Skip to content

GitLab

R
rest-api-model
Commit a1b871ad authored by cdanger's avatar cdanger
Browse files
Options

Merge branch 'release/5.6.0'

parents 7ddcc730 f89cf37d
Hide whitespace changes
Inline Side-by-side
Showing with 201 additions and 115 deletions
CHANGELOG.md
View file @ a1b871ad
......@@ -2,6 +2,18 @@
All notable changes to this project are documented in this file following the [Keep a CHANGELOG](http://keepachangelog.com) conventions. This project adheres to [FIWARE Versioning](http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Releases_and_Sprints_numbering).
## 5.6.0
### Changed
- Parent project `authzforce-ce-parent` version: 6.0.1 -> 7.0.0
- API schema `authz-rest-api.xsd` (5.2.0 -> 5.3.0): new ProductMetadata type used for new "/version" resource providing product metadata.
### Added
- Resource "/version" allowing GET method to get product metadata, as described in https://jira.ow2.org/browse/AUTHZFORCE-30 (product name,
version, release_date, uptime, REST API doc URL)
- Supported accept/content-type = `application/xacml+xml` - defined by [RFC 7061](https://tools.ietf.org/html/rfc7061) - on `/domains/{id}/pap/policies` for XACML PolicySet payload, and on `/domains/{id}/pdp` for XACML Request/Response payload
- Support for [JSON Profile of XACML](http://docs.oasis-open.org/xacml/xacml-json-http/v1.0/xacml-json-http-v1.0.html)'s media type on `/domains/{id}/pdp`: accept/content-type = `application/xacml+json`
## 5.5.0
### Changed
- Maven project parent (authzforce-ce-parent) version: 6.0.1
......
add-json-to-wadl.xsl
View file @ a1b871ad
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright 2012-2017 Thales Services SAS.
This file is part of AuthzForce CE.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<xsl:stylesheet version="2.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17">
<!-- Copyright 2012-2017 Thales Services SAS. This file is part of AuthzForce CE. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the
License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed
on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. -->
<!-- Copyright 2012-2017 Thales Services SAS. This file is part of AuthzForce CE. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the
License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed
on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. -->
<xsl:stylesheet version="2.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
xmlns="http://www.w3.org/1999/xhtml" xmlns:az="http://authzforce.github.io/rest-api-model/xmlns/authz/5">
<!-- <xsl:output method="xml" encoding="UTF-8" indent="yes" saxon:indent-spaces="4" /> xmlns:saxon="http://saxon.sf.net/" -->
<xsl:output method="xml" encoding="UTF-8" indent="yes" />
<xsl:param name="enable_xacml_json_profile" select="false"/>
<xsl:param name="enable_xacml_json_profile" select="false" />
<xsl:template match="wadl:method[@id='requestPolicyDecision']">
<xsl:copy>
<xsl:apply-templates select="@*|node()" />
</xsl:copy>
<xsl:if test="$enable_xacml_json_profile = 'true'">
<wadl:method name="POST" id="requestPolicyDecisionXacmlJson">
<wadl:request>
<wadl:representation mediaType="application/xacml+json" element="az:JSONObject">
<wadl:doc xml:lang="EN">
<a href="http://docs.oasis-open.org/xacml/xacml-json-http/v1.0/xacml-json-http-v1.0.html">JSON Profile of XACML 3.0</a>
</wadl:doc>
</wadl:representation>
</wadl:request>
<wadl:response status="200">
<wadl:representation mediaType="application/xacml+json" element="az:JSONObject">
<wadl:doc xml:lang="EN">
<a href="http://docs.oasis-open.org/xacml/xacml-json-http/v1.0/xacml-json-http-v1.0.html">JSON Profile of XACML 3.0</a>
</wadl:doc>
</wadl:representation>
</wadl:response>
<wadl:response status="400" />
<wadl:response status="401" />
<wadl:response status="403" />
<wadl:response status="404" />
</wadl:method>
</xsl:if>
</xsl:template>
<xsl:template match="wadl:representation[@mediaType='application/xml']">
<!-- <xsl:variable name="xmlElement" select="@element" /> -->
<xsl:copy>
......@@ -31,9 +48,6 @@
<!-- If we specify an element again for 'application/json', CXF wadl2java plugin ignores the fact that it is the same and maps to generic java type 'javax.xml.transform.Source' -->
<!-- <xsl:attribute name="element"><xsl:value-of select="$xmlElement" /></xsl:attribute> -->
</wadl:representation>
<xsl:if test="$enable_xacml_json_profile = 'true' and (@element = 'xacml:Request' or @element = 'xacml:Response')">
<wadl:representation mediaType="application/xacml+json" />
</xsl:if>
</xsl:template>
<!-- standard copy template -->
<xsl:template match="@*|node()">
......
pom.xml
View file @ a1b871ad
<!--
Copyright 2012-2017 Thales Services SAS.
