diff --git a/doc/releasenotes.md b/doc/releasenotes.md index 7ea641d6b045b6983caaac543071fa35d7c09acd..87b6740322f9928a0f32aa28715d7359dd069990 100644 --- a/doc/releasenotes.md +++ b/doc/releasenotes.md @@ -1,3 +1,45 @@ +## **Release 2.0.0** + +### **New Features** + +#### 3GPP CAPIF release 18 + +- Added new endpoints included in new release 18. + - New logic for PATCH endpoints. +- New logic to support Vendor Extensibility + - 9 new tests to check this logic. +- New logic to support API Status feature +- Supported Features now are mandatory for all POST Requests as is described on TS 29.222. + - Possible Breaking change, all POST request now must include supported features attribute, default can me set to "0" to keep all features inactive. + - Possible Breaking change on Events API, if you need eventDetails information on notification you must activate Enhanced Event Report on supported features. +- New 8 tests on Events API to check supported features support. + + +### **Technical Debt Solved** + +#### **Issues** + +- REDIS scheduled on start to allow receive notification since service is deployed. +- Problem removing service APIs published is provider register more than one APF. +- Superadmin problem deleting service API published through helper service if provider is not present. + +#### Scripts upgraded + +- New local scripts +- New remote scripts + +### **Documentation** + +#### New test included on documentation + +- New 9 test on Vendor Extensibility test plan. +- New 8 tests on Events API test plan. +- Test plan updated with default supported features for all request set to "0" (all inactive by default). + + + +--->>>> must be included - New tests to check PATCH request + ## **Release 1.0.0** ### **New Features** diff --git a/doc/testing/testplan/api_access_control_policy/service_api_description_post_example.json b/doc/testing/testplan/api_access_control_policy/service_api_description_post_example.json index b725b428629509bf39a79c030f1bf93f4b6f18f6..10022ce8072b83cc302647a2fda42095d57e7d4e 100644 --- a/doc/testing/testplan/api_access_control_policy/service_api_description_post_example.json +++ b/doc/testing/testplan/api_access_control_policy/service_api_description_post_example.json @@ -95,7 +95,7 @@ } ], "description": "string", - "supportedFeatures": "fffff", + "supportedFeatures": "0", "shareableInfo": { "isShareable": true, "capifProvDoms": [ diff --git a/doc/testing/testplan/api_events_service/README.md b/doc/testing/testplan/api_events_service/README.md index 73106b7145ca7600a988601d0fa624903e26d087..bad8fbadd981a37f8d237d2bb4853ecdd159ab16 100644 --- a/doc/testing/testplan/api_events_service/README.md +++ b/doc/testing/testplan/api_events_service/README.md @@ -264,6 +264,7 @@ At this documentation you will have all information and related files and exampl **Description**: This test case will check that a CAPIF Invoker subscribed to SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE, receive the notification when AEF Send **TO** logging service result of invocations to their APIs. + Enhanced Event Report feature must be active. **Pre-Conditions**: @@ -278,7 +279,7 @@ At this documentation you will have all information and related files and exampl 1. Register provider and publish one API at CCF 2. Register Invoker and Onboard Invoker at CCF 3. Discover published APIs and extract apiIds and apiNames - 4. Subscribe to **SERVICE_API_INVOCATION_SUCCESS** and **SERVICE_API_INVOCATION_FAILURE** event filtering by aefId. + 4. Subscribe to **SERVICE_API_INVOCATION_SUCCESS** and **SERVICE_API_INVOCATION_FAILURE** event filtering by aefId. Enhanced_event_report active at supported features. 5. Retrieve {subscriberId} and {subscriptionId} from Location Header 6. Emulate Success and Failure on API invocation of provider by Invoker, using Invocation Logs API. @@ -302,9 +303,10 @@ At this documentation you will have all information and related files and exampl 2. body [event subscription request body] with: 1. events: **['SERVICE_API_INVOCATION_SUCCESS','SERVICE_API_INVOCATION_FAILURE']** 2. eventFilter: only receive events from provider's aefId. + 3. supportedFeatures: binary 0100 -> string **4** 3. Use **Invoker Certificate** - 7. Create Log Entry emulating provider receive Success and Failure api invocation from invoker: + 6. Create Log Entry emulating provider receive Success and Failure api invocation from invoker: 1. Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** 2. body [log entry request body] with: 1. aefId from provider published. @@ -336,7 +338,8 @@ At this documentation you will have all information and related files and exampl **Description**: - This test case will check that a CAPIF Invoker subscribed to SERVICE_API_AVAILABLE and SERVICE_API_UNAVAILABLE, receive the notification when AEF publish and remove it. + This test case will check that a CAPIF Invoker subscribed to SERVICE_API_AVAILABLE and SERVICE_API_UNAVAILABLE, receive the notification when AEF publish and remove it. + Enhanced Event Report feature must be active. **Pre-Conditions**: @@ -350,7 +353,7 @@ At this documentation you will have all information and related files and exampl 1. Register provider and publish one API at CCF 2. Register Invoker and Onboard Invoker at CCF 3. Discover published APIs and extract apiIds and apiNames - 4. Subscribe to **SERVICE_API_AVAILABLE** and **SERVICE_API_UNAVAILABLE** event filtering by aefId. + 4. Subscribe to **SERVICE_API_AVAILABLE** and **SERVICE_API_UNAVAILABLE** event filtering by aefId. Enhanced_event_report active at supported features. 5. Retrieve {subscriberId} and {subscriptionId} from Location Header 6. Provider publish new API. 7. Provider remove published API. @@ -375,6 +378,7 @@ At this documentation you will have all information and related files and exampl 2. body [event subscription request body] with: 1. events: **['SERVICE_API_AVAILABLE','SERVICE_API_UNAVAILABLE']** 2. eventFilter: only receive events from provider's aefId. + 3. supportedFeatures: binary 0100 -> string **4** 3. Use **Invoker Certificate** 6. Publish new Service API at CCF: @@ -410,6 +414,7 @@ At this documentation you will have all information and related files and exampl **Description**: This test case will check that a CAPIF Invoker subscribed to SERVICE_API_UPDATE, receive the notification when AEF Update some information on API Published. + Enhanced Event Report feature must be active. **Pre-Conditions**: @@ -424,7 +429,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider and publish one API at CCF 2. Register Invoker and Onboard Invoker at CCF 3. Discover published APIs and extract apiIds and apiNames - 4. Subscribe to **SERVICE_API_UPDATE** event filtering by aefId. + 4. Subscribe to **SERVICE_API_UPDATE** event filtering by aefId. Enhanced_event_report active at supported features. 5. Retrieve {subscriberId} and {subscriptionId} from Location Header at event subscription 6. Provider update information of Service API Published. @@ -449,6 +454,7 @@ At this documentation you will have all information and related files and exampl 2. body [event subscription request body] with: 1. events: **['SERVICE_API_UPDATE']** 2. eventFilter: only receive events from provider's aefId. + 3. supportedFeatures: binary 0100 -> string **4** 3. Use **Invoker Certificate** 7. Update published API at CCF: @@ -479,6 +485,7 @@ At this documentation you will have all information and related files and exampl **Description**: This test case will check that a CAPIF Provider subscribed to API Invoker events (API_INVOKER_ONBOARDED, API_INVOKER_UPDATED and API_INVOKER_OFFBOARDED), receive the notifications when Invoker is onboarded, updated and removed respectively. + Enhanced Event Report feature must be active. **Pre-Conditions**: @@ -490,7 +497,7 @@ At this documentation you will have all information and related files and exampl **Execution Steps**: 1. Register Provider at CCF - 2. Subscribe Provider to **API_INVOKER_ONBOARDED, API_INVOKER_UPDATED and API_INVOKER_OFFBOARDED** events. + 2. Subscribe Provider to **API_INVOKER_ONBOARDED, API_INVOKER_UPDATED and API_INVOKER_OFFBOARDED** events. Enhanced_event_report active at supported features. 3. Register Invoker and Onboard Invoker at CCF 4. Update Onboarding Information at CCF with a minor change on "notificationDestination" 5. Offboard Invoker @@ -503,6 +510,7 @@ At this documentation you will have all information and related files and exampl 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** 2. body [event subscription request body] with: 1. events: **['API_INVOKER_ONBOARDED', 'API_INVOKER_UPDATED', 'API_INVOKER_OFFBOARDED']** + 2. supportedFeatures: binary 0100 -> string **4** 3. Use **Provider AMF Certificate** 4. Perform [invoker onboarding] 5. Update information of previously onboarded Invoker: @@ -543,6 +551,7 @@ At this documentation you will have all information and related files and exampl **Description**: This test case will check that a CAPIF Provider subscribed to ACCESS_CONTROL_POLICY_UPDATE receive a notification when ACL Changes. + Enhanced Event Report feature must be active. **Pre-Conditions**: @@ -558,7 +567,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider at CCF. 2. Publish a provider API with name **service_1**. 3. Register Invoker and Onboard Invoker at CCF. - 4. Subscribe Provider to **ACCESS_CONTROL_POLICY_UPDATE** event. + 4. Subscribe Provider to **ACCESS_CONTROL_POLICY_UPDATE** event. Enhanced_event_report active at supported features. 5. Discover APIs filtered by **aef_id** 6. Create Security Context for Invoker. 7. Provider Retrieve ACL @@ -573,6 +582,7 @@ At this documentation you will have all information and related files and exampl 2. body [event subscription request body] with: 1. events: **['ACCESS_CONTROL_POLICY_UPDATE']** 2. eventFilters: apiInvokerIds array with apiInvokerId of invoker + 3. supportedFeatures: binary 0100 -> string **4** 3. Use **Provider AMF Certificate** 5. Discover published APIs 6. Create Security Context for Invoker @@ -613,6 +623,7 @@ At this documentation you will have all information and related files and exampl **Description**: This test case will check that a CAPIF Invoker subscribed to ACCESS_CONTROL_POLICY_UNAVAILABLE will receive the notification when AEF remove Security Context created previously. + Enhanced Event Report feature must be active. **Pre-Conditions**: @@ -627,7 +638,7 @@ At this documentation you will have all information and related files and exampl 1. Register Provider at CCF. 2. Publish a provider API with name **service_1**. 3. Register Invoker and Onboard Invoker at CCF. - 4. Subscribe Invoker to **ACCESS_CONTROL_POLICY_UNAVAILABLE** event. + 4. Subscribe Invoker to **ACCESS_CONTROL_POLICY_UNAVAILABLE** event. Enhanced_event_report active at supported features. 5. Discover APIs filtered by **aef_id** 6. Create Security Context for Invoker. 7. Provider Retrieve ACL. @@ -643,6 +654,7 @@ At this documentation you will have all information and related files and exampl 2. body [event subscription request body] with: 1. events: **['ACCESS_CONTROL_POLICY_UNAVAILABLE']** 2. eventFilters: apiInvokerIds array with apiInvokerId of invoker + 3. supportedFeatures: binary 0100 -> string **4** 3. Use **Invoker Certificate** 5. Discover published APIs 6. Create Security Context for Invoker @@ -653,7 +665,7 @@ At this documentation you will have all information and related files and exampl * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** * Use **serviceApiId** and **aefId** * Use **AEF Provider Certificate** - 3. Delete Security Context of Invoker by Provider: + 8. Delete Security Context of Invoker by Provider: * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Use **AEF Certificate** @@ -687,6 +699,557 @@ At this documentation you will have all information and related files and exampl **Description**: This test case will check that a CAPIF Invoker subscribed to API_INVOKER_AUTHORIZATION_REVOKED and ACCESS_CONTROL_POLICY_UNAVAILABLE receive both notification when AEF revoke invoker's authorization. + Enhanced Event Report feature must be active. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) + * CAPIF provider is correctly registered. + * API Provider had one Service API Published on CAPIF + * **Mock Server is up and running to receive requests.** + * **Mock Server is clean.** + +**Execution Steps**: + + 1. Register Provider at CCF. + 2. Publish a provider API with name **service_1**. + 3. Register Invoker and Onboard Invoker at CCF. + 4. Subscribe Invoker to **ACCESS_CONTROL_POLICY_UNAVAILABLE and API_INVOKER_AUTHORIZATION_REVOKED** events. Enhanced_event_report active at supported features. + 5. Discover APIs filtered by **aef_id** + 6. Create Security Context for Invoker. + 7. Revoke Authorization by Provider. + +**Information of Test**: + + 1. Check and Clean Mock Server + 2. Perform [provider registration] + 3. Perform [invoker onboarding] + 4. Event Subscription to **ACCESS_CONTROL_POLICY_UNAVAILABLE and API_INVOKER_AUTHORIZATION_REVOKED** event: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** + 2. body [event subscription request body] with: + 1. events: **['ACCESS_CONTROL_POLICY_UNAVAILABLE','API_INVOKER_AUTHORIZATION_REVOKED']** + 2. eventFilters: apiInvokerIds array with apiInvokerId of invoker + 3. supportedFeatures: binary 0100 -> string **4** + 3. Use **Invoker Certificate** + 5. Discover published APIs + 6. Create Security Context for Invoker + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * body [service security body] + * Use **Invoker Certificate** + 7. Revoke Authorization by Provider: + * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete** + * body [security notification body] + * Using **AEF Certificate**. + +**Expected Result**: + + 1. Response to Event Subscription must accomplish: + 1. **201 Created** + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}** + 3. Response Body must follow **EventSubscription** data structure. + 2. Create security context: + 1. **201 Created** response. + 2. body returned must accomplish **ServiceSecurity** data structure. + 3. Location Header must contain the new resource URL **{apiRoot}/capif-security/v1/trustedInvokers/{apiInvokerId}** + 4. Revoke Authorization: + 1. **204 No Content** response. + 5. Mock Server received messages must accomplish: + 1. **Two Events has been received**. + 2. Validate received event follow **EventNotification** data structure, without **eventDetail** parameter. + 1. One Event should be **ACCESS_CONTROL_POLICY_UNAVAILABLE** without **eventDetail**. + 2. One Event should be **API_INVOKER_AUTHORIZATION_REVOKED** without **eventDetail**. + +--- +## Test Case 13: Creates a new individual CAPIF Event Subscription without supported features attribute. + +**Test ID**: ***capif_api_events-13*** + +**Description**: + + This test case will check error when CAPIF subscriber (Invoker or Publisher) Subscribe to Events without supported features attribute. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) + +**Execution Steps**: + + 1. Register Invoker and Onboard Invoker at CCF + 2. Subscribe to Events without supported features + 3. Retrieve {subscriberId} and {subscriptionId} from Location Header + +**Information of Test**: + + 1. Perform [Invoker Onboarding] + + 2. Event Subscription: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** + 2. body [event subscription request body] + 1. supportedFeatures NOT PRESENT. + 3. Use **Invoker Certificate** + +**Expected Result**: + + 1. Response to Onboard request must accomplish: + 1. **201 Created** + 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: + * apiInvokerId + * onboardingInformation->apiInvokerCertificate must contain the public key signed. + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** + + 1. Response to Event Subscription must accomplish: + 1. **400 Bad Request** + 2. Error Response Body must accomplish with **ProblemDetails** data structure with: + * status 400 + * title with message "Bad Request" + * detail with message "supportedFeatures not present in request". + * cause with message "supportedFeatures not present". + +--- + +## Test Case 14: Invoker receives Service API Invocation events without Enhanced Event Report + +**Test ID**: ***capif_api_events-14***, ***mockserver*** + +**Description**: + + This test case will check that a CAPIF Invoker subscribed to SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE, receive the notification when AEF Send **TO** logging service result of invocations to their APIs. + Enhanced Event Report feature must be inactive. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) + * CAPIF provider is correctly registered and published APIs. + * API Provider had a Service API Published on CAPIF + * **Mock Server is up and running to receive requests.** + * **Mock Server is clean.** + +**Execution Steps**: + + 1. Register provider and publish one API at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover published APIs and extract apiIds and apiNames + 4. Subscribe to **SERVICE_API_INVOCATION_SUCCESS** and **SERVICE_API_INVOCATION_FAILURE** event filtering by aefId. Enhanced_event_report inactive at supported features. + 5. Retrieve {subscriberId} and {subscriptionId} from Location Header + 6. Emulate Success and Failure on API invocation of provider by Invoker, using Invocation Logs API. + +**Information of Test**: + + 1. Perform [provider registration] + 2. Publish Service API at CCF: + + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** + + 3. Perform [invoker onboarding] + 4. Discover published APIs: + + * Get **Api Ids** And **Api Names** from response. + + 5. Event Subscription to SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE of provider previously registered: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** + 2. body [event subscription request body] with: + 1. events: **['SERVICE_API_INVOCATION_SUCCESS','SERVICE_API_INVOCATION_FAILURE']** + 2. eventFilter: only receive events from provider's aefId. + 3. supportedFeatures: binary 0000 -> string **0** + 3. Use **Invoker Certificate** + + 6. Create Log Entry emulating provider receive Success and Failure api invocation from invoker: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs** + 2. body [log entry request body] with: + 1. aefId from provider published. + 2. apiInvokerId from invoker onboarded. + 3. apiId of published API + 4. apiName of published API + 5. 200 and 400 results in two logs. + 3. Use **AEF Certificate** + +**Expected Result**: + + 1. Response to Event Subscription must accomplish: + 1. **201 Created** + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}** + 3. Response Body must follow **EventSubscription** data structure. + 2. Response to creation of log entry on CCF must accomplish: + 1. **201 Created** + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/api-invocation-logs/{apiVersion}/{aefId}/subscriptions/{logId}** + 3. Mock Server received messages must accomplish: + 1. **Two Events have been received**. + 2. Validate received events follow **EventNotification** data structure, without **eventDetail** parameter. + 1. One should be **SERVICE_API_INVOCATION_SUCCESS** related with **200** result at Log. + 2. The other one must be **SERVICE_API_INVOCATION_FAILURE** related with **400** result at Log. + +--- +## Test Case 15: Invoker subscribe to Service API Available and Unavailable events without Enhanced Event Report + +**Test ID**: ***capif_api_events-15***, ***mockserver*** + +**Description**: + + This test case will check that a CAPIF Invoker subscribed to SERVICE_API_AVAILABLE and SERVICE_API_UNAVAILABLE, receive the notification when AEF publish and remove it. + Enhanced Event Report feature must be inactive. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) + * CAPIF provider is correctly registered and published APIs. + * **Mock Server is up and running to receive requests.** + * **Mock Server is clean.** + +**Execution Steps**: + + 1. Register provider and publish one API at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover published APIs and extract apiIds and apiNames + 4. Subscribe to **SERVICE_API_AVAILABLE** and **SERVICE_API_UNAVAILABLE** event filtering by aefId. Enhanced_event_report inactive at supported features. + 5. Retrieve {subscriberId} and {subscriptionId} from Location Header + 6. Provider publish new API. + 7. Provider remove published API. + +**Information of Test**: + + 1. Perform [provider registration] + 2. Publish Service API at CCF: + + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Store **serviceApiId** + * Use **APF Certificate** + + 3. Perform [invoker onboarding] + 4. Discover published APIs: + + * Get **Api Ids** And **Api Names** from response. + + 5. Event Subscription to SERVICE_API_AVAILABLE and SERVICE_API_UNAVAILABLE of provider previously registered: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** + 2. body [event subscription request body] with: + 1. events: **['SERVICE_API_AVAILABLE','SERVICE_API_UNAVAILABLE']** + 2. eventFilter: only receive events from provider's aefId. + 3. supportedFeatures: binary 0000 -> string **0** + 3. Use **Invoker Certificate** + + 6. Publish new Service API at CCF: + + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_2** + * Store **serviceApiId** + * Use **APF Certificate** + + 7. Remove published Service API at CCF: + * Send **DELETE** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{SERVICE_API_ID}** + * Use **APF Certificate** + + +**Expected Result**: + + 1. Response to Event Subscription must accomplish: + 1. **201 Created** + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}** + 3. Response Body must follow **EventSubscription** data structure. + + 2. Mock Server received messages must accomplish: + 1. **Two Events have been received**. + 2. Validate received events follow **EventNotification** data structure, without **eventDetail** parameter. + 1. One should be **SERVICE_API_AVAILABLE** apiId of **service_2** published API. + 2. The other one must be **SERVICE_API_UNAVAILABLE** apiId of **service_1** published API. + +--- +## Test Case 16: Invoker subscribe to Service API Update without Enhanced Event Report + +**Test ID**: ***capif_api_events-16***, ***mockserver*** + +**Description**: + + This test case will check that a CAPIF Invoker subscribed to SERVICE_API_UPDATE, receive the notification when AEF Update some information on API Published. + Enhanced Event Report feature must be inactive. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) + * CAPIF provider is correctly registered and published APIs. + * API Provider had a Service API Published on CAPIF + * **Mock Server is up and running to receive requests.** + * **Mock Server is clean.** + +**Execution Steps**: + + 1. Register Provider and publish one API at CCF + 2. Register Invoker and Onboard Invoker at CCF + 3. Discover published APIs and extract apiIds and apiNames + 4. Subscribe to **SERVICE_API_UPDATE** event filtering by aefId. Enhanced_event_report inactive at supported features. + 5. Retrieve {subscriberId} and {subscriptionId} from Location Header at event subscription + 6. Provider update information of Service API Published. + +**Information of Test**: + + 1. Check and Clean Mock Server + 2. Perform [provider registration] + 3. Publish Service API at CCF: + + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis** + * body [service api description] with apiName **service_1** + * Use ***APF Certificate*** + * Store **serviceApiId** + + 4. Perform [invoker onboarding] + 5. Discover published APIs: + + * Get **Api Ids** And **Api Names** from response. + + 6. Event Subscription to SERVICE_API_UPDATE of provider previously registered: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** + 2. body [event subscription request body] with: + 1. events: **['SERVICE_API_UPDATE']** + 2. eventFilter: only receive events from provider's aefId. + 3. supportedFeatures: binary 0000 -> string **0** + 3. Use **Invoker Certificate** + + 7. Update published API at CCF: + * Send **PUT** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}** + * body [service api description] with overrided **apiName** to **service_1**_modified** + * Use **APF Certificate** + +**Expected Result**: + + 1. Response to Event Subscription must accomplish: + 1. **201 Created** + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}** + 3. Response Body must follow **EventSubscription** data structure. + 2. Response to Update Published Service API: + 1. **200 OK** + 2. Response Body must follow **ServiceAPIDescription** data structure with: + * apiName **service_1**_modified** + 3. Mock Server received messages must accomplish: + 1. **One Event has been received**. + 2. Validate received events follow **EventNotification** data structure, with **serviceAPIDescriptions** in **eventDetail** parameter. + 1. Event should be **SERVICE_API_UPDATE** with **eventDetail** with modified **apiName**. + +--- +## Test Case 17: Provider subscribe to API Invoker events without Enhanced Event Report + +**Test ID**: ***capif_api_events-17***, ***mockserver*** + +**Description**: + + This test case will check that a CAPIF Provider subscribed to API Invoker events (API_INVOKER_ONBOARDED, API_INVOKER_UPDATED and API_INVOKER_OFFBOARDED), receive the notifications when Invoker is onboarded, updated and removed respectively. + Enhanced Event Report feature must be inactive. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) + * CAPIF provider is correctly registered. + * **Mock Server is up and running to receive requests.** + * **Mock Server is clean.** + +**Execution Steps**: + + 1. Register Provider at CCF + 2. Subscribe Provider to **API_INVOKER_ONBOARDED, API_INVOKER_UPDATED and API_INVOKER_OFFBOARDED** events. Enhanced_event_report inactive at supported features. + 3. Register Invoker and Onboard Invoker at CCF + 4. Update Onboarding Information at CCF with a minor change on "notificationDestination" + 5. Offboard Invoker + +**Information of Test**: + + 1. Check and Clean Mock Server + 2. Perform [provider registration] + 3. Event Subscription to API_INVOKER_ONBOARDED, API_INVOKER_UPDATED and API_INVOKER_OFFBOARDED events: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** + 2. body [event subscription request body] with: + 1. events: **['API_INVOKER_ONBOARDED', 'API_INVOKER_UPDATED', 'API_INVOKER_OFFBOARDED']** + 2. supportedFeatures: binary 0100 -> string **4** + 3. Use **Provider AMF Certificate** + 4. Perform [invoker onboarding] + 5. Update information of previously onboarded Invoker: + * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}** + * Reference Request Body is: [put invoker onboarding body] + * "notificationDestination": "**http://host.docker.internal:8086/netapp_new_callback**", + 6. Offboard: + * Send **DELETE** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}** + +**Expected Result**: + + 1. Response to Event Subscription must accomplish: + 1. **201 Created** + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}** + 3. Response Body must follow **EventSubscription** data structure. + 2. Response to Onboard request must accomplish: + 1. **201 Created** + 2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with: + * apiInvokerId + * onboardingInformation->apiInvokerCertificate must contain the public key signed. + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}** + 3. Response to Update Request (PUT) with minor change must contain: + 1. **200 OK** response. + 2. notificationDestination on response must contain the new value + 4. Response to Offboard Request (DELETE) must contain: + 1. **204 No Content** + 5. Mock Server received messages must accomplish: + 1. **Three Events have been received**. + 2. Validate received events follow **EventNotification** data structure, without **eventDetail** parameter. + 1. One Event should be **API_INVOKER_ONBOARDED** + 2. One Event should be **API_INVOKER_UPDATED** + 3. One Event should be **API_INVOKER_OFFBOARDED** +--- +## Test Case 18: Provider subscribed to ACL update event without Enhanced Event Report + +**Test ID**: ***capif_api_events-18***, ***mockserver*** + +**Description**: + + This test case will check that a CAPIF Provider subscribed to ACCESS_CONTROL_POLICY_UPDATE receive a notification when ACL Changes. + Enhanced Event Report feature must be inactive. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) + * CAPIF provider is correctly registered. + * API Provider had one Service API Published on CAPIF + * API Invoker had a Security Context for the Service API published by provider. + * **Mock Server is up and running to receive requests.** + * **Mock Server is clean.** + +**Execution Steps**: + + 1. Register Provider at CCF. + 2. Publish a provider API with name **service_1**. + 3. Register Invoker and Onboard Invoker at CCF. + 4. Subscribe Provider to **ACCESS_CONTROL_POLICY_UPDATE** event. Enhanced_event_report inactive at supported features. + 5. Discover APIs filtered by **aef_id** + 6. Create Security Context for Invoker. + 7. Provider Retrieve ACL + +**Information of Test**: + + 1. Check and Clean Mock Server + 2. Perform [provider registration] + 3. Perform [invoker onboarding] + 4. Event Subscription to **ACCESS_CONTROL_POLICY_UPDATE** event: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** + 2. body [event subscription request body] with: + 1. events: **['ACCESS_CONTROL_POLICY_UPDATE']** + 2. eventFilters: apiInvokerIds array with apiInvokerId of invoker + 3. supportedFeatures: binary 0000 -> string **0** + 3. Use **Provider AMF Certificate** + 5. Discover published APIs + 6. Create Security Context for Invoker + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * body [service security body] + * Use **Invoker Certificate** + 7. Provider Retrieve ACL + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** + * Use AEF Provider Certificate + +**Expected Result**: + + 1. Response to Event Subscription must accomplish: + 1. **201 Created** + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}** + 3. Response Body must follow **EventSubscription** data structure. + 2. Create security context: + 1. **201 Created** response. + 2. body returned must accomplish **ServiceSecurity** data structure. + 3. Location Header must contain the new resource URL **{apiRoot}/capif-security/v1/trustedInvokers/{apiInvokerId}** + 3. ACL Response: + 1. **200 OK** Response. + 2. body returned must accomplish **AccessControlPolicyList** data structure. + 3. apiInvokerPolicies must: + 1. contain only one object. + 2. apiInvokerId must match apiInvokerId registered previously. + 4. Mock Server received messages must accomplish: + 1. **One Event has been received**. + 2. Validate received event follow **EventNotification** data structure, without **eventDetail** parameter. + 1. One Event should be **ACCESS_CONTROL_POLICY_UPDATE**. + +--- +## Test Case 19: Provider receives an ACL unavailable event when invoker remove Security Context without Enhanced Event Report + +**Test ID**: ***capif_api_events-19***, ***mockserver*** + +**Description**: + + This test case will check that a CAPIF Invoker subscribed to ACCESS_CONTROL_POLICY_UNAVAILABLE will receive the notification when AEF remove Security Context created previously. + Enhanced Event Report feature must be inactive. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority) + * CAPIF provider is correctly registered. + * API Provider had one Service API Published on CAPIF + * **Mock Server is up and running to receive requests.** + * **Mock Server is clean.** + +**Execution Steps**: + + 1. Register Provider at CCF. + 2. Publish a provider API with name **service_1**. + 3. Register Invoker and Onboard Invoker at CCF. + 4. Subscribe Invoker to **ACCESS_CONTROL_POLICY_UNAVAILABLE** event. Enhanced_event_report inactive at supported features. + 5. Discover APIs filtered by **aef_id** + 6. Create Security Context for Invoker. + 7. Provider Retrieve ACL. + 8. Remove Security Context for Invoker. + +**Information of Test**: + + 1. Check and Clean Mock Server + 2. Perform [provider registration] + 3. Perform [invoker onboarding] + 4. Event Subscription to **ACCESS_CONTROL_POLICY_UNAVAILABLE** event: + 1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions** + 2. body [event subscription request body] with: + 1. events: **['ACCESS_CONTROL_POLICY_UNAVAILABLE']** + 2. eventFilters: apiInvokerIds array with apiInvokerId of invoker + 3. supportedFeatures: binary 0000 -> string **0** + 3. Use **Invoker Certificate** + 5. Discover published APIs + 6. Create Security Context for Invoker + * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * body [service security body] + * Use **Invoker Certificate** + 7. Provider Retrieve ACL + * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}** + * Use **serviceApiId** and **aefId** + * Use **AEF Provider Certificate** + 8. Delete Security Context of Invoker by Provider: + * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** + * Use **AEF Certificate** + +**Expected Result**: + + 1. Response to Event Subscription must accomplish: + 1. **201 Created** + 2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}** + 3. Response Body must follow **EventSubscription** data structure. + 2. Create security context: + 1. **201 Created** response. + 2. body returned must accomplish **ServiceSecurity** data structure. + 3. Location Header must contain the new resource URL **{apiRoot}/capif-security/v1/trustedInvokers/{apiInvokerId}** + 3. ACL Response: + 1. **200 OK** Response. + 2. body returned must accomplish **AccessControlPolicyList** data structure. + 3. apiInvokerPolicies must: + 1. contain only one object. + 2. apiInvokerId must match apiInvokerId registered previously. + 4. Delete security context: + 1. **204 No Content** response. + 5. Mock Server received messages must accomplish: + 1. **One Event has been received**. + 2. Validate received event follow **EventNotification** data structure, without **eventDetail** parameter. + 1. One Event should be **ACCESS_CONTROL_POLICY_UNAVAILABLE** without **eventDetail**. +--- +## Test Case 20: Invoker receives an Invoker Authorization Revoked and ACL unavailable event when Provider revoke Invoker Authorization without Enhanced Event Report + +**Test ID**: ***capif_api_events-20***, ***mockserver*** + +**Description**: + + This test case will check that a CAPIF Invoker subscribed to API_INVOKER_AUTHORIZATION_REVOKED and ACCESS_CONTROL_POLICY_UNAVAILABLE receive both notification when AEF revoke invoker's authorization. + Enhanced Event Report feature must be inactive. **Pre-Conditions**: @@ -747,6 +1310,7 @@ At this documentation you will have all information and related files and exampl --- + [invoker onboard request body]: ../api_invoker_management/invoker_details_post_example.json "API Invoker Request" [event subscription request body]: ./event_subscription.json "Event Subscription Request" [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding" diff --git a/doc/testing/testplan/api_events_service/event_subscription.json b/doc/testing/testplan/api_events_service/event_subscription.json index 40dc09bb1ca5236fa9cb23ff1a25ad5dccd28844..6614530eef0e4f3b0476fe46ea5ea01a8bf0d65b 100644 --- a/doc/testing/testplan/api_events_service/event_subscription.json +++ b/doc/testing/testplan/api_events_service/event_subscription.json @@ -23,7 +23,7 @@ "events": ["SERVICE_API_AVAILABLE", "API_INVOKER_ONBOARDED"], "notificationDestination": "http://robot.testing", "requestTestNotification": true, - "supportedFeatures": "aaa", + "supportedFeatures": "0", "websockNotifConfig": { "requestWebsocketUri": true, "websocketUri": "websocketUri" diff --git a/doc/testing/testplan/api_invoker_management/invoker_details_post_example.json b/doc/testing/testplan/api_invoker_management/invoker_details_post_example.json index c306a17e2d04f55da35a5b3638775af9d63e769f..8eb75144dfc964d64ab2e33f4ebe399b9606095a 100644 --- a/doc/testing/testplan/api_invoker_management/invoker_details_post_example.json +++ b/doc/testing/testplan/api_invoker_management/invoker_details_post_example.json @@ -1,6 +1,6 @@ { "notificationDestination": "http://host.docker.internal:8086/netapp_callback", - "supportedFeatures": "fffffff", + "supportedFeatures": "0", "apiInvokerInformation": "ROBOT_TESTING_INVOKER", "websockNotifConfig": { "requestWebsocketUri": true, diff --git a/doc/testing/testplan/api_invoker_management/invoker_details_put_example.json b/doc/testing/testplan/api_invoker_management/invoker_details_put_example.json index 37a1eefbb05a2df1058b20429477cbf17f412cb8..e96aa038958155b1b5170e112233a05582650579 100644 --- a/doc/testing/testplan/api_invoker_management/invoker_details_put_example.json +++ b/doc/testing/testplan/api_invoker_management/invoker_details_put_example.json @@ -1,6 +1,6 @@ { "notificationDestination": "http://host.docker.internal:8086/netapp_new_callback", - "supportedFeatures": "fffffff", + "supportedFeatures": "0", "apiInvokerInformation": "ROBOT_TESTING_INVOKER", "websockNotifConfig": { "requestWebsocketUri": true, @@ -21,7 +21,7 @@ "capifProvDoms": ["capifProvDoms", "capifProvDoms"], "isShareable": true }, - "supportedFeatures": "fffffff", + "supportedFeatures": "0", "description": "description", "apiSuppFeats": "fffffff", "apiId": "apiId", @@ -209,7 +209,7 @@ "capifProvDoms": ["capifProvDoms", "capifProvDoms"], "isShareable": true }, - "supportedFeatures": "fffffff", + "supportedFeatures": "0", "description": "description", "apiSuppFeats": "fffffff", "apiId": "apiId", diff --git a/doc/testing/testplan/api_publish_service/README.md b/doc/testing/testplan/api_publish_service/README.md index 928c95e7e0342ccb2b01ca54df318c2d47ae2fc2..86b8c670896d30df53d242138754da2dfbc70fe8 100644 --- a/doc/testing/testplan/api_publish_service/README.md +++ b/doc/testing/testplan/api_publish_service/README.md @@ -606,7 +606,7 @@ At this documentation you will have all information and related files and exampl ## Test Case 13: Delete APIs Published by NON Authorised apfId -**Test ID**: ***capif_api_publish_service-12*** +**Test ID**: ***capif_api_publish_service-13*** **Description**: @@ -646,6 +646,81 @@ At this documentation you will have all information and related files and exampl * detail with message "User not authorized". * cause with message "Certificate not authorized". +## Test Case 14: Check Two Published APIs with different APFs are removed when Provider is deleted + +**Test ID**: ***capif_api_publish_service-13*** + +**Description**: + + This test case will check that a Provider registered with two APFs, with one API published with each APF are removed properly when provider is removed. + +**Pre-Conditions**: + + * CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority). + +**Execution Steps**: + + 1. Register Provider with 2 APFs at CCF and store certificates. + 2. Publish **service_1** API with **APF_1** + 3. Publish **service_2** API with **APF_2** + 4. Retrieve APIs published by **APF_1** + 5. Retrieve APIs published by **APF_2** + 6. Remove Provider by **AMF** + +**Information of Test**: + + 1. Perform [Provider Registration] and [Invoker Onboarding] + + 2. Publish **service_1** Service API at CCF: + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId1}/service-apis** + * body [service api description] with apiName **service_1** + * Get apiId + * Use **APF_1 Certificate** + 3. Publish **service_2** Service API at CCF: + * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId2}/service-apis** + * body [service api description] with apiName **service_2** + * Get apiId + * Use **APF_2 Certificate** + 4. Retrieve all published APIs by **APF_1**: + * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId1}/service-apis** + * Use **APF_1 Certificate** + 5. Retrieve all published APIs by **APF_2**: + * Send **GET** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId2}/service-apis** + * Use **APF_2 Certificate** + 6. Get Number of services published by superadmin: + 1. Store value obtained in **services_present_on_ccf_after_publish** + 7. Delete registered provider: + * Send **DELETE** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}** + * Use AMF Certificate. + 8. Get Number of services published by superadmin: + 1. Store value obtained in **services_present_on_ccf_after_delete_provider** + + +**Expected Result**: + + 1. Response to Publish request must accomplish: + 1. **201 Created** + 2. Response Body must follow **ServiceAPIDescription** data structure with: + * apiId + 1. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId1}/service-apis/{serviceApiId}** + 2. Response to Publish request must accomplish: + 1. **201 Created** + 2. Response Body must follow **ServiceAPIDescription** data structure with: + * apiId + 3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/published-apis/v1/{apfId2}/service-apis/{serviceApiId}** + 3. Response to Retrieve all published APIs by **APF_1**: + 1. **200 OK** + 2. Response body must return an array of **ServiceAPIDescription** data. + 3. Array must contain all previously published APIs by **APF_1**. + 4. Response to Retrieve all published APIs by **APF_2**: + 1. **200 OK** + 2. Response body must return an array of **ServiceAPIDescription** data. + 3. Array must contain all previously published APIs by **APF_2**. + 5. Delete Provider: + 1. **204 No Content** response. + 6. Check two APIs where removed after remove provider: + 1. **services_present_on_ccf_after_publish** - **services_present_on_ccf_after_delete_provider** = 2 + [service api description]: ./service_api_description_post_example.json "Service API Description Request" [publisher register body]: ./publisher_register_body.json "Publish register Body" diff --git a/doc/testing/testplan/api_publish_service/service_api_description_post_example.json b/doc/testing/testplan/api_publish_service/service_api_description_post_example.json index b725b428629509bf39a79c030f1bf93f4b6f18f6..10022ce8072b83cc302647a2fda42095d57e7d4e 100644 --- a/doc/testing/testplan/api_publish_service/service_api_description_post_example.json +++ b/doc/testing/testplan/api_publish_service/service_api_description_post_example.json @@ -95,7 +95,7 @@ } ], "description": "string", - "supportedFeatures": "fffff", + "supportedFeatures": "0", "shareableInfo": { "isShareable": true, "capifProvDoms": [ diff --git a/doc/testing/testplan/api_security_service/service_security.json b/doc/testing/testplan/api_security_service/service_security.json index ad7bc1ad5c64f6dc979a294044b5b44f5f43c68a..2798067f8cc700e9643b52a6f7cd6e7bbeafd03c 100644 --- a/doc/testing/testplan/api_security_service/service_security.json +++ b/doc/testing/testplan/api_security_service/service_security.json @@ -1,6 +1,6 @@ { "notificationDestination": "http://robot.testing", - "supportedFeatures": "fffffff", + "supportedFeatures": "0", "securityInfo": [{ "authenticationInfo": "authenticationInfo", "authorizationInfo": "authorizationInfo", diff --git a/doc/testing/testplan/common_operations/README.md b/doc/testing/testplan/common_operations/README.md index 48d31a83533b4880dbf7eaba12d06388e20e3f4a..eb145f86cc14b7495bbf803fb2ccba70c75624e0 100644 --- a/doc/testing/testplan/common_operations/README.md +++ b/doc/testing/testplan/common_operations/README.md @@ -1,5 +1,9 @@ # Common Operations +## Default Supported Features + +By default all required supported features on POST Request will be present and set to "0" unless test define it with other value. Also it can be set to NONE is we want to test supported features not present. + ## Register new user In order to use OpenCAPIF we must add a new user. This new user can onboard/register any Invokers or Providers.