From 605af38233c90d8fb99eacfc54b392ab1cc51a25 Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Mon, 20 May 2024 15:29:13 +0100 Subject: [PATCH 01/32] Update qos-profiles.yaml --- code/API_definitions/qos-profiles.yaml | 29 +++++++++++++++++--------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 091b9d3b73..98901db7ef 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -16,6 +16,12 @@ info: How QoS profiles are mapped to connectivity characteristics are subject to agreements between the communication service provider and the API invoker. Within the CAMARA project, you can find a sample for such a mapping of QoS profiles. [CAMARA QoS Profiles Mapping Table (REFERENCE DRAFT)](https://github.com/camaraproject/QualityOnDemand/blob/main/documentation/API_documentation/QoSProfile_Mapping_Table.md) + # Authorization and Authentication + + CAMARA guidelines defines a set of authorization flows which can grant API clients access to the API functionality, as outlined in the document [CAMARA-API-access-and-user-consent.md](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-API-access-and-user-consent.md). Which specific authorization flows are to be used will be determined during onboarding process, happening between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API, while also being subject to the prevailing legal framework dictated by local legislation. + + It is important to remark that in cases where personal user data is processed by the API, and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of 3-legged access tokens becomes mandatory. This measure ensures that the API remains in strict compliance with user privacy preferences and regulatory obligations, upholding the principles of transparency and user-centric data control. + # Further info and support (FAQs will be added in a later version of the documentation) @@ -26,20 +32,22 @@ info: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html version: wip + externalDocs: description: Product documentation at Camara url: https://github.com/camaraproject/ -security: - - oAuth2ClientCredentials: [] + servers: - url: "{apiRoot}/qos-profiles/vwip" variables: apiRoot: default: http://localhost:9091 description: API root, defined by the service provider, e.g. `api.example.com` or `api.example.com/somepath` + tags: - name: QoS Profiles description: Manage QoS Profiles + paths: /qos-profiles: get: @@ -50,6 +58,9 @@ paths: Returns all QoS Profiles that match the given criteria. If no criteria is given, all QoS Profiles are returned. operationId: getQosProfiles + security: + - openId: + - qos-profiles:qos-profiles:read parameters: - name: name in: query @@ -95,6 +106,9 @@ paths: operationId: getQosProfile description: | Returns a QoS Profile that matches the given name. + security: + - openId: + - qos-profiles:qos-profiles:read parameters: - name: name in: path @@ -128,14 +142,9 @@ paths: components: securitySchemes: - oAuth2ClientCredentials: - description: | - The QoS Profiles API makes use of the OAUTH 2.0 client credentials grant which is applicable for server to server use cases involving trusted partners or clients without any protected user data involved. In this method the API invoker client is registered as a confidential client with an authorization grant type of client_credentials - type: oauth2 - flows: - clientCredentials: - tokenUrl: https://api.example.com/oauth/token - scopes: {} + openId: + type: openIdConnect + openIdConnectUrl: https://example.com/.well-known/openid-configuration parameters: x-correlator: From 04128b2881cbdefd1ad00e199cc60f079e04fd6b Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Mon, 20 May 2024 15:38:35 +0100 Subject: [PATCH 02/32] Update quality-on-demand.yaml --- code/API_definitions/quality-on-demand.yaml | 65 +++++++++------------ 1 file changed, 26 insertions(+), 39 deletions(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 5363730a65..10279720a2 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -55,6 +55,12 @@ info: ![QoD Management API](https://raw.githubusercontent.com/camaraproject/QualityOnDemand/main/documentation/API_documentation/resources/QoD_details.PNG) + # Authorization and Authentication + + CAMARA guidelines defines a set of authorization flows which can grant API clients access to the API functionality, as outlined in the document [CAMARA-API-access-and-user-consent.md](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-API-access-and-user-consent.md). Which specific authorization flows are to be used will be determined during onboarding process, happening between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API, while also being subject to the prevailing legal framework dictated by local legislation. + + It is important to remark that in cases where personal user data is processed by the API, and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of 3-legged access tokens becomes mandatory. This measure ensures that the API remains in strict compliance with user privacy preferences and regulatory obligations, upholding the principles of transparency and user-centric data control. + # Further info and support (FAQs will be added in a later version of the documentation) @@ -65,20 +71,22 @@ info: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html version: wip + externalDocs: description: Product documentation at Camara url: https://github.com/camaraproject/ -security: - - oAuth2ClientCredentials: [] + servers: - url: "{apiRoot}/quality-on-demand/vwip" variables: apiRoot: default: http://localhost:9091 description: API root, defined by the service provider, e.g. `api.example.com` or `api.example.com/somepath` + tags: - name: QoS Sessions description: Manage QoS sessions + paths: /sessions: post: @@ -104,6 +112,9 @@ paths: for the same device and flow period they must release the session resources with an explicit `delete` operation if not yet automatically deleted. operationId: createSession + security: + - openId: + - quality-on-demand:sessions:create parameters: - $ref: "#/components/parameters/x-correlator" requestBody: @@ -258,10 +269,6 @@ paths: $ref: "#/components/responses/Generic501" "503": $ref: "#/components/responses/Generic503" - security: - - oAuth2ClientCredentials: [] - - threeLegged: - - "qod-sessions-write" /sessions/{sessionId}: get: @@ -270,6 +277,9 @@ paths: summary: Get QoS session information description: Querying for QoS session resource information details operationId: getSession + security: + - openId: + - quality-on-demand:sessions:read parameters: - name: sessionId in: path @@ -305,10 +315,6 @@ paths: $ref: "#/components/responses/Generic500" "503": $ref: "#/components/responses/Generic503" - security: - - oAuth2ClientCredentials: [] - - threeLegged: - - "qod-sessions-read" delete: tags: @@ -322,6 +328,9 @@ paths: - `statusInfo` as `DELETE_REQUESTED` There will be no notification event if the `qosStatus` was already `UNAVAILABLE`. operationId: deleteSession + security: + - openId: + - quality-on-demand:sessions:delete parameters: - name: sessionId in: path @@ -348,10 +357,6 @@ paths: $ref: "#/components/responses/Generic500" "503": $ref: "#/components/responses/Generic503" - security: - - oAuth2ClientCredentials: [] - - threeLegged: - - "qod-sessions-delete" /sessions/{sessionId}/extend: post: @@ -368,6 +373,9 @@ paths: - New remaining duration: 86,400 seconds (the maximum allowed) - New overall session duration: 96,400 seconds operationId: extendQosSessionDuration + security: + - openId: + - quality-on-demand:sessions:update parameters: - name: sessionId in: path @@ -425,39 +433,18 @@ paths: $ref: "#/components/responses/Generic500" "503": $ref: "#/components/responses/Generic503" - security: - - oAuth2ClientCredentials: [] - - threeLegged: - - "qod-sessions-write" components: securitySchemes: - oAuth2ClientCredentials: - description: | - The QoD API makes use of the OAUTH 2.0 client credentials grant which is applicable for server to server use cases involving trusted partners or clients without any protected user data involved. In this method the API invoker client is registered as a confidential client with an authorization grant type of client_credentials - type: oauth2 - flows: - clientCredentials: - tokenUrl: https://api.example.com/oauth/token - scopes: {} + openId: + type: openIdConnect + openIdConnectUrl: https://example.com/.well-known/openid-configuration notificationsBearerAuth: description: Bearer authentication for notifications type: http scheme: bearer bearerFormat: "{$request.body#/webhook/notificationAuthToken}" - threeLegged: - type: oauth2 - description: This API uses OAuth 2 with the authorization code grant flow. - flows: - authorizationCode: - authorizationUrl: https://api.example.com/oauth2/authorize - tokenUrl: https://api.example.com/oauth/token - scopes: - qod-sessions-read: Retrieval of QoS sessions - qod-sessions-write: Creation and update of QoS sessions - qod-sessions-delete: Deletion of QoS sessions - qod-profiles-read: Retrieval of QoS profiles - + parameters: x-correlator: name: x-correlator From 62e49d487bb1163582939e0f7d57c3cd3864ea6b Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Mon, 20 May 2024 16:01:07 +0100 Subject: [PATCH 03/32] Update qos-profiles.yaml --- code/API_definitions/qos-profiles.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 98901db7ef..3c115a4ae0 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -60,7 +60,7 @@ paths: operationId: getQosProfiles security: - openId: - - qos-profiles:qos-profiles:read + - qos-profiles:qos-profiles:read parameters: - name: name in: query @@ -108,7 +108,7 @@ paths: Returns a QoS Profile that matches the given name. security: - openId: - - qos-profiles:qos-profiles:read + - qos-profiles:qos-profiles:read parameters: - name: name in: path From 4cc402c7201df1e3b49957378ba2c0ad15ac5e5a Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Mon, 20 May 2024 16:02:59 +0100 Subject: [PATCH 04/32] Update quality-on-demand.yaml --- code/API_definitions/quality-on-demand.