diff --git a/apps/onboarding-functions/pom.xml b/apps/onboarding-functions/pom.xml
index e74e78f0e..a3c79e69d 100644
--- a/apps/onboarding-functions/pom.xml
+++ b/apps/onboarding-functions/pom.xml
@@ -142,7 +142,6 @@
-
org.jsoup
jsoup
@@ -165,7 +164,16 @@
quarkus-openapi-generator
2.2.10
-
+
+ io.jsonwebtoken
+ jjwt
+ 0.9.1
+
+
+ javax.xml.bind
+ jaxb-api
+ 2.3.1
+
io.quarkus
diff --git a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/client/auth/AuthenticationPropagationHeadersFactory.java b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/client/auth/AuthenticationPropagationHeadersFactory.java
index de8d1ca77..7f378528e 100644
--- a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/client/auth/AuthenticationPropagationHeadersFactory.java
+++ b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/client/auth/AuthenticationPropagationHeadersFactory.java
@@ -1,15 +1,24 @@
package it.pagopa.selfcare.onboarding.client.auth;
+import it.pagopa.selfcare.onboarding.service.TokenService;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
import jakarta.ws.rs.core.MultivaluedMap;
import org.eclipse.microprofile.rest.client.ext.ClientHeadersFactory;
import java.util.List;
+
+@ApplicationScoped
public class AuthenticationPropagationHeadersFactory implements ClientHeadersFactory {
+ @Inject
+ TokenService tokenService;
+
@Override
public MultivaluedMap update(MultivaluedMap incomingHeaders, MultivaluedMap clientOutgoingHeaders) {
- String bearerToken = System.getenv("JWT_BEARER_TOKEN");
+ final String uuid = incomingHeaders.get("user-uuid").get(0);
+ String bearerToken = tokenService.createJwt(uuid);
clientOutgoingHeaders.put("Authorization", List.of("Bearer " + bearerToken));
return clientOutgoingHeaders;
}
diff --git a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/TokenConfig.java b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/TokenConfig.java
new file mode 100644
index 000000000..ebe9def24
--- /dev/null
+++ b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/TokenConfig.java
@@ -0,0 +1,11 @@
+package it.pagopa.selfcare.onboarding.config;
+
+import io.smallrye.config.ConfigMapping;
+
+@ConfigMapping(prefix = "onboarding-functions.jwt.token")
+public interface TokenConfig {
+ String signingKey();
+ String kid();
+ String issuer();
+ String duration();
+}
\ No newline at end of file
diff --git a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/CompletionServiceDefault.java b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/CompletionServiceDefault.java
index 0154de941..d96e5904c 100644
--- a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/CompletionServiceDefault.java
+++ b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/CompletionServiceDefault.java
@@ -230,7 +230,7 @@ public void persistUsers(Onboarding onboarding) {
userRoleDto.setUserMailUuid(user.getUserMailUuid());
userRoleDto.setProduct(productMapper.toProduct(onboarding, user));
userRoleDto.getProduct().setTokenId(onboarding.getId());
- try (Response response = userApi.usersUserIdPost(user.getId(), userRoleDto)) {
+ try (Response response = userApi.usersUserIdPost(user.getId(), onboarding.getUserRequestUid(), userRoleDto)) {
if (!SUCCESSFUL.equals(response.getStatusInfo().getFamily())) {
throw new RuntimeException("Impossible to create or update role for user with ID: " + user.getId());
}
diff --git a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/ContractServiceDefault.java b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/ContractServiceDefault.java
index 6866a3d47..31b6695f6 100644
--- a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/ContractServiceDefault.java
+++ b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/ContractServiceDefault.java
@@ -42,7 +42,6 @@
@ApplicationScoped
public class ContractServiceDefault implements ContractService {
-
private static final Logger log = LoggerFactory.getLogger(ContractServiceDefault.class);
public static final String PAGOPA_SIGNATURE_DISABLED = "disabled";
diff --git a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/TokenService.java b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/TokenService.java
new file mode 100644
index 000000000..1a3e8112d
--- /dev/null
+++ b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/TokenService.java
@@ -0,0 +1,6 @@
+package it.pagopa.selfcare.onboarding.service;
+
+public interface TokenService {
+
+ String createJwt(String userId);
+}
diff --git a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/TokenServiceDefault.java b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/TokenServiceDefault.java
new file mode 100644
index 000000000..7e2300eb6
--- /dev/null
+++ b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/service/TokenServiceDefault.java
@@ -0,0 +1,88 @@
+package it.pagopa.selfcare.onboarding.service;
+
+import io.jsonwebtoken.Header;
+import io.jsonwebtoken.JwsHeader;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import it.pagopa.selfcare.onboarding.config.TokenConfig;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.RSAPrivateCrtKeySpec;
+import java.time.Duration;
+import java.util.Base64;
+import java.util.Date;
+import java.util.UUID;
+
+@ApplicationScoped
+public class TokenServiceDefault implements TokenService {
+
+ @Inject
+ TokenConfig tokenConfig;
+
+ private static final String PRIVATE_KEY_HEADER_TEMPLATE = "-----BEGIN %s-----";
+ private static final String PRIVATE_KEY_FOOTER_TEMPLATE = "-----END %s-----";
+ private final Logger logger = LoggerFactory.getLogger(TokenServiceDefault.class.getName());
+
+ @Override
+ public String createJwt(String userId) {
+ PrivateKey privateKey;
+ try {
+ privateKey = getPrivateKey(tokenConfig.signingKey());
+ } catch (Exception e) {
+ logger.error("Impossible to get private key. Error: {}", e.getMessage(), e);
+ return null;
+ }
+ return Jwts.builder()
+ .setId(UUID.randomUUID().toString())
+ .setIssuedAt(new Date())
+ .setIssuer(tokenConfig.issuer())
+ .setExpiration(Date.from(new Date().toInstant().plus(Duration.parse(tokenConfig.duration()))))
+ .claim("uid", userId)
+ .signWith(SignatureAlgorithm.RS256, privateKey)
+ .setHeaderParam(JwsHeader.KEY_ID, tokenConfig.kid())
+ .setHeaderParam(Header.TYPE, Header.JWT_TYPE)
+ .compact();
+ }
+
+ private PrivateKey getPrivateKey(String signingKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
+ boolean isRsa = signingKey.contains("RSA");
+ String privateKeyEnvelopName = (isRsa ? "RSA " : "") + "PRIVATE KEY";
+ String privateKeyPEM = signingKey
+ .replace("\r", "")
+ .replace("\n", "")
+ .replace(String.format(PRIVATE_KEY_HEADER_TEMPLATE, privateKeyEnvelopName), "")
+ .replace(String.format(PRIVATE_KEY_FOOTER_TEMPLATE, privateKeyEnvelopName), "");
+
+ byte[] encoded = Base64.getDecoder().decode(privateKeyPEM);
+
+ KeySpec keySpec;
+ if (isRsa) {
+ RSAPrivateKey rsaPrivateKey = RSAPrivateKey.getInstance(encoded);
+ keySpec = new RSAPrivateCrtKeySpec(
+ rsaPrivateKey.getModulus(),
+ rsaPrivateKey.getPublicExponent(),
+ rsaPrivateKey.getPrivateExponent(),
+ rsaPrivateKey.getPrime1(),
+ rsaPrivateKey.getPrime2(),
+ rsaPrivateKey.getExponent1(),
+ rsaPrivateKey.getExponent2(),
+ rsaPrivateKey.getCoefficient());
+
+ } else {
+ keySpec = new PKCS8EncodedKeySpec(encoded);
+ }
+
+ KeyFactory keyFactory = KeyFactory.getInstance("RSA");
+ return keyFactory.generatePrivate(keySpec);
+ }
+}
diff --git a/apps/onboarding-functions/src/main/openapi/user.json b/apps/onboarding-functions/src/main/openapi/user.json
index 4ed0bfa25..4644cbf9a 100644
--- a/apps/onboarding-functions/src/main/openapi/user.json
+++ b/apps/onboarding-functions/src/main/openapi/user.json
@@ -1,1608 +1,1856 @@
{
- "openapi" : "3.0.3",
- "info" : {
- "title" : "User API",
- "version" : "1.0.0"
+ "openapi": "3.0.3",
+ "info": {
+ "title": "User API",
+ "version": "1.0.0"
},
- "servers" : [ {
- "url" : "http://localhost:8080",
- "description" : "Auto generated value"
- }, {
- "url" : "http://0.0.0.0:8080",
- "description" : "Auto generated value"
- } ],
- "tags" : [ {
- "name" : "Events"
- }, {
- "name" : "Institution"
- }, {
- "name" : "User"
- }, {
- "name" : "external-v2"
- }, {
- "name" : "support"
- }, {
- "name" : "support-pnpg"
- } ],
- "paths" : {
- "/authorize" : {
- "get" : {
- "tags" : [ "User Permission Controller" ],
- "summary" : "Get permission for a user in an institution",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "permission",
- "in" : "query",
- "required" : true,
- "schema" : {
- "$ref" : "#/components/schemas/PermissionTypeEnum"
- }
- }, {
- "name" : "productId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "type" : "boolean"
+ "servers": [
+ {
+ "url": "http://localhost:8080",
+ "description": "Auto generated value"
+ },
+ {
+ "url": "http://0.0.0.0:8080",
+ "description": "Auto generated value"
+ }
+ ],
+ "tags": [
+ {
+ "name": "Events"
+ },
+ {
+ "name": "Institution"
+ },
+ {
+ "name": "User"
+ },
+ {
+ "name": "external-v2"
+ },
+ {
+ "name": "support"
+ },
+ {
+ "name": "support-pnpg"
+ }
+ ],
+ "paths": {
+ "/authorize": {
+ "get": {
+ "tags": [
+ "User Permission Controller"
+ ],
+ "summary": "Get permission for a user in an institution",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "permission",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PermissionTypeEnum"
+ }
+ },
+ {
+ "name": "productId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "boolean"
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/events/sc-users" : {
- "post" : {
- "tags" : [ "Events" ],
- "summary" : "The API resend all the users's given an institutionId and a userId after the given fromDate",
- "parameters" : [ {
- "name" : "fromDate",
- "in" : "query",
- "required" : true,
- "schema" : {
- "$ref" : "#/components/schemas/LocalDateTime"
- }
- }, {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "userId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "201" : {
- "description" : "Created"
- },
- "401" : {
- "description" : "Not Authorized"
- },
- "403" : {
- "description" : "Not Allowed"
+ "/events/sc-users": {
+ "post": {
+ "tags": [
+ "Events"
+ ],
+ "summary": "The API resend all the users's given an institutionId and a userId after the given fromDate",
+ "parameters": [
+ {
+ "name": "fromDate",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/LocalDateTime"
+ }
+ },
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "userId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Created"
+ },
+ "401": {
+ "description": "Not Authorized"
+ },
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/institutions/{institutionId}" : {
- "put" : {
- "tags" : [ "Institution" ],
- "summary" : "The API updates the description in all occurrences of userInstitution, given a certain institutionId.",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- } ],
- "requestBody" : {
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/UpdateDescriptionDto"
+ "/institutions/{institutionId}": {
+ "put": {
+ "tags": [
+ "Institution"
+ ],
+ "summary": "The API updates the description in all occurrences of userInstitution, given a certain institutionId.",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateDescriptionDto"
}
}
}
},
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : { }
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/institutions/{institutionId}/products/{productId}/createdAt" : {
- "put" : {
- "tags" : [ "Institution" ],
- "summary" : "The API updates user's onboarded product with createdAt passed in input",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "createdAt",
- "in" : "query",
- "required" : true,
- "schema" : {
- "$ref" : "#/components/schemas/LocalDateTime"
- }
- }, {
- "name" : "userIds",
- "in" : "query",
- "required" : true,
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : { }
- }
- },
- "401" : {
- "description" : "Not Authorized"
- },
- "403" : {
- "description" : "Not Allowed"
+ "/institutions/{institutionId}/products/{productId}/createdAt": {
+ "put": {
+ "tags": [
+ "Institution"
+ ],
+ "summary": "The API updates user's onboarded product with createdAt passed in input",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "createdAt",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/LocalDateTime"
+ }
+ },
+ {
+ "name": "userIds",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {}
+ }
+ },
+ "401": {
+ "description": "Not Authorized"
+ },
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/institutions/{institutionId}/user-institutions" : {
- "get" : {
- "tags" : [ "Institution" ],
- "summary" : "The API retrieves users with optional filters in input as query params",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productRoles",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "products",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "roles",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "states",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "userId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/UserInstitutionResponse"
+ "/institutions/{institutionId}/user-institutions": {
+ "get": {
+ "tags": [
+ "Institution"
+ ],
+ "summary": "The API retrieves users with optional filters in input as query params",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productRoles",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "products",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "roles",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "states",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "userId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserInstitutionResponse"
}
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/institutions/{institutionId}/users" : {
- "get" : {
- "tags" : [ "support", "support-pnpg", "Institution" ],
- "summary" : "The API retrieves user's info including details of roles on products",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/UserProductResponse"
+ "/institutions/{institutionId}/users": {
+ "get": {
+ "tags": [
+ "support",
+ "support-pnpg",
+ "Institution"
+ ],
+ "summary": "The API retrieves user's info including details of roles on products",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserProductResponse"
}
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users" : {
- "get" : {
- "tags" : [ "User" ],
- "summary" : "The API retrieves paged users with optional filters in input as query params",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "page",
- "in" : "query",
- "schema" : {
- "format" : "int32",
- "default" : "0",
- "type" : "integer"
- }
- }, {
- "name" : "productRoles",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "products",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "roles",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/PartyRole"
- }
- }
- }, {
- "name" : "size",
- "in" : "query",
- "schema" : {
- "format" : "int32",
- "default" : "100",
- "type" : "integer"
- }
- }, {
- "name" : "states",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "userId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/UserInstitutionResponse"
+ "/users": {
+ "get": {
+ "tags": [
+ "User"
+ ],
+ "summary": "The API retrieves paged users with optional filters in input as query params",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "schema": {
+ "format": "int32",
+ "default": "0",
+ "type": "integer"
+ }
+ },
+ {
+ "name": "productRoles",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "products",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "roles",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/PartyRole"
+ }
+ }
+ },
+ {
+ "name": "size",
+ "in": "query",
+ "schema": {
+ "format": "int32",
+ "default": "100",
+ "type": "integer"
+ }
+ },
+ {
+ "name": "states",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "userId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserInstitutionResponse"
}
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
},
- "post" : {
- "tags" : [ "User" ],
- "summary" : "The createOrUpdateByFiscalCode function is used to create a new user or update an existing one.",
- "requestBody" : {
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/CreateUserDto"
+ "post": {
+ "tags": [
+ "User"
+ ],
+ "summary": "The createOrUpdateByFiscalCode function is used to create a new user or update an existing one.",
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateUserDto"
}
}
}
},
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "type" : "string"
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "string"
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/emails" : {
- "get" : {
- "tags" : [ "User" ],
- "summary" : "The API retrieves Users' emails using institution id and product id",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "query",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productId",
- "in" : "query",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
+ "/users/emails": {
+ "get": {
+ "tags": [
+ "User"
+ ],
+ "summary": "The API retrieves Users' emails using institution id and product id",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productId",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
}
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/ids" : {
- "get" : {
- "tags" : [ "User" ],
- "summary" : "Retrieve all users given their userIds",
- "parameters" : [ {
- "name" : "userIds",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/UserInstitutionResponse"
+ "/users/ids": {
+ "get": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Retrieve all users given their userIds",
+ "parameters": [
+ {
+ "name": "userIds",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserInstitutionResponse"
}
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/notification" : {
- "get" : {
- "tags" : [ "User" ],
- "summary" : "Retrieve all SC-User for DataLake filtered by optional productId",
- "parameters" : [ {
- "name" : "page",
- "in" : "query",
- "schema" : {
- "format" : "int32",
- "default" : "0",
- "type" : "integer"
- }
- }, {
- "name" : "productId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "size",
- "in" : "query",
- "schema" : {
- "format" : "int32",
- "default" : "100",
- "type" : "integer"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/UsersNotificationResponse"
+ "/users/notification": {
+ "get": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Retrieve all SC-User for DataLake filtered by optional productId",
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "schema": {
+ "format": "int32",
+ "default": "0",
+ "type": "integer"
+ }
+ },
+ {
+ "name": "productId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "size",
+ "in": "query",
+ "schema": {
+ "format": "int32",
+ "default": "100",
+ "type": "integer"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UsersNotificationResponse"
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/search" : {
- "post" : {
- "tags" : [ "User" ],
- "summary" : "Search user by fiscalCode",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- } ],
- "requestBody" : {
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/SearchUserDto"
+ "/users/search": {
+ "post": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Search user by fiscalCode",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SearchUserDto"
}
}
}
},
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/UserDetailResponse"
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UserDetailResponse"
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{id}" : {
- "get" : {
- "tags" : [ "User", "external-v2", "support" ],
- "summary" : "Retrieves user given userId and optional ProductId",
- "parameters" : [ {
- "name" : "id",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/UserResponse"
+ "/users/{id}": {
+ "get": {
+ "tags": [
+ "User",
+ "external-v2",
+ "support"
+ ],
+ "summary": "Retrieves user given userId and optional ProductId",
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UserResponse"
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{id}/details" : {
- "get" : {
- "tags" : [ "User" ],
- "summary" : "Retrieves user's information from pdv: name, familyName, email, fiscalCode and workContacts",
- "parameters" : [ {
- "name" : "id",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "field",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/UserDetailResponse"
+ "/users/{id}/details": {
+ "get": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Retrieves user's information from pdv: name, familyName, email, fiscalCode and workContacts",
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "field",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UserDetailResponse"
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{id}/institution/{institutionId}/product/{productId}/status" : {
