-
Notifications
You must be signed in to change notification settings - Fork 0
/
openapi-spec.yml
166 lines (162 loc) · 4.91 KB
/
openapi-spec.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
openapi: "3.0.1"
info:
title: Assertion Client
version: $npm_package_version
x-logo:
url: https://io.italia.it/assets/img/io-logo-blue.svg
description: |-
Client used to get the assertion from the identity provider
servers:
- url: http://localhost:3000
security:
- ApiKeyAuth: []
paths:
/assertions/{assertion_ref}:
get:
operationId: getAssertion
summary: Get Assertion related to a given assertion ref
parameters:
- name: assertion_ref
required: true
in: path
schema:
$ref: '#/components/schemas/AssertionRef'
- name: x-pagopa-lollipop-auth
required: true
in: header
schema:
$ref: '#/components/schemas/LollipopAuthBearer'
responses:
'200':
description: The assertion related to a valid assertion_ref
content:
application/json:
schema:
$ref: '#/components/schemas/LCUserInfo'
'400':
description: Bad Request
content:
application/json:
schema:
$ref: '#/components/schemas/ProblemJson'
'401':
description: Unauthorized
'403':
description: Forbidden
'404':
description: Not Found
content:
application/json:
schema:
$ref: '#/components/schemas/ProblemJson'
'410':
description: Assertion gone
'500':
description: Internal Server Error
content:
application/json:
schema:
$ref: '#/components/schemas/ProblemJson'
components:
securitySchemes:
ApiKeyAuth:
type: apiKey
in: header
name: Ocp-Apim-Subscription-Key
schemas:
ProblemJson:
type: object
properties:
type:
type: string
format: uri
description: |-
An absolute URI that identifies the problem type. When dereferenced,
it SHOULD provide human-readable documentation for the problem type
(e.g., using HTML).
default: about:blank
example: https://example.com/problem/constraint-violation
title:
type: string
description: >-
A short, summary of the problem type. Written in english and
readable
for engineers (usually not suited for non technical stakeholders and
not localized); example: Service Unavailable
status:
type: integer
format: int32
description: >-
The HTTP status code generated by the origin server for this
occurrence
of the problem.
minimum: 100
maximum: 600
exclusiveMaximum: true
example: 200
detail:
type: string
description: |-
A human readable explanation specific to this occurrence of the
problem.
example: There was an error processing the request
instance:
type: string
format: uri
description: >-
An absolute URI that identifies the specific occurrence of the
problem.
It may or may not yield further information if dereferenced.
AssertionType:
type: string
enum:
- SAML
- OIDC
AssertionRefSha256:
type: string
pattern: ^(sha256-[A-Za-z0-9-_=]{1,44})$
AssertionRefSha384:
type: string
pattern: ^(sha384-[A-Za-z0-9-_=]{1,66})$
AssertionRefSha512:
type: string
pattern: ^(sha512-[A-Za-z0-9-_=]{1,88})$
AssertionRef:
oneOf:
- $ref: '#/components/schemas/AssertionRefSha256'
- $ref: '#/components/schemas/AssertionRefSha384'
- $ref: '#/components/schemas/AssertionRefSha512'
LollipopAuthBearer:
type: string
pattern: ^Bearer [a-zA-Z0-9-_].+
description: A lollipop's JWT auth custom header as `Bearer <JWT Token>`
example: >-
Bearer
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
SamlUserInfo:
type: object
properties:
response_xml:
type: string
description: A string representation of a signed SPID/CIE response
minLength: 1
required:
- response_xml
OidcSignedJwt:
type: string
description: A JWT representation of a signed SPID/CIE OIDC Idp
minLength: 1
OidcUserInfo:
type: object
properties:
id_token:
$ref: '#/components/schemas/OidcSignedJwt'
claims_token:
$ref: '#/components/schemas/OidcSignedJwt'
required:
- id_token
- claims_token
LCUserInfo:
oneOf:
- $ref: '#/components/schemas/SamlUserInfo'
- $ref: '#/components/schemas/OidcUserInfo'