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 10279720a2..fdb96cdf95 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -60,7 +60,7 @@ info: CAMARA guidelines defines a set of authorization flows which can grant API clients access to the API functionality, as outlined in the document [CAMARA-API-access-and-user-consent.md](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-API-access-and-user-consent.md). Which specific authorization flows are to be used will be determined during onboarding process, happening between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API, while also being subject to the prevailing legal framework dictated by local legislation. It is important to remark that in cases where personal user data is processed by the API, and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of 3-legged access tokens becomes mandatory. This measure ensures that the API remains in strict compliance with user privacy preferences and regulatory obligations, upholding the principles of transparency and user-centric data control. - + # Further info and support (FAQs will be added in a later version of the documentation) @@ -114,7 +114,7 @@ paths: operationId: createSession security: - openId: - - quality-on-demand:sessions:create + - quality-on-demand:sessions:create parameters: - $ref: "#/components/parameters/x-correlator" requestBody: @@ -279,7 +279,7 @@ paths: operationId: getSession security: - openId: - - quality-on-demand:sessions:read + - quality-on-demand:sessions:read parameters: - name: sessionId in: path @@ -330,7 +330,7 @@ paths: operationId: deleteSession security: - openId: - - quality-on-demand:sessions:delete + - quality-on-demand:sessions:delete parameters: - name: sessionId in: path @@ -375,7 +375,7 @@ paths: operationId: extendQosSessionDuration security: - openId: - - quality-on-demand:sessions:update + - quality-on-demand:sessions:update parameters: - name: sessionId in: path @@ -444,7 +444,7 @@ components: type: http scheme: bearer bearerFormat: "{$request.body#/webhook/notificationAuthToken}" - + parameters: x-correlator: name: x-correlator From 8f537ebc17ce59be83e07a9b9bad8952660280f7 Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Wed, 29 May 2024 17:27:04 +0200 Subject: [PATCH 05/32] Consolidation of changes related to session duration - For creation, duration is made required. Maximum and default are deprecated, relying on the QoS Profile API for any limit. Implementations can grant the requested duration or set a different value in the response. - maxDuration in QoS Profiles is assumed to be the absolute maximum duration including any extensions. That is, extensions can extend the current session duration to the maximumDuration but no longer. Session info changes: - dates are formatted as string, date-format. - startedAt and expiredAt are both optional and not expected to be returned when qosStatus is "REQUESTED". - duration is the overall session duration, including any extension. It should be the interval between startedAt and expiresAt, so it is redundant, unless the qosStatus is "REQUESTED". In this case it would reflect the requested or granted duration. For sessions with qosStatus = "UNAVAILABLE", it must be adjusted to the effective duration. --- code/API_definitions/qos-profiles.yaml | 3 +- code/API_definitions/quality-on-demand.yaml | 88 +++++++++++---------- 2 files changed, 46 insertions(+), 45 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 091b9d3b73..7b28940b57 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -231,8 +231,7 @@ components: maxDuration: description: | The maximum time period that this profile can be deployed. - NOTE: currently the duration within `sessionInfo` is limited to 86400 seconds (1 day). - The value of `maxDuration` shouldn't therefore exceed this time period. The limitation might be removed in later versions. + Overall session duration must not exceed this value. This includes the initial requested duration plus any extensions. allOf: - $ref: "#/components/schemas/Duration" priority: diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 5363730a65..76ba138ee1 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -12,7 +12,7 @@ info: ![QoD API Overview](https://raw.githubusercontent.com/camaraproject/QualityOnDemand/main/documentation/API_documentation/resources/QoD_latency_overview.PNG) - The usage of the API is based on QoS session resources, which can be created (based on available QoS profiles), queried and deleted. The deletion of a requested session can be triggered by the API consumer or can be triggered automatically. The automatic process is triggered either when the requested specified duration of a QoS session has reached its limit or the default session expiration time has been reached (within an example provider implementation it is set to 24hrs). + The usage of the API is based on QoS session resources, which can be created (based on available QoS profiles), queried and deleted. The deletion of a requested session can be triggered by the API consumer or can be triggered automatically once the QoS session has reached its limit. # Relevant terms and definitions @@ -35,7 +35,7 @@ info: The precise application data flow the developer wants to prioritize and have stable latency or throughput for. This flow is in the current API version determined by the identifiers used for the device and the application server. And it can be further elaborated with details such as ports or port-ranges. Future version of the API might allow more detailed flow identification features. * **Duration**: - Duration (in seconds) for which the QoS session (between application client and application server) should be created. This parameter is optional. When not specified, a default session duration (e.g. 24 hours) is applied. The user may request a termination before its expiration. + Duration (in seconds) for which the QoS session (between application client and application server) should be created. Limits for session duration can be set by the implementation for the QoS profile. The user may request a termination before its expiration. * **Notification URL and token**: Developers may provide a callback URL on which notifications about all status change events of the session (eg. session termination) can be received from the service provider. This is an optional parameter. @@ -97,8 +97,7 @@ paths: A `QOS_STATUS_CHANGED` event notification with `qosStatus` as `UNAVAILABLE` will also be send if the network terminates the session before the requested duration expired - NOTE: in case of a `QOS_STATUS_CHANGED` event with `qosStatus` as `UNAVAILABLE` and `statusInfo` as `NETWORK_TERMINATED` the resources of the QoS session - are not directly released, but will get deleted automatically at earliest 360 seconds after the event. + NOTE: in case of a `QOS_STATUS_CHANGED` event with `qosStatus` as `UNAVAILABLE` and `statusInfo` as `NETWORK_TERMINATED` the resources of the QoS session are not directly released, but will get deleted automatically at earliest 360 seconds after the event. This behavior allows clients which are not receiving notification events but are polling to get the session information with the `qosStatus` `UNAVAILABLE` and `statusInfo` `NETWORK_TERMINATED`. Before a client can attempt to create a new QoD session for the same device and flow period they must release the session resources with an explicit `delete` operation if not yet automatically deleted. @@ -359,14 +358,12 @@ paths: - QoS Sessions summary: "Extend the duration of an active session" description: | - Extend the overall duration of an active QoS session. If this operation is executed successfully, the new duration of the target session will be the original duration plus the additionally requested duration. - The new remaining duration of the QoS session shall not exceed the maximum remaining duration limit (currently fixed at 86,400 seconds) where the remaining duration is calculated as the difference between the `expiresAt` and current time when the request to extend the session duration is received. If this maximum limit would be exceeded, the overall duration shall be set such that the remaining duration is equal to this limit. - An example: A QoD session was originally created with duration 80,000 seconds. 10,000 seconds later, the developer requested to extend the session by 20,000 seconds. - - Original duration: 80,000 seconds - - Elapsed time: 10,000 seconds - - Remaining duration: 70,000 seconds - - New remaining duration: 86,400 seconds (the maximum allowed) - - New overall session duration: 96,400 seconds + Extend the overall session duration of an active QoS session. + The overall duration of the QoS session, including the additional extended duration, shall not exceed the maximum duration limit fixed for the QoS Profile. If the current duration plus the value of `requestedAdditionalDuration` exceeds the maximum limit, the new overall duration shall be capped to the maximum value allowed. + An example: For a QoS profile limited to a `maxDuration` of 50,000 seconds, a QoD session was originally created with duration 30,000 seconds. Before the session expires, the developer requests to extend the session by another 30,000 seconds: + - Previous duration: 30,000 seconds + - Requested additional duration: 30,000 seconds + - New overall session duration: 50,000 seconds (the maximum allowed) operationId: extendQosSessionDuration parameters: - name: sessionId @@ -527,20 +524,30 @@ components: sessionId: $ref: "#/components/schemas/SessionId" duration: + description: | + Session duration in seconds. Implementations can grant the requested session duration or set a different duration, based on network policies or conditions. + - When `qosStatus` is "REQUESTED", the value is the duration to be scheduled, granted by the implementation. + - When `qosStatus` is AVAILABLE", the value is the overall duration since `startedAt. When the session is extended, the value is the new overall duration of the session. + - When `qosStatus` is "UNAVAILABLE", the value is the overall effective duration since `startedAt` until the session was terminated. type: integer format: int32 minimum: 1 - example: 86400 + example: 3600 startedAt: - type: integer - example: 1639479600 - description: Timestamp of session start in seconds since Unix epoch - format: int64 + description: Date and time when the QoS status became "AVAILABLE". Not to be returned when `qosStatus` is "REQUESTED". Format must follow RFC 3339 and must indicate time zone (UTC or local). + type: string + format: date-time + example: "2024-06-01T12:00:00Z" expiresAt: - type: integer - example: 1639566000 - description: Timestamp of session expiration if the session was not deleted, in seconds since Unix epoch - format: int64 + description: | + Date and time of the QoS session expiration. Format must follow RFC 3339 and must indicate time zone (UTC or local). + - When `qosStatus` is "AVAILABLE", it is the limit time when the session is scheduled to finnish, if not terminated by other means. + - When `qosStatus` is "UNAVAILABLE", it is the time when the session was terminated. + - Not to be returned when `qosStatus` is "REQUESTED". + When the session is extended, the value is the new expiration time of the session. + type: string + format: date-time + example: "2024-06-01T13:00:00Z" qosStatus: $ref: "#/components/schemas/QosStatus" statusInfo: @@ -552,8 +559,6 @@ components: required: - sessionId - duration - - startedAt - - expiresAt - qosStatus CreateSession: @@ -564,17 +569,13 @@ components: properties: duration: description: | - Session duration in seconds. Maximal value of 24 hours is used if not set. - After session is expired the, client will receive a `QOS_STATUS_CHANGED` event with - - `qosStatus` as `UNAVAILABLE`, and, - - `statusInfo` as `DURATION_EXPIRED`. - See notification callback. + Requested session duration in seconds. Value may be explicitly limited for the QoS profile, as specified in the [Qos Profile API](TBC). Implementations can grant the requested session duration or set a different duration, based on network policies or conditions. type: integer format: int32 minimum: 1 - maximum: 86400 - default: 86400 - example: 86400 + example: 3600 + required: + - duration Port: description: TCP or UDP port number @@ -621,12 +622,11 @@ components: properties: requestedAdditionalDuration: description: | - Additional duration in seconds to be extended. + Additional duration in seconds to be added to the current session duration. The overall session duration, including extensions, shall not exceed the maximum duration limit for the QoS Profile. type: integer format: int32 minimum: 1 - maximum: 86399 - example: 60 + example: 1800 required: - requestedAdditionalDuration @@ -995,8 +995,9 @@ components: examples: SESSION_AVAILABLE_EXAMPLE: summary: QoS session status is available + description: QoS session info when status is available value: - duration: 86400 + duration: 3600 device: ipv4Address: publicAddress: 203.0.113.0 @@ -1007,14 +1008,15 @@ components: webhook: notificationUrl: https://application-server.com sessionId: 3fa85f64-5717-4562-b3fc-2c963f66afa6 - startedAt: 1639479600 - expiresAt: 1639566000 + startedAt: "2024-06-01T12:00:00Z" + expiresAt: "2024-06-01T13:00:00Z" qosStatus: AVAILABLE SESSION_UNAVAILABLE_EXAMPLE: summary: QoS session is unavailable + description: QoS session info when status is unavailable due to network termination value: - duration: 86400 + duration: 2428 device: ipv4Address: publicAddress: 203.0.113.0 @@ -1025,20 +1027,20 @@ components: webhook: notificationUrl: https://application-server.com sessionId: 3fa85f64-5717-4562-b3fc-2c963f66afa6 - startedAt: 1639479600 - expiresAt: 1639566000 + startedAt: "2024-06-01T12:00:00Z" + expiresAt: "2024-06-01T12:40:28Z" qosStatus: UNAVAILABLE statusInfo: NETWORK_TERMINATED QOS_STATUS_CHANGED_EXAMPLE: - description: QoS status changed - summary: Cloud event example for QoS status change to UNAVAILABLE due to DURATION_EXPIRED + summary: QoS status changed + description: Cloud event example for QoS status change to UNAVAILABLE due to DURATION_EXPIRED value: id: 83a0d986-0866-4f38-b8c0-fc65bfcda452 source: 'https://api.example.com/qod/v0/sessions/123e4567-e89b-12d3-a456-426614174000' specversion: '1.0' type: 'org.camaraproject.qod.v0.qos-status-changed' - time: '2021-12-12T00:00:00Z' + time: '2024-06-01T13:00:00Z' data: sessionId: '123e4567-e89b-12d3-a456-426614174000' qosStatus: 'UNAVAILABLE' From 068b65158cd2fa1e6303e19c829244039d3aad5f Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Fri, 31 May 2024 12:57:09 +0200 Subject: [PATCH 06/32] Update quality-on-demand.yaml Fixing linting complaints about trailing spaces --- code/API_definitions/quality-on-demand.