search

ging / fiware-idm

OAuth 2.0-based authentication of users and devices, user profile management, Single Sign-On (SSO) and Identity Federation across multiple administration domains.
https://keyrock-fiware.github.io
MIT License
37 stars 81 forks source link

delegationRequestSchema.json incomplete schema #348

Open andrii482 opened 1 year ago

andrii482 commented 1 year ago

looks like delegation request failed because target missing in policySets in delegationRequestSchema.json

{"error":"Invalid mask document","details":[{"keyword":"additionalProperties","dataPath":".delegationRequest.policySets[0]","schemaPath":"#/properties/delegationRequest/properties/policySets/items/additionalProperties","params":{"additionalProperty":"target"},"message":"should NOT have additional properties"}]}

looks like this modification of delegationRequestSchema.json can fix mentioned issue:

{
    "definitions": {
      "accessSubject": {
        "type": "string",
        "pattern": "^\\S+$"
      },
      "type": {
        "type": "string",
        "pattern": "^[^\\s\\*]+$"
      },
      "identifiers": {
        "type": "array",
        "uniqueItems": true,
        "minItems": 1,
        "items": {
          "type": "string",
          "pattern": "^\\S+$"
        }
      },
      "attributes": {
        "type": "array",
        "uniqueItems": true,
        "minItems": 1,
        "items": {
          "type": "string",
          "pattern": "^\\S+$"
        }
      },
      "actions": {
        "type": "array",
        "uniqueItems": true,
        "minItems": 1,
        "items": {
          "type": "string",
          "pattern": "^\\S+$"
        }
      },
      "effect": {
        "type": "string",
        "enum": [
          "Permit",
          "Deny"
        ]
      },
      "rules": {
        "type": "array",
        "minItems": 1,
        "items": {
          "type": "object",
          "required": [ "effect" ],
          "properties": {
            "effect": {
              "$ref": "#/definitions/effect"
            }
          },
          "additionalProperties": {
            "target": {
              "type": "object",
              "additionalProperties": false,
              "required": [ "resource" ],
              "properties": {
                "resource": {
                  "type": "object",
                  "additionalProperties": false,
                  "properties": {
                    "type": {
                      "$ref": "#/definitions/type"
                    },
                    "identifiers": {
                      "$ref": "#/definitions/identifiers"
                    },
                    "attributes": {
                      "$ref": "#/definitions/attributes"
                    }
                  }
                },
                "actions": {
                  "$ref": "#/definitions/actions"
                }
              }
            }
          }
        }
      },
      "target": {
        "type": "object",
        "additionalProperties": false,
        "required": [ "resource", "actions" ],
        "properties": {
          "resource": {
            "type": "object",
            "additionalProperties": false,
            "required": [ "type", "identifiers" ],
            "properties": {
              "type": {
                "$ref": "#/definitions/type"
              },
              "identifiers": {
                "$ref": "#/definitions/identifiers"
              },
              "attributes": {
                "$ref": "#/definitions/attributes"
              }
            }
          },
          "actions": {
            "$ref": "#/definitions/actions"
          },
          "environment": {
            "type": "object",
            "additionalProperties": false,
            "required": [ "serviceProviders" ],
            "properties": {
              "serviceProviders": {
                "type": "array",
                "minItems": 1,
                "items": {
                  "type": "string"
                }
              }
            }
          }
        }
      },
      "policies": {
        "type": "array",
        "minItems": 1,
        "items": {
          "type": "object",
          "additionalProperties": false,
          "required": [ "target", "rules" ],
          "properties": {
            "target": {
              "$ref": "#/definitions/target"
            },
            "rules": {
              "$ref": "#/definitions/rules"
            }
          }
        }
      }
    },

    "type": "object",
    "required": ["delegationRequest"],
    "additionalProperties": false,
    "properties": {
      "delegationRequest": {
        "type": "object",
        "required": [ "policyIssuer", "target", "policySets" ],
        "additionalProperties": false,
        "properties": {
          "policyIssuer": {
            "type": "string",
            "pattern": "^\\S+$"
          },
          "target": {
            "type": "object",
            "additionalProperties": false,
            "required": [ "accessSubject" ],
            "properties": {
              "accessSubject": {
                "$ref": "#/definitions/accessSubject"
              }
            }
          },
          "policySets": {
            "type": "array",
            "minItems": 1,
            "items": {
              "type": "object",
              "additionalProperties": false,
              "required": [ "policies" ],
              "properties": {
                "policies": {
                  "$ref": "#/definitions/policies"
                },
                "target": {
                  "type": "object",
                  "additionalProperties": false,
                  "required": [ "environment" ],
                  "properties": {
                    "environment": {
                      "type": "object",
                      "additionalProperties": false,
                      "required": [ "licenses" ],
                      "properties": {
                        "licenses": {
                          "type": "array",
                          "minItems": 1,
                          "items": {
                            "type": "string"
                          }
                        }
                      }
                    }
                  }
                }
              }
            }
          },
          "delegation_path": {
            "type": "array",
            "items": {
              "type": "string",
              "pattern": "^\\S+$"
            }
          },
          "previous_steps": {
            "type": "array",
            "items": {
              "type": "string",
              "pattern": "^\\S+$"
            }
          }
        }
      }  
    }
}