Skip to content
Snippets Groups Projects
Commit 56b1a52c authored by Jorge Moratinos's avatar Jorge Moratinos
Browse files

Security Service Refactored

parent 82580d5f
No related branches found
No related tags found
1 merge request!12Resolve "Change order of sections in tests to improve readability"
Hide whitespace changes
Inline Side-by-side
doc/testing/testplan/api_security_service/README.md
+ 190
190
View file @ 56b1a52c
...@@ -13,6 +13,12 @@ At this documentation you will have all information and related files and exampl ...@@ -13,6 +13,12 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority)
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Store signed Certificate
3. Create Security Context
**Information of Test**: **Information of Test**:
1. Perform [Invoker Onboarding] 1. Perform [Invoker Onboarding]
...@@ -21,12 +27,6 @@ At this documentation you will have all information and related files and exampl ...@@ -21,12 +27,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body] * body [service security body]
* Use **Invoker Certificate** * Use **Invoker Certificate**
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Store signed Certificate
3. Create Security Context
**Expected Result**: **Expected Result**:
1. Create security context: 1. Create security context:
...@@ -47,6 +47,12 @@ At this documentation you will have all information and related files and exampl ...@@ -47,6 +47,12 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -56,12 +62,6 @@ At this documentation you will have all information and related files and exampl ...@@ -56,12 +62,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body] * body [service security body]
* Using **AEF Certificate** * Using **AEF Certificate**
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
**Expected Result**: **Expected Result**:
1. Create security context using Provider certificate: 1. Create security context using Provider certificate:
...@@ -74,6 +74,7 @@ At this documentation you will have all information and related files and exampl ...@@ -74,6 +74,7 @@ At this documentation you will have all information and related files and exampl
2. No context stored at DB 2. No context stored at DB
## Test Case 3: Create a security context for an API invoker with Provider entity role and invalid apiInvokerId ## Test Case 3: Create a security context for an API invoker with Provider entity role and invalid apiInvokerId
**Test ID**:: ***capif_security_api-3*** **Test ID**:: ***capif_security_api-3***
...@@ -86,6 +87,11 @@ At this documentation you will have all information and related files and exampl ...@@ -86,6 +87,11 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role
**Execution Steps**:
1. Register Provider at CCF
2. Create Security Context using Provider certificate
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] 1. Perform [Provider Registration]
...@@ -95,11 +101,6 @@ At this documentation you will have all information and related files and exampl ...@@ -95,11 +101,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body] * body [service security body]
* Using **AEF Certificate** * Using **AEF Certificate**
**Execution Steps**:
1. Register Provider at CCF
2. Create Security Context using Provider certificate
**Expected Result**: **Expected Result**:
1. Create security context using Provider certificate: 1. Create security context using Provider certificate:
...@@ -111,6 +112,7 @@ At this documentation you will have all information and related files and exampl ...@@ -111,6 +112,7 @@ At this documentation you will have all information and related files and exampl
* cause with message "User role must be invoker". * cause with message "User role must be invoker".
