-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Design Guidelines should provide guidance about sinkCredentials in returned/retrieved subscription objects #276
Comments
This issue is commented also in camaraproject/QualityOnDemand#349, for test definitions: * Should The current proposal does not mandate that |
@jlurien should we craft a SubscriptionOut object (or any other name) in the yaml without the |
We can also return a 201 with a reference to the created subscription in the Location header... which is the common way to handle resource creation in REST. |
@jlurien, @hdamker, @PedroDiez, @eric-murray, @shilpa-padgaonkar, other contributors, 2 proposals "on the table" Proposal 1: In the POST response we send back the 201 as proposed above by @patrice-conil. For the GET response we did not send back the sinkCredential Proposal 2: In the POST response we send back the 200 and the response did no send back the sink credential. This is this representation that is send back in GET response. Both work for us - any comment/recommendation from the communities |
Let me check during this week @bigludo7 |
My view on this: POST /subscriptions:
Then in GET endpoints provide full subscription resource info, taking out sinkCredentials info (is information generated by API CLIENT so it is their responsability to store and it is stored by API Server -Telco Operator- and its responsability to store and manage accordingly during subscription lifecycle). Therefore with this basis no need to return in GET responses sinkCredentials info |
Proposal for camaraproject#276 - POST /subscriptions response will have only `id` - removed `sinkCredentials` from GET representation
+1. Especially with the sinkCredentials of type "access token" and "refresh token". Those tokens you can obtain by executing some OAuth flow, here probably the Client Credential Grant flow. You are not simply given the token, this is not OAuth then, but some sort of twisted API Key. |
Problem description
The Subscription object within the event-subscription-template contains the (optional) attribute sinkCredentials. The CAMARA Design Guidelines do not contain a guidance how to use this attribute if the object is used in responses or retrievals.
The object structure is based on 0.1-wip, which contains the paragraph:
Expected action
A guidance should be added to the Design Guidelines of CAMARA about the handling of
sinkCredentials
, potentially even more strict than the above paragraph (e.g. "Secrets MUST be write-only").Additional context
The text was updated successfully, but these errors were encountered: