diff --git a/doc/testing/testplan/api_access_control_policy/README.md b/doc/testing/testplan/api_access_control_policy/README.md
index 8b22103e777cefdcaa6679fadff05cb00cbae0f8..192495cdaa6e538852c45f4b68285b97bb71c5f7 100644
--- a/doc/testing/testplan/api_access_control_policy/README.md
+++ b/doc/testing/testplan/api_access_control_policy/README.md
@@ -6,11 +6,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_acl-1***
**Description**:
-
+
This test case will check that an API Provider can retrieve ACL from CAPIF
**Pre-Conditions**:
-
+
* API Provider had a Service API Published on CAPIF
* API Invoker had a Security Context for Service API published.
@@ -32,7 +32,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker
@@ -60,11 +60,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_acl-2***
**Description**:
-
+
This test case will check that an API Provider can retrieve ACL from CAPIF for 2 different serviceApis published.
**Pre-Conditions**:
-
+
* API Provider had two Service API Published on CAPIF
* API Invoker had a Security Context for both Service APIs published.
@@ -93,7 +93,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_2**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
4. Perform [Invoker Onboarding] store apiInvokerId
5. Discover published APIs
6. Create Security Context for this Invoker for both published APIs
@@ -125,11 +125,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_acl-3***
**Description**:
-
+
This test case will check that an API Provider can retrieve ACL from CAPIF containing 2 objects.
**Pre-Conditions**:
-
+
* API Provider had a Service API Published on CAPIF
* Two API Invokers had a Security Context for same Service API published by provider.
@@ -151,7 +151,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker for both published APIs
@@ -174,17 +174,17 @@ At this documentation you will have all information and related files and exampl
3. **apiInvokerPolicies** must:
1. Contain two objects.
2. One object must match with **apiInvokerId1** and the other one with **apiInvokerId2** an registered previously.
-
+
## Test Case 4: Retrieve ACL filtered by api-invoker-id
**Test ID**: ***capif_api_acl-4***
**Description**:
-
+
This test case will check that an API Provider can retrieve ACL filtering by apiInvokerId from CAPIF containing 1 objects.
**Pre-Conditions**:
-
+
* API Provider had a Service API Published on CAPIF
* Two API Invokers had a Security Context for same Service API published by provider.
@@ -207,7 +207,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker for both published APIs
@@ -250,11 +250,11 @@ At this documentation you will have all information and related files and exampl
**Description**:
**CURRENTLY NOT SUPPORTED FEATURE**
-
+
This test case will check that an API Provider can retrieve ACL filtering by supportedFeatures from CAPIF containing 1 objects.
**Pre-Conditions**:
-
+
* API Provider had a Service API Published on CAPIF
* Two API Invokers had a Security Context for same Service API published by provider.
@@ -277,7 +277,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker for both published APIs
@@ -319,11 +319,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_acl-6***
**Description**:
-
+
This test case will check that an API Provider can't retrieve ACL from CAPIF if aef-id is not valid
**Pre-Conditions**:
-
+
* API Provider had a Service API Published on CAPIF
* API Invoker had a Security Context for Service API published.
@@ -345,7 +345,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker
@@ -375,11 +375,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_acl-7***
**Description**:
-
+
This test case will check that an API Provider can't retrieve ACL from CAPIF if service-api-id is not valid
**Pre-Conditions**:
-
+
* API Provider had a Service API Published on CAPIF
* API Invoker had a Security Context for Service API published.
@@ -401,7 +401,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker
@@ -430,11 +430,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_acl-8***
**Description**:
-
+
This test case will check that an API Provider can't retrieve ACL from CAPIF if service-api-id and aef-id are not valid
**Pre-Conditions**:
-
+
* API Provider had a Service API Published on CAPIF
* API Invoker had a Security Context for Service API published.
@@ -456,7 +456,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker
@@ -486,7 +486,7 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_acl-9***
**Description**:
-
+
This test case will check that an API Provider can't retrieve ACL if no invoker had requested Security Context to CAPIF
**Pre-Conditions**:
@@ -512,7 +512,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
@@ -537,11 +537,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_acl-10***
**Description**:
-
+
This test case will check that an API Provider get not found response if filter by not valid api-invoker-id doesn't match any registered ACL.
**Pre-Conditions**:
-
+
* API Provider had a Service API Published on CAPIF
* API Invoker had a Security Context for Service API published.