This file is part of AuthzForce CE.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>authzforce-ce-parent</artifactId>
<groupId>org.ow2.authzforce</groupId>
<version>6.0.1</version>
<version>7.0.0</version>
</parent>
<artifactId>authzforce-ce-rest-api-model</artifactId>
<version>5.5.0</version>
<version>5.6.0</version>
<name>${project.groupId}:${project.artifactId}</name>
<description>AuthzForce CE - Generic REST API model for Authorization PDPs</description>
<url>https://github.com/authzforce/rest-api-model</url>
......@@ -55,7 +36,10 @@
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-pdp-ext-model</artifactId>
</dependency>
<dependency>
<groupId>org.json</groupId>
<artifactId>json</artifactId>
</dependency>
<!-- Test dependencies -->
<dependency>
<groupId>org.slf4j</groupId>
......@@ -84,6 +68,14 @@
<plugin>
<groupId>com.mycila</groupId>
<artifactId>license-maven-plugin</artifactId>
<configuration>
<header>license/alv2-header.txt</header>
<includes>
<include>src/main/java/**</include>
<!-- Include test files also -->
<include>src/test/java/**</include>
</includes>
</configuration>
<executions>
<execution>
<id>format-sources-license</id>
......@@ -318,6 +310,10 @@
<extraarg>-tMap</extraarg>
<extraarg>{urn:oasis:names:tc:xacml:3.0:core:schema:wd-17}Response=oasis.names.tc.xacml._3_0.core.schema.wd_17.Response</extraarg>
<extraarg>-tMap</extraarg>
<extraarg>{http://authzforce.github.io/rest-api-model/xmlns/authz/5}JSONObject=org.json.JSONObject</extraarg>
<extraarg>-tMap</extraarg>
<extraarg>{http://authzforce.github.io/rest-api-model/xmlns/authz/5}productMetadata=org.ow2.authzforce.rest.api.xmlns.ProductMetadata</extraarg>
<extraarg>-tMap</extraarg>
<extraarg>{http://authzforce.github.io/rest-api-model/xmlns/authz/5}properties=org.ow2.authzforce.rest.api.xmlns.ManagedResourceProperties</extraarg>
<extraarg>-tMap</extraarg>
<extraarg>{http://authzforce.github.io/rest-api-model/xmlns/authz/5}resourceContent=org.ow2.authzforce.rest.api.xmlns.ResourceContent</extraarg>
......
src/main/resources/authz-api.wadl
View file @ a1b871ad
<?xml version="1.0" encoding="UTF-8"?>
<wadl:application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
xmlns:az="http://authzforce.github.io/rest-api-model/xmlns/authz/5" xmlns:atom="http://www.w3.org/2005/Atom" xsi:schemaLocation="http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd ">
xmlns:az="http://authzforce.github.io/rest-api-model/xmlns/authz/5" xmlns:atom="http://www.w3.org/2005/Atom" xmlns="http://www.w3.org/1999/xhtml" xsi:schemaLocation="http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd ">
<wadl:doc xml:lang="EN">
RESTful API of Authorization Service v${project.version}
</wadl:doc>
......@@ -10,36 +10,47 @@
<wadl:include href="xsd/authz-rest-api.xsd" />
</wadl:grammars>
<wadl:resources base="http://localhost/authz-${project.version}">
<wadl:resource path="version" id="productMetadataResource">
<wadl:doc xml:lang="EN">Product version and associated metadata
</wadl:doc>
<wadl:method name="GET" id="getProductMetadata">
<wadl:request />
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="az:productMetadata" />
</wadl:response>
</wadl:method>
</wadl:resource>
<wadl:resource path="domains" id="domainsResource">
<wadl:doc>End-User Policy Domains to be managed by the policy administrators of the
<wadl:doc xml:lang="EN">End-User Policy Domains to be managed by the policy administrators of the
end-user/client organizations
</wadl:doc>
<wadl:method name="POST" id="addDomain">
<wadl:doc>Create managed resource for the administration domain</wadl:doc>
<wadl:doc xml:lang="EN">Create managed resource for the administration domain</wadl:doc>
<wadl:request>
<wadl:representation mediaType="application/xml" element="az:domainProperties">
<wadl:doc>
New domain properties. A default root policy is automatically created for the domain and a corresponding rootPolicyRef set by the Service Provider of this API (see resource
<wadl:doc xml:lang="EN">
New domain properties. A default root policy is automatically created for the domain and a corresponding rootPolicyRef set by the Service Provider of this
API (see resource
'pdpPropertiesResource').
