vrr/open5gs
2
0
Fork 0
mirror of https://github.com/open5gs/open5gs.git synced 2026-05-05 15:24:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
open5gs/lib/sbi/support/r17-20230301-openapitools-6.4.0/standard/TS29503_Nudm_UEAU.yaml
Sukchan Lee 969c116e77 [SBI] Crash occurs when ENUM in the MAP (#2103)
2023-03-01 17:50:25 +09:00

866 lines
25 KiB
YAML
Raw Blame History

openapi: 3.0.0
info:
version: '1.2.1'
title: 'Nudm_UEAU'
description: |
UDM UE Authentication Service.
© 2022, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC).
All rights reserved.
externalDocs:
description: 3GPP TS 29.503 Unified Data Management Services, version 17.9.0
url: 'https://www.3gpp.org/ftp/Specs/archive/29_series/29.503/'
servers:
- url: '{apiRoot}/nudm-ueau/v1'
variables:
apiRoot:
default: https://example.com
description: apiRoot as defined in clause 4.4 of 3GPP TS 29.501.
security:
- oAuth2ClientCredentials:
- nudm-ueau
- {}
paths:
/{supiOrSuci}/security-information/generate-auth-data:
post:
summary: Generate authentication data for the UE
operationId: GenerateAuthData
tags:
- Generate Auth Data
security:
- {}
- oAuth2ClientCredentials:
- nudm-ueau
- oAuth2ClientCredentials:
- nudm-ueau
- nudm-ueau:security-information:generate-auth-data:invoke
parameters:
- name: supiOrSuci
in: path
description: SUPI or SUCI of the user
required: true
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupiOrSuci'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticationInfoRequest'
required: true
responses:
'200':
description: Expected response to a valid request
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticationInfoResult'
'400':
$ref: 'TS29571_CommonData.yaml#/components/responses/400'
'403':
$ref: 'TS29571_CommonData.yaml#/components/responses/403'
'404':
$ref: 'TS29571_CommonData.yaml#/components/responses/404'
'500':
$ref: 'TS29571_CommonData.yaml#/components/responses/500'
'501':
$ref: 'TS29571_CommonData.yaml#/components/responses/501'
'503':
$ref: 'TS29571_CommonData.yaml#/components/responses/503'
default:
description: Unexpected error
/{supiOrSuci}/security-information-rg:
get:
summary: Get authentication data for the FN-RG
operationId: GetRgAuthData
tags:
- Get Auth Data for FN-RG
security:
- {}
- oAuth2ClientCredentials:
- nudm-ueau
- oAuth2ClientCredentials:
- nudm-ueau
- nudm-ueau:security-information-rg:read
parameters:
- name: supiOrSuci
in: path
description: SUPI or SUCI of the user
required: true
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupiOrSuci'
- name: authenticated-ind
in: query
description: Authenticated indication
required: true
schema:
$ref: '#/components/schemas/AuthenticatedInd'
- name: supported-features
in: query
description: Supported Features
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
- name: plmn-id
in: query
description: serving PLMN ID
content:
application/json:
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/PlmnId'
- name: If-None-Match
in: header
description: Validator for conditional requests, as described in RFC 7232, 3.2
schema:
type: string
- name: If-Modified-Since
in: header
description: Validator for conditional requests, as described in RFC 7232, 3.3
schema:
type: string
responses:
'200':
description: Expected response to a valid request
content:
application/json:
schema:
$ref: '#/components/schemas/RgAuthCtx'
'400':
$ref: 'TS29571_CommonData.yaml#/components/responses/400'
'403':
$ref: 'TS29571_CommonData.yaml#/components/responses/403'
'404':
$ref: 'TS29571_CommonData.yaml#/components/responses/404'
'500':
$ref: 'TS29571_CommonData.yaml#/components/responses/500'
'503':
$ref: 'TS29571_CommonData.yaml#/components/responses/503'
default:
description: Unexpected error
/{supi}/auth-events:
post:
summary: Create a new confirmation event
operationId: ConfirmAuth
tags:
- Confirm Auth
security:
- {}
- oAuth2ClientCredentials:
- nudm-ueau
- oAuth2ClientCredentials:
- nudm-ueau
- nudm-ueau:auth-events:create
parameters:
- name: supi
in: path
description: SUPI of the user
required: true
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthEvent'
required: true
responses:
'201':
description: Expected response to a valid request
content:
application/json:
schema:
$ref: '#/components/schemas/AuthEvent'
headers:
Location:
description: 'Contains the URI of the newly created resource, according to the structure: {apiRoot}/nudm-ueau/v1/{supi}/auth-events/{authEventId}'
required: true
schema:
type: string
'400':
$ref: 'TS29571_CommonData.yaml#/components/responses/400'
'404':
$ref: 'TS29571_CommonData.yaml#/components/responses/404'
'500':
$ref: 'TS29571_CommonData.yaml#/components/responses/500'
'503':
$ref: 'TS29571_CommonData.yaml#/components/responses/503'
default:
description: Unexpected error
/{supi}/hss-security-information/{hssAuthType}/generate-av:
post:
summary: Generate authentication data for the UE in EPS or IMS domain
operationId: GenerateAv
tags:
- Generate HSS Authentication Vectors
security:
- {}
- oAuth2ClientCredentials:
- nudm-ueau
- oAuth2ClientCredentials:
- nudm-ueau
- nudm-ueau:hss-security-information:generate-av:invoke
parameters:
- name: supi
in: path
description: SUPI of the user
required: true
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
- name: hssAuthType
in: path
description: Type of AV requested by HSS
required: true
schema:
$ref: '#/components/schemas/HssAuthTypeInUri'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/HssAuthenticationInfoRequest'
required: true
responses:
'200':
description: Expected response to a valid request
content:
application/json:
schema:
$ref: '#/components/schemas/HssAuthenticationInfoResult'
'400':
$ref: 'TS29571_CommonData.yaml#/components/responses/400'
'403':
$ref: 'TS29571_CommonData.yaml#/components/responses/403'
'404':
$ref: 'TS29571_CommonData.yaml#/components/responses/404'
'500':
$ref: 'TS29571_CommonData.yaml#/components/responses/500'
'501':
$ref: 'TS29571_CommonData.yaml#/components/responses/501'
'503':
$ref: 'TS29571_CommonData.yaml#/components/responses/503'
default:
description: Unexpected error
/{supi}/auth-events/{authEventId}:
put:
summary: Deletes the authentication result in the UDM
operationId: DeleteAuth
tags:
- Delete Auth
security:
- {}
- oAuth2ClientCredentials:
- nudm-ueau
- oAuth2ClientCredentials:
- nudm-ueau
- nudm-ueau:auth-event-id:modify
parameters:
- name: supi
in: path
description: SUPI of the user
required: true
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
- name: authEventId
in: path
description: authEvent Id
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthEvent'
required: true
responses:
'204':
description: Expected response to a successful authentication result removal
'400':
$ref: 'TS29571_CommonData.yaml#/components/responses/400'
'404':
$ref: 'TS29571_CommonData.yaml#/components/responses/404'
'500':
$ref: 'TS29571_CommonData.yaml#/components/responses/500'
'503':
$ref: 'TS29571_CommonData.yaml#/components/responses/503'
default:
$ref: 'TS29571_CommonData.yaml#/components/responses/default'
/{supi}/gba-security-information/generate-av:
post:
summary: Generate authentication data for the UE in GBA domain
