Adding documentation for invoker 44/11244/2
authorychacon <yennifer.chacon@est.tech>
Tue, 30 May 2023 09:31:57 +0000 (11:31 +0200)
committerychacon <yennifer.chacon@est.tech>
Thu, 1 Jun 2023 08:37:15 +0000 (10:37 +0200)
Issue-ID: NONRTRIC-861
Signed-off-by: ychacon <yennifer.chacon@est.tech>
Change-Id: I850787dc4032a14ac1a313bb402c31a9210d7d03

invoker/README.md [new file with mode: 0644]
invoker/docs/Discover Service API.svg [new file with mode: 0644]
invoker/docs/Obtain Access Token.svg [new file with mode: 0644]
invoker/docs/Obtain Security Method.svg [new file with mode: 0644]
invoker/docs/Onboarding new invoker.svg [new file with mode: 0644]
invoker/docs/discoveryapi.plantuml [new file with mode: 0644]
invoker/docs/onboardinvoker.plantuml [new file with mode: 0644]
invoker/docs/securitymethod.plantuml [new file with mode: 0644]
invoker/docs/securityobtaintoken.plantuml [new file with mode: 0644]

diff --git a/invoker/README.md b/invoker/README.md
new file mode 100644 (file)
index 0000000..e8d3e68
--- /dev/null
@@ -0,0 +1,119 @@
+<!--
+ -
+   ========================LICENSE_START=================================
+   O-RAN-SC
+   %%
+   Copyright (C) 2023: Nordix Foundation
+   %%
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+   ========================LICENSE_END===================================
+
+-->
+
+# O-RAN-SC Non-RealTime RIC CAPIF Invoker Stub
+
+This is a Go implementation of a stub for the CAPIF Invoker function, based on the 3GPP "29.222 Common API Framework for 3GPP Northbound APIs (CAPIF)" interfaces, see https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3450.
+
+This stub offers an user interface that helps to test the functionalities implemented in the O-RAN-SC CAPIF implementation and the supported features are the following:
+
+- Onboard API Invoker
+- Discover published service APIs and retrieve a collection of APIs according to certain filter criteria.
+- Obtain Security method
+- Obtain Authorization
+
+### Onboard API Invoker
+
+This service operation is used by an API invoker to on-board itself as a recognized user of CAPIF
+
+<img src="docs/Onboarding new invoker.svg">
+
+To onboard itself the Invoker should send a request to the CAPIF core including an API invoker Enrolment Details, API List and a Notification Destination URI for on-boarding notification.
+
+```
+{
+    "apiInvokerInformation": "rApp as API invoker",
+        "apiList": [
+               {}
+       ],
+    "NotificationDestination": "http://invoker-app:8086/callback",
+    "onboardingInformation": {
+               "apiInvokerPublicKey": "{PUBLIC_KEY_INVOKER}",
+               "apiInvokerCertificate": "apiInvokerCertificate"
+  },
+  "requestTestNotification": true
+}
+```
+
+After receiving the request, the CAPIF core should check if the invoker can be onboard. In case it can be onboard, the CAPIF core will create the API invoker Profile consisting of an API invoker Identifier, Authentication Information, Authorization Information and CAPIF Identity Information. In this implementation, Keycloak is used to manage identity information.
+
+### Discover published service APIs and retrieve a collection of APIs according to certain filter criteria.
+
+This service operation is used by an API invoker to discover service API available at the CAPIF core function.
+
+<img src="docs/Discover Service API.svg">
+
+If the invoker is authorized to discover the service APIs, the CAPIF core function search the API registry for APIs matching the query criteria and return the filtered search results in the response message.
+
+
+### Obtain Security method
+
+This service operation is used by an API invoker to negotiate and obtain information about service API security method for itself with CAPIF core function.
+
+<img src="docs/Obtain Security Method.svg">
+
+The invoker sends a request to the CAPIF core including Security Method Request and a Notification Destination URI for security related notifications. The Security Method Request contains the unique interface details of the service APIs and may contain a preferred security method for each unique service API interface.
+
+Example of SecurityService:
+
+```
+{
+  "notificationDestination": "http://invoker-app:8086/callback",
+  "supportedFeatures": "fffffff",
+  "securityInfo": [
+    {
+      "aefId": "AEF_id_rApp_as_AEF",
+      "apiId": "api_id_example",
+      "prefSecurityMethods": [
+        "PSK"
+      ],
+      "selSecurityMethod": "PSK"
+    }
+  ],
+  "requestTestNotification": true
+}
+```
+
+
+### Obtain Authorization
+
+This service operation is used by an API invoker to obtain authorization to access service APIs.
+
+<img src="docs/Obtain Access Token.svg">
+
+On success, "200 OK" will be returned. The payload body of the response contains the requested access token, the token type and the expiration time for the token. The access token is a JSON Web Token (JWT).
+
+## Build application
+
+To build the application, run the following command:
+
+    go build
+
+The application can also be built as a Docker image, by using the following command:
+
+    docker build . -t capifprov
+
+## Run
+
+To run the provider from the command line, run the following commands from this folder.
