From 7a7cd9362f99408b78db3eeaaa11492db1279508 Mon Sep 17 00:00:00 2001 From: Luca Cavallaro <4357400+lucacavallaro@users.noreply.github.com> Date: Wed, 6 Sep 2023 16:04:34 +0200 Subject: [PATCH] add apim product --- .../sign/api/backoffice/base_policy.xml | 35 +++ src/domains/sign/api/backoffice/openapi.yaml | 204 ++++++++++++++++++ .../api_product/backoffice/_base_policy.xml | 14 ++ src/domains/sign/apim_v2.tf | 58 +++++ 4 files changed, 311 insertions(+) create mode 100644 src/domains/sign/api/backoffice/base_policy.xml create mode 100644 src/domains/sign/api/backoffice/openapi.yaml create mode 100644 src/domains/sign/api_product/backoffice/_base_policy.xml diff --git a/src/domains/sign/api/backoffice/base_policy.xml b/src/domains/sign/api/backoffice/base_policy.xml new file mode 100644 index 000000000..d7e1f73f4 --- /dev/null +++ b/src/domains/sign/api/backoffice/base_policy.xml @@ -0,0 +1,35 @@ + + + + + + {{io-fn-sign-backoffice-key}} + + + @(context.Subscription.Id) + + + + * + + + * + + +
*
+
+ +
*
+
+
+
+ + + + + + + + + +
diff --git a/src/domains/sign/api/backoffice/openapi.yaml b/src/domains/sign/api/backoffice/openapi.yaml new file mode 100644 index 000000000..b653a0380 --- /dev/null +++ b/src/domains/sign/api/backoffice/openapi.yaml @@ -0,0 +1,204 @@ +openapi: 3.0.3 +info: + title: Firma con IO - Back office API + version: 1.0.0 +servers: + - url: https://api.io.pagopa.it/api/v1/sign/backoffice + description: production +security: + - SubscriptionKey: [] +paths: + /issuers/{subscriptionId}: + get: + operationId: getIssuer + tags: + - Issuer + summary: Get an Issuer by subscriptionId + parameters: + - in: path + name: subscriptionId + required: true + schema: + $ref: "#/components/schemas/Id" + - in: query + name: include + required: false + schema: + type: string + responses: + "200": + description: The Issuer detail + content: + application/json: + schema: + type: object + properties: + id: + type: string + example: 01H9JXXD5T337TDQPDG9677ZRA + institutionId: + type: string + example: 6fcd7f11-4284-4438-92f2-aa583ed8e212 + displayName: + type: string + example: displayName + environment: + type: string + example: test + cidrs: + type: array + items: + type: string + testers: + type: array + items: + type: string + status: + type: string + example: active + createdAt: + type: string + example: "2023-09-05T15:03:28.701Z" + institution: + type: object + properties: + name: + type: string + example: Istituto Romano di San Michele di Roma + productRole: + type: string + example: Operatore + logo: + type: string + issuer: + type: object + properties: + id: + $ref: "#/components/schemas/Id" + type: + type: string + example: PA + supportEmail: + type: string + "400": + $ref: "#/components/responses/BadRequest" + "401": + $ref: "#/components/responses/Unauthorized" + "403": + $ref: "#/components/responses/Forbidden" + "404": + $ref: "#/components/responses/NotFound" + "429": + $ref: "#/components/responses/TooManyRequests" + default: + $ref: "#/components/responses/Unexpected" + +components: + securitySchemes: + SubscriptionKey: + type: apiKey + name: Ocp-Apim-Subscription-Key + in: header + + responses: + NotFound: + description: The specified resource was not found + content: + application/json: + schema: + $ref: "#/components/schemas/ProblemDetail" + + BadRequest: + description: Validation error on body + content: + application/json: + schema: + $ref: "#/components/schemas/ProblemDetail" + + Forbidden: + description: You don't have enough privileges to perform this action + content: + application/json: + schema: + $ref: "#/components/schemas/ProblemDetail" + + Unauthorized: + description: Unauthorized + content: + application/json: + schema: + $ref: "#/components/schemas/ProblemDetail" + + UnprocessableContent: + description: Unprocessable Content + content: + application/json: + schema: + $ref: "#/components/schemas/ProblemDetail" + + TooManyRequests: + description: Too Many Requests + content: + application/json: + schema: + $ref: "#/components/schemas/ProblemDetail" + + Unexpected: + description: Unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/ProblemDetail" + + schemas: + ProblemDetail: + type: object + properties: + type: + type: string + format: uri + description: |- + An absolute URI that identifies the problem type. When dereferenced, + it SHOULD provide human-readable documentation for the problem type + (e.g., using HTML). + default: about:blank + example: https://example.com/problem/constraint-violation + title: + type: string + description: >- + A short, summary of the problem type. Written in english and + readable + + for engineers (usually not suited for non technical stakeholders and + + not localized); example: Service Unavailable + status: + type: integer + format: int32 + description: >- + The HTTP status code generated by the origin server for this + occurrence of the problem. + minimum: 100 + maximum: 600 + exclusiveMaximum: true + example: 200 + detail: + type: string + description: |- + A human readable explanation specific to this occurrence of the + problem. + example: There was an error processing the request + instance: + type: string + format: uri + description: >- + An absolute URI that identifies the specific occurrence of the + problem. It may or may not yield further information if + dereferenced. + + Id: + type: string + description: Entity Id + format: NonEmptyString + example: 01ARZ3NDEKTSV4RRFFQ69G5FAV + x-import: "@pagopa/ts-commons/lib/strings" diff --git a/src/domains/sign/api_product/backoffice/_base_policy.xml b/src/domains/sign/api_product/backoffice/_base_policy.xml new file mode 100644 index 000000000..85cf608b3 --- /dev/null +++ b/src/domains/sign/api_product/backoffice/_base_policy.xml @@ -0,0 +1,14 @@ + + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/domains/sign/apim_v2.tf b/src/domains/sign/apim_v2.tf index 8b9d6de05..89bb990d0 100644 --- a/src/domains/sign/apim_v2.tf +++ b/src/domains/sign/apim_v2.tf @@ -170,3 +170,61 @@ module "apim_v2_io_sign_support_api_v1" { xml_content = file("./api/support/v1/base_policy.xml") } + +# BACK OFFICE + +resource "azurerm_api_management_named_value" "io_fn_sign_backoffice_url_v2" { + name = "io-fn-sign-backoffice-url" + api_management_name = data.azurerm_api_management.apim_v2_api.name + resource_group_name = data.azurerm_api_management.apim_v2_api.resource_group_name + display_name = "io-fn-sign-backoffice-url" + value = format("https://%s-sign-backoffice-app.azurewebsites.net", local.product) +} + +resource "azurerm_api_management_named_value" "io_fn_sign_backoffice_key_v2" { + name = "io-fn-sign-backoffice-key" + api_management_name = data.azurerm_api_management.apim_v2_api.name + resource_group_name = data.azurerm_api_management.apim_v2_api.resource_group_name + display_name = "io-fn-sign-backoffice-key" + value = module.key_vault_secrets.values["io-fn-sign-support-key"].value + secret = true +} + +module "apim_v2_io_sign_backoffice_product" { + source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management_product?ref=v6.20.2" + + product_id = format("%s-sign-backoffice-apim-product", local.product) + display_name = "(IO Sign) Backoffice" + description = "Api Management product for io-sign-backoffice REST APIs" + + api_management_name = data.azurerm_api_management.apim_v2_api.name + resource_group_name = data.azurerm_api_management.apim_v2_api.resource_group_name + + published = true + subscription_required = true + approval_required = false + + policy_xml = file("./api_product/backoffice/_base_policy.xml") +} + +module "apim_v2_io_sign_backoffice_api_v1" { + source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management_api?ref=v6.20.2" + + name = format("%s-sign-backoffice-apim-api", local.product) + api_management_name = data.azurerm_api_management.apim_v2_api.name + resource_group_name = data.azurerm_api_management.apim_v2_api.resource_group_name + product_ids = [module.apim_v2_io_sign_backoffice_product.product_id] + subscription_required = true + service_url = null + + display_name = "(IO Sign) Backoffice API" + description = "io-sign-backoffice REST APIs" + + path = "api/v1/sign/backoffice" + protocols = ["https"] + + content_format = "openapi" + + content_value = file("./api/backoffice/v1/openapi.yaml") + xml_content = file("./api/backoffice/v1/base_policy.xml") +} \ No newline at end of file