace ACCESS_TOKEN and REFRESH_TOKEN with the values of the login response):

Get Tokens (authentication):

wget -O- --header="Content-Type: application/x-www-form-urlencoded" --post-data="grant_type=password&client_id=EndUserModuleWS&username=USERNAME&password=PASSWORD" https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token

Response:

{
  "access_token": "ACCESS_TOKEN",
  "expires_in": 300,
  "refresh_expires_in": 1800,
  "refresh_token": "REFRESH_TOKEN",
  "token_type": "bearer",
  "not-before-policy": 1564648290,
  "session_state": "<Some session UUID here>",
  "scope": "email profile"
}

HTTP GET (logged in application get product information):

wget --method=GET -O- --header="Accept: application/json" --header="Authorization: Bearer ACCESS_TOKEN" https://circ4life.iccs.gr/RetailerModule/resources/product/04047111123453

Response:

{
  "MasterData": {
    "@context": "http://schema.org",
    "ProductData": {
      "@context": "http://schema.org",
      "@type": "Product",
      "@id": "https://circ4life.iccs.gr/EndUserModule/resources/ecoshopping/product/info/04047111123453",
      "gtin14": "04047111123453",
      "productID": "Product ID example",
      "name": "Product name example",
      "brand": {
        "@context": "http://schema.org",
        "@type": ["Brand", "Organization"],
        "@id": "https://www.example.com",
        "name": "Brand name example"
      },
      "description": "Description example",
      "audience": {
        "@type": "Audience",
        "@id": "<IRI of audience>",
        "name": "Audience example"
      },
      "manufacturer": {
        "@context": "http://schema.org",
        "@type": "Organization",
        "@id": "https://www.nintendo.com",
        "name": "Manufacturer example",
        "legalName": "",
        "leiCode": "",
        "url": "",
        "logo": "",
        "address": "",
        "areaServed": "",
        "ethicsPolicy": ""
      },
      "category": "Laptops (incl. tablets)",
      "material": ""
    },
    "LifeCycle": {
      "Impact Assessment Methods": {},
      "Resources": {
        "@context": "http://schema.org",
        "HSkey": {
          "value": 847130,
          "description": "Product Harmonized System 6 digit code (e.g. for laptops the code is 847130) as described in http://www.wcoomd.org/en/topics/nomenclature/overview/what-is-the-harmonized-system.aspx."
        },
        "UNUkey": {
          "value": 303,
          "description": "Product UNU-KEY code as described in https://unu.edu/projects/e-waste-quantification.html#outputs"
        },
        "Recyclability": {},
        "Material List": []
      },
      "Comments": "@ENV This is free text coming from the GUI form widget"
    }
  },
  "EcoAccounting": {
    "@context": "http://schema.org",
    "EcoPoints": {
      "@type": "QuantitativeValue",
      "name": "Eco-Points",
      "description": "The eco-point is a cumulative value accounting for an aggregate of the ecological impacts throughout product life cycle.",
      "value": 0,
      "minValue": 0,
      "maxValue": 100
    },
    "EcoCredits": {
      "@type": "QuantitativeValue",
      "name": "Eco-Credits",
      "description": "The eco-credits aim to incentivize an adequate disposal of the products after their end-of-life.",
      "value": 15,
      "minValue": 0,
      "maxValue": 30
    }
  }
}

HTTP POST:

wget -O- --header="Accept: application/json" --header="Authorization: Bearer ACCESS_TOKEN" --header="Content-Type: application/json" --post-file="Request/data/file/path" https://circ4life.iccs.gr/EcoCreditCalculator/resources/ecocredits

Request data file contents:

{
	"producttype": {
		"hskey": 847130,
		"unukey": null,
		"text": null
	},
	"weeesparameters": {
		"weeestype": 303,
		"eolstate": "working",
		"yearsofuse": 2,
		"monthsofuse": 7,
		"weightA": 1.0,
		"weightB": 2.0,
		"weightC": 3.0,
		"materialfactors": []
	},
	"foodparameters": null
}

Response:

5.098009994286958

End session (logout):

wget -O- --header="Authorization: Bearer ACCESS_TOKEN" --header="Content-Type: application/x-www-form-urlencoded" --post-data="client_id=EndUserModuleWS&refresh_token=REFRESH_TOKEN" https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/logout

Response:

HTTP 204 No Content

Testing

Command line HTTP client

The simplest way to test the services is with a command line HTTP tool like GNU Wget. In order to get the result of an unprotected endpoint by setting the HTTP response Media Type is the following:

wget --no-verbose --quiet --method=GET -O- --header="Accept: application/json" "https://circ4life.iccs.gr/EcoCreditCalculator/resources/info/version"

Just change the HTTP header Accept: value to another Media Type.

As explained above, if the Access Control Manager is deployed and protects the REST services from unauthorized access, the Authorization HTTP header with a proper access token is required:

wget --no-verbose --quiet --method=GET -O- --header="Accept: application/json" --header="Authorization: Bearer ACCESS_TOKEN" https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/ecobalance

There is a simple utility script here along with some example input files in order to quickly check a service from a compatible command line interpreter like GNU Bash or others. You can use the tool as follows:

TestModuleResources.sh INPUTFILE [USERNAME PASSWORD CLIENTID REALM SERVER_URL]

where the command line arguments are:

INPUTFILE: Text file with REST resources to test. Check folders production for some examples. REQUIRED.
USERNAME: Username to use for accessing protected resources. OPTIONAL.
PASSWORD: Password for specified USERNAME. OPTIONAL.
CLIENTID: The client ID as expected by the Access Control Manager. This the client’s application unique identification. The authorization server must already have this registered to trusted clients. Failing to provide a registered client ID will result in failure of authentication, even with correct user credentials. The Client ID is provided to the client application after their registration on the authorization server from the administrator. OPTIONAL.
REALM: The Access Control Manager Realm (default: CIRC4LIFE). OPTIONAL.
SERVER_URL: The Access Control Manager server URL (default: https://circ4life.iccs.gr).

Make sure that you have downloaded all files from here and change to the directory where TestModuleResources.sh script is located before execution. If you do not provide the USERNAME, PASSWORD and CLIENTID all endpoints in INPUTFILE will be tried with no authentication (and fail).

You can also test multiple files:

for inputfile in EcoCreditCalculatorResources.txt RecycleModuleResources.txt
do
    ./TestModuleResources.sh "${inputfile}" USERNAME PASSWORD CLIENTID
done

or use any of the ready-made scripts: test-production.sh is performing tests for all deployed modules in the production server.

The scripts test-localappserver.sh, and test-localdebugserver.sh are for local ICCS development only. In the folder POSTdata you can find many valid and invalid examples of POST data forms.

Sample output for a command that tests the login/logout of a registered Eco-account user below.

login-logout.txt contents:

POST|application/json|https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/login|application/json|POSTdata/EndUserModule/valid/login-form.json
POST|application/json|https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/logout|application/json|POSTdata/EndUserModule/valid/logout-form.json

Command:

./TestModuleResources.sh login-logout.txt someusernamehere somepasswordhere EndUserModuleWS

Output:

