diff --git a/SOL002/VNFConfiguration-API/ApiVersion.robot b/SOL002/VNFConfiguration-API/ApiVersion.robot index a392e48ceca165769811add868e486e2f820a4ed..7e0d66f44423ac9116214e995d9bae00d3f791f9 100644 --- a/SOL002/VNFConfiguration-API/ApiVersion.robot +++ b/SOL002/VNFConfiguration-API/ApiVersion.robot @@ -130,70 +130,80 @@ DELETE API Version with apiMajorVerion - Method not implemented *** Keywords *** POST API Version - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Post ${apiRoot}/${apiName}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} GET API Version - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Get ${apiRoot}/${apiName}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} PUT API Version - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Put ${apiRoot}/${apiName}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} PATCH API Version - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Patch ${apiRoot}/${apiName}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} DELETE API Version - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Delete ${apiRoot}/${apiName}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} POST API Version with apiMajorVersion - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Post ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} GET API Version with apiMajorVersion - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Get ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} PUT API Version with apiMajorVersion - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Put ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} PATCH API Version with apiMajorVersion - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Patch ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions ${outputResponse}= Output response Set Global Variable ${response} ${outputResponse} DELETE API Version with apiMajorVersion - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Delete ${apiRoot}/${apiName}/${apiMajorVersion}/api_versions ${outputResponse}= Output response diff --git a/SOL002/VNFConfiguration-API/Configuration.robot b/SOL002/VNFConfiguration-API/Configuration.robot index 5ab2c41484b273c74318ba534d361baebea8b2d5..93a73a9305f0b033766ad25329c2fa87666c8ef9 100644 --- a/SOL002/VNFConfiguration-API/Configuration.robot +++ b/SOL002/VNFConfiguration-API/Configuration.robot @@ -6,6 +6,7 @@ Library JSONSchemaLibrary schemas/ Library OperatingSystem Library String Library DependencyLibrary +Library jwt *** Test Cases *** Set new VNF Configuration @@ -13,7 +14,7 @@ Set new VNF Configuration ... Test title: Set a new VNF Configuration ... Test objective: The objective is to test the creation of a new VNF configuration and perform a JSON schema validation of the returned configuration data structure ... Pre-conditions: A VNF instance is instantiated - ... Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: The VNF supports the generation of HTTP Etag opaque identifiers ... Post-Conditions: The configuration is successfully set in the VNF and it matches the issued configuration @@ -29,7 +30,7 @@ Get information about a VNF configuration ... Test title: Get information about a VNF configuration ... Test objective: The objective is to test the retrieval of an existing VNF instance configuration and perform a JSON schema validation of the collected configuration data structure ... Pre-conditions: A VNF instance is instantiated. The VNF instance is already configured. - ... Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: none ... Post-Conditions: none @@ -43,7 +44,7 @@ Get information about a VNF configuration with HTTP Etag ... Test title: Get information about a VNF configuration with HTTP Etag ... Test objective: The objective is to test the retrieval of an existing VNF instance configuration, check the generation by the VNF of an HTTP Etag opaque identifier, and perform a JSON schema validation of the collected configuration data structure ... Pre-conditions: A VNF instance is instantiated. The VNF instance is already configured - ... Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: The VNF supports the generation of HTTP Etag opaque identifiers ... Post-Conditions: none @@ -58,7 +59,7 @@ Set new VNF Configuration - HTTP Etag precondition unsuccessful ... Test title: Set a new VNF Configuration - HTTP Etag precondition unsuccessful ... Test objective: The objective is to test the unsuccess in setting a duplication of VNF configuration identified by an already used HTTP Etag identifier. The test also checks the JSON schema of the unsuccessful operation HTTP response. ... Pre-conditions: A VNF instance is instantiated. The VNF instance is already configured (Test ID 6.3.1.1.1) with a given HTTP Etag identifier. - ... Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: The VNF supports the generation of HTTP Etag opaque identifiers ... Post-Conditions: The VNF configuration is not modified by the unsuccessful operation and it matches the configuration issued in Test ID 6.3.1.1.1 @@ -72,7 +73,7 @@ POST VNF Configuration - Method not implemented ... Test title: POST VNF Configuration - Method not implemented ... Test objective: The objective is to test that POST method is not allowed to create a new VNF configuration ... Pre-conditions: none - ... Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: none ... Post-Conditions: none @@ -84,7 +85,7 @@ PUT VNF Configuration - Method not implemented ... Test title: PUT VNF Configuration - Method not implemented ... Test objective: The objective is to test that PUT method is not allowed to modify an existing VNF configuration ... Pre-conditions: none - ... Reference: Clause 9.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.3 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: none ... Post-Conditions: none @@ -96,7 +97,7 @@ DELETE VNF Configuration - Method not implemented ... Test title: Delete VNF Configuration - Method not implemented ... Test objective: The objective is to test that DELETE method is not allowed to delete an existing VNF configuration ... Pre-conditions: none - ... Reference: Clause 9.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.5 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: none ... Post-Conditions: none @@ -108,7 +109,7 @@ Set new VNF Configuration With Attribute vnfConfigurationData ... Test title: Set a new VNF Configuration with Attribute vnfConfigurationData ... Test objective: The objective is to test the creation of a new VNF configuration and perform a JSON schema validation of the returned configuration data structure ... Pre-conditions: A VNF instance is instantiated - ... Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: The VNF supports the generation of HTTP Etag opaque identifiers ... Post-Conditions: The configuration is successfully set in the VNF and it matches the issued configuration @@ -123,7 +124,7 @@ Set new VNF Configuration With Attribute vnfcConfigurationData ... Test title: Set a new VNF Configuration with Attribute vnfcConfigurationData ... Test objective: The objective is to test the creation of a new VNF configuration and perform a JSON schema validation of the returned configuration data structure ... Pre-conditions: A VNF instance is instantiated - ... Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.4.1 + ... Reference: Clause 9.4.2.3.4 - ETSI GS NFV-SOL 002 [2] v4.5.1 ... Config ID: Config_prod_VE ... Applicability: The VNF supports the generation of HTTP Etag opaque identifiers ... Post-Conditions: The configuration is successfully set in the VNF and it matches the issued configuration @@ -132,12 +133,37 @@ Set new VNF Configuration With Attribute vnfcConfigurationData Check HTTP Response Header Contains ETag and Last-Modified Check HTTP Response Body Json Schema Is vnfConfigModifications Check Postcondition VNF Is Configured - - +Get information about a VNF configuration with permitted authorization scope + [Tags] no-etag + [Documentation] Test ID: 6.3.1.1.10 + ... Test title: Get information about a VNF configuration with permitted authorization scope + ... Test objective: The objective is to test the retrieval of an existing VNF instance configuration and perform a JSON schema validation of the collected configuration data structure with permitted authorization scope + ... Pre-conditions: A VNF instance is instantiated. The VNF instance is already configured. + ... Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1 + ... Config ID: Config_prod_VE + ... Applicability: none + ... Post-Conditions: none + Get VNF configuration with permitted authorization scope + Check HTTP Response Status Code Is 200 + Check HTTP Response Body Json Schema Is vnfConfiguration +Get information about a VNF configuration with NOT permitted authorization scope + [Tags] no-etag + [Documentation] Test ID: 6.3.1.1.11 + ... Test title: Get information about a VNF configuration with not permitted authorization scope + ... Test objective: The objective is to test the retrieval of an existing VNF instance configuration and perform a JSON schema validation of the collected configuration data structure with not permitted authorization scope + ... Pre-conditions: A VNF instance is instantiated. The VNF instance is already configured. + ... Reference: Clause 9.4.2.3.2 - ETSI GS NFV-SOL 002 [2] v4.5.1 + ... Config ID: Config_prod_VE + ... Applicability: none + ... Post-Conditions: none + Get VNF configuration with not permitted authorization scope + Check HTTP Response Status Code Is 403 + Check HTTP Response Body Json Schema Is ProblemDetails *** Keywords *** Get VNF configuration Log Query VNF The GET method queries information about a configuration. - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Set Headers {"Content-Type": "${CONTENT_TYPE}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Log Execute Query and validate response @@ -147,7 +173,8 @@ Get VNF configuration Send VNF configuration log Trying to perform a PATCH. This method modifies the configuration - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Set Headers {"Content-Type": "${CONTENT_TYPE}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} ${body}= Get File jsons/vnfConfigModifications.json @@ -190,6 +217,7 @@ Send Duplicated VNF configuration Depends On Test Send VNF configuration # If the previous test scceeded, it means that Etag has been modified log Trying to perform a PATCH. This method modifies an individual alarm resource Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Set Headers {"Content-Type": "${CONTENT_TYPE}"} Set Headers {"If-Match": "${etag}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} @@ -200,7 +228,8 @@ Send Duplicated VNF configuration Send POST Request for VNF Configuration log Trying to perform a POST. This method should not be implemented - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Post ${apiRoot}/${apiName}/${apiMajorVersion}/configuration ${output}= Output response @@ -208,7 +237,8 @@ Send POST Request for VNF Configuration Send PUT Request for VNF Configuration log Trying to perform a POST. This method should not be implemented - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Put ${apiRoot}/${apiName}/${apiMajorVersion}/configuration ${output}= Output response @@ -216,7 +246,8 @@ Send PUT Request for VNF Configuration Send DELETE Request for VNF Configuration log Trying to perform a POST. This method should not be implemented - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} Delete ${apiRoot}/${apiName}/${apiMajorVersion}/configuration ${output}= Output response @@ -224,7 +255,8 @@ Send DELETE Request for VNF Configuration Send VNF configuration with vnfConfigurationData log Trying to perform a PATCH. This method modifies the configuration when attribute is vnfConfigurationData - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Set Headers {"Content-Type": "${CONTENT_TYPE}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} ${template}= Get File jsons/vnfConfigModificationsWithVnfConfigurationData.json @@ -235,7 +267,8 @@ Send VNF configuration with vnfConfigurationData Send VNF configuration with vnfcConfigurationData log Trying to perform a PATCH. This method modifies the configuration when attribute is vnfcConfigurationData - Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} Set Headers {"Content-Type": "${CONTENT_TYPE}"} Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${AUTHORIZATION_TOKEN}"} ${template}= Get File jsons/vnfConfigModificationsWithvnfcConfigurationData.json @@ -247,4 +280,32 @@ Check HTTP Response Header Contains [Arguments] ${CONTENT_TYPE} Log ${response['headers']} Should Contain ${response['headers']} ${CONTENT_TYPE} - Log Header is present \ No newline at end of file + Log Header is present +JWT Encode + [Arguments] ${payload} ${key} ${algorithm} + ${encoded}= Evaluate jwt.encode(${payload}, ${key}, ${algorithm}) + [Return] ${encoded} +Get VNF configuration with permitted authorization scope + Log Query VNF The GET method queries information about a configuration with permitted authorization scope. + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} + Set Headers {"Content-Type": "${CONTENT_TYPE}"} + ${scope_value}= Create Dictionary scopeValue=${CONFIGURATION_SCOPE} + ${Authorization_Key}= JWT Encode payload=${scope_value} key='' algorithm=${OAUTH_Encryption_ALGORITHM} + Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${Authorization_Key}"} + Log Execute Query and validate response + Get ${apiRoot}/${apiName}/${apiMajorVersion}/configuration + ${output}= Output response + Set Suite Variable ${response} ${output} +Get VNF configuration with not permitted authorization scope + Log Query VNF The GET method queries information about a configuration with not permitted authorization scope. + Set Headers {"Accept":"${ACCEPT}"} + Set Headers {"Version": "${API_VERSION}"} + Set Headers {"Content-Type": "${CONTENT_TYPE}"} + ${scope_value}= Create Dictionary scopeValue=${NEG_SCOPE} + ${Authorization_Key}= JWT Encode payload=${scope_value} key='' algorithm=${OAUTH_Encryption_ALGORITHM} + Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"${AUTHORIZATION_HEADER}":"${Authorization_Key}"} + Log Execute Query and validate response + Get ${apiRoot}/${apiName}/${apiMajorVersion}/configuration + ${output}= Output response + Set Suite Variable ${response} ${output} \ No newline at end of file diff --git a/SOL002/VNFConfiguration-API/environment/variables.txt b/SOL002/VNFConfiguration-API/environment/variables.txt index 2e7355081c23089053107fbe10736eac284cbe2a..bebd011d7f792dd6862b43b2a5cac83b07b5fbd8 100644 --- a/SOL002/VNFConfiguration-API/environment/variables.txt +++ b/SOL002/VNFConfiguration-API/environment/variables.txt @@ -10,6 +10,10 @@ ${ACCEPT} application/json ${AUTH_USAGE} 1 ${AUTHORIZATION_HEADER} Authorization ${AUTHORIZATION_TOKEN} Bearer 0b79bab50daca910b000d4f1a2b675d604257e42 +${NEG_SCOPE} configuration:v1:invalid +${CONFIGURATION_SCOPE} configuration:v1:invalid +${OAUTH_Encryption_ALGORITHM} HS256 +${API_VERSION} 1.12.0 ${CONTENT_TYPE} application/json diff --git a/SOL002/VNFConfiguration-API/schemas/vnfConfigModifications.schema.json b/SOL002/VNFConfiguration-API/schemas/vnfConfigModifications.schema.json index d6d51413ecd46dc2328a566d7c183aa2100f3a4c..cf781befc661b18495c1796de51324899393b82f 100644 --- a/SOL002/VNFConfiguration-API/schemas/vnfConfigModifications.schema.json +++ b/SOL002/VNFConfiguration-API/schemas/vnfConfigModifications.schema.json @@ -200,6 +200,62 @@ } } }, + "certificateData": { + "description": "Certificates data to be configured or modified into VNFC instance. Shall be present if delegation-mode is used. Otherwise it shall be absent.\n", + "type": "array", + "items": { + "description": "This type provides input information related to subject of certificate.\nNOTE : Either set of ΓÇ£privatekeyΓÇ¥ and ΓÇ£certificateFileΓÇ¥ or ΓÇ£keystoreFileΓÇ¥ but not both shall be present.\n", + "type": "object", + "properties": { + "privateKey": { + "type": "string", + "description": "Private key paired with the signed public key. VNFM shall generate both the private key and public key and set this attribute. See note.\n" + }, + "certificateFile": { + "type": "string", + "description": "Signed certificate including the public key and certificate chain. See note.\n" + }, + "keystoreFile": { + "type": "string", + "description": "Keystore which includes the private key, signed certificate, and certificate chain (e.g., pkcs#12, pfx). Credentials to read this file shall be provided to the VNF instance by outbound. See note.\n" + }, + "certSubjectData": { + "description": "This type provides input information related to subject of certificate.\n* NOTE: At least one overriding attributes shall be present, otherwise shall be absent.\n", + "type": "object", + "properties": { + "commonName": { + "description": "Information of certification target subject FQDN. See note.", + "type": "string" + }, + "organization": { + "description": "Information of certification target subject Organization. See note.", + "type": "string" + }, + "country": { + "description": "Information of certification target subject Country. See note.", + "type": "string" + }, + "state": { + "description": "Information of certification target subject State. See note.", + "type": "string" + }, + "locality": { + "description": "Information of certification target subject Locality. See note.", + "type": "string" + }, + "emailAddress": { + "description": "Information of certification contact email address. See note.", + "type": "string" + } + } + }, + "certifiateProfileName": { + "type": "string", + "description": "Name of the certificate profile to be signed.\n" + } + } + } + }, "vnfcSpecificData": { "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n", "type": "object" diff --git a/SOL002/VNFConfiguration-API/schemas/vnfConfiguration.schema.json b/SOL002/VNFConfiguration-API/schemas/vnfConfiguration.schema.json index d99f14882e434195fdb467b627048b7aef38834b..2b95e2321491442a6a87007de120a773493bd62d 100644 --- a/SOL002/VNFConfiguration-API/schemas/vnfConfiguration.schema.json +++ b/SOL002/VNFConfiguration-API/schemas/vnfConfiguration.schema.json @@ -191,6 +191,62 @@ } } }, + "certificateData": { + "description": "Certificates data to be configured or modified into VNFC instance. Shall be present if delegation-mode is used. Otherwise it shall be absent.\n", + "type": "array", + "items": { + "description": "This type provides input information related to subject of certificate.\nNOTE : Either set of ΓÇ£privatekeyΓÇ¥ and ΓÇ£certificateFileΓÇ¥ or ΓÇ£keystoreFileΓÇ¥ but not both shall be present.\n", + "type": "object", + "properties": { + "privateKey": { + "type": "string", + "description": "Private key paired with the signed public key. VNFM shall generate both the private key and public key and set this attribute. See note.\n" + }, + "certificateFile": { + "type": "string", + "description": "Signed certificate including the public key and certificate chain. See note.\n" + }, + "keystoreFile": { + "type": "string", + "description": "Keystore which includes the private key, signed certificate, and certificate chain (e.g., pkcs#12, pfx). Credentials to read this file shall be provided to the VNF instance by outbound. See note.\n" + }, + "certSubjectData": { + "description": "This type provides input information related to subject of certificate.\n* NOTE: At least one overriding attributes shall be present, otherwise shall be absent.\n", + "type": "object", + "properties": { + "commonName": { + "description": "Information of certification target subject FQDN. See note.", + "type": "string" + }, + "organization": { + "description": "Information of certification target subject Organization. See note.", + "type": "string" + }, + "country": { + "description": "Information of certification target subject Country. See note.", + "type": "string" + }, + "state": { + "description": "Information of certification target subject State. See note.", + "type": "string" + }, + "locality": { + "description": "Information of certification target subject Locality. See note.", + "type": "string" + }, + "emailAddress": { + "description": "Information of certification contact email address. See note.", + "type": "string" + } + } + }, + "certifiateProfileName": { + "type": "string", + "description": "Name of the certificate profile to be signed.\n" + } + } + } + }, "vnfcSpecificData": { "description": "This type represents a list of key-value pairs. The order of the pairs in the list is not significant. In JSON, a set of keyvalue pairs is represented as an object. It shall comply with the provisions defined in clause 4 of IETF RFC 8259. In the following example, a list of key-value pairs with four keys (\"aString\", \"aNumber\", \"anArray\" and \"anObject\") is provided to illustrate that the values associated with different keys can be of different type.\n", "type": "object"