Skip to content
Snippets Groups Projects
Commit 3b7664a8 authored by guillecxb's avatar guillecxb
Browse files

helper, register and dynamic capif configuration

parent e039dc3d
No related branches found
No related tags found
1 merge request!38Resolve "Documentation how to manage dynamic configuration"
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 633 additions and 1 deletion
doc/assets/swagger/swagger-ui-bundle.js 0 → 100644
+ 2
0
View file @ 3b7664a8
This diff is collapsed.
doc/assets/swagger/swagger-ui-standalone-preset.js 0 → 100644
+ 2
0
View file @ 3b7664a8
Source diff could not be displayed: it is too large. Options to address this: view the blob.
doc/assets/swagger/swagger-ui.css 0 → 100644
+ 3
0
View file @ 3b7664a8
This diff is collapsed.
doc/configuration/configuration.md 0 → 100644
+ 76
0
View file @ 3b7664a8
# CAPIF Dynamic Configuration
## Overview
CAPIF supports dynamic configuration management, enabling modifications without requiring redeployment. This is achieved by storing configurations in MongoDB collections for both CAPIF and Register services, allowing CAPIF to retrieve and apply configuration changes dynamically.
This new approach provides:
* **Real-time configuration updates**: Modify parameters on the fly.
* **Extensibility**: Add new parameters or sections dynamically.
* **Improved flexibility**: Reduce static configuration dependencies.
## CAPIF Configuration
In the CAPIF MongoDB instance, it is included a collection of the configuration.
```json
capif_configuration: {
"config_name": "default",
"version": "1.0",
"description": "Default CAPIF Configuration",
"settings": {
"certificates_expiry": {
ttl_superadmin_cert: "4300h",
ttl_invoker_cert: "4300h",
ttl_provider_cert: "4300h",
},
"security_method_priority": {
oauth: 1,
pki: 2,
psk: 3
},
"acl_policy_settings": {
allowed_total_invocations: 5,
allowed_invocations_per_second: 10,
allowed_invocation_time_range_days: 365
}
}
}
```
## Register Configuration
Similarly, the Register service includes a dynamic configuration stored in its MongoDB instance:
```json
capif_configuration: {
"config_name": "default",
"version": "1.0",
"description": "Default Register Configuration",
"settings": {
"certificates_expiry": {
ttl_superadmin_cert: "4300h",
}
}
}
```
## Configuration Management Endpoints
Both CAPIF and the register configuration are managed via API, the general configuration of CAPIF from the Helper service and the register configuration from the register. In both services these endpoints enable:
1. Retrieving the current configuration – View the existing settings stored in MongoDB.
2. Modifying configuration parameters – Update specific values dynamically.
3. Adding new configuration settings – Introduce additional parameters within existing sections or create entirely new sections in the configuration.
For more details, you can check the API documentation of the Helper and Register services:
- [Helper Service API Documentation](../helper/swagger.md)
- [Register Service API Documentation](../register/swagger.md)
doc/helper/helper.md 0 → 100644
+ 31
0
View file @ 3b7664a8
# Introduction to the Helper Service
## Overview
CAPIF does not include any built-in mechanism to expose data via API. This makes it difficult to retrieve essential information such as the number of registered API Invokers, a list of available API Invokers, etc.
Without a dedicated tool, accessing this data requires direct database queries, making it inefficient and impractical.
## Helper Service
The Helper Service addresses this limitation by acting as an intermediary that exposes CAPIF’s stored data in a structured and accessible manner. This service provides APIs that allow users to query the CAPIF database and obtain valuable insights, such as:
- The total count and details of registered API Invokers and API Providers.
- A structured and API-driven way to retrieve CAPIF-related information.
- Simplified access to important data without the need for direct database interactions.
- Access to security contexts, helping manage authentication and authorization processes.
- Retrieval of event records, providing insight into CAPIF system activities.
- The ability to delete different CAPIF entities, facilitating resource management.
- Full control over CAPIF dynamic configuration, including:
- Retrieving the current configuration.
- Modifying specific parameters.
- Adding or updating configuration settings dynamically.
By this Helper Service, CAPIF users can effortlessly retrieve and manage critical system information, improving overall visibility and efficiency.
## API Documentation
For a detailed API reference, please check the **Helper Service Swagger Documentation**:
➡️ [Helper Service API Documentation](../helper/swagger.md)
doc/helper/swagger.md 0 → 100644
+ 13
0
View file @ 3b7664a8
## Helper API Documentation
<div id="swagger-ui"></div>
<script>
window.onload = function() {
const ui = SwaggerUIBundle({
url: "/swagger/helper_swagger.yaml",
dom_id: '#swagger-ui',
presets: [SwaggerUIBundle.presets.apis, SwaggerUIStandalonePreset],
layout: "StandaloneLayout"
});
};
</script>
\ No newline at end of file
doc/register/register.md 0 → 100644
+ 13
0
View file @ 3b7664a8
# Register Service
## Overview
The Register Service is responsible for user management within the CAPIF ecosystem.
It provides a structured way to register, authenticate, and manage user that interact with CAPIF, ensuring a secure and efficient process.
## API Documentation
For more details, refer to the **API documentation**:
- [Register Service API Documentation](../register/swagger.md)
doc/register/swagger.md 0 → 100644
+ 13
0
View file @ 3b7664a8
## Register API Documentation
<div id="swagger-ui"></div>
<script>
window.onload = function() {
const ui = SwaggerUIBundle({
url: "/swagger/register_swagger.yaml",
dom_id: '#swagger-ui',
presets: [SwaggerUIBundle.presets.apis, SwaggerUIStandalonePreset],
layout: "StandaloneLayout"
});
};
</script>
doc/swagger/helper_swagger.yaml
+ 141
0
View file @ 3b7664a8
...@@ -312,6 +312,147 @@ paths: ...@@ -312,6 +312,147 @@ paths:
$ref: '#/components/schemas/EventsResponse' $ref: '#/components/schemas/EventsResponse'
"400": "400":
description: Invalid page or page_size supplied. description: Invalid page or page_size supplied.
/helper/getConfiguration:
get:
tags:
- Configuration
summary: Retrieve CAPIF configuration
description: Fetches the current CAPIF configuration from MongoDB.
operationId: GetConfiguration
responses:
"200":
description: Returns the current CAPIF configuration.
content:
application/json:
schema:
type: object
example:
config_name: "default"
version: "1.0"
settings:
certificates_expiry:
ttl_superadmin_cert: "4300h"
ttl_invoker_cert: "4300h"
ttl_provider_cert: "4300h"
security_method_priority:
oauth: 1
pki: 2
psk: 3
acl_policy_settings:
allowed_total_invocations: 5,
allowed_invocations_per_second: 10,
allowed_invocation_time_range_days: 365
/helper/updateConfigParam:
patch:
tags:
- Configuration
summary: Update a configuration parameter
description: Updates a specific configuration parameter inside CAPIF settings.
operationId: UpdateConfigParam
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
param_path:
type: string
example: "settings.security_method_priority.oauth"
new_value:
type: integer
example: 2
responses:
"200":
description: Configuration parameter updated successfully.
"400":
description: Missing 'param_path' or 'new_value' in request body.
/helper/replaceConfiguration:
put:
tags:
- Configuration
summary: Replace the entire CAPIF configuration
description: Completely replaces the CAPIF configuration with a new one.
operationId: ReplaceConfiguration
requestBody:
required: true
content:
application/json:
schema:
type: object
example:
config_name: "default"
version: "1.0"
settings:
certificates_expiry:
ttl_superadmin_cert: "5000"
ttl_invoker_cert: "2500"
ttl_provider_cert: "3300"
security_method_priority:
oauth: 2
pki: 3
psk: 1
acl_policy_settings:
allowed_total_invocations: 15,
allowed_invocations_per_second: 20,
allowed_invocation_time_range_days: 200
responses:
"200":
description: Configuration replaced successfully.
"400":
description: Missing new configuration in request body.
/helper/addNewConfiguration:
post:
tags:
- Configuration
summary: Add a new configuration category
description: Adds a new category inside the 'settings' section of CAPIF configuration.
operationId: AddNewConfiguration
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
category_name:
type: string
example: "new_policy_settings"
category_values:
type: object
example:
max_invocations: 50
rate_limit: 5
responses:
"200":
description: Category added successfully.
"400":
description: Missing 'category_name' or 'category_values' in request body.
/helper/addNewConfigSetting:
patch:
tags:
- Configuration
summary: Add a new configuration parameter
description: Adds a new parameter inside an existing category in 'settings'.
operationId: AddNewConfigSetting
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
param_path:
type: string
example: "settings.certificates_expiry.new_ttl"
new_value:
type: integer
example: 10
responses:
"200":
description: Parameter added successfully.
"400":
description: Missing 'param_path' or 'new_value' in request body.
components: components:
schemas: schemas:
InvokersResponse: InvokersResponse:
......
doc/swagger/register_swagger.yaml 0 → 100644
+ 327
0
View file @ 3b7664a8
openapi: 3.0.0
info:
title: Register Service API
description: API for user registration and configuration management in CAPIF.
version: 1.0.0
servers:
- url: https://localhost:8084
description: Local development server
paths:
/login:
post:
summary: Admin login
description: Logs in an admin user and returns access and refresh tokens.
tags:
- Authentication
security:
- basicAuth: []
responses:
"200":
description: Successfully logged in
content:
application/json:
schema:
type: object
properties:
access_token:
type: string
refresh_token:
type: string
"401":
description: Unauthorized
/refresh:
post:
summary: Refresh access token
description: Generates a new access token using a refresh token.
tags:
- Authentication
security:
- bearerAuth: []
responses:
"200":
description: New access token generated
content:
application/json:
schema:
type: object
properties:
access_token:
type: string
"401":
description: Unauthorized
/createUser:
post:
summary: Register a new user
description: Allows an admin to create a new user.
tags:
- Users
security:
- bearerAuth: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
username:
type: string
password:
type: string
enterprise:
type: string
country:
type: string
email:
type: string
purpose:
type: string
responses:
"201":
description: User registered successfully
"400":
description: Missing or invalid fields
"409":
description: User already exists
/getauth:
get:
summary: Get user authorization
description: Retrieves authorization information for a user.
tags:
- Users
security:
- basicAuth: []
responses:
"200":
description: Authorization details returned
"400":
description: User not found
/deleteUser/{uuid}:
delete:
summary: Delete a user
description: Removes a user from the system.
tags:
- Users
security:
- bearerAuth: []
parameters:
- name: uuid
in: path
required: true
schema:
type: string
responses:
"204":
description: User deleted successfully
"400":
description: Invalid UUID
/getUsers:
get:
summary: Get all users
description: Retrieves a list of all registered users.
tags:
- Users
security:
- bearerAuth: []
responses:
"200":
description: Users retrieved successfully
/configuration:
get:
summary: Retrieve register configuration
description: Fetches the current configuration of the register service.
tags:
- Configuration
security:
- bearerAuth: []
responses:
"200":
description: Configuration retrieved successfully
content:
application/json:
schema:
type: object
properties:
config_name:
type: string
description:
type: string
version:
type: string
settings:
type: object
properties:
certificates_expiry:
type: object
properties:
ttl_superadmin_cert:
type: string
"404":
description: Configuration not found
patch:
summary: Update register configuration
description: Updates a specific parameter in the register configuration.
tags:
- Configuration
security:
- bearerAuth: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
param_path:
type: string
example: "settings.certificates_expiry.hola"
new_value:
type: string
example: "2500h"
responses:
"200":
description: Parameter updated successfully
content:
application/json:
schema:
type: object
properties:
message:
type: string
example: "Parameter 'settings.certificates_expiry.ttl_superadmin_cert' updated successfully"
"400":
description: Invalid request body
put:
summary: Replace register configuration
description: Replaces the entire configuration with a new one.
tags:
- Configuration
security:
- bearerAuth: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
config_name:
type: string
example: "default"
description:
type: string
example: "Updated Register Configuration"
version:
type: string
example: "1.1"
settings:
type: object
properties:
certificates_expiry:
type: object
properties:
ttl_superadmin_cert:
type: string
example: "4300h"
responses:
"200":
description: Configuration replaced successfully
content:
application/json:
schema:
type: object
properties:
message:
type: string
example: "Register configuration replaced successfully"
"400":
description: Invalid request body
/configuration/addNewCategory:
post:
summary: Add new configuration category
description: Adds a new category inside the register configuration.
tags:
- Configuration
security:
- bearerAuth: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
category_name:
type: string
example: "new_category"
category_values:
type: object
example: {"config1": 1, "config2": "xxxx"}
responses:
"200":
description: Category added successfully
content:
application/json:
schema:
type: object
properties:
message:
type: string
example: "Category 'new_category' added successfully"
"400":
description: Invalid request body
/configuration/addNewParamConfigSetting:
patch:
summary: Add new configuration setting
description: Adds a new parameter inside a category in settings.
tags:
- Configuration
security:
- bearerAuth: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
param_path:
type: string
example: "certificates_expiry.new_config_ttl"
new_value:
type: string
example: "1000h"
responses:
"200":
description: Parameter added successfully
content:
application/json:
schema:
type: object
properties:
message:
type: string
example: "Parameter 'certificates_expiry.new_config_ttl' added successfully"
"400":
description: Invalid request body
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
mkdocs.yml
+ 12
1
View file @ 3b7664a8
...@@ -12,6 +12,11 @@ docs_dir: doc ...@@ -12,6 +12,11 @@ docs_dir: doc
extra_css: extra_css:
- stylesheets/extra.css - stylesheets/extra.css
- assets/swagger/swagger-ui.css
extra_javascript:
- assets/swagger/swagger-ui-bundle.js
- assets/swagger/swagger-ui-standalone-preset.js
# edit_uri: edit/docs-revamp/docs/ # edit_uri: edit/docs-revamp/docs/
# edit_uri: blob/docs-revamp/docs/ # edit_uri: blob/docs-revamp/docs/
...@@ -33,7 +38,6 @@ theme: ...@@ -33,7 +38,6 @@ theme:
# feature: # feature:
# tabs: true # tabs: true
features: features:
- navigation.instant
- navigation.instant.progress - navigation.instant.progress
- navigation.top - navigation.top
- navigation.footer - navigation.footer
...@@ -82,6 +86,13 @@ nav: ...@@ -82,6 +86,13 @@ nav:
- Vendor Extensibility: ./vendor-ext/vendor-ext.md - Vendor Extensibility: ./vendor-ext/vendor-ext.md
- Api Status: ./api-status/api-status.md - Api Status: ./api-status/api-status.md
- Event Filter: ./event-filter/event-filter.md - Event Filter: ./event-filter/event-filter.md
- Dynamic Configuration: ./configuration/configuration.md
- Helper:
- Introduction: ./helper/helper.md
- Swagger: ./helper/swagger.md
- Register:
- Introduction: ./register/register.md
- Swagger: ./register/swagger.md
- SDK: - SDK:
- Introduction: ./sdk/sdk.md - Introduction: ./sdk/sdk.md
- Example Clients: - Example Clients:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment