Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • ocf/documentation
1 result
Show changes
Commits on Source (2)
Hide whitespace changes
Inline Side-by-side
doc/releasenotes.md
View file @ 2df24923
......@@ -23,7 +23,7 @@ The startup scripts of the ***Invoker Management Service***, ***Provider Managem
This will also helps on the restart issue on k8s deployed OpenCAPIF.
### Dynamic configurations
#### Dynamic configurations
- Add new collection in CAPIF mongo with the init configuration.
- New endpoints in Helper to manage the CAPIF configuration.
- Add new collection in Register mongo with the init configuration.
......@@ -31,6 +31,19 @@ This will also helps on the restart issue on k8s deployed OpenCAPIF.
- Documentation about Dynamic Configuration.
- Documentation about Helper and Register swaggers.
### **Documentation**
#### Improvements over documentation
- New [Event Filter section](./event-filter/event-filter.md)
- New [Vendor Extensibility section](./vendor-ext/vendor-ext.md)
- New [API Status section](./api-status/api-status.md)
- New [Dynamic Configuration section](./configuration/configuration.md)
#### Testplan
- New tests related with [Api Status Feature](./testing/testplan/api_status/README.md).
- New tests related with [Event Filter Feature](./testing/testplan/event_filter/README.md).
- New tests related with [Vendor Extensibility](./testing/testplan/vendor_extensibility/README.md)
- [Security Service Testplan](./testing/testplan/api_security_service/README.md) updated according to new features and Technical debts.
## **Release 2.0.0**
......
doc/testing/testplan/api_security_service/README.md
View file @ 2df24923
......@@ -16,15 +16,19 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Store signed Certificate
3. Create Security Context
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
4. Create Security Context
**Information of Test**:
1. Perform [Invoker Onboarding]
2. Create Security Context for this Invoker
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
3. Create Security Context for this Invoker
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* body [service security body] with aefId and apiId
* Use **Invoker Certificate**
**Expected Result**:
......@@ -49,15 +53,18 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
1. Register and onboard Invoker at CCF.
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context using Provider certificate
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Create Security Context for this Invoker but using Provider certificate.
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
3. Create Security Context for this Invoker but using Provider certificate.
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **AEF Certificate**
......@@ -90,13 +97,17 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register Provider at CCF
2. Create Security Context using Provider certificate
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context using Provider certificate
**Information of Test**:
1. Perform [Provider Registration]
2. Create Security Context for this not valid apiInvokerId and using Provider certificate.
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
3. Create Security Context for this not valid apiInvokerId and using Provider certificate.
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
* body [service security body]
* Using **AEF Certificate**
......@@ -128,13 +139,17 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Create Security Context using Provider certificate
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context using Provider certificate
**Information of Test**:
1. Perform [Invoker Onboarding]
2. Create Security Context for this Invoker:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
3. Create Security Context for this Invoker:
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
* body [service security body]
* Use **Invoker Certificate**
......@@ -154,7 +169,7 @@ At this documentation you will have all information and related files and exampl
## Test Case 5: Retrieve the Security Context of an API Invoker
**Test ID**:: ***capif_security_api-5***
**Test ID**:: ***capif_security_api-5***, ***smoke***
**Description**:
......@@ -167,13 +182,17 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context using Provider certificate
4. Retrieve Security Context by Provider
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Create Security Context for this Invoker.
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
......@@ -205,13 +224,18 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
2. Register Provider at CCF
1. Register Provider at CCF
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context using Provider certificate
4. Retrieve Security Context by Provider of invalid invoker
**Information of Test**:
1. Perform [Provider Registration]
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Retrieve Security Context of invalid Invoker by Provider:
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
......@@ -243,9 +267,10 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Store signed Certificate
3. Create Security Context
4. Retrieve Security Context as Provider.
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Store signed Certificate
4. Create Security Context
5. Retrieve Security Context as Provider.
**Information of Test**:
......@@ -273,7 +298,7 @@ At this documentation you will have all information and related files and exampl
## Test Case 8: Delete the Security Context of an API Invoker
**Test ID**:: ***capif_security_api-8***
**Test ID**:: ***capif_security_api-8***, ***smoke***
**Description**:
......@@ -286,24 +311,28 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context using Provider certificate
4. Delete Security Context by Provider
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Create Security Context for this Invoker but using Provider certificate.