+
+    ./capifprov [-port <port (default 9090)>] [-capifCoreUrl <URL to Capif core (default http://localhost:8090)>] [-loglevel <log level (default Info)>]
diff --git a/invoker/docs/Discover Service API.svg b/invoker/docs/Discover Service API.svg
new file mode 100644 (file)
index 0000000..71e35c6
--- /dev/null
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="586px" preserveAspectRatio="none" style="width:813px;height:586px;background:#FFFFFF;" version="1.1" viewBox="0 0 813 586" width="813px" zoomAndPan="magnify"><defs/><g><rect fill="#DDDDDD" height="574.9844" style="stroke:#181818;stroke-width:0.5;" width="613" x="188" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="104" x="442.5" y="18.0669">CAPIF Internal</text><rect fill="#FFFF00" height="386.3906" style="stroke:#000000;stroke-width:1.5;" width="797" x="10" y="98.2969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="67" x2="67" y1="81.2969" y2="501.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="230" x2="230" y1="81.2969" y2="501.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="414" x2="414" y1="81.2969" y2="501.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="577" x2="577" y1="81.2969" y2="501.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="740" x2="740" y1="81.2969" y2="501.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="89" x="20" y="77.9951">InvokerClient</text><ellipse cx="67.5" cy="13.5" fill="#E2E2F0" rx="8" ry="8" style="stroke:#181818;stroke-width:0.5;"/><path d="M67.5,21.5 L67.5,48.5 M54.5,29.5 L80.5,29.5 M67.5,48.5 L54.5,63.5 M67.5,48.5 L80.5,63.5 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="89" x="20" y="513.6826">InvokerClient</text><ellipse cx="67.5" cy="525.4844" fill="#E2E2F0" rx="8" ry="8" style="stroke:#181818;stroke-width:0.5;"/><path d="M67.5,533.4844 L67.5,560.4844 M54.5,541.4844 L80.5,541.4844 M67.5,560.4844 L54.5,575.4844 M67.5,560.4844 L80.5,575.4844 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="192" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="199" y="69.9951">capifcore</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="192" y="500.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="199" y="520.6826">capifcore</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="121" x="354" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="107" x="361" y="69.9951">discoverservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="121" x="354" y="500.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="107" x="361" y="520.6826">discoverservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="521" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="528" y="69.9951">invokerservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="521" y="500.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="528" y="520.6826">invokerservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="684" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="691" y="69.9951">publishservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="684" y="500.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="691" y="520.6826">publishservice</text><path d="M10,98.2969 L74,98.2969 L74,105.4297 L64,115.4297 L10,115.4297 L10,98.2969 " fill="#FFFF00" style="stroke:#000000;stroke-width:1.5;"/><rect fill="none" height="386.3906" style="stroke:#000000;stroke-width:1.5;" width="797" x="10" y="98.2969"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="19" x="25" y="111.3638">alt</text><text fill="#000000" font-family="sans-serif" font-size="11" font-weight="bold" lengthAdjust="spacing" textLength="123" x="89" y="110.5073">[Discover Services]</text><polygon fill="#181818" points="218.5,162.8281,228.5,166.8281,218.5,170.8281,222.5,166.8281" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="67.5" x2="224.5" y1="166.8281" y2="166.8281"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="111" x="74.5" y="131.4966">Discover services</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="105" x="78.5" y="146.6294">with apiInvokerId</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="135" x="78.5" y="161.7622">and filter parameters</text><polygon fill="#181818" points="402.5,207.0938,412.5,211.0938,402.5,215.0938,406.5,211.0938" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="230.5" x2="408.5" y1="211.0938" y2="211.0938"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="237.5" y="190.895">Get services available</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="92" x="241.5" y="206.0278">for the invoker</text><polygon fill="#181818" points="565.5,251.3594,575.5,255.3594,565.5,259.3594,569.5,255.3594" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="414.5" x2="571.5" y1="255.3594" y2="255.3594"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="421.5" y="235.1606">Get services available</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="92" x="425.5" y="250.2935">for the invoker</text><polygon fill="#181818" points="728.5,280.4922,738.5,284.4922,728.5,288.4922,732.5,284.4922" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="577.5" x2="734.5" y1="284.4922" y2="284.4922"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="584.5" y="279.4263">Get available services</text><polygon fill="#181818" points="588.5,309.625,578.5,313.625,588.5,317.625,584.5,313.625" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="582.5" x2="739.5" y1="313.625" y2="313.625"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="113" x="594.5" y="308.5591">Available services</text><polygon fill="#181818" points="425.5,353.8906,415.5,357.8906,425.5,361.8906,421.5,357.8906" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="419.5" x2="576.5" y1="357.8906" y2="357.8906"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="114" x="431.5" y="337.6919">Services available</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="92" x="431.5" y="352.8247">for