</wadl:doc>
</wadl:representation>
</wadl:request>
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="atom:link">
<wadl:doc>Link to created domain resource</wadl:doc>
<wadl:doc xml:lang="EN">Link to created domain resource</wadl:doc>
</wadl:representation>
</wadl:response>
<wadl:response status="400" />
<wadl:response status="401" />
<wadl:response status="403" />
<wadl:response status="409">
<wadl:doc>Name conflict</wadl:doc>
<wadl:doc xml:lang="EN">Name conflict</wadl:doc>
</wadl:response>
</wadl:method>
<wadl:method name="GET" id="getDomains">
<wadl:request>
<wadl:param name="externalId" style="query" type="xs:NMTOKEN" required="false">
<wadl:doc>If specified, only the domain with matching externalId is returned, or none if no match.</wadl:doc>
<wadl:doc xml:lang="EN">If specified, only the domain with matching externalId is returned, or none if no match.</wadl:doc>
</wadl:param>
</wadl:request>
<wadl:response status="200">
......@@ -49,7 +60,7 @@
<wadl:response status="403" />
</wadl:method>
<wadl:resource id="domainResource" path="{domainId}">
<wadl:doc>End-User Policy Domain, to be managed by a policy administrator of the
<wadl:doc xml:lang="EN">End-User Policy Domain, to be managed by a policy administrator of the
end-user/client
organization
</wadl:doc>
......@@ -67,7 +78,7 @@
<wadl:request />
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="az:domainProperties">
<wadl:doc>Deleted policy domain properties</wadl:doc>
<wadl:doc xml:lang="EN">Deleted policy domain properties</wadl:doc>
</wadl:representation>
</wadl:response>
<wadl:response status="401" />
......@@ -85,7 +96,7 @@
<wadl:response status="404" />
</wadl:method>
<wadl:method name="PUT" id="updateDomainProperties">
<wadl:doc>Update policy domain properties</wadl:doc>
<wadl:doc xml:lang="EN">Update policy domain properties</wadl:doc>
<wadl:request>
<wadl:representation mediaType="application/xml" element="az:domainProperties" />
</wadl:request>
......@@ -99,7 +110,7 @@
</wadl:method>
</wadl:resource>
<wadl:resource id="papResource" path="pap">
<wadl:doc>XACML Policy Administration Point</wadl:doc>
<wadl:doc xml:lang="EN">XACML Policy Administration Point</wadl:doc>
<wadl:method name="GET" id="getPAP">
<wadl:request />
<wadl:response status="200">
......@@ -110,9 +121,9 @@
<wadl:response status="403" />
</wadl:method>
<wadl:resource id="pdpPropertiesResource" path="pdp.properties">
<wadl:doc>Miscellaneous PDP properties, including the root policy reference</wadl:doc>
<wadl:doc xml:lang="EN">Miscellaneous PDP properties, including the root policy reference</wadl:doc>
<wadl:method name="PUT" id="updateOtherPdpProperties">
<wadl:doc>Update miscellaneous PDP properties</wadl:doc>
<wadl:doc xml:lang="EN">Update miscellaneous PDP properties</wadl:doc>
<wadl:request>
<wadl:representation mediaType="application/xml" element="az:pdpPropertiesUpdate" />
</wadl:request>
......@@ -125,7 +136,8 @@
<wadl:response status="404" />
</wadl:method>
<wadl:method name="GET" id="getOtherPdpProperties">
<wadl:doc>Get miscellaneous PDP properties, not only writable (root policy reference) but also read-only status such as time of last modification, currently active
<wadl:doc xml:lang="EN">Get miscellaneous PDP properties, not only writable (root policy reference) but also read-only status such as time of last modification, currently
active
policies, etc.
</wadl:doc>
<wadl:request />
......@@ -138,9 +150,9 @@
</wadl:method>
</wadl:resource>
<wadl:resource id="prpPropertiesResource" path="prp.properties">
<wadl:doc>Miscellaneous PRP (Policy Repository) properties</wadl:doc>
<wadl:doc xml:lang="EN">Miscellaneous PRP (Policy Repository) properties</wadl:doc>
<wadl:method name="PUT" id="updateOtherPrpProperties">
<wadl:doc>Update miscellaneous PRP properties</wadl:doc>
<wadl:doc xml:lang="EN">Update miscellaneous PRP properties</wadl:doc>
<wadl:request>
<wadl:representation mediaType="application/xml" element="az:prpProperties" />
</wadl:request>
......@@ -153,7 +165,7 @@
<wadl:response status="404" />
</wadl:method>
<wadl:method name="GET" id="getOtherPrpProperties">
<wadl:doc>Get miscellaneous PRP properties, not only writable (root policy reference) but also read-only.</wadl:doc>
<wadl:doc xml:lang="EN">Get miscellaneous PRP properties, not only writable (root policy reference) but also read-only.</wadl:doc>
<wadl:request />
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="az:prpProperties" />
......@@ -164,15 +176,20 @@
</wadl:method>
</wadl:resource>
<wadl:resource id="policiesResource" path="policies">
<wadl:doc>Policy resources</wadl:doc>
<wadl:doc xml:lang="EN">Policy resources</wadl:doc>
<wadl:method name="POST" id="addPolicy">
<wadl:doc>Add policy to the domain</wadl:doc>
<wadl:doc xml:lang="EN">Add policy to the domain</wadl:doc>
<wadl:request>
<wadl:representation mediaType="application/xml" element="xacml:PolicySet" />
<wadl:representation mediaType="application/xacml+xml">
<wadl:doc xml:lang="EN">
<a href="https://tools.ietf.org/html/rfc7061">RFC 7061</a>
</wadl:doc>
</wadl:representation>
</wadl:request>
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="atom:link">
<wadl:doc>Link to created managed Policy resource</wadl:doc>
<wadl:doc xml:lang="EN">Link to created managed Policy resource</wadl:doc>
</wadl:representation>
</wadl:response>
<wadl:response status="400" />
......@@ -180,11 +197,11 @@
<wadl:response status="403" />
<wadl:response status="404" />
<wadl:response status="409">
<wadl:doc>Policy ID/Version conflict</wadl:doc>
<wadl:doc xml:lang="EN">Policy ID/Version conflict</wadl:doc>
</wadl:response>
</wadl:method>
<wadl:method name="GET" id="getPolicies">
<wadl:doc>Get policies.</wadl:doc>
<wadl:doc xml:lang="EN">Get policies.</wadl:doc>
<wadl:request />
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="az:resources" />
......@@ -194,12 +211,12 @@
<wadl:response status="404" />
</wadl:method>
<wadl:resource id="policyResource" path="{policyId}">
<wadl:doc>Policy resource</wadl:doc>
<wadl:doc xml:lang="EN">Policy resource</wadl:doc>
<wadl:param name="policyId" style="template" type="xs:anyURI" required="true">
<wadl:doc>Policy ID.</wadl:doc>
<wadl:doc xml:lang="EN">Policy ID.</wadl:doc>
</wadl:param>
<wadl:method name="GET" id="getPolicyVersions">
<wadl:doc>Get policy versions.</wadl:doc>
<wadl:doc xml:lang="EN">Get policy versions.</wadl:doc>
<wadl:request />
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="az:resources" />
......@@ -209,11 +226,11 @@
<wadl:response status="404" />
</wadl:method>
<wadl:method name="DELETE" id="deletePolicy">
<wadl:doc>Delete policy (all versions)</wadl:doc>
<wadl:doc xml:lang="EN">Delete policy (all versions)</wadl:doc>
<wadl:request />
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="az:resources">
<wadl:doc>Deleted policy versions</wadl:doc>
<wadl:doc xml:lang="EN">Deleted policy versions</wadl:doc>
</wadl:representation>