@@ -563,7 +563,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker
@@ -782,7 +782,7 @@ At this documentation you will have all information and related files and exampl
* body [service api description] with apiName **service_1**
* Store **serviceApiId**
* Use **APF Certificate**
-
+
3. Perform [Invoker Onboarding] store apiInvokerId
4. Discover published APIs
5. Create Security Context for this Invoker
diff --git a/doc/testing/testplan/api_auditing_service/README.md b/doc/testing/testplan/api_auditing_service/README.md
index 0588e8effe25062351067d9c3c13f142f9e0a3fe..899dea9db452a86038af7d4ba28b55f571b153e8 100644
--- a/doc/testing/testplan/api_auditing_service/README.md
+++ b/doc/testing/testplan/api_auditing_service/README.md
@@ -10,7 +10,7 @@ At this documentation you will have all information and related files and exampl
This test case will check that a CAPIF AMF can get log entry to Logging Service
**Pre-Conditions**:
-
+
* CAPIF provider is pre-authorised (has valid AMF cert from CAPIF Authority)
* Service exist in CAPIF
* Invoker exist in CAPIF
diff --git a/doc/testing/testplan/api_discover_service/README.md b/doc/testing/testplan/api_discover_service/README.md
index 7aa1d8443586443327a42e01d91db919b476be9a..5d89b90bff47c30dd0f452d343b5f90f9151a784 100644
--- a/doc/testing/testplan/api_discover_service/README.md
+++ b/doc/testing/testplan/api_discover_service/README.md
@@ -14,7 +14,13 @@ At this documentation you will have all information and related files and exampl
* Service APIs are published.
* NetApp was registered previously
* NetApp was onboarded previously with {onboardingId}
-
+
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API at CCF
+ 2. Register Invoker and Onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -27,12 +33,6 @@ At this documentation you will have all information and related files and exampl
* Param api-invoker-id is mandatory
* Use **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API at CCF
- 2. Register Invoker and Onboard Invoker at CCF
- 3. Discover Service APIs by Invoker
-
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -64,7 +64,13 @@ At this documentation you will have all information and related files and exampl
**Pre-Conditions**:
* Service APIs are published.
-
+
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API at CCF
+ 2. Register Invoker and Onboard Invoker at CCF
+ 3. Discover Service APIs by no invoker entity
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -77,12 +83,6 @@ At this documentation you will have all information and related files and exampl
* Param api-invoker-id is mandatory
* Use not **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API at CCF
- 2. Register Invoker and Onboard Invoker at CCF
- 3. Discover Service APIs by no invoker entity
-
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -118,7 +118,13 @@ At this documentation you will have all information and related files and exampl
**Pre-Conditions**:
* Service APIs are published.
-
+
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API at CCF
+ 2. Register Invoker and Onboard Invoker at CCF
+ 3. Discover Service APIs by Publisher
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -131,12 +137,6 @@ At this documentation you will have all information and related files and exampl
* Param api-invoker-id is mandatory
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API at CCF
- 2. Register Invoker and Onboard Invoker at CCF
- 3. Discover Service APIs by Publisher
-
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -174,7 +174,14 @@ At this documentation you will have all information and related files and exampl
* At least 2 Service APIs are published.
* NetApp was registered previously
* NetApp was onboarded previously with {onboardingId}
-
+
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF
+ 2. Register Invoker and Onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Discover filtered by api-name **service_1** Service APIs by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -192,13 +199,6 @@ At this documentation you will have all information and related files and exampl
* Using **Invoker Certificate**
* filter by api-name **service_1**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF
- 2. Register Invoker and Onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Discover filtered by api-name **service_1** Service APIs by Invoker
-
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -235,7 +235,14 @@ At this documentation you will have all information and related files and exampl
* At least 2 Service APIs are published.
* NetApp was registered previously
* NetApp was onboarded previously with {onboardingId}
-
+
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF
+ 2. Register Invoker and Onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Discover filtered by api-name not published Service APIs by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -253,13 +260,6 @@ At this documentation you will have all information and related files and exampl
* Using **Invoker Certificate**
* filter by api-name NOT_VALID_NAME
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF
- 2. Register Invoker and Onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Discover filtered by api-name not published Service APIs by Invoker
-
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -299,7 +299,14 @@ At this documentation you will have all information and related files and exampl
* 2 Service APIs are published.
* NetApp was registered previously
* NetApp was onboarded previously with {onboardingId}
-
+
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF
+ 2. Register Invoker and Onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Discover without filter by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -316,13 +323,6 @@ At this documentation you will have all information and related files and exampl
* Param api-invoker-id is mandatory
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** and **service_2** at CCF
- 2. Register Invoker and Onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Discover without filter by Invoker
-
**Expected Result**:
1. Response to Publish request must accomplish:
diff --git a/doc/testing/testplan/api_events_service/README.md b/doc/testing/testplan/api_events_service/README.md
index c70903e5cbe19ec58a417bc74a90c668129d3e1a..73106b7145ca7600a988601d0fa624903e26d087 100644
--- a/doc/testing/testplan/api_events_service/README.md
+++ b/doc/testing/testplan/api_events_service/README.md
@@ -554,7 +554,7 @@ At this documentation you will have all information and related files and exampl
* **Mock Server is clean.**
**Execution Steps**:
-
+
1. Register Provider at CCF.
2. Publish a provider API with name **service_1**.
3. Register Invoker and Onboard Invoker at CCF.
diff --git a/doc/testing/testplan/api_invoker_management/README.md b/doc/testing/testplan/api_invoker_management/README.md
index 7a99b7df5c4512d3873321b03aa4a9a13e6a51a7..4b511906ecf67484191ffd587930e8a1d7399e96 100644
--- a/doc/testing/testplan/api_invoker_management/README.md
+++ b/doc/testing/testplan/api_invoker_management/README.md
@@ -36,7 +36,7 @@ At this documentation you will have all information and related files and exampl
1. Retrieve access_token by User from register
2. Onboard Invoker at CCF
3. Store signed Certificate
-
+
**Expected Result**:
1. Response to Onboard request must accomplish:
@@ -76,7 +76,7 @@ At this documentation you will have all information and related files and exampl
2. Onboard NetApp at CCF
3. Store signed Certificate at NetApp
4. Onboard Again the NetApp at CCF
-
+
**Expected Result**:
1. Response to Onboard request must accomplish:
@@ -106,7 +106,7 @@ At this documentation you will have all information and related files and exampl
* NetApp was registered previously
* NetApp was onboarded previously with {onboardingId}
-
+
**Information of Test**:
1. Perform [Invoker Onboarding]
@@ -117,14 +117,14 @@ At this documentation you will have all information and related files and exampl
* "notificationDestination": "*http://host.docker.internal:8086/netapp_new_callback*",
**Execution Steps**:
-
+
1. Register Invoker at CCF
2. Onboard Invoker at CCF
3. Store signed Certificate
4. Update Onboarding Information at CCF with a minor change on "notificationDestination"
-
+
**Expected Result**:
-
+
1. Response to Onboard request must accomplish:
1. **201 Created**
2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with:
@@ -148,7 +148,7 @@ At this documentation you will have all information and related files and exampl
* NetApp was registered previously
* NetApp was not onboarded previously
-
+
**Information of Test**:
1. Perform [Invoker Onboarding]
@@ -158,13 +158,13 @@ At this documentation you will have all information and related files and exampl
* Reference Request Body is: [put invoker onboarding body]
**Execution Steps**:
-
+
1. Register Invoker at CCF
2. Onboard Invoker at CCF
3. Update Onboarding Information at CCF of not onboarded
-
+
**Expected Result**:
-
+
1. Response to Onboard request must accomplish:
1. **201 Created**
2. Response to Update Request (PUT) must contain:
@@ -202,7 +202,7 @@ At this documentation you will have all information and related files and exampl
1. Register Invoker at CCF
2. Onboard Invoker at CCF
3. Offboard Invoker at CCF
-
+
**Expected Result**:
1. Response to Onboard request must accomplish:
diff --git a/doc/testing/testplan/api_logging_service/README.md b/doc/testing/testplan/api_logging_service/README.md
index b5b7eb3d8808313492b05dfc2c3ed98d240c09eb..fbb87d47162a8562d19691f1aa91472443f50d84 100644
--- a/doc/testing/testplan/api_logging_service/README.md
+++ b/doc/testing/testplan/api_logging_service/README.md
@@ -10,7 +10,7 @@ At this documentation you will have all information and related files and exampl
This test case will check that a CAPIF AEF can create log entry to Logging Service
**Pre-Conditions**:
-
+
* CAPIF provider is pre-authorised (has valid aefId from CAPIF Authority)
* Service exist in CAPIF
* Invoker exist in CAPIF
@@ -79,7 +79,7 @@ At this documentation you will have all information and related files and exampl
1. Register Provider and Invoker CCF
2. Publish Service
3. Create Log Entry
-
+
**Expected Result**:
1. Response to Logging Service must accomplish:
@@ -99,7 +99,7 @@ At this documentation you will have all information and related files and exampl
This test case will check that a CAPIF subscriber (AEF) cannot create Log Entry without valid aefId
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid aefId from CAPIF Authority)
**Information of Test**:
@@ -142,7 +142,7 @@ At this documentation you will have all information and related files and exampl
This test case will check that a CAPIF subscriber (AEF) cannot create Log Entry without valid aefId
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid aefId from CAPIF Authority)
**Information of Test**:
@@ -163,7 +163,7 @@ At this documentation you will have all information and related files and exampl
1. Register Provider and Invoker CCF
2. Publish Service
3. Create Log Entry
-
+
**Expected Result**:
1. Response to Onboard request must accomplish:
@@ -217,7 +217,7 @@ At this documentation you will have all information and related files and exampl
1. Register Provider and Invoker CCF
2. Publish Service
3. Create Log Entry
-
+
**Expected Result**:
1. Response to Logging Service must accomplish:
diff --git a/doc/testing/testplan/api_provider_management/README.md b/doc/testing/testplan/api_provider_management/README.md
index 1fab651b57e69e32a832d8a40af504978cd99ef3..8d35d0c376c285b5fee39223c5c15cce2b26c563 100644
--- a/doc/testing/testplan/api_provider_management/README.md
+++ b/doc/testing/testplan/api_provider_management/README.md
@@ -6,11 +6,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_provider_management-1***
**Description**:
-
+
This test case will check that Api Provider can be registered con CCF
**Pre-Conditions**:
-
+
* Provider is pre-authorised (has valid certificate from CAPIF Authority)
**Information of Test**:
@@ -31,10 +31,10 @@ At this documentation you will have all information and related files and exampl
* Store each cert in a file with according name.
**Execution Steps**:
-
+
1. Create private and public key for provider and each function to register.
2. Register Provider.
-
+
**Expected Result**:
1. Register Provider at Provider Management:
@@ -50,17 +50,17 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_provider_management-2***
**Description**:
-
+
This test case will check that a Api Provider previously registered cannot be re-registered
**Pre-Conditions**:
-
+
* Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB
**Information of Test**:
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
-
+
2. Retrieve access_token by User:
* Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
@@ -79,11 +79,11 @@ At this documentation you will have all information and related files and exampl
* Same regSec than Previous registration
**Execution Steps**:
-
+
1. Create private and public key for provider and each function to register.
2. Register Provider.
3. Re-Register Provider.
-
+
**Expected Result**:
1. Re-Register Provider:
@@ -100,11 +100,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_provider_management-3***
**Description**:
-
+
This test case will check that a Registered Api Provider can be updated
**Pre-Conditions**:
-
+
* Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB
**Information of Test**:
@@ -131,11 +131,11 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
-
+
1. Create private and public key for provider and each function to register.
2. Register Provider
3. Update Provider
-
+
**Expected Result**:
1. Register Provider:
@@ -155,11 +155,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_provider_management-4***
**Description**:
-
+
This test case will check that a Non-Registered Api Provider cannot be updated
**Pre-Conditions**:
-
+
* Api Provider was not registered previously
**Information of Test**:
@@ -186,10 +186,10 @@ At this documentation you will have all information and related files and exampl
* Use AMF Certificate.
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Update Not Registered Provider
-
+
**Expected Result**:
1. Update Not Registered Provider:
@@ -205,11 +205,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_provider_management-5***
**Description**:
-
+
This test case will check that a Registered Api Provider can be partially updated
**Pre-Conditions**:
-
+
* Api Provider was registered previously and there is a {registerId} for his Api Provider in the DB
**Information of Test**:
@@ -236,11 +236,11 @@ At this documentation you will have all information and related files and exampl
* Use AMF Certificate.
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Register Provider
3. Partial update provider
-
+
**Expected Result**:
1. Partial update provider at Provider Management:
@@ -253,11 +253,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_provider_management-6***
**Description**:
-
+
This test case will check that a Non-Registered Api Provider cannot be partially updated
**Pre-Conditions**:
-
+
* Api Provider was not registered previously
**Information of Test**:
@@ -282,14 +282,14 @@ At this documentation you will have all information and related files and exampl
* Send **PATCH** **https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_API_PROVIDER_NOT_REGISTERED}**
* body [provider request patch body]
* Use AMF Certificate.
-
+
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Register Provider
3. Partial update provider
-
+
**Expected Result**:
1. Partial update provider:
@@ -306,11 +306,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_provider_management-7***
**Description**:
-
+
This test case will check that a Registered Api Provider can be deleted
**Pre-Conditions**:
-
+
* Api Provider was registered previously
**Information of Test**:
@@ -336,11 +336,11 @@ At this documentation you will have all information and related files and exampl
* Use AMF Certificate.
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Register Provider
3. Delete Provider
-
+
**Expected Result**:
1. Delete Provider:
@@ -351,11 +351,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_provider_management-8***
**Description**:
-
+
This test case will check that a Non-Registered Api Provider cannot be deleted
**Pre-Conditions**:
-
+
* Api Provider was not registered previously
**Information of Test**:
@@ -381,10 +381,10 @@ At this documentation you will have all information and related files and exampl
* Use AMF Certificate.
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Delete Provider
-
+
**Expected Result**:
1. Delete Provider:
diff --git a/doc/testing/testplan/api_publish_service/README.md b/doc/testing/testplan/api_publish_service/README.md
index 27bd8e86c669775335ef0e0e51d574e4494a0b02..59e59e826b996a9beb034349ab742040caf8cb95 100644
--- a/doc/testing/testplan/api_publish_service/README.md
+++ b/doc/testing/testplan/api_publish_service/README.md
@@ -6,11 +6,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-1***
**Description**:
-
+
This test case will check that an API Publisher can Publish an API
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority)
**Information of Test**:
@@ -30,7 +30,7 @@ At this documentation you will have all information and related files and exampl
2. Publish Service API
3. Retrieve {apiId} from body and Location header with new resource created from response
-
+
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -46,11 +46,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-2***
**Description**:
-
+
This test case will check that an API Publisher cannot Publish an API withot valid apfId
**Pre-Conditions**:
-
+
* CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority)
**Information of Test**:
@@ -167,7 +167,7 @@ At this documentation you will have all information and related files and exampl
1. Register Provider at CCF and store certificates.
2. Retrieve All published APIs
-
+
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -185,11 +185,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-5***
**Description**:
-
+
This test case will check that an API Publisher can Retrieve API published one by one
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority)
* At least 2 service APIs are published.
@@ -259,11 +259,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-6***
**Description**:
-
+
This test case will check that an API Publisher try to get detail of not published api.
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority)
* No published api
@@ -295,11 +295,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-7***
**Description**:
-
+
This test case will check that an API Publisher cannot Retrieve detailed API published when apfId is not authorised
**Pre-Conditions**:
-
+
* CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority)
**Information of Test**:
@@ -324,7 +324,7 @@ At this documentation you will have all information and related files and exampl
4. Register and onboard Invoker at CCF
5. Store signed **Invoker Certificate**
6. Retrieve detailed published API acting as Invoker
-
+
**Expected Result**:
1. Response to Retrieve Detailed published API acting as Invoker must accomplish:
@@ -343,11 +343,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-8***
**Description**:
-
+
This test case will check that an API Publisher can Update published API with a valid serviceApiId
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority)
* A service APIs is published.
@@ -379,7 +379,7 @@ At this documentation you will have all information and related files and exampl
3. Retrieve {apiId} from body and Location header with new resource url created from response
4. Update published Service API.
5. Retrieve detail of Service API
-
+
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -397,18 +397,18 @@ At this documentation you will have all information and related files and exampl
1. **200 OK**
2. Response Body must follow **ServiceAPIDescription** data structure with:
* apiName **service_1**_modified.
-
+
## Test Case 9: Update APIs Published by Authorised apfId with invalid serviceApiId
**Test ID**: ***capif_api_publish_service-9***
**Description**:
-
+
This test case will check that an API Publisher cannot Update published API with a invalid serviceApiId
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority)
**Information of Test**:
@@ -430,7 +430,7 @@ At this documentation you will have all information and related files and exampl
1. Register Provider at CCF and store certificates.
2. Update published Service API.
-
+
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -452,11 +452,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-10***
**Description**:
-
+
This test case will check that an API Publisher cannot Update API published when apfId is not authorised
**Pre-Conditions**:
-
+
* CAPIF subscriber is NOT pre-authorised (has invalid apfId from CAPIF Authority)
**Information of Test**:
@@ -488,7 +488,7 @@ At this documentation you will have all information and related files and exampl
5. Store signed **Invoker Certificate**
6. Update published API at CCF as Invoker
7. Retrieve detail of Service API as publisher
-
+
**Expected Result**:
1. Response to Update published API acting as Invoker must accomplish:
@@ -510,11 +510,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-11***
**Description**:
-
+
This test case will check that an API Publisher can Delete published API with a valid serviceApiId
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority).
* A service APIs is published.
@@ -542,7 +542,7 @@ At this documentation you will have all information and related files and exampl
3. Retrieve {apiId} from body and Location header with new resource created from response
4. Remove published API at CCF
5. Try to retreive deleted service API from CCF
-
+
**Expected Result**:
1. Response to Publish request must accomplish:
@@ -570,11 +570,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-12***
**Description**:
-
+
This test case will check that an API Publisher cannot Delete with invalid serviceApiId
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority).
**Information of Test**:
@@ -589,7 +589,7 @@ At this documentation you will have all information and related files and exampl
1. Register Provider at CCF and store certificates.
2. Remove published API at CCF with invalid serviceId
-
+
**Expected Result**:
1. Response to Remove published Service API at CCF:
@@ -606,11 +606,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_api_publish_service-12***
**Description**:
-
+
This test case will check that an API Publisher cannot Delete API published when apfId is not authorised
**Pre-Conditions**:
-
+
* CAPIF subscriber is pre-authorised (has valid apfId from CAPIF Authority).