the invoker</text><polygon fill="#181818" points="241.5,413.2891,231.5,417.2891,241.5,421.2891,237.5,417.2891" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="235.5" x2="413.5" y1="417.2891" y2="417.2891"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="160" x="247.5" y="381.9575">Services available for the</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="135" x="251.5" y="397.0903">invoker matching the</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="107" x="251.5" y="412.2231">filter parameters</text><polygon fill="#181818" points="78.5,472.6875,68.5,476.6875,78.5,480.6875,74.5,476.6875" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="72.5" x2="229.5" y1="476.6875" y2="476.6875"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="114" x="84.5" y="441.356">Services available</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="85" x="88.5" y="456.4888">matching the</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="107" x="88.5" y="471.6216">filter parameters</text><!--MD5=[b3b8604926711cafbc07a23b2bb04255]
+@startuml Discover Service API\r
+actor InvokerClient\r
+box "CAPIF Internal"\r
+participant capifcore\r
+participant discoverservice\r
+participant invokerservice\r
+participant publishservice\r
+end box\r
+\r
+alt#Yellow #Yellow Discover Services\r
+    InvokerClient->capifcore: Discover services\n with apiInvokerId\n and filter parameters\r
+    capifcore->discoverservice: Get services available\n for the invoker\r
+    discoverservice->invokerservice: Get services available\n for the invoker\r
+    invokerservice->publishservice: Get available services\r
+    publishservice->invokerservice: Available services\r
+    invokerservice->discoverservice: Services available \nfor the invoker\r
+    discoverservice->capifcore: Services available for the\n invoker matching the\n filter parameters\r
+    capifcore->InvokerClient: Services available\n matching the\n filter parameters\r
+end\r
+\r
+@enduml\r
+
+PlantUML version 1.2022.7(Mon Aug 22 19:01:30 CEST 2022)
+(GPL source distribution)
+Java Runtime: OpenJDK Runtime Environment
+JVM: OpenJDK 64-Bit Server VM
+Default Encoding: UTF-8
+Language: en
+Country: null
+--></g></svg>
\ No newline at end of file
diff --git a/invoker/docs/Obtain Access Token.svg b/invoker/docs/Obtain Access Token.svg
new file mode 100644 (file)
index 0000000..09eabbb
--- /dev/null
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="658px" preserveAspectRatio="none" style="width:851px;height:658px;background:#FFFFFF;" version="1.1" viewBox="0 0 851 658" width="851px" zoomAndPan="magnify"><defs/><g><rect fill="#DDDDDD" height="646.9844" style="stroke:#181818;stroke-width:0.5;" width="634" x="121" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="104" x="386" y="18.0669">CAPIF Internal</text><rect fill="#ADD8E6" height="458.3906" style="stroke:#000000;stroke-width:1.5;" width="835" x="10" y="98.2969"/><rect fill="#FA8072" height="148.7969" style="stroke:#000000;stroke-width:1.5;" width="559" x="202" y="298.3594"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="67" x2="67" y1="81.2969" y2="573.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="163" x2="163" y1="81.2969" y2="573.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="270" x2="270" y1="81.2969" y2="573.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="430" x2="430" y1="81.2969" y2="573.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="553" x2="553" y1="81.2969" y2="573.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="685" x2="685" y1="81.2969" y2="573.6875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="798" x2="798" y1="81.2969" y2="573.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="89" x="20" y="77.9951">InvokerClient</text><ellipse cx="67.5" cy="13.5" fill="#E2E2F0" rx="8" ry="8" style="stroke:#181818;stroke-width:0.5;"/><path d="M67.5,21.5 L67.5,48.5 M54.5,29.5 L80.5,29.5 M67.5,48.5 L54.5,63.5 M67.5,48.5 L80.5,63.5 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="89" x="20" y="585.6826">InvokerClient</text><ellipse cx="67.5" cy="597.4844" fill="#E2E2F0" rx="8" ry="8" style="stroke:#181818;stroke-width:0.5;"/><path d="M67.5,605.4844 L67.5,632.4844 M54.5,613.4844 L80.5,613.4844 M67.5,632.4844 L54.5,647.4844 M67.5,632.4844 L80.5,647.4844 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="125" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="132" y="69.9951">capifcore</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="125" y="572.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="132" y="592.6826">capifcore</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="117" x="212" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="103" x="219" y="69.9951">securityservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="117" x="212" y="572.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="103" x="219" y="592.6826">securityservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="374" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="381" y="69.9951">invokerservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="374" y="572.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="381" y="592.6826">invokerservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="497" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="504" y="69.9951">publishservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="497" y="572.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="504" y="592.6826">publishservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="131" x="620" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="117" x="627" y="69.9951">providermanager</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="131" x="620" y="572.