2. No context stored at DB 2. No context stored at DB
## Test Case 4: Create a security context for an API invoker with Invoker entity role and invalid apiInvokerId ## Test Case 4: Create a security context for an API invoker with Invoker entity role and invalid apiInvokerId
**Test ID**:: ***capif_security_api-4*** **Test ID**:: ***capif_security_api-4***
...@@ -123,6 +125,11 @@ At this documentation you will have all information and related files and exampl ...@@ -123,6 +125,11 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with invalid apiInvokerId * API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with invalid apiInvokerId
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Create Security Context using Provider certificate
**Information of Test**: **Information of Test**:
1. Perform [Invoker Onboarding] 1. Perform [Invoker Onboarding]
...@@ -132,11 +139,6 @@ At this documentation you will have all information and related files and exampl ...@@ -132,11 +139,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body] * body [service security body]
* Use **Invoker Certificate** * Use **Invoker Certificate**
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Create Security Context using Provider certificate
**Expected Result**: **Expected Result**:
1. Create security context using Provider certificate: 1. Create security context using Provider certificate:
...@@ -162,6 +164,13 @@ At this documentation you will have all information and related files and exampl ...@@ -162,6 +164,13 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Retrieve Security Context by Provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -175,13 +184,6 @@ At this documentation you will have all information and related files and exampl ...@@ -175,13 +184,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate** * Using **AEF Certificate**
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Retrieve Security Context by Provider
**Expected Result**: **Expected Result**:
1. Retrieve security context: 1. Retrieve security context:
...@@ -201,6 +203,12 @@ At this documentation you will have all information and related files and exampl ...@@ -201,6 +203,12 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
**Execution Steps**:
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Retrieve Security Context by Provider of invalid invoker
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] 1. Perform [Provider Registration]
...@@ -209,12 +217,6 @@ At this documentation you will have all information and related files and exampl ...@@ -209,12 +217,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
* Using **AEF Certificate**. * Using **AEF Certificate**.
**Execution Steps**:
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Retrieve Security Context by Provider of invalid invoker
**Expected Result**: **Expected Result**:
1. Retrieve security context: 1. Retrieve security context:
...@@ -238,6 +240,13 @@ At this documentation you will have all information and related files and exampl ...@@ -238,6 +240,13 @@ At this documentation you will have all information and related files and exampl
* API Exposure Function is not pre-authorised (has invalid apfId) * API Exposure Function is not pre-authorised (has invalid apfId)
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Store signed Certificate
3. Create Security Context
4. Retrieve Security Context as Provider.
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -251,13 +260,6 @@ At this documentation you will have all information and related files and exampl ...@@ -251,13 +260,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **Invoker Certificate** * Using **Invoker Certificate**
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Store signed Certificate
3. Create Security Context
4. Retrieve Security Context as Provider.
**Expected Result**: **Expected Result**:
1. Create security context: 1. Create security context:
...@@ -281,6 +283,13 @@ At this documentation you will have all information and related files and exampl ...@@ -281,6 +283,13 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Delete Security Context by Provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -298,13 +307,6 @@ At this documentation you will have all information and related files and exampl ...@@ -298,13 +307,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate** * Using **AEF Certificate**
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Delete Security Context by Provider
**Expected Result**: **Expected Result**:
1. Delete security context: 1. Delete security context:
...@@ -331,6 +333,12 @@ At this documentation you will have all information and related files and exampl ...@@ -331,6 +333,12 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context * Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
**Execution Steps**:
1. Register Provider at CCF
2. Create Security Context using Provider certificate
3. Delete Security Context by Invoker
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -344,12 +352,6 @@ At this documentation you will have all information and related files and exampl ...@@ -344,12 +352,6 @@ At this documentation you will have all information and related files and exampl
* Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Use **Invoker Certificate** * Use **Invoker Certificate**
**Execution Steps**:
1. Register Provider at CCF
2. Create Security Context using Provider certificate
3. Delete Security Context by Invoker
**Expected Result**: **Expected Result**:
1. Delete security context: 1. Delete security context:
...@@ -373,6 +375,11 @@ At this documentation you will have all information and related files and exampl ...@@ -373,6 +375,11 @@ At this documentation you will have all information and related files and exampl
* Invoker is pre-authorised. * Invoker is pre-authorised.
**Execution Steps**:
1. Register Provider at CCF
2. Delete Security Context by invoker
**Information of Test**: **Information of Test**:
1. Perform [Invoker Onboarding] 1. Perform [Invoker Onboarding]
...@@ -381,11 +388,6 @@ At this documentation you will have all information and related files and exampl ...@@ -381,11 +388,6 @@ At this documentation you will have all information and related files and exampl
* Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
* Use **Invoker Certificate** * Use **Invoker Certificate**
**Execution Steps**:
1. Register Provider at CCF
2. Delete Security Context by invoker
**Expected Result**: **Expected Result**:
1. Delete security context: 1. Delete security context:
...@@ -409,6 +411,11 @@ At this documentation you will have all information and related files and exampl ...@@ -409,6 +411,11 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority). * Provider is pre-authorised (has valid apfId from CAPIF Authority).
