145 lines
3.9 KiB
YAML
145 lines
3.9 KiB
YAML
openapi: 3.0.1
|
|
info:
|
|
title: Mainflux Certs service
|
|
description: HTTP API for Certs service
|
|
version: "1.0.0"
|
|
|
|
paths:
|
|
/certs:
|
|
post:
|
|
summary: Creates a certificate for thing
|
|
description: Creates a certificate for thing
|
|
tags:
|
|
- Thing to proxy
|
|
parameters:
|
|
- $ref: "#/components/parameters/Authorization"
|
|
requestBody:
|
|
$ref: "#/components/requestBodies/CertReq"
|
|
responses:
|
|
'201':
|
|
description: Created
|
|
'400':
|
|
description: Failed due to malformed JSON.
|
|
'500':
|
|
description: Unexpected server-side error ocurred.
|
|
/certs/{thingID}:
|
|
get:
|
|
summary: Retrieves certificates
|
|
description: |
|
|
Retrieves a certificates for given thing ID .
|
|
tags:
|
|
- configs
|
|
parameters:
|
|
- $ref: "#/components/parameters/Authorization"
|
|
- $ref: "#/components/parameters/ThingID"
|
|
responses:
|
|
'200':
|
|
$ref: "#/components/responses/CertsRes"
|
|
'404':
|
|
description: |
|
|
Failed to retrieve corresponding certificate.
|
|
'500':
|
|
$ref: "#/components/responses/ServiceError"
|
|
/certs/revoke:
|
|
delete:
|
|
summary: Revokes certificate
|
|
description: |
|
|
Revokes a certificates for given thing ID .
|
|
tags:
|
|
- configs
|
|
parameters:
|
|
- $ref: "#/components/parameters/Authorization"
|
|
- $ref: "#/components/parameters/ThingID"
|
|
responses:
|
|
'200':
|
|
$ref: "#/components/responses/RevokeRes"
|
|
'404':
|
|
description: |
|
|
Failed to revoke corresponding certificate.
|
|
'500':
|
|
$ref: "#/components/responses/ServiceError"
|
|
|
|
components:
|
|
parameters:
|
|
Authorization:
|
|
name: Authorization
|
|
description: User's access token. Used instead of credentials in env or config.toml.
|
|
in: header
|
|
schema:
|
|
type: string
|
|
required: false
|
|
ThingID:
|
|
name: thingID
|
|
description: Thing ID
|
|
in: path
|
|
schema:
|
|
type: string
|
|
required: true
|
|
|
|
schemas:
|
|
Certs:
|
|
type: object
|
|
properties:
|
|
thing_id:
|
|
type: string
|
|
description: Corresponding Mainflux Thing ID.
|
|
client_cert:
|
|
type: string
|
|
description: Client Certificate.
|
|
client_key:
|
|
type: string
|
|
description: Key for the client_cert.
|
|
issuing_ca:
|
|
type: string
|
|
description: CA Certificate that is used to issue client certs, usually intermediate.
|
|
serial:
|
|
type: string
|
|
description: Certificate serial
|
|
expire:
|
|
type: string
|
|
description: Certificate expiry date
|
|
Revoke:
|
|
type: object
|
|
properties:
|
|
revocation_time:
|
|
type: string
|
|
description: Certificate revocation time
|
|
|
|
requestBodies:
|
|
CertReq:
|
|
description: |
|
|
Issues a certificate that is required for mTLS. To create a certificate for a thing
|
|
provide a thing id, data identifying particular thing will be embedded into the Certificate.
|
|
x509 and ECC certificates are supported when using when Vault is used as PKI.
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
required:
|
|
- thing_id
|
|
- days_valid
|
|
- rsa_bits
|
|
properties:
|
|
thing_id:
|
|
type: string
|
|
days_valid:
|
|
type: string
|
|
rsa_bits:
|
|
type: integer
|
|
|
|
responses:
|
|
ServiceError:
|
|
description: Unexpected server-side error occurred.
|
|
CertsRes:
|
|
description: Data retrieved.
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: "#/components/schemas/Certs"
|
|
RevokeRes:
|
|
description: Certificate revoked.
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: "#/components/schemas/Revoke"
|