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="117" x="627" y="592.6826">providermanager</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="74" x="761" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="60" x="768" y="69.9951">keycloak</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="74" x="761" y="572.6875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="60" x="768" y="592.6826">keycloak</text><path d="M10,98.2969 L74,98.2969 L74,105.4297 L64,115.4297 L10,115.4297 L10,98.2969 " fill="#ADD8E6" style="stroke:#000000;stroke-width:1.5;"/><rect fill="none" height="458.3906" style="stroke:#000000;stroke-width:1.5;" width="835" x="10" y="98.2969"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="19" x="25" y="111.3638">alt</text><text fill="#000000" font-family="sans-serif" font-size="11" font-weight="bold" lengthAdjust="spacing" textLength="113" x="89" y="110.5073">[Security Service]</text><polygon fill="#181818" points="258.5,162.8281,268.5,166.8281,258.5,170.8281,262.5,166.8281" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="67.5" x2="264.5" y1="166.8281" y2="166.8281"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="92" x="74.5" y="131.4966">Request token</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="95" x="78.5" y="146.6294">for service with</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="107" x="78.5" y="161.7622">AccessTokenReq</text><polygon fill="#181818" points="418.5,191.9609,428.5,195.9609,418.5,199.9609,422.5,195.9609" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="270.5" x2="424.5" y1="195.9609" y2="195.9609"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="136" x="277.5" y="190.895">Is invoker registered?</text><polygon fill="#181818" points="281.5,221.0938,271.5,225.0938,281.5,229.0938,277.5,225.0938" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="275.5" x2="429.5" y1="225.0938" y2="225.0938"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="17" x="287.5" y="220.0278">Ok</text><polygon fill="#181818" points="786,250.2266,796,254.2266,786,258.2266,790,254.2266" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="270.5" x2="792" y1="254.2266" y2="254.2266"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="94" x="277.5" y="249.1606">Is secret valid?</text><polygon fill="#181818" points="281.5,279.3594,271.5,283.3594,281.5,287.3594,277.5,283.3594" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="275.5" x2="797" y1="283.3594" y2="283.3594"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="17" x="287.5" y="278.2935">Ok</text><path d="M202,298.3594 L266,298.3594 L266,305.4922 L256,315.4922 L202,315.4922 L202,298.3594 " fill="#FA8072" style="stroke:#000000;stroke-width:1.5;"/><rect fill="none" height="148.7969" style="stroke:#000000;stroke-width:1.5;" width="559" x="202" y="298.3594"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="19" x="217" y="311.4263">alt</text><text fill="#000000" font-family="sans-serif" font-size="11" font-weight="bold" lengthAdjust="spacing" textLength="91" x="281" y="310.5698">[Check scope]</text><polygon fill="#181818" points="673.5,347.7578,683.5,351.7578,673.5,355.7578,677.5,351.7578" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="270.5" x2="679.5" y1="351.7578" y2="351.7578"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="127" x="277.5" y="331.5591">Is function providing</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="121" x="281.5" y="346.6919">service registered?</text><polygon fill="#181818" points="281.5,376.8906,271.5,380.8906,281.5,384.8906,277.5,380.8906" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="275.5" x2="684.5" y1="380.8906" y2="380.8906"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="17" x="287.5" y="375.8247">Ok</text><polygon fill="#181818" points="541.5,406.0234,551.5,410.0234,541.5,414.0234,545.5,410.0234" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="270.5" x2="547.5" y1="410.0234" y2="410.0234"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="131" x="277.5" y="404.9575">Is service published?</text><polygon fill="#181818" points="281.5,435.1563,271.5,439.1563,281.5,443.1563,277.5,439.1563" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="275.5" x2="552.5" y1="439.1563" y2="439.1563"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="17" x="287.5" y="434.0903">Ok</text><polygon fill="#181818" points="786,471.2891,796,475.2891,786,479.2891,790,475.2891" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="270.5" x2="792" y1="475.2891" y2="475.2891"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="61" x="277.5" y="470.2231">get token</text><polygon fill="#181818" points="281.5,500.4219,271.5,504.4219,281.5,508.4219,277.5,504.4219" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="275.5" x2="797" y1="504.4219" y2="504.4219"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="61" x="287.5" y="499.356">JWT token</text><polygon fill="#181818" points="78.5,544.6875,68.5,548.6875,78.5,552.6875,74.5,548.6875" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="72.5" x2="269.5" y1="548.6875" y2="548.6875"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="106" x="84.5" y="528.4888">AccessTokenRsp</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="65" x="88.5" y="543.6216">with token</text><!--MD5=[cf0e5c23bdd9f8d1a05ebf4c879ed7c6]
+@startuml Obtain Access Token\r
+actor InvokerClient\r
+\r
+box "CAPIF Internal"\r
+participant capifcore\r
+participant securityservice\r
+participant invokerservice\r
+participant publishservice\r
+participant providermanager\r
+end box\r
+participant keycloak\r
+\r
+alt#LightBlue #LightBlue Security Service\r
+        InvokerClient->securityservice: Request token\n for service with\n AccessTokenReq\r
+        securityservice->invokerservice: Is invoker registered?\r
+        invokerservice->securityservice: Ok\r
+        securityservice->keycloak: Is secret valid?\r
+        keycloak->securityservice: Ok\r