3. Create Security Context for this Invoker but using Provider certificate.
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **AEF Certificate**
3. Delete Security Context of Invoker by Provider:
4. Delete Security Context of Invoker by Provider:
* Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Use **AEF Certificate**
4. Retrieve Security Context of Invoker by Provider:
5. Retrieve Security Context of Invoker by Provider:
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate**
......@@ -336,19 +365,24 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register Provider at CCF
2. Create Security Context using Provider certificate
3. Delete Security Context by Invoker
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context using Provider certificate
4. Delete Security Context by Invoker
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Create Security Context for this Invoker:
3. Create Security Context for this Invoker:
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**
3. Delete Security Context of Invoker:
4. Delete Security Context of Invoker:
* Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Use **Invoker Certificate**
......@@ -437,7 +471,7 @@ At this documentation you will have all information and related files and exampl
## Test Case 12: Update the Security Context of an API Invoker
**Test ID**:: ***capif_security_api-12***
**Test ID**:: ***capif_security_api-12***, ***smoke***
**Description**:
......@@ -450,7 +484,7 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context By Invoker
4. Update Security Context By Invoker
5. Retrieve Security Context By Provider
......@@ -458,6 +492,10 @@ At this documentation you will have all information and related files and exampl
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Create Security Context for this Invoker:
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
......@@ -501,20 +539,24 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context
4. Update Security Context as Provider
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Create Security Context for this Invoker:
3. Create Security Context for this Invoker:
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**.
3. Update Security Context of Invoker by Provider:
4. Update Security Context of Invoker by Provider:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update**
* body [service security body] but with notification destination modified to **http://robot.testing2**
* Using **AEF Certificate**
......@@ -545,14 +587,18 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register Provider at CCF
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
2. Update Security Context as Provider
**Information of Test**:
1. Perform [Provider Registration]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Update Security Context of Invoker by Provider:
3. Update Security Context of Invoker by Provider:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update**
* body [service security body]
* Using **AEF Certificate**
......@@ -583,13 +629,18 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Update Security Context
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Update Security Context
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Update Security Context of Invoker:
3. Update Security Context of Invoker:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update**
* body [service security body]
* Using **Invoker Certificate**.
......@@ -620,7 +671,7 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context by Invoker
4. Revoke Security Context by Provider
5. Retrieve Security Context by Provider
......@@ -629,17 +680,22 @@ At this documentation you will have all information and related files and exampl
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Create Security Context By Invoker:
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
3. Create Security Context By Invoker:
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**
3. Revoke Authorization by Provider:
4. Revoke Authorization by Provider:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete**
* body [security notification body]
* Using **AEF Certificate**.
4. Retrieve Security Context by Provider:
5. Retrieve Security Context by Provider:
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate**.
......@@ -672,7 +728,7 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context
4. Revoke Security Context by invoker
5. Retrieve Security Context
......@@ -681,17 +737,22 @@ At this documentation you will have all information and related files and exampl
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Create Security Context for this Invoker:
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
3. Create Security Context for this Invoker:
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**.
3. Revoke Authorization by invoker:
4. Revoke Authorization by invoker:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete**
* body [security notification body]
* Using **Invoker Certificate**
4. Retrieve Security Context of Invoker by Provider:
5. Retrieve Security Context of Invoker by Provider:
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using Provider Certificate
......@@ -726,7 +787,7 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
2. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF.
3. Create Security Context
4. Revoke Security Context by Provider
5. Retrieve Security Context
......@@ -734,18 +795,22 @@ At this documentation you will have all information and related files and exampl
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
* Use **APF Certificate**
2. Create Security Context for this Invoker:
3. Create Security Context for this Invoker:
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**.
3. Revoke Authorization by Provider:
4. Revoke Authorization by Provider:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/delete**
* body [security notification body]
* Using **AEF Certificate**.
4. Retrieve Security Context of Invoker by Provider:
5. Retrieve Security Context of Invoker by Provider:
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}?authenticationInfo=true&authorizationInfo=true**
* This request will ask with parameter to retrieve authenticationInfo and authorizationInfo
* Using **AEF Certificate**.
......@@ -768,7 +833,7 @@ At this documentation you will have all information and related files and exampl
## Test Case 19: Retrieve access token
**Test ID**:: ***capif_security_api-19***
**Test ID**:: ***capif_security_api-19***, ***smoke***
**Description**:
......@@ -1285,5 +1350,6 @@ At this documentation you will have all information and related files and exampl
[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
[provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration"
[service api description]: ../api_publish_service/service_api_description_post_example.json "Service API Description Request"