diff --git a/CHANGELOG.md b/CHANGELOG.md index cae6fbf..fa6f20a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,26 +1,51 @@ -# Changelog +# Changelog OTPValidation -## v0.5.0 -**This is the first alpha release of the OTPValidation API** +## Table of contents -- API definition **with inline documentation** +- **[r1.1](#r11)** -## Please note: -- This is an alpha version, it should be considered as a draft -- There are bug fixes to be expected and incompatible changes in upcoming versions -- The release is suitable for implementors, but it is not recommended to use the API with customers in productive environments -- Version numbers before v0.5.0 were used during the development of this version but not released -- +**Please be aware that the project will have frequent updates to the main branch. There are no compatibility guarantees associated with code in any branch, including main, until it has been released. For example, changes may be reverted before a release is published. For the best results, use the latest published release.** + + + +# r1.1 - rc + +## Release Notes + +This release of OTPValidation contains the definition and documentation of +* one-time-password-sms 1.0.0-rc.1 + +The API definition(s) are based on +* Commonalities v0.4.0 +* Identity and Consent Management v0.2.0 + + +## OTPValidation v1.0.0-rc.1 + + +**one-time-password-sms 1.0.0-rc.1** is the first release-candidate version for the v1.0.0 of the one-time-password-sms API. +This version contains significant changes compared to v0.5.0, and it is not backward compatible. + +- API definition **with inline documentation**: + - [View it on ReDoc](https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/camaraproject/OTPValidation/r1.1/code/API_definitions/one-time-password-sms.yaml&nocors) + - [View it on Swagger Editor](https://editor.swagger.io/?url=https://raw.githubusercontent.com/camaraproject/OTPValidation/r1.1/code/API_definitions/one-time-password-sms.yaml) + - OpenAPI [YAML spec file](https://github.com/camaraproject/OTPValidation/blob/r1.1/code/API_definitions/one-time-password-sms.yaml) + + ### Added -* CHANGELOG.md -* API definition ready for a release +* User Story in documentation/API_documentation directory by @bigludo7 [PR71](https://github.com/camaraproject/OTPValidationAPI/pull/71) +* Test Definition in Test_Definitions directory by @bigludo7 [PR61](https://github.com/camaraproject/OTPValidationAPI/pull/61) ### Changed -* Aligned with CAMARA design guidelines +* Aligned with CAMARA design guidelines & Identity Consent management +* Make the '+' mandatory for the phone number by @bigludo7 [PR50](https://github.com/camaraproject/OTPValidationAPI/pull/50) +* Cosmetic change following megalinter integration by @bigludo7 [PR53](https://github.com/camaraproject/OTPValidationAPI/pull/53) +* Update Authorization and authentication part accordingly to ICM by @bigludo7 [PR65](https://github.com/camaraproject/OTPValidationAPI/pull/65) +* Align securitySchemes with ICM by @fernandopradocabrillo [PR68](https://github.com/camaraproject/OTPValidationAPI/pull/68) ### Fixed @@ -28,4 +53,11 @@ ### Removed -* n/a \ No newline at end of file +* n/a + +## New Contributors + +- @fernandopradocabrillo made their first contribution in Fernando replaces Mona as maintainer [#37](https://github.com/camaraproject/OTPvalidationAPI/pull/37) +- @rartych made their first contribution in GitHub workflows [#60](https://github.com/camaraproject/OTPvalidationAPI/pull/60) + + diff --git a/README.md b/README.md index 2306dbb..d731328 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,17 @@ - - - - - - + + + + + + # OTP Validation -Repository to describe, develop, document and test the OTP Validation API family +Repository to describe, develop, document and test the OTPValidation API family ## Scope -* Service APIs for “OTP Validation” (see APIBacklog.md) +* Service APIs for “OTPValidation” (see APIBacklog.md) * One Time Password SMS API performs real-time checks to verify that the user possessed the device that carries the indicated mobile phone number. * It provides a frequent method of verifying possession of the device by delivering an OTP (one-time password) through SMS and validating it afterwards. * NOTE: The scope of this API family should be limited (at least at a first stage) to 4G and 5G. @@ -21,21 +21,27 @@ Repository to describe, develop, document and test the OTP Validation API family ## Meetings -* Meetings are held virtually in MS Teams -* Current schedule & meeting links: [Meetings information](documentation/MeetingMinutes/README.MD) + +Current schedule, registration, & meeting links are available on the confluence page: [Meetings information](https://wiki.camaraproject.org/display/CAM/OTPValidation) ## Status and released versions * Note: Please be aware that the project will have frequent updates to the main branch. There are no compatibility guarantees associated with code in any branch, including main, until a new release is created. For example, changes may be reverted before a release is created. **For best results, use the latest available release**. -* **The latest available release and version of CAMARA OTPValidaton API is 0.5.0. This is the first alpha version of the API.** There are bug fixes to be expected and incompatible changes in upcoming releases. It is suitable for implementors, but it is not recommended to use the API with customers in productive environments. -* Release 0.5.0 of the API is available within the [release-0.5.0 branch](https://github.com/camaraproject/OTPvalidationAPI/tree/v0.5.0): +* **The latest pre-release of OTPValidation is r1.1. The pre-release contains the release candidate of the first stable version of the one-time-password-sms API**. The pre-release is suitable for implementors. +* The Release Tag is [r1.1](https://github.com/camaraproject/OTPvalidation/releases/tag/r1.1). - API definition **with inline documentation**: - - OpenAPI [YAML spec file](https://github.com/camaraproject/OTPvalidationAPI/blob/main/code/API_definitions/one-time-password-sms.yaml) - - [View it on ReDoc](https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/camaraproject/OTPvalidationAPI/blob/main/code/API_definitions/one-time-password-sms.yaml&nocors) - - [View it on Swagger Editor](https://editor.swagger.io/?url=https://raw.githubusercontent.com/camaraproject/OTPvalidationAPI/blob/main/code/API_definitions/one-time-password-sms.yaml) - + - OpenAPI [YAML spec file](https://github.com/camaraproject/OTPvalidation/blob/r1.1/code/API_definitions/one-time-password-sms.yaml) + - [View it on ReDoc](https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/camaraproject/OTPvalidation/blob/r1.1/code/API_definitions/one-time-password-sms.yaml&nocors) + - [View it on Swagger Editor](https://editor.swagger.io/?url=https://raw.githubusercontent.com/camaraproject/OTPvalidation/blob/r1.1/code/API_definitions/one-time-password-sms.yaml) +* The previous version 0.5.0 is available on [release-0.5.0](https://github.com/camaraproject/OTPvalidation/tree/release-0.5.0) branch. ## Contributorship and mailing list * To subscribe / unsubscribe to the mailing list of this Sub Project and thus be / resign as Contributor please visit . * A message to all Contributors of this Sub Project can be sent using . + + + +## Relevant Information + +Since April 4th 2024 WG meeting minutes are placed in [OTP Validation Wiki Confluence site](https://wiki.camaraproject.org/display/CAM/OTP+Validation) diff --git a/code/API_definitions/one-time-password-sms.yaml b/code/API_definitions/one-time-password-sms.yaml index 513ec33..541618f 100644 --- a/code/API_definitions/one-time-password-sms.yaml +++ b/code/API_definitions/one-time-password-sms.yaml @@ -21,24 +21,17 @@ info: It is important to remark that in cases where personal user data is processed by the API, and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of 3-legged access tokens becomes mandatory. This measure ensures that the API remains in strict compliance with user privacy preferences and regulatory obligations, upholding the principles of transparency and user-centric data control. - version: wip - termsOfService: http://example.com/terms/ - contact: - name: API Support - url: http://www.example.com/support - email: support@example.com + version: 1.0.0-rc.1 + x-camara-commonalities: 0.4.0 license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html servers: - - url: https://{host}{basePath} + - url: "{apiRoot}/one-time-password-sms/v1rc1" variables: - host: - default: api.example.com - description: Host that serves the API - basePath: - default: /one-time-password-sms/v0 - description: Base path for the one time password sms API + apiRoot: + default: http://localhost:9091 + description: API root, defined by the service provider, e.g. `api.example.com` or `api.example.com/somepath` tags: - name: OTP Management description: API operations to manage OTP codes diff --git a/documentation/API_documentation/one-time-password-sms-API-Readiness-Checklist.md b/documentation/API_documentation/one-time-password-sms-API-Readiness-Checklist.md new file mode 100644 index 0000000..dc81cf5 --- /dev/null +++ b/documentation/API_documentation/one-time-password-sms-API-Readiness-Checklist.md @@ -0,0 +1,28 @@ +# API Readiness Checklist + +Checklist for one-time-password-sms v1.0.0-rc.1 in r1.1 + + +| Nr | API release assets | alpha | release-candidate | public-release
initial | public-release
stable | Status | Comments | +|----|----------------------------------------------|:-----:|:-----------------:|:-------:|:------:|:----:|:----:| +| 1 | API definition | M | M | M | M | Y | [link](/code/API_definitions/one-time-password-sms.yaml) | +| 2 | Design guidelines from Commonalities applied | O | M | M | M | Y | | +| 3 | Guidelines from ICM applied | O | M | M | M | Y | | +| 4 | API versioning convention applied | M | M | M | M | Y | | +| 5 | API documentation | M | M | M | M | Y | Embed documentation into API spec - [link](/code/API_definitions/one-time-password-sms.yaml) | +| 6 | User stories | O | O | O | M | N | [link](/documentation/API_documentation/OTPValidationAPI_User_Story.md) | +| 7 | Basic API test cases & documentation | O | M | M | M | N | [link](/code/Test_Definitions/OTPvalidationAPI.feature) | + +| 8 | Enhanced API test cases & documentation | O | O | O | M | N | [link](/code/Test_Definitions/OTPvalidationAPI.feature) | + +| 9 | Test result statement | O | O | O | M | N | link | +| 10 | API release numbering convention applied | M | M | M | M | Y | | +| 11 | Change log updated | M | M | M | M | N | [link](/CHANGELOG.md) | +| 12 | Previous public-release was certified | O | O | O | M | Y | [link](https://www.open-gateway.com/operators-map) | + + + + +Note: It is normal that the checklists of the (final) release-candidate and its subsequent public-release are the same, while additional release assets are required for a subsequent stable public-release. + +The documentation for the content of the checklist is here: [API Readiness Checklist documentation](https://wiki.camaraproject.org/x/AgAVAQ#APIReleaseProcess-APIreadinesschecklist)