User credentials and Client ID: someusernamehere somepasswordhere EndUserModuleWS
Retrieving Open ID Connect Discovery data from https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/.well-known/uma2-configuration...
  HTTP/1.1 200 OK
  Server: nginx/1.14.1
  Date: Wed, 09 Oct 2019 18:43:57 GMT
  Content-Type: application/json
  Content-Length: 1721
  Connection: keep-alive
  Cache-Control: no-cache, must-revalidate, no-transform, no-store
2019-10-09 21:43:57 URL:https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/.well-known/uma2-configuration [1721/1721] -> "-" [1]
Open ID Connect Discovery data:
---------------------------------------------------------------------
{"issuer":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE","authorization_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/auth","token_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token","token_introspection_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token/introspect","end_session_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/logout","jwks_uri":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/certs","grant_types_supported":["authorization_code","implicit","refresh_token","password","client_credentials"],"response_types_supported":["code","none","id_token","token","id_token token","code id_token","code token","code id_token token"],"response_modes_supported":["query","fragment","form_post"],"registration_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/clients-registrations/openid-connect","token_endpoint_auth_methods_supported":["private_key_jwt","client_secret_basic","client_secret_post","client_secret_jwt"],"token_endpoint_auth_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","address","email","keycloak-gatekeeper","offline_access","phone","profile","roles","web-origins"],"resource_registration_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/authz/protection/resource_set","permission_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/authz/protection/permission","policy_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/authz/protection/uma-policy","introspection_endpoint":"https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token/introspect"}
---------------------------------------------------------------------
Open ID Connect Discovery endpoints:
---------------------------------------------------------------------
Token:  https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token
Logout: https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/logout
---------------------------------------------------------------------
  HTTP/1.1 200 OK
  Server: nginx/1.14.1
  Date: Wed, 09 Oct 2019 18:44:00 GMT
  Content-Type: application/json
  Content-Length: 2505
  Connection: keep-alive
  Cache-Control: no-store
  Set-Cookie: KC_RESTART=; Version=1; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/CIRC4LIFE/; Secure; HttpOnly
  Pragma: no-cache
2019-10-09 21:44:00 URL:https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/token [2505/2505] -> "-" [1]
Open ID Connect Login response:
---------------------------------------------------------------------
{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlZko0YjhweW1RQkd4aG5lbkZnMGRCY1ZwQTQwSjBlaVhaaHlZbGJxVWF3In0.eyJqdGkiOiI5MDM5Njg0NC0wN2FmLTQzNjEtOTJkYi01MjRkZjc3YjVhOTAiLCJleHAiOjE1NzA2NDY5NDAsIm5iZiI6MCwiaWF0IjoxNTcwNjQ2NjQwLCJpc3MiOiJodHRwczovL2NpcmM0bGlmZS5pY2NzLmdyL2F1dGgvcmVhbG1zL0NJUkM0TElGRSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiIxNGFlYTFlNC02Yjk3LTQxMWItYmFlMy0zNjdiOTUyYmIyYzEiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJFbmRVc2VyTW9kdWxlV1MiLCJhdXRoX3RpbWUiOjAsInNlc3Npb25fc3RhdGUiOiJmMTUzNDlkYy1jYWZjLTQ4YzMtOTk5Ny1lYWE2Y2ZkODYxYzEiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHBzOi8vY2lyYzRsaWZlLmljY3MuZ3IiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkludGVncmF0aW9uIFRlc3RpbmciLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJjaXJjNGxpZmUiLCJnaXZlbl9uYW1lIjoiSW50ZWdyYXRpb24iLCJmYW1pbHlfbmFtZSI6IlRlc3RpbmciLCJlbWFpbCI6Im1pbHRvcy5rb3V0c29rZXJhc0BpY2NzLmdyIn0.e5jkowVChJup-57JFCwpRphBQNLwj2evH8oHDW9PN5T-jr86kxOjVbEJjjk_4Khxdm6Tw1ziEbWpWDRseN8lb3Dt7ED89gQUh7rBLLSEokJwwg3I3c-86H6NmhR8IPyXt-PGGjZ4TASCiw-NwJACLC0uizlVMqQ0R3nvudKVjZE7Evn5OsTk_gr_vLtFdhgiHxsodxxfCIp_bhl3FowHJuPFhae1YURk8a-Ne8CbAiou3exnqw4Bx8O4xpMSo0R6BYhsVyfw5D2HwY4Duc1IZk4XHavgdFVamXJbnu9kGU6YDY2k0LgO74GhYiU0Ys1iUU500qfglNQEqujlVylNTA","expires_in":300,"refresh_expires_in":1800,"refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzNjZlZTEwYS04MGM2LTRiNDMtYjY2Zi0wZDUzMWZjNzgyYzUifQ.eyJqdGkiOiJlYjA4Nzc0NS0wZTljLTQ1NDUtYWIyMC1lMmViZGJlZWJmN2YiLCJleHAiOjE1NzA2NDg0NDAsIm5iZiI6MCwiaWF0IjoxNTcwNjQ2NjQwLCJpc3MiOiJodHRwczovL2NpcmM0bGlmZS5pY2NzLmdyL2F1dGgvcmVhbG1zL0NJUkM0TElGRSIsImF1ZCI6Imh0dHBzOi8vY2lyYzRsaWZlLmljY3MuZ3IvYXV0aC9yZWFsbXMvQ0lSQzRMSUZFIiwic3ViIjoiMTRhZWExZTQtNmI5Ny00MTFiLWJhZTMtMzY3Yjk1MmJiMmMxIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6IkVuZFVzZXJNb2R1bGVXUyIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6ImYxNTM0OWRjLWNhZmMtNDhjMy05OTk3LWVhYTZjZmQ4NjFjMSIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIn0.wA7ZYBn2gT-0RqwtPBnGxpijbVnQkKPNcPhBz8j8HI0","token_type":"bearer","not-before-policy":1570545220,"session_state":"f15349dc-cafc-48c3-9997-eaa6cfd861c1","scope":"email profile"}
---------------------------------------------------------------------
Returned token
---------------------------------------------------------------------
Access Token Type: bearer
Access Token: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlZko0YjhweW1RQkd4aG5lbkZnMGRCY1ZwQTQwSjBlaVhaaHlZbGJxVWF3In0.eyJqdGkiOiI5MDM5Njg0NC0wN2FmLTQzNjEtOTJkYi01MjRkZjc3YjVhOTAiLCJleHAiOjE1NzA2NDY5NDAsIm5iZiI6MCwiaWF0IjoxNTcwNjQ2NjQwLCJpc3MiOiJodHRwczovL2NpcmM0bGlmZS5pY2NzLmdyL2F1dGgvcmVhbG1zL0NJUkM0TElGRSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiIxNGFlYTFlNC02Yjk3LTQxMWItYmFlMy0zNjdiOTUyYmIyYzEiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJFbmRVc2VyTW9kdWxlV1MiLCJhdXRoX3RpbWUiOjAsInNlc3Npb25fc3RhdGUiOiJmMTUzNDlkYy1jYWZjLTQ4YzMtOTk5Ny1lYWE2Y2ZkODYxYzEiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHBzOi8vY2lyYzRsaWZlLmljY3MuZ3IiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkludGVncmF0aW9uIFRlc3RpbmciLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJjaXJjNGxpZmUiLCJnaXZlbl9uYW1lIjoiSW50ZWdyYXRpb24iLCJmYW1pbHlfbmFtZSI6IlRlc3RpbmciLCJlbWFpbCI6Im1pbHRvcy5rb3V0c29rZXJhc0BpY2NzLmdyIn0.e5jkowVChJup-57JFCwpRphBQNLwj2evH8oHDW9PN5T-jr86kxOjVbEJjjk_4Khxdm6Tw1ziEbWpWDRseN8lb3Dt7ED89gQUh7rBLLSEokJwwg3I3c-86H6NmhR8IPyXt-PGGjZ4TASCiw-NwJACLC0uizlVMqQ0R3nvudKVjZE7Evn5OsTk_gr_vLtFdhgiHxsodxxfCIp_bhl3FowHJuPFhae1YURk8a-Ne8CbAiou3exnqw4Bx8O4xpMSo0R6BYhsVyfw5D2HwY4Duc1IZk4XHavgdFVamXJbnu9kGU6YDY2k0LgO74GhYiU0Ys1iUU500qfglNQEqujlVylNTA
---------------------------------------------------------------------
####################################################################
#### TESTING MODULE WITH FILE /c/Users/Work/Development/Debugging/CIRC4LIFE/debug-resources.txt
CLIENTID: EndUserModuleWS
REALM: CIRC4LIFE
SERVER_URL: https://circ4life.iccs.gr

