Update documentation - adding security information
[nonrtric/plt/sme.git] / capifcore / docs / diagrams / classdiagram.plantuml
1 @startuml Information model for CAPIF
2 ' Provider Service
3 package "Provider Service" #palegreen {
4     struct APIProviderEnrolmentDetails {
5         string apiProvDomId
6         string apiProvDomInfo
7         []APIProviderFunctionDetails apiProvFuncs
8         string regSec (required)
9         SupportedFeatures suppFeats
10     }
11     note right of APIProviderEnrolmentDetails::apiProvDomId
12         Id provided by CAPIF Core
13     end note
14     struct APIProviderFunctionDetails {
15         string apiProvFuncId
16         string apiProvFuncInfo
17         ApiProviderFuncRole apiProviderFuncRole (required)
18         RegistrationInformation regInfo (required)
19     }
20     note right of APIProviderFunctionDetails::apiProvFuncId
21         Id provided by CAPIF Core
22     end note
23     enum ApiProviderFuncRole {
24         AEF: API provider function is API Exposing Function.
25         APF: API provider function is API Publishing Function.
26         AMF: API Provider function is API Management Function.
27     }
28     struct RegistrationInformation {
29         string apiProvCert
30         string apiProvPubKey (required)
31     }
32     APIProviderEnrolmentDetails::apiProvFuncs "1" o-- "1..N" APIProviderFunctionDetails
33     APIProviderFunctionDetails::regInfo "1" o-- "1" RegistrationInformation
34     APIProviderFunctionDetails::apiProviderFuncRole "1" o-- "1" ApiProviderFuncRole
35 }
36
37 ' Publish Service
38 package "Publish Service" #lightblue {
39     struct ServiceAPIDescription {
40         string apiId
41         string apiName (required)
42         string description
43         []AefProfile aefProfiles
44         SupportedFeatures apiSuppFeat
45         SupportedFeatures supportedFeatures
46     }
47     note left of ServiceAPIDescription::apiId
48         Id provided by CAPIF Core
49     end note
50     note "apfId matching\n APIProviderFunctionDetails::apiProvFuncId\n must be provided when publishing" as publishProviderRel
51     ServiceAPIDescription .. publishProviderRel
52     publishProviderRel .. APIProviderFunctionDetails::apiProvFuncId
53     struct AefProfile {
54         string aefId (required)
55         DataFormat dataFormat
56         string domainName
57         []InterfaceDescription interfaceDescriptions
58         Protocol protocol
59         []SecurityMethod securityMethods
60         []Version versions (required)
61     }
62     enum DataFormat {
63         JSON
64     }
65     enum Protocol {
66         HTTP_1_1
67         HTTP_2
68     }
69     note "AefProfile::aefId should match\n APIProviderFunctionDetails::apiProvFuncId" as aefIdRel
70     APIProviderFunctionDetails::apiProvFuncId .. aefIdRel
71     aefIdRel .. AefProfile::aefId
72     struct InterfaceDescription {
73         string ipv4Address
74         string ipv6Address
75         int port
76         []SecurityMethod securityMethods
77     }
78     note left of InterfaceDescription::securityMethods
79         Security methods supported by the interface,
80         it take precedence over the security methods
81         provided in AefProfile, for this specific interface.
82     end note
83     struct Version {
84         []CustomOperation custOperations
85         DateTime expiry
86         []Resource resources
87         string apiVersion (required)
88     }
89     struct CustomOperation {
90         CommunicationType commType (required)
91         string custOpName (required)
92         string description
93         []Operation operations
94     }
95     enum Operation {
96         GET
97         POST
98         PUT
99         PATCH
100         DELETE
101     }
102     enum SecurityMethod {
103         PSK
104         PKI
105         OAUTH
106     }
107     struct Resource {
108         string resourceName (required)
109         string uri (required)
110         CommunicationType commType (required)
111         string description
112     }
113     enum CommunicationType {
114         REQUEST_RESPONSE
115         SUBSCRIBE_NOTIFY
116     }
117     ServiceAPIDescription::aefProfiles "1" o-- "1..N" AefProfile
118     AefProfile::interfaceDescriptions "1" o-- "1..N" InterfaceDescription
119     AefProfile::protocol "0..1" o-- "0..1" Protocol
120     AefProfile::securityMethods "1" o-- "1..N" SecurityMethod
121     AefProfile::dataFormat "0..1" o-- "0..N" DataFormat
122     InterfaceDescription::securityMethods "1" o-- "1..N" SecurityMethod
123     AefProfile::versions "1" o-- "1..N" Version
124     Version::resources "1..N" o-- "1..N" Resource
125     Version::custOperations "0..1" o-- "0..N" CustomOperation
126     CustomOperation::CommunicationType "1" o-- "1" CommunicationType
127     CustomOperation::operations "0..N" o-- "0..N" Operation
128     Resource::commType "1" o-- "1" CommunicationType
129 }
130
131 ' Invoker Management
132 package "Invoker Management" #coral {
133     struct APIInvokerEnrolmentDetails {
134         string apiInvokerId
135         string apiInvokerInformation
136         APIList apiList
137         OnboardingInformation onboardingInformation (required)
138         SupportedFeatures supportedFeatures
139     }
140     note right of APIInvokerEnrolmentDetails::apiInvokerId
141         Id provided by
142         CAPIF Core
143     end note
144     struct OnboardingInformation {
145         string apiInvokerCertificate
146         string ApiInvokerPublicKey (required)
147         string onboardingSecret
148     }
149     note right of OnboardingInformation::Secret
150         Secret provided
151         by CAPIF Core
152     end note
153     APIInvokerEnrolmentDetails::apiList "1" o-- "1..N" ServiceAPIDescription
154     APIInvokerEnrolmentDetails::onboardingInformation "1" o-- "1" OnboardingInformation
155 }
156 note "APIList containing services\n available for the invoker.\n Provided by capifcore" as invServiceRel
157 APIInvokerEnrolmentDetails::apiList .. invServiceRel
158 invServiceRel .. ServiceAPIDescription
159
160 ' Discover Service
161 package "Discover Service"  #Yellow {
162     struct DiscoveredAPIs {
163         []ServiceAPIDescription serviceAPIDescriptions
164     }
165 }
166 DiscoveredAPIs::serviceAPIDescriptions "0..N" o-- "0..N" ServiceAPIDescription
167 note "Services can only be discovered\n for an onboarded invoker through\n APIInvokerEnrolmentDetails::apiInvokerId" as invokerDiscoverRel
168 DiscoveredAPIs .. invokerDiscoverRel
169 invokerDiscoverRel .. APIInvokerEnrolmentDetails::apiInvokerId
170
171 ' Security Service
172 package "Security Service" #Pink {
173     struct AccessTokenReq {
174         string grant_type (required)
175         string client_id (required)
176         string client_secret
177         string scope
178     }
179     struct AccessTokenRsp {
180         string access_token (required)
181         string token_type (required)
182         DurationSec expires_in (required)
183         string scope
184     }
185     struct ServiceSecurity {
186         []SecurityInformation securityInfo (required)
187         SupportedFeatures supportedFeatures
188     }
189     struct SecurityInformation {
190         string aefId
191         string apiId
192         string authenticationInfo
193         string authorizationInfo
194         InterfaceDescription interfaceDetails
195         []SecurityMethod prefSecurityMethods
