From 6e39301173e15feeb093c9a09c87dcd239ee11f9 Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Thu, 20 Jun 2024 14:54:43 +0200 Subject: [PATCH 1/9] Updated Events and acl tests --- .../api_access_control_policy/README.md | 590 +++++++++--------- .../testplan/api_events_service/README.md | 1 + 2 files changed, 296 insertions(+), 295 deletions(-) diff --git a/doc/testing/testplan/api_access_control_policy/README.md b/doc/testing/testplan/api_access_control_policy/README.md index 6233bad..8b22103 100644 --- a/doc/testing/testplan/api_access_control_policy/README.md +++ b/doc/testing/testplan/api_access_control_policy/README.md @@ -14,43 +14,43 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}* - * Use *serviceApiId* and *aefId* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. ACL Response: 1. **200 OK** Response. 2. body returned must accomplish **AccessControlPolicyList** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: 1. contain only one object. 2. apiInvokerId must match apiInvokerId registered previously. @@ -68,55 +68,55 @@ At this documentation you will have all information and related files and exampl * API Provider had two Service API Published on CAPIF * API Invoker had a Security Context for both Service APIs published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** and **service_2** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information for **service_1**. + 7. Provider Get ACL information for **service_2**. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_2 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_2** + * Store **serviceApiId** + * Use **APF Certificate** 4. Perform [Invoker Onboarding] store apiInvokerId 5. Discover published APIs 6. Create Security Context for this Invoker for both published APIs - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** - 7. Provider Retrieve ACL for serviceApiId1 - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}* - * Use *serviceApiId* and *aefId* - * Use AEF Provider Certificate + 7. Provider Retrieve ACL for **serviceApiId1** + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** + * Use **AEF Provider Certificate** 8. Provider Retrieve ACL for serviceApiId2 - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId2}?aef-id=${aef_id}* - * Use *serviceApiId* and *aefId* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId2}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 and service_2 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information for service_1. - 7. Provider Get ACL information for service_2. - **Expected Result**: 1. ACL Response: 1. **200 OK** Response. 2. body returned must accomplish **AccessControlPolicyList** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: 1. contain one object. 2. apiInvokerId must match apiInvokerId registered previously. @@ -133,47 +133,47 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * Two API Invokers had a Security Context for same Service API published by provider. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** and **service_2** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker for both published APIs - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Repeat previous 3 steps in order to have a new Invoker. 7. Provider Retrieve ACL for serviceApiId - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}* - * Use *serviceApiId* and *aefId* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 and service_2 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. ACL Response: 1. **200 OK** Response. 2. body returned must accomplish **AccessControlPolicyList** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: 1. Contain two objects. - 2. One object must match with apiInvokerId1 and the other one with apiInvokerId2 an registered previously. + 2. One object must match with **apiInvokerId1** and the other one with **apiInvokerId2** an registered previously. ## Test Case 4: Retrieve ACL filtered by api-invoker-id @@ -188,60 +188,60 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * Two API Invokers had a Security Context for same Service API published by provider. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** and **service_2** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information with query parameter indicating first api-invoker-id. + 7. Provider Get ACL information with query parameter indicating second api-invoker-id. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** - 4. Perform [Invoker Onboarding] store apiInvokerId - 6. Discover published APIs - 7. Create Security Context for this Invoker for both published APIs - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + 3. Perform [Invoker Onboarding] store apiInvokerId + 4. Discover published APIs + 5. Create Security Context for this Invoker for both published APIs + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** - 8. Repeat previous 3 steps in order to have a new Invoker. + 6. Repeat previous 3 steps in order to have a new Invoker. - 9. Provider Retrieve ACL for serviceApiId - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}&api-invoker-id={apiInvokerId1}* - * Use *serviceApiId*, *aefId* and apiInvokerId1 - * Use AEF Provider Certificate + 7. Provider Retrieve ACL for **serviceApiId1** + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}&api-invoker-id={apiInvokerId1}** + * Use **serviceApiId**, **aefId** and **apiInvokerId1** + * Use **AEF Provider Certificate** - 10. Provider Retrieve ACL for serviceApiId - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}&api-invoker-id={apiInvokerId2}* - * Use *serviceApiId*, *aefId* and apiInvokerId2 - * Use AEF Provider Certificate + 8. Provider Retrieve ACL for **serviceApiId2** + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}&api-invoker-id={apiInvokerId2}** + * Use **serviceApiId**, **aefId** and **apiInvokerId2** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 and service_2 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information with query parameter indicating first api-invoker-id. - 7. Provider Get ACL information with query parameter indicating second api-invoker-id. - **Expected Result**: 1. ACL Response: 1. **200 OK** Response. 2. body returned must accomplish **AccessControlPolicyList** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: 1. Contain one objects. - 2. Object must match with apiInvokerId1. + 2. Object must match with **apiInvokerId1**. 2. ACL Response: 1. **200 OK** Response. 2. body returned must accomplish **AccessControlPolicyList** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: 1. Contain one objects. - 2. Object must match with apiInvokerId2. + 2. Object must match with **apiInvokerId2**. ## Test Case 5: Retrieve ACL filtered by supported-features @@ -258,58 +258,58 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * Two API Invokers had a Security Context for same Service API published by provider. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** and **service_2** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information with query parameter indicating first supported-features. + 7. Provider Get ACL information with query parameter indicating second supported-features. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker for both published APIs - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Repeat previous 3 steps in order to have a new Invoker. 7. Provider Retrieve ACL for serviceApiId - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}&supported-features={apiInvokerId1}* - * Use *serviceApiId*, *aefId* and apiInvokerId1 - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}&supported-features={apiInvokerId1}** + * Use **serviceApiId**, **aefId** and **apiInvokerId1** + * Use **AEF Provider Certificate** 8. Provider Retrieve ACL for serviceApiId - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}&supported-features={apiInvokerId2}* - * Use *serviceApiId*, *aefId* and apiInvokerId2 - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId1}?aef-id=${aef_id}&supported-features={apiInvokerId2}** + * Use **serviceApiId**, **aefId** and **apiInvokerId2** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 and service_2 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information with query parameter indicating first supported-features. - 7. Provider Get ACL information with query parameter indicating second supported-features. - **Expected Result**: 1. ACL Response: 1. **200 OK** Response. 2. body returned must accomplish **AccessControlPolicyList** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: 1. Contain one objects. 2. Object must match with supportedFeatures1. 2. ACL Response: 1. **200 OK** Response. 2. body returned must accomplish **AccessControlPolicyList** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: 1. Contain one objects. 2. Object must match with supportedFeatures1. @@ -327,43 +327,43 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${AEF_ID_NOT_VALID}* - * Use *serviceApiId* and *AEF_ID_NOT_VALID* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${AEF_ID_NOT_VALID}** + * Use **serviceApiId** and **AEF_ID_NOT_VALID** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. ACL Response: 1. **404 Not Found** Response. 2. body returned must accomplish **Problem Details** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: * status **404** * title with message "Not Found" * detail with message "No ACLs found for the requested service: {service_api_id}, aef_id: {aef_id}, invoker: {api_invoker_id} and supportedFeatures: {supported_features}". @@ -383,43 +383,43 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${NOT_VALID_SERVICE_API_ID}?aef-id=${aef_id}* - * Use *NOT_VALID_SERVICE_API_ID* and *aef_id* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${NOT_VALID_SERVICE_API_ID}?aef-id=${aef_id}** + * Use **NOT_VALID_SERVICE_API_ID** and **aef_id** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. ACL Response: 1. **404 Not Found** Response. 2. body returned must accomplish **Problem Details** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: * status **404** * title with message "Not Found" * detail with message "No ACLs found for the requested service: {service_api_id}, aef_id: {aef_id}, invoker: {api_invoker_id} and supportedFeatures: {supported_features}". @@ -438,43 +438,43 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${NOT_VALID_SERVICE_API_ID}?aef-id=${AEF_ID_NOT_VALID}* - * Use *NOT_VALID_SERVICE_API_ID* and *aef_id* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${NOT_VALID_SERVICE_API_ID}?aef-id=${AEF_ID_NOT_VALID}** + * Use **NOT_VALID_SERVICE_API_ID** and **aef_id** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. ACL Response: 1. **404 Not Found** Response. 2. body returned must accomplish **Problem Details** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: * status **404** * title with message "Not Found" * detail with message "No ACLs found for the requested service: {NOT_VALID_SERVICE_API_ID}, aef_id: {AEF_ID_NOT_VALID}, invoker: {api_invoker_id} and supportedFeatures: {supported_features}". @@ -494,39 +494,39 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * API Invoker created but no Security Context for Service API published had been requested. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}* - * Use *serviceApiId* and *aefId* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. ACL Response: 1. **404 Not Found** Response. 2. body returned must accomplish **Problem Details** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: * status **404** * title with message "Not Found" * detail with message "No ACLs found for the requested service: {NOT_VALID_SERVICE_API_ID}, aef_id: {AEF_ID_NOT_VALID}, invoker: {api_invoker_id} and supportedFeatures: {supported_features}". @@ -545,43 +545,43 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}&api-invoker-id={NOT_VALID_API_INVOKER_ID}* - * Use *serviceApiId*, *aefId* and *NOT_VALID_API_INVOKER_ID* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}&api-invoker-id={NOT_VALID_API_INVOKER_ID}** + * Use **serviceApiId**, **aefId** and **NOT_VALID_API_INVOKER_ID** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. ACL Response: 1. **404 Not Found** Response. 2. body returned must accomplish **Problem Details** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: * status **404** * title with message "Not Found" * detail with message "No ACLs found for the requested service: {NOT_VALID_SERVICE_API_ID}, aef_id: {AEF_ID_NOT_VALID}, invoker: {api_invoker_id} and supportedFeatures: {supported_features}". @@ -593,44 +593,44 @@ At this documentation you will have all information and related files and exampl **Description**: - This test case will check that an API Provider can't retrieve ACL from CAPIF using APF Certificate + This test case will check that an API Provider can't retrieve ACL from CAPIF using **APF Certificate** **Pre-Conditions**: * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}* - * Use *serviceApiId* and *aefId* + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** * Use APF Provider Certificate -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. Response to Logging Service must accomplish: @@ -654,37 +654,37 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}* - * Use *serviceApiId* and *aefId* + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** * Use AMF Provider Certificate -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. - **Expected Result**: 1. Response to Logging Service must accomplish: @@ -701,43 +701,43 @@ At this documentation you will have all information and related files and exampl **Description**: - This test case will check that an API Provider can't retrieve ACL from CAPIF using Invoker Certificate + This test case will check that an API Provider can't retrieve ACL from CAPIF using **Invoker Certificate** **Pre-Conditions**: * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}* - * Use *serviceApiId* and *aefId* - * Use Invoker Certificate - -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information. + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** + * Use **Invoker Certificate** **Expected Result**: @@ -762,56 +762,56 @@ At this documentation you will have all information and related files and exampl * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published and ACL is present +**Execution Steps**: + + 1. Register and onboard Provider at CCF. + 2. Publish a provider API with name **service_1** + 3. Register and onboard Invoker at CCF + 4. Store signed Certificate + 5. Create Security Context + 6. Provider Get ACL information of invoker. + 7. Remove Invoker from CAPIF. + 8. Provider Get ACL information of invoker. + **Information of Test**: 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Store *serviceApiId* - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 6. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}&api-invoker-id={api-invoker-id}* - * Use *serviceApiId*, *aefId* and *api-invoker-id* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}&api-invoker-id={api-invoker-id}** + * Use **serviceApiId**, **aefId** and **api-invoker-id** + * Use **AEF Provider Certificate** 7. Remove Invoker from CAPIF 8. Provider Retrieve ACL - * Send GET *https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}&api-invoker-id={api-invoker-id}* - * Use *serviceApiId*, *aefId* and *api-invoker-id* - * Use AEF Provider Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}&api-invoker-id={api-invoker-id}** + * Use **serviceApiId**, **aefId** and **api-invoker-id** + * Use **AEF Provider Certificate** -**Execution Steps**: - - 1. Register and onboard Provider at CCF. - 2. Publish a provider API with name service_1 - 3. Register and onboard Invoker at CCF - 4. Store signed Certificate - 5. Create Security Context - 6. Provider Get ACL information of invoker. - 7. Remove Invoker from CAPIF. - 8. Provider Get ACL information of invoker. - **Expected Result**: 1. ACL Response: 1. **200 OK** Response. 2. body returned must accomplish **AccessControlPolicyList** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: 1. contain only one object. 2. apiInvokerId must match apiInvokerId registered previously. 2. ACL Response: 1. **404 Not Found** Response. 2. body returned must accomplish **Problem Details** data structure. - 3. apiInvokerPolicies must: + 3. **apiInvokerPolicies** must: * status **404** * title with message "Not Found" * detail with message "No ACLs found for the requested service: {NOT_VALID_SERVICE_API_ID}, aef_id: {AEF_ID_NOT_VALID}, invoker: None and supportedFeatures: None". diff --git a/doc/testing/testplan/api_events_service/README.md b/doc/testing/testplan/api_events_service/README.md index 91ef445..891a7e9 100644 --- a/doc/testing/testplan/api_events_service/README.md +++ b/doc/testing/testplan/api_events_service/README.md @@ -9,6 +9,7 @@ At this documentation you will have all information and related files and exampl **Description**: This test case will check that a CAPIF subscriber (Invoker or Publisher) can Subscribe to Events + **Pre-Conditions**: * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) -- GitLab From e51a6044402738ea888c5b3cf94c6aee7fb36e2d Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Thu, 20 Jun 2024 15:39:17 +0200 Subject: [PATCH 2/9] Updated bold texts and some other minor standarization issues with tests plan --- .../testplan/api_auditing_service/README.md | 126 +++---- .../testplan/api_discover_service/README.md | 114 +++---- .../testplan/api_events_service/README.md | 30 +- .../testplan/api_invoker_management/README.md | 30 +- .../testplan/api_logging_service/README.md | 54 +-- .../api_provider_management/README.md | 38 +-- .../testplan/api_publish_service/README.md | 190 +++++------ .../testplan/api_security_service/README.md | 314 +++++++++--------- .../testplan/common_operations/README.md | 10 +- 9 files changed, 453 insertions(+), 453 deletions(-) diff --git a/doc/testing/testplan/api_auditing_service/README.md b/doc/testing/testplan/api_auditing_service/README.md index 8b856af..0588e8e 100644 --- a/doc/testing/testplan/api_auditing_service/README.md +++ b/doc/testing/testplan/api_auditing_service/README.md @@ -16,29 +16,29 @@ At this documentation you will have all information and related files and exampl * Invoker exist in CAPIF * Log Entry exist in CAPIF +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + 4. Get Log Entry + **Information of Test**: 1. Perform [provider onboarding], [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Create Log Entry: - - Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs* + - Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** - body [log entry request body] - - Use AEF Certificate + - Use **AEF Certificate** 4. Get Log: - 1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}* - 2. Use AMF Certificate - -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - 4. Get Log Entry + 1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}** + 2. Use **AMF Certificate** **Expected Result**: @@ -63,23 +63,23 @@ At this documentation you will have all information and related files and exampl * Service exist in CAPIF * Invoker exist in CAPIF +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Get Log Entry + **Information of Test**: 1. Perform [provider onboarding], [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate - - 4. Get Log: - 1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}* - 2. Use AMF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Get Log Entry + 3. Get Log: + 1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}** + 2. Use **AMF Certificate** **Expected Result**: @@ -106,29 +106,29 @@ At this documentation you will have all information and related files and exampl * Invoker exist in CAPIF * Log Entry exist in CAPIF +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + 4. Get Log Entry + **Information of Test**: 1. Perform [provider onboarding], [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Create Log Entry: - - Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs* + - Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** - body [log entry request body] - - Use AEF Certificate + - Use **AEF Certificate** 4. Get Log: - 1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs - 2. Use AMF Certificate - -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - 4. Get Log Entry + 1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs** + 2. Use **AMF Certificate** **Expected Result**: @@ -156,29 +156,29 @@ At this documentation you will have all information and related files and exampl * Invoker exist in CAPIF * Log Entry exist in CAPIF +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + 4. Get Log Entry + **Information of Test**: 1. Perform [provider onboarding], [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Create Log Entry: - - Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs* + - Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** - body [log entry request body] - - Use AEF Certificate + - Use **AEF Certificate** 4. Get Log: - 1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}&api-version={v1}* - 2. Use AMF Certificate - -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - 4. Get Log Entry + 1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}&api-version={v1}** + 2. Use **AMF Certificate** **Expected Result**: @@ -205,29 +205,29 @@ At this documentation you will have all information and related files and exampl * Invoker exist in CAPIF * Log Entry exist in CAPIF +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + 4. Get Log Entry + **Information of Test**: 1. Perform [provider onboarding], [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Create Log Entry: - - Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs* + - Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** - body [log entry request body] - - Use AEF Certificate + - Use **AEF Certificate** 4. Get Log: - 1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}&api-version={v58}* - 2. Use AMF Certificate - -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - 4. Get Log Entry + 1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}&api-version={v58}** + 2. Use **AMF Certificate** **Expected Result**: diff --git a/doc/testing/testplan/api_discover_service/README.md b/doc/testing/testplan/api_discover_service/README.md index aaef9ab..7aa1d84 100644 --- a/doc/testing/testplan/api_discover_service/README.md +++ b/doc/testing/testplan/api_discover_service/README.md @@ -19,13 +19,13 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs: - * Send GET to *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Use Invoker Certificate + * Use **Invoker Certificate** **Execution Steps**: @@ -39,14 +39,14 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Response to Onboard request must accomplish: 1. **201 Created** 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 3. Response to Discover Request By Invoker: 1. **200 OK** response. 