Merge branch '5.3.1' into 'Release-5' (e2f6527a) · Commits · NFV - Network Functions Virtualisation / SOL023

README.md

0 → 100644

+25 −0

Original line number	Diff line number	Diff line
		# NFV SOL023 APIs

		This repository hosts the [OpenAPI](https://www.openapis.org/) specifications and other documentation for the APIs defined in ETSI GS NFV-SOL 023 v5.3.1.

		The APIs described in this repository are defined for the following reference point

		* Cm-Vnfm

		IMPORTANT: In case of discrepancies the published ETSI Group Specification takes precedence.

		More information at [NFV Solutions wiki](https://nfvwiki.etsi.org/index.php?title=NFV_Solutions).

		## How to raise issues

		Please report errors, bugs or other issues [here](https://forge.etsi.org/rep/nfv/SOL023/issues).

		## How to contribute

		ETSI Forge uses Gitlab to manage submissions to the repository. Check the project page [here](https://forge.etsi.org/rep/nfv/SOL023).
		More information is available [here](https://nfvwiki.etsi.org/index.php?title=SOL_OpenAPI_Main_Page#How_to_Contribute).

		## License

		The content of this repository and the files contained are released under the BSD-3-Clause license.
		See the attached LICENSE file or visit https://forge.etsi.org/legal-matters.
		No newline at end of file

src/SOL023/APIVersion/APIVersion.yaml

0 → 100644

+25 −0

Original line number	Diff line number	Diff line
		openapi: 3.0.2

		info:
		title: SOL023 - API version interface
		description: \|
		SOL023 - API version interface

		IMPORTANT: Please note that this file might be not aligned to the current
		version of the ETSI Group Specification it refers to. In case of
		discrepancies the published ETSI Group Specification takes precedence.

		Please report bugs to https://forge.etsi.org/rep/nfv/SOL023/issues

		contact:
		name: NFV-SOL WG
		license:
		name: ETSI Forge copyright notice
		url: https://forge.etsi.org/etsi-forge-copyright-notice.txt
		version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1

		paths:
		/nfv-cert/api_versions:
		$ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions
		/vnflcm/api_versions:
		$ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions

src/SOL023/CertificateManagement/CertificateManagement.yaml

0 → 100644

+889 −0

File added.

Preview size limit exceeded, changes collapsed.

src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml

0 → 100644

+474 −0

Original line number	Diff line number	Diff line
		definitions:
		SubjectInstance:
		description: >
		This type represents a subject instance.

		NOTE 1: Registration of target certificates of type 'MANO certificate' is not covered in this version
		of the present document.

		NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent.
		type: object
		required:
		- id
		- certType
		- subjectId
		- typeOfVnfcCertHandling
		- _links
		properties:
		id:
		description: >
		Identifier of the Subject instance.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		certType:
		description: >
		Indicate the type of target certificate. The possible values are (see note 1):
		- MANO_certificate
		- VNFCI_certificate
		- VNF_OAM_certificate
		type: string
		enum:
		- MANO_certificate
		- VNFCI_certificate
		- VNF_OAM_certificate
		subjectId:
		description: >
		Data about subjects and their certificates that need to be registered. This attribute shall be present
		only if certType is VNFCI certificate or VNF OAM certificate.
		type: object
		required:
		- subjectId
		- certificateData
		properties:
		subjectId:
		description: >
		The value of the Identifier of the certificate target VNFCI as subject ID if this operation is used for
		the VNFCI certificate or VNF OAM certificate.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		certificateData:
		description: >
		Data related to certificates for the target VNFCI.
		type: object
		required:
		- subjectAlternateName
		properties:
		subjectName:
		description: >
		Subject data of the of VNFCI certificates, i.e., certificate fields related to common name, organization,
		country etc.
		$ref: "#/definitions/CertSubjectData"
		subjectAlternateName:
		description: >
		Subject alternate names of VNFCI certificates.
		type: string
		typeOfVnfcCertHandling:
		description: >
		This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. It indicates the
		mode of certificate management for the target entity. The possible values are:
		- direct_mode
		- delegation_mode
		See note 2.
		type: string
		enum:
		- direct_mode
		- delegation_mode
		_links:
		description: >
		Links to resources related to this resource.
		type: object
		required:
		- self
		properties:
		self:
		description: >
		URI of this resource.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Link"

		RegistrationRequest:
		description: >
		This type represents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033.

