diff --git a/services/TS29222_CAPIF_Security_API/capif_security/core/servicesecurity.py b/services/TS29222_CAPIF_Security_API/capif_security/core/servicesecurity.py index 6df6caf037916bd96778b63f53e5e42ac7cae4cf..c9b5cd1620a3602382b1e191558eed899ab34a08 100644 --- a/services/TS29222_CAPIF_Security_API/capif_security/core/servicesecurity.py +++ b/services/TS29222_CAPIF_Security_API/capif_security/core/servicesecurity.py @@ -155,7 +155,31 @@ class SecurityOperations(Resource): for service_instance in service_security.security_info: if service_instance.interface_details is not None: - security_methods = service_instance.interface_details.security_methods + + # We look for if the passed interface exists for the given apiId + capif_service_col = self.db.get_col_by_name( + self.db.capif_service_col) + + aef_profile = capif_service_col.find_one( + {"api_id": service_instance.api_id, + "aef_profiles.interface_descriptions":{ + "$elemMatch": service_instance.interface_details.to_dict() + } + }, + {"aef_profiles.interface_descriptions.$": 1, "_id": 0}) + + current_app.logger.debug("Aef profile: " + str(aef_profile)) + + if aef_profile is None: + current_app.logger.error( + "Not found service with this interface description: " + json.dumps(clean_empty(service_instance.interface_details.to_dict()))) + return not_found_error(detail=f"Service with interfaceDescription {json.dumps(clean_empty(service_instance.interface_details.to_dict()))} not found", cause="Not found Service") + + # We obtain the interface security methods + security_methods = aef_profile["aef_profiles"][0]["interface_descriptions"][0]["security_methods"] + + current_app.logger.debug("Interface security methods: " + str(security_methods)) + pref_security_methods = service_instance.pref_security_methods valid_security_method = set( security_methods) & set(pref_security_methods) @@ -333,12 +357,35 @@ class SecurityOperations(Resource): update_acls=list() for service_instance in service_security.security_info: if service_instance.interface_details is not None: - security_methods = service_instance.interface_details.security_methods + + # We look for if the passed interface exists for the given apiId + capif_service_col = self.db.get_col_by_name( + self.db.capif_service_col) + + aef_profile = capif_service_col.find_one( + {"api_id": service_instance.api_id, + "aef_profiles.interface_descriptions":{ + "$elemMatch": service_instance.interface_details.to_dict() + } + }, + {"aef_profiles.interface_descriptions.$": 1, "_id": 0}) + + current_app.logger.debug("Aef profile: " + str(aef_profile)) + + if aef_profile is None: + current_app.logger.error( + "Not found service with this interface description: " + json.dumps(clean_empty(service_instance.interface_details.to_dict()))) + return not_found_error(detail=f"Service with interfaceDescription {json.dumps(clean_empty(service_instance.interface_details.to_dict()))} not found", cause="Not found Service") + + # We obtain the interface security methods + security_methods = aef_profile["aef_profiles"][0]["interface_descriptions"][0]["security_methods"] + + current_app.logger.debug("Interface security methods: " + str(security_methods)) + pref_security_methods = service_instance.pref_security_methods valid_security_method = set( security_methods) & set(pref_security_methods) - service_instance.sel_security_method = list( - valid_security_method)[0] + else: capif_service_col = self.db.get_col_by_name( self.db.capif_service_col) @@ -355,7 +402,14 @@ class SecurityOperations(Resource): for security_method in array_methods["security_methods"]] valid_security_method = set( valid_security_methods) & set(pref_security_methods) - service_instance.sel_security_method = list( + + + if len(list(valid_security_method)) == 0: + current_app.logger.error( + "Not found comptaible security method with pref security method") + return bad_request_error(detail="Not found compatible security method with pref security method", cause="Error pref security method", invalid_params=[{"param": "prefSecurityMethods", "reason": "pref security method not compatible with security method available"}]) + + service_instance.sel_security_method = list( valid_security_method)[0] update_acls.append({"api_id": service_instance.api_id, "aef_id": service_instance.aef_id}) diff --git a/tests/features/CAPIF Security Api/capif_security_api.robot b/tests/features/CAPIF Security Api/capif_security_api.robot index 85b26ee335bc29def3b8054701dfc42dfaf121f5..8d511765311ec7e7772cd482d8dd785dadf03974 100644 --- a/tests/features/CAPIF Security Api/capif_security_api.robot +++ b/tests/features/CAPIF Security Api/capif_security_api.robot @@ -14,6 +14,7 @@ Test Teardown Reset Testing Environment ${APF_ID_NOT_VALID} apf-example ${SERVICE_API_ID_NOT_VALID} not-valid ${API_INVOKER_NOT_VALID} not-valid +${AEF_ID_NOT_VALID} not-valid *** Test Cases *** @@ -22,8 +23,22 @@ Create a security context for an API invoker # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + # Create Security Context - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -41,10 +56,21 @@ Create a security context for an API invoker with Provider role ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding # Register Provider - ${register_user_info_publisher}= Provider Default Registration + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} # Create Security Context - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -62,10 +88,21 @@ Create a security context for an API invoker with Provider role Create a security context for an API invoker with Provider entity role and invalid apiInvokerId [Tags] capif_security_api-3 # Register APF - ${register_user_info_publisher}= Provider Default Registration + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} # Create Security Context - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${API_INVOKER_NOT_VALID} ... json=${request_body} @@ -85,7 +122,22 @@ Create a security context for an API invoker with Invalid apiInvokerID # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register APF + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${API_INVOKER_NOT_VALID} ... json=${request_body} @@ -101,11 +153,28 @@ Create a security context for an API invoker with Invalid apiInvokerID ... cause=API Invoker not exists or invalid ID Retrieve the Security Context of an API Invoker - [Tags] capif_security_api-5 smoke + [Tags] capif_security_api-5 smoke # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} + ... authentication_info=authenticationInfo + ... authorization_info=authorizationInfo ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -118,9 +187,6 @@ Retrieve the Security Context of an API Invoker ${service_security_context}= Set Variable ${resp.json()} - # Register APF - ${register_user_info_publisher}= Provider Default Registration - # Retrieve Security context can setup by parameters if authenticationInfo and authorizationInfo are needed at response. # ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']}?authenticationInfo=true&authorizationInfo=true ${resp}= Get Request Capif @@ -161,7 +227,22 @@ Retrieve the Security Context of an API Invoker with invalid apfId # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -186,11 +267,26 @@ Retrieve the Security Context of an API Invoker with invalid apfId ... cause=User role must be aef Delete the Security Context of an API Invoker - [Tags] capif_security_api-8 smoke + [Tags] capif_security_api-8 smoke # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -200,9 +296,6 @@ Delete the Security Context of an API Invoker Check Response Variable Type And Values ${resp} 201 ServiceSecurity - # Register APF - ${register_user_info_publisher}= Provider Default Registration - # Remove Security Context ${resp}= Delete Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} @@ -230,7 +323,22 @@ Delete the Security Context of an API Invoker with Invoker entity role # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -290,14 +398,27 @@ Delete the Security Context of an API Invoker with invalid apiInvokerID ... cause=API Invoker not exists or invalid ID Update the Security Context of an API Invoker - [Tags] capif_security_api-12 smoke + [Tags] capif_security_api-12 smoke # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding # Register Provider - ${register_user_info_publisher}= Provider Default Registration + # Register Provider + ${register_user_info_provider}= Provider Default Registration - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -312,7 +433,12 @@ Update the Security Context of an API Invoker ${security_context}= Set Variable ${resp.json()} # Update Security Context - ${request_body}= Create Service Security Body http://robot.testing2 + ${request_body}= Create Service Security Default Body + ... http://robot.testing2 + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} + ... authentication_info=authenticationInfo + ... authorization_info=authorizationInfo ${resp}= Post Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']}/update ... json=${request_body} @@ -341,7 +467,22 @@ Update the Security Context of an API Invoker with Provider entity role # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -351,9 +492,6 @@ Update the Security Context of an API Invoker with Provider entity role Check Response Variable Type And Values ${resp} 201 ServiceSecurity - # Register Provider - ${register_user_info_publisher}= Provider Default Registration - ${resp}= Post Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']}/update ... json=${request_body} @@ -371,9 +509,21 @@ Update the Security Context of an API Invoker with Provider entity role Update the Security Context of an API Invoker with AEF entity role and invalid apiInvokerId [Tags] capif_security_api-14 # Register Provider - ${register_user_info_publisher}= Provider Default Registration + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Post Request Capif ... /capif-security/v1/trustedInvokers/${API_INVOKER_NOT_VALID}/update ... json=${request_body} @@ -392,7 +542,22 @@ Update the Security Context of an API Invoker with invalid apiInvokerID # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} ${resp}= Post Request Capif ... /capif-security/v1/trustedInvokers/${API_INVOKER_NOT_VALID}/update ... json=${request_body} @@ -408,7 +573,7 @@ Update the Security Context of an API Invoker with invalid apiInvokerID ... cause=API Invoker not exists or invalid ID Revoke the authorization of the API invoker for APIs - [Tags] capif_security_api-16 smoke + [Tags] capif_security_api-16 smoke # Register APF ${register_user_info_provider}= Provider Default Registration @@ -478,7 +643,24 @@ Revoke the authorization of the API invoker for APIs without valid apfID. # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} + ... authorization_info=authorizationInfo + ... authentication_info=authenticationInfo ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -490,9 +672,6 @@ Revoke the authorization of the API invoker for APIs without valid apfID. ${security_context}= Set Variable ${resp.json()} - # Register Provider - ${register_user_info_publisher}= Provider Default Registration - # Revoke Security Context by Invoker ${request_body}= Create Security Notification Body ${register_user_info_invoker['api_invoker_id']} 1234 ${resp}= Post Request Capif @@ -528,7 +707,25 @@ Revoke the authorization of the API invoker for APIs with invalid apiInvokerId # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding - ${request_body}= Create Service Security Body ${NOTIFICATION_DESTINATION_URL} + # Register Provider + ${register_user_info_provider}= Provider Default Registration + + # Publish Service API + ${service_api_description_published_1} ${resource_url} ${request_body}= Publish Service Api + ... ${register_user_info_provider} + ... service_1 + + # Store apiId1 + ${service_api_id_1}= Set Variable ${service_api_description_published_1['apiId']} + + # Create Security Context + ${request_body}= Create Service Security Default Body + ... ${NOTIFICATION_DESTINATION_URL} + ... aef_id=${register_user_info_provider['aef_id']} + ... api_id=${service_api_id_1} + ... authentication_info=authenticationInfo + ... authorization_info=authorizationInfo + ... authorization_info=authorizationInfo ${resp}= Put Request Capif ... /capif-security/v1/trustedInvokers/${register_user_info_invoker['api_invoker_id']} ... json=${request_body} @@ -540,9 +737,6 @@ Revoke the authorization of the API invoker for APIs with invalid apiInvokerId ${security_context}= Set Variable ${resp.json()} - # Register Provider - ${register_user_info_publisher}= Provider Default Registration - ${request_body}= Create Security Notification Body ${API_INVOKER_NOT_VALID} 1234 ${resp}= Post Request Capif ... /capif-security/v1/trustedInvokers/${API_INVOKER_NOT_VALID}/delete @@ -569,7 +763,7 @@ Revoke the authorization of the API invoker for APIs with invalid apiInvokerId Dictionaries Should Be Equal ${resp.json()} ${security_context} Retrieve access token - [Tags] capif_security_api-19 smoke + [Tags] capif_security_api-19 smoke # Register APF ${register_user_info_provider}= Provider Default Registration diff --git a/tests/libraries/security_api/bodyRequests.py b/tests/libraries/security_api/bodyRequests.py index 0e2f826dd425b3000be1ecdc9f38e9c36cdb342e..409fcfcf6d44ed7b83b3fa6b8575ae762842619a 100644 --- a/tests/libraries/security_api/bodyRequests.py +++ b/tests/libraries/security_api/bodyRequests.py @@ -1,7 +1,47 @@ -def create_service_security_body(notification_destination, aef_id=None, api_id=None): +def create_service_security_default_body( + notification_destination, + supported_features="0", + interface_details=None, + aef_id=None, + api_id=None, + authentication_info=None, + authorization_info=None, + grant_type=None, + pref_security_methods=["PSK", "PKI", "OAUTH"], + sel_security_method=None, + request_websocket_uri=None, + websocket_uri=None): data = { "notificationDestination": notification_destination, - "supportedFeatures": "fffffff", + "supportedFeatures": supported_features + } + security_info = list() + security_info.append( + create_security_info(aef_id=aef_id, + interface_details=interface_details, + api_id=api_id, + authentication_info=authentication_info, + authorization_info=authorization_info, + grant_type=grant_type, + pref_security_methods=pref_security_methods, + sel_security_method=sel_security_method)) + data['securityInfo'] = security_info + if request_websocket_uri is not None or websocket_uri is not None: + data['websockNotifConfig'] = create_web_sock_notif_config( + request_websocket_uri, websocket_uri) + return data + + +def create_service_security_body(notification_destination, + supported_features, + security_info=None, + aef_id=None, + api_id=None, + authentication_info=None, + authorization_info=None): + data = { + "notificationDestination": notification_destination, + "supportedFeatures": supported_features, "securityInfo": [{ "authenticationInfo": "authenticationInfo", "authorizationInfo": "authorizationInfo", @@ -20,7 +60,12 @@ def create_service_security_body(notification_destination, aef_id=None, api_id=N "requestTestNotification": True } - if aef_id != None and api_id != None: + if aef_id is not None and api_id is not None: + security_info = dict() + if authentication_info is not None: + security_info['authenticationInfo'] = authentication_info + if authorization_info is not None: + security_info['authorizationInfo'] = authorization_info data['securityInfo'].append({ "authenticationInfo": "authenticationInfo", "authorizationInfo": "authorizationInfo", @@ -32,6 +77,48 @@ def create_service_security_body(notification_destination, aef_id=None, api_id=N return data +def create_security_info( + aef_id=None, + interface_details=None, + api_id=None, + authentication_info=None, + authorization_info=None, + grant_type=None, + pref_security_methods=None, + sel_security_method=None): + # aef_id or interface_details must be set. + # authentication_info, authorization_info, grant_type, sel_security_method + # only should be present in repsonse from CCF + data = dict() + if aef_id is not None: + data["aefId"] = aef_id + if interface_details is not None: + data['interfaceDetails'] = interface_details + if api_id is not None: + data['apiId'] = api_id + if authentication_info is not None: + data['authenticationInfo'] = authentication_info + if authorization_info is not None: + data['authorizationInfo'] = authorization_info + if grant_type is not None: + data['grantType'] = grant_type + if pref_security_methods is not None: + data['prefSecurityMethods'] = pref_security_methods + if sel_security_method is not None: + data['selSecurityMethod'] = sel_security_method + + return data + + +def create_web_sock_notif_config(request_websocket_uri=None, websocket_uri=None): + data = dict() + if request_websocket_uri is not None: + data['requestWebsocketUri'] = request_websocket_uri + if websocket_uri is not None: + data['websocketUri'] = websocket_uri + return data + + def create_service_security_from_discover_response(notification_destination, discover_response, legacy=True): data = { "notificationDestination": notification_destination, @@ -91,14 +178,13 @@ def create_security_notification_body(api_invoker_id, api_ids, cause="OVERLIMIT_ "cause": cause } - if isinstance(api_ids,list): + if isinstance(api_ids, list): data['apiIds'] = api_ids else: - data['apiIds'] = [ api_ids ] + data['apiIds'] = [api_ids] if aef_id != None: data['aefId'] = aef_id - return data @@ -115,9 +201,11 @@ def create_access_token_req_body(client_id, scope, client_secret=None, grant_typ return data + def get_api_ids_from_discover_response(discover_response): - api_ids=[] - service_api_descriptions = discover_response.json()['serviceAPIDescriptions'] + api_ids = [] + service_api_descriptions = discover_response.json()[ + 'serviceAPIDescriptions'] for service_api_description in service_api_descriptions: api_ids.append(service_api_description['apiId']) return api_ids