2. Response body must follow **DiscoveredAPIs** data structure: @@ -69,13 +69,13 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs by no invoker entity: - * Send GET to *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Use not Invoker Certificate + * Use not **Invoker Certificate** **Execution Steps**: @@ -89,14 +89,14 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Response to Onboard request must accomplish: 1. **201 Created** 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 3. Response to Discover Request By no invoker entity: 1. **401 Unauthorized** @@ -123,13 +123,13 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs with not valid apiInvoker: - * Send GET to *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={INVOKER_NOT_REGISTERED}* + * Send **GET** to **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={INVOKER_NOT_REGISTERED}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** **Execution Steps**: @@ -143,14 +143,14 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Response to Onboard request must accomplish: 1. **201 Created** 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 3. Response to Discover Request By Invoker: 1. **404 Not Found** @@ -179,25 +179,25 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_2 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_2** + * Use **APF Certificate** 4. Request Discover Published APIs filtering by api-name: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}&api-name=service_1* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}&api-name=**service_1** * Param api-invoker-id is mandatory - * Using invoker certificate - * filter by api-name service_1 + * Using **Invoker Certificate** + * filter by api-name **service_1** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 and service_2 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF 2. Register Invoker and Onboard Invoker at CCF 3. Discover Service APIs by Invoker. - 4. Discover filtered by api-name service_1 Service APIs by Invoker + 4. Discover filtered by api-name **service_1** Service APIs by Invoker **Expected Result**: @@ -205,13 +205,13 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Response to Onboard request must accomplish: 1. **201 Created** 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 3. Response to Discover Request By Invoker: 1. **200 OK** response. 2. Response body must follow **DiscoveredAPIs** data structure: @@ -219,7 +219,7 @@ At this documentation you will have all information and related files and exampl 4. Response to Discover Request By Invoker: 1. **200 OK** response. 2. Response body must follow **DiscoveredAPIs** data structure: - * Check if DiscoveredAPIs contains only Service API published with api-name service_1 + * Check if DiscoveredAPIs contains only Service API published with api-name **service_1** ## Test Case 5: Discover Published service APIs by registered API Invoker filtered with no match @@ -240,22 +240,22 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_2 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_2** + * Use **APF Certificate** 4. Request Discover Published APIs filtering by api-name not published: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}&api-name=NOT_VALID_NAME* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}&api-name=NOT_VALID_NAME** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** * filter by api-name NOT_VALID_NAME **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 and service_2 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF 2. Register Invoker and Onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Discover filtered by api-name not published Service APIs by Invoker @@ -266,13 +266,13 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Response to Onboard request must accomplish: 1. **201 Created** 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 3. Response to Discover Request By Invoker: 1. **200 OK** response. 2. Response body must follow **DiscoveredAPIs** data structure: @@ -304,21 +304,21 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_2 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_2** + * Use **APF Certificate** 4. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 and service_2 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF 2. Register Invoker and Onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Discover without filter by Invoker @@ -329,14 +329,14 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Response to Onboard request must accomplish: 1. **201 Created** 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 3. Response to Discover Request By Invoker: 1. **200 OK** response. diff --git a/doc/testing/testplan/api_events_service/README.md b/doc/testing/testplan/api_events_service/README.md index 891a7e9..c70903e 100644 --- a/doc/testing/testplan/api_events_service/README.md +++ b/doc/testing/testplan/api_events_service/README.md @@ -189,7 +189,7 @@ At this documentation you will have all information and related files and exampl 2. Response to Event Subscription must accomplish: 1. 201 Created - 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: *{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId} + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}** 3. Response Body must follow **EventSubscription** data structure. 3. Event Subscriptions are stored in CAPIF Database @@ -226,12 +226,12 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Event Subscription: - 1. Send **POST** to https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** 2. body [event subscription request body] 3. Use **Invoker Certificate** 3. Remove Event Subcription with not valid subscriber: - 1. Send **DELETE** to to https://{CAPIF_HOSTNAME}/capif-events/v1/{subcriberId}/subscriptions/{SUBSCRIPTION_ID_NOT_VALID} + 1. Send **DELETE** to to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subcriberId}/subscriptions/{SUBSCRIPTION_ID_NOT_VALID}** 2. Use **Invoker Certificate** **Expected Result**: @@ -263,7 +263,7 @@ At this documentation you will have all information and related files and exampl **Description**: - This test case will check that a CAPIF Invoker subscribed to SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE, receive the notification when AEF send to logging service result of invocations to their APIs. + This test case will check that a CAPIF Invoker subscribed to SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE, receive the notification when AEF Send **TO** logging service result of invocations to their APIs. **Pre-Conditions**: @@ -290,7 +290,7 @@ At this documentation you will have all information and related files and exampl * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** * Store **serviceApiId** - * Use APF Certificate + * Use **APF Certificate** 3. Perform [invoker onboarding] 4. Discover published APIs: @@ -312,7 +312,7 @@ At this documentation you will have all information and related files and exampl 3. apiId of published API 4. apiName of published API 5. 200 and 400 results in two logs. - 3. Use AEF Certificate + 3. Use **AEF Certificate** **Expected Result**: @@ -399,8 +399,8 @@ At this documentation you will have all information and related files and exampl 2. Mock Server received messages must accomplish: 1. **Two Events have been received**. 2. Validate received events follow **EventNotification** data structure, with **apiIds** in **eventDetail** parameter. - 1. One should be **SERVICE_API_AVAILABLE** apiId of service_2 published API. - 2. The other one must be **SERVICE_API_UNAVAILABLE** apiId of service_1 published API. + 1. One should be **SERVICE_API_AVAILABLE** apiId of **service_2** published API. + 2. The other one must be **SERVICE_API_UNAVAILABLE** apiId of **service_1** published API. --- ## Test Case 8: Invoker subscribe to Service API Update @@ -453,7 +453,7 @@ At this documentation you will have all information and related files and exampl 7. Update published API at CCF: * Send **PUT** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}** - * body [service api description] with overrided **apiName** to **service_1_modified** + * body [service api description] with overrided **apiName** to **service_1**_modified** * Use **APF Certificate** **Expected Result**: @@ -465,7 +465,7 @@ At this documentation you will have all information and related files and exampl 2. Response to Update Published Service API: 1. **200 OK** 2. Response Body must follow **ServiceAPIDescription** data structure with: - * apiName **service_1_modified** + * apiName **service_1**_modified** 3. Mock Server received messages must accomplish: 1. **One Event has been received**. 2. Validate received events follow **EventNotification** data structure, with **serviceAPIDescriptions** in **eventDetail** parameter. @@ -578,7 +578,7 @@ At this documentation you will have all information and related files and exampl 6. Create Security Context for Invoker * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 7. Provider Retrieve ACL * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** * Use **serviceApiId** and **aefId** @@ -648,14 +648,14 @@ At this documentation you will have all information and related files and exampl 6. Create Security Context for Invoker * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 7. Provider Retrieve ACL * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** * Use **serviceApiId** and **aefId** * Use **AEF Provider Certificate** 3. Delete Security Context of Invoker by Provider: * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** - * Use **AEF certificate** + * Use **AEF Certificate** **Expected Result**: @@ -721,11 +721,11 @@ At this documentation you will have all information and related files and exampl 6. Create Security Context for Invoker * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** 7. Revoke Authorization by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] - * Using AEF Certificate. + * Using **AEF Certificate**. **Expected Result**: diff --git a/doc/testing/testplan/api_invoker_management/README.md b/doc/testing/testplan/api_invoker_management/README.md index 02f04a9..7a99b7d 100644 --- a/doc/testing/testplan/api_invoker_management/README.md +++ b/doc/testing/testplan/api_invoker_management/README.md @@ -26,10 +26,10 @@ At this documentation you will have all information and related files and exampl * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example] 3. Onboard Invoker: - * Send POST to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers* + * Send **POST** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers** * Reference Request Body: [invoker onboarding body] * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker. - * Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) + * Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) **Execution Steps**: @@ -44,7 +44,7 @@ At this documentation you will have all information and related files and exampl 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** ## Test Case 2: Onboard NetApp Already onboarded @@ -65,10 +65,10 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Repeat Onboard Invoker: - * Send POST to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers* + * Send **POST** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers** * Reference Request Body: [invoker onboarding body] * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker. - * Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) + * Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) **Execution Steps**: @@ -84,7 +84,7 @@ At this documentation you will have all information and related files and exampl 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 2. Response to Second Onboard of NetApp must accomplish: 1. **403 Forbidden** 2. Error Response Body must accomplish with **ProblemDetails** data structure with: @@ -112,7 +112,7 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Update information of previously onboarded Invoker: - * Send PUT to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}* + * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}** * Reference Request Body is: [put invoker onboarding body] * "notificationDestination": "*http://host.docker.internal:8086/netapp_new_callback*", @@ -130,7 +130,7 @@ At this documentation you will have all information and related files and exampl 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 2. Response to Update Request (PUT) with minor change must contain: 1. **200 OK** response. 2. notificationDestination on response must contain the new value @@ -154,7 +154,7 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Update information of not onboarded Invoker: - * Send PUT to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}* + * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}** * Reference Request Body is: [put invoker onboarding body] **Execution Steps**: @@ -195,7 +195,7 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Offboard: - * Send Delete to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}* + * Send **DELETE** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}** **Execution Steps**: @@ -229,7 +229,7 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Offboard: - * Send Delete to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}* + * Send **DELETE** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}** **Execution Steps**: @@ -266,16 +266,16 @@ At this documentation you will have all information and related files and exampl 2. Create {public_key_2} 3. Update information of previously onboarded Invoker: - * Send PUT to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}* + * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}** * Reference Request Body is: [put invoker onboarding body] * ["onboardingInformation"]["apiInvokerPublicKey"]: {public_key_2}, * Store new certificate. 4. Update information of previously onboarded Invoker Using new certificate: - * Send PUT to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}* + * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}** * Reference Request Body is: [put invoker onboarding body] * "notificationDestination": "*http://host.docker.internal:8086/netapp_new_callback*", - * Use new invoker certificate + * Use new **Invoker Certificate** **Execution Steps**: @@ -292,7 +292,7 @@ At this documentation you will have all information and related files and exampl 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** 2. Response to Update Request (PUT) with new public key: 1. **200 OK** response. 2. apiInvokerCertificate with new certificate on response -> store to use. diff --git a/doc/testing/testplan/api_logging_service/README.md b/doc/testing/testplan/api_logging_service/README.md index 5d61b8e..b5b7eb3 100644 --- a/doc/testing/testplan/api_logging_service/README.md +++ b/doc/testing/testplan/api_logging_service/README.md @@ -20,14 +20,14 @@ At this documentation you will have all information and related files and exampl 1. Perform [provider onboarding] and [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Log Entry: - 1. Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs* + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** 2. body [log entry request body] - 3. Use AEF Certificate + 3. Use **AEF Certificate** **Execution Steps**: 1. Register Provider and Invoker CCF @@ -42,7 +42,7 @@ At this documentation you will have all information and related files and exampl * aefId * apiInvokerId * logs - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invocation-logs/v1/{aefId}/logs/{logId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invocation-logs/v1/{aefId}/logs/{logId}** @@ -66,14 +66,14 @@ At this documentation you will have all information and related files and exampl 1. Perform [provider onboarding] and [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Log Entry: - 1. Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{not-valid-aefId}/logs* + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{not-valid-aefId}/logs** 2. body [log entry request body] - 3. Use AEF Certificate + 3. Use **AEF Certificate** **Execution Steps**: 1. Register Provider and Invoker CCF @@ -107,14 +107,14 @@ At this documentation you will have all information and related files and exampl 1. Perform [provider onboarding] and [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Log Entry: - 1. Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs* + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** 2. body [log entry request body with serviceAPI apiName apiId not valid] - 3. Use AEF Certificate + 3. Use **AEF Certificate** **Execution Steps**: 1. Register Provider and Invoker CCF @@ -150,14 +150,14 @@ At this documentation you will have all information and related files and exampl 1. Perform [provider onboarding] and [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Log Entry: - 1. Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs* + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** 2. body [log entry request body with invokerId not valid] - 3. Use AEF Certificate + 3. Use **AEF Certificate** **Execution Steps**: 1. Register Provider and Invoker CCF @@ -172,7 +172,7 @@ At this documentation you will have all information and related files and exampl 3. For each **apiProvFuncs**, we must check: 1. **apiProvFuncId** is set 2. **apiProvCert** under **regInfo** is set properly - 5. Location Header must contain the new resource URL *{apiRoot}/api-provider-management/v1/registrations/{registrationId}* + 5. Location Header must contain the new resource URL **{apiRoot}/api-provider-management/v1/registrations/{registrationId}** 2. Response to Logging Service must accomplish: 1. **404 Not Found** @@ -204,14 +204,14 @@ At this documentation you will have all information and related files and exampl 1. Perform [provider onboarding] and [invoker onboarding] 2. Publish Service API at CCF: - - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - - body [service api description] with apiName service_1 - - Use APF Certificate + - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + - body [service api description] with apiName **service_1** + - Use **APF Certificate** 3. Log Entry: - 1. Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs* + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** 2. body [log entry request body with bad aefId] - 3. Use AEF Certificate + 3. Use **AEF Certificate** **Execution Steps**: 1. Register Provider and Invoker CCF diff --git a/doc/testing/testplan/api_provider_management/README.md b/doc/testing/testplan/api_provider_management/README.md index fe72d20..1fab651 100644 --- a/doc/testing/testplan/api_provider_management/README.md +++ b/doc/testing/testplan/api_provider_management/README.md @@ -25,7 +25,7 @@ At this documentation you will have all information and related files and exampl 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] * Authentication Bearer with access_token * Store each cert in a file with according name. @@ -43,7 +43,7 @@ At this documentation you will have all information and related files and exampl 3. For each **apiProvFuncs**, we must check: 1. **apiProvFuncId** is set 2. **apiProvCert** under **regInfo** is set properly - 5. Location Header must contain the new resource URL *{apiRoot}/api-provider-management/v1/registrations/{registrationId}* + 5. Location Header must contain the new resource URL **{apiRoot}/api-provider-management/v1/registrations/{registrationId}** ## Test Case 2: Register Api Provider Already registered @@ -69,7 +69,7 @@ At this documentation you will have all information and related files and exampl 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] * Authentication Bearer with access_token * Store each cert in a file with according name. @@ -118,14 +118,14 @@ At this documentation you will have all information and related files and exampl 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] * Authentication Bearer with access_token * Get Resource URL from Location 4. Update Provider: - * Send PUT to Resource URL returned at registration *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}* + * Send **PUT** to Resource URL returned at registration **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}** * body [provider request body] with apiProvDomInfo set to ROBOT_TESTING_MOD * Use AMF Certificate. @@ -141,7 +141,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider: 1. **201 Created** response. 