**Execution Steps**:
1. Register Provider at CCF
2. Delete Security Context by provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] 1. Perform [Provider Registration]
...@@ -417,11 +424,6 @@ At this documentation you will have all information and related files and exampl ...@@ -417,11 +424,6 @@ At this documentation you will have all information and related files and exampl
* Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}** * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
* Use **AEF Certificate** * Use **AEF Certificate**
**Execution Steps**:
1. Register Provider at CCF
2. Delete Security Context by provider
**Expected Result**: **Expected Result**:
1. Retrieve security context: 1. Retrieve security context:
...@@ -445,6 +447,14 @@ At this documentation you will have all information and related files and exampl ...@@ -445,6 +447,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context By Invoker
4. Update Security Context By Invoker
5. Retrieve Security Context By Provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -463,14 +473,6 @@ At this documentation you will have all information and related files and exampl ...@@ -463,14 +473,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate**. * Using **AEF Certificate**.
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context By Invoker
4. Update Security Context By Invoker
5. Retrieve Security Context By Provider
**Expected Result**: **Expected Result**:
1. Update security context: 1. Update security context:
...@@ -496,6 +498,13 @@ At this documentation you will have all information and related files and exampl ...@@ -496,6 +498,13 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized. * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized.
* Invoker has created the Security Context previously. * Invoker has created the Security Context previously.
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Update Security Context as Provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -510,13 +519,6 @@ At this documentation you will have all information and related files and exampl ...@@ -510,13 +519,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body] but with notification destination modified to **http://robot.testing2** * body [service security body] but with notification destination modified to **http://robot.testing2**
* Using **AEF Certificate** * Using **AEF Certificate**
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Update Security Context as Provider
**Expected Result**: **Expected Result**:
1. Update security context: 1. Update security context:
...@@ -541,6 +543,11 @@ At this documentation you will have all information and related files and exampl ...@@ -541,6 +543,11 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized. * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized.
* Invoker has created the Security Context previously. * Invoker has created the Security Context previously.
**Execution Steps**:
1. Register Provider at CCF
2. Update Security Context as Provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] 1. Perform [Provider Registration]
...@@ -550,11 +557,6 @@ At this documentation you will have all information and related files and exampl ...@@ -550,11 +557,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body] * body [service security body]
* Using **AEF Certificate** * Using **AEF Certificate**
**Execution Steps**:
1. Register Provider at CCF
2. Update Security Context as Provider
**Expected Result**: **Expected Result**:
1. Update security context: 1. Update security context:
...@@ -578,6 +580,11 @@ At this documentation you will have all information and related files and exampl ...@@ -578,6 +580,11 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority)
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Update Security Context
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -587,11 +594,6 @@ At this documentation you will have all information and related files and exampl ...@@ -587,11 +594,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body] * body [service security body]
* Using **Invoker Certificate**. * Using **Invoker Certificate**.
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Update Security Context
**Expected Result**: **Expected Result**:
1. Retrieve security context: 1. Retrieve security context:
...@@ -615,6 +617,14 @@ At this documentation you will have all information and related files and exampl ...@@ -615,6 +617,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context by Invoker
4. Revoke Security Context by Provider
5. Retrieve Security Context by Provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -633,15 +643,6 @@ At this documentation you will have all information and related files and exampl ...@@ -633,15 +643,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate**. * Using **AEF Certificate**.
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context by Invoker
4. Revoke Security Context by Provider
5. Retrieve Security Context by Provider
**Expected Result**: **Expected Result**:
1. Revoke Authorization: 1. Revoke Authorization:
...@@ -668,6 +669,14 @@ At this documentation you will have all information and related files and exampl ...@@ -668,6 +669,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Revoke Security Context by invoker
5. Retrieve Security Context
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -686,14 +695,6 @@ At this documentation you will have all information and related files and exampl ...@@ -686,14 +695,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}** * Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using Provider Certificate * Using Provider Certificate
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Revoke Security Context by invoker
5. Retrieve Security Context
**Expected Result**: **Expected Result**:
1. Revoke Security Context by invoker: 1. Revoke Security Context by invoker:
...@@ -722,6 +723,14 @@ At this documentation you will have all information and related files and exampl ...@@ -722,6 +723,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Revoke Security Context by Provider
5. Retrieve Security Context
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -741,14 +750,6 @@ At this documentation you will have all information and related files and exampl ...@@ -741,14 +750,6 @@ At this documentation you will have all information and related files and exampl
* This request will ask with parameter to retrieve authenticationInfo and authorizationInfo * This request will ask with parameter to retrieve authenticationInfo and authorizationInfo
* Using **AEF Certificate**. * Using **AEF Certificate**.
**Execution Steps**:
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Revoke Security Context by Provider
5. Retrieve Security Context
**Expected Result**: **Expected Result**:
1. Revoke Security Context by invoker: 1. Revoke Security Context by invoker:
...@@ -778,6 +779,14 @@ At this documentation you will have all information and related files and exampl ...@@ -778,6 +779,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerId) * API Invoker is pre-authorised (has valid apiInvokerId)
* Service API of Provider is published * Service API of Provider is published
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -806,14 +815,6 @@ At this documentation you will have all information and related files and exampl ...@@ -806,14 +815,6 @@ At this documentation you will have all information and related files and exampl
* Create Scope properly for request: ***3gpp#{aef_id}:{api_name}*** * Create Scope properly for request: ***3gpp#{aef_id}:{api_name}***
* Using **Invoker Certificate**. * Using **Invoker Certificate**.
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -834,6 +835,14 @@ At this documentation you will have all information and related files and exampl ...@@ -834,6 +835,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized * API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -861,14 +870,6 @@ At this documentation you will have all information and related files and exampl ...@@ -861,14 +870,6 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=client_credentials*** * ***grant_type=client_credentials***
* Using **AEF Certificate** * Using **AEF Certificate**
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Provider
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -877,6 +878,7 @@ At this documentation you will have all information and related files and exampl ...@@ -877,6 +878,7 @@ At this documentation you will have all information and related files and exampl
* error unauthorized_client * error unauthorized_client
* error_description=Role not authorized for this API route * error_description=Role not authorized for this API route
## Test Case 21: Retrieve access token by Provider with invalid apiInvokerId ## Test Case 21: Retrieve access token by Provider with invalid apiInvokerId
**Test ID**:: ***capif_security_api-21*** **Test ID**:: ***capif_security_api-21***
...@@ -889,6 +891,14 @@ At this documentation you will have all information and related files and exampl ...@@ -889,6 +891,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized * API Invoker is pre-authorised and Provider is also authorized
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Provider
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -916,14 +926,6 @@ At this documentation you will have all information and related files and exampl ...@@ -916,14 +926,6 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=client_credentials*** * ***grant_type=client_credentials***
* Using **AEF Certificate** * Using **AEF Certificate**
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Provider
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -945,6 +947,14 @@ At this documentation you will have all information and related files and exampl ...@@ -945,6 +947,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerId) * API Invoker is pre-authorised (has valid apiInvokerId)
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -968,14 +978,6 @@ At this documentation you will have all information and related files and exampl ...@@ -968,14 +978,6 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=client_credentials*** * ***grant_type=client_credentials***