#### Processing resource [POST|application/json|https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/login|application/json|POSTdata/EndUserModule/valid/login-form.json] ####
---------------------------------------------------------------------
REQUEST
  HTTP method: POST
  Media type: application/json
  Resource URL: https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/login
  POST type: application/json
  POST data: POSTdata/EndUserModule/valid/login-form.json
---------------------------------------------------------------------
---------------------------------------------------------------------
RESPONSE
  HTTP/1.1 200 OK
  Server: nginx/1.14.1
  Date: Wed, 09 Oct 2019 18:44:02 GMT
  Content-Type: application/json
  Content-Length: 2328
  Connection: keep-alive
  X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  5.0  Java/Oracle Corporation/1.8)
2019-10-09 21:44:02 URL:https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/login [2328/2328] -> "-" [1]

OUTPUT: {"accesstoken":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlZko0YjhweW1RQkd4aG5lbkZnMGRCY1ZwQTQwSjBlaVhaaHlZbGJxVWF3In0.eyJqdGkiOiI0ZmViNmE4ZC0xYjBiLTQ4ZTktOTkyMi01NmNkMGZmYjcwMGYiLCJleHAiOjE1NzA2NDY5NDIsIm5iZiI6MCwiaWF0IjoxNTcwNjQ2NjQyLCJpc3MiOiJodHRwczovL2NpcmM0bGlmZS5pY2NzLmdyL2F1dGgvcmVhbG1zL0NJUkM0TElGRSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiIxNGFlYTFlNC02Yjk3LTQxMWItYmFlMy0zNjdiOTUyYmIyYzEiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJFbmRVc2VyTW9kdWxlV1MiLCJhdXRoX3RpbWUiOjAsInNlc3Npb25fc3RhdGUiOiJhMDU5NDZkZS0xYjBkLTQzNDgtYTc0MS1iN2U0ZDExNTQ4ZGEiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHBzOi8vY2lyYzRsaWZlLmljY3MuZ3IiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkludGVncmF0aW9uIFRlc3RpbmciLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJjaXJjNGxpZmUiLCJnaXZlbl9uYW1lIjoiSW50ZWdyYXRpb24iLCJmYW1pbHlfbmFtZSI6IlRlc3RpbmciLCJlbWFpbCI6Im1pbHRvcy5rb3V0c29rZXJhc0BpY2NzLmdyIn0.ZOM21yu_ZFaa6VugPCvtcWxqaqftCL6bKHQXtMnn7Tp_dzVW4U8uM9pWyy_nL1i7Bjt5Fgtj5GcSh0G7iQTQ83NsAcRvzrqZDa2C5xFTZzq0q2sRX00ymRSGrUXwi45mckN2ILb-VotoVpCrIKzjkYZxynfR1sB753hjbAFHPTulMIVHHHes1EtV-_s_dZokF-35rFOrNRRcxnisvbpqIt-OCDs8kGR6nMDVIKtQjLuZyMSPVJQ5ceOxydNx0KU-oZt9eI5DI8agh45ds5se1p6Z35TnAXNTdsDI345jcfkpXXEK2sl2ixVtotv2L8YB9Memd4i1JjBcRJKqBlhoQQ","refreshtoken":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzNjZlZTEwYS04MGM2LTRiNDMtYjY2Zi0wZDUzMWZjNzgyYzUifQ.eyJqdGkiOiI1OWJlZDIyZS02YzZiLTRhMzItYWNkZC00MThhYTM5Y2QxMzUiLCJleHAiOjE1NzA2NDg0NDIsIm5iZiI6MCwiaWF0IjoxNTcwNjQ2NjQyLCJpc3MiOiJodHRwczovL2NpcmM0bGlmZS5pY2NzLmdyL2F1dGgvcmVhbG1zL0NJUkM0TElGRSIsImF1ZCI6Imh0dHBzOi8vY2lyYzRsaWZlLmljY3MuZ3IvYXV0aC9yZWFsbXMvQ0lSQzRMSUZFIiwic3ViIjoiMTRhZWExZTQtNmI5Ny00MTFiLWJhZTMtMzY3Yjk1MmJiMmMxIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6IkVuZFVzZXJNb2R1bGVXUyIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6ImEwNTk0NmRlLTFiMGQtNDM0OC1hNzQxLWI3ZTRkMTE1NDhkYSIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIn0.QINZ_Bozmkjkyovm-8ssWvZZh2fE6I-VO6K7ZHRS7PI"}
---------------------------------------------------------------------
  Response status: No problems occurred.
  Response HTTP code: 200


#### Processing resource [POST|application/json|https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/logout|application/json|POSTdata/EndUserModule/valid/logout-form.json] ####
---------------------------------------------------------------------
REQUEST
  HTTP method: POST
  Media type: application/json
  Resource URL: https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/logout
  POST type: application/json
  POST data: POSTdata/EndUserModule/valid/logout-form.json
---------------------------------------------------------------------
Found __REPLACE_WITH_REFRESH_TOKEN__ in POST file POSTdata/EndUserModule/valid/logout-form.json, will replace it with current refresh token.
'POSTdata/EndUserModule/valid/logout-form.json' -> '/tmp/postfile.FZ5kxaKaSZ'
---------------------------------------------------------------------
RESPONSE
  HTTP/1.1 200 OK
  Server: nginx/1.14.1
  Date: Wed, 09 Oct 2019 18:44:03 GMT
  Content-Type: application/json
  Content-Length: 14
  Connection: keep-alive
  X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition  5.0  Java/Oracle Corporation/1.8)
2019-10-09 21:44:03 URL:https://circ4life.iccs.gr/EndUserModule/resources/ecoaccount/logout [14/14] -> "-" [1]

OUTPUT: Logout success
---------------------------------------------------------------------
  Response status: No problems occurred.
  Response HTTP code: 200