2. body returned must accomplish **APIProviderEnrolmentDetails** data structure. - 3. Location Header must contain the new resource URL *{apiRoot}/api-provider-management/v1/registrations/{registrationId}* + 3. Location Header must contain the new resource URL **{apiRoot}/api-provider-management/v1/registrations/{registrationId}** 2. Update Provider: @@ -174,14 +174,14 @@ At this documentation you will have all information and related files and exampl 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] * Authentication Bearer with access_token * Store each cert in a file with according name. 4. Update Not Registered Provider: - * Send PUT *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}** * body [provider request body] * Use AMF Certificate. @@ -198,7 +198,7 @@ At this documentation you will have all information and related files and exampl * status 404 * title with message "Not Found" * detail with message "Not Exist Provider Enrolment Details". - * cause with message "Not found registrations to send this api provider details". + * cause with message "Not found registrations to Send **THIS** api provider details". ## Test Case 5: Partially Update Registered Api Provider @@ -224,14 +224,14 @@ At this documentation you will have all information and related files and exampl 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] * Authentication Bearer with access_token * Store each cert in a file with according name. 4. Partial update provider: - * Send PATCH *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}* + * Send **PATCH** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}** * body [provider request patch body] * Use AMF Certificate. @@ -272,14 +272,14 @@ At this documentation you will have all information and related files and exampl 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] * Authentication Bearer with access_token * Store each cert in a file with according name. 4. Partial update Provider: - * Send PATCH *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_API_PROVIDER_NOT_REGISTERED}* + * Send **PATCH** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_API_PROVIDER_NOT_REGISTERED}** * body [provider request patch body] * Use AMF Certificate. @@ -299,7 +299,7 @@ At this documentation you will have all information and related files and exampl * status 404 * title with message "Not Found" * detail with message "Not Exist Provider Enrolment Details". - * cause with message "Not found registrations to send this api provider details". + * cause with message "Not found registrations to Send **THIS** api provider details". ## Test Case 7: Delete Registered Api Provider @@ -325,14 +325,14 @@ At this documentation you will have all information and related files and exampl 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] * Authentication Bearer with access_token * Store each cert in a file with according name. 4. Delete registered provider: - * Send DELETE *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}* + * Send **DELETE** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}** * Use AMF Certificate. **Execution Steps**: @@ -370,14 +370,14 @@ At this documentation you will have all information and related files and exampl 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] * Authentication Bearer with access_token * Store each cert in a file with according name. 4. Delete registered provider at Provider Management: - * Send DELETE *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}* + * Send **DELETE** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}** * Use AMF Certificate. **Execution Steps**: @@ -393,7 +393,7 @@ At this documentation you will have all information and related files and exampl * status 404 * title with message "Not Found" * detail with message "Not Exist Provider Enrolment Details". - * cause with message "Not found registrations to send this api provider details". + * cause with message "Not found registrations to Send **THIS** api provider details". [provider request body]: ./provider_details_post_example.json "API Provider Enrolment Request" diff --git a/doc/testing/testplan/api_publish_service/README.md b/doc/testing/testplan/api_publish_service/README.md index 21512db..27bd8e8 100644 --- a/doc/testing/testplan/api_publish_service/README.md +++ b/doc/testing/testplan/api_publish_service/README.md @@ -19,9 +19,9 @@ At this documentation you will have all information and related files and exampl 2. Publish Service API at CCF: - * Send Post to **ccf_publish_url**: *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* + * Send **POST** to **ccf_publish_url**: **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** - * Use APF Certificate + * Use **APF Certificate** **Execution Steps**: @@ -37,7 +37,7 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 1. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 1. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 3. Published Service API is stored in CAPIF Database @@ -58,9 +58,9 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Publish Service API with invalid APF ID at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{APF_ID_NOT_VALID}/service-apis* - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{APF_ID_NOT_VALID}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** **Execution Steps**: @@ -98,27 +98,27 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 + * Send **POST** to **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** * Get apiId - * Use APF Certificate + * Use **APF Certificate** 3. Publish Other Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_2 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_2** * Get apiId - * Use APF Certificate + * Use **APF Certificate** 4. Retrieve all published APIs: - * Send Get to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * Use APF Certificate + * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * Use **APF Certificate** **Execution Steps**: 1. Register Provider at CCF and store certificates. - 2. Publish Service API service_1 + 2. Publish Service API **service_1** 3. Retrieve {apiId1} from body and Location header with new resource created from response - 4. Publish Service API service_2 + 4. Publish Service API **service_2** 5. Retrieve {apiId2} from body and Location header with new resource created from response 6. Retrieve All published APIs and check if both are present. @@ -128,13 +128,13 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId1}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId1}** 2. Response to service 2 Publish request must accomplish: 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId2}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId2}** 3. Published Service APIs are stored in CAPIF Database @@ -160,8 +160,8 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Retrieve all published APIs: - * Send Get to *https://{CAPIF_HOSTNAME}/published-apis/v1/{APF_ID_NOT_VALID}/service-apis* - * Use APF Certificate + * Send **GET** to **https://{CAPIF_HOSTNAME}/published-apis/v1/{APF_ID_NOT_VALID}/service-apis** + * Use **APF Certificate** **Execution Steps**: @@ -198,34 +198,34 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** * Get apiId - * Use APF Certificate + * Use **APF Certificate** 3. Publish Other Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_2 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_2** * Get apiId - * Use APF Certificate + * Use **APF Certificate** - 4. Retrieve service_1 published APIs detail: - * Send Get to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{apiId1}* - * Use APF Certificate + 4. Retrieve **service_1** published APIs detail: + * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{apiId1}** + * Use **APF Certificate** - 5. Retrieve service_2 published APIs detail: - * Send Get to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{apiId2}* - * Use APF Certificate + 5. Retrieve **service_2** published APIs detail: + * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{apiId2}** + * Use **APF Certificate** **Execution Steps**: 1. Register Provider at CCF and store certificates. - 2. Publish Service API service_1. + 2. Publish Service API **service_1**. 3. Retrieve {apiId1} from body and Location header with new resource created from response. - 4. Publish Service API service_2. + 4. Publish Service API **service_2**. 5. Retrieve {apiId2} from body and Location header with new resource created from response. - 6. Retrieve service_1 API Detail. - 7. Retrieve service_2 API Detail. + 6. Retrieve **service_1** API Detail. + 7. Retrieve **service_2** API Detail. **Expected Result**: @@ -233,25 +233,25 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId1}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId1}** 2. Response to service 2 Publish request must accomplish: 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId2}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId2}** 3. Published Service APIs are stored in CAPIF Database - 4. Response to Retrieve service_1 published API using apiId1: + 4. Response to Retrieve **service_1** published API using apiId1: 1. **200 OK** 2. Response body must return a **ServiceAPIDescription** data. - 3. Array must contain same information than service_1 published registration response. + 3. Array must contain same information than **service_1** published registration response. - 5. Response to Retrieve service_2 published API using apiId2: + 5. Response to Retrieve **service_2** published API using apiId2: 1. **200 OK** 2. Response body must return a **ServiceAPIDescription** data. - 3. Array must contain same information than service_2 published registration response. + 3. Array must contain same information than **service_2** published registration response. ## Test Case 6: Retrieve single APIs non Published by Authorised apfId @@ -271,8 +271,8 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Retrieve not published APIs detail: - * Send Get to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}* - * Use APF Certificate + * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}** + * Use **APF Certificate** **Execution Steps**: @@ -307,14 +307,14 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** * Get apiId - * Use APF Certificate + * Use **APF Certificate** 3. Retrieve detailed published APIs: - * Send Get to *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/${apiId}* - * Use Invoker certificate + * Send **GET** to **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/${apiId}** + * Use **Invoker Certificate** **Execution Steps**: @@ -322,7 +322,7 @@ At this documentation you will have all information and related files and exampl 2. Publish Service API at CCF 3. Retrieve {apiId} from body and Location header with new resource created from response. 4. Register and onboard Invoker at CCF - 5. Store signed Invoker Certificate + 5. Store signed **Invoker Certificate** 6. Retrieve detailed published API acting as Invoker **Expected Result**: @@ -356,21 +356,21 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** * Get apiId * get resource url from location Header. - * Use APF Certificate + * Use **APF Certificate** 3. Update published API at CCF: - * Send PUT to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}* - * body [service api description] with overrided apiName to service_1_modified - * Use APF Certificate + * Send **PUT** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}** + * body [service api description] with overrided apiName to **service_1**_modified + * Use **APF Certificate** 4. Retrieve detail of service API: - * Send Get to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}* - * check apiName is service_1_modified - * Use APF Certificate + * Send **GET** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}** + * check apiName is **service_1**_modified + * Use **APF Certificate** **Execution Steps**: @@ -386,17 +386,17 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Response to Update Published Service API: 1. **200 OK** 2. Response Body must follow **ServiceAPIDescription** data structure with: - * apiName service_1_modified + * apiName **service_1**_modified 3. Response to Retrieve detail of Service API: 1. **200 OK** 2. Response Body must follow **ServiceAPIDescription** data structure with: - * apiName service_1_modified. + * apiName **service_1**_modified. ## Test Case 9: Update APIs Published by Authorised apfId with invalid serviceApiId @@ -416,15 +416,15 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** * Get apiId - * Use APF Certificate + * Use **APF Certificate** 3. Update published API at CCF: - * Send PUT to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}* - * body [service api description] with overrided apiName to ***service_1_modified*** - * Use APF Certificate + * Send **PUT** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}** + * body [service api description] with overrided apiName to ***service_1**_modified*** + * Use **APF Certificate** **Execution Steps**: @@ -437,7 +437,7 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Response to Update Published Service API: 1. **404 Not Found** @@ -464,20 +464,20 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** * Get apiId - * Use APF Certificate + * Use **APF Certificate** 3. Update published API at CCF: - * Send PUT to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* - * body [service api description] with overrided apiName to ***service_1_modified*** - * Use invoker certificate + * Send **PUT** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** + * body [service api description] with overrided apiName to ***service_1**_modified*** + * Use **Invoker Certificate** 4. Retrieve detail of service API: - * Send Get to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}* - * check apiName is service_1 - * Use APF Certificate + * Send **GET** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}** + * check apiName is **service_1** + * Use **APF Certificate** **Execution Steps**: @@ -485,7 +485,7 @@ At this documentation you will have all information and related files and exampl 2. Publish Service API at CCF 3. Retrieve {apiId} from body and Location header with new resource created from response. 4. Register and onboard Invoker at CCF - 5. Store signed Invoker Certificate + 5. Store signed **Invoker Certificate** 6. Update published API at CCF as Invoker 7. Retrieve detail of Service API as publisher @@ -502,7 +502,7 @@ At this documentation you will have all information and related files and exampl 2. Response to Retrieve Detail of Service API: 1. **200 OK** 2. Response Body must follow **ServiceAPIDescription** data structure with: - * apiName service_1. + * apiName **service_1**. ## Test Case 11: Delete API Published by Authorised apfId with valid serviceApiId @@ -523,17 +523,17 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** * Get apiId - * Use APF Certificate + * Use **APF Certificate** 3. Remove published Service API at CCF: - * Send DELETE to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* - * Use APF Certificate + * Send **DELETE** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** + * Use **APF Certificate** 4. Retrieve detail of service API: - * Send Get to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}* - * Use APF Certificate + * Send **GET** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}** + * Use **APF Certificate** **Execution Steps**: @@ -549,7 +549,7 @@ At this documentation you will have all information and related files and exampl 1. **201 Created** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiId - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId}/service-apis/{serviceApiId}** 2. Published Service API is stored in CAPIF Database @@ -582,8 +582,8 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Remove published Service API at CCF with invalid serviceId: - * Send DELETE to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}* - * Use APF Certificate + * Send **DELETE** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}** + * Use **APF Certificate** **Execution Steps**: @@ -618,14 +618,14 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis* - * body [service api description] with apiName service_1 + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** * Get apiId - * Use APF Certificate + * Use **APF Certificate** 3. Remove published Service API at CCF with invalid serviceId as Invoker: - * Send DELETE to resource URL *https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}* - * Use invoker certificate. + * Send **DELETE** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}** + * Use **Invoker Certificate**. **Execution Steps**: diff --git a/doc/testing/testplan/api_security_service/README.md b/doc/testing/testplan/api_security_service/README.md index e051f90..1f57c2d 100644 --- a/doc/testing/testplan/api_security_service/README.md +++ b/doc/testing/testplan/api_security_service/README.md @@ -17,9 +17,9 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** **Execution Steps**: @@ -32,7 +32,7 @@ At this documentation you will have all information and related files and exampl 1. Create security context: 1. **201 Created** response. 2. body returned must accomplish **ServiceSecurity** data structure. - 3. Location Header must contain the new resource URL *{apiRoot}/capif-security/v1/trustedInvokers/{apiInvokerId}* + 3. Location Header must contain the new resource URL **{apiRoot}/capif-security/v1/trustedInvokers/{apiInvokerId}** ## Test Case 2: Create a security context for an API invoker with Provider role @@ -52,9 +52,9 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker but using Provider certificate. - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using AEF certificate + * Using **AEF Certificate** **Execution Steps**: @@ -91,9 +91,9 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Create Security Context for this not valid apiInvokerId and using Provider certificate. - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * body [service security body] - * Using AEF certificate + * Using **AEF Certificate** **Execution Steps**: @@ -128,9 +128,9 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Create Security Context for this Invoker: - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * body [service security body] - * Use Invoker Certificate + * Use **Invoker Certificate** **Execution Steps**: @@ -167,13 +167,13 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker. - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker certificate + * Using **Invoker Certificate** 3. Retrieve Security Context of Invoker by Provider: - * Send GET *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* - * Using AEF Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * Using **AEF Certificate** **Execution Steps**: @@ -206,8 +206,8 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Retrieve Security Context of invalid Invoker by Provider: - * Send GET *https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}* - * Using AEF Certificate. + * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** + * Using **AEF Certificate**. **Execution Steps**: @@ -243,13 +243,13 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate + * Using **Invoker Certificate** 3. Retrieve Security Context as Invoker role: - * Send GET *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* - * Using Invoker Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * Using **Invoker Certificate** **Execution Steps**: @@ -286,17 +286,17 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker but using Provider certificate. - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using AEF certificate + * Using **AEF Certificate** 3. Delete Security Context of Invoker by Provider: - * Send DELETE *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* - * Use AEF certificate + * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * Use **AEF Certificate** 4. Retrieve Security Context of Invoker by Provider: - * Send GET *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* - * Using AEF Certificate + * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * Using **AEF Certificate** **Execution Steps**: @@ -336,13 +336,13 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker: - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker certificate + * Using **Invoker Certificate** 3. Delete Security Context of Invoker: - * Send DELETE *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* - * Use Invoker certificate + * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * Use **Invoker Certificate** **Execution Steps**: @@ -378,8 +378,8 @@ At this documentation you will have all information and related files and exampl 1. Perform [Invoker Onboarding] 2. Delete Security Context of Invoker: - * Send DELETE *https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}* - * Use Invoker certificate + * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** + * Use **Invoker Certificate** **Execution Steps**: @@ -414,8 +414,8 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Delete Security Context of Invoker by Provider: - * Send DELETE *https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}* - * Use AEF certificate + * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** + * Use **AEF Certificate** **Execution Steps**: @@ -450,18 +450,18 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker: - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. 3. Update Security Context of Invoker: - * Send POST *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update* - * body [service security body] but with notification destination modified to http://robot.testing2 - * Using Invoker Certificate. + * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update** + * body [service security body] but with notification destination modified to **http://robot.testing2** + * Using **Invoker Certificate**. 4. Retrieve Security Context of Invoker by Provider: - * Send GET *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* - * Using AEF Certificate. + * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * Using **AEF Certificate**. **Execution Steps**: @@ -501,14 +501,14 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker: - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. 3. Update Security Context of Invoker by Provider: - * Send POST *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update* - * body [service security body] but with notification destination modified to http://robot.testing2 - * Using AEF Certificate + * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update** + * body [service security body] but with notification destination modified to **http://robot.testing2** + * Using **AEF Certificate** **Execution Steps**: @@ -546,9 +546,9 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] 2. Update Security Context of Invoker by Provider: - * Send POST *https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update* + * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update** * body [service security body] - * Using AEF Certificate + * Using **AEF Certificate** **Execution Steps**: @@ -583,9 +583,9 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Update Security Context of Invoker: - * Send POST *https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update* + * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. **Execution Steps**: @@ -620,18 +620,18 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context By Invoker: - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate + * Using **Invoker Certificate** 3. Revoke Authorization by Provider: - * Send POST *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete* + * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] - * Using AEF Certificate. + * Using **AEF Certificate**. 4. Retrieve Security Context by Provider: - * Send GET *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* - * Using AEF Certificate. + * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * Using **AEF Certificate**. **Execution Steps**: @@ -673,17 +673,17 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker: - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. 3. Revoke Authorization by invoker: - * Send POST *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete* + * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] - * Using Invoker Certificate + * Using **Invoker Certificate** 4. Retrieve Security Context of Invoker by Provider: - * Send GET *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using Provider Certificate **Execution Steps**: @@ -727,19 +727,19 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Create Security Context for this Invoker: - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. 3. Revoke Authorization by Provider: - * Send POST *https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/delete* + * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/delete** * body [security notification body] - * Using AEF Certificate. + * Using **AEF Certificate**. 