From 1a3966e88c117788ad55f185d063542ffff4ed88 Mon Sep 17 00:00:00 2001 From: Hrishikesh Ballal Date: Thu, 27 Feb 2020 13:58:09 +0000 Subject: [PATCH] Added new scope, reformatting and fixing scope for some calls --- api/dss.yaml | 129 ++++++++++++++++++++++++++------------------------- 1 file changed, 66 insertions(+), 63 deletions(-) diff --git a/api/dss.yaml b/api/dss.yaml index 5142ef0..8bb275f 100755 --- a/api/dss.yaml +++ b/api/dss.yaml @@ -192,6 +192,64 @@ paths: $ref: '#/components/schemas/EntityUUID' in: path required: true + /v1/uss/isas/{id}: + summary: Notifications of change to Identification Service Areas. + post: + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PutIdentificationServiceAreaNotificationParameters' + required: true + tags: + - p2p_rid + responses: + "204": + description: Information for Identification Service Area was updated successfully. + "400": + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + description: |- + * One or more parameters were missing or invalid. + * The Identification Service Area information could not be parsed, or contains illegal data. + "401": + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + description: Bearer access token was not provided in Authorization header, + token could not be decoded, or token was invalid. + "403": + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + description: |- + * The access token was decoded successfully but did not include a scope appropriate to this endpoint. + * The client identified in the access token is not the owner of this Entity according to the receiving client's records. + "409": + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + description: The Entity version specified in this message is identical to + a previously-received notification and the Entity is different. + security: + - AuthFromAuthorizationAuthority: + - dss.write.identification_service_areas + summary: /uss/isas/{id} + description: 'Hosted by a remote ID display provider using Subscriptions: publish + new full information of an Identification Service Area to the host of this + endpoint (usually because of instructions from the DSS triggered by a subscription).' + parameters: + - name: id + description: EntityUUID of the Identification Service Area. + schema: + $ref: '#/components/schemas/EntityUUID' + in: path + required: true /v1/dss/isas/{id}/{version}: summary: A specific version of an Identification Service Area in the DSS. put: @@ -1157,7 +1215,6 @@ paths: security: - AuthFromAuthorizationAuthority: - dss.read.identification_service_areas - - dss.write.identification_service_areas summary: /dss/subscriptions/{id} description: Verify the existence/valdity and state of a particular subscription. put: @@ -1222,8 +1279,8 @@ paths: likely be hit by, e.g., a large remote ID display provider that created a Subscription for each of their display client users' views. security: - - AuthFromAuthorizationAuthority: - - dss.read.identification_service_areas + - AuthFromAuthorizationAuthority: + - dss.write.identification_service_areas summary: /dss/subscriptions/{id} description: |- Create a subscription. This call will fail if a Subscription with the same ID already exists. @@ -1302,7 +1359,7 @@ paths: a Subscription for each of their display client users' views. security: - AuthFromAuthorizationAuthority: - - dss.read.identification_service_areas + - dss.write.identification_service_areas summary: /dss/subscriptions/{id}/{version} description: |- Update a Subscription. The full content of the existing Subscription will be replaced with the provided information as only the most recent version is retained. @@ -1355,7 +1412,7 @@ paths: * Despite repeated attempts, the DSS was unable to update the DAR because of other simultaneous changes. security: - AuthFromAuthorizationAuthority: - - dss.read.identification_service_areas + - dss.write.identification_service_areas summary: /dss/subscriptions/{id}/{version} description: Delete a subscription. parameters: @@ -1483,64 +1540,6 @@ paths: type: string in: path required: true - /v1/uss/isas/{id}: - summary: Notifications of change to Identification Service Areas. - post: - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PutIdentificationServiceAreaNotificationParameters' - required: true - tags: - - p2p_rid - responses: - "204": - description: Information for Identification Service Area was updated successfully. - "400": - content: - application/json: - schema: - $ref: '#/components/schemas/ErrorResponse' - description: |- - * One or more parameters were missing or invalid. - * The Identification Service Area information could not be parsed, or contains illegal data. - "401": - content: - application/json: - schema: - $ref: '#/components/schemas/ErrorResponse' - description: Bearer access token was not provided in Authorization header, - token could not be decoded, or token was invalid. - "403": - content: - application/json: - schema: - $ref: '#/components/schemas/ErrorResponse' - description: |- - * The access token was decoded successfully but did not include a scope appropriate to this endpoint. - * The client identified in the access token is not the owner of this Entity according to the receiving client's records. - "409": - content: - application/json: - schema: - $ref: '#/components/schemas/ErrorResponse' - description: The Entity version specified in this message is identical to - a previously-received notification and the Entity is different. - security: - - AuthFromAuthorizationAuthority: - - dss.write.identification_service_areas - summary: /uss/isas/{id} - description: 'Hosted by a remote ID display provider using Subscriptions: publish - new full information of an Identification Service Area to the host of this - endpoint (usually because of instructions from the DSS triggered by a subscription).' - parameters: - - name: id - description: EntityUUID of the Identification Service Area. - schema: - $ref: '#/components/schemas/EntityUUID' - in: path - required: true /v1/uss/ops/{id}: summary: Full information of an OperationalIntent. get: @@ -3512,7 +3511,10 @@ components: for Constraints for UTM. utm.write.constraints: Client may create, edit, and delete Constraints for UTM. + dss.read.hostnames: Client may read the status of hostnames in the DSS. A remote ID service provider + shall be granted this scope upon request. dss.write.hostnames: Client may update the status of hostnames in the DSS. + type: oauth2 description: |- Authorization from, or on behalf of, an authorization authority. This authority shall issue access tokens that are JSON Web Tokens as defined in RFC 7519, using the `RS256` algorithm for the signature, and publish to all providers the public key for verifying that signature. @@ -3534,6 +3536,7 @@ security: - utm.write.operational_intents - utm.read.constraints - utm.write.constraints + - dss.read.hostnames - dss.write.hostnames tags: - name: dss_isas