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 76ba138ee1..b4c4f16a14 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -362,7 +362,7 @@ paths: The overall duration of the QoS session, including the additional extended duration, shall not exceed the maximum duration limit fixed for the QoS Profile. If the current duration plus the value of `requestedAdditionalDuration` exceeds the maximum limit, the new overall duration shall be capped to the maximum value allowed. An example: For a QoS profile limited to a `maxDuration` of 50,000 seconds, a QoD session was originally created with duration 30,000 seconds. Before the session expires, the developer requests to extend the session by another 30,000 seconds: - Previous duration: 30,000 seconds - - Requested additional duration: 30,000 seconds + - Requested additional duration: 30,000 seconds - New overall session duration: 50,000 seconds (the maximum allowed) operationId: extendQosSessionDuration parameters: @@ -525,9 +525,9 @@ components: $ref: "#/components/schemas/SessionId" duration: description: | - Session duration in seconds. Implementations can grant the requested session duration or set a different duration, based on network policies or conditions. + Session duration in seconds. Implementations can grant the requested session duration or set a different duration, based on network policies or conditions. - When `qosStatus` is "REQUESTED", the value is the duration to be scheduled, granted by the implementation. - - When `qosStatus` is AVAILABLE", the value is the overall duration since `startedAt. When the session is extended, the value is the new overall duration of the session. + - When `qosStatus` is AVAILABLE", the value is the overall duration since `startedAt. When the session is extended, the value is the new overall duration of the session. - When `qosStatus` is "UNAVAILABLE", the value is the overall effective duration since `startedAt` until the session was terminated. type: integer format: int32 @@ -569,7 +569,7 @@ components: properties: duration: description: | - Requested session duration in seconds. Value may be explicitly limited for the QoS profile, as specified in the [Qos Profile API](TBC). Implementations can grant the requested session duration or set a different duration, based on network policies or conditions. + Requested session duration in seconds. Value may be explicitly limited for the QoS profile, as specified in the [Qos Profile API](TBC). Implementations can grant the requested session duration or set a different duration, based on network policies or conditions. type: integer format: int32 minimum: 1 From cf9e2967d577a72f14924c03ba7c383089d0d367 Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Thu, 13 Jun 2024 16:44:33 +0200 Subject: [PATCH 07/32] Make + prefix mandatory for phoneNumber --- code/API_definitions/quality-on-demand.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 5363730a65..eb1954d9bd 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -771,11 +771,11 @@ components: example: "123456789@domain.com" PhoneNumber: - description: A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, optionally prefixed with '+'. + description: A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with '+'. type: string - pattern: '^\+?[0-9]{5,15}$' - example: "123456789" - + pattern: '^\+[1-9][0-9]{4,14}$' + example: "+123456789" + DeviceIpv4Addr: type: object description: | From 8b969aa81c2135e9e6c6ada99382b107f0968762 Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Thu, 13 Jun 2024 20:58:24 +0200 Subject: [PATCH 08/32] Making the linter happy --- code/API_definitions/quality-on-demand.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index eb1954d9bd..842ed17106 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -775,7 +775,7 @@ components: type: string pattern: '^\+[1-9][0-9]{4,14}$' example: "+123456789" - + DeviceIpv4Addr: type: object description: | From 5b9ecb1ad778affd1d43a99e367a127570374c8f Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Thu, 20 Jun 2024 09:52:58 +0200 Subject: [PATCH 09/32] feat: add more HTTP-status-codes, e.g. 405, 406, 415, 429 --- code/API_definitions/qos-profiles.yaml | 85 ++++++++++- code/API_definitions/quality-on-demand.yaml | 153 +++++++++++++++++--- 2 files changed, 214 insertions(+), 24 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 7b28940b57..a33a10a0ae 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -19,7 +19,7 @@ info: # Further info and support (FAQs will be added in a later version of the documentation) - termsOfService: http://swagger.io/terms/ + termsOfService: https://swagger.io/terms/ contact: email: project-email@sample.com license: @@ -82,6 +82,12 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/QosProfilesNotFound404" + "405": + $ref: "#/components/responses/Generic405" + "406": + $ref: "#/components/responses/Generic406" + "429": + $ref: "#/components/responses/Generic429" "500": $ref: "#/components/responses/QoSProfile500" "503": @@ -121,6 +127,12 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/QosProfileNotFound404" + "405": + $ref: "#/components/responses/Generic405" + "406": + $ref: "#/components/responses/Generic406" + "429": + $ref: "#/components/responses/Generic429" "500": $ref: "#/components/responses/QoSProfile500" "503": @@ -455,6 +467,77 @@ components: code: NOT_FOUND message: "QosProfile Id does not exist" + Generic405: + description: Method Not Allowed + headers: + x-correlator: + $ref: '#/components/headers/x-correlator' + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + examples: + GENERIC_405_METHOD_NOT_ALLOWED: + description: Invalid HTTP verb used with a given endpoint + value: + status: 405 + code: METHOD_NOT_ALLOWED + message: The requested method is not allowed/supported on the target resource. + + Generic406: + description: Not Acceptable + headers: + x-correlator: + $ref: "#/components/headers/x-correlator" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + examples: + GENERIC_406_NOT_ACCEPTABLE: + description: API Server does not accept the media type (`Accept-*` header) indicated by API client + value: + status: 406 + code: NOT_ACCEPTABLE + message: The server cannot produce a response matching the content requested by the client through `Accept-*` headers. + + SessionInConflict409: + description: Conflict + headers: + x-correlator: + $ref: '#/components/headers/x-correlator' + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + example: + status: 409 + code: CONFLICT + message: "Another session is created for the same device" + + Generic429: + description: Too Many Requests + headers: + x-correlator: + $ref: "#/components/headers/x-correlator" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + examples: + GENERIC_429_QUOTA_EXCEEDED: + description: Request is rejected due to exceeding a business quota limit + value: + status: 429 + code: QUOTA_EXCEEDED + message: Either out of resource quota or reaching rate limiting. + GENERIC_429_TOO_MANY_REQUESTS: + description: API Server request limit is overpassed + value: + status: 429 + code: TOO_MANY_REQUESTS + message: Either out of resource quota or reaching rate limiting. + QoSProfile500: description: Internal server error headers: diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index e849b12a26..5099cd23a5 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -58,7 +58,7 @@ info: # Further info and support (FAQs will be added in a later version of the documentation) - termsOfService: http://swagger.io/terms/ + termsOfService: https://swagger.io/terms/ contact: email: project-email@sample.com license: @@ -238,19 +238,16 @@ paths: $ref: "#/components/responses/Generic401" "403": $ref: "#/components/responses/Generic403" + "405": + $ref: "#/components/responses/Generic405" + "406": + $ref: "#/components/responses/Generic406" "409": - description: Conflict - headers: - x-correlator: - $ref: '#/components/headers/x-correlator' - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorInfo" - example: - status: 409 - code: CONFLICT - message: "Another session is created for the same device" + $ref: "#/components/responses/SessionInConflict409" + "415": + $ref: "#/components/responses/Generic415" + "429": + $ref: "#/components/responses/Generic429" "500": $ref: "#/components/responses/Generic500" "501": @@ -300,6 +297,10 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/SessionNotFound404" + "406": + $ref: "#/components/responses/Generic406" + "429": + $ref: "#/components/responses/Generic429" "500": $ref: "#/components/responses/Generic500" "503": @@ -343,6 +344,10 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/SessionNotFound404" + "406": + $ref: "#/components/responses/Generic406" + "429": + $ref: "#/components/responses/Generic429" "500": $ref: "#/components/responses/Generic500" "503": @@ -418,6 +423,14 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/SessionNotFound404" + "405": + $ref: "#/components/responses/Generic405" + "406": + $ref: "#/components/responses/Generic406" + "415": + $ref: "#/components/responses/Generic415" + "429": + $ref: "#/components/responses/Generic429" "500": $ref: "#/components/responses/Generic500" "503": @@ -950,6 +963,94 @@ components: code: NOT_FOUND message: "Session Id does not exist" + Generic405: + description: Method Not Allowed + headers: + x-correlator: + $ref: '#/components/headers/x-correlator' + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + examples: + GENERIC_405_METHOD_NOT_ALLOWED: + description: Invalid HTTP verb used with a given endpoint + value: + status: 405 + code: METHOD_NOT_ALLOWED + message: The requested method is not allowed/supported on the target resource. + + Generic406: + description: Not Acceptable + headers: + x-correlator: + $ref: "#/components/headers/x-correlator" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + examples: + GENERIC_406_NOT_ACCEPTABLE: + description: API Server does not accept the media type (`Accept-*` header) indicated by API client + value: + status: 406 + code: NOT_ACCEPTABLE + message: The server cannot produce