From 7a7cd9362f99408b78db3eeaaa11492db1279508 Mon Sep 17 00:00:00 2001
From: Luca Cavallaro <4357400+lucacavallaro@users.noreply.github.com>
Date: Wed, 6 Sep 2023 16:04:34 +0200
Subject: [PATCH] add apim product
---
.../sign/api/backoffice/base_policy.xml | 35 +++
src/domains/sign/api/backoffice/openapi.yaml | 204 ++++++++++++++++++
.../api_product/backoffice/_base_policy.xml | 14 ++
src/domains/sign/apim_v2.tf | 58 +++++
4 files changed, 311 insertions(+)
create mode 100644 src/domains/sign/api/backoffice/base_policy.xml
create mode 100644 src/domains/sign/api/backoffice/openapi.yaml
create mode 100644 src/domains/sign/api_product/backoffice/_base_policy.xml
diff --git a/src/domains/sign/api/backoffice/base_policy.xml b/src/domains/sign/api/backoffice/base_policy.xml
new file mode 100644
index 000000000..d7e1f73f4
--- /dev/null
+++ b/src/domains/sign/api/backoffice/base_policy.xml
@@ -0,0 +1,35 @@
+
+
+
+
+
+ {{io-fn-sign-backoffice-key}}
+
+
+ @(context.Subscription.Id)
+
+
+
+ *
+
+
+ *
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/domains/sign/api/backoffice/openapi.yaml b/src/domains/sign/api/backoffice/openapi.yaml
new file mode 100644
index 000000000..b653a0380
--- /dev/null
+++ b/src/domains/sign/api/backoffice/openapi.yaml
@@ -0,0 +1,204 @@
+openapi: 3.0.3
+info:
+ title: Firma con IO - Back office API
+ version: 1.0.0
+servers:
+ - url: https://api.io.pagopa.it/api/v1/sign/backoffice
+ description: production
+security:
+ - SubscriptionKey: []
+paths:
+ /issuers/{subscriptionId}:
+ get:
+ operationId: getIssuer
+ tags:
+ - Issuer
+ summary: Get an Issuer by subscriptionId
+ parameters:
+ - in: path
+ name: subscriptionId
+ required: true
+ schema:
+ $ref: "#/components/schemas/Id"
+ - in: query
+ name: include
+ required: false
+ schema:
+ type: string
+ responses:
+ "200":
+ description: The Issuer detail
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ id:
+ type: string
+ example: 01H9JXXD5T337TDQPDG9677ZRA
+ institutionId:
+ type: string
+ example: 6fcd7f11-4284-4438-92f2-aa583ed8e212
+ displayName:
+ type: string
+ example: displayName
+ environment:
+ type: string
+ example: test
+ cidrs:
+ type: array
+ items:
+ type: string
+ testers:
+ type: array
+ items:
+ type: string
+ status:
+ type: string
+ example: active
+ createdAt:
+ type: string
+ example: "2023-09-05T15:03:28.701Z"
+ institution:
+ type: object
+ properties:
+ name:
+ type: string
+ example: Istituto Romano di San Michele di Roma
+ productRole:
+ type: string
+ example: Operatore
+ logo:
+ type: string
+ issuer:
+ type: object
+ properties:
+ id:
+ $ref: "#/components/schemas/Id"
+ type:
+ type: string
+ example: PA
+ supportEmail:
+ type: string
+ "400":
+ $ref: "#/components/responses/BadRequest"
+ "401":
+ $ref: "#/components/responses/Unauthorized"
+ "403":
+ $ref: "#/components/responses/Forbidden"
+ "404":
+ $ref: "#/components/responses/NotFound"
+ "429":
+ $ref: "#/components/responses/TooManyRequests"
+ default:
+ $ref: "#/components/responses/Unexpected"
+
+components:
+ securitySchemes:
+ SubscriptionKey:
+ type: apiKey
+ name: Ocp-Apim-Subscription-Key
+ in: header
+
+ responses:
+ NotFound:
+ description: The specified resource was not found
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/ProblemDetail"
+
+ BadRequest:
+ description: Validation error on body
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/ProblemDetail"
+
+ Forbidden:
+ description: You don't have enough privileges to perform this action
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/ProblemDetail"
+
+ Unauthorized:
+ description: Unauthorized
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/ProblemDetail"
+
+ UnprocessableContent:
+ description: Unprocessable Content
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/ProblemDetail"
+
+ TooManyRequests:
+ description: Too Many Requests
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/ProblemDetail"
+
+ Unexpected:
+ description: Unexpected error
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/ProblemDetail"
+
+ schemas:
+ ProblemDetail:
+ type: object
+ properties:
+ type:
+ type: string
+ format: uri
+ description: |-
+ An absolute URI that identifies the problem type. When dereferenced,
+ it SHOULD provide human-readable documentation for the problem type
+ (e.g., using HTML).
+ default: about:blank
+ example: https://example.com/problem/constraint-violation
+ title:
+ type: string
+ description: >-
+ A short, summary of the problem type. Written in english and
+ readable
+
+ for engineers (usually not suited for non technical stakeholders and
+
+ not localized); example: Service Unavailable
+ status:
+ type: integer
+ format: int32
+ description: >-
+ The HTTP status code generated by the origin server for this
+ occurrence of the problem.
+ minimum: 100
+ maximum: 600
+ exclusiveMaximum: true
+ example: 200
+ detail:
+ type: string
+ description: |-
+ A human readable explanation specific to this occurrence of the
+ problem.
+ example: There was an error processing the request
+ instance:
+ type: string
+ format: uri
+ description: >-
+ An absolute URI that identifies the specific occurrence of the
+ problem. It may or may not yield further information if
+ dereferenced.
+
+ Id:
+ type: string
+ description: Entity Id
+ format: NonEmptyString
+ example: 01ARZ3NDEKTSV4RRFFQ69G5FAV
+ x-import: "@pagopa/ts-commons/lib/strings"
diff --git a/src/domains/sign/api_product/backoffice/_base_policy.xml b/src/domains/sign/api_product/backoffice/_base_policy.xml
new file mode 100644
index 000000000..85cf608b3
--- /dev/null
+++ b/src/domains/sign/api_product/backoffice/_base_policy.xml
@@ -0,0 +1,14 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/domains/sign/apim_v2.tf b/src/domains/sign/apim_v2.tf
index 8b9d6de05..89bb990d0 100644
--- a/src/domains/sign/apim_v2.tf
+++ b/src/domains/sign/apim_v2.tf
@@ -170,3 +170,61 @@ module "apim_v2_io_sign_support_api_v1" {
xml_content = file("./api/support/v1/base_policy.xml")
}
+
+# BACK OFFICE
+
+resource "azurerm_api_management_named_value" "io_fn_sign_backoffice_url_v2" {
+ name = "io-fn-sign-backoffice-url"
+ api_management_name = data.azurerm_api_management.apim_v2_api.name
+ resource_group_name = data.azurerm_api_management.apim_v2_api.resource_group_name
+ display_name = "io-fn-sign-backoffice-url"
+ value = format("https://%s-sign-backoffice-app.azurewebsites.net", local.product)
+}
+
+resource "azurerm_api_management_named_value" "io_fn_sign_backoffice_key_v2" {
+ name = "io-fn-sign-backoffice-key"
+ api_management_name = data.azurerm_api_management.apim_v2_api.name
+ resource_group_name = data.azurerm_api_management.apim_v2_api.resource_group_name
+ display_name = "io-fn-sign-backoffice-key"
+ value = module.key_vault_secrets.values["io-fn-sign-support-key"].value
+ secret = true
+}
+
+module "apim_v2_io_sign_backoffice_product" {
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management_product?ref=v6.20.2"
+
+ product_id = format("%s-sign-backoffice-apim-product", local.product)
+ display_name = "(IO Sign) Backoffice"
+ description = "Api Management product for io-sign-backoffice REST APIs"
+
+ api_management_name = data.azurerm_api_management.apim_v2_api.name
+ resource_group_name = data.azurerm_api_management.apim_v2_api.resource_group_name
+
+ published = true
+ subscription_required = true
+ approval_required = false
+
+ policy_xml = file("./api_product/backoffice/_base_policy.xml")
+}
+
+module "apim_v2_io_sign_backoffice_api_v1" {
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management_api?ref=v6.20.2"
+
+ name = format("%s-sign-backoffice-apim-api", local.product)
+ api_management_name = data.azurerm_api_management.apim_v2_api.name
+ resource_group_name = data.azurerm_api_management.apim_v2_api.resource_group_name
+ product_ids = [module.apim_v2_io_sign_backoffice_product.product_id]
+ subscription_required = true
+ service_url = null
+
+ display_name = "(IO Sign) Backoffice API"
+ description = "io-sign-backoffice REST APIs"
+
+ path = "api/v1/sign/backoffice"
+ protocols = ["https"]
+
+ content_format = "openapi"
+
+ content_value = file("./api/backoffice/v1/openapi.yaml")
+ xml_content = file("./api/backoffice/v1/base_policy.xml")
+}
\ No newline at end of file