added mandatory security definitions and correct definition errors#35
Conversation
multi-point-vpn 0.1.0-alpha.1: add mandatory security definitions and correct definition errors
CAMARA Validation — PASS (with warnings)0 errors, 2 warnings, 12 hints | Profile: standard |
Update multi-point-vpn API definition: set version to 'wip', change server URL path from '{apiRoot}/multi-point-vpn/v0.1alpha1' to '{apiRoot}/multi-point-vpn/vwip', and add a description for the openId security scheme.
| NOTE- The private physical link between CE and cloud PE is default deployed for one click calling, | ||
| otherwise it is required to install the physical link, which is out of the scope of this API. | ||
|
|
||
| # Authorization and authentication |
There was a problem hiding this comment.
Please use the mandatory text as defined in https://github.com/camaraproject/IdentityAndConsentManagement/blob/r3.3/documentation/CAMARA-API-access-and-user-consent.md#mandatory-template-for-infodescription-in-camara-api-specs
Best you are using already the text blocks from https://github.com/camaraproject/Commonalities/blob/r4.3/artifacts/common/info-description-templates.yaml, then you don't need to redo the work when addressing #33
Also a lot of the other work could be avoided by using the ref$ into code/common/CAMARA_common.yaml which will come with Commonalities r4.3 (Spring26) which is anyway mandatory for the release candidate version.
There was a problem hiding this comment.
Thanks , noted above points and updated the pull request as required.
Add CAMARA-mandated sections for authorization, additional error responses, and request-body strictness to the MultiPoint VPN OpenAPI description. Clarify auth guidance (including three-legged tokens when personal data is processed) and reference the CAMARA Identity and Consent Management profile and commonalities for error lists. Bump x-camara-commonalities from 0.5 to 0.8.0 and clean up formatting/typos in the top-level description (spacing, punctuation and line folding).
|
Good progress. As you have done the
you should update the Commonalities dependency in release-plan.yaml to r4.3 (and ICM to r4.2). That can be done only in a separate PR and will trigger an automated PR with the code/common/* files. It will also activate the extended validation rules of Spring26. |
Introduce stronger validation and documentation across the multipoint VPN API: add an XCorrelator string schema and replace inline header/parameter schema references (marked not required); expand servers.apiRoot description; add maxLength limits for multiple string fields (serviceId, id, currency, unit, serviceName, routeProtocol, resourceGroupId, cloudGatewayIP, location, error fields, IP addresses); add maxItems to connection arrays; add int32 formats and min/max bounds to numeric fields (guaranteeBandwidth, waitdays, HTTP status); and small schema cleanups. These changes tighten input/output validation and improve API documentation.
Add a description to the XCorrelator component documenting it as the correlation id used across services. Also remove stray blank lines in the authorization and additional error responses sections of multi-point-vpn.yaml to clean up the specification and improve clarity.
3 participants
added mandatory security definitions and corrected definition errors
What type of PR is this?
Add one of the following kinds:
What this PR does / why we need it:
Fixes mandatory security definitions and corrected several objective errors in the definitions.
Which issue(s) this PR fixes:
Fixes #31
Special notes for reviewers:
Please review
Changelog input
Additional documentation
This section can be blank.