a response matching the content requested by the client through `Accept-*` headers. + + SessionInConflict409: + description: Conflict + headers: + x-correlator: + $ref: '#/components/headers/x-correlator' + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + example: + status: 409 + code: CONFLICT + message: "Another session is created for the same device" + + Generic415: + description: Unsupported Media Type + headers: + x-correlator: + $ref: "#/components/headers/x-correlator" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + examples: + GENERIC_415_UNSUPPORTED_MEDIA_TYPE: + description: Payload format of the request is in an unsupported format by the Server. Should not happen + value: + status: 415 + code: UNSUPPORTED_MEDIA_TYPE + message: The server refuses to accept the request because the payload format is in an unsupported format. + + Generic429: + description: Too Many Requests + headers: + x-correlator: + $ref: "#/components/headers/x-correlator" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorInfo" + examples: + GENERIC_429_QUOTA_EXCEEDED: + description: Request is rejected due to exceeding a business quota limit + value: + status: 429 + code: QUOTA_EXCEEDED + message: Either out of resource quota or reaching rate limiting. + GENERIC_429_TOO_MANY_REQUESTS: + description: API Server request limit is overpassed + value: + status: 429 + code: TOO_MANY_REQUESTS + message: Either out of resource quota or reaching rate limiting. + Generic500: description: Internal server error headers: @@ -973,24 +1074,30 @@ components: application/json: schema: $ref: "#/components/schemas/ErrorInfo" - example: - status: 501 - code: NOT_IMPLEMENTED - message: "Service not implemented for the specified user device" + examples: + GENERIC_501_NOT_IMPLEMENTED: + description: Service not implemented. The use of this code should be avoided as far as possible to get the objective to reach aligned implementations + value: + status: 501 + code: NOT_IMPLEMENTED + message: This functionality is not implemented yet. Generic503: - description: Service unavailable + description: Service Unavailable headers: x-correlator: - $ref: '#/components/headers/x-correlator' + $ref: "#/components/headers/x-correlator" content: application/json: schema: $ref: "#/components/schemas/ErrorInfo" - example: - status: 503 - code: UNAVAILABLE - message: "Service unavailable" + examples: + GENERIC_503_UNAVAILABLE: + description: Service is not available. Temporary situation usually related to maintenance process in the server side + value: + status: 503 + code: UNAVAILABLE + message: Service Unavailable. examples: SESSION_AVAILABLE_EXAMPLE: From 34493c6865517aa05536202571dc879132c0042b Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Fri, 21 Jun 2024 13:22:42 +0200 Subject: [PATCH 10/32] fix: update meeting-minutes reference in README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3bc6caacc3..9345fa6f1d 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ Repository to describe, develop, document and test the QualityOnDemand API famil ## Meetings * Meetings are held virtually: [Meeting registration / Join](https://zoom-lfx.platform.linuxfoundation.org/meeting/94112812156?password=f238d6af-c959-48d7-a862-abdb3c648e40) -* Schedule: bi-weekly, Friday, 2 PM CET/CEST (13:00 UTC, 12:00 UTC during European DST). For date/time of next meeting see previous [meeting minutes](https://wiki.camaraproject.org/display/CAM/Quality+on+Demand+Meeting+Minutes). +* Schedule: bi-weekly, Friday, 2 PM CET/CEST (13:00 UTC, 12:00 UTC during European DST). For date/time of next meeting see previous [meeting minutes](https://wiki.camaraproject.org/display/CAM/QualityOnDemand+2024+Minutes). ## Status and released versions From 14aea3a2e1f118e3eb94afacc04500515d1abb1a Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Fri, 21 Jun 2024 13:23:48 +0200 Subject: [PATCH 11/32] fix: update meeting-minutes reference in README.md --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 9345fa6f1d..b390657b18 100644 --- a/README.md +++ b/README.md @@ -16,15 +16,15 @@ Repository to describe, develop, document and test the QualityOnDemand API famil * set quality for a flow within an access network connections (e.g. mobile device connection or fixed access between a home gateway and the service providers gateway router) * Session mode, for a specific duration * Provision mode, indefinitely for each time the device connects to the same access network - * get notification if network cannot fulfill -* Describe, develop, document and test the APIs (with 1-2 Service Providers) + * get notification if the network cannot fulfill +* Describe, develop, document and test the APIs (with 1–2 Service Providers) * Started: October 2021 * Location: virtually ## Meetings * Meetings are held virtually: [Meeting registration / Join](https://zoom-lfx.platform.linuxfoundation.org/meeting/94112812156?password=f238d6af-c959-48d7-a862-abdb3c648e40) -* Schedule: bi-weekly, Friday, 2 PM CET/CEST (13:00 UTC, 12:00 UTC during European DST). For date/time of next meeting see previous [meeting minutes](https://wiki.camaraproject.org/display/CAM/QualityOnDemand+2024+Minutes). +* Schedule: bi-weekly, Friday, 2 PM CET/CEST (13:00 UTC, 12:00 UTC during European DST). For date/time of the next meeting, see previous [meeting minutes](https://wiki.camaraproject.org/display/CAM/QualityOnDemand+2024+Minutes). ## Status and released versions @@ -36,7 +36,7 @@ Repository to describe, develop, document and test the QualityOnDemand API famil - [View it on Swagger Editor](https://editor.swagger.io/?url=https://raw.githubusercontent.com/camaraproject/QualityOnDemand/release-0.10.1/code/API_definitions/qod-api.yaml) - OpenAPI [YAML spec file](https://github.com/camaraproject/QualityOnDemand/blob/release-0.10.1/code/API_definitions/qod-api.yaml) -* The previous released version v0.9.0 is availabe within the [release-0.9.0 branch](https://github.com/camaraproject/QualityOnDemand/tree/release-0.9.0) +* The previous released version v0.9.0 is available within the [release-0.9.0 branch](https://github.com/camaraproject/QualityOnDemand/tree/release-0.9.0) * For changes between v0.10.0 and v0.9.0 see the [CHANGELOG.md](https://github.com/camaraproject/QualityOnDemand/blob/main/CHANGELOG.md) * Provider implementations (PI) are available within separate repositories (partly for previous releases): @@ -47,5 +47,5 @@ Repository to describe, develop, document and test the QualityOnDemand API famil ## Contributorship and mailing list -* To subscribe / unsubscribe to the mailing list of this Sub Project and thus be / resign as Contributor please visit . +* To subscribe / unsubscribe to the mailing list of this Sub Project and thus be / resign as Contributor, please visit . * A message to all Contributors of this Sub Project can be sent using . From 2a17108bdb98f90dd8c99bb2309890b98d7cecf8 Mon Sep 17 00:00:00 2001 From: Herbert Damker <52109189+hdamker@users.noreply.github.com> Date: Fri, 21 Jun 2024 14:18:08 +0200 Subject: [PATCH 12/32] Update README.md --- documentation/MeetingMinutes/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/documentation/MeetingMinutes/README.md b/documentation/MeetingMinutes/README.md index 09d96e3782..81b7e85741 100644 --- a/documentation/MeetingMinutes/README.md +++ b/documentation/MeetingMinutes/README.md @@ -1,5 +1,5 @@ -## Meeting Minutes of Quality on Deman Sub Project +## Meeting Minutes of Quality on Demand Sub Project -Starting with the beginning of 2024 the meeting minutes of Quality on Demand calls are within the CAMARA Wiki at https://wiki.camaraproject.org/display/CAM/Quality+on+Demand+Meeting+Minutes +Starting with the beginning of 2024 the meeting minutes of Quality on Demand calls are within the CAMARA Wiki at https://wiki.camaraproject.org/x/0AOeAQ. Meeting minutes of 2023 and before are here in the repository. From d063470e9f0b9a5a1a541cc3c09fcd5e87a4ec5a Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Fri, 21 Jun 2024 14:21:54 +0200 Subject: [PATCH 13/32] Update README.md Co-authored-by: Herbert Damker <52109189+hdamker@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b390657b18..664e434075 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ Repository to describe, develop, document and test the QualityOnDemand API famil ## Meetings * Meetings are held virtually: [Meeting registration / Join](https://zoom-lfx.platform.linuxfoundation.org/meeting/94112812156?password=f238d6af-c959-48d7-a862-abdb3c648e40) -* Schedule: bi-weekly, Friday, 2 PM CET/CEST (13:00 UTC, 12:00 UTC during European DST). For date/time of the next meeting, see previous [meeting minutes](https://wiki.camaraproject.org/display/CAM/QualityOnDemand+2024+Minutes). +* Schedule: bi-weekly, Friday, 2 PM CET/CEST (13:00 UTC, 12:00 UTC during European DST). For date/time of the next meeting, see previous [meeting minutes](https://wiki.camaraproject.org/x/0AOeAQ). ## Status and released versions From 7cce24bbb17acd27e8f9a7dd5be3e9fdae30d91e Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Mon, 24 Jun 2024 15:50:46 +0100 Subject: [PATCH 14/32] Add notes on 2- and 3-legged token use --- code/API_definitions/quality-on-demand.yaml | 24 ++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index bb4a2c4c74..d288aad98f 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -105,10 +105,11 @@ paths: A `QOS_STATUS_CHANGED` event notification with `qosStatus` as `UNAVAILABLE` will also be send if the network terminates the session before the requested duration expired - NOTE: in case of a `QOS_STATUS_CHANGED` event with `qosStatus` as `UNAVAILABLE` and `statusInfo` as `NETWORK_TERMINATED` the resources of the QoS session are not directly released, but will get deleted automatically at earliest 360 seconds after the event. - This behavior allows clients which are not receiving notification events but are polling to get the session information with - the `qosStatus` `UNAVAILABLE` and `statusInfo` `NETWORK_TERMINATED`. Before a client can attempt to create a new QoD session - for the same device and flow period they must release the session resources with an explicit `delete` operation if not yet automatically deleted. + **NOTES:** + - In case of a `QOS_STATUS_CHANGED` event with `qosStatus` as `UNAVAILABLE` and `statusInfo` as `NETWORK_TERMINATED` the resources of the QoS session are not directly released, but will get deleted automatically at earliest 360 seconds after the event. + + This behavior allows clients which are not receiving notification events but are polling to get the session information with the `qosStatus` `UNAVAILABLE` and `statusInfo` `NETWORK_TERMINATED`. Before a client can attempt to create a new QoD session for the same device and flow period they must release the session resources with an explicit `delete` operation if not yet automatically deleted. + - The access token may be either 2-legged or 3-legged. If a 3-legged access token is used, the end user identified by the `device` parameter must also be associated with the access token. operationId: createSession security: @@ -274,7 +275,12 @@ paths: tags: - QoS Sessions summary: Get QoS session information - description: Querying for QoS session resource information details + description: | + Querying for QoS session resource information details + + **NOTES:** + - The access token may be either 2-legged or 3-legged. If a 3-legged access token is used, the end user associated with the session must also be associated with the access token. + operationId: getSession security: - openId: @@ -326,6 +332,10 @@ paths: - `qosStatus` as `UNAVAILABLE` and - `statusInfo` as `DELETE_REQUESTED` There will be no notification event if the `qosStatus` was already `UNAVAILABLE`. + + **NOTES:** + - The access token may be either 2-legged or 3-legged. If a 3-legged access token is used, the end user associated with the session must also be associated with the access token. + operationId: deleteSession security: - openId: @@ -369,6 +379,10 @@ paths: - Previous duration: 30,000 seconds - Requested additional duration: 30,000 seconds - New overall session duration: 50,000 seconds (the maximum allowed) + + **NOTES:** + - The access token may be either 2-legged or 3-legged. If a 3-legged access token is used, the end user associated with the session must also be associated with the access token. + operationId: extendQosSessionDuration security: - openId: From 821972e425516437de6e877965e80023a0d12b5f Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Mon, 24 Jun 2024 15:51:48 +0100 Subject: [PATCH 15/32] Add notes on 2- and 3-legged token use --- code/API_definitions/qos-profiles.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 51b3832bd2..9407de50fc 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -55,8 +55,10 @@ paths: - QoS Profiles summary: "Get All QoS Profiles" description: | - Returns all QoS Profiles that match the given criteria. - If no criteria is given, all QoS Profiles are returned. + Returns all QoS Profiles that match the given criteria, or all profiles if no criteria is specified. + + The access token may be either a 2-legged or 3-legged access token. If the access token is 3-legged, all returned QoS Profiles must be available to all end users associated with the access token. + operationId: getQosProfiles security: - openId: @@ -106,6 +108,9 @@ paths: operationId: getQosProfile description: | Returns a QoS Profile that matches the given name. + + The access token may be either a 2-legged or 3-legged access token. If the access token is 3-legged, a QoS Profile is only returned if available to all end users associated with the access token. + security: - openId: - qos-profiles:qos-profiles:read From 63dcebd84ea1b6f8802c61583c808ad6b8d3149a Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Mon, 24 Jun 2024 15:55:41 +0100 Subject: [PATCH 16/32] Fix trailing space --- code/API_definitions/quality-on-demand.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index d288aad98f..e46882ff5e 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -109,7 +109,7 @@ paths: - In case of a `QOS_STATUS_CHANGED` event with `qosStatus` as `UNAVAILABLE` and `statusInfo` as `NETWORK_TERMINATED` the resources of the QoS session are not directly released, but will get deleted automatically at earliest 360 seconds after the event. This behavior allows clients which are not receiving notification events but are polling to get the session information with the `qosStatus` `UNAVAILABLE` and `statusInfo` `NETWORK_TERMINATED`. Before a client can attempt to create a new QoD session for the same device and flow period they must release the session resources with an explicit `delete` operation if not yet automatically deleted. - - The access token may be either 2-legged or 3-legged. If a 3-legged access token is used, the end user identified by the `device` parameter must also be associated with the access token. + - The access token may be either 2-legged or 3-legged. If a 3-legged access token is used, the end user identified by the `device` parameter must also be associated with the access token. operationId: createSession security: From bf556952f3aaa934db2c4f53bd42911551e6f606 Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Mon, 24 Jun 2024 15:56:21 +0100 Subject: [PATCH 17/32] Fix trailing spaces --- code/API_definitions/qos-profiles.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 9407de50fc..9104f01f6e 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -56,7 +56,7 @@ paths: summary: "Get All QoS Profiles" description: | Returns all QoS Profiles that match the given criteria, or all profiles if no criteria is specified. - + The access token may be either a 2-legged or 3-legged access token. If the access token is 3-legged, all returned QoS Profiles must be available to all end users associated with the access token. operationId: getQosProfiles From 294512b2c26b3484318b37d69e2ca4c919b41001 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Mon, 24 Jun 2024 22:58:11 +0200 Subject: [PATCH 18/32] revert: https --- code/API_definitions/qos-profiles.yaml | 2 +- code/API_definitions/quality-on-demand.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index a33a10a0ae..1e7387251c 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -19,7 +19,7 @@ info: # Further info and support (FAQs will be added in a later version of the documentation) - termsOfService: https://swagger.io/terms/ + termsOfService: http://swagger.io/terms/ contact: email: project-email@sample.com license: diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 5099cd23a5..c9d812a091 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -58,7 +58,7 @@ info: # Further info and support (FAQs will be added in a later version of the documentation) - termsOfService: https://swagger.io/terms/ + termsOfService: http://swagger.io/terms/ contact: email: project-email@sample.com license: From 87db5d2e9e77ebdc15b785e38b721f1c7275159f Mon Sep 17 00:00:00 2001 From: Randy Levensalor Date: Wed, 26 Jun 2024 17:49:23 -0600 Subject: [PATCH 19/32] Remove ToS and contact info --- code/API_definitions/qos-profiles.yaml | 3 --- code/API_definitions/quality-on-demand.yaml | 3 --- 2 files changed, 6 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 7b28940b57..e8a2c52346 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -19,9 +19,6 @@ info: # Further info and support (FAQs will be added in a later version of the documentation) - termsOfService: http://swagger.io/terms/ - contact: - email: project-email@sample.com license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index e849b12a26..7973f2eb69 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -58,9 +58,6 @@ info: # Further info and support (FAQs will be added in a later version of the documentation) - termsOfService: http://swagger.io/terms/ - contact: - email: project-email@sample.com license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html From 99f2790b524a174733bb77fd8263d6fb701055d0 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Fri, 28 Jun 2024 14:29:05 +0200 Subject: [PATCH 20/32] fix: remove 409 out of qos-profiles.yaml and update the 409 message in quality-on-demand.yaml --- code/API_definitions/qos-profiles.yaml | 14 -------------- code/API_definitions/quality-on-demand.yaml | 2 +- 2 files changed, 1 insertion(+), 15 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 1e7387251c..a70213431e 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -501,20 +501,6 @@ components: code: NOT_ACCEPTABLE message: The server cannot produce a response matching the content requested by the client through `Accept-*` headers. - SessionInConflict409: - description: Conflict - headers: - x-correlator: - $ref: '#/components/headers/x-correlator' - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorInfo" - example: - status: 409 - code: CONFLICT - message: "Another session is created for the same device" - Generic429: description: Too Many Requests headers: diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index c9d812a091..e405672acd 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -1009,7 +1009,7 @@ components: example: status: 409 code: CONFLICT - message: "Another session is created for the same device" + message: Creating multiple sessions for a device are not allowed. Generic415: description: Unsupported Media Type From 1b2ab6fb85d9acccc5be969d3f0948099a36234d Mon Sep 17 00:00:00 2001 From: Ramesh Shanmugasundaram Date: Fri, 28 Jun 2024 14:54:45 +0100 Subject: [PATCH 21/32] Remove unused messages object in SessionInfo schema --- code/API_definitions/quality-on-demand.yaml | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 7973f2eb69..1397bcbcdc 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -549,10 +549,6 @@ components: $ref: "#/components/schemas/QosStatus" statusInfo: $ref: "#/components/schemas/StatusInfo" - messages: - type: array - items: - $ref: "#/components/schemas/Message" required: - sessionId - duration @@ -835,21 +831,6 @@ components: - 2001:db8:85a3:8d3::0/64 - 2001:db8:85a3:8d3::/64 - Message: - description: Message with additional information - type: object - properties: - severity: - description: Message severity - type: string - enum: ["INFO", "WARNING"] - description: - description: Detailed message text - type: string - required: - - severity - - description - QosStatus: description: | The current status of the requested QoS session. The status can be one of the following: From f46d563805d177f7c30273b47114cc587b66f6c7 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Wed, 10 Jul 2024 21:41:05 +0200 Subject: [PATCH 22/32] Update code/API_definitions/quality-on-demand.yaml Co-authored-by: Herbert Damker <52109189+hdamker@users.noreply.github.com> --- code/API_definitions/quality-on-demand.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index e405672acd..760fdec5c0 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -1009,7 +1009,7 @@ components: example: status: 409 code: CONFLICT - message: Creating multiple sessions for a device are not allowed. + message: Conflict with an existing session for the same device. Generic415: description: Unsupported Media Type From 5cbb6c2b8ebbb479b7f3b28042c90dbe07a508fa Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Wed, 10 Jul 2024 21:46:47 +0200 Subject: [PATCH 23/32] revert: remove 405, 406 and 415 --- code/API_definitions/qos-profiles.yaml | 42 ------------- code/API_definitions/quality-on-demand.yaml | 67 --------------------- 2 files changed, 109 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index a70213431e..37ff41bf37 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -82,10 +82,6 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/QosProfilesNotFound404" - "405": - $ref: "#/components/responses/Generic405" - "406": - $ref: "#/components/responses/Generic406" "429": $ref: "#/components/responses/Generic429" "500": @@ -127,10 +123,6 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/QosProfileNotFound404" - "405": - $ref: "#/components/responses/Generic405" - "406": - $ref: "#/components/responses/Generic406" "429": $ref: "#/components/responses/Generic429" "500": @@ -467,40 +459,6 @@ components: code: NOT_FOUND message: "QosProfile Id does not exist" - Generic405: - description: Method Not Allowed - headers: - x-correlator: - $ref: '#/components/headers/x-correlator' - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorInfo" - examples: - GENERIC_405_METHOD_NOT_ALLOWED: - description: Invalid HTTP verb used with a given endpoint - value: - status: 405 - code: METHOD_NOT_ALLOWED - message: The requested method is not allowed/supported on the target resource. - - Generic406: - description: Not Acceptable - headers: - x-correlator: - $ref: "#/components/headers/x-correlator" - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorInfo" - examples: - GENERIC_406_NOT_ACCEPTABLE: - description: API Server does not accept the media type (`Accept-*` header) indicated by API client - value: - status: 406 - code: NOT_ACCEPTABLE - message: The server cannot produce a response matching the content requested by the client through `Accept-*` headers. - Generic429: description: Too Many Requests headers: diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 760fdec5c0..0ebb5012fa 