**Information of Test**:
@@ -632,7 +632,7 @@ At this documentation you will have all information and related files and exampl
1. Register Provider at CCF and store certificates.
2. Register Invoker and onboard Invoker at CCF
3. Remove published API at CCF with invalid serviceId as Invoker
-
+
**Expected Result**:
1. Response to Remove published Service API at CCF:
diff --git a/doc/testing/testplan/api_security_service/README.md b/doc/testing/testplan/api_security_service/README.md
index 1f57c2de63aa37277f0389788b8a8207f4c6af86..189d3f3703acf941e13fedb061e6dfadb87f31bc 100644
--- a/doc/testing/testplan/api_security_service/README.md
+++ b/doc/testing/testplan/api_security_service/README.md
@@ -6,11 +6,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**: ***capif_security_api-1***
**Description**:
-
+
This test case will check that an API Invoker can create a Security context
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority)
**Information of Test**:
@@ -22,11 +22,11 @@ At this documentation you will have all information and related files and exampl
* Use **Invoker Certificate**
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Store signed Certificate
3. Create Security Context
-
+
**Expected Result**:
1. Create security context:
@@ -40,11 +40,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-2***
**Description**:
-
+
This test case will check that an Provider cannot create a Security context with valid apiInvokerId.
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role
**Information of Test**:
@@ -57,11 +57,11 @@ At this documentation you will have all information and related files and exampl
* Using **AEF Certificate**
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
-
+
**Expected Result**:
1. Create security context using Provider certificate:
@@ -83,7 +83,7 @@ At this documentation you will have all information and related files and exampl
This test case will check that an Provider cannot create a Security context with invalid apiInvokerID.
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role
**Information of Test**:
@@ -96,10 +96,10 @@ At this documentation you will have all information and related files and exampl
* Using **AEF Certificate**
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Create Security Context using Provider certificate
-
+
**Expected Result**:
1. Create security context using Provider certificate:
@@ -116,11 +116,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-4***
**Description**:
-
+
This test case will check that an Invoker cannot create a Security context with valid apiInvokerId.
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with invalid apiInvokerId
**Information of Test**:
@@ -133,10 +133,10 @@ At this documentation you will have all information and related files and exampl
* Use **Invoker Certificate**
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Create Security Context using Provider certificate
-
+
**Expected Result**:
1. Create security context using Provider certificate:
@@ -149,17 +149,17 @@ At this documentation you will have all information and related files and exampl
2. No context stored at DB
-
+
## Test Case 5: Retrieve the Security Context of an API Invoker
**Test ID**:: ***capif_security_api-5***
**Description**:
-
+
This test case will check that an provider can retrieve the Security context of an API Invoker
**Pre-Conditions**:
-
+
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
**Information of Test**:
@@ -176,12 +176,12 @@ At this documentation you will have all information and related files and exampl
* Using **AEF Certificate**
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Retrieve Security Context by Provider
-
+
**Expected Result**:
1. Retrieve security context:
@@ -194,11 +194,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-6***
**Description**:
-
+
This test case will check that an provider can retrieve the Security context of an API Invoker
**Pre-Conditions**:
-
+
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
**Information of Test**:
@@ -210,11 +210,11 @@ At this documentation you will have all information and related files and exampl
* Using **AEF Certificate**.
**Execution Steps**:
-
+
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Retrieve Security Context by Provider of invalid invoker
-
+
**Expected Result**:
1. Retrieve security context:
@@ -231,11 +231,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-7***
**Description**:
-
+
This test case will check that an Provider cannot retrieve the Security context of an API Invoker without valid apfId
**Pre-Conditions**:
-
+
* API Exposure Function is not pre-authorised (has invalid apfId)
**Information of Test**:
@@ -252,12 +252,12 @@ At this documentation you will have all information and related files and exampl
* Using **Invoker Certificate**
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Store signed Certificate
3. Create Security Context
4. Retrieve Security Context as Provider.
-
+
**Expected Result**:
1. Create security context:
@@ -274,11 +274,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-8***
**Description**:
-
+
This test case will check that an Provider can delete a Security context
**Pre-Conditions**:
-
+
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
**Information of Test**:
@@ -299,12 +299,12 @@ At this documentation you will have all information and related files and exampl
* Using **AEF Certificate**
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context using Provider certificate
4. Delete Security Context by Provider
-
+
**Expected Result**:
1. Delete security context:
@@ -324,11 +324,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-9***
**Description**:
-
+
This test case will check that an Invoker cannot delete a Security context
**Pre-Conditions**:
-
+
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
**Information of Test**:
@@ -345,11 +345,11 @@ At this documentation you will have all information and related files and exampl
* Use **Invoker Certificate**
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Create Security Context using Provider certificate
3. Delete Security Context by Invoker
-
+
**Expected Result**:
1. Delete security context:
@@ -366,11 +366,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-10***
**Description**:
-
+
This test case will check that an Invoker cannot delete a Security context with invalid
**Pre-Conditions**:
-
+
* Invoker is pre-authorised.
