Nudr - 3GPP TS 29.504 version 16.4.0 - oAuth2ClientCredentials component not defined - yaml is broken (validation errors)
kpopovic opened this issue · 2 comments
Hello,
-
based on document "3GPP TS 29.504 version 16.4.0 Release 16 (2020-07)" , chapter 6.1.7., Table 6.1.7-1: Oauth2 scopes defined in Nudr_DataRepository API: 3 scopes defined
-
Should yaml be defined like this:
components:
securitySchemes:
oAuth2ClientCredentials:
type: oauth2
description: See https://www.oauth.com/oauth2-servers/access-tokens/client-credentials/
flows:
clientCredentials:
tokenUrl: https://${nrfApiRoot}/oauth2/token
scopes:
nudr-dr: Grant access to the Nudr DataRepository API
nudr-dr:subscriptiondata:authentication-subscription:read: Access to read the AuthenticationSubscription resource of the SubscriptionData data set.
nudr-dr:subscriptiondata:authentication-subscription:modify: Access to update the AuthenticationSubscription resource of the SubscriptionData data set.
- sample how to defined security property: only one(1) oAuth2ClientCredentials needed ?
/subscription-data/{ueId}/authentication-data/authentication-subscription:
get:
summary: Retrieves the authentication subscription data of a UE
operationId: QueryAuthSubsData
tags:
- Authentication Data (Document)
security:
- oAuth2ClientCredentials: []
- Question to clarify:
3GPP TS 29.504 version 16.4.0 Release 16 defined only 3 scopes, but here we also have: nudr-dr:subscription-data (but it doesn't define access operation: modify, read,..on which subscription to apply those grants)
/subscription-data/{ueId}/context-data/location:
get:
summary: Retrieves the UE's Location Information
operationId: QueryUeLocation
tags:
- UE's Location Information (Document)
security:
- {}
- oAuth2ClientCredentials:
- nudr-dr
- oAuth2ClientCredentials:
- nudr-dr
- nudr-dr:subscription-data
thanks a lot, @kpopovic, for reporting this. there is definitely an issue with the scopes in the Rel-16 version of the specs.
as it seems, the problem was originated because the scope "nudr-dr:subscription-data" was added in TS 29.504 in the Rel-17 version of the specs. however, it was recently added by mistake to some resources and operations in the Rel-16 version, and this should not have happened.
I'll make sure the issue is addressed in coming 3GPP meetings. maybe the most straightforward change is to delete this scope from those resources and operations where it was added in Rel-16.