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -238,14 +238,8 @@ paths: $ref: "#/components/responses/Generic401" "403": $ref: "#/components/responses/Generic403" - "405": - $ref: "#/components/responses/Generic405" - "406": - $ref: "#/components/responses/Generic406" "409": $ref: "#/components/responses/SessionInConflict409" - "415": - $ref: "#/components/responses/Generic415" "429": $ref: "#/components/responses/Generic429" "500": @@ -297,8 +291,6 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/SessionNotFound404" - "406": - $ref: "#/components/responses/Generic406" "429": $ref: "#/components/responses/Generic429" "500": @@ -344,8 +336,6 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/SessionNotFound404" - "406": - $ref: "#/components/responses/Generic406" "429": $ref: "#/components/responses/Generic429" "500": @@ -423,12 +413,6 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/SessionNotFound404" - "405": - $ref: "#/components/responses/Generic405" - "406": - $ref: "#/components/responses/Generic406" - "415": - $ref: "#/components/responses/Generic415" "429": $ref: "#/components/responses/Generic429" "500": @@ -963,40 +947,6 @@ components: code: NOT_FOUND message: "Session Id does not exist" - Generic405: - description: Method Not Allowed - headers: - x-correlator: - $ref: '#/components/headers/x-correlator' - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorInfo" - examples: - GENERIC_405_METHOD_NOT_ALLOWED: - description: Invalid HTTP verb used with a given endpoint - value: - status: 405 - code: METHOD_NOT_ALLOWED - message: The requested method is not allowed/supported on the target resource. - - Generic406: - description: Not Acceptable - headers: - x-correlator: - $ref: "#/components/headers/x-correlator" - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorInfo" - examples: - GENERIC_406_NOT_ACCEPTABLE: - description: API Server does not accept the media type (`Accept-*` header) indicated by API client - value: - status: 406 - code: NOT_ACCEPTABLE - message: The server cannot produce a response matching the content requested by the client through `Accept-*` headers. - SessionInConflict409: description: Conflict headers: @@ -1011,23 +961,6 @@ components: code: CONFLICT message: Conflict with an existing session for the same device. - Generic415: - description: Unsupported Media Type - headers: - x-correlator: - $ref: "#/components/headers/x-correlator" - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorInfo" - examples: - GENERIC_415_UNSUPPORTED_MEDIA_TYPE: - description: Payload format of the request is in an unsupported format by the Server. Should not happen - value: - status: 415 - code: UNSUPPORTED_MEDIA_TYPE - message: The server refuses to accept the request because the payload format is in an unsupported format. - Generic429: description: Too Many Requests headers: From f088b051aea1ebc1d3ff0ca25c00ec64794dadb7 Mon Sep 17 00:00:00 2001 From: Herbert Damker <52109189+hdamker@users.noreply.github.com> Date: Fri, 12 Jul 2024 11:30:54 +0200 Subject: [PATCH 24/32] Delete QoD-API-Readiness-Checklist.md --- .../QoD-API-Readiness-Checklist.md | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 documentation/API_documentation/QoD-API-Readiness-Checklist.md diff --git a/documentation/API_documentation/QoD-API-Readiness-Checklist.md b/documentation/API_documentation/QoD-API-Readiness-Checklist.md deleted file mode 100644 index f9a0a0b6fc..0000000000 --- a/documentation/API_documentation/QoD-API-Readiness-Checklist.md +++ /dev/null @@ -1,13 +0,0 @@ -# QoD API Readiness minimum criteria checklist - -
- -| No | Deliverables/Criteria | Mandatory | Status (Contributed/Approved/Pending/Validated/Partly-Validated)| -|----|----------------------------------|-----------|---------------------------- -| 1 |API Spec | Y | Contributed | -| 2 |API Implementation | Y | Contributed | -| 3 |API Documentation | Y | Contributed | -| 4 |User Stories | Y | Contributed | -| 5 |API test cases | Y | Not Contributed | -| 6 |Validated by atleast 2 operators | Y | Partly validated as currently only validated by DT | -| 7 |Security review | N | | From 0093a780e6b3a21b80f119c46539f572db21e0d1 Mon Sep 17 00:00:00 2001 From: Herbert Damker <52109189+hdamker@users.noreply.github.com> Date: Fri, 12 Jul 2024 11:31:04 +0200 Subject: [PATCH 25/32] Create qos-profiles-API-Readiness-Checklist.md --- .../qos-profiles-API-Readiness-Checklist.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 documentation/API_documentation/qos-profiles-API-Readiness-Checklist.md diff --git a/documentation/API_documentation/qos-profiles-API-Readiness-Checklist.md b/documentation/API_documentation/qos-profiles-API-Readiness-Checklist.md new file mode 100644 index 0000000000..5c8a80e7f8 --- /dev/null +++ b/documentation/API_documentation/qos-profiles-API-Readiness-Checklist.md @@ -0,0 +1,27 @@ +# API Readiness Checklist + +Checklist for qos-profiles v0.11.0-rc.1 in r1.1 + +| Nr | API release assets | alpha | release-candidate | initial
public | stable
public | Status | Comments | +|----|----------------------------------------------|:-----:|:-----------------:|:-------:|:------:|:----:|:----:| +| 1 | API definition | M | M | M | M | tbd | /code/API_definitions/qos-profiles.yaml | +| 2 | Design guidelines from Commonalities applied | O | M | M | M | tbd | | +| 3 | Guidelines from ICM applied | O | M | M | M | Y | | +| 4 | API versioning convention applied | M | M | M | M | Y | | +| 5 | API documentation | M | M | M | M | Y | inline within YAML | +| 6 | User stories | O | O | O | M | N | link | +| 7 | Basic API test cases & documentation | O | M | M | M | tbd | link | +| 8 | Enhanced API test cases & documentation | O | O | O | M | N | link | +| 9 | Test result statement | O | O | O | M | N | link | +| 10 | API release numbering convention applied | M | M | M | M | Y | | +| 11 | Change log updated | M | M | M | M | tbd | /CHANGELOG.md | +| 12 | Previous public release was certified | O | O | O | M | N | | + +To fill the checklist: +- in the line above the table, replace the api-name, api-version and the rx.y by their actual values for the current API version and release. +- in the Status column, put "Y" (yes) if the release asset is available or fulfilled in the current release, a "N" (no) or a "tbd". Example use of "tbd" is in case an alpha or release-candidate API version does not yet provide all mandatory assets for the release. +- in the Comments column, provide the link to the asset once available, and any other relevant comments. + +Note: the checklists of a public API version and of its preceding release-candidate API version can be the same. + +The documentation for the content of the checklist is here: [API Readiness Checklist](https://wiki.camaraproject.org/x/AgAVAQ) From 8b7851089cf4d02c75a02295e3b67013b2f70c5d Mon Sep 17 00:00:00 2001 From: Herbert Damker <52109189+hdamker@users.noreply.github.com> Date: Fri, 12 Jul 2024 11:31:09 +0200 Subject: [PATCH 26/32] Create quality-on-demand-API-Readiness-Checklist.md --- ...ality-on-demand-API-Readiness-Checklist.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 documentation/API_documentation/quality-on-demand-API-Readiness-Checklist.md diff --git a/documentation/API_documentation/quality-on-demand-API-Readiness-Checklist.md b/documentation/API_documentation/quality-on-demand-API-Readiness-Checklist.md new file mode 100644 index 0000000000..06bf140bce --- /dev/null +++ b/documentation/API_documentation/quality-on-demand-API-Readiness-Checklist.md @@ -0,0 +1,27 @@ +# API Readiness Checklist + +Checklist for quality-on-demand v0.11.0-rc.1 in r1.1 + +| Nr | API release assets | alpha | release-candidate | initial
public | stable
public | Status | Comments | +|----|----------------------------------------------|:-----:|:-----------------:|:-------:|:------:|:----:|----| +| 1 | API definition | M | M | M | M | Y | /code/API_definitions/quality-on-demand.yaml | +| 2 | Design guidelines from Commonalities applied | O | M | M | M | tbd | | +| 3 | Guidelines from ICM applied | O | M | M | M | Y | | +| 4 | API versioning convention applied | M | M | M | M | Y | | +| 5 | API documentation | M | M | M | M | Y | inline in YAML | +| 6 | User stories | O | O | O | M | ? | /documentation/API_documentation/QoD_User_Story.md | +| 7 | Basic API test cases & documentation | O | M | M | M | tbd | /code/Test_definitions/QoD_API_Test.feature | +| 8 | Enhanced API test cases & documentation | O | O | O | M | N | link | +| 9 | Test result statement | O | O | O | M | N | | +| 10 | API release numbering convention applied | M | M | M | M | Y | | +| 11 | Change log updated | M | M | M | M | tbd | /CHANGELOG.md | +| 12 | Previous public release was certified | O | O | O | M | ? | | + +To fill the checklist: +- in the line above the table, replace the api-name, api-version and the rx.y by their actual values for the current API version and release. +- in the Status column, put "Y" (yes) if the release asset is available or fulfilled in the current release, a "N" (no) or a "tbd". Example use of "tbd" is in case an alpha or release-candidate API version does not yet provide all mandatory assets for the release. +- in the Comments column, provide the link to the asset once available, and any other relevant comments. + +Note: the checklists of a public API version and of its preceding release-candidate API version can be the same. + +The documentation for the content of the checklist is here: [API Readiness Checklist](https://wiki.camaraproject.org/x/AgAVAQ) From dfb6984cc079ed11a88501f8926aa4a847080ce4 Mon Sep 17 00:00:00 2001 From: Herbert Damker <52109189+hdamker@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:32:38 +0200 Subject: [PATCH 27/32] Removed cucumber directory and its content --- code/cucumber/README.md | 19 -- code/cucumber/pom.xml | 174 ------------------ .../src/test/java/runners/TestRunner.java | 56 ------ .../test/java/stepDefinitions/AppConfig.java | 145 --------------- .../src/test/java/stepDefinitions/Steps.java | 164 ----------------- .../src/test/resources/extent.properties | 8 - .../resources/feature/QoD_API_Test.feature | 70 ------- code/cucumber/src/test/resources/logback.xml | 13 -- 8 files changed, 649 deletions(-) delete mode 100644 code/cucumber/README.md delete mode 100644 code/cucumber/pom.xml delete mode 100644 code/cucumber/src/test/java/runners/TestRunner.java delete mode 100644 code/cucumber/src/test/java/stepDefinitions/AppConfig.java delete mode 100644 code/cucumber/src/test/java/stepDefinitions/Steps.java delete mode 100644 code/cucumber/src/test/resources/extent.properties delete mode 100644 code/cucumber/src/test/resources/feature/QoD_API_Test.feature delete mode 100644 code/cucumber/src/test/resources/logback.xml diff --git a/code/cucumber/README.md b/code/cucumber/README.md deleted file mode 100644 index 29eda7cf12..0000000000 --- a/code/cucumber/README.md +++ /dev/null @@ -1,19 +0,0 @@ -# QA - Tests - Quality on Demand - -## Prerequisites - -1. Ensure QoD App service is up and running on localhost on port 9091. -2. Ensure that scef/nef server is configured for being available on port 8081. - - -Command for starting service locally using jar file :- -Please check Readme.md file for QoD service - - -The following steps are needed to create and deploy docker image for camara cucumber tests: - -1. ```mvn clean package``` - -2. ```docker build -t cucumber .``` - -3. ```docker run -dp 9091:9091 -p cucumber``` diff --git a/code/cucumber/pom.xml b/code/cucumber/pom.xml deleted file mode 100644 index adb0c681dd..0000000000 --- a/code/cucumber/pom.xml +++ /dev/null @@ -1,174 +0,0 @@ - - - 4.0.0 - - - gitlab-maven - https://mvnrepository.com/artifact/org.apache.maven/maven-core - - - QoD-Api-Tests - QoD-Api-Tests - 0.0.1-SNAPSHOT - jar - - Deutsche Telekom AG - - - 17 - 17 - 17 - apache_v2 - CAMARA Project - 2022 - 2023 - - - - org.apache.httpcomponents - httpclient - 4.5.13 - - - io.rest-assured - rest-assured - 5.3.0 - test - - - io.cucumber - cucumber-jvm-deps - 1.0.6 - provided - - - com.jayway.jsonpath - json-path - 2.7.0 - - - com.fasterxml.jackson.core - jackson-annotations - 2.14.0 - - - com.fasterxml.jackson.core - jackson-core - 2.14.0 - - - com.fasterxml.jackson.core - jackson-databind - 2.14.0 - - - io.cucumber - cucumber-java - 7.11.1 - test - - - io.cucumber - cucumber-junit-platform-engine - 7.11.1 - test - - - org.junit.platform - junit-platform-suite - 1.9.2 - test - - - org.junit.jupiter - junit-jupiter - 5.9.0 - test - - - tech.grasshopper - extentreports-cucumber7-adapter - 1.7.0 - - - com.aventstack - extentreports - 5.0.9 - - - org.springframework - spring-beans - 5.3.24 - - - org.projectlombok - lombok - 1.18.24 - provided - - - com.fasterxml.jackson.dataformat - jackson-dataformat-yaml - 2.14.2 - - - com.github.tomakehurst - wiremock - 2.27.2 - test - - - - - - org.codehaus.mojo - license-maven-plugin - 2.0.0 - - . - THIRD-PARTY.md - templates/third-party.ftl - camara - false - true - **/*.java - src - true - --- - Contributors | ${project.organization.name} to CAMARA a Series of LF Projects, LLC - The contributor of this file confirms his sign-off for the Developer Certificate of Origin - (https://developercertificate.org). - - ---license-start - ---license-end - true - true - - - - org.apache.maven.plugins - maven-compiler-plugin - 3.7.0 - - 17 - 17 - UTF-8 - - - - org.apache.maven.plugins - maven-surefire-plugin - 3.0.0-M5 - - - - cucumber.junit-platform.naming-strategy=long - - - - - - - diff --git a/code/cucumber/src/test/java/runners/TestRunner.java b/code/cucumber/src/test/java/runners/TestRunner.java deleted file mode 100644 index 96ea56cea5..0000000000 --- a/code/cucumber/src/test/java/runners/TestRunner.java +++ /dev/null @@ -1,56 +0,0 @@ -/*- - * ---license-start - * CAMARA Project - * --- - * Copyright (C) 2022 - 2023 Contributors | Deutsche Telekom AG to CAMARA a Series of LF Projects, LLC - * - * The contributor of this file confirms his sign-off for the - * Developer Certificate of Origin - * (https://developercertificate.org). - * --- - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ---license-end - */ - -package runners; - -import static io.cucumber.core.options.Constants.FILTER_TAGS_PROPERTY_NAME; -import static io.cucumber.core.options.Constants.GLUE_PROPERTY_NAME; -import static io.cucumber.core.options.Constants.PLUGIN_PROPERTY_NAME; -import static io.cucumber.core.options.Constants.PLUGIN_PUBLISH_QUIET_PROPERTY_NAME; - -import org.junit.platform.suite.api.ConfigurationParameter; -import org.junit.platform.suite.api.ConfigurationParameters; -import org.junit.platform.suite.api.IncludeEngines; -import org.junit.platform.suite.api.SelectClasspathResource; -import org.junit.platform.suite.api.Suite; - -@Suite -@IncludeEngines("cucumber") -@SelectClasspathResource("feature") -@ConfigurationParameters({ - @ConfigurationParameter(key = GLUE_PROPERTY_NAME, value = "stepDefinitions"), - @ConfigurationParameter(key = FILTER_TAGS_PROPERTY_NAME, value = "@QoDSanity"), - @ConfigurationParameter(key = PLUGIN_PUBLISH_QUIET_PROPERTY_NAME, value = "true"), - @ConfigurationParameter( - key = PLUGIN_PROPERTY_NAME, - value = "pretty, " - + "html:target/cucumber-reports/Cucumber.html, " - + "json:target/cucumber-reports/Cucumber.json, " - + "junit:target/cucumber-reports/Cucumber.xml, " - + "com.aventstack.extentreports.cucumber.adapter.ExtentCucumberAdapter:") -}) -public class TestRunner { - -} - diff --git a/code/cucumber/src/test/java/stepDefinitions/AppConfig.java b/code/cucumber/src/test/java/stepDefinitions/AppConfig.java deleted file mode 100644 index 323f45b69d..0000000000 --- a/code/cucumber/src/test/java/stepDefinitions/AppConfig.java +++ /dev/null @@ -1,145 +0,0 @@ -/*- - * ---license-start - * CAMARA Project - * --- - * Copyright (C) 2022 - 2023 Contributors | Deutsche Telekom AG to CAMARA a Series of LF Projects, LLC - * - * The contributor of this file confirms his sign-off for the - * Developer Certificate of Origin - * (https://developercertificate.org). - * --- - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ---license-end - */ - -package stepDefinitions; - -public class AppConfig { - - public static final String BASE_URL = "http://localhost:9091"; - public static final int SCEF_PORT = Integer.parseInt("8081"); - public static final String SCEF_PATH = "/3gpp-as-session-with-qos/v1/scs"; - - public static final String SESSION_ID = "80a7db98-6d1b-46c8-a602-fd6370fe5a21"; - public static final String JSON_STRING_MANDATORY = """ - { - "duration": 10, - "ueId": { - "msisdn": "12345678901", - "ipv4addr": "192.168.0.0/24" - }, - "asId": { - "ipv4addr": "192.168.0.0/24" - }, - "qos": "QOS_E" - } - """; - - public static final String JSON_STRING_ALL_PARAMS = """ - { - "duration": 10, - "ueId": { - "externalId": "123456789@domain.com", - "msisdn": "1234567812", - "ipv4addr": "192.168.1.0/24" - }, - "asId": { - "ipv4addr": "192.168.1.0/24" - }, - "uePorts": { - "ranges": [ - { - "from": 5010, - "to": 5020 - } - ], - "ports": [ - 5060, - 5070 - ] - }, - "asPorts": { - "ranges": [ - { - "from": 5010, - "to": 5020 - } - ], - "ports": [ - 5060, - 5070 - ] - }, - "qos": "QOS_E", - "notificationUri": "http://127.0.0.1:8000/notifications", - "notificationAuthToken": "c8974e592c2fa383d4a3960714" - } - - """; - public static final String JSON_STRING_MANDATORY_PARAMS = """ - { - "duration": 10, - "ueId": { - "msisdn": "12345678902", - "ipv4addr": "192.168.0.0/24" - }, - "asId": { - "ipv4addr": "192.168.0.0/24" - }, - "qos": "" - } - """; - - - public static final String JSON_STRING_ALL = """ - { - "duration": 10, - "ueId": { - "externalId": "123456789@domain.com", - "msisdn": "1234567812", - "ipv4addr": "192.168.1.0/24" - }, - "asId": { - "ipv4addr": "192.168.1.0/24" - }, - "uePorts": { - "ranges": [ - { - "from": 5010, - "to": 5020 - } - ], - "ports": [ - 5060, - 5070 - ] - }, - "asPorts": { - "ranges": [ - { - "from": 5010, - "to": 5020 - } - ], - "ports": [ - 5060, - 5070 - ] - }, - "qos": "QOS_E", - "notificationUri": "http://127.0.0.1:8000/notifications", - "notificationAuthToken": "c8974e592c2fa383d4a3960714" - } - """; - -} diff --git a/code/cucumber/src/test/java/stepDefinitions/Steps.java b/code/cucumber/src/test/java/stepDefinitions/Steps.java deleted file mode 100644 index 9a332131b3..0000000000 --- a/code/cucumber/src/test/java/stepDefinitions/Steps.java +++ /dev/null @@ -1,164 +0,0 @@ -/*- - * ---license-start - * CAMARA Project - * --- - * Copyright (C) 2022 - 2023 Contributors | Deutsche Telekom AG to CAMARA a Series of LF Projects, LLC - * - * The contributor of this file confirms his sign-off for the - * Developer Certificate of Origin - * (https://developercertificate.org). - * --- - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ---license-end - */ - -package stepDefinitions; - - -import static com.github.tomakehurst.wiremock.client.WireMock.aResponse; -import static com.github.tomakehurst.wiremock.client.WireMock.configureFor; -import static com.github.tomakehurst.wiremock.client.WireMock.delete; -import static com.github.tomakehurst.wiremock.client.WireMock.post; -import static com.github.tomakehurst.wiremock.client.WireMock.stubFor; -import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; -import static com.github.tomakehurst.wiremock.client.WireMock.urlMatching; -import static org.junit.jupiter.api.Assertions.assertEquals; - -import com.github.tomakehurst.wiremock.WireMockServer; -import com.jayway.jsonpath.JsonPath; -import io.cucumber.java.BeforeAll; -import io.cucumber.java.en.Given; -import io.cucumber.java.en.Then; -import io.cucumber.java.en.When; -import io.restassured.RestAssured; -import io.restassured.specification.RequestSpecification; -import lombok.extern.slf4j.Slf4j; -import org.junit.jupiter.api.AfterAll; - - -@Slf4j -public class Steps { - - private final static String PATH = "/qod/v0/sessions"; - private static WireMockServer wireMockServer; - private io.restassured.response.Response response; - private RequestSpecification request; - - @BeforeAll - public static void setUp() { - wireMockServer = new WireMockServer(AppConfig.SCEF_PORT); - wireMockServer.start(); - } - - @Given("Use the QoD MOCK URL") - public void useTheQoDMOCKURL() { - RestAssured.reset(); - RestAssured.baseURI = AppConfig.BASE_URL; - request = RestAssured.given(); - log.info("Setting up!"); - configureFor("localhost", AppConfig.SCEF_PORT); - RestAssured.port = AppConfig.SCEF_PORT; - stubFor(post(urlEqualTo(AppConfig.SCEF_PATH + "/subscriptions")) - .willReturn(aResponse() - .withStatus(201) - .withHeader("Content-Type", "application/json") - //QoD Session API needs only subscription-id from response and hence only self is considered - .withBody("{\"self\": \"https://foo.com/subscriptions/123\"}") - ) - ); - log.info("MockServer Started"); - stubFor(delete(urlMatching(AppConfig.SCEF_PATH + "/subscriptions/123")).willReturn( - aResponse().withStatus(204))); - } - - public void postRequestByResource(String requestBody) { - request.header("Content-Type", "application/json"); - log.info(requestBody); - response = request.body(requestBody).post(PATH); - log.info("Response HTTP Status code: " + response.getStatusCode()); - log.info("Response Body: " + response.getBody().asString()); - - } - - @When("Create a new QoD session with mandatory parameters") - public void createSession() { - postRequestByResource(AppConfig.JSON_STRING_MANDATORY); - } - - @When("Delete existing QoD session") - public void deleteExistingQoDSession() { - String sessionId = JsonPath.read(response.asString(), "id"); - log.info(sessionId); - String path = PATH + "/" + sessionId; - response = request.delete(path); - } - - @When("Delete Invalid QoD session") - public void deleteInvalidSession() { - String path = PATH + "/" + AppConfig.SESSION_ID; - response = request.delete(path); - } - - @Then("Response code is {int}") - public void checkResponse(int iResponse) { - assertEquals(iResponse, response.getStatusCode()); - } - - @AfterAll - public static void afterAll() { - System.out.println("Running: tearDown"); - wireMockServer.stop(); - } - - - @When("Create a new QoD session with all parameters") - public void createANewQoDSessionWithAllParameters() { - postRequestByResource(AppConfig.JSON_STRING_ALL); - } - - @When("Get QoD session") - public void getSession() { - String sessionId = JsonPath.read(response.asString(), "id"); - String path = PATH + "/" + sessionId; - response = request.get(path); - log.info("Response HTTP Status code: " + response.getStatusCode()); - } - - @Given("Use the QoD MOCK URL with invalid scenario") - public void useTheQoDMOCKURLWithInvalidScenario() { - RestAssured.reset(); - RestAssured.baseURI = AppConfig.BASE_URL; - request = RestAssured.given(); - log.info("Setting up!"); - configureFor("localhost", AppConfig.SCEF_PORT); - RestAssured.port = AppConfig.SCEF_PORT; - stubFor(post(urlEqualTo(AppConfig.SCEF_PATH + "/subscriptions")) - .willReturn(aResponse() - .withStatus(500) - .withHeader("Content-Type", "application/json") - .withBody("{\"self\": \"https://foo.com/subscriptions/\"}") - ) - ); - } - - @When("Create a new QoD session with parameters") - public void createANewQoDSessionWithParameters() { - - postRequestByResource(AppConfig.JSON_STRING_MANDATORY_PARAMS); - } - - @When("Create a new QoD session along with all parameters") - public void createANewQoDSessionAlongWithAllParameters() { - postRequestByResource(AppConfig.JSON_STRING_ALL_PARAMS); - } -} diff --git a/code/cucumber/src/test/resources/extent.properties b/code/cucumber/src/test/resources/extent.properties deleted file mode 100644 index a87b806aee..0000000000 --- a/code/cucumber/src/test/resources/extent.properties +++ /dev/null @@ -1,8 +0,0 @@ -#PDF Report -extent.reporter.pdf.start=true -extent.reporter.pdf.out=target/cucumber-reports/CucumberExtentReport.pdf -#HTML Report -extent.reporter.html.start=true -extent.reporter.html.out=target/cucumber-reports/CucumberExtentReport.html - - diff --git a/code/cucumber/src/test/resources/feature/QoD_API_Test.feature b/code/cucumber/src/test/resources/feature/QoD_API_Test.feature deleted file mode 100644 index fdc6e40750..0000000000 --- a/code/cucumber/src/test/resources/feature/QoD_API_Test.feature +++ /dev/null @@ -1,70 +0,0 @@ -#/*- ---license-start -#* CAMARA Project -#* --- -#* Copyright (C) 2022 - 2023 Contributors | Deutsche Telekom AG to CAMARA a Series of LF Projects, LLC -#* The contributor of this file confirms his sign-off for the -#* Developer Certificate of Origin (http://developercertificate.org). -#* --- -#* Licensed under the Apache License, Version 2.0 (the "License"); -#* you may not use this file except in compliance with the License. -#* You may obtain a copy of the License at -#* -#* http://www.apache.org/licenses/LICENSE-2.0 -#* -#* Unless required by applicable law or agreed to in writing, software -#* distributed under the License is distributed on an "AS IS" BASIS, -#* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -#* See the License for the specific language governing permissions and -#* limitations under the License. -#* ---license-end -#*/ - -@QoD @QoDSanity -Feature: Automated QoD System Integration Test - - @QQoDSessionCreateGetDelete - Scenario: Create QoD session with mandatory parameters - Given Use the QoD MOCK URL - When Create a new QoD session with mandatory parameters - Then Response code is 201 - When Get QoD session - Then Response code is 200 - When Delete existing QoD session - Then Response code is 204 - - @QoDSessionCreateGetDeleteAllparams - Scenario: Create QoD session with all parameters & Deletion of Session id - Given Use the QoD MOCK URL - When Create a new QoD session with all parameters - Then Response code is 201 - When Get QoD session - Then Response code is 200 - When Delete existing QoD session - Then Response code is 204 - - @QoDCreateSessionDeleteInvalidSession - Scenario: Delete a Invalid QoD session for session id - Given Use the QoD MOCK URL - When Create a new QoD session with mandatory parameters - Then Response code is 201 - When Delete Invalid QoD session - Then Response code is 404 - - - @QoDInvalidCreateSession - Scenario: QoD session with 5XX response - # Test with end point not reachable - Given Use the QoD MOCK URL with invalid scenario - When Create a new QoD session along with all parameters - Then Response code is 500 - - - @QoDInvalidCreateSessionpayload - Scenario: QoD session with invalid payload 4XX - # Test with invalid Payload - Given Use the QoD MOCK URL with invalid scenario - When Create a new QoD session with parameters - Then Response code is 400 - - - diff --git a/code/cucumber/src/test/resources/logback.xml b/code/cucumber/src/test/resources/logback.xml deleted file mode 100644 index 13a47f70c9..0000000000 --- a/code/cucumber/src/test/resources/logback.xml +++ /dev/null @@ -1,13 +0,0 @@ - - - - - %d{dd-MM-yyyy HH:mm:ss.SSS} [%thread] %-5level %logger{36}.%M - %replace(%msg){'[\r\n]', ''}%n - - - - - - - - \ No newline at end of file From 98f700afef0c3d3805c702f3488afac389548ad5 Mon Sep 17 00:00:00 2001 From: Herbert Damker <52109189+hdamker@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:50:11 +0200 Subject: [PATCH 28/32] Update quality-on-demand.yaml --- code/API_definitions/quality-on-demand.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 42d4285669..a2d158dbb9 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -26,7 +26,7 @@ info: Latency, throughput or priority requirements of the application mapped to relevant QoS profile values. The set of QoS Profiles that an operator is offering can be retrieved by means of the [QoS Profile API](link TBC). * **Identifier for the device**: - At least one identifier for the device (user equipment) out of four options: IPv4 address, IPv6 address, Phone number, or Network Access Identifier [[5]](#5) assigned by the mobile network operator for the device. + At least one identifier for the device (user equipment) out of four options: IPv4 address, IPv6 address, Phone number, or Network Access Identifier assigned by the mobile network operator for the device. Note: Network Access Identifier is defined for future use and will not be supported with v0.11.0 of the API. * **Identifier for the application server**: IPv4 and/or IPv6 address of the application server (application backend) From 84d2f1acfb5917ab81391fd1e1bdd76e04faf122 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Fri, 12 Jul 2024 23:24:59 +0200 Subject: [PATCH 29/32] revert: remove HTTP-429 from qos-profiles.yaml --- code/API_definitions/qos-profiles.yaml | 27 -------------------------- 1 file changed, 27 deletions(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 37ff41bf37..7b28940b57 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -82,8 +82,6 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/QosProfilesNotFound404" - "429": - $ref: "#/components/responses/Generic429" "500": $ref: "#/components/responses/QoSProfile500" "503": @@ -123,8 +121,6 @@ paths: $ref: "#/components/responses/Generic403" "404": $ref: "#/components/responses/QosProfileNotFound404" - "429": - $ref: "#/components/responses/Generic429" "500": $ref: "#/components/responses/QoSProfile500" "503": @@ -459,29 +455,6 @@ components: code: NOT_FOUND message: "QosProfile Id does not exist" - Generic429: - description: Too Many Requests - headers: - x-correlator: - $ref: "#/components/headers/x-correlator" - content: - application/json: - schema: - $ref: "#/components/schemas/ErrorInfo" - examples: - GENERIC_429_QUOTA_EXCEEDED: - description: Request is rejected due to exceeding a business quota limit - value: - status: 429 - code: QUOTA_EXCEEDED - message: Either out of resource quota or reaching rate limiting. - GENERIC_429_TOO_MANY_REQUESTS: - description: API Server request limit is overpassed - value: - status: 429 - code: TOO_MANY_REQUESTS - message: Either out of resource quota or reaching rate limiting. - QoSProfile500: description: Internal server error headers: From 54247cd762a692690e5ce07ecbd69919cd51009a Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Fri, 26 Jul 2024 11:24:51 +0100 Subject: [PATCH 30/32] Update ICM Authorisation and Authentication template in qos-profiles.yaml --- code/API_definitions/qos-profiles.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/code/API_definitions/qos-profiles.yaml b/code/API_definitions/qos-profiles.yaml index 032b5b518f..6804c7c5d4 100644 --- a/code/API_definitions/qos-profiles.yaml +++ b/code/API_definitions/qos-profiles.yaml @@ -18,7 +18,9 @@ info: # Authorization and Authentication - CAMARA guidelines defines a set of authorization flows which can grant API clients access to the API functionality, as outlined in the document [CAMARA-API-access-and-user-consent.md](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-API-access-and-user-consent.md). Which specific authorization flows are to be used will be determined during onboarding process, happening between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API, while also being subject to the prevailing legal framework dictated by local legislation. + [Camara Security and Interoperability Profile](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-Security-Interoperability.md) provides details on how a client requests an access token. + + Which specific authorization flows are to be used will be determined during onboarding process, happening between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API, while also being subject to the prevailing legal framework dictated by local legislation. It is important to remark that in cases where personal user data is processed by the API, and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of 3-legged access tokens becomes mandatory. This measure ensures that the API remains in strict compliance with user privacy preferences and regulatory obligations, upholding the principles of transparency and user-centric data control. From 335575284bfc871fd769bc75730454992ed3ad0e Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Fri, 26 Jul 2024 11:27:52 +0100 Subject: [PATCH 31/32] Update ICM Authorisation and Authentication template in quality-on-demand.yaml --- code/API_definitions/quality-on-demand.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/code/API_definitions/quality-on-demand.yaml b/code/API_definitions/quality-on-demand.yaml index 1b41ac6653..d9b4718d42 100644 --- a/code/API_definitions/quality-on-demand.yaml +++ b/code/API_definitions/quality-on-demand.yaml @@ -57,7 +57,9 @@ info: # Authorization and Authentication - CAMARA guidelines defines a set of authorization flows which can grant API clients access to the API functionality, as outlined in the document [CAMARA-API-access-and-user-consent.md](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-API-access-and-user-consent.md). Which specific authorization flows are to be used will be determined during onboarding process, happening between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API, while also being subject to the prevailing legal framework dictated by local legislation. + [Camara Security and Interoperability Profile](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-Security-Interoperability.md) provides details on how a client requests an access token. + + Which specific authorization flows are to be used will be determined during onboarding process, happening between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API, while also being subject to the prevailing legal framework dictated by local legislation. It is important to remark that in cases where personal user data is processed by the API, and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of 3-legged access tokens becomes mandatory. This measure ensures that the API remains in strict compliance with user privacy preferences and regulatory obligations, upholding the principles of transparency and user-centric data control. From aa2e5304accf34274abbffb8a71079a96874a5bf Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Fri, 26 Jul 2024 14:48:38 +0200 Subject: [PATCH 32/32] Add jlurien as CODEOWNER --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 740c0434d8..d81c55ba36 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -5,7 +5,7 @@ # For more details, read the following article on GitHub: https://help.github.com/articles/about-codeowners/. # These are the default owners for the whole content of this repository. The default owners are automatically added as reviewers when you open a pull request, unless different owners are specified in the file. -* @hdamker @eric-murray @RandyLevensalor +* @hdamker @eric-murray @RandyLevensalor @jlurien # Owners of the CODEOWNER and Maintainer.md files are the admins of CAMARA (to allow them to keep the teams within the CAMARA organization in sync in case of changes) /CODEOWNERS @camaraproject/admins