		NOTE 1: Registration of target certificates of type 'MANO certificate' is not covered in this version of the
		present document.
		NOTE 2: Only the value "delegation mode" is allowed for this version of the present document.
		type: object
		required:
		- certType
		- subjectId
		- typeOfVnfcCertHandling
		properties:
		certType:
		description: >
		Indicate the type of target certificate. The possible values are (see note 1):
		- MANO_certificate
		- VNFCI_certificate
		- VNF_OAM_certificate
		type: string
		enum:
		- MANO_certificate
		- VNFCI_certificate
		- VNF_OAM_certificate
		subjectId:
		description: >
		Data about subjects and their certificates that need to be registered. This attribute shall be present
		only if certType is VNFCI certificate or VNF OAM certificate.
		type: object
		required:
		- subjectId
		- certificateData
		properties:
		subjectId:
		description: >
		The value of the Identifier of the certificate target VNFCI as subject ID if this operation is used for
		the VNFCI certificate or VNF OAM certificate.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		certificateData:
		description: >
		Data related to certificates for the target VNFCI.
		type: object
		required:
		- subjectAlternateName
		properties:
		subjectName:
		description: >
		Subject data of the of VNFCI certificates, i.e., certificate fields related to common name, organization,
		country etc.
		$ref: "#/definitions/CertSubjectData"
		subjectAlternateName:
		description: >
		Subject alternate names of VNFCI certificates.
		type: string
		typeOfVnfcCertHandling:
		description: >
		This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. It indicates the
		mode of certificate management for the target entity. The possible values are:
		- direct_mode
		- delegation_mode
		See note 2.
		type: string
		enum:
		- direct_mode
		- delegation_mode

		CertSubjectData:
		description: >
		This type provides input information related to subject of certificate.

		NOTE: At least one overriding attributes shall be present, otherwise shall be absent.
		type: object
		properties:
		commonName:
		description: >
		Information of certification target subject FQDN. Can be set empty when this certificate is used for encrypted
		communication using IP address. See note.
		type: string
		organization:
		description: >
		Information of certification target subject Organization. See note.
		type: string
		country:
		description: >
		Information of certification target subject Country. See note.
		type: string
		state:
		description: >
		Information of certification target subject State. See note.
		type: string
		locality:
		description: >
		Information of certification target subject Locality. See note.
		type: string
		emailAddress:
		description: >
		Information of certification contact email address. See note.
		type: string

		#######################################################################
		################# Subscriptions Related Data Models ###################
		#######################################################################

		CertificateSubscriptionRequest:
		description: >
		This type represents request parameters for the "subscribe" operation as defined in ETSI GS NFV-IFA 033.
		type: object
		required:
		- callbackUri
		- authentication
		properties:
		filter:
		description: >
		Filter settings for this subscription, to define the subset of all notifications this
		subscription relates to. A particular notification is sent to the subscriber if the filter
		matches, or if there is no filter.
		$ref: "#/definitions/CertificateChangeNotificationsFilter"
		callbackUri:
		description: >
		The URI of the endpoint to send the notification to.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Uri"
		authentication:
		description: >
		Authentication parameters to configure the use of Authorization when sending notifications
		corresponding to this subscription, as defined in clause 8.3.4 of ETSI GS NFV-SOL 013.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/SubscriptionAuthentication"
		verbosity:
		description: >
		This attribute signals the requested verbosity of certificate notifications. If it is not
		present, it shall default to the value "FULL".
		$ref: "#/definitions/CertificateNotificationVerbosityType"

		CertificateSubscription:
		description: >
		This type represents a subscription related to notification about Certificate.
		type: object
		required:
		- id
		- callbackUri
		- _links
		properties:
		id:
		description: >
		Identifier of this subscription resource.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		filter:
		description: >
		Filter settings for this subscription, to define the subset of all notifications this
		subscription relates to. A particular notification is sent to the subscriber if the filter
		matches, or if there is no filter.
		$ref: "#/definitions/CertificateChangeNotificationsFilter"
		callbackUri:
		description: >
		The URI of the endpoint to send the notification to.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Uri"
		verbosity:
		description: >
		This attribute signals the requested verbosity of certificate notifications. If it is not
		present, it shall default to the value "FULL".
		$ref: "#/definitions/CertificateNotificationVerbosityType"
		_links:
		description: >
		Links to resources related to this resource.
		type: object
		required:
		- self
		properties:
		self:
		description: >
		URI of this resource.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Link"

		CertificateLifecycleStateChangeNotification:
		description: >
		This type represents a subscription related to notification about Certificate.
		type: object
		required:
		- id
		- notificationType
		- subscriptionId
		- timeStamp
		- cetificateState
		- certificateId
		- _links
		properties:
		id:
		description: >
		Identifier of this subscription resource.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		notificationTypes:
		description: >
		Discriminator for the different notification types.
		Shall be set to "CertificateLifecycleStateChangeNotification" for this notification type.
		type: string
		subscriptionId:
		description: >
		Identifier of the subscription that this notification relates to. Shall be set to the value of
		the "id" attribute of the "CertificateSubscription" representing the associated
		"Individual subscription" resource.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		timeStamp:
		description: >
		Date-time of the generation of the notification.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/DateTime"
		cetificateState:
		description: >
		The state of the Certificate.
		$ref: "#/definitions/PKIStatusInfoType"
		certificateId:
		description: >
		The identifier of the Certificate affected.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		verbosity:
		description:
		This attribute signals the verbosity of the notification. If it is not present, it shall
		default to the value "FULL".

		If the value is "SHORT", full change details can be obtained by performing a GET request
		on the "Individual Certificate" resource.
		$ref: "#/definitions/CertificateNotificationVerbosityType"
		affectedSubject:
		description:
		Information about subject instances that were affected.
		$ref: "#/definitions/AffectedSubject"
		affectedCertificate:
		description:
		Information about certificate instances that were affected.
		$ref: "#/definitions/AffectedCertificate"
		error:
		description:
		Details of the latest error, if one has occurred during executing the certificate management
		(see clause 6.3 of ETSI GS NFV-SOL 013).
		$ref: "../../definitions/SOL023_def.yaml#/definitions/ProblemDetails"
		_links:
		description: >
		Links to resources related to this notification. The link URIs in this structure shall be set
		to point to the resources identified by the corresponding identifier attributes in this notification.
		type: object
		required:
		- subscription
		- subject
		- certificate
		properties:
		subscription:
		description: >
		Link to the resource representing the subscription that this notification relates to.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink"
		subject:
		description: >
		Link to the resource representing the subject instance to which the notified change applies.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink"
		certificate:
		description: >
		Links to the resource representing the certificate instance to which the notified change applies.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/NotificationLink"

		CertificateChangeNotificationsFilter:
		description: >
		This type represents a CertificateChangeNotificationsFilter.
		type: object
		properties:
		vnfInstanceSubscriptionFilter:
		description: >
		Filter criteria to select VNF instances about which to notify.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/VnfInstanceSubscriptionFilter"
		cetificateState:
		description: >
		Match particular Certificate state values as reported in notifications of type
		CertificateLifecycleStateChangeNotification.

		May be present if the "notificationTypes" attribute contains the value
		"CertificateLifecycleStateChangeNotification" and shall be absent otherwise.
		type: array
		items:
		$ref: "#/definitions/PKIStatusInfoType"
		certificationType:
		description: >
		Match particular certificate types.

		Permitted values:
		• VNFCI certificate
		• VNF OAM certificate
		type: array
		items:
		type: string
		enum:
		- VNFCI_certificate
		- VNF_OAM_certificate

		AffectedSubject:
		description: >
		This type represents a AffectedSubject.
		type: object
		required:
		- id
		- changeType
		- pkiBody
		properties:
		id:
		description: >
		Identifier of the subject instance.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		changeType:
		description: >
		Signals the type of change.

		Permitted values:
		• ADDED
		• REMOVED
		• MODIFIED
		type: string
		enum:
		- ADDED
		- REMOVED
		- MODIFIED
		pkiBody:
		description: >
		Message-specific information.

		The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480.
		type: object
		required:
		- ip
		properties:
		ip:
		description: >
		Information for Initialization response.
		$ref: "#/definitions/CertRepMessage"

		AffectedCertificate:
		description: >
		This type represents a AffectedCertificate.
		type: object
		required:
		- id
		- changeType
		- pkiBody
		properties:
		id:
		description: >
		Identifier of the certificate instance.
		$ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier"
		changeType:
		description: >
		Signals the type of change.

		Permitted values:
		• ADDED
		• REMOVED
		• MODIFIED
		type: string
		enum:
		- ADDED
		- REMOVED
		- MODIFIED
		pkiBody:
		description: >
		Message-specific information.

		The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480.
		type: object
		required:
		- cp
		properties:
		cp:
		description: >
		Information for CSR response.
		$ref: "#/definitions/CertRepMessage"

		CertificateNotificationVerbosityType:
		description: >
		The enumeration CertificateNotificationVerbosityType provides values to control the verbosity
		of certificate notifications.
		type: string
		enum:
		- FULL
		- SHORT

		# ToDo - populate PKIStatusInfoType when defined
		PKIStatusInfoType:
		description: >
		Not provided.
		type: object

		# ToDo - populate CertRepMessage when defined
		CertRepMessage:
		description: >
		Indicates CMPv2 CertRepMessage structure.
		type: object
		No newline at end of file

src/SOL023/CertificateNotification/CertificateNotification.yaml

0 → 100644

+138 −0

Original line number	Diff line number	Diff line
		openapi: 3.0.2

		info:
		title: SOL023 - Certificate Notification interface
		description: \|
		SOL023 - Certificate Notification interface

		IMPORTANT: Please note that this file might be not aligned to the current
		version of the ETSI Group Specification it refers to. In case of
		discrepancies the published ETSI Group Specification takes precedence.

		Please report bugs to https://forge.etsi.org/rep/nfv/SOL023/issues

		contact:
		name: NFV-SOL WG
		license:
		name: ETSI Forge copyright notice
		url: https://forge.etsi.org/etsi-forge-copyright-notice.txt
		version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1

		externalDocs:
		description: ETSI GS NFV-SOL 023 V5.3.1
		url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf

		servers:
		- url: http://127.0.0.1/callback/v2
		- url: https://127.0.0.1/callback/v2
		paths:

		#######################################################################
		## Notification endpoint CertificateLifecycleStateChangeNotification ##
		#######################################################################

		/URI_is_provided_by_the_client_when_creating_the_subscription-CertificateLifecycleStateChangeNotification:
		parameters:
		- $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization
		- $ref: ../components/SOL023_params.yaml#/components/parameters/Version
		post:
		description: \|
		The POST method delivers a notification from the API producer to an API consumer. The API consumer shall
		have previously created an "Individual subscription" resource with a matching filter. See clause 5.4.20.3.1.
		requestBody:
		$ref: '#/components/requestBodies/CertificateLifecycleStateChangeNotification'
		responses:
		204:
		$ref: '#/components/responses/CertificateLifecycleStateChangeNotification.Post.204'
		400:
		$ref: "../responses/SOL023_resp.yaml#/responses/400"
		401:
		$ref: "../responses/SOL023_resp.yaml#/responses/401"
		403:
		$ref: "../responses/SOL023_resp.yaml#/responses/403"
		405:
		$ref: "../responses/SOL023_resp.yaml#/responses/405"
		406:
		$ref: "../responses/SOL023_resp.yaml#/responses/406"
		500:
		$ref: "../responses/SOL023_resp.yaml#/responses/500"
		503:
		$ref: "../responses/SOL023_resp.yaml#/responses/503"

		get:
		description: \|
		The GET method allows the API producer to test the notification endpoint that is provided by the API consumer,
		e.g. during subscription. See clause 5.4.20.3.2.
		responses:
		204:
		$ref: '#/components/responses/CertificateLifecycleStateChangeNotification.Get.204'
		400:
		$ref: "../responses/SOL023_resp.yaml#/responses/400"
		401:
		$ref: "../responses/SOL023_resp.yaml#/responses/401"
		403:
		$ref: "../responses/SOL023_resp.yaml#/responses/403"
		405:
		$ref: "../responses/SOL023_resp.yaml#/responses/405"
		406:
		$ref: "../responses/SOL023_resp.yaml#/responses/406"
		500:
		$ref: "../responses/SOL023_resp.yaml#/responses/500"
		503:
		$ref: "../responses/SOL023_resp.yaml#/responses/503"

		components:
		requestBodies:
		CertificateLifecycleStateChangeNotification:
		description: \|
		A notification about certificate changes triggered by a certificate management operation occurrence.
		content:
		application/json:
		schema:
		$ref: "../CertificateManagement/definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateLifecycleStateChangeNotification"
		required: true

		responses:
		CertificateLifecycleStateChangeNotification.Post.204:
		description: \|
		204 NO CONTENT

		Shall be returned when the notification has been delivered successfully.
		headers:
		WWW-Authenticate:
		description: \|
		Challenge if the corresponding HTTP request has not provided authorization, or error details if the
		corresponding HTTP request has provided an invalid authorization token.
		style: simple
		explode: false
		schema:
		type: string
		Version:
		description: The used API version.
		style: simple
		explode: false
		schema:
		type: string

		CertificateLifecycleStateChangeNotification.Get.204:
		description: \|
		204 NO CONTENT

		Shall be returned to indicate that the notification endpoint has been tested successfully.

		The response body shall be empty.
		headers:
		WWW-Authenticate:
		description: \|
		Challenge if the corresponding HTTP request has not provided authorization, or error details if the
		corresponding HTTP request has provided an invalid authorization token.
		style: simple
		explode: false
		schema:
		type: string
		Version:
		description: The used API version.
		style: simple
		explode: false
		schema:
		type: string
		No newline at end of file