operationId: GenerateGbaAv
tags:
- Generate GBA Authentication Vectors
security:
- {}
- oAuth2ClientCredentials:
- nudm-ueau
- oAuth2ClientCredentials:
- nudm-ueau
- nudm-ueau:gba-security-information:generate-av:invoke
parameters:
- name: supi
in: path
description: SUPI of the user
required: true
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GbaAuthenticationInfoRequest'
required: true
responses:
'200':
description: Expected response to a valid request
content:
application/json:
schema:
$ref: '#/components/schemas/GbaAuthenticationInfoResult'
'400':
$ref: 'TS29571_CommonData.yaml#/components/responses/400'
'403':
$ref: 'TS29571_CommonData.yaml#/components/responses/403'
'404':
$ref: 'TS29571_CommonData.yaml#/components/responses/404'
'500':
$ref: 'TS29571_CommonData.yaml#/components/responses/500'
'501':
$ref: 'TS29571_CommonData.yaml#/components/responses/501'
'503':
$ref: 'TS29571_CommonData.yaml#/components/responses/503'
default:
description: Unexpected error
/{supiOrSuci}/prose-security-information/generate-av:
post:
summary: Generate authentication data for ProSe
operationId: GenerateProseAV
tags:
- Generate ProSe Authentication Vectors
parameters:
- name: supiOrSuci
in: path
description: SUPI or SUCI of the user
required: true
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupiOrSuci'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ProSeAuthenticationInfoRequest'
required: true
responses:
'200':
description: Expected response to a valid request
content:
application/json:
schema:
$ref: '#/components/schemas/ProSeAuthenticationInfoResult'
'400':
$ref: 'TS29571_CommonData.yaml#/components/responses/400'
'403':
$ref: 'TS29571_CommonData.yaml#/components/responses/403'
'404':
$ref: 'TS29571_CommonData.yaml#/components/responses/404'
'500':
$ref: 'TS29571_CommonData.yaml#/components/responses/500'
'501':
$ref: 'TS29571_CommonData.yaml#/components/responses/501'
'503':
$ref: 'TS29571_CommonData.yaml#/components/responses/503'
default:
description: Unexpected error
components:
securitySchemes:
oAuth2ClientCredentials:
type: oauth2
flows:
clientCredentials:
tokenUrl: '{nrfApiRoot}/oauth2/token'
scopes:
nudm-ueau: Access to the nudm-ueau API
nudm-ueau:security-information:generate-auth-data:invoke: Acess to invoke the "generate-auth-data" custom operation on the "security-information" resource
nudm-ueau:security-information-rg:read: Access to read the "security-information-rg" resource
nudm-ueau:auth-events:create: Access to create a new child resource on the "auth-events" collection resource
nudm-ueau:auth-event-id:modify: Access to modify (delete) an "auth-event-id" individual resource
nudm-ueau:hss-security-information:generate-av:invoke: Acess to invoke the "generate-av" custom operation on the "hss-security-information" resource
nudm-ueau:gba-security-information:generate-av:invoke: Acess to invoke the "generate-av" custom operation on the "gba-security-information" resource
schemas:
# COMPLEX TYPES:
AuthenticationInfoRequest:
type: object
required:
- servingNetworkName
- ausfInstanceId
properties:
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
servingNetworkName:
$ref: '#/components/schemas/ServingNetworkName'
resynchronizationInfo:
$ref: '#/components/schemas/ResynchronizationInfo'
ausfInstanceId:
$ref: 'TS29571_CommonData.yaml#/components/schemas/NfInstanceId'
cellCagInfo:
type: array
items:
$ref: 'TS29571_CommonData.yaml#/components/schemas/CagId'
minItems: 1
n5gcInd:
type: boolean
default: false
nswoInd:
type: boolean
default: false
disasterRoamingInd:
type: boolean
default: false
AuthenticationInfoResult:
type: object
required:
- authType
properties:
authType:
$ref: '#/components/schemas/AuthType'
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
authenticationVector:
$ref: '#/components/schemas/AuthenticationVector'
supi:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
akmaInd:
type: boolean
default: false
authAaa:
type: boolean
default: false
routingId:
type: string
pattern: '^[0-9]{1,4}$'
pvsInfo:
type: array
items:
$ref: 'TS29571_CommonData.yaml#/components/schemas/ServerAddressingInfo'
minItems: 1
AuthenticationVector:
oneOf:
- $ref: '#/components/schemas/AvEapAkaPrime'
- $ref: '#/components/schemas/Av5GHeAka'
discriminator:
propertyName: avType
mapping:
5G_HE_AKA: '#/components/schemas/Av5GHeAka'
EAP_AKA_PRIME: '#/components/schemas/AvEapAkaPrime'
AvEapAkaPrime:
type: object
required:
- avType
- rand
- xres
- autn
- ckPrime
- ikPrime
properties:
avType:
$ref: '#/components/schemas/AvType'
rand:
$ref: '#/components/schemas/Rand'
xres:
$ref: '#/components/schemas/Xres'
autn:
$ref: '#/components/schemas/Autn'
ckPrime:
$ref: '#/components/schemas/CkPrime'
ikPrime:
$ref: '#/components/schemas/IkPrime'
Av5GHeAka:
type: object
required:
- avType
- rand
- xresStar
- autn
- kausf
properties:
avType:
$ref: '#/components/schemas/AvType'
rand:
$ref: '#/components/schemas/Rand'
xresStar:
$ref: '#/components/schemas/XresStar'
autn:
$ref: '#/components/schemas/Autn'
kausf:
$ref: '#/components/schemas/Kausf'
ResynchronizationInfo:
type: object
required:
- rand
- auts
properties:
rand:
$ref: '#/components/schemas/Rand'
auts:
$ref: '#/components/schemas/Auts'
AuthEvent:
type: object
required:
- nfInstanceId
- success
- timeStamp
- authType
- servingNetworkName
properties:
nfInstanceId:
$ref: 'TS29571_CommonData.yaml#/components/schemas/NfInstanceId'
success:
$ref: '#/components/schemas/Success'
timeStamp:
$ref: 'TS29571_CommonData.yaml#/components/schemas/DateTime'
authType:
$ref: '#/components/schemas/AuthType'
servingNetworkName:
$ref: '#/components/schemas/ServingNetworkName'
authRemovalInd:
type: boolean
default: false
nfSetId:
$ref: 'TS29571_CommonData.yaml#/components/schemas/NfSetId'
resetIds:
type: array
items:
type: string
minItems: 1
RgAuthCtx:
type: object
required:
- authInd
properties:
authInd:
type: boolean
default: false
supi:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
HssAuthenticationInfoRequest:
type: object
required:
- hssAuthType
- numOfRequestedVectors
properties:
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
hssAuthType:
$ref: '#/components/schemas/HssAuthType'
numOfRequestedVectors:
$ref: '#/components/schemas/NumOfRequestedVectors'
requestingNodeType:
$ref: '#/components/schemas/NodeType'
servingNetworkId:
$ref: 'TS29571_CommonData.yaml#/components/schemas/PlmnId'
resynchronizationInfo:
$ref: '#/components/schemas/ResynchronizationInfo'
anId:
$ref: '#/components/schemas/AccessNetworkId'
HssAuthenticationInfoResult:
type: object
required:
- hssAuthenticationVectors
properties:
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
hssAuthenticationVectors:
$ref: '#/components/schemas/HssAuthenticationVectors'
HssAuthenticationVectors:
oneOf:
- type: array
items:
$ref: '#/components/schemas/AvEpsAka'
minItems: 1
maxItems: 5
- type: array
items:
$ref: '#/components/schemas/AvImsGbaEapAka'
minItems: 1
maxItems: 5
- type: array
items:
$ref: '#/components/schemas/AvEapAkaPrime'
minItems: 1
maxItems: 5
AvEpsAka:
type: object
required:
- avType
- rand
- xres
- autn
- kasme
properties:
avType:
$ref: '#/components/schemas/HssAvType'