* Using **Invoker Certificate** * Using **Invoker Certificate**
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -989,6 +991,7 @@ At this documentation you will have all information and related files and exampl ...@@ -989,6 +991,7 @@ At this documentation you will have all information and related files and exampl
**NOTE: ProblemDetails29571 is the definition present for this request at swagger of ProblemDetails, and this is different from definition of ProblemDetails across other CAPIF Services** **NOTE: ProblemDetails29571 is the definition present for this request at swagger of ProblemDetails, and this is different from definition of ProblemDetails across other CAPIF Services**
## Test Case 23: Retrieve access token with invalid client_id ## Test Case 23: Retrieve access token with invalid client_id
**Test ID**:: ***capif_security_api-23*** **Test ID**:: ***capif_security_api-23***
...@@ -1001,6 +1004,14 @@ At this documentation you will have all information and related files and exampl ...@@ -1001,6 +1004,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized * API Invoker is pre-authorised and Provider is also authorized
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -1029,14 +1040,6 @@ At this documentation you will have all information and related files and exampl ...@@ -1029,14 +1040,6 @@ At this documentation you will have all information and related files and exampl
* **client_id is not-valid** * **client_id is not-valid**
* Using **Invoker Certificate** * Using **Invoker Certificate**
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -1058,6 +1061,14 @@ At this documentation you will have all information and related files and exampl ...@@ -1058,6 +1061,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized * API Invoker is pre-authorised and Provider is also authorized
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -1085,14 +1096,6 @@ At this documentation you will have all information and related files and exampl ...@@ -1085,14 +1096,6 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=not_valid*** * ***grant_type=not_valid***
* Using **Invoker Certificate** * Using **Invoker Certificate**
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -1113,6 +1116,14 @@ At this documentation you will have all information and related files and exampl ...@@ -1113,6 +1116,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized * API Invoker is pre-authorised and Provider is also authorized
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -1141,14 +1152,6 @@ At this documentation you will have all information and related files and exampl ...@@ -1141,14 +1152,6 @@ At this documentation you will have all information and related files and exampl
* ***scope=not-valid-scope*** * ***scope=not-valid-scope***
* Using **Invoker Certificate** * Using **Invoker Certificate**
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -1170,6 +1173,14 @@ At this documentation you will have all information and related files and exampl ...@@ -1170,6 +1173,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized * API Invoker is pre-authorised and Provider is also authorized
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -1198,14 +1209,6 @@ At this documentation you will have all information and related files and exampl ...@@ -1198,14 +1209,6 @@ At this documentation you will have all information and related files and exampl
* ***scope=3gpp#1234:**service_1*** * ***scope=3gpp#1234:**service_1***
* Using **Invoker Certificate** * Using **Invoker Certificate**
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -1227,6 +1230,14 @@ At this documentation you will have all information and related files and exampl ...@@ -1227,6 +1230,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized * API Invoker is pre-authorised and Provider is also authorized
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Information of Test**: **Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding] 1. Perform [Provider Registration] and [Invoker Onboarding]
...@@ -1255,14 +1266,6 @@ At this documentation you will have all information and related files and exampl ...@@ -1255,14 +1266,6 @@ At this documentation you will have all information and related files and exampl
* ***scope=3gpp#{aef_id}:not-valid*** * ***scope=3gpp#{aef_id}:not-valid***
* Using **Invoker Certificate** * Using **Invoker Certificate**
**Execution Steps**:
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
**Expected Result**: **Expected Result**:
1. Response to Request of Access Token: 1. Response to Request of Access Token:
...@@ -1273,9 +1276,6 @@ At this documentation you will have all information and related files and exampl ...@@ -1273,9 +1276,6 @@ At this documentation you will have all information and related files and exampl
[Return To All Test Plans]: ../README.md [Return To All Test Plans]: ../README.md
[service security body]: ./service_security.json "Service Security Request" [service security body]: ./service_security.json "Service Security Request"
[security notification body]: ./security_notification.json "Security Notification Request" [security notification body]: ./security_notification.json "Security Notification Request"
[access token req body]: ./access_token_req.json "Access Token Request" [access token req body]: ./access_token_req.json "Access Token Request"
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment