Loading doc/releasenotes.md +14 −1 Original line number Diff line number Diff line Loading @@ -23,7 +23,7 @@ The startup scripts of the ***Invoker Management Service***, ***Provider Managem This will also helps on the restart issue on k8s deployed OpenCAPIF. ### Dynamic configurations #### Dynamic configurations - Add new collection in CAPIF mongo with the init configuration. - New endpoints in Helper to manage the CAPIF configuration. - Add new collection in Register mongo with the init configuration. Loading @@ -31,6 +31,19 @@ This will also helps on the restart issue on k8s deployed OpenCAPIF. - Documentation about Dynamic Configuration. - Documentation about Helper and Register swaggers. ### **Documentation** #### Improvements over documentation - New [Event Filter section](./event-filter/event-filter.md) - New [Vendor Extensibility section](./vendor-ext/vendor-ext.md) - New [API Status section](./api-status/api-status.md) - New [Dynamic Configuration section](./configuration/configuration.md) #### Testplan - New tests related with [Api Status Feature](./testing/testplan/api_status/README.md). - New tests related with [Event Filter Feature](./testing/testplan/event_filter/README.md). - New tests related with [Vendor Extensibility](./testing/testplan/vendor_extensibility/README.md) - [Security Service Testplan](./testing/testplan/api_security_service/README.md) updated according to new features and Technical debts. ## **Release 2.0.0** Loading doc/testing/testplan/api_security_service/README.md +121 −55 Original line number Diff line number Diff line Loading @@ -16,15 +16,19 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Store signed Certificate 3. Create Security Context 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 4. Create Security Context **Information of Test**: 1. Perform [Invoker Onboarding] 2. Create Security Context for this Invoker 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this Invoker * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * body [service security body] with aefId and apiId * Use **Invoker Certificate** **Expected Result**: Loading @@ -49,15 +53,18 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 1. Register and onboard Invoker at CCF. 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker but using Provider certificate. 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this Invoker but using Provider certificate. * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **AEF Certificate** Loading Loading @@ -90,13 +97,17 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register Provider at CCF 2. Create Security Context using Provider certificate 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate **Information of Test**: 1. Perform [Provider Registration] 2. Create Security Context for this not valid apiInvokerId and using Provider certificate. 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this not valid apiInvokerId and using Provider certificate. * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * body [service security body] * Using **AEF Certificate** Loading Loading @@ -128,13 +139,17 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Create Security Context using Provider certificate 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate **Information of Test**: 1. Perform [Invoker Onboarding] 2. Create Security Context for this Invoker: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * body [service security body] * Use **Invoker Certificate** Loading @@ -154,7 +169,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 5: Retrieve the Security Context of an API Invoker **Test ID**:: ***capif_security_api-5*** **Test ID**:: ***capif_security_api-5***, ***smoke*** **Description**: Loading @@ -167,13 +182,17 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate 4. Retrieve Security Context by Provider **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker. * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** Loading Loading @@ -205,13 +224,18 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 2. Register Provider at CCF 1. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate 4. Retrieve Security Context by Provider of invalid invoker **Information of Test**: 1. Perform [Provider Registration] 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Retrieve Security Context of invalid Invoker by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** Loading Loading @@ -243,9 +267,10 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Store signed Certificate 3. Create Security Context 4. Retrieve Security Context as Provider. 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Store signed Certificate 4. Create Security Context 5. Retrieve Security Context as Provider. **Information of Test**: Loading Loading @@ -273,7 +298,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 8: Delete the Security Context of an API Invoker **Test ID**:: ***capif_security_api-8*** **Test ID**:: ***capif_security_api-8***, ***smoke*** **Description**: Loading @@ -286,24 +311,28 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate 4. Delete Security Context by Provider **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker but using Provider certificate. 3. Create Security Context for this Invoker but using Provider certificate. * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **AEF Certificate** 3. Delete Security Context of Invoker by Provider: 4. Delete Security Context of Invoker by Provider: * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Use **AEF Certificate** 4. Retrieve Security Context of Invoker by Provider: 5. Retrieve Security Context of Invoker by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **AEF Certificate** Loading Loading @@ -336,19 +365,24 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register Provider at CCF 2. Create Security Context using Provider certificate 3. Delete Security Context by Invoker 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate 4. Delete Security Context by Invoker **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker: 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate** 3. Delete Security Context of Invoker: 4. Delete Security Context of Invoker: * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Use **Invoker Certificate** Loading Loading @@ -437,7 +471,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 12: Update the Security Context of an API Invoker **Test ID**:: ***capif_security_api-12*** **Test ID**:: ***capif_security_api-12***, ***smoke*** **Description**: Loading @@ -450,7 +484,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context By Invoker 4. Update Security Context By Invoker 5. Retrieve Security Context By Provider Loading @@ -458,6 +492,10 @@ At this documentation you will have all information and related files and exampl **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** Loading Loading @@ -501,20 +539,24 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context 4. Update Security Context as Provider **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker: 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. 3. Update Security Context of Invoker by Provider: 4. Update Security Context of Invoker by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update** * body [service security body] but with notification destination modified to **http://robot.testing2** * Using **AEF Certificate** Loading Loading @@ -545,14 +587,18 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register Provider at CCF 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 2. Update Security Context as Provider **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Update Security Context of Invoker by Provider: 3. Update Security Context of Invoker by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update** * body [service security body] * Using **AEF Certificate** Loading Loading @@ -583,13 +629,18 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Update Security Context 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Update Security Context **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Update Security Context of Invoker: 3. Update Security Context of Invoker: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update** * body [service security body] * Using **Invoker Certificate**. Loading Loading @@ -620,7 +671,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context by Invoker 4. Revoke Security Context by Provider 5. Retrieve Security Context by Provider Loading @@ -629,17 +680,22 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context By Invoker: 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context By Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate** 3. Revoke Authorization by Provider: 4. Revoke Authorization by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] * Using **AEF Certificate**. 4. Retrieve Security Context by Provider: 5. Retrieve Security Context by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **AEF Certificate**. Loading Loading @@ -672,7 +728,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context 4. Revoke Security Context by invoker 5. Retrieve Security Context Loading @@ -681,17 +737,22 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker: 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. 3. Revoke Authorization by invoker: 4. Revoke Authorization by invoker: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] * Using **Invoker Certificate** 4. Retrieve Security Context of Invoker by Provider: 5. Retrieve Security Context of Invoker by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using Provider Certificate Loading Loading @@ -726,7 +787,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context 4. Revoke Security Context by Provider 5. Retrieve Security Context Loading @@ -734,18 +795,22 @@ At this documentation you will have all information and related files and exampl **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker: 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. 3. Revoke Authorization by Provider: 4. Revoke Authorization by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/delete** * body [security notification body] * Using **AEF Certificate**. 4. Retrieve Security Context of Invoker by Provider: 5. Retrieve Security Context of Invoker by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}?authenticationInfo=true&authorizationInfo=true** * This request will ask with parameter to retrieve authenticationInfo and authorizationInfo * Using **AEF Certificate**. Loading @@ -768,7 +833,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 19: Retrieve access token **Test ID**:: ***capif_security_api-19*** **Test ID**:: ***capif_security_api-19***, ***smoke*** **Description**: Loading Loading @@ -1285,5 +1350,6 @@ At this documentation you will have all information and related files and exampl [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding" [provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration" [service api description]: ../api_publish_service/service_api_description_post_example.json "Service API Description Request" Loading
doc/releasenotes.md +14 −1 Original line number Diff line number Diff line Loading @@ -23,7 +23,7 @@ The startup scripts of the ***Invoker Management Service***, ***Provider Managem This will also helps on the restart issue on k8s deployed OpenCAPIF. ### Dynamic configurations #### Dynamic configurations - Add new collection in CAPIF mongo with the init configuration. - New endpoints in Helper to manage the CAPIF configuration. - Add new collection in Register mongo with the init configuration. Loading @@ -31,6 +31,19 @@ This will also helps on the restart issue on k8s deployed OpenCAPIF. - Documentation about Dynamic Configuration. - Documentation about Helper and Register swaggers. ### **Documentation** #### Improvements over documentation - New [Event Filter section](./event-filter/event-filter.md) - New [Vendor Extensibility section](./vendor-ext/vendor-ext.md) - New [API Status section](./api-status/api-status.md) - New [Dynamic Configuration section](./configuration/configuration.md) #### Testplan - New tests related with [Api Status Feature](./testing/testplan/api_status/README.md). - New tests related with [Event Filter Feature](./testing/testplan/event_filter/README.md). - New tests related with [Vendor Extensibility](./testing/testplan/vendor_extensibility/README.md) - [Security Service Testplan](./testing/testplan/api_security_service/README.md) updated according to new features and Technical debts. ## **Release 2.0.0** Loading
doc/testing/testplan/api_security_service/README.md +121 −55 Original line number Diff line number Diff line Loading @@ -16,15 +16,19 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Store signed Certificate 3. Create Security Context 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 4. Create Security Context **Information of Test**: 1. Perform [Invoker Onboarding] 2. Create Security Context for this Invoker 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this Invoker * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * body [service security body] with aefId and apiId * Use **Invoker Certificate** **Expected Result**: Loading @@ -49,15 +53,18 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 1. Register and onboard Invoker at CCF. 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker but using Provider certificate. 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this Invoker but using Provider certificate. * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **AEF Certificate** Loading Loading @@ -90,13 +97,17 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register Provider at CCF 2. Create Security Context using Provider certificate 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate **Information of Test**: 1. Perform [Provider Registration] 2. Create Security Context for this not valid apiInvokerId and using Provider certificate. 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this not valid apiInvokerId and using Provider certificate. * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * body [service security body] * Using **AEF Certificate** Loading Loading @@ -128,13 +139,17 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Create Security Context using Provider certificate 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate **Information of Test**: 1. Perform [Invoker Onboarding] 2. Create Security Context for this Invoker: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * body [service security body] * Use **Invoker Certificate** Loading @@ -154,7 +169,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 5: Retrieve the Security Context of an API Invoker **Test ID**:: ***capif_security_api-5*** **Test ID**:: ***capif_security_api-5***, ***smoke*** **Description**: Loading @@ -167,13 +182,17 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate 4. Retrieve Security Context by Provider **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker. * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** Loading Loading @@ -205,13 +224,18 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 2. Register Provider at CCF 1. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate 4. Retrieve Security Context by Provider of invalid invoker **Information of Test**: 1. Perform [Provider Registration] 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Retrieve Security Context of invalid Invoker by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** Loading Loading @@ -243,9 +267,10 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Store signed Certificate 3. Create Security Context 4. Retrieve Security Context as Provider. 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Store signed Certificate 4. Create Security Context 5. Retrieve Security Context as Provider. **Information of Test**: Loading Loading @@ -273,7 +298,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 8: Delete the Security Context of an API Invoker **Test ID**:: ***capif_security_api-8*** **Test ID**:: ***capif_security_api-8***, ***smoke*** **Description**: Loading @@ -286,24 +311,28 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate 4. Delete Security Context by Provider **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker but using Provider certificate. 3. Create Security Context for this Invoker but using Provider certificate. * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **AEF Certificate** 3. Delete Security Context of Invoker by Provider: 4. Delete Security Context of Invoker by Provider: * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Use **AEF Certificate** 4. Retrieve Security Context of Invoker by Provider: 5. Retrieve Security Context of Invoker by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **AEF Certificate** Loading Loading @@ -336,19 +365,24 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register Provider at CCF 2. Create Security Context using Provider certificate 3. Delete Security Context by Invoker 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context using Provider certificate 4. Delete Security Context by Invoker **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker: 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate** 3. Delete Security Context of Invoker: 4. Delete Security Context of Invoker: * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Use **Invoker Certificate** Loading Loading @@ -437,7 +471,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 12: Update the Security Context of an API Invoker **Test ID**:: ***capif_security_api-12*** **Test ID**:: ***capif_security_api-12***, ***smoke*** **Description**: Loading @@ -450,7 +484,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context By Invoker 4. Update Security Context By Invoker 5. Retrieve Security Context By Provider Loading @@ -458,6 +492,10 @@ At this documentation you will have all information and related files and exampl **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** Loading Loading @@ -501,20 +539,24 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context 4. Update Security Context as Provider **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker: 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. 3. Update Security Context of Invoker by Provider: 4. Update Security Context of Invoker by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update** * body [service security body] but with notification destination modified to **http://robot.testing2** * Using **AEF Certificate** Loading Loading @@ -545,14 +587,18 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register Provider at CCF 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 2. Update Security Context as Provider **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Update Security Context of Invoker by Provider: 3. Update Security Context of Invoker by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update** * body [service security body] * Using **AEF Certificate** Loading Loading @@ -583,13 +629,18 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Update Security Context 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Update Security Context **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Update Security Context of Invoker: 3. Update Security Context of Invoker: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update** * body [service security body] * Using **Invoker Certificate**. Loading Loading @@ -620,7 +671,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context by Invoker 4. Revoke Security Context by Provider 5. Retrieve Security Context by Provider Loading @@ -629,17 +680,22 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context By Invoker: 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context By Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate** 3. Revoke Authorization by Provider: 4. Revoke Authorization by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] * Using **AEF Certificate**. 4. Retrieve Security Context by Provider: 5. Retrieve Security Context by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **AEF Certificate**. Loading Loading @@ -672,7 +728,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context 4. Revoke Security Context by invoker 5. Retrieve Security Context Loading @@ -681,17 +737,22 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker: 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. 3. Revoke Authorization by invoker: 4. Revoke Authorization by invoker: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] * Using **Invoker Certificate** 4. Retrieve Security Context of Invoker by Provider: 5. Retrieve Security Context of Invoker by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using Provider Certificate Loading Loading @@ -726,7 +787,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF. 3. Create Security Context 4. Revoke Security Context by Provider 5. Retrieve Security Context Loading @@ -734,18 +795,22 @@ At this documentation you will have all information and related files and exampl **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Use **APF Certificate** 2. Create Security Context for this Invoker: 3. Create Security Context for this Invoker: * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. 3. Revoke Authorization by Provider: 4. Revoke Authorization by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/delete** * body [security notification body] * Using **AEF Certificate**. 4. Retrieve Security Context of Invoker by Provider: 5. Retrieve Security Context of Invoker by Provider: * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}?authenticationInfo=true&authorizationInfo=true** * This request will ask with parameter to retrieve authenticationInfo and authorizationInfo * Using **AEF Certificate**. Loading @@ -768,7 +833,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 19: Retrieve access token **Test ID**:: ***capif_security_api-19*** **Test ID**:: ***capif_security_api-19***, ***smoke*** **Description**: Loading Loading @@ -1285,5 +1350,6 @@ At this documentation you will have all information and related files and exampl [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding" [provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration" [service api description]: ../api_publish_service/service_api_description_post_example.json "Service API Description Request"
