X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=docs%2Foverview.rst;h=0aebe30e31d960051a929cb3c7aa43cb7f8545b5;hb=df61b02070956cac9ec7429281dc78ba853b46ed;hp=09bfdbf830fee322adcc480c4ded2a3076f73f37;hpb=701beb3d40239fcf1992f03ebdec91d6ed6865f6;p=nonrtric.git diff --git a/docs/overview.rst b/docs/overview.rst index 09bfdbf8..0aebe30e 100644 --- a/docs/overview.rst +++ b/docs/overview.rst @@ -38,13 +38,15 @@ These are the components that make up the Non-RT-RIC: * `DMaaP/Kafka Information Producer Adapters <#dmaap-kafka-information-producer-adapters>`_. :doc:`Documentation site adapter `. :doc:`Documentation site mediator `. * `Initial Non-RT-RIC App Catalogue <#initial-non-rt-ric-app-catalogue>`_. :doc:`Documentation site `. * `Initial K8S Helm Chart LCM Manager <#id5>`_. :doc:`Documentation site `. -* `Auth Token Fetch <#id6>`_. +* `Authentication Support <#id6>`_. :doc:`Documentation site `. +* `Service Management & Exposure (SME) <#service-management-and-exposure>`_. :doc:`Documentation site `. * `Test Framework <#id7>`_. * `Use Cases: <#non-rt-ric-use-cases>`_ * "Helloworld" O-RU Fronthaul Recovery use case. :doc:`Documentation site `. * "Helloworld" O-DU Slice Assurance use case. :doc:`Documentation site `. + Non-RT-RIC Control Panel / NONRTRIC Dashboard ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -185,7 +187,7 @@ There are two alternative implementations to allow Information Consumers to cons Implementation: - Implementation in Java Spring (DMaaP Adapter), repo: *nonrtric/plt/dmaapadapter*, see :doc:`DMaaP Adapter documentation site `. -- Implemention in Go (DMaaP Mediator Producer), repo: *nonrtric/plt/dmaapmediatorproducer*, see :doc:`DMaaP Mediator Producer documentation site `. +- Implementation in Go (DMaaP Mediator Producer), repo: *nonrtric/plt/dmaapmediatorproducer*, see :doc:`DMaaP Mediator Producer documentation site `. Initial Non-RT-RIC App Catalogue ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -220,10 +222,51 @@ Implementation: - Repo: *nonrtric/plt/helmmanager* - Documentation at the :doc:`Helm Manager documentation site `. -Auth Token Fetch -~~~~~~~~~~~~~~~~ +Service Management and Exposure +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +An initial implementation of the CAPIF Core service. It implements the following CAPIF APIs: + +- API Provider Management +- Publish Service +- Discover Service +- API Invoker Management +- Security +- Events + +Implementation: + +- Implemented in Go +- Repo: *nonrtric/plt/sme* +- Documentation at the :doc:`Service Management & Exposure (SME) documentation site `. + +Authentication Support +~~~~~~~~~~~~~~~~~~~~~~ + +The auth-token-fetch provides support for authentication. +It is intended to be used as a sidecar and does the authentication procedure, gets and saves the access token +in the local file system. This includes refresh of the token before it expires. +This means that the service only needs to read the token from a file. + +It is tested using Keycloak as authentication provider. + +.. image:: ./AuthSupport.png + :width: 500pt + +So, a service just needs to read the token file and for instance insert it in the authorization header when using HTTP. +The file needs to be re-read if it has been updated. + +The auth-token-fetch is configured by the following environment variables. -Work in progress. +* CERT_PATH - the file path of the cert to use for TSL, example: security/tls.crt +* CERT_KEY_PATH - the file path of the private key file for the cert, example: "security/tls.key" +* ROOT_CA_CERTS_PATH - the file path of the trust store. +* CREDS_GRANT_TYPE - the grant_type used for authentication, example: client_credentials +* CREDS_CLIENT_SECRET - the secret/private shared key used for authentication +* CREDS_CLIENT_ID - the client id used for authentication +* OUTPUT_FILE - the path where the fetched authorization token is stored, example: "/tmp/authToken.txt" +* AUTH_SERVICE_URL - the URL to the authentication service (Keycloak) +* REFRESH_MARGIN_SECONDS - how long in advance before the authorization token expires it is refreshed Test Framework ~~~~~~~~~~~~~~