196         []SecurityMethod selSecurityMethods
197     }
198     ServiceSecurity::securityInfo "1" o-- "1..N" SecurityInformation
199     SecurityInformation::interfaceDetails "0..1" o-- "0..N" InterfaceDescription
200     SecurityInformation::prefSecurityMethods "1" o-- "1..N" SecurityMethod
201     SecurityInformation::selSecurityMethods "0..1" o-- "0..N" SecurityMethod
202 }
203 SecurityInformation::aefId .. APIProviderFunctionDetails::apiProvFuncId
204 SecurityInformation::apiId .. ServiceAPIDescription::apiId
205 note "AccessTokenReq::client_id and\n AccessTokenReq::client_secret\n must match registered invoker" as accessInvokerRel
206 AccessTokenReq::client_id .. accessInvokerRel
207 accessInvokerRel .. APIInvokerEnrolmentDetails::apiInvokerId
208 note "Function provided in\n AccessTokenReq:scope\n must be registered for a provider" as accessProviderRel
209 AccessTokenReq::scope .. accessProviderRel
210 accessProviderRel .. APIProviderFunctionDetails::apiProvFuncId
211 note "API provided in\n AccessTokenReq:scope\n must be published" as accessPublishRel
212 AccessTokenReq::scope .. accessPublishRel
213 accessPublishRel .. AefProfile::aefId
214
215 ' Event Service
216 package "Event Service" #Orange {
217     struct EventSubscription {
218         []CAPIFEvent events (required)
219         Uri notificationDestination (required)
220         ReportingInformation eventReq
221         []CAPIFEventFilter eventFilters
222         SupportedFeatures supportedFeatures
223     }
224     struct CAPIFEventFilter {
225         []string aefIds
226         []string apiIds
227         []string apiInvokerIds
228     }
229     enum CAPIFEvent {
230         SERVICE_API_AVAILABLE
231         SERVICE_API_UNAVAILABLE
232         SERVICE_API_UPDATE
233         API_INVOKER_ONBOARDED
234         API_INVOKER_OFFBOARDED
235         SERVICE_API_INVOCATION_SUCCESS
236         SERVICE_API_INVOCATION_FAILURE
237         ACCESS_CONTROL_POLICY_UPDATE
238         ACCESS_CONTROL_POLICY_UNAVAILABLE
239         API_INVOKER_AUTHORIZATION_REVOKED
240         API_INVOKER_UPDATED
241         API_TOPOLOGY_HIDING_CREATED
242         API_TOPOLOGY_HIDING_REVOKED
243     }
244     struct ReportingInformation {
245         DurationSec grpRepTime
246         bool immRep
247         Uinteger maxReportNbr
248         NotificationFlag notifFlag
249         NotificationMethod notifMethod
250         PartitioningCriteria partitionCriteria
251         DurationSec repPeriod
252         SamplingRation sampRatio
253     }
254     struct EventNotification {
255         CAPIFEventDetail eventDetail
256         CAPIFEvent events (required)
257         string subscriptionId (required)
258     }
259     struct CAPIFEventDetail {
260         AccessControlPolicyListExt accCtrlPolList
261         []string apiIds
262         []string apiInvokerIds
263         []ServiceAPIDescription serviceAPIDescriptions
264     }
265     struct AccessControlPolicyListExt {
266         AccessControlPolicyList accessControlPolicyList
267         string apiId
268     }
269     note right of EventNotification::subscriptionId
270         subscriptionId generated
271         by CAPIF Core when
272         subscription was created
273     end note
274 }
275 EventSubscription::eventFilters "0..N" o-- "0..N" CAPIFEventFilter
276 EventSubscription::events "1" o-- "1..N" CAPIFEvent
277 EventSubscription::eventReq "0..N" o-- "0..N" ReportingInformation
278 CAPIFEventDetail::serviceAPIDescriptions "0..N" o-- "0..N" ServiceAPIDescription
279 CAPIFEventFilter::aefIds .. APIProviderFunctionDetails::apiProvFuncId
280 CAPIFEventFilter::apiIds .. ServiceAPIDescription::apiId
281 CAPIFEventFilter::apiInvokerIds .. APIInvokerEnrolmentDetails::apiInvokerId
282 EventNotification::eventDetail "0..1" o-- "0..N" CAPIFEventDetail
283 EventNotification::events "1" o-- "1" CAPIFEvent
284 CAPIFEventDetail::apiIds .. ServiceAPIDescription::apiId
285 CAPIFEventDetail::apiInvokerIds .. APIInvokerEnrolmentDetails::apiInvokerId
286 CAPIFEventDetail::accCtrlPolList "0..N" o-- "0..N" AccessControlPolicyListExt
287 AccessControlPolicyListExt::apiId .. ServiceAPIDescription::apiId
288
289 ' Access Control Policy
290 package "Access Control Policy" #LightCyan {
291     struct AccessControlPolicyList {
292         []ApiInvokerPolicy apiInvokerPolicies
293     }
294     struct ApiInvokerPolicy {
295         []TimeRangeList allowedInvocationTimeRangeList
296         int allowedInvocationsPerSecond
297         int allowedTotalInvocations
298         string apiInvokerId (required)
299     }
300     struct TimeRangeList {
301         DateTime startTime
302         DateTime stopTime
303     }
304 }
305 AccessControlPolicyList::apiInvokerPolicies "0..N" o-- "0..N" ApiInvokerPolicy
306 ApiInvokerPolicy::allowedInvocationTimeRangeList "0..N" o-- "0..N" TimeRangeList
307 AccessControlPolicyListExt::accessControlPolicyList "0..N" o-- "0..N" AccessControlPolicyList
308 ApiInvokerPolicy::apiInvokerId .. APIInvokerEnrolmentDetails::apiInvokerId
309
310 ' Logging Service
311 package "Logging Service" #Silver {
312     struct InvocationLog {
313         string aefId (required)
314         string apiInvokerId (required)
315         []Log logs (required)
316         SupportedFeatures supportedFeatures
317     }
318     struct Log {
319         string apiId (required)
320         string apiName (required)
321         string apiVersion (required)
322         InterfaceDescription destInterface
323         string fwdInterface
324         interface inputParameters
325         DurationMs invocationLatency
326         DateTime invocationTime
327         Operation operation
328         interface outputParameters
329         Protocol protocol (required)
330         string resourceName (required)
331         string result (required)
332         InterfaceDescription srcInterface
333         Uri uri
334     }
335 }
336 InvocationLog::logs "1" o-- "1..N" Log
337 InvocationLog::aefId .. APIProviderFunctionDetails::apiProvFuncId
338 InvocationLog::apiInvokerId .. APIInvokerEnrolmentDetails::apiInvokerId
339 Log::apiId .. ServiceAPIDescription::apiId
340 Log::destInterface "0..1" o-- "0..N" InterfaceDescription
341 Log::srcInterface "0..1" o-- "0..N" InterfaceDescription
342 Log::protocol "0..1" o-- "0..N" Protocol
343 Log::operation "0..1" o-- "0..N" Operation
344
345 ' Auditing Service
346 package "Auditing Servive" #PaleVioletRed {
347     struct GetApiInvocationLogsParams {
348         string aefId
349         string apiInvokerId
350         DateTime timeRangeStart
351         DateTime timeRangeEnd
352         string apiId
353         string apiName
354         string apiVersion
355         Protocol protocol
356         Operation operation
357         string result
358         string resourceName
359         InterfaceDescription srcInterface
360     }
361 }
362 GetApiInvocationLogsParams::aefId .. APIProviderFunctionDetails::apiProvFuncId
363 GetApiInvocationLogsParams::apiInvokerId .. APIInvokerEnrolmentDetails::apiInvokerId
364 GetApiInvocationLogsParams::apiId .. ServiceAPIDescription::apiId
365 GetApiInvocationLogsParams::protocol "0..1" o-- "0..1" Protocol
366 GetApiInvocationLogsParams::operation "0..1" o-- "0..1" Operation
367 GetApiInvocationLogsParams::srcInterface "0..1" o-- "0..1" InterfaceDescription
368 note "A call with\n GetApiInvocationLogsParams\n returns an InvocationLog" as auditLogRel
369 GetApiInvocationLogsParams .. auditLogRel
370 auditLogRel .. InvocationLog
371
372 ' Routing Service
373 package "Routing Service" {
374     struct RoutingInfo {
375         []RoutingRule routingRules (required)
376     }
377     struct RoutingRule {
378         AefProfile aefProfile (required)
379         []Ipv4AddressRange ipv4AddrRanges
380         []Ipv6AddressRange ipv6AddrRanges
381     }
382     struct GetServiceApisServiceApiIdParams {
383         string aefId (required)
384         SupportedFeatures suppFeat
385     }
386     RoutingInfo::routingRules "1" o-- "1..N" RoutingRule
387     RoutingRule::aefProfile "1" o-- "1" AefProfile
388     GetServiceApisServiceApiIdParams::aefId .. APIProviderFunctionDetails::apiProvFuncId
389     note "A call with\n GetServiceApisServiceApiIdParams\n returns a RoutingInfo" as routingRel
390     GetServiceApisServiceApiIdParams .. routingRel
391     routingRel .. RoutingInfo
392 }
393 @enduml