4. Retrieve Security Context of Invoker by Provider: - * Send GET *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}?authenticationInfo=true&authorizationInfo=true* + * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}?authenticationInfo=true&authorizationInfo=true** * This request will ask with parameter to retrieve authenticationInfo and authorizationInfo - * Using AEF Certificate. + * Using **AEF Certificate**. **Execution Steps**: @@ -783,32 +783,32 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by invoker: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{securityId}/token*: + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{securityId}/token**: * body [access token req body] and example [example] * ***securityId*** is apiInvokerId. * ***grant_type=client_credentials***. * Create Scope properly for request: ***3gpp#{aef_id}:{api_name}*** - * Using Invoker Certificate. + * Using **Invoker Certificate**. **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. @@ -839,31 +839,31 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by provider: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{securityId}/token*: + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{securityId}/token**: * body [access token req body] * ***securityId*** is apiInvokerId * ***grant_type=client_credentials*** - * Using AEF certificate + * Using **AEF Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. @@ -894,31 +894,31 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by provider: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{API_INVOKER_NOT_VALID}/token*. + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{API_INVOKER_NOT_VALID}/token**. * body [access token req body] * ***securityId*** is apiInvokerId * ***grant_type=client_credentials*** - * Using AEF certificate + * Using **AEF Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. @@ -949,28 +949,28 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by invoker: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{API_INVOKER_NOT_VALID}/token*. + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{API_INVOKER_NOT_VALID}/token**. * body [access token req body] * ***securityId*** is apiInvokerId * ***grant_type=client_credentials*** - * Using Invoker certificate + * Using **Invoker Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. @@ -1006,32 +1006,32 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by invoker: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{securityId}/token*. + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{securityId}/token**. * body [access token req body] * ***securityId*** is apiInvokerId * ***grant_type=client_credentials*** * **client_id is not-valid** - * Using Invoker certificate + * Using **Invoker Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. @@ -1063,31 +1063,31 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by invoker: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{securityId}/token*. + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{securityId}/token**. * body [access token req body] * ***securityId*** is apiInvokerId * ***grant_type=not_valid*** - * Using Invoker certificate + * Using **Invoker Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. @@ -1118,32 +1118,32 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by invoker: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{securityId}/token*. + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{securityId}/token**. * body [access token req body] * ***securityId*** is apiInvokerId * ***grant_type=client_credentials*** * ***scope=not-valid-scope*** - * Using Invoker certificate + * Using **Invoker Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. @@ -1175,32 +1175,32 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by invoker: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{securityId}/token*. + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{securityId}/token**. * body [access token req body] * ***securityId*** is apiInvokerId * ***grant_type=client_credentials*** - * ***scope=3gpp#1234:service_1*** - * Using Invoker certificate + * ***scope=3gpp#1234:**service_1*** + * Using **Invoker Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. @@ -1232,32 +1232,32 @@ At this documentation you will have all information and related files and exampl 1. Perform [Provider Registration] and [Invoker Onboarding] 2. Publish Service API at CCF: - * Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis - * body [service api description] with apiName service_1 - * Use APF Certificate + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use **APF Certificate** 3. Request Discover Published APIs not filtered: - * Send GET to ccf_discover_url *https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}* + * Send **GET** to ccf_discover_url **https://{CAPIF_HOSTNAME}/service-apis/v1/allServiceAPIs?api-invoker-id={apiInvokerId}** * Param api-invoker-id is mandatory - * Using invoker certificate + * Using **Invoker Certificate** 4. Create Security Context for this Invoker - * Send PUT *https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}* + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] - * Using Invoker Certificate. + * Using **Invoker Certificate**. * Create Security Information Body with one **securityInfo** for each aef present at each serviceAPIDescription present at Discover. 5. Request Access Token by invoker: - * Sent POST *https://{CAPIF_HOSTNAME}/securities/{securityId}/token*. + * Sent POST **https://{CAPIF_HOSTNAME}/securities/{securityId}/token**. * body [access token req body] * ***securityId*** is apiInvokerId * ***grant_type=client_credentials*** * ***scope=3gpp#{aef_id}:not-valid*** - * Using Invoker certificate + * Using **Invoker Certificate** **Execution Steps**: - 1. Register Provider at CCF, store certificates and Publish Service API service_1 at CCF + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. diff --git a/doc/testing/testplan/common_operations/README.md b/doc/testing/testplan/common_operations/README.md index 0f8cf9f..a77e947 100644 --- a/doc/testing/testplan/common_operations/README.md +++ b/doc/testing/testplan/common_operations/README.md @@ -51,7 +51,7 @@ The steps to register a new user at Register Service are: * Send **POST** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers** * Reference Request Body: [invoker onboarding body] * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker. - * Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) + * Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) ### Checks to ensure onboarding @@ -64,7 +64,7 @@ The steps to register a new user at Register Service are: 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. - 3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}* + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** ### Example Flow ![Flow](../../../images/flows/07_Invoker_Onboarding.png) @@ -81,9 +81,9 @@ The steps to register a new user at Register Service are: 3. Register Provider: - * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations* + * Send **POST** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations** * body [provider request body] - * Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) + * Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) * Store each cert in a file with according name. ### Checks to ensure provider registration @@ -100,7 +100,7 @@ The steps to register a new user at Register Service are: 3. For each **apiProvFuncs**, we must check: 1. **apiProvFuncId** is set 2. **apiProvCert** under **regInfo** is set properly - 4. Location Header must contain the new resource URL *{apiRoot}/api-provider-management/v1/registrations/{registrationId}* + 4. Location Header must contain the new resource URL **{apiRoot}/api-provider-management/v1/registrations/{registrationId}** ### Example Flow ![Flow](../../../images/flows/07_Invoker_Onboarding.png) -- GitLab From e9712af4b010507c06a6425d0f145be2a311c519 Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Thu, 20 Jun 2024 16:41:10 +0200 Subject: [PATCH 3/9] Reorder auditing and discover, also some minor refactor --- .../api_access_control_policy/README.md | 62 ++--- .../testplan/api_auditing_service/README.md | 2 +- .../testplan/api_discover_service/README.md | 90 +++---- .../testplan/api_events_service/README.md | 2 +- .../testplan/api_invoker_management/README.md | 22 +- .../testplan/api_logging_service/README.md | 12 +- .../api_provider_management/README.md | 68 +++--- .../testplan/api_publish_service/README.md | 64 ++--- .../testplan/api_security_service/README.md | 220 +++++++++--------- .../testplan/common_operations/README.md | 2 +- 10 files changed, 272 insertions(+), 272 deletions(-) diff --git a/doc/testing/testplan/api_access_control_policy/README.md b/doc/testing/testplan/api_access_control_policy/README.md index 8b22103..192495c 100644 --- a/doc/testing/testplan/api_access_control_policy/README.md +++ b/doc/testing/testplan/api_access_control_policy/README.md @@ -6,11 +6,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_acl-1*** **Description**: - + This test case will check that an API Provider can retrieve ACL from CAPIF **Pre-Conditions**: - + * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. @@ -32,7 +32,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker @@ -60,11 +60,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_acl-2*** **Description**: - + This test case will check that an API Provider can retrieve ACL from CAPIF for 2 different serviceApis published. **Pre-Conditions**: - + * API Provider had two Service API Published on CAPIF * API Invoker had a Security Context for both Service APIs published. @@ -93,7 +93,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_2** * Store **serviceApiId** * Use **APF Certificate** - + 4. Perform [Invoker Onboarding] store apiInvokerId 5. Discover published APIs 6. Create Security Context for this Invoker for both published APIs @@ -125,11 +125,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_acl-3*** **Description**: - + This test case will check that an API Provider can retrieve ACL from CAPIF containing 2 objects. **Pre-Conditions**: - + * API Provider had a Service API Published on CAPIF * Two API Invokers had a Security Context for same Service API published by provider. @@ -151,7 +151,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker for both published APIs @@ -174,17 +174,17 @@ At this documentation you will have all information and related files and exampl 3. **apiInvokerPolicies** must: 1. Contain two objects. 2. One object must match with **apiInvokerId1** and the other one with **apiInvokerId2** an registered previously. - + ## Test Case 4: Retrieve ACL filtered by api-invoker-id **Test ID**: ***capif_api_acl-4*** **Description**: - + This test case will check that an API Provider can retrieve ACL filtering by apiInvokerId from CAPIF containing 1 objects. **Pre-Conditions**: - + * API Provider had a Service API Published on CAPIF * Two API Invokers had a Security Context for same Service API published by provider. @@ -207,7 +207,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker for both published APIs @@ -250,11 +250,11 @@ At this documentation you will have all information and related files and exampl **Description**: **CURRENTLY NOT SUPPORTED FEATURE** - + This test case will check that an API Provider can retrieve ACL filtering by supportedFeatures from CAPIF containing 1 objects. **Pre-Conditions**: - + * API Provider had a Service API Published on CAPIF * Two API Invokers had a Security Context for same Service API published by provider. @@ -277,7 +277,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker for both published APIs @@ -319,11 +319,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_acl-6*** **Description**: - + This test case will check that an API Provider can't retrieve ACL from CAPIF if aef-id is not valid **Pre-Conditions**: - + * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. @@ -345,7 +345,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker @@ -375,11 +375,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_acl-7*** **Description**: - + This test case will check that an API Provider can't retrieve ACL from CAPIF if service-api-id is not valid **Pre-Conditions**: - + * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. @@ -401,7 +401,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker @@ -430,11 +430,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_acl-8*** **Description**: - + This test case will check that an API Provider can't retrieve ACL from CAPIF if service-api-id and aef-id are not valid **Pre-Conditions**: - + * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. @@ -456,7 +456,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker @@ -486,7 +486,7 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_acl-9*** **Description**: - + This test case will check that an API Provider can't retrieve ACL if no invoker had requested Security Context to CAPIF **Pre-Conditions**: @@ -512,7 +512,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs @@ -537,11 +537,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_acl-10*** **Description**: - + This test case will check that an API Provider get not found response if filter by not valid api-invoker-id doesn't match any registered ACL. **Pre-Conditions**: - + * API Provider had a Service API Published on CAPIF * API Invoker had a Security Context for Service API published. @@ -563,7 +563,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker @@ -782,7 +782,7 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Store **serviceApiId** * Use **APF Certificate** - + 3. Perform [Invoker Onboarding] store apiInvokerId 4. Discover published APIs 5. Create Security Context for this Invoker diff --git a/doc/testing/testplan/api_auditing_service/README.md b/doc/testing/testplan/api_auditing_service/README.md index 0588e8e..899dea9 100644 --- a/doc/testing/testplan/api_auditing_service/README.md +++ b/doc/testing/testplan/api_auditing_service/README.md @@ -10,7 +10,7 @@ At this documentation you will have all information and related files and exampl This test case will check that a CAPIF AMF can get log entry to Logging Service **Pre-Conditions**: - + * CAPIF provider is pre-authorised (has valid AMF cert from CAPIF Authority) * Service exist in CAPIF * Invoker exist in CAPIF diff --git a/doc/testing/testplan/api_discover_service/README.md b/doc/testing/testplan/api_discover_service/README.md index 7aa1d84..5d89b90 100644 --- a/doc/testing/testplan/api_discover_service/README.md +++ b/doc/testing/testplan/api_discover_service/README.md @@ -14,7 +14,13 @@ At this documentation you will have all information and related files and exampl * Service APIs are published. * NetApp was registered previously * NetApp was onboarded previously with {onboardingId} - + +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover Service APIs by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -27,12 +33,6 @@ At this documentation you will have all information and related files and exampl * Param api-invoker-id is mandatory * Use **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API at CCF - 2. Register Invoker and Onboard Invoker at CCF - 3. Discover Service APIs by Invoker - **Expected Result**: 1. Response to Publish request must accomplish: @@ -64,7 +64,13 @@ At this documentation you will have all information and related files and exampl **Pre-Conditions**: * Service APIs are published. - + +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover Service APIs by no invoker entity + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -77,12 +83,6 @@ At this documentation you will have all information and related files and exampl * Param api-invoker-id is mandatory * Use not **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API at CCF - 2. Register Invoker and Onboard Invoker at CCF - 3. Discover Service APIs by no invoker entity - **Expected Result**: 1. Response to Publish request must accomplish: @@ -118,7 +118,13 @@ At this documentation you will have all information and related files and exampl **Pre-Conditions**: * Service APIs are published. - + +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover Service APIs by Publisher + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -131,12 +137,6 @@ At this documentation you will have all information and related files and exampl * Param api-invoker-id is mandatory * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API at CCF - 2. Register Invoker and Onboard Invoker at CCF - 3. Discover Service APIs by Publisher - **Expected Result**: 1. Response to Publish request must accomplish: @@ -174,7 +174,14 @@ At this documentation you will have all information and related files and exampl * At least 2 Service APIs are published. * NetApp was registered previously * NetApp was onboarded previously with {onboardingId} - + +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Discover filtered by api-name **service_1** Service APIs by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -192,13 +199,6 @@ At this documentation you will have all information and related files and exampl * Using **Invoker Certificate** * filter by api-name **service_1** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF - 2. Register Invoker and Onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Discover filtered by api-name **service_1** Service APIs by Invoker - **Expected Result**: 1. Response to Publish request must accomplish: @@ -235,7 +235,14 @@ At this documentation you will have all information and related files and exampl * At least 2 Service APIs are published. * NetApp was registered previously * NetApp was onboarded previously with {onboardingId} - + +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Discover filtered by api-name not published Service APIs by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -253,13 +260,6 @@ At this documentation you will have all information and related files and exampl * Using **Invoker Certificate** * filter by api-name NOT_VALID_NAME -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF - 2. Register Invoker and Onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Discover filtered by api-name not published Service APIs by Invoker - **Expected Result**: 1. Response to Publish request must accomplish: @@ -299,7 +299,14 @@ At this documentation you will have all information and related files and exampl * 2 Service APIs are published. * NetApp was registered previously * NetApp was onboarded previously with {onboardingId} - + +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Discover without filter by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -316,13 +323,6 @@ At this documentation you will have all information and related files and exampl * Param api-invoker-id is mandatory * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF - 2. Register Invoker and Onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Discover without filter by Invoker - **Expected Result**: 1. Response to Publish request must accomplish: diff --git a/doc/testing/testplan/api_events_service/README.md b/doc/testing/testplan/api_events_service/README.md index c70903e..73106b7 100644 --- a/doc/testing/testplan/api_events_service/README.md +++ b/doc/testing/testplan/api_events_service/README.md @@ -554,7 +554,7 @@ At this documentation you will have all information and related files and exampl * **Mock Server is clean.** **Execution Steps**: - + 1. Register Provider at CCF. 2. Publish a provider API with name **service_1**. 3. Register Invoker and Onboard Invoker at CCF. diff --git a/doc/testing/testplan/api_invoker_management/README.md b/doc/testing/testplan/api_invoker_management/README.md index 7a99b7d..4b51190 100644 --- a/doc/testing/testplan/api_invoker_management/README.md +++ b/doc/testing/testplan/api_invoker_management/README.md @@ -36,7 +36,7 @@ At this documentation you will have all information and related files and exampl 1. Retrieve access_token by User from register 2. Onboard Invoker at CCF 3. Store signed Certificate - + **Expected Result**: 1. Response to Onboard request must accomplish: @@ -76,7 +76,7 @@ At this documentation you will have all information and related files and exampl 2. Onboard NetApp at CCF 3. Store signed Certificate at NetApp 4. Onboard Again the NetApp at CCF - + **Expected Result**: 1. Response to Onboard request must accomplish: @@ -106,7 +106,7 @@ At this documentation you will have all information and related files and exampl * NetApp was registered previously * NetApp was onboarded previously with {onboardingId} - + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -117,14 +117,14 @@ At this documentation you will have all information and related files and exampl * "notificationDestination": "*http://host.docker.internal:8086/netapp_new_callback*", **Execution Steps**: - + 1. Register Invoker at CCF 2. Onboard Invoker at CCF 3. Store signed Certificate 4. Update Onboarding Information at CCF with a minor change on "notificationDestination" - + **Expected Result**: - + 1. Response to Onboard request must accomplish: 1. **201 Created** 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: @@ -148,7 +148,7 @@ At this documentation you will have all information and related files and exampl * NetApp was registered previously * NetApp was not onboarded previously - + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -158,13 +158,13 @@ At this documentation you will have all information and related files and exampl * Reference Request Body is: [put invoker onboarding body] **Execution Steps**: - + 1. Register Invoker at CCF 2. Onboard Invoker at CCF 3. Update Onboarding Information at CCF of not onboarded - + **Expected Result**: - + 1. Response to Onboard request must accomplish: 1. **201 Created** 2. Response to Update Request (PUT) must contain: @@ -202,7 +202,7 @@ At this documentation you will have all information and related files and exampl 1. Register Invoker at CCF 2. Onboard Invoker at CCF 3. Offboard Invoker at CCF - + **Expected Result**: 1. Response to Onboard request must accomplish: diff --git a/doc/testing/testplan/api_logging_service/README.md b/doc/testing/testplan/api_logging_service/README.md index b5b7eb3..fbb87d4 100644 --- a/doc/testing/testplan/api_logging_service/README.md +++ b/doc/testing/testplan/api_logging_service/README.md @@ -10,7 +10,7 @@ At this documentation you will have all information and related files and exampl This test case will check that a CAPIF AEF can create log entry to Logging Service **Pre-Conditions**: - + * CAPIF provider is pre-authorised (has valid aefId from CAPIF Authority) * Service exist in CAPIF * Invoker exist in CAPIF @@ -79,7 +79,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider and Invoker CCF 2. Publish Service 3. Create Log Entry - + **Expected Result**: 1. Response to Logging Service must accomplish: @@ -99,7 +99,7 @@ At this documentation you will have all information and related files and exampl This test case will check that a CAPIF subscriber (AEF) cannot create Log Entry without valid aefId **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid aefId from CAPIF Authority) **Information of Test**: @@ -142,7 +142,7 @@ At this documentation you will have all information and related files and exampl This test case will check that a CAPIF subscriber (AEF) cannot create Log Entry without valid aefId **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid aefId from CAPIF Authority) **Information of Test**: @@ -163,7 +163,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider and Invoker CCF 2. Publish Service 3. Create Log Entry - + **Expected Result**: 1. Response to Onboard request must accomplish: @@ -217,7 +217,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider and Invoker CCF 2. Publish Service 3. Create Log Entry - + **Expected Result**: 1. Response to Logging Service must accomplish: diff --git a/doc/testing/testplan/api_provider_management/README.md b/doc/testing/testplan/api_provider_management/README.md index 1fab651..8d35d0c 100644 --- a/doc/testing/testplan/api_provider_management/README.md +++ b/doc/testing/testplan/api_provider_management/README.md @@ -6,11 +6,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_provider_management-1*** **Description**: - + This test case will check that Api Provider can be registered con CCF **Pre-Conditions**: - + * Provider is pre-authorised (has valid certificate from CAPIF Authority) **Information of Test**: @@ -31,10 +31,10 @@ At this documentation you will have all information and related files and exampl * Store each cert in a file with according name. **Execution Steps**: - + 1. Create private and public key for provider and each function to register. 2. Register Provider. - + **Expected Result**: 1. Register Provider at Provider Management: @@ -50,17 +50,17 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_provider_management-2*** **Description**: - + This test case will check that a Api Provider previously registered cannot be re-registered **Pre-Conditions**: - + * Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) - + 2. Retrieve access_token by User: * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth** @@ -79,11 +79,11 @@ At this documentation you will have all information and related files and exampl * Same regSec than Previous registration **Execution Steps**: - + 1. Create private and public key for provider and each function to register. 2. Register Provider. 3. Re-Register Provider. - + **Expected Result**: 1. Re-Register Provider: @@ -100,11 +100,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_provider_management-3*** **Description**: - + This test case will check that a Registered Api Provider can be updated **Pre-Conditions**: - + * Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB **Information of Test**: @@ -131,11 +131,11 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: - + 1. Create private and public key for provider and each function to register. 2. Register Provider 3. Update Provider - + **Expected Result**: 1. Register Provider: @@ -155,11 +155,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_provider_management-4*** **Description**: - + This test case will check that a Non-Registered Api Provider cannot be updated **Pre-Conditions**: - + * Api Provider was not registered previously **Information of Test**: @@ -186,10 +186,10 @@ At this documentation you will have all information and related files and exampl * Use AMF Certificate. **Execution Steps**: - + 1. Register Provider at CCF 2. Update Not Registered Provider - + **Expected Result**: 1. Update Not Registered Provider: @@ -205,11 +205,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_provider_management-5*** **Description**: - + This test case will check that a Registered Api Provider can be partially updated **Pre-Conditions**: - + * Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB **Information of Test**: @@ -236,11 +236,11 @@ At this documentation you will have all information and related files and exampl * Use AMF Certificate. **Execution Steps**: - + 1. Register Provider at CCF 2. Register Provider 3. Partial update provider - + **Expected Result**: 1. Partial update provider at Provider Management: @@ -253,11 +253,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_provider_management-6*** **Description**: - + This test case will check that a Non-Registered Api Provider cannot be partially updated **Pre-Conditions**: - + * Api Provider was not registered previously **Information of Test**: @@ -282,14 +282,14 @@ At this documentation you will have all information and related files and exampl * Send **PATCH** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_API_PROVIDER_NOT_REGISTERED}** * body [provider request patch body] * Use AMF Certificate. - + **Execution Steps**: - + 1. Register Provider at CCF 2. Register Provider 3. Partial update provider - + **Expected Result**: 1. Partial update provider: @@ -306,11 +306,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_provider_management-7*** **Description**: - + This test case will check that a Registered Api Provider can be deleted **Pre-Conditions**: - + * Api Provider was registered previously **Information of Test**: @@ -336,11 +336,11 @@ At this documentation you will have all information and related files and exampl * Use AMF Certificate. **Execution Steps**: - + 1. Register Provider at CCF 2. Register Provider 3. Delete Provider - + **Expected Result**: 1. Delete Provider: @@ -351,11 +351,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_provider_management-8*** **Description**: - + This test case will check that a Non-Registered Api Provider cannot be deleted **Pre-Conditions**: - + * Api Provider was not registered previously **Information of Test**: @@ -381,10 +381,10 @@ At this documentation you will have all information and related files and exampl * Use AMF Certificate. **Execution Steps**: - + 1. Register Provider at CCF 2. Delete Provider - + **Expected Result**: 1. Delete Provider: diff --git a/doc/testing/testplan/api_publish_service/README.md b/doc/testing/testplan/api_publish_service/README.md index 27bd8e8..59e59e8 100644 --- a/doc/testing/testplan/api_publish_service/README.md +++ b/doc/testing/testplan/api_publish_service/README.md @@ -6,11 +6,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-1*** **Description**: - + This test case will check that an API Publisher can Publish an API **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) **Information of Test**: @@ -30,7 +30,7 @@ At this documentation you will have all information and related files and exampl 2. Publish Service API 3. Retrieve {apiId} from body and Location header with new resource created from response - + **Expected Result**: 1. Response to Publish request must accomplish: @@ -46,11 +46,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-2*** **Description**: - + This test case will check that an API Publisher cannot Publish an API withot valid apfId **Pre-Conditions**: - + * CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority) **Information of Test**: @@ -167,7 +167,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider at CCF and store certificates. 2. Retrieve All published APIs - + **Expected Result**: 1. Response to Publish request must accomplish: @@ -185,11 +185,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-5*** **Description**: - + This test case will check that an API Publisher can Retrieve API published one by one **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) * At least 2 service APIs are published. @@ -259,11 +259,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-6*** **Description**: - + This test case will check that an API Publisher try to get detail of not published api. **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) * No published api @@ -295,11 +295,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-7*** **Description**: - + This test case will check that an API Publisher cannot Retrieve detailed API published when apfId is not authorised **Pre-Conditions**: - + * CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority) **Information of Test**: @@ -324,7 +324,7 @@ At this documentation you will have all information and related files and exampl 4. Register and onboard Invoker at CCF 5. Store signed **Invoker Certificate** 6. Retrieve detailed published API acting as Invoker - + **Expected Result**: 1. Response to Retrieve Detailed published API acting as Invoker must accomplish: @@ -343,11 +343,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-8*** **Description**: - + This test case will check that an API Publisher can Update published API with a valid serviceApiId **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) * A service APIs is published. @@ -379,7 +379,7 @@ At this documentation you will have all information and related files and exampl 3. Retrieve {apiId} from body and Location header with new resource url created from response 4. Update published Service API. 5. Retrieve detail of Service API - + **Expected Result**: 1. Response to Publish request must accomplish: @@ -397,18 +397,18 @@ At this documentation you will have all information and related files and exampl 1. **200 OK** 2. Response Body must follow **ServiceAPIDescription** data structure with: * apiName **service_1**_modified. - + ## Test Case 9: Update APIs Published by Authorised apfId with invalid serviceApiId **Test ID**: ***capif_api_publish_service-9*** **Description**: - + This test case will check that an API Publisher cannot Update published API with a invalid serviceApiId **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) **Information of Test**: @@ -430,7 +430,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider at CCF and store certificates. 2. Update published Service API. - + **Expected Result**: 1. Response to Publish request must accomplish: @@ -452,11 +452,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-10*** **Description**: - + This test case will check that an API Publisher cannot Update API published when apfId is not authorised **Pre-Conditions**: - + * CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority) **Information of Test**: @@ -488,7 +488,7 @@ At this documentation you will have all information and related files and exampl 5. Store signed **Invoker Certificate** 6. Update published API at CCF as Invoker 7. Retrieve detail of Service API as publisher - + **Expected Result**: 1. Response to Update published API acting as Invoker must accomplish: @@ -510,11 +510,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-11*** **Description**: - + This test case will check that an API Publisher can Delete published API with a valid serviceApiId **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority). * A service APIs is published. @@ -542,7 +542,7 @@ At this documentation you will have all information and related files and exampl 3. Retrieve {apiId} from body and Location header with new resource created from response 4. Remove published API at CCF 5. Try to retreive deleted service API from CCF - + **Expected Result**: 1. Response to Publish request must accomplish: @@ -570,11 +570,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-12*** **Description**: - + This test case will check that an API Publisher cannot Delete with invalid serviceApiId **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority). **Information of Test**: @@ -589,7 +589,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider at CCF and store certificates. 2. Remove published API at CCF with invalid serviceId - + **Expected Result**: 1. Response to Remove published Service API at CCF: @@ -606,11 +606,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_api_publish_service-12*** **Description**: - + This test case will check that an API Publisher cannot Delete API published when apfId is not authorised **Pre-Conditions**: - + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority). **Information of Test**: @@ -632,7 +632,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider at CCF and store certificates. 2. Register Invoker and onboard Invoker at CCF 3. Remove published API at CCF with invalid serviceId as Invoker - + **Expected Result**: 1. Response to Remove published Service API at CCF: diff --git a/doc/testing/testplan/api_security_service/README.md b/doc/testing/testplan/api_security_service/README.md index 1f57c2d..189d3f3 100644 --- a/doc/testing/testplan/api_security_service/README.md +++ b/doc/testing/testplan/api_security_service/README.md @@ -6,11 +6,11 @@ At this documentation you will have all information and related files and exampl **Test ID**: ***capif_security_api-1*** **Description**: - + This test case will check that an API Invoker can create a Security context **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) **Information of Test**: @@ -22,11 +22,11 @@ At this documentation you will have all information and related files and exampl * Use **Invoker Certificate** **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Store signed Certificate 3. Create Security Context - + **Expected Result**: 1. Create security context: @@ -40,11 +40,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-2*** **Description**: - + This test case will check that an Provider cannot create a Security context with valid apiInvokerId. **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role **Information of Test**: @@ -57,11 +57,11 @@ At this documentation you will have all information and related files and exampl * Using **AEF Certificate** **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 3. Create Security Context using Provider certificate - + **Expected Result**: 1. Create security context using Provider certificate: @@ -83,7 +83,7 @@ At this documentation you will have all information and related files and exampl This test case will check that an Provider cannot create a Security context with invalid apiInvokerID. **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role **Information of Test**: @@ -96,10 +96,10 @@ At this documentation you will have all information and related files and exampl * Using **AEF Certificate** **Execution Steps**: - + 1. Register Provider at CCF 2. Create Security Context using Provider certificate - + **Expected Result**: 1. Create security context using Provider certificate: @@ -116,11 +116,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-4*** **Description**: - + This test case will check that an Invoker cannot create a Security context with valid apiInvokerId. **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with invalid apiInvokerId **Information of Test**: @@ -133,10 +133,10 @@ At this documentation you will have all information and related files and exampl * Use **Invoker Certificate** **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Create Security Context using Provider certificate - + **Expected Result**: 1. Create security context using Provider certificate: @@ -149,17 +149,17 @@ At this documentation you will have all information and related files and exampl 2. No context stored at DB - + ## Test Case 5: Retrieve the Security Context of an API Invoker **Test ID**:: ***capif_security_api-5*** **Description**: - + This test case will check that an provider can retrieve the Security context of an API Invoker **Pre-Conditions**: - + * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context **Information of Test**: @@ -176,12 +176,12 @@ At this documentation you will have all information and related files and exampl * Using **AEF Certificate** **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 3. Create Security Context using Provider certificate 4. Retrieve Security Context by Provider - + **Expected Result**: 1. Retrieve security context: @@ -194,11 +194,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-6*** **Description**: - + This test case will check that an provider can retrieve the Security context of an API Invoker **Pre-Conditions**: - + * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context **Information of Test**: @@ -210,11 +210,11 @@ At this documentation you will have all information and related files and exampl * Using **AEF Certificate**. **Execution Steps**: - + 2. Register Provider at CCF 3. Create Security Context using Provider certificate 4. Retrieve Security Context by Provider of invalid invoker - + **Expected Result**: 1. Retrieve security context: @@ -231,11 +231,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-7*** **Description**: - + This test case will check that an Provider cannot retrieve the Security context of an API Invoker without valid apfId **Pre-Conditions**: - + * API Exposure Function is not pre-authorised (has invalid apfId) **Information of Test**: @@ -252,12 +252,12 @@ At this documentation you will have all information and related files and exampl * Using **Invoker Certificate** **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Store signed Certificate 3. Create Security Context 4. Retrieve Security Context as Provider. - + **Expected Result**: 1. Create security context: @@ -274,11 +274,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-8*** **Description**: - + This test case will check that an Provider can delete a Security context **Pre-Conditions**: - + * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context **Information of Test**: @@ -299,12 +299,12 @@ At this documentation you will have all information and related files and exampl * Using **AEF Certificate** **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 3. Create Security Context using Provider certificate 4. Delete Security Context by Provider - + **Expected Result**: 1. Delete security context: @@ -324,11 +324,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-9*** **Description**: - + This test case will check that an Invoker cannot delete a Security context **Pre-Conditions**: - + * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context **Information of Test**: @@ -345,11 +345,11 @@ At this documentation you will have all information and related files and exampl * Use **Invoker Certificate** **Execution Steps**: - + 1. Register Provider at CCF 2. Create Security Context using Provider certificate 3. Delete Security Context by Invoker - + **Expected Result**: 1. Delete security context: @@ -366,11 +366,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-10*** **Description**: - + This test case will check that an Invoker cannot delete a Security context with invalid **Pre-Conditions**: - + * Invoker is pre-authorised. **Information of Test**: @@ -382,10 +382,10 @@ At this documentation you will have all information and related files and exampl * Use **Invoker Certificate** **Execution Steps**: - + 1. Register Provider at CCF 2. Delete Security Context by invoker - + **Expected Result**: 1. Delete security context: @@ -402,11 +402,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-11*** **Description**: - + This test case will check that an Provider cannot delete a Security context of invalid apiInvokerId **Pre-Conditions**: - + * Provider is pre-authorised (has valid apfId from CAPIF Authority). **Information of Test**: @@ -418,10 +418,10 @@ At this documentation you will have all information and related files and exampl * Use **AEF Certificate** **Execution Steps**: - + 1. Register Provider at CCF 2. Delete Security Context by provider - + **Expected Result**: 1. Retrieve security context: @@ -438,11 +438,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-12*** **Description**: - + This test case will check that an API Invoker can update a Security context **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized **Information of Test**: @@ -453,7 +453,7 @@ At this documentation you will have all information and related files and exampl * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. - + 3. Update Security Context of Invoker: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update** * body [service security body] but with notification destination modified to **http://robot.testing2** @@ -464,19 +464,19 @@ At this documentation you will have all information and related files and exampl * Using **AEF Certificate**. **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 3. Create Security Context By Invoker 4. Update Security Context By Invoker 5. Retrieve Security Context By Provider - + **Expected Result**: 1. Update security context: 1. **200 OK** response. 2. body returned must accomplish **ServiceSecurity** data structure. - + 2. Retrieve security context: 1. **200 OK** response. 2. body returned must accomplish **ServiceSecurity** data structure. @@ -488,11 +488,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-13*** **Description**: - + This test case will check that an Provider cannot update a Security context **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized. * Invoker has created the Security Context previously. @@ -504,19 +504,19 @@ At this documentation you will have all information and related files and exampl * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. - + 3. Update Security Context of Invoker by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update** * body [service security body] but with notification destination modified to **http://robot.testing2** * Using **AEF Certificate** **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 3. Create Security Context 4. Update Security Context as Provider - + **Expected Result**: 1. Update security context: @@ -533,28 +533,28 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-14*** **Description**: - + This test case will check that an Provider cannot update a Security context of invalid apiInvokerId **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized. * Invoker has created the Security Context previously. **Information of Test**: 1. Perform [Provider Registration] - + 2. Update Security Context of Invoker by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update** * body [service security body] * Using **AEF Certificate** **Execution Steps**: - + 1. Register Provider at CCF 2. Update Security Context as Provider - + **Expected Result**: 1. Update security context: @@ -571,27 +571,27 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-15*** **Description**: - + This test case will check that an API Invoker cannot update a Security context not valid apiInvokerId **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] - + 2. Update Security Context of Invoker: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update** * body [service security body] * Using **Invoker Certificate**. **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Update Security Context - + **Expected Result**: 1. Retrieve security context: @@ -608,11 +608,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-16*** **Description**: - + This test case will check that a Provider can revoke the authorization for APIs **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized **Information of Test**: @@ -623,7 +623,7 @@ At this documentation you will have all information and related files and exampl * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate** - + 3. Revoke Authorization by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] @@ -635,13 +635,13 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 3. Create Security Context by Invoker 4. Revoke Security Context by Provider 5. Retrieve Security Context by Provider - + **Expected Result**: 1. Revoke Authorization: @@ -661,11 +661,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-17*** **Description**: - + This test case will check that an Invoker can't revoke the authorization for APIs **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized **Information of Test**: @@ -676,7 +676,7 @@ At this documentation you will have all information and related files and exampl * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. - + 3. Revoke Authorization by invoker: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** * body [security notification body] @@ -687,13 +687,13 @@ At this documentation you will have all information and related files and exampl * Using Provider Certificate **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 3. Create Security Context 4. Revoke Security Context by invoker 5. Retrieve Security Context - + **Expected Result**: 1. Revoke Security Context by invoker: @@ -715,11 +715,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-18*** **Description**: - + This test case will check that an API Exposure Function cannot revoke the authorization for APIs for invalid apiInvokerId **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized **Information of Test**: @@ -730,7 +730,7 @@ At this documentation you will have all information and related files and exampl * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * body [service security body] * Using **Invoker Certificate**. - + 3. Revoke Authorization by Provider: * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/delete** * body [security notification body] @@ -742,13 +742,13 @@ At this documentation you will have all information and related files and exampl * Using **AEF Certificate**. **Execution Steps**: - + 1. Register and onboard Invoker at CCF 2. Register Provider at CCF 3. Create Security Context 4. Revoke Security Context by Provider 5. Retrieve Security Context - + **Expected Result**: 1. Revoke Security Context by invoker: @@ -770,11 +770,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-19*** **Description**: - + This test case will check that an API Invoker can retrieve a security access token OAuth 2.0. **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerId) * Service API of Provider is published @@ -805,15 +805,15 @@ At this documentation you will have all information and related files and exampl * ***grant_type=client_credentials***. * Create Scope properly for request: ***3gpp#{aef_id}:{api_name}*** * Using **Invoker Certificate**. - + **Execution Steps**: - + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF 2. Register and onboard Invoker at CCF 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. 5. Request Access Token - + **Expected Result**: 1. Response to Request of Access Token: @@ -827,11 +827,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-20*** **Description**: - + This test case will check that an API Exposure Function cannot revoke the authorization for APIs for invalid apiInvokerId **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized **Information of Test**: @@ -868,7 +868,7 @@ At this documentation you will have all information and related files and exampl 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. 5. Request Access Token by Provider - + **Expected Result**: 1. Response to Request of Access Token: @@ -882,11 +882,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-21*** **Description**: - + This test case will check that an API Exposure Function cannot retrieve a security access token without valid apiInvokerId **Pre-Conditions**: - + * API Invoker is pre-authorised and Provider is also authorized **Information of Test**: @@ -923,7 +923,7 @@ At this documentation you will have all information and related files and exampl 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. 5. Request Access Token by Provider - + **Expected Result**: 1. Response to Request of Access Token: @@ -931,18 +931,18 @@ At this documentation you will have all information and related files and exampl 2. body returned must accomplish **AccessTokenErr** data structure, with: * error unauthorized_client * error_description=Role not authorized for this API route - + ## Test Case 22: Retrieve access token with invalid apiInvokerId **Test ID**:: ***capif_security_api-22*** **Description**: - + This test case will check that an API Invoker can't retrieve a security access token without valid apiInvokerId **Pre-Conditions**: - + * API Invoker is pre-authorised (has valid apiInvokerId) **Information of Test**: @@ -994,11 +994,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-23*** **Description**: - + This test case will check that an API Exposure Function cannot retrieve a security access token without valid client_id at body **Pre-Conditions**: - + * API Invoker is pre-authorised and Provider is also authorized **Information of Test**: @@ -1036,7 +1036,7 @@ At this documentation you will have all information and related files and exampl 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. 5. Request Access Token by Invoker - + **Expected Result**: 1. Response to Request of Access Token: @@ -1051,17 +1051,17 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-24*** **Description**: - + This test case will check that an API Exposure Function cannot retrieve a security access token with unsupported grant_type **Pre-Conditions**: - + * API Invoker is pre-authorised and Provider is also authorized **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] - + 2. Publish Service API at CCF: * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * body [service api description] with apiName **service_1** @@ -1092,7 +1092,7 @@ At this documentation you will have all information and related files and exampl 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. 5. Request Access Token by Invoker - + **Expected Result**: 1. Response to Request of Access Token: @@ -1106,11 +1106,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-25*** **Description**: - + This test case will check that an API Exposure Function cannot retrieve a security access token with complete invalid scope **Pre-Conditions**: - + * API Invoker is pre-authorised and Provider is also authorized **Information of Test**: @@ -1148,7 +1148,7 @@ At this documentation you will have all information and related files and exampl 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. 5. Request Access Token by Invoker - + **Expected Result**: 1. Response to Request of Access Token: @@ -1163,11 +1163,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-26*** **Description**: - + This test case will check that an API Exposure Function cannot retrieve a security access token with invalid aefId at scope **Pre-Conditions**: - + * API Invoker is pre-authorised and Provider is also authorized **Information of Test**: @@ -1205,7 +1205,7 @@ At this documentation you will have all information and related files and exampl 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. 5. Request Access Token by Invoker - + **Expected Result**: 1. Response to Request of Access Token: @@ -1220,11 +1220,11 @@ At this documentation you will have all information and related files and exampl **Test ID**:: ***capif_security_api-27*** **Description**: - + This test case will check that an API Exposure Function cannot retrieve a security access token with invalid apiName at scope **Pre-Conditions**: - + * API Invoker is pre-authorised and Provider is also authorized **Information of Test**: @@ -1262,7 +1262,7 @@ At this documentation you will have all information and related files and exampl 3. Discover Service APIs by Invoker. 4. Create Security Context According to Service APIs discovered. 5. Request Access Token by Invoker - + **Expected Result**: 1. Response to Request of Access Token: diff --git a/doc/testing/testplan/common_operations/README.md b/doc/testing/testplan/common_operations/README.md index a77e947..48d31a8 100644 --- a/doc/testing/testplan/common_operations/README.md +++ b/doc/testing/testplan/common_operations/README.md @@ -22,7 +22,7 @@ The steps to register a new user at Register Service are: * Send **POST** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/createUser** * Include Admin **access_token** in **Authorization Bearer Header** * Body [user_registration_body] - + ![Flow](../../../images/flows/02_Creation_of_user.png) ### User Retrieve access token and other information -- GitLab From 6a2d6fa3de66d67f8de9685e7a8ac0439189d98e Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Mon, 24 Jun 2024 11:13:59 +0200 Subject: [PATCH 4/9] Refactor and change on description in discover test suite --- .../testplan/api_discover_service/README.md | 24 ++--- .../testplan/api_invoker_management/README.md | 92 +++++++++---------- 2 files changed, 57 insertions(+), 59 deletions(-) diff --git a/doc/testing/testplan/api_discover_service/README.md b/doc/testing/testplan/api_discover_service/README.md index 5d89b90..9837569 100644 --- a/doc/testing/testplan/api_discover_service/README.md +++ b/doc/testing/testplan/api_discover_service/README.md @@ -7,13 +7,13 @@ At this documentation you will have all information and related files and exampl **Description**: - This test case will check if NetApp (Invoker) can discover published service APIs. + This test case will check if Network App (Invoker) can discover published service APIs. **Pre-Conditions**: * Service APIs are published. - * NetApp was registered previously - * NetApp was onboarded previously with {onboardingId} + * Network App was registered previously + * Network App was onboarded previously with {onboardingId} **Execution Steps**: @@ -167,13 +167,13 @@ At this documentation you will have all information and related files and exampl **Description**: - This test case will check if NetApp (Invoker) can discover published service APIs. + This test case will check if Network App (Invoker) can discover published service APIs. **Pre-Conditions**: * At least 2 Service APIs are published. - * NetApp was registered previously - * NetApp was onboarded previously with {onboardingId} + * Network App was registered previously + * Network App was onboarded previously with {onboardingId} **Execution Steps**: @@ -228,13 +228,13 @@ At this documentation you will have all information and related files and exampl **Description**: - This test case will check if NetApp (Invoker) can discover published service APIs. + This test case will check if Network App (Invoker) can discover published service APIs. **Pre-Conditions**: * At least 2 Service APIs are published. - * NetApp was registered previously - * NetApp was onboarded previously with {onboardingId} + * Network App was registered previously + * Network App was onboarded previously with {onboardingId} **Execution Steps**: @@ -292,13 +292,13 @@ At this documentation you will have all information and related files and exampl **Description**: - This test case will check if NetApp (Invoker) can discover published service APIs. + This test case will check if Network App (Invoker) can discover published service APIs. **Pre-Conditions**: * 2 Service APIs are published. - * NetApp was registered previously - * NetApp was onboarded previously with {onboardingId} + * Network App was registered previously + * Network App was onboarded previously with {onboardingId} **Execution Steps**: diff --git a/doc/testing/testplan/api_invoker_management/README.md b/doc/testing/testplan/api_invoker_management/README.md index 4b51190..5022787 100644 --- a/doc/testing/testplan/api_invoker_management/README.md +++ b/doc/testing/testplan/api_invoker_management/README.md @@ -15,6 +15,12 @@ At this documentation you will have all information and related files and exampl * NetApp was not onboarded previously * ***Preconditions: The administrator must have previously registered the User.*** +**Execution Steps**: + + 1. Retrieve access_token by User from register + 2. Onboard Invoker at CCF + 3. Store signed Certificate + **Information of Test**: 1. Create public and private key at invoker @@ -31,12 +37,6 @@ At this documentation you will have all information and related files and exampl * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker. * Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) -**Execution Steps**: - - 1. Retrieve access_token by User from register - 2. Onboard Invoker at CCF - 3. Store signed Certificate - **Expected Result**: 1. Response to Onboard request must accomplish: @@ -60,6 +60,13 @@ At this documentation you will have all information and related files and exampl * NetApp was registered previously * NetApp was onboarded previously +**Execution Steps**: + + 1. Register NetApp at CCF + 2. Onboard NetApp at CCF + 3. Store signed Certificate at NetApp + 4. Onboard Again the NetApp at CCF + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -70,13 +77,6 @@ At this documentation you will have all information and related files and exampl * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker. * Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token}) -**Execution Steps**: - - 1. Register NetApp at CCF - 2. Onboard NetApp at CCF - 3. Store signed Certificate at NetApp - 4. Onboard Again the NetApp at CCF - **Expected Result**: 1. Response to Onboard request must accomplish: @@ -107,6 +107,13 @@ At this documentation you will have all information and related files and exampl * NetApp was registered previously * NetApp was onboarded previously with {onboardingId} +**Execution Steps**: + + 1. Register Invoker at CCF + 2. Onboard Invoker at CCF + 3. Store signed Certificate + 4. Update Onboarding Information at CCF with a minor change on "notificationDestination" + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -116,13 +123,6 @@ At this documentation you will have all information and related files and exampl * Reference Request Body is: [put invoker onboarding body] * "notificationDestination": "*http://host.docker.internal:8086/netapp_new_callback*", -**Execution Steps**: - - 1. Register Invoker at CCF - 2. Onboard Invoker at CCF - 3. Store signed Certificate - 4. Update Onboarding Information at CCF with a minor change on "notificationDestination" - **Expected Result**: 1. Response to Onboard request must accomplish: @@ -149,6 +149,12 @@ At this documentation you will have all information and related files and exampl * NetApp was registered previously * NetApp was not onboarded previously +**Execution Steps**: + + 1. Register Invoker at CCF + 2. Onboard Invoker at CCF + 3. Update Onboarding Information at CCF of not onboarded + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -157,12 +163,6 @@ At this documentation you will have all information and related files and exampl * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}** * Reference Request Body is: [put invoker onboarding body] -**Execution Steps**: - - 1. Register Invoker at CCF - 2. Onboard Invoker at CCF - 3. Update Onboarding Information at CCF of not onboarded - **Expected Result**: 1. Response to Onboard request must accomplish: @@ -176,7 +176,6 @@ At this documentation you will have all information and related files and exampl * cause with message "Not exist NetappID". - ## Test Case 5: Offboard NetApp **Test ID**: ***capif_api_invoker_management-5*** @@ -190,6 +189,12 @@ At this documentation you will have all information and related files and exampl * NetApp was registered previously * NetApp was onboarded previously +**Execution Steps**: + + 1. Register Invoker at CCF + 2. Onboard Invoker at CCF + 3. Offboard Invoker at CCF + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -197,12 +202,6 @@ At this documentation you will have all information and related files and exampl 2. Offboard: * Send **DELETE** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}** -**Execution Steps**: - - 1. Register Invoker at CCF - 2. Onboard Invoker at CCF - 3. Offboard Invoker at CCF - **Expected Result**: 1. Response to Onboard request must accomplish: @@ -224,6 +223,11 @@ At this documentation you will have all information and related files and exampl * NetApp was registered previously * NetApp was not onboarded previously +**Execution Steps**: + + 1. Register Invoker at CCF + 2. Offboard Invoker at CCF + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -231,11 +235,6 @@ At this documentation you will have all information and related files and exampl 2. Offboard: * Send **DELETE** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}** -**Execution Steps**: - - 1. Register Invoker at CCF - 2. Offboard Invoker at CCF - **Expected Result**: 1. Response to Offboard Request (DELETE) must contain: @@ -259,6 +258,14 @@ At this documentation you will have all information and related files and exampl * NetApp was registered previously * NetApp was onboarded previously with {onboardingId} and {public_key_1} +**Execution Steps**: + + 1. Register Invoker at CCF + 2. Onboard Invoker at CCF + 3. Store signed Certificate + 4. Update Onboarding Information at CCF with new public key + 5. Update Onboarding Information at CCF with minor change + **Information of Test**: 1. Perform [Invoker Onboarding] with public_key_1. @@ -277,14 +284,6 @@ At this documentation you will have all information and related files and exampl * "notificationDestination": "*http://host.docker.internal:8086/netapp_new_callback*", * Use new **Invoker Certificate** -**Execution Steps**: - - 1. Register Invoker at CCF - 2. Onboard Invoker at CCF - 3. Store signed Certificate - 4. Update Onboarding Information at CCF with new public key - 5. Update Onboarding Information at CCF with minor change - **Expected Result**: 1. Response to Onboard request must accomplish: @@ -302,7 +301,6 @@ At this documentation you will have all information and related files and exampl - [invoker onboarding body]: ./invoker_details_post_example.json "API Invoker Request" [user_getauth_response_body_example]: ../common_operations/user_getauth_response_body_example.json "User GetAuth response Body Example" [put register body]: ./invoker_details_put_example.json "API Invoker Update Request" -- GitLab From e6a3b141f9e9824be88c1cde5cae40cd626ad40d Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Mon, 24 Jun 2024 11:36:38 +0200 Subject: [PATCH 5/9] Change NetApp to Network App --- .../testplan/api_invoker_management/README.md | 72 +++++++++---------- 1 file changed, 36 insertions(+), 36 deletions(-) diff --git a/doc/testing/testplan/api_invoker_management/README.md b/doc/testing/testplan/api_invoker_management/README.md index 5022787..076d9e7 100644 --- a/doc/testing/testplan/api_invoker_management/README.md +++ b/doc/testing/testplan/api_invoker_management/README.md @@ -1,18 +1,18 @@ # Test Plan for CAPIF Api Invoker Management At this documentation you will have all information and related files and examples of test plan for this API. -## Test Case 1: Onboard NetApp +## Test Case 1: Onboard Network App **Test ID**: ***capif_api_invoker_management-1*** **Description**: - This test will try to register new NetApp at CAPIF Core. + This test will try to register new Network App at CAPIF Core. **Pre-Conditions**: - * NetApp was not registered previously - * NetApp was not onboarded previously + * Network App was not registered previously + * Network App was not onboarded previously * ***Preconditions: The administrator must have previously registered the User.*** **Execution Steps**: @@ -47,25 +47,25 @@ At this documentation you will have all information and related files and exampl 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** -## Test Case 2: Onboard NetApp Already onboarded +## Test Case 2: Onboard Network App Already onboarded **Test ID**: ***capif_api_invoker_management-2*** **Description**: - This test will check second onboard of same NetApp is not allowed. + This test will check second onboard of same Network App is not allowed. **Pre-Conditions**: - * NetApp was registered previously - * NetApp was onboarded previously + * Network App was registered previously + * Network App was onboarded previously **Execution Steps**: - 1. Register NetApp at CCF - 2. Onboard NetApp at CCF - 3. Store signed Certificate at NetApp - 4. Onboard Again the NetApp at CCF + 1. Register Network App at CCF + 2. Onboard Network App at CCF + 3. Store signed Certificate at Network App + 4. Onboard Again the Network App at CCF **Information of Test**: @@ -85,7 +85,7 @@ At this documentation you will have all information and related files and exampl * apiInvokerId * onboardingInformation->apiInvokerCertificate must contain the public key signed. 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** - 2. Response to Second Onboard of NetApp must accomplish: + 2. Response to Second Onboard of Network App must accomplish: 1. **403 Forbidden** 2. Error Response Body must accomplish with **ProblemDetails** data structure with: * status 403 @@ -94,18 +94,18 @@ At this documentation you will have all information and related files and exampl * cause with message "Identical invoker public key". -## Test Case 3: Update Onboarded NetApp +## Test Case 3: Update Onboarded Network App **Test ID**: ***capif_api_invoker_management-3*** **Description**: - This test will try to update information of previous onboard NetApp at CAPIF Core. + This test will try to update information of previous onboard Network App at CAPIF Core. **Pre-Conditions**: - * NetApp was registered previously - * NetApp was onboarded previously with {onboardingId} + * Network App was registered previously + * Network App was onboarded previously with {onboardingId} **Execution Steps**: @@ -136,18 +136,18 @@ At this documentation you will have all information and related files and exampl 2. notificationDestination on response must contain the new value -## Test Case 4: Update Not Onboarded NetApp +## Test Case 4: Update Not Onboarded Network App **Test ID**: ***capif_api_invoker_management-4*** **Description**: - This test will try to update information of not onboarded NetApp at CAPIF Core. + This test will try to update information of not onboarded Network App at CAPIF Core. **Pre-Conditions**: - * NetApp was registered previously - * NetApp was not onboarded previously + * Network App was registered previously + * Network App was not onboarded previously **Execution Steps**: @@ -172,22 +172,22 @@ At this documentation you will have all information and related files and exampl 2. Error Response Body must accomplish with **ProblemDetails** data structure with: * status 404 * title with message "Not Found" - * detail with message "Please provide an existing Netapp ID". - * cause with message "Not exist NetappID". + * detail with message "Please provide an existing Network App ID". + * cause with message "Not exist Network App ID". -## Test Case 5: Offboard NetApp +## Test Case 5: Offboard Network App **Test ID**: ***capif_api_invoker_management-5*** **Description**: - This test case will check that a Registered NetApp can be deleted. + This test case will check that a Registered Network App can be deleted. **Pre-Conditions**: - * NetApp was registered previously - * NetApp was onboarded previously + * Network App was registered previously + * Network App was onboarded previously **Execution Steps**: @@ -210,18 +210,18 @@ At this documentation you will have all information and related files and exampl 1. **204 No Content** -## Test Case 6: Offboard Not previsouly Onboarded NetApp +## Test Case 6: Offboard Not previsouly Onboarded Network App **Test ID**: ***capif_api_invoker_management-6*** **Description**: - This test case will check that a Non-Registered NetApp cannot be deleted + This test case will check that a Non-Registered Network App cannot be deleted **Pre-Conditions**: - * NetApp was registered previously - * NetApp was not onboarded previously + * Network App was registered previously + * Network App was not onboarded previously **Execution Steps**: @@ -242,10 +242,10 @@ At this documentation you will have all information and related files and exampl 2. Error Response Body must accomplish with **ProblemDetails** data structure with: * status 404 * title with message "Not Found" - * detail with message "Please provide an existing Netapp ID". - * cause with message "Not exist NetappID". + * detail with message "Please provide an existing Network App ID". + * cause with message "Not exist Network App ID". -## Test Case 7: Update Onboarded NetApp Certificate +## Test Case 7: Update Onboarded Network App Certificate **Test ID**: ***capif_api_invoker_management-7*** @@ -255,8 +255,8 @@ At this documentation you will have all information and related files and exampl **Pre-Conditions**: - * NetApp was registered previously - * NetApp was onboarded previously with {onboardingId} and {public_key_1} + * Network App was registered previously + * Network App was onboarded previously with {onboardingId} and {public_key_1} **Execution Steps**: -- GitLab From efcf35940f07e4676b24447ac0d473a89afb42f1 Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Mon, 24 Jun 2024 12:10:58 +0200 Subject: [PATCH 6/9] logging test plan refactored --- .../testplan/api_logging_service/README.md | 58 +++++++++---------- 1 file changed, 26 insertions(+), 32 deletions(-) diff --git a/doc/testing/testplan/api_logging_service/README.md b/doc/testing/testplan/api_logging_service/README.md index fbb87d4..b2437e9 100644 --- a/doc/testing/testplan/api_logging_service/README.md +++ b/doc/testing/testplan/api_logging_service/README.md @@ -15,6 +15,11 @@ At this documentation you will have all information and related files and exampl * Service exist in CAPIF * Invoker exist in CAPIF +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + **Information of Test**: 1. Perform [provider onboarding] and [invoker onboarding] @@ -29,11 +34,6 @@ At this documentation you will have all information and related files and exampl 2. body [log entry request body] 3. Use **AEF Certificate** -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - **Expected Result**: 1. Response to Logging Service must accomplish: @@ -45,8 +45,6 @@ At this documentation you will have all information and related files and exampl 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invocation-logs/v1/{aefId}/logs/{logId}** - - ## Test Case 2: Creates a new individual CAPIF Log Entry with Invalid aefId **Test ID**: ***capif_api_logging-2*** @@ -61,6 +59,11 @@ At this documentation you will have all information and related files and exampl * Service exist in CAPIF * Invoker exist in CAPIF +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + **Information of Test**: 1. Perform [provider onboarding] and [invoker onboarding] @@ -75,11 +78,6 @@ At this documentation you will have all information and related files and exampl 2. body [log entry request body] 3. Use **AEF Certificate** -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - **Expected Result**: 1. Response to Logging Service must accomplish: @@ -90,6 +88,7 @@ At this documentation you will have all information and related files and exampl * detail with message "Exposer not exist". * cause with message "Exposer id not found". + ## Test Case 3: Creates a new individual CAPIF Log Entry with Invalid serviceAPI **Test ID**: ***capif_api_logging-3*** @@ -102,6 +101,11 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid aefId from CAPIF Authority) +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + **Information of Test**: 1. Perform [provider onboarding] and [invoker onboarding] @@ -116,11 +120,6 @@ At this documentation you will have all information and related files and exampl 2. body [log entry request body with serviceAPI apiName apiId not valid] 3. Use **AEF Certificate** -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - **Expected Result**: 1. Response to Logging Service must accomplish: @@ -132,7 +131,6 @@ At this documentation you will have all information and related files and exampl * cause with message "Invoker id not found". - ## Test Case 4: Creates a new individual CAPIF Log Entry with Invalid apiInvokerId **Test ID**: ***capif_api_logging-4*** @@ -145,6 +143,11 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid aefId from CAPIF Authority) +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + **Information of Test**: 1. Perform [provider onboarding] and [invoker onboarding] @@ -159,11 +162,6 @@ At this documentation you will have all information and related files and exampl 2. body [log entry request body with invokerId not valid] 3. Use **AEF Certificate** -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - **Expected Result**: 1. Response to Onboard request must accomplish: @@ -199,6 +197,11 @@ At this documentation you will have all information and related files and exampl * Service exist in CAPIF * Invoker exist in CAPIF +**Execution Steps**: + 1. Register Provider and Invoker CCF + 2. Publish Service + 3. Create Log Entry + **Information of Test**: 1. Perform [provider onboarding] and [invoker onboarding] @@ -213,11 +216,6 @@ At this documentation you will have all information and related files and exampl 2. body [log entry request body with bad aefId] 3. Use **AEF Certificate** -**Execution Steps**: - 1. Register Provider and Invoker CCF - 2. Publish Service - 3. Create Log Entry - **Expected Result**: 1. Response to Logging Service must accomplish: @@ -229,10 +227,6 @@ At this documentation you will have all information and related files and exampl * cause with message "Not identical AEF id". - - - - [log entry request body]: ./invocation_log.json "Log Request Body" [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding" -- GitLab From d8376943786ec546ef80a68316f9f4c0302bfefa Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Mon, 24 Jun 2024 12:17:06 +0200 Subject: [PATCH 7/9] Provider Management refactored2 ! --- .../api_provider_management/README.md | 99 ++++++++++--------- 1 file changed, 52 insertions(+), 47 deletions(-) diff --git a/doc/testing/testplan/api_provider_management/README.md b/doc/testing/testplan/api_provider_management/README.md index 8d35d0c..839e8be 100644 --- a/doc/testing/testplan/api_provider_management/README.md +++ b/doc/testing/testplan/api_provider_management/README.md @@ -13,6 +13,11 @@ At this documentation you will have all information and related files and exampl * Provider is pre-authorised (has valid certificate from CAPIF Authority) +**Execution Steps**: + + 1. Create private and public key for provider and each function to register. + 2. Register Provider. + **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) @@ -30,11 +35,6 @@ At this documentation you will have all information and related files and exampl * Authentication Bearer with access_token * Store each cert in a file with according name. -**Execution Steps**: - - 1. Create private and public key for provider and each function to register. - 2. Register Provider. - **Expected Result**: 1. Register Provider at Provider Management: @@ -45,6 +45,7 @@ At this documentation you will have all information and related files and exampl 2. **apiProvCert** under **regInfo** is set properly 5. Location Header must contain the new resource URL **{apiRoot}/api-provider-management/v1/registrations/{registrationId}** + ## Test Case 2: Register Api Provider Already registered **Test ID**: ***capif_api_provider_management-2*** @@ -57,6 +58,12 @@ At this documentation you will have all information and related files and exampl * Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB +**Execution Steps**: + + 1. Create private and public key for provider and each function to register. + 2. Register Provider. + 3. Re-Register Provider. + **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) @@ -78,12 +85,6 @@ At this documentation you will have all information and related files and exampl * Same regSec than Previous registration -**Execution Steps**: - - 1. Create private and public key for provider and each function to register. - 2. Register Provider. - 3. Re-Register Provider. - **Expected Result**: 1. Re-Register Provider: @@ -95,6 +96,7 @@ At this documentation you will have all information and related files and exampl * detail with message "Provider already registered". * cause with message "Identical provider reg sec". + ## Test Case 3: Update Registered Api Provider **Test ID**: ***capif_api_provider_management-3*** @@ -107,6 +109,12 @@ At this documentation you will have all information and related files and exampl * Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB +**Execution Steps**: + + 1. Create private and public key for provider and each function to register. + 2. Register Provider + 3. Update Provider + **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) @@ -129,13 +137,6 @@ At this documentation you will have all information and related files and exampl * body [provider request body] with apiProvDomInfo set to ROBOT_TESTING_MOD * Use AMF Certificate. - -**Execution Steps**: - - 1. Create private and public key for provider and each function to register. - 2. Register Provider - 3. Update Provider - **Expected Result**: 1. Register Provider: @@ -162,6 +163,11 @@ At this documentation you will have all information and related files and exampl * Api Provider was not registered previously +**Execution Steps**: + + 1. Register Provider at CCF + 2. Update Not Registered Provider + **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) @@ -185,11 +191,6 @@ At this documentation you will have all information and related files and exampl * body [provider request body] * Use AMF Certificate. -**Execution Steps**: - - 1. Register Provider at CCF - 2. Update Not Registered Provider - **Expected Result**: 1. Update Not Registered Provider: @@ -200,6 +201,7 @@ At this documentation you will have all information and related files and exampl * detail with message "Not Exist Provider Enrolment Details". * cause with message "Not found registrations to Send **THIS** api provider details". + ## Test Case 5: Partially Update Registered Api Provider **Test ID**: ***capif_api_provider_management-5*** @@ -212,6 +214,12 @@ At this documentation you will have all information and related files and exampl * Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB +**Execution Steps**: + + 1. Register Provider at CCF + 2. Register Provider + 3. Partial update provider + **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) @@ -235,12 +243,6 @@ At this documentation you will have all information and related files and exampl * body [provider request patch body] * Use AMF Certificate. -**Execution Steps**: - - 1. Register Provider at CCF - 2. Register Provider - 3. Partial update provider - **Expected Result**: 1. Partial update provider at Provider Management: @@ -248,6 +250,7 @@ At this documentation you will have all information and related files and exampl 2. body returned must accomplish **APIProviderEnrolmentDetails** data structure, with: * apiProvDomInfo with "ROBOT_TESTING_MOD" + ## Test Case 6: Partially Update Not Registered Api Provider **Test ID**: ***capif_api_provider_management-6*** @@ -260,6 +263,12 @@ At this documentation you will have all information and related files and exampl * Api Provider was not registered previously +**Execution Steps**: + + 1. Register Provider at CCF + 2. Register Provider + 3. Partial update provider + **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) @@ -283,13 +292,6 @@ At this documentation you will have all information and related files and exampl * body [provider request patch body] * Use AMF Certificate. - -**Execution Steps**: - - 1. Register Provider at CCF - 2. Register Provider - 3. Partial update provider - **Expected Result**: 1. Partial update provider: @@ -301,6 +303,7 @@ At this documentation you will have all information and related files and exampl * detail with message "Not Exist Provider Enrolment Details". * cause with message "Not found registrations to Send **THIS** api provider details". + ## Test Case 7: Delete Registered Api Provider **Test ID**: ***capif_api_provider_management-7*** @@ -313,6 +316,12 @@ At this documentation you will have all information and related files and exampl * Api Provider was registered previously +**Execution Steps**: + + 1. Register Provider at CCF + 2. Register Provider + 3. Delete Provider + **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) @@ -335,17 +344,12 @@ At this documentation you will have all information and related files and exampl * Send **DELETE** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}** * Use AMF Certificate. -**Execution Steps**: - - 1. Register Provider at CCF - 2. Register Provider - 3. Delete Provider - **Expected Result**: 1. Delete Provider: 1. **204 No Content** response. + ## Test Case 8: Delete Not Registered Api Provider **Test ID**: ***capif_api_provider_management-8*** @@ -358,6 +362,11 @@ At this documentation you will have all information and related files and exampl * Api Provider was not registered previously +**Execution Steps**: + + 1. Register Provider at CCF + 2. Delete Provider + **Information of Test**: 1. Create public and private key at provider for provider itself and each function (apf, aef and amf) @@ -380,11 +389,6 @@ At this documentation you will have all information and related files and exampl * Send **DELETE** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}** * Use AMF Certificate. -**Execution Steps**: - - 1. Register Provider at CCF - 2. Delete Provider - **Expected Result**: 1. Delete Provider: @@ -395,6 +399,7 @@ At this documentation you will have all information and related files and exampl * detail with message "Not Exist Provider Enrolment Details". * cause with message "Not found registrations to Send **THIS** api provider details". + [provider request body]: ./provider_details_post_example.json "API Provider Enrolment Request" [provider request patch body]: ./provider_details_enrolment_details_patch_example.json "API Provider Enrolment Patch Request" -- GitLab From 82580d5f0ae76ab3b60e07a587f611da0ced46e3 Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Mon, 24 Jun 2024 12:26:31 +0200 Subject: [PATCH 8/9] Publish Service refactored --- .../testplan/api_publish_service/README.md | 189 +++++++++--------- 1 file changed, 96 insertions(+), 93 deletions(-) diff --git a/doc/testing/testplan/api_publish_service/README.md b/doc/testing/testplan/api_publish_service/README.md index 59e59e8..928c95e 100644 --- a/doc/testing/testplan/api_publish_service/README.md +++ b/doc/testing/testplan/api_publish_service/README.md @@ -13,6 +13,14 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + + 2. Publish Service API + + 3. Retrieve {apiId} from body and Location header with new resource created from response + **Information of Test**: 1. Perform [Provider Registration] @@ -23,14 +31,6 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - - 2. Publish Service API - - 3. Retrieve {apiId} from body and Location header with new resource created from response - **Expected Result**: 1. Response to Publish request must accomplish: @@ -41,6 +41,7 @@ At this documentation you will have all information and related files and exampl 3. Published Service API is stored in CAPIF Database + ## Test Case 2: Publish API by NON Authorised API Publisher **Test ID**: ***capif_api_publish_service-2*** @@ -53,6 +54,11 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority) +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Publish Service API with invalid APF ID + **Information of Test**: 1. Perform [Provider Registration] @@ -62,11 +68,6 @@ At this documentation you will have all information and related files and exampl * body [service api description] with apiName **service_1** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Publish Service API with invalid APF ID - **Expected Result**: 1. Response to Publish request must accomplish: @@ -93,6 +94,15 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) * At least 2 service APIs are published. +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Publish Service API **service_1** + 3. Retrieve {apiId1} from body and Location header with new resource created from response + 4. Publish Service API **service_2** + 5. Retrieve {apiId2} from body and Location header with new resource created from response + 6. Retrieve All published APIs and check if both are present. + **Information of Test**: 1. Perform [Provider Registration] @@ -113,15 +123,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Publish Service API **service_1** - 3. Retrieve {apiId1} from body and Location header with new resource created from response - 4. Publish Service API **service_2** - 5. Retrieve {apiId2} from body and Location header with new resource created from response - 6. Retrieve All published APIs and check if both are present. - **Expected Result**: 1. Response to service 1 Publish request must accomplish: @@ -143,6 +144,7 @@ At this documentation you will have all information and related files and exampl 2. Response body must return an array of **ServiceAPIDescription** data. 3. Array must contain all previously published APIs. + ## Test Case 4: Retrieve all APIs Published by NON Authorised apfId **Test ID**: ***capif_api_publish_service-4*** @@ -155,6 +157,11 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority) +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Retrieve All published APIs + **Information of Test**: 1. Perform [Provider Registration] @@ -163,11 +170,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** to **https://{CAPIF_HOSTNAME}/published-apis/v1/{APF_ID_NOT_VALID}/service-apis** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Retrieve All published APIs - **Expected Result**: 1. Response to Publish request must accomplish: @@ -180,6 +182,7 @@ At this documentation you will have all information and related files and exampl 2. Service API is NOT stored in CAPIF Database + ## Test Case 5: Retrieve single APIs Published by Authorised apfId **Test ID**: ***capif_api_publish_service-5*** @@ -193,6 +196,16 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) * At least 2 service APIs are published. +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Publish Service API **service_1**. + 3. Retrieve {apiId1} from body and Location header with new resource created from response. + 4. Publish Service API **service_2**. + 5. Retrieve {apiId2} from body and Location header with new resource created from response. + 6. Retrieve **service_1** API Detail. + 7. Retrieve **service_2** API Detail. + **Information of Test**: 1. Perform [Provider Registration] @@ -217,16 +230,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{apiId2}** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Publish Service API **service_1**. - 3. Retrieve {apiId1} from body and Location header with new resource created from response. - 4. Publish Service API **service_2**. - 5. Retrieve {apiId2} from body and Location header with new resource created from response. - 6. Retrieve **service_1** API Detail. - 7. Retrieve **service_2** API Detail. - **Expected Result**: 1. Response to service 1 Publish request must accomplish: @@ -267,6 +270,11 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) * No published api +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Retrieve not published API Detail. + **Information of Test**: 1. Perform [Provider Registration] @@ -274,11 +282,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Retrieve not published API Detail. - **Expected Result**: 1. Response to Retrieve for NOT published API must accomplish: @@ -302,6 +305,15 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority) +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Publish Service API at CCF + 3. Retrieve {apiId} from body and Location header with new resource created from response. + 4. Register and onboard Invoker at CCF + 5. Store signed **Invoker Certificate** + 6. Retrieve detailed published API acting as Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -316,15 +328,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** to **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/${apiId}** * Use **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Publish Service API at CCF - 3. Retrieve {apiId} from body and Location header with new resource created from response. - 4. Register and onboard Invoker at CCF - 5. Store signed **Invoker Certificate** - 6. Retrieve detailed published API acting as Invoker - **Expected Result**: 1. Response to Retrieve Detailed published API acting as Invoker must accomplish: @@ -351,6 +354,14 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) * A service APIs is published. +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Publish Service API + 3. Retrieve {apiId} from body and Location header with new resource url created from response + 4. Update published Service API. + 5. Retrieve detail of Service API + **Information of Test**: 1. Perform [Provider Registration] @@ -372,14 +383,6 @@ At this documentation you will have all information and related files and exampl * check apiName is **service_1**_modified * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Publish Service API - 3. Retrieve {apiId} from body and Location header with new resource url created from response - 4. Update published Service API. - 5. Retrieve detail of Service API - **Expected Result**: 1. Response to Publish request must accomplish: @@ -411,6 +414,11 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority) +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Update published Service API. + **Information of Test**: 1. Perform [Provider Registration] @@ -426,11 +434,6 @@ At this documentation you will have all information and related files and exampl * body [service api description] with overrided apiName to ***service_1**_modified*** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Update published Service API. - **Expected Result**: 1. Response to Publish request must accomplish: @@ -459,6 +462,16 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority) +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Publish Service API at CCF + 3. Retrieve {apiId} from body and Location header with new resource created from response. + 4. Register and onboard Invoker at CCF + 5. Store signed **Invoker Certificate** + 6. Update published API at CCF as Invoker + 7. Retrieve detail of Service API as publisher + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -479,16 +492,6 @@ At this documentation you will have all information and related files and exampl * check apiName is **service_1** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Publish Service API at CCF - 3. Retrieve {apiId} from body and Location header with new resource created from response. - 4. Register and onboard Invoker at CCF - 5. Store signed **Invoker Certificate** - 6. Update published API at CCF as Invoker - 7. Retrieve detail of Service API as publisher - **Expected Result**: 1. Response to Update published API acting as Invoker must accomplish: @@ -518,6 +521,14 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority). * A service APIs is published. +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Publish Service API + 3. Retrieve {apiId} from body and Location header with new resource created from response + 4. Remove published API at CCF + 5. Try to retreive deleted service API from CCF + **Information of Test**: 1. Perform [Provider Registration] @@ -535,14 +546,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Publish Service API - 3. Retrieve {apiId} from body and Location header with new resource created from response - 4. Remove published API at CCF - 5. Try to retreive deleted service API from CCF - **Expected Result**: 1. Response to Publish request must accomplish: @@ -577,6 +580,11 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority). +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Remove published API at CCF with invalid serviceId + **Information of Test**: 1. Perform [Provider Registration] @@ -585,11 +593,6 @@ At this documentation you will have all information and related files and exampl * Send **DELETE** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}** * Use **APF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Remove published API at CCF with invalid serviceId - **Expected Result**: 1. Response to Remove published Service API at CCF: @@ -613,6 +616,12 @@ At this documentation you will have all information and related files and exampl * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority). +**Execution Steps**: + + 1. Register Provider at CCF and store certificates. + 2. Register Invoker and onboard Invoker at CCF + 3. Remove published API at CCF with invalid serviceId as Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -627,12 +636,6 @@ At this documentation you will have all information and related files and exampl * Send **DELETE** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID_NOT_VALID}** * Use **Invoker Certificate**. -**Execution Steps**: - - 1. Register Provider at CCF and store certificates. - 2. Register Invoker and onboard Invoker at CCF - 3. Remove published API at CCF with invalid serviceId as Invoker - **Expected Result**: 1. Response to Remove published Service API at CCF: -- GitLab From 56b1a52c73ee000a82bb8eec1a73baf275804891 Mon Sep 17 00:00:00 2001 From: Jorge Moratinos Salcines Date: Mon, 24 Jun 2024 12:38:41 +0200 Subject: [PATCH 9/9] Security Service Refactored --- .../testplan/api_security_service/README.md | 380 +++++++++--------- 1 file changed, 190 insertions(+), 190 deletions(-) diff --git a/doc/testing/testplan/api_security_service/README.md b/doc/testing/testplan/api_security_service/README.md index 189d3f3..7b871cc 100644 --- a/doc/testing/testplan/api_security_service/README.md +++ b/doc/testing/testplan/api_security_service/README.md @@ -13,6 +13,12 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Store signed Certificate + 3. Create Security Context + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -21,12 +27,6 @@ At this documentation you will have all information and related files and exampl * body [service security body] * Use **Invoker Certificate** -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Store signed Certificate - 3. Create Security Context - **Expected Result**: 1. Create security context: @@ -47,6 +47,12 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Register Provider at CCF + 3. Create Security Context using Provider certificate + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -56,12 +62,6 @@ At this documentation you will have all information and related files and exampl * body [service security body] * Using **AEF Certificate** -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Register Provider at CCF - 3. Create Security Context using Provider certificate - **Expected Result**: 1. Create security context using Provider certificate: @@ -74,6 +74,7 @@ At this documentation you will have all information and related files and exampl 2. No context stored at DB + ## Test Case 3: Create a security context for an API invoker with Provider entity role and invalid apiInvokerId **Test ID**:: ***capif_security_api-3*** @@ -86,6 +87,11 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role +**Execution Steps**: + + 1. Register Provider at CCF + 2. Create Security Context using Provider certificate + **Information of Test**: 1. Perform [Provider Registration] @@ -95,11 +101,6 @@ At this documentation you will have all information and related files and exampl * body [service security body] * Using **AEF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF - 2. Create Security Context using Provider certificate - **Expected Result**: 1. Create security context using Provider certificate: @@ -111,6 +112,7 @@ At this documentation you will have all information and related files and exampl * cause with message "User role must be invoker". 2. No context stored at DB + ## Test Case 4: Create a security context for an API invoker with Invoker entity role and invalid apiInvokerId **Test ID**:: ***capif_security_api-4*** @@ -123,6 +125,11 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with invalid apiInvokerId +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Create Security Context using Provider certificate + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -132,11 +139,6 @@ At this documentation you will have all information and related files and exampl * body [service security body] * Use **Invoker Certificate** -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Create Security Context using Provider certificate - **Expected Result**: 1. Create security context using Provider certificate: @@ -162,6 +164,13 @@ At this documentation you will have all information and related files and exampl * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Register Provider at CCF + 3. Create Security Context using Provider certificate + 4. Retrieve Security Context by Provider + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -175,13 +184,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **AEF Certificate** -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Register Provider at CCF - 3. Create Security Context using Provider certificate - 4. Retrieve Security Context by Provider - **Expected Result**: 1. Retrieve security context: @@ -201,6 +203,12 @@ At this documentation you will have all information and related files and exampl * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context +**Execution Steps**: + + 2. Register Provider at CCF + 3. Create Security Context using Provider certificate + 4. Retrieve Security Context by Provider of invalid invoker + **Information of Test**: 1. Perform [Provider Registration] @@ -209,12 +217,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * Using **AEF Certificate**. -**Execution Steps**: - - 2. Register Provider at CCF - 3. Create Security Context using Provider certificate - 4. Retrieve Security Context by Provider of invalid invoker - **Expected Result**: 1. Retrieve security context: @@ -238,6 +240,13 @@ At this documentation you will have all information and related files and exampl * API Exposure Function is not pre-authorised (has invalid apfId) +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Store signed Certificate + 3. Create Security Context + 4. Retrieve Security Context as Provider. + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -251,13 +260,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Store signed Certificate - 3. Create Security Context - 4. Retrieve Security Context as Provider. - **Expected Result**: 1. Create security context: @@ -281,6 +283,13 @@ At this documentation you will have all information and related files and exampl * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Register Provider at CCF + 3. Create Security Context using Provider certificate + 4. Delete Security Context by Provider + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -298,13 +307,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **AEF Certificate** -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Register Provider at CCF - 3. Create Security Context using Provider certificate - 4. Delete Security Context by Provider - **Expected Result**: 1. Delete security context: @@ -331,6 +333,12 @@ At this documentation you will have all information and related files and exampl * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context +**Execution Steps**: + + 1. Register Provider at CCF + 2. Create Security Context using Provider certificate + 3. Delete Security Context by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -344,12 +352,6 @@ At this documentation you will have all information and related files and exampl * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Use **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF - 2. Create Security Context using Provider certificate - 3. Delete Security Context by Invoker - **Expected Result**: 1. Delete security context: @@ -373,6 +375,11 @@ At this documentation you will have all information and related files and exampl * Invoker is pre-authorised. +**Execution Steps**: + + 1. Register Provider at CCF + 2. Delete Security Context by invoker + **Information of Test**: 1. Perform [Invoker Onboarding] @@ -381,11 +388,6 @@ At this documentation you will have all information and related files and exampl * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * Use **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF - 2. Delete Security Context by invoker - **Expected Result**: 1. Delete security context: @@ -409,6 +411,11 @@ At this documentation you will have all information and related files and exampl * Provider is pre-authorised (has valid apfId from CAPIF Authority). +**Execution Steps**: + + 1. Register Provider at CCF + 2. Delete Security Context by provider + **Information of Test**: 1. Perform [Provider Registration] @@ -417,11 +424,6 @@ At this documentation you will have all information and related files and exampl * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * Use **AEF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF - 2. Delete Security Context by provider - **Expected Result**: 1. Retrieve security context: @@ -445,6 +447,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Register Provider at CCF + 3. Create Security Context By Invoker + 4. Update Security Context By Invoker + 5. Retrieve Security Context By Provider + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -463,14 +473,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **AEF Certificate**. -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Register Provider at CCF - 3. Create Security Context By Invoker - 4. Update Security Context By Invoker - 5. Retrieve Security Context By Provider - **Expected Result**: 1. Update security context: @@ -496,6 +498,13 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized. * Invoker has created the Security Context previously. +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Register Provider at CCF + 3. Create Security Context + 4. Update Security Context as Provider + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -510,13 +519,6 @@ At this documentation you will have all information and related files and exampl * body [service security body] but with notification destination modified to **http://robot.testing2** * Using **AEF Certificate** -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Register Provider at CCF - 3. Create Security Context - 4. Update Security Context as Provider - **Expected Result**: 1. Update security context: @@ -541,6 +543,11 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized. * Invoker has created the Security Context previously. +**Execution Steps**: + + 1. Register Provider at CCF + 2. Update Security Context as Provider + **Information of Test**: 1. Perform [Provider Registration] @@ -550,11 +557,6 @@ At this documentation you will have all information and related files and exampl * body [service security body] * Using **AEF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF - 2. Update Security Context as Provider - **Expected Result**: 1. Update security context: @@ -578,6 +580,11 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Update Security Context + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -587,11 +594,6 @@ At this documentation you will have all information and related files and exampl * body [service security body] * Using **Invoker Certificate**. -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Update Security Context - **Expected Result**: 1. Retrieve security context: @@ -615,6 +617,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Register Provider at CCF + 3. Create Security Context by Invoker + 4. Revoke Security Context by Provider + 5. Retrieve Security Context by Provider + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -633,15 +643,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using **AEF Certificate**. - -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Register Provider at CCF - 3. Create Security Context by Invoker - 4. Revoke Security Context by Provider - 5. Retrieve Security Context by Provider - **Expected Result**: 1. Revoke Authorization: @@ -668,6 +669,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Register Provider at CCF + 3. Create Security Context + 4. Revoke Security Context by invoker + 5. Retrieve Security Context + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -686,14 +695,6 @@ At this documentation you will have all information and related files and exampl * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Using Provider Certificate -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Register Provider at CCF - 3. Create Security Context - 4. Revoke Security Context by invoker - 5. Retrieve Security Context - **Expected Result**: 1. Revoke Security Context by invoker: @@ -722,6 +723,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized +**Execution Steps**: + + 1. Register and onboard Invoker at CCF + 2. Register Provider at CCF + 3. Create Security Context + 4. Revoke Security Context by Provider + 5. Retrieve Security Context + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -741,14 +750,6 @@ At this documentation you will have all information and related files and exampl * This request will ask with parameter to retrieve authenticationInfo and authorizationInfo * Using **AEF Certificate**. -**Execution Steps**: - - 1. Register and onboard Invoker at CCF - 2. Register Provider at CCF - 3. Create Security Context - 4. Revoke Security Context by Provider - 5. Retrieve Security Context - **Expected Result**: 1. Revoke Security Context by invoker: @@ -778,6 +779,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerId) * Service API of Provider is published +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -806,14 +815,6 @@ At this documentation you will have all information and related files and exampl * Create Scope properly for request: ***3gpp#{aef_id}:{api_name}*** * Using **Invoker Certificate**. -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token - **Expected Result**: 1. Response to Request of Access Token: @@ -834,6 +835,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token by Provider + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -861,14 +870,6 @@ At this documentation you will have all information and related files and exampl * ***grant_type=client_credentials*** * Using **AEF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token by Provider - **Expected Result**: 1. Response to Request of Access Token: @@ -877,6 +878,7 @@ At this documentation you will have all information and related files and exampl * error unauthorized_client * error_description=Role not authorized for this API route + ## Test Case 21: Retrieve access token by Provider with invalid apiInvokerId **Test ID**:: ***capif_security_api-21*** @@ -889,6 +891,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised and Provider is also authorized +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token by Provider + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -916,14 +926,6 @@ At this documentation you will have all information and related files and exampl * ***grant_type=client_credentials*** * Using **AEF Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token by Provider - **Expected Result**: 1. Response to Request of Access Token: @@ -945,6 +947,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised (has valid apiInvokerId) +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -968,14 +978,6 @@ At this documentation you will have all information and related files and exampl * ***grant_type=client_credentials*** * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token by Invoker - **Expected Result**: 1. Response to Request of Access Token: @@ -989,6 +991,7 @@ At this documentation you will have all information and related files and exampl **NOTE: ProblemDetails29571 is the definition present for this request at swagger of ProblemDetails, and this is different from definition of ProblemDetails across other CAPIF Services** + ## Test Case 23: Retrieve access token with invalid client_id **Test ID**:: ***capif_security_api-23*** @@ -1001,6 +1004,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised and Provider is also authorized +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -1029,14 +1040,6 @@ At this documentation you will have all information and related files and exampl * **client_id is not-valid** * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token by Invoker - **Expected Result**: 1. Response to Request of Access Token: @@ -1058,6 +1061,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised and Provider is also authorized +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -1085,14 +1096,6 @@ At this documentation you will have all information and related files and exampl * ***grant_type=not_valid*** * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token by Invoker - **Expected Result**: 1. Response to Request of Access Token: @@ -1113,6 +1116,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised and Provider is also authorized +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -1141,14 +1152,6 @@ At this documentation you will have all information and related files and exampl * ***scope=not-valid-scope*** * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token by Invoker - **Expected Result**: 1. Response to Request of Access Token: @@ -1170,6 +1173,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised and Provider is also authorized +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -1198,14 +1209,6 @@ At this documentation you will have all information and related files and exampl * ***scope=3gpp#1234:**service_1*** * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token by Invoker - **Expected Result**: 1. Response to Request of Access Token: @@ -1227,6 +1230,14 @@ At this documentation you will have all information and related files and exampl * API Invoker is pre-authorised and Provider is also authorized +**Execution Steps**: + + 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF + 2. Register and onboard Invoker at CCF + 3. Discover Service APIs by Invoker. + 4. Create Security Context According to Service APIs discovered. + 5. Request Access Token by Invoker + **Information of Test**: 1. Perform [Provider Registration] and [Invoker Onboarding] @@ -1255,14 +1266,6 @@ At this documentation you will have all information and related files and exampl * ***scope=3gpp#{aef_id}:not-valid*** * Using **Invoker Certificate** -**Execution Steps**: - - 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF - 2. Register and onboard Invoker at CCF - 3. Discover Service APIs by Invoker. - 4. Create Security Context According to Service APIs discovered. - 5. Request Access Token by Invoker - **Expected Result**: 1. Response to Request of Access Token: @@ -1273,9 +1276,6 @@ At this documentation you will have all information and related files and exampl [Return To All Test Plans]: ../README.md - - - [service security body]: ./service_security.json "Service Security Request" [security notification body]: ./security_notification.json "Security Notification Request" [access token req body]: ./access_token_req.json "Access Token Request" -- GitLab