-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
95 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
# Schema for the user-info json object. | ||
# The PDP authorization server stores user-info records for all authenticated | ||
# user. The PEP can request user-info records for a user by sending a request. | ||
$schema: "http://json-schema.org/draft-07/schema#" | ||
UserInfo: | ||
type: object | ||
properties: | ||
sub: | ||
type: string | ||
description: "User id. Assigned by the Authorization Server and used in the access token." | ||
given_name: | ||
type: string | ||
description: "Given name of the user" | ||
family_name: | ||
type: string | ||
description: "Family name of the user" | ||
organizationName: | ||
type: string | ||
description: "Organization name" | ||
professionOID: | ||
type: string | ||
description: "Profession identifier (OID)" | ||
idNumber: | ||
type: string | ||
description: "Telematik-ID, KVNR or alternative identifier" | ||
organizationIK: | ||
type: string | ||
description: "Organizations number (Institutionskennzeichen)" | ||
required: | ||
- sub | ||
- organizationName | ||
- professionOID | ||
- idNumber |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
# Schema for the user-session json object. | ||
# The PDP authorization server stores the state of the user-session for | ||
# authenticated user. | ||
UserSession: | ||
type: object | ||
properties: | ||
sub: | ||
type: string | ||
description: "Unique ID of the user." | ||
cid: | ||
type: string | ||
description: "Unique ID of the client." | ||
access_token: | ||
type: object | ||
properties: | ||
token: | ||
type: string | ||
description: "The encrypted access token." | ||
iat: | ||
type: integer | ||
description: "Timestamp of the token issuance." | ||
exp: | ||
type: integer | ||
description: "Timestamp of the token expiration." | ||
aud: | ||
type: array | ||
items: | ||
type: string | ||
description: "List of allowed resources." | ||
scope: | ||
type: string | ||
description: "Access rights of the token." | ||
refresh_token: | ||
type: object | ||
properties: | ||
token: | ||
type: string | ||
description: "The encrypted refresh token." | ||
exp: | ||
type: integer | ||
description: "Timestamp of the refresh token expiration." | ||
session_expiry: | ||
type: integer | ||
description: "Timestamp of the session expiration." | ||
last_activity: | ||
type: integer | ||
description: "Timestamp of the user's last activity." | ||
ip_address: | ||
type: string | ||
description: "User's IP address (optional)." | ||
revoked_tokens: | ||
type: array | ||
items: | ||
type: string | ||
description: "List of revoked refresh tokens (optional)." | ||
required: | ||
- sub | ||
- cid | ||
- access_token | ||
- refresh_token | ||
- session_expiry | ||
- last_activity |