-
Notifications
You must be signed in to change notification settings - Fork 0
Student Data
Student level data requires OAuth and encrypted data is returned by the API.
Using this API a student (or someone who knows student ID and password) can retrieve their own student data into an application they give permissions to. Authentication is done on the OpenEDU server using OAuth (see below). The App and API calls do not see user credentials.
The data returned is encrypted and must be unlocked using the unlock code (see examples below).
If you want to skip the OAuth / decryption steps in your hack you can use the dummy json record linked at the bottom of the page.
Once the student / guardian has retrieved the data, the application can make a call to delete the data. (but then obviously it won't be available to other applications.)
The data on this server is currently dummy data and may contain inconsistencies! (e.g. mismatched dates / years etc.) But it serves to show the structure. It is also missing some fields that will be available for real data i.e. last name, fore names, DOB, Postcode.
OAuth version: 1.0a base URL: https://openedu.tesobe.co.uk/
Some dummy OAuth keys are provided for testing:
key ; secret
5PI4IFVXT3UJI54DTWQJZYGUGB1F1RUCQ2FRWQ1D ; LW5D0IFE2UDEZSG2HQWVOVPW1CXHGNLPLJNY0A10
0OTSGSRZCGNSBMCCCRQ1AT22V4QZETTBCQ3VOTNE ; RNHNZHUUIK0BM5OYQI5IR0UTOKEVCQDH4MR2Z4V3
2ZJ4WORVHHE5SFW0AICILPUWWLQJCM0NEZF5W4PW ; 4YO3JL33ZEROJHDLWQMJGIYLUNVIDKVEXBJ3BL2H
POST /oauth/initiate (plus OAuth header)
For more detailed information about the OAuth work flow please see https://github.com/OpenBankProject/OBP-API/wiki/OAuth-1.0-Server
GET /oauth/authorize?oauth_token=TOKEN
Some dummy users are provided for testing:
Username; Password; Unlockcode;
ABCED116647369; 1f7VUurc; 1qrMtOmeFCRZ9VXJZILdyg==
ABCED211198479; Gq8rjIoj; dIHCWtDCLJqTFUv6+B+dAA==
ABCED992205564; gqDUqQgp; UOc4fTPDFWIIklK02DIERQ==
ABCED95685438; Y97bOslA; l+TVXLwXiUFibqxENvgCNA==
ABCED932604987; mgGINwNq; HdwbkVlwb7SLsTfAiJXBeA==
ABCED544378999; IoYX7YqP; LasoA15M5MqyzlJALc/ltg==
ABCED71810919; 75K9PZnS; 4W9HaxeVtUHpkvollZ+aOA==
ABCED465168085; X3lH28zR; vMjj0Y6EY3FajcmByzYsfQ==
ABCED438692162; 1n8h7DJj; 6rsTU6XLDgp7mqo720cung==
ABCED817304509; LHCR5jMp; UqmofyHpU4DwwTv8uN6sDQ==
ABCED401127055; 6T3bufTS; lAxkt0g2UKdjavkS7WNAMQ==
ABCED912518097; senMRS3D; X8bnWZO+fgywBwqmSeMxSQ==
POST /oauth/token (plus OAuth header)
GET /studentdata
DELETE /studentdata
See https://github.com/TESOBE/OpenEDU/wiki/Decryption-of-Student-Data
To see an example of unencrypted dummy data see: https://github.com/TESOBE/OpenEDU/wiki/Student-Data-Encrypted-Decrypted-Example