</wadl:response>
<wadl:response status="401" />
......@@ -221,26 +238,36 @@
<wadl:response status="404" />
</wadl:method>
<wadl:resource id="policyVersionResource" path="{version}">
<wadl:doc>Policy version resource</wadl:doc>
<wadl:doc xml:lang="EN">Policy version resource</wadl:doc>
<wadl:param name="version" style="template" type="az:VersionId" required="true">
<wadl:doc>Policy version: either a number sequence (XACML Version) or string "latest" to refer to the latest version of the policy.</wadl:doc>
<wadl:doc xml:lang="EN">Policy version: either a number sequence (XACML Version) or string "latest" to refer to the latest version of the policy.</wadl:doc>
</wadl:param>
<wadl:method name="GET" id="getPolicyVersion">
<wadl:doc>Get policy version</wadl:doc>
<wadl:doc xml:lang="EN">Get policy version</wadl:doc>
<wadl:request />
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="xacml:PolicySet" />
<wadl:representation mediaType="application/xacml+xml">
<wadl:doc xml:lang="EN">
<a href="https://tools.ietf.org/html/rfc7061">RFC 7061</a>
</wadl:doc>
</wadl:representation>
</wadl:response>
<wadl:response status="401" />
<wadl:response status="403" />
<wadl:response status="404" />
</wadl:method>
<wadl:method name="DELETE" id="deletePolicyVersion">
<wadl:doc>Delete policy version. If this the last remaining version, then this has the same effect as method 'deletePolicy'.</wadl:doc>
<wadl:doc xml:lang="EN">Delete policy version. If this the last remaining version, then this has the same effect as method 'deletePolicy'.</wadl:doc>
<wadl:request />
<wadl:response status="200">
<wadl:doc xml:lang="EN">Deleted policy version</wadl:doc>
<wadl:representation mediaType="application/xml" element="xacml:PolicySet">
<wadl:doc>Deleted policy version</wadl:doc>
</wadl:representation>
<wadl:representation mediaType="application/xacml+xml">
<wadl:doc xml:lang="EN">
<a href="https://tools.ietf.org/html/rfc7061">RFC 7061</a>
</wadl:doc>
</wadl:representation>
</wadl:response>
<wadl:response status="401" />
......@@ -251,7 +278,7 @@
</wadl:resource>
</wadl:resource>
<wadl:resource id="attributeProvidersResource" path="attribute.providers">
<wadl:doc>Attribute Providers to be used by the PDP for getting attributes defined in policies
<wadl:doc xml:lang="EN">Attribute Providers to be used by the PDP for getting attributes defined in policies
that
may not be provided by the PEP (in the XACML request).
</wadl:doc>
......@@ -279,13 +306,23 @@
</wadl:resource>
</wadl:resource>
<wadl:resource id="pdpResource" path="pdp">
<wadl:doc>XACML Policy Decision Point</wadl:doc>
<wadl:doc xml:lang="EN">XACML Policy Decision Point</wadl:doc>
<wadl:method name="POST" id="requestPolicyDecision">
<wadl:request>
<wadl:representation mediaType="application/xml" element="xacml:Request" />
<wadl:representation mediaType="application/xacml+xml">
<wadl:doc xml:lang="EN">
<a href="https://tools.ietf.org/html/rfc7061">RFC 7061</a>
</wadl:doc>
</wadl:representation>
</wadl:request>
<wadl:response status="200">
<wadl:representation mediaType="application/xml" element="xacml:Response" />
<wadl:representation mediaType="application/xacml+xml">
<wadl:doc xml:lang="EN">
<a href="https://tools.ietf.org/html/rfc7061">RFC 7061</a>
</wadl:doc>
</wadl:representation>
</wadl:response>
<wadl:response status="400" />
<wadl:response status="401" />
......
src/main/resources/xsd/authz-rest-api.xsd
View file @ a1b871ad
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright 2012-2017 Thales Services SAS.
This file is part of AuthzForce CE.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- Copyright 2012-2017 Thales Services SAS. This file is part of AuthzForce CE. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the
License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed
on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. -->
<!-- Copyright 2012-2017 Thales Services SAS. This file is part of AuthzForce CE. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the
License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed
on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. -->
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://authzforce.github.io/rest-api-model/xmlns/authz/5" xmlns:tns="http://authzforce.github.io/rest-api-model/xmlns/authz/5"
xmlns:authz-ext="http://authzforce.github.io/xmlns/pdp/ext/3" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" elementFormDefault="qualified" attributeFormDefault="unqualified" version="5.2.0">
xmlns:authz-ext="http://authzforce.github.io/xmlns/pdp/ext/3" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" elementFormDefault="qualified"
attributeFormDefault="unqualified" version="5.3.0">
<xs:import namespace="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" />
<xs:import namespace="http://www.w3.org/2005/Atom" />
<xs:import namespace="http://authzforce.github.io/xmlns/pdp/ext/3" />
......@@ -34,18 +22,21 @@
Same function as in SCIM
schema:
An identifier for the Resource as defined by the Service
Consumer. The externalId may simplify identification of the
Consumer. The externalId may simplify identification of
the
Resource between Service Consumer and Service
provider by allowing
the Consumer
to refer to the Resource with its own identifier,
obviating the need to store a local mapping between the local
obviating the need to store a local mapping between the
local
identifier of the Resource and the identifier
used by the Service
Provider. Each
Resource MAY include a non-empty
externalId value. The
value of the externalId attribute is always issued be the
value of the externalId attribute is always
issued be the
Service
Consumer and can never be specified by
the Service Provider. The
......@@ -135,7 +126,8 @@
<xs:annotation>
<xs:documentation>Reference expression (with version pattern(s)) to a policy
to be enforced by the PDP as root policy. This policy and any
other policy referenced (directly or indirectly) from it via XACML
other policy referenced (directly or indirectly)
from it via XACML
PolicySetIdReference must correspond to a resource under URL path
'/policies'.
</xs:documentation>
......@@ -166,7 +158,8 @@
<xs:element name="rootPolicyRef" type="xacml:IdReferenceType">
<xs:annotation>
<xs:documentation>Fixed reference (PolicySetId and constant Version) to the policy
actually enforced by the PDP as root policy, after resolving the rootPolicyRef pattern defined as part of the 'pdpRWPropertyElements' group.
actually enforced by the PDP as root policy, after resolving the rootPolicyRef pattern defined as part
of the 'pdpRWPropertyElements' group.
</xs:documentation>
</xs:annotation>
</xs:element>
......@@ -174,7 +167,8 @@
<xs:annotation>
<xs:documentation>Policy referenced (directly or indirectly) from
the root policy - identified above by 'rootPolicyRef' element - via XACML PolicySetIdReference. In this context,
the Version must be
the
Version must be
statically defined, i.e. the actual resolved
version identifier (used by the PDP) must be
specified, no version
......@@ -249,12 +243,14 @@
<xs:annotation>
<xs:documentation>True iff versions are automatically removed to
keep the number of versions under 'maxVersionCountPerPolicy',
especially when this max is already reached. The strategy for
especially when this max is already reached. The strategy
for
removing versions is implementation-specific; e.g. implementations
may remove the oldest versions first.
Implementations must make
sure it does not
break the 'rootPolicyRef' defined previously or
break the 'rootPolicyRef' defined
previously or
any Policy
reference from it (direct or indirect).
</xs:documentation>
......@@ -284,11 +280,42 @@
</xs:simpleType>
</xs:union>
</xs:simpleType>
<xs:element name="error">
<xs:complexType>
<xs:sequence>
<xs:element name="message" type="xs:string" />
</xs:sequence>
</xs:complexType>
<xs:complexType name="ProductMetadata">
<xs:annotation>
<xs:documentation>Product metadata
</xs:documentation>
</xs:annotation>
<xs:attribute name="name" type="xs:token" use="required">
<xs:annotation>
<xs:documentation>product name</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="version" type="tns:VersionId" use="required">
<xs:annotation>
<xs:documentation>product version</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="release_date" type="xs:date" use="required">
<xs:annotation>
<xs:documentation>product release date</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="uptime" type="xs:duration" use="required">
<xs:annotation>
<xs:documentation>uptime</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="doc" type="xs:anyURI" use="required">
<xs:annotation>
<xs:documentation>link to REST API documentation</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:element name="productMetadata" type="tns:ProductMetadata" />
<xs:element name="JSONObject">
<xs:annotation>
<xs:documentation>Mock XML type representing a JSON object, for use as representation type in the WADL</xs:documentation>
</xs:annotation>
<xs:complexType />
</xs:element>
</xs:schema>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment