Skip to content

Commit

Permalink
adapt to latest error model from commonalities
Browse files Browse the repository at this point in the history
  • Loading branch information
@fernandopradocabrillo
fernandopradocabrillo committed Dec 20, 2024
1 parent 7112ce4 commit 1b9f17b
Show file tree
Hide file tree
Showing 5 changed files with 1,011 additions and 257 deletions.
296 changes: 218 additions & 78 deletions code/API_definitions/connected-network-type.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,15 +37,24 @@ info:
This API requires the API consumer to identify a device as the subject of the API as follows:
- When the API is invoked using a two-legged access token, the subject will be identified from the optional `device` object, which therefore MUST be provided.
- When a three-legged access token is used however, this optional identifier MUST NOT be provided, as the subject will be uniquely identified from the access token.
This approach simplifies API usage for API consumers using a three-legged access token to invoke the API by relying on the information that is associated with the access token and was identified during the authentication process.
## Error handling:
- If the subject cannot be identified from the access token and the optional `device` object is not included in the request, then the server will return an error with the `422 MISSING_IDENTIFIER` error code.
- If the subject can be identified from the access token and the optional `device` object is also included in the request, then the server will return an error with the `422 UNNECESSARY_IDENTIFIER` error code. This will be the case even if the same device is identified by these two methods, as the server is unable to make this comparison.
# Authorization and authentication
The "Camara Security and Interoperability Profile" provides details of how an API consumer requests an access token. Please refer to Identity and Consent Management (https://github.com/camaraproject/IdentityAndConsentManagement/) for the released version of the profile.
The specific authorization flows to be used will be agreed upon during the onboarding process, happening between the provider of the application consuming the API and the operator's API exposure platform, taking into account the declared purpose for accessing the API, whilst also being subject to the prevailing legal framework dictated by local legislation.
In cases where personal data is processed by the API and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of three-legged access tokens is mandatory. This ensures that the API remains in compliance with privacy regulations, upholding the principles of transparency and user-centric privacy-by-design.
## Further info and support
(FAQs will be added in a later version of the documentation)
Expand Down Expand Up @@ -117,11 +126,15 @@ paths:
"401":
$ref: "#/components/responses/Generic401"
"403":
$ref: "#/components/responses/ConnectedNetworkTypePermissionDenied403"
$ref: "#/components/responses/Generic403"
"404":
$ref: "#/components/responses/ConnectedStatusNotFound404"
$ref: "#/components/responses/Generic404"
"409":
$ref: "#/components/responses/Generic409"
"422":
$ref: "#/components/responses/ConnectedStatusUnprocessableEntity422"
$ref: "#/components/responses/Generic422"
"429":
$ref: "#/components/responses/Generic429"
"500":
$ref: "#/components/responses/Generic500"
"503":
Expand Down Expand Up @@ -279,142 +292,269 @@ components:

responses:
Generic400:
description: Problem with the client request
description: Bad Request
headers:
x-correlator:
$ref: '#/components/headers/x-correlator'
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorInfo"
example:
status: 400
code: "INVALID_ARGUMENT"
message: "Client specified an invalid argument, request body or query param"
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 400
code:
enum:
- INVALID_ARGUMENT
examples:
GENERIC_400_INVALID_ARGUMENT:
description: Invalid Argument. Generic Syntax Exception
value:
status: 400
code: INVALID_ARGUMENT
message: Client specified an invalid argument, request body or query param.
Generic401:
description: Authentication problem with the client request
description: Unauthorized
headers:
x-correlator:
$ref: '#/components/headers/x-correlator'
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorInfo"
example:
status: 401
code: "UNAUTHENTICATED"
message: "Request not authenticated due to missing, invalid, or expired credentials"
ConnectedNetworkTypePermissionDenied403:
description: |
Client does not have sufficient permission.
In addition to regular scenario of `PERMISSION_DENIED`, other scenarios may exist:
- Phone number cannot be deducted from access token context.(`{"code": "NUMBER_VERIFICATION.INVALID_TOKEN_CONTEXT","message": "Phone number cannot be deducted from access token context"}`)
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 401
code:
enum:
- UNAUTHENTICATED
examples:
GENERIC_401_UNAUTHENTICATED:
description: Request cannot be authenticated
value:
status: 401
code: UNAUTHENTICATED
message: Request not authenticated due to missing, invalid, or expired credentials.
Generic403:
description: Forbidden
headers:
X-Correlator:
description: Correlation id for the different services
schema:
type: string
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorInfo'
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 403
code:
enum:
- PERMISSION_DENIED
examples:
PermissionDenied:
GENERIC_403_PERMISSION_DENIED:
description: Permission denied. OAuth2 token access does not have the required scope or when the user fails operational security
value:
status: 403
code: "PERMISSION_DENIED"
message: "Client does not have sufficient permissions to perform this action"
ConnectedStatusNotFound404:
description: Resource Not Found
code: PERMISSION_DENIED
message: Client does not have sufficient permissions to perform this action.
Generic404:
description: Not found
headers:
x-correlator:
$ref: '#/components/headers/x-correlator'
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorInfo"
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 404
code:
enum:
- NOT_FOUND
- IDENTIFIER_NOT_FOUND
examples:
NotFound:
GENERIC_404_NOT_FOUND:
description: Resource is not found
value:
status: 404
code: NOT_FOUND
message: "The specified resource is not found"
DeviceIdentifierNotFound:
message: The specified resource is not found.
GENERIC_404_IDENTIFIER_NOT_FOUND:
description: The phone number is not associated with a CSP customer account
value:
status: 404
code: IDENTIFIER_NOT_FOUND
message: Some identifier cannot be matched to a device
message: The phone number provided is not associated with a customer account
Generic409:
description: Conflict
headers:
x-correlator:
$ref: '#/components/headers/x-correlator'
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorInfo"
example:
status: 409
code: CONFLICT
message: "The specified resource is in a conflict"
ConnectedStatusUnprocessableEntity422:
description: Unprocessable Entity
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 409
code:
enum:
- CONFLICT
examples:
GENERIC_409_CONFLICT:
description: Duplication of an existing resource
value:
status: 409
code: CONFLICT
message: A specified resource duplicate entry found.
Generic422:
description: Unprocessable Content
headers:
x-correlator:
$ref: '#/components/headers/x-correlator'
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorInfo"
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 422
code:
enum:
- IDENTIFIER_MISMATCH
- SERVICE_NOT_APPLICABLE
- MISSING_IDENTIFIER
- UNSUPPORTED_IDENTIFIER
- UNNECESSARY_IDENTIFIER
examples:
UnsupportedDeviceIdentifiers:
value:
status: 422
code: UNSUPPORTED_IDENTIFIER
message: "None of the provided device identifiers is supported by the implementation"
InconsistentDeviceIdentifiers:
GENERIC_422_IDENTIFIER_MISMATCH:
description: Inconsistency between identifiers not pointing to the same device
value:
status: 422
code: IDENTIFIER_MISMATCH
message: Device identifiers mismatch
DeviceNotSupported:
message: Provided identifiers are not consistent.
GENERIC_422_SERVICE_NOT_APPLICABLE:
description: Service not applicable for the provided identifier
value:
status: 422
code: SERVICE_NOT_APPLICABLE
message: Service not applicable to the device
UnnecessaryDeviceIdentifier:
message: The service is not available for the provided identifier.
GENERIC_422_MISSING_IDENTIFIER:
description: An identifier is not included in the request and the device or phone number identification cannot be derived from the 3-legged access token
value:
status: 422
code: UNNECESSARY_IDENTIFIER
message: The device is already identified by the access token
MissingIdentifier:
code: MISSING_IDENTIFIER
message: The device cannot be identified.
GENERIC_422_UNSUPPORTED_IDENTIFIER:
description: None of the provided identifiers is supported by the implementation
value:
status: 422
code: MISSING_IDENTIFIER
message: The device cannot be identified
code: UNSUPPORTED_IDENTIFIER
message: The identifier provided is not supported.
GENERIC_422_UNNECESSARY_IDENTIFIER:
description: An explicit identifier is provided when a device or phone number has already been identified from the access token
value:
status: 422
code: UNNECESSARY_IDENTIFIER
message: The device is already identified by the access token.
Generic429:
description: Too Many Requests
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 429
code:
enum:
- QUOTA_EXCEEDED
- TOO_MANY_REQUESTS
examples:
GENERIC_429_QUOTA_EXCEEDED:
description: Request is rejected due to exceeding a business quota limit
value:
status: 429
code: QUOTA_EXCEEDED
message: Either out of resource quota or reaching rate limiting.
GENERIC_429_TOO_MANY_REQUESTS:
description: API Server request limit is overpassed
value:
status: 429
code: TOO_MANY_REQUESTS
message: Either out of resource quota or reaching rate limiting.
Generic500:
description: Server error
description: Internal Server Error
headers:
x-correlator:
$ref: '#/components/headers/x-correlator'
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorInfo"
example:
status: 500
code: "INTERNAL"
message: "Server error"
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 500
code:
enum:
- INTERNAL
examples:
GENERIC_500_INTERNAL:
description: Problem in Server side. Regular Server Exception
value:
status: 500
code: INTERNAL
message: Unknown server error. Typically a server bug.
Generic503:
description: Service unavailable. Typically the server is down.
description: Service Unavailable
headers:
x-correlator:
$ref: '#/components/headers/x-correlator'
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorInfo"
example:
status: 503
code: "UNAVAILABLE"
message: "Service unavailable"
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 503
code:
enum:
- SERVICE_UNAVAILABLE
examples:
GENERIC_503_UNAVAILABLE:
description: Service is not available. Temporary situation usually related to maintenance process in the server side
value:
status: 503
code: UNAVAILABLE
message: Service Unavailable.
Loading

0 comments on commit 1b9f17b

Please sign in to comment.