#### END OF MODULE TESTING
####################################################################
Performing logout with access token bearer: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlZko0YjhweW1RQkd4aG5lbkZnMGRCY1ZwQTQwSjBlaVhaaHlZbGJxVWF3In0.eyJqdGkiOiI5MDM5Njg0NC0wN2FmLTQzNjEtOTJkYi01MjRkZjc3YjVhOTAiLCJleHAiOjE1NzA2NDY5NDAsIm5iZiI6MCwiaWF0IjoxNTcwNjQ2NjQwLCJpc3MiOiJodHRwczovL2NpcmM0bGlmZS5pY2NzLmdyL2F1dGgvcmVhbG1zL0NJUkM0TElGRSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiIxNGFlYTFlNC02Yjk3LTQxMWItYmFlMy0zNjdiOTUyYmIyYzEiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJFbmRVc2VyTW9kdWxlV1MiLCJhdXRoX3RpbWUiOjAsInNlc3Npb25fc3RhdGUiOiJmMTUzNDlkYy1jYWZjLTQ4YzMtOTk5Ny1lYWE2Y2ZkODYxYzEiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHBzOi8vY2lyYzRsaWZlLmljY3MuZ3IiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkludGVncmF0aW9uIFRlc3RpbmciLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJjaXJjNGxpZmUiLCJnaXZlbl9uYW1lIjoiSW50ZWdyYXRpb24iLCJmYW1pbHlfbmFtZSI6IlRlc3RpbmciLCJlbWFpbCI6Im1pbHRvcy5rb3V0c29rZXJhc0BpY2NzLmdyIn0.e5jkowVChJup-57JFCwpRphBQNLwj2evH8oHDW9PN5T-jr86kxOjVbEJjjk_4Khxdm6Tw1ziEbWpWDRseN8lb3Dt7ED89gQUh7rBLLSEokJwwg3I3c-86H6NmhR8IPyXt-PGGjZ4TASCiw-NwJACLC0uizlVMqQ0R3nvudKVjZE7Evn5OsTk_gr_vLtFdhgiHxsodxxfCIp_bhl3FowHJuPFhae1YURk8a-Ne8CbAiou3exnqw4Bx8O4xpMSo0R6BYhsVyfw5D2HwY4Duc1IZk4XHavgdFVamXJbnu9kGU6YDY2k0LgO74GhYiU0Ys1iUU500qfglNQEqujlVylNTA
  HTTP/1.1 204 No Content
  Server: nginx/1.14.1
  Date: Wed, 09 Oct 2019 18:44:03 GMT
  Connection: keep-alive
2019-10-09 21:44:03 URL:https://circ4life.iccs.gr/auth/realms/CIRC4LIFE/protocol/openid-connect/logout [0] -> "-" [1]

OUTPUT:
---------------------------------------------------------------------
  Response status: No problems occurred.

Linux and Mac operating systems have pre-installed command line terminals, in Microsoft Windows you will need Git Bash or equivalent.

SoapUI testing framework

Work in progress workspace for SoapUI Test framework. Get the current project workspace from here.

Examples

All Information REST resources below return their result in one of these formats:

text/plain
text/html
application/xml
application/json
image/png

The rest of the endpoints are explained per example result. Use the OpenAPI or WADL documents to check the supported result media type of each endpoint.

Common Information

All modules share a common way for getting general information:

URL: https://circ4life.iccs.gr/MODULE_NAME/resources/info/version

Result as application/json:

{ "version": "0.0.5-dev" }

Eco-credit Calculator Service

Base URL: https://circ4life.iccs.gr/EcoCreditCalculator/resources

Test file: here

Test HTTP POST JSON requests: here

Eco-credits calculation

HTTP Method	Media type	Resource URL	POST Content Type
GET	application/json	/ecocredits/food/1.0/2.0/3.0	Not available
GET	application/json	/ecocredits/950410/1/6/working	Not available
GET	application/json	/ecocredits/950410/1/6/repairable	Not available
GET	application/json	/ecocredits/950410/1/6/broken	Not available
GET	application/json	/ecocredits/product/00045496710019/2/7/working	Not available
GET	application/json	/ecocredits/product/00045496710019/2/7/repairable	Not available
GET	application/json	/ecocredits/product/00045496710019/2/7/broken	Not available
GET	application/json	/ecocredits/weees/303/2/5/working/0.00006224/4.706/15.0	Not available
GET	application/json	/ecocredits/weees/lifetime_factor/303/3/2	Not available
POST	application/json	/ecocredits	application/json
POST	application/json	/ecocredits	application/json
POST	application/json	/ecocredits	application/json

Eco Account and Shopping Module Service

Base URL: https://circ4life.iccs.gr/EndUserModule/resources

Test file: here

Test HTTP POST JSON requests: here

Eco-account registration

NOTE: The following endpoints are only accessible by the predefined user of EndUserModuleWS service client, NOT by an Eco Account or other REST service client. In order to be able to register a new Eco Account with this API endpoint your are required to first get access tokens for User ‘EndUserModule’ and ClientID ‘EndUserModuleWS’. See section Predefined Client IDs and Credentials for Client applications above for details.

HTTP Method	Media type	Resource URL	POST Content Type
POST	application/json	/ecoaccount/register	application/json
POST	application/json	/ecoaccount/register	application/json
POST	application/json	/ecoaccount/register	application/json
POST	application/json	/ecoaccount/register	application/json

Eco-account Reset Password Email

HTTP Method	Media type	Resource URL	POST Content Type
POST	application/json	/ecoaccount/forgot_password	application/json

Eco-account resignation

HTTP Method	Media type	Resource URL	POST Content Type
POST	application/json	/ecoaccount/resignation	application/json

Eco-account login/logout

NOTE: The logout endpoint should be accessed by the logged in Eco Account user session.

HTTP Method	Media type	Resource URL	POST Content Type
POST	application/json	/ecoaccount/login	application/json
POST	application/json	/ecoaccount/logout	application/json

Eco-account access

NOTE: These endpoints should be accessed by the logged in Eco Account user session.

HTTP Method	Media type	Resource URL	POST Content Type
GET	application/json	/ecoaccount/anonymous_consumerid	Not available
GET	image/png	/ecoaccount/anonymous_consumerid/qrcode	Not available
GET	application/json	/ecoaccount/recyclebinid	Not available
GET	image/png	/ecoaccount/recyclebinid/qrcode	Not available
GET	application/json	/ecoaccount/ecobalance	Not available
GET	application/json	/ecoaccount/history	Not available
GET	application/json	/ecoaccount/user_record	Not available
POST	application/json	/ecoaccount/feedback/producers	application/json
POST	application/json	/ecoaccount/feedback/system	application/json

Eco-shopping

HTTP Method	Media type	Resource URL	POST Content Type
GET	application/json	/ecoshopping/product/ecopoints/04047111123453	Not available
GET	application/json	/ecoshopping/product/info/04047111123453	Not available
GET	application/json	/ecoshopping/product/manufacturer/04047111123453	Not available
GET	application/json	/ecoshopping/product/reusability/04047111123453	Not available

Recycle Module

Base URL: https://circ4life.iccs.gr/RecycleModule/resources

Test file: here

Eco-credits calculation

HTTP Method	Media type	Resource URL	POST Content Type
GET	application/json	/ecocredits/04047111123453/2/7/working	Not available
GET	application/json	/ecocredits/estimation/04047111123453/broken	Not available
GET	application/json	/ecocredits/estimation/type/950410/repairable	Not available

Purchase history access

HTTP Method	Media type	Resource URL	POST Content Type
GET	application/json	/purchase_history/16004000001	Not available
GET	application/json	/purchase_history/16004000001/type/847130	Not available

Recycle evaluation update

HTTP Method	Media type	Resource URL	POST Content Type
POST	application/json	/recycle_evaluation	application/json
POST	application/json	/recycle_evaluation	application/json

Product types

HTTP Method	Media type	Resource URL	POST Content Type
GET	application/json	/product_types	Not available

Retailer Module

Base URL: https://circ4life.iccs.gr/RetailerModule/resources

Test file: here

Test HTTP POST JSON requests: here

Product general information

HTTP Method	Media type	Resource URL	POST Content Type
GET	application/json	/product/ecopoints/barcode/%2801%2904047111123453	Not available
GET	application/json	/product/ecopoints/04047111123453	Not available
GET	application/json	/product/04047111123453	Not available
GET	application/json	/product/barcode/%2801%2904047111123453	Not available

Eco-account access

HTTP Method	Media type	Resource URL	POST Content Type
GET	application/json	/ecoaccount/(Anonymous User ID as returned by EndUserModule/resources/ecoaccount/anonymous_consumerid)	Not available
GET	application/json	/ecoaccount/ecobalance/(Anonymous User ID as returned by EndUserModule/resources/ecoaccount/anonymous_consumerid)	Not available
POST	application/json	/ecoaccount/add/purchases	application/json