+        alt#Salmon #Salmon Check scope\r
+            securityservice->providermanager: Is function providing\n service registered?\r
+            providermanager->securityservice: Ok\r
+            securityservice->publishservice: Is service published?\r
+            publishservice->securityservice: Ok\r
+        end\r
+        securityservice->keycloak: get token\r
+        keycloak->securityservice: JWT token\r
+        securityservice->InvokerClient: AccessTokenRsp\n with token\r
+    end\r
+\r
+@enduml\r
+
+PlantUML version 1.2022.7(Mon Aug 22 19:01:30 CEST 2022)
+(GPL source distribution)
+Java Runtime: OpenJDK Runtime Environment
+JVM: OpenJDK 64-Bit Server VM
+Default Encoding: UTF-8
+Language: en
+Country: null
+--></g></svg>
\ No newline at end of file
diff --git a/invoker/docs/Obtain Security Method.svg b/invoker/docs/Obtain Security Method.svg
new file mode 100644 (file)
index 0000000..368bdb0
--- /dev/null
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="511px" preserveAspectRatio="none" style="width:659px;height:511px;background:#FFFFFF;" version="1.1" viewBox="0 0 659 511" width="659px" zoomAndPan="magnify"><defs/><g><rect fill="#DDDDDD" height="499.3203" style="stroke:#181818;stroke-width:0.5;" width="526" x="121" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="104" x="332" y="18.0669">CAPIF Internal</text><rect fill="#FFC0CB" height="310.7266" style="stroke:#000000;stroke-width:1.5;" width="643" x="10" y="98.2969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="67" x2="67" y1="81.2969" y2="426.0234"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="163" x2="163" y1="81.2969" y2="426.0234"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="303" x2="303" y1="81.2969" y2="426.0234"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="463" x2="463" y1="81.2969" y2="426.0234"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="586" x2="586" y1="81.2969" y2="426.0234"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="89" x="20" y="77.9951">InvokerClient</text><ellipse cx="67.5" cy="13.5" fill="#E2E2F0" rx="8" ry="8" style="stroke:#181818;stroke-width:0.5;"/><path d="M67.5,21.5 L67.5,48.5 M54.5,29.5 L80.5,29.5 M67.5,48.5 L54.5,63.5 M67.5,48.5 L80.5,63.5 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="89" x="20" y="438.0186">InvokerClient</text><ellipse cx="67.5" cy="449.8203" fill="#E2E2F0" rx="8" ry="8" style="stroke:#181818;stroke-width:0.5;"/><path d="M67.5,457.8203 L67.5,484.8203 M54.5,465.8203 L80.5,465.8203 M67.5,484.8203 L54.5,499.8203 M67.5,484.8203 L80.5,499.8203 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="125" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="132" y="69.9951">capifcore</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="125" y="425.0234"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="132" y="445.0186">capifcore</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="117" x="245" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="103" x="252" y="69.9951">securityservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="117" x="245" y="425.0234"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="103" x="252" y="445.0186">securityservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="407" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="414" y="69.9951">invokerservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="407" y="425.0234"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="414" y="445.0186">invokerservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="530" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="537" y="69.9951">publishservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="530" y="425.0234"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="537" y="445.0186">publishservice</text><path d="M10,98.2969 L74,98.2969 L74,105.4297 L64,115.4297 L10,115.4297 L10,98.2969 " fill="#FFC0CB" style="stroke:#000000;stroke-width:1.5;"/><rect fill="none" height="310.7266" style="stroke:#000000;stroke-width:1.5;" width="643" x="10" y="98.2969"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="19" x="25" y="111.3638">alt</text><text fill="#000000" font-family="sans-serif" font-size="11" font-weight="bold" lengthAdjust="spacing" textLength="113" x="89" y="110.5073">[Security Service]</text><polygon fill="#181818" points="291.5,162.8281,301.5,166.8281,291.5,170.8281,295.5,166.8281" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="67.5" x2="297.5" y1="166.8281" y2="166.8281"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="160" x="74.5" y="131.4966">Request security method</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="95" x="78.5" y="146.6294">for service with</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="155" x="78.5" y="161.7622">SecurityService Request</text><polygon fill="#181818" points="451.5,191.9609,461.5,195.9609,451.5,199.9609,455.5,195.9609" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="303.5" x2="457.5" y1="195.9609" y2="195.9609"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="136" x="310.5" y="190.895">Is invoker registered?</text><polygon fill="#181818" points="314.5,221.0938,304.5,225.0938,314.5,229.0938,310.5,225.0938" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="308.5" x2="462.5" y1="225.0938" y2="225.0938"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="17" x="320.5" y="220.0278">Ok</text><polygon fill="#181818" points="574.5,250.2266,584.5,254.2266,574.5,258.2266,578.5,254.2266" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="303.5" x2="580.5" y1="254.2266" y2="254.2266"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="131" x="310.5" y="249.1606">Is service published?</text><polygon fill="#181818" points="314.5,279.3594,304.5,283.3594,314.5,287.3594,310.5,283.3594" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="308.5" x2="585.5" y1="283.3594" y2="283.3594"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="17" x="320.5" y="278.2935">Ok</text><polygon fill="#181818" points="574.5,323.625,584.5,327.625,574.5,331.625,578.5,327.625" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="303.5" x2="580.5" y1="327.625" y2="327.625"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="222" x="310.5" y="307.4263">Determine the security method for</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="164" x="314.5" y="322.5591">each service API interface</text><polygon fill="#181818" points="314.5,352.7578,304.5,356.7578,314.5,360.7578,310.5,356.7578" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="308.5" x2="585.5" y1="356.7578" y2="356.7578"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="181" x="320.5" y="351.6919">Compatible security method</text><polygon fill="#181818" points="78.5,397.0234,68.5,401.0234,78.5,405.0234,74.5,401.0234" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="72.5" x2="302.5" y1="401.0234" y2="401.0234"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="165" x="84.5" y="380.8247">SecurityService Response</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="208" x="88.5" y="395.9575">with compatible security method</text><!--MD5=[7e91cf5d9c1c92a05b382ae10f455965]
+@startuml Obtain Security Method\r
+actor InvokerClient\r
+\r
+box "CAPIF Internal"\r
+participant capifcore\r
+participant securityservice\r
+participant invokerservice\r
+participant publishservice\r
+\r
+end box\r
+\r
+alt#Pink #Pink Security Service\r
+    InvokerClient->securityservice: Request security method\n for service with\n SecurityService Request\r
+    securityservice->invokerservice: Is invoker registered?\r
+    invokerservice->securityservice: Ok\r
+    securityservice->publishservice: Is service published?\r
+    publishservice->securityservice: Ok\r
+    securityservice->publishservice: Determine the security method for\n each service API interface\r
+    publishservice->securityservice: Compatible security method\r
+    securityservice->InvokerClient: SecurityService Response\n with compatible security method\r
+end\r
+\r
+@enduml\r
+
+PlantUML version 1.2022.7(Mon Aug 22 19:01:30 CEST 2022)
+(GPL source distribution)
+Java Runtime: OpenJDK Runtime Environment
+JVM: OpenJDK 64-Bit Server VM
+Default Encoding: UTF-8
+Language: en
+Country: null
+--></g></svg>
\ No newline at end of file
diff --git a/invoker/docs/Onboarding new invoker.svg b/invoker/docs/Onboarding new invoker.svg
new file mode 100644 (file)
index 0000000..f7e5b13
--- /dev/null
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="700px" preserveAspectRatio="none" style="width:996px;height:700px;background:#FFFFFF;" version="1.1" viewBox="0 0 996 700" width="996px" zoomAndPan="magnify"><defs/><g><rect fill="#DDDDDD" height="688.1172" style="stroke:#181818;stroke-width:0.5;" width="610" x="239" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="82" x="503" y="18.0669">CAPIF Core</text><rect fill="#98FB98" height="499.5234" style="stroke:#000000;stroke-width:1.5;" width="980" x="10" y="98.2969"/><rect fill="#FA8072" height="132.6641" style="stroke:#000000;stroke-width:1.5;" width="928" x="20" y="458.1563"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="77" x2="77" y1="81.2969" y2="614.8203"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="281" x2="281" y1="81.2969" y2="614.8203"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="513" x2="513" y1="81.2969" y2="614.8203"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="676" x2="676" y1="81.2969" y2="614.8203"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="794" x2="794" y1="81.2969" y2="614.8203"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="943" x2="943" y1="81.2969" y2="614.8203"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="89" x="30" y="77.9951">InvokerClient</text><ellipse cx="77.5" cy="13.5" fill="#E2E2F0" rx="8" ry="8" style="stroke:#181818;stroke-width:0.5;"/><path d="M77.5,21.5 L77.5,48.5 M64.5,29.5 L90.5,29.5 M77.5,48.5 L64.5,63.5 M77.5,48.5 L90.5,63.5 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="89" x="30" y="626.8154">InvokerClient</text><ellipse cx="77.5" cy="638.6172" fill="#E2E2F0" rx="8" ry="8" style="stroke:#181818;stroke-width:0.5;"/><path d="M77.5,646.6172 L77.5,673.6172 M64.5,654.6172 L90.5,654.6172 M77.5,673.6172 L64.5,688.6172 M77.5,673.6172 L90.5,688.6172 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="243" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="250" y="69.9951">capifcore</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="243" y="613.8203"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="250" y="633.8154">capifcore</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="457" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="464" y="69.9951">invokerservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="457" y="613.8203"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="464" y="633.8154">invokerservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="620" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="627" y="69.9951">publishservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="113" x="620" y="613.8203"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="627" y="633.8154">publishservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="102" x="743" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="88" x="750" y="69.9951">eventservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="102" x="743" y="613.8203"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="88" x="750" y="633.8154">eventservice</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="74" x="906" y="50"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="60" x="913" y="69.9951">keycloak</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="74" x="906" y="613.8203"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="60" x="913" y="633.8154">keycloak</text><path d="M10,98.2969 L74,98.2969 L74,105.4297 L64,115.4297 L10,115.4297 L10,98.2969 " fill="#98FB98" style="stroke:#000000;stroke-width:1.5;"/><rect fill="none" height="499.5234" style="stroke:#000000;stroke-width:1.5;" width="980" x="10" y="98.2969"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="19" x="25" y="111.3638">alt</text><text fill="#000000" font-family="sans-serif" font-size="11" font-weight="bold" lengthAdjust="spacing" textLength="116" x="89" y="110.5073">[Onboard Invoker]</text><polygon fill="#181818" points="269.5,147.6953,279.5,151.6953,269.5,155.6953,273.5,151.6953" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="77.5" x2="275.5" y1="151.6953" y2="151.6953"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="131" x="84.5" y="131.4966">Register invoker with</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="176" x="88.5" y="146.6294">APIInvokerEnrolmentDetails</text><polygon fill="#181818" points="501.5,176.8281,511.5,180.8281,501.5,184.8281,505.5,180.8281" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="281.5" x2="507.5" y1="180.8281" y2="180.8281"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="208" x="288.5" y="175.7622">Creates a new API Invoker profile</text><line style="stroke:#181818;stroke-width:1.0;" x1="513.5" x2="555.5" y1="209.9609" y2="209.9609"/><line style="stroke:#181818;stroke-width:1.0;" x1="555.5" x2="555.5" y1="209.9609" y2="222.9609"/><line style="stroke:#181818;stroke-width:1.0;" x1="514.5" x2="555.5" y1="222.9609" y2="222.9609"/><polygon fill="#181818" points="524.5,218.9609,514.5,222.9609,524.5,226.9609,520.5,222.9609" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="123" x="520.5" y="204.895">Create apiInvokerId</text><polygon fill="#181818" points="931,263.2266,941,267.2266,931,271.2266,935,267.2266" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="513.5" x2="937" y1="267.2266" y2="267.2266"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="143" x="520.5" y="247.0278">Register client and get</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="114" x="524.5" y="262.1606">onboardingSecret</text><polygon fill="#181818" points="524.5,292.3594,514.5,296.3594,524.5,300.3594,520.5,296.3594" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="518.5" x2="942" y1="296.3594" y2="296.3594"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="114" x="530.5" y="291.2935">onboardingSecret</text><polygon fill="#181818" points="664.5,321.4922,674.5,325.4922,664.5,329.4922,668.5,325.4922" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="513.5" x2="670.5" y1="325.4922" y2="325.4922"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="520.5" y="320.4263">Get available services</text><polygon fill="#181818" points="524.5,350.625,514.5,354.625,524.5,358.625,520.5,354.625" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="518.5" x2="675.5" y1="354.625" y2="354.625"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="113" x="530.5" y="349.5591">Available services</text><polygon fill="#181818" points="292.5,394.8906,282.5,398.8906,292.5,402.8906,288.5,398.8906" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="286.5" x2="512.5" y1="398.8906" y2="398.8906"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="114" x="298.5" y="378.6919">Services available</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="92" x="302.5" y="393.8247">for the invoker</text><polygon fill="#181818" points="88.5,439.1563,78.5,443.1563,88.5,447.1563,84.5,443.1563" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="82.5" x2="280.5" y1="443.1563" y2="443.1563"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="136" x="94.5" y="422.9575">Invoker with invokerId</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="140" x="98.5" y="438.0903">and available services</text><path d="M20,458.1563 L84,458.1563 L84,465.2891 L74,475.2891 L20,475.2891 L20,458.1563 " fill="#FA8072" style="stroke:#000000;stroke-width:1.5;"/><rect fill="none" height="132.6641" style="stroke:#000000;stroke-width:1.5;" width="928" x="20" y="458.1563"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="19" x="35" y="471.2231">alt</text><text fill="#000000" font-family="sans-serif" font-size="11" font-weight="bold" lengthAdjust="spacing" textLength="208" x="99" y="470.3667">[Subscribe to publishing events]</text><polygon fill="#181818" points="782,507.5547,792,511.5547,782,515.5547,786,511.5547" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="77.5" x2="788" y1="511.5547" y2="511.5547"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="127" x="84.5" y="491.356">Subscribe to events</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="144" x="88.5" y="506.4888">with EventSubscription</text><line style="stroke:#181818;stroke-width:1.0;" x1="794" x2="836" y1="540.6875" y2="540.6875"/><line style="stroke:#181818;stroke-width:1.0;" x1="836" x2="836" y1="540.6875" y2="553.6875"/><line style="stroke:#181818;stroke-width:1.0;" x1="795" x2="836" y1="553.6875" y2="553.6875"/><polygon fill="#181818" points="805,549.6875,795,553.6875,805,557.6875,801,553.6875" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="135" x="801" y="535.6216">Create subscriptionId</text><polygon fill="#181818" points="88.5,578.8203,78.5,582.8203,88.5,586.8203,84.5,582.8203" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="82.5" x2="793" y1="582.8203" y2="582.8203"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="88" x="94.5" y="577.7544">subscriptionId</text><!--MD5=[2a2162ad220229cd18e475b9115b1291]
+@startuml Onboarding new invoker\r
+actor InvokerClient\r
+\r
+box "CAPIF Core"\r
+participant capifcore\r
+participant invokerservice\r
+participant publishservice\r
+participant eventservice\r
+end box\r
+\r
+participant keycloak\r
+\r
+\r
+alt#PaleGreen #PaleGreen Onboard Invoker\r
+    InvokerClient->capifcore: Register invoker with\n APIInvokerEnrolmentDetails\r
+    capifcore->invokerservice: Creates a new API Invoker profile\r
+    invokerservice->invokerservice: Create apiInvokerId\r
+    invokerservice->keycloak: Register client and get\n onboardingSecret\r
+    keycloak->invokerservice: onboardingSecret\r
+    invokerservice->publishservice: Get available services\r
+    publishservice->invokerservice: Available services\r
+    invokerservice->capifcore: Services available\n for the invoker\r
+    capifcore->InvokerClient: Invoker with invokerId\n and available services\r
+    alt#Salmon #Salmon Subscribe to publishing events\r
+        InvokerClient->eventservice: Subscribe to events\n with EventSubscription\r
+        eventservice->eventservice: Create subscriptionId\r
+        eventservice->InvokerClient: subscriptionId\r
+    end\r
+end\r
+\r
+@enduml\r
+
+PlantUML version 1.2022.7(Mon Aug 22 19:01:30 CEST 2022)
+(GPL source distribution)
+Java Runtime: OpenJDK Runtime Environment
+JVM: OpenJDK 64-Bit Server VM
+Default Encoding: UTF-8
+Language: en
+Country: null
+--></g></svg>
\ No newline at end of file
diff --git a/invoker/docs/discoveryapi.plantuml b/invoker/docs/discoveryapi.plantuml
new file mode 100644 (file)
index 0000000..8a177f8
--- /dev/null
@@ -0,0 +1,21 @@
+@startuml Discover Service API
+actor InvokerClient
+box "CAPIF Internal"
+participant capifcore
+participant discoverservice
+participant invokerservice
+participant publishservice
+end box
+
+alt#Yellow #Yellow Discover Services
+    InvokerClient->capifcore: Discover services\n with apiInvokerId\n and filter parameters
+    capifcore->discoverservice: Get services available\n for the invoker
+    discoverservice->invokerservice: Get services available\n for the invoker
+    invokerservice->publishservice: Get available services
+    publishservice->invokerservice: Available services
+    invokerservice->discoverservice: Services available \nfor the invoker
+    discoverservice->capifcore: Services available for the\n invoker matching the\n filter parameters
+    capifcore->InvokerClient: Services available\n matching the\n filter parameters
+end
+
+@enduml
\ No newline at end of file
diff --git a/invoker/docs/onboardinvoker.plantuml b/invoker/docs/onboardinvoker.plantuml
new file mode 100644 (file)
index 0000000..c9f8d2a
--- /dev/null
@@ -0,0 +1,31 @@
+@startuml Onboarding new invoker
+actor InvokerClient
+
+box "CAPIF Core"
+participant capifcore
+participant invokerservice
+participant publishservice
+participant eventservice
+end box
+
+participant keycloak
+
+
+alt#PaleGreen #PaleGreen Onboard Invoker
+    InvokerClient->capifcore: Register invoker with\n APIInvokerEnrolmentDetails
+    capifcore->invokerservice: Creates a new API Invoker profile
+    invokerservice->invokerservice: Create apiInvokerId
+    invokerservice->keycloak: Register client and get\n onboardingSecret
+    keycloak->invokerservice: onboardingSecret
+    invokerservice->publishservice: Get available services
+    publishservice->invokerservice: Available services
+    invokerservice->capifcore: Services available\n for the invoker
+    capifcore->InvokerClient: Invoker with invokerId\n and available services
+    alt#Salmon #Salmon Subscribe to publishing events
+        InvokerClient->eventservice: Subscribe to events\n with EventSubscription
+        eventservice->eventservice: Create subscriptionId
+        eventservice->InvokerClient: subscriptionId
+    end
+end
+
+@enduml
\ No newline at end of file
diff --git a/invoker/docs/securitymethod.plantuml b/invoker/docs/securitymethod.plantuml
new file mode 100644 (file)
index 0000000..5b6dfb5
--- /dev/null
@@ -0,0 +1,23 @@
+@startuml Obtain Security Method
+actor InvokerClient
+
+box "CAPIF Internal"
+participant capifcore
+participant securityservice
+participant invokerservice
+participant publishservice
+
+end box
+
+alt#Pink #Pink Security Service
+    InvokerClient->securityservice: Request security method\n for service with\n SecurityService Request
+    securityservice->invokerservice: Is invoker registered?
+    invokerservice->securityservice: Ok
+    securityservice->publishservice: Is service published?
+    publishservice->securityservice: Ok
+    securityservice->publishservice: Determine the security method for\n each service API interface
+    publishservice->securityservice: Compatible security method
+    securityservice->InvokerClient: SecurityService Response\n with compatible security method
+end
+
+@enduml
\ No newline at end of file
diff --git a/invoker/docs/securityobtaintoken.plantuml b/invoker/docs/securityobtaintoken.plantuml
new file mode 100644 (file)
index 0000000..0e25370
--- /dev/null
@@ -0,0 +1,30 @@
+@startuml Obtain Access Token
+actor InvokerClient
+
+box "CAPIF Internal"
+participant capifcore
+participant securityservice
+participant invokerservice
+participant publishservice
+participant providermanager
+end box
+participant keycloak
+
+alt#LightBlue #LightBlue Security Service
+        InvokerClient->securityservice: Request token\n for service with\n AccessTokenReq
+        securityservice->invokerservice: Is invoker registered?
+        invokerservice->securityservice: Ok
+        securityservice->keycloak: Is secret valid?
+        keycloak->securityservice: Ok
+        alt#Salmon #Salmon Check scope
+            securityservice->providermanager: Is function providing\n service registered?
+            providermanager->securityservice: Ok
+            securityservice->publishservice: Is service published?
+            publishservice->securityservice: Ok
+        end
+        securityservice->keycloak: get token
+        keycloak->securityservice: JWT token
+        securityservice->InvokerClient: AccessTokenRsp\n with token
+    end
+
+@enduml
\ No newline at end of file