**Information of Test**:
@@ -382,10 +382,10 @@ At this documentation you will have all information and related files and exampl
* Use **Invoker Certificate**
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Delete Security Context by invoker
-
+
**Expected Result**:
1. Delete security context:
@@ -402,11 +402,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-11***
**Description**:
-
+
This test case will check that an Provider cannot delete a Security context of invalid apiInvokerId
**Pre-Conditions**:
-
+
* Provider is pre-authorised (has valid apfId from CAPIF Authority).
**Information of Test**:
@@ -418,10 +418,10 @@ At this documentation you will have all information and related files and exampl
* Use **AEF Certificate**
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Delete Security Context by provider
-
+
**Expected Result**:
1. Retrieve security context:
@@ -438,11 +438,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-12***
**Description**:
-
+
This test case will check that an API Invoker can update a Security context
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Information of Test**:
@@ -453,7 +453,7 @@ At this documentation you will have all information and related files and exampl
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**.
-
+
3. Update Security Context of Invoker:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update**
* body [service security body] but with notification destination modified to **http://robot.testing2**
@@ -464,19 +464,19 @@ At this documentation you will have all information and related files and exampl
* Using **AEF Certificate**.
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context By Invoker
4. Update Security Context By Invoker
5. Retrieve Security Context By Provider
-
+
**Expected Result**:
1. Update security context:
1. **200 OK** response.
2. body returned must accomplish **ServiceSecurity** data structure.
-
+
2. Retrieve security context:
1. **200 OK** response.
2. body returned must accomplish **ServiceSecurity** data structure.
@@ -488,11 +488,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-13***
**Description**:
-
+
This test case will check that an Provider cannot update a Security context
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized.
* Invoker has created the Security Context previously.
@@ -504,19 +504,19 @@ At this documentation you will have all information and related files and exampl
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**.
-
+
3. Update Security Context of Invoker by Provider:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/update**
* body [service security body] but with notification destination modified to **http://robot.testing2**
* Using **AEF Certificate**
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Update Security Context as Provider
-
+
**Expected Result**:
1. Update security context:
@@ -533,28 +533,28 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-14***
**Description**:
-
+
This test case will check that an Provider cannot update a Security context of invalid apiInvokerId
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized.
* Invoker has created the Security Context previously.
**Information of Test**:
1. Perform [Provider Registration]
-
+
2. Update Security Context of Invoker by Provider:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update**
* body [service security body]
* Using **AEF Certificate**
**Execution Steps**:
-
+
1. Register Provider at CCF
2. Update Security Context as Provider
-
+
**Expected Result**:
1. Update security context:
@@ -571,27 +571,27 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-15***
**Description**:
-
+
This test case will check that an API Invoker cannot update a Security context not valid apiInvokerId
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority)
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
-
+
2. Update Security Context of Invoker:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/update**
* body [service security body]
* Using **Invoker Certificate**.
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Update Security Context
-
+
**Expected Result**:
1. Retrieve security context:
@@ -608,11 +608,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-16***
**Description**:
-
+
This test case will check that a Provider can revoke the authorization for APIs
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Information of Test**:
@@ -623,7 +623,7 @@ At this documentation you will have all information and related files and exampl
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**
-
+
3. Revoke Authorization by Provider:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete**
* body [security notification body]
@@ -635,13 +635,13 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context by Invoker
4. Revoke Security Context by Provider
5. Retrieve Security Context by Provider
-
+
**Expected Result**:
1. Revoke Authorization:
@@ -661,11 +661,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-17***
**Description**:
-
+
This test case will check that an Invoker can't revoke the authorization for APIs
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Information of Test**:
@@ -676,7 +676,7 @@ At this documentation you will have all information and related files and exampl
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**.
-
+
3. Revoke Authorization by invoker:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete**
* body [security notification body]
@@ -687,13 +687,13 @@ At this documentation you will have all information and related files and exampl
* Using Provider Certificate
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Revoke Security Context by invoker
5. Retrieve Security Context
-
+
**Expected Result**:
1. Revoke Security Context by invoker:
@@ -715,11 +715,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-18***
**Description**:
-
+
This test case will check that an API Exposure Function cannot revoke the authorization for APIs for invalid apiInvokerId
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Information of Test**:
@@ -730,7 +730,7 @@ At this documentation you will have all information and related files and exampl
* Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* body [service security body]
* Using **Invoker Certificate**.
-
+
3. Revoke Authorization by Provider:
* Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}/delete**
* body [security notification body]
@@ -742,13 +742,13 @@ At this documentation you will have all information and related files and exampl
* Using **AEF Certificate**.
**Execution Steps**:
-
+
1. Register and onboard Invoker at CCF
2. Register Provider at CCF
3. Create Security Context
4. Revoke Security Context by Provider
5. Retrieve Security Context
-
+
**Expected Result**:
1. Revoke Security Context by invoker:
@@ -770,11 +770,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-19***
**Description**:
-
+
This test case will check that an API Invoker can retrieve a security access token OAuth 2.0.
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerId)
* Service API of Provider is published
@@ -805,15 +805,15 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=client_credentials***.
* Create Scope properly for request: ***3gpp#{aef_id}:{api_name}***
* Using **Invoker Certificate**.
-
+
**Execution Steps**:
-
+
1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
2. Register and onboard Invoker at CCF
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token
-
+
**Expected Result**:
1. Response to Request of Access Token:
@@ -827,11 +827,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-20***
**Description**:
-
+
This test case will check that an API Exposure Function cannot revoke the authorization for APIs for invalid apiInvokerId
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
**Information of Test**:
@@ -868,7 +868,7 @@ At this documentation you will have all information and related files and exampl
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Provider
-
+
**Expected Result**:
1. Response to Request of Access Token:
@@ -882,11 +882,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-21***
**Description**:
-
+
This test case will check that an API Exposure Function cannot retrieve a security access token without valid apiInvokerId
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised and Provider is also authorized
**Information of Test**:
@@ -923,7 +923,7 @@ At this documentation you will have all information and related files and exampl
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Provider
-
+
**Expected Result**:
1. Response to Request of Access Token:
@@ -931,18 +931,18 @@ At this documentation you will have all information and related files and exampl
2. body returned must accomplish **AccessTokenErr** data structure, with:
* error unauthorized_client
* error_description=Role not authorized for this API route
-
+
## Test Case 22: Retrieve access token with invalid apiInvokerId
**Test ID**:: ***capif_security_api-22***
**Description**:
-
+
This test case will check that an API Invoker can't retrieve a security access token without valid apiInvokerId
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised (has valid apiInvokerId)
**Information of Test**:
@@ -994,11 +994,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-23***
**Description**:
-
+
This test case will check that an API Exposure Function cannot retrieve a security access token without valid client_id at body
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised and Provider is also authorized
**Information of Test**:
@@ -1036,7 +1036,7 @@ At this documentation you will have all information and related files and exampl
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
-
+
**Expected Result**:
1. Response to Request of Access Token:
@@ -1051,17 +1051,17 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-24***
**Description**:
-
+
This test case will check that an API Exposure Function cannot retrieve a security access token with unsupported grant_type
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised and Provider is also authorized
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
-
+
2. Publish Service API at CCF:
* Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**
* body [service api description] with apiName **service_1**
@@ -1092,7 +1092,7 @@ At this documentation you will have all information and related files and exampl
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
-
+
**Expected Result**:
1. Response to Request of Access Token:
@@ -1106,11 +1106,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-25***
**Description**:
-
+
This test case will check that an API Exposure Function cannot retrieve a security access token with complete invalid scope
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised and Provider is also authorized
**Information of Test**:
@@ -1148,7 +1148,7 @@ At this documentation you will have all information and related files and exampl
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
-
+
**Expected Result**:
1. Response to Request of Access Token:
@@ -1163,11 +1163,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-26***
**Description**:
-
+
This test case will check that an API Exposure Function cannot retrieve a security access token with invalid aefId at scope
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised and Provider is also authorized
**Information of Test**:
@@ -1205,7 +1205,7 @@ At this documentation you will have all information and related files and exampl
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
-
+
**Expected Result**:
1. Response to Request of Access Token:
@@ -1220,11 +1220,11 @@ At this documentation you will have all information and related files and exampl
**Test ID**:: ***capif_security_api-27***
**Description**:
-
+
This test case will check that an API Exposure Function cannot retrieve a security access token with invalid apiName at scope
**Pre-Conditions**:
-
+
* API Invoker is pre-authorised and Provider is also authorized
**Information of Test**:
@@ -1262,7 +1262,7 @@ At this documentation you will have all information and related files and exampl
3. Discover Service APIs by Invoker.
4. Create Security Context According to Service APIs discovered.
5. Request Access Token by Invoker
-
+
**Expected Result**:
1. Response to Request of Access Token:
diff --git a/doc/testing/testplan/common_operations/README.md b/doc/testing/testplan/common_operations/README.md
index a77e947f292ec20074b8fb22d5fa53371f7b18d9..48d31a83533b4880dbf7eaba12d06388e20e3f4a 100644
--- a/doc/testing/testplan/common_operations/README.md
+++ b/doc/testing/testplan/common_operations/README.md
@@ -22,7 +22,7 @@ The steps to register a new user at Register Service are:
* Send **POST** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/createUser**
* Include Admin **access_token** in **Authorization Bearer Header**
* Body [user_registration_body]
-
+
### User Retrieve access token and other information