rand:
$ref: '#/components/schemas/Rand'
xres:
$ref: '#/components/schemas/Xres'
autn:
$ref: '#/components/schemas/Autn'
kasme:
$ref: '#/components/schemas/Kasme'
AvImsGbaEapAka:
type: object
required:
- avType
- rand
- xres
- autn
- ck
- ik
properties:
avType:
$ref: '#/components/schemas/HssAvType'
rand:
$ref: '#/components/schemas/Rand'
xres:
$ref: '#/components/schemas/Xres'
autn:
$ref: '#/components/schemas/Autn'
ck:
$ref: '#/components/schemas/ConfidentialityKey'
ik:
$ref: '#/components/schemas/IntegrityKey'
GbaAuthenticationInfoRequest:
type: object
required:
- authType
properties:
authType:
$ref: '#/components/schemas/GbaAuthType'
resynchronizationInfo:
$ref: 'TS29562_Nhss_imsUEAU.yaml#/components/schemas/ResynchronizationInfo'
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
GbaAuthenticationInfoResult:
type: object
properties:
3gAkaAv:
$ref: 'TS29562_Nhss_imsUEAU.yaml#/components/schemas/3GAkaAv'
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
ProSeAuthenticationInfoRequest:
type: object
required:
- servingNetworkName
- relayServiceCode
properties:
servingNetworkName:
$ref: '#/components/schemas/ServingNetworkName'
relayServiceCode:
$ref: 'TS29571_CommonData.yaml#/components/schemas/RelayServiceCode'
resynchronizationInfo:
$ref: '#/components/schemas/ResynchronizationInfo'
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
ProSeAuthenticationInfoResult:
type: object
required:
- authType
properties:
authType:
$ref: '#/components/schemas/AuthType'
proseAuthenticationVectors:
$ref: '#/components/schemas/ProSeAuthenticationVectors'
supi:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
supportedFeatures:
$ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
ProSeAuthenticationVectors:
oneOf:
- type: array
items:
$ref: '#/components/schemas/AvEapAkaPrime'
minItems: 1
maxItems: 5
# SIMPLE TYPES:
Autn:
type: string
pattern: '^[A-Fa-f0-9]{32}$'
Auts:
type: string
pattern: '^[A-Fa-f0-9]{28}$'
CkPrime:
type: string
pattern: '^[A-Fa-f0-9]{32}$'
IkPrime:
type: string
pattern: '^[A-Fa-f0-9]{32}$'
Kausf:
type: string
pattern: '^[A-Fa-f0-9]{64}$'
Rand:
type: string
pattern: '^[A-Fa-f0-9]{32}$'
Xres:
type: string
pattern: '^[A-Fa-f0-9]{8,32}$'
XresStar:
type: string
pattern: '^[A-Fa-f0-9]{32}$'
ServingNetworkName:
type: string
pattern: '^(5G:mnc[0-9]{3}[.]mcc[0-9]{3}[.]3gppnetwork[.]org(:[A-F0-9]{11})?)|5G:NSWO$'
Success:
type: boolean
AuthenticatedInd:
type: boolean
ConfidentialityKey:
type: string
pattern: '^[A-Fa-f0-9]{32}$'
IntegrityKey:
type: string
pattern: '^[A-Fa-f0-9]{32}$'
Kasme:
type: string
pattern: '^[A-Fa-f0-9]{64}$'
NumOfRequestedVectors:
type: integer
minimum: 1
maximum: 5
# ENUMS:
AuthType:
anyOf:
- type: string
enum:
- 5G_AKA
- EAP_AKA_PRIME
- EAP_TLS
- NONE
- EAP_TTLS
- type: string
AvType:
anyOf:
- type: string
enum:
- 5G_HE_AKA
- EAP_AKA_PRIME
- type: string
HssAuthType:
anyOf:
- type: string
enum:
- EPS_AKA
- EAP_AKA
- EAP_AKA_PRIME
- IMS_AKA
- GBA_AKA
- UMTS_AKA
- type: string
HssAvType:
anyOf:
- type: string
enum:
- EPS_AKA
- EAP_AKA
- IMS_AKA
- GBA_AKA
- UMTS_AKA
- type: string
HssAuthTypeInUri:
anyOf:
- type: string
enum:
- eps-aka
- eap-aka
- eap-aka-prime
- ims-aka
- gba-aka
- type: string
AccessNetworkId:
anyOf:
- type: string
enum:
- HRPD
- WIMAX
- WLAN
- ETHERNET
- type: string
NodeType:
anyOf:
- type: string
enum:
- AUSF
- VLR
- SGSN
- S_CSCF
- BSF
- GAN_AAA_SERVER
- WLAN_AAA_SERVER
- MME
- type: string
GbaAuthType:
anyOf:
- type: string
enum:
- DIGEST_AKAV1_MD5
- type: string
Reference in a new issue View git blame Copy permalink