- "put" : {
- "tags" : [ "User" ],
- "summary" : "Service to update user product status",
- "parameters" : [ {
- "name" : "id",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "institutionId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productRole",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "status",
- "in" : "query",
- "required" : true,
- "schema" : {
- "$ref" : "#/components/schemas/OnboardedProductState"
- }
- } ],
- "responses" : {
- "204" : {
- "description" : "No Content"
- },
- "401" : {
- "description" : "Not Authorized"
- },
- "403" : {
- "description" : "Not Allowed"
+ "/users/{id}/institution/{institutionId}/product/{productId}/status": {
+ "put": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Service to update user product status",
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "institutionId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productRole",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "status",
+ "in": "query",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/OnboardedProductState"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "No Content"
+ },
+ "401": {
+ "description": "Not Authorized"
+ },
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{id}/status" : {
- "put" : {
- "tags" : [ "User" ],
- "summary" : "Update user status with optional filter for institution, product, role and productRole",
- "parameters" : [ {
- "name" : "id",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productRole",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "role",
- "in" : "query",
- "schema" : {
- "$ref" : "#/components/schemas/PartyRole"
- }
- }, {
- "name" : "status",
- "in" : "query",
- "schema" : {
- "$ref" : "#/components/schemas/OnboardedProductState"
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : { }
- }
- },
- "401" : {
- "description" : "Not Authorized"
- },
- "403" : {
- "description" : "Not Allowed"
+ "/users/{id}/status": {
+ "put": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Update user status with optional filter for institution, product, role and productRole",
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productRole",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "role",
+ "in": "query",
+ "schema": {
+ "$ref": "#/components/schemas/PartyRole"
+ }
+ },
+ {
+ "name": "status",
+ "in": "query",
+ "schema": {
+ "$ref": "#/components/schemas/OnboardedProductState"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {}
+ }
+ },
+ "401": {
+ "description": "Not Authorized"
+ },
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{id}/user-registry" : {
- "put" : {
- "tags" : [ "User" ],
- "summary" : "Service to update user in user-registry and send notification when user data gets updated",
- "parameters" : [ {
- "name" : "id",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- } ],
- "requestBody" : {
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/UpdateUserRequest"
+ "/users/{id}/user-registry": {
+ "put": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Service to update user in user-registry and send notification when user data gets updated",
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateUserRequest"
}
}
}
},
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : { }
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{userId}" : {
- "post" : {
- "tags" : [ "User" ],
- "summary" : "The createOrUpdateByUserId function is used to update existing user adding userRole.",
- "parameters" : [ {
- "name" : "userId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- } ],
- "requestBody" : {
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/AddUserRoleDto"
+ "/users/{userId}": {
+ "post": {
+ "tags": [
+ "User"
+ ],
+ "summary": "The createOrUpdateByUserId function is used to update existing user adding userRole.",
+ "parameters": [
+ {
+ "name": "userId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "user-uuid",
+ "in": "header",
+ "description": "an authorization header",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/AddUserRoleDto"
}
}
}
},
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : { }
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{userId}/institution/{institutionId}" : {
- "get" : {
- "tags" : [ "User" ],
- "summary" : "The retrieveUsers function is used to retrieve a list of users from the UserInstitution collection and userRegistry.\nAt first it try to retrieve a UserInstitution document associated with a logged user (admin)\nIf this userInstitution object is not null, so user has AdminRole, it try to retriew the userInstitutions filtered by given institutionId, roles, states, products and productRoles\nand optional given personId, otherwise it do the same query using the logged user id instead of personId.\nAfter that it retrieve personal user data, foreach userId retrieved, from userRegistry and return a stream of UserDataResponse objects containing the requested user data.",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "userId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "personId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productRoles",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "products",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "roles",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- }, {
- "name" : "states",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/UserDataResponse"
+ "/users/{userId}/institution/{institutionId}": {
+ "get": {
+ "tags": [
+ "User"
+ ],
+ "summary": "The retrieveUsers function is used to retrieve a list of users from the UserInstitution collection and userRegistry.\nAt first it try to retrieve a UserInstitution document associated with a logged user (admin)\nIf this userInstitution object is not null, so user has AdminRole, it try to retriew the userInstitutions filtered by given institutionId, roles, states, products and productRoles\nand optional given personId, otherwise it do the same query using the logged user id instead of personId.\nAfter that it retrieve personal user data, foreach userId retrieved, from userRegistry and return a stream of UserDataResponse objects containing the requested user data.",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "userId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "personId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productRoles",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "products",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "roles",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "name": "states",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserDataResponse"
}
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{userId}/institutions" : {
- "get" : {
- "tags" : [ "User" ],
- "summary" : "Retrieves products info and role which the user is enabled",
- "parameters" : [ {
- "name" : "userId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "institutionId",
- "in" : "query",
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "states",
- "in" : "query",
- "schema" : {
- "type" : "array",
- "items" : {
- "type" : "string"
- }
- }
- } ],
- "responses" : {
- "200" : {
- "description" : "OK",
- "content" : {
- "application/json" : {
- "schema" : {
- "$ref" : "#/components/schemas/UserInfoResponse"
+ "/users/{userId}/institutions": {
+ "get": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Retrieves products info and role which the user is enabled",
+ "parameters": [
+ {
+ "name": "userId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "institutionId",
+ "in": "query",
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "states",
+ "in": "query",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UserInfoResponse"
}
}
}
},
- "401" : {
- "description" : "Not Authorized"
+ "401": {
+ "description": "Not Authorized"
},
- "403" : {
- "description" : "Not Allowed"
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
},
- "/users/{userId}/institutions/{institutionId}/products/{productId}" : {
- "delete" : {
- "tags" : [ "User" ],
- "summary" : "Delete logically the association institution and product",
- "parameters" : [ {
- "name" : "institutionId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "productId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- }, {
- "name" : "userId",
- "in" : "path",
- "required" : true,
- "schema" : {
- "type" : "string"
- }
- } ],
- "responses" : {
- "204" : {
- "description" : "No Content"
- },
- "401" : {
- "description" : "Not Authorized"
- },
- "403" : {
- "description" : "Not Allowed"
+ "/users/{userId}/institutions/{institutionId}/products/{productId}": {
+ "delete": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Delete logically the association institution and product",
+ "parameters": [
+ {
+ "name": "institutionId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "productId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "userId",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "No Content"
+ },
+ "401": {
+ "description": "Not Authorized"
+ },
+ "403": {
+ "description": "Not Allowed"
}
},
- "security" : [ {
- "SecurityScheme" : [ ]
- } ]
+ "security": [
+ {
+ "SecurityScheme": []
+ }
+ ]
}
}
},
- "components" : {
- "schemas" : {
- "AddUserRoleDto" : {
- "required" : [ "institutionId", "product" ],
- "type" : "object",
- "properties" : {
- "institutionId" : {
- "minLength" : 1,
- "type" : "string"
- },
- "product" : {
- "$ref" : "#/components/schemas/Product"
- },
- "institutionDescription" : {
- "type" : "string"
- },
- "institutionRootName" : {
- "type" : "string"
- },
- "userMailUuid" : {
- "type" : "string"
- },
- "hasToSendEmail" : {
- "type" : "boolean"
+ "components": {
+ "schemas": {
+ "AddUserRoleDto": {
+ "required": [
+ "institutionId",
+ "product"
+ ],
+ "type": "object",
+ "properties": {
+ "institutionId": {
+ "minLength": 1,
+ "type": "string"
+ },
+ "product": {
+ "$ref": "#/components/schemas/Product"
+ },
+ "institutionDescription": {
+ "type": "string"
+ },
+ "institutionRootName": {
+ "type": "string"
+ },
+ "userMailUuid": {
+ "type": "string"
+ },
+ "hasToSendEmail": {
+ "type": "boolean"
}
}
},
- "CertifiableFieldResponseString" : {
- "type" : "object",
- "properties" : {
- "value" : {
- "type" : "string"
+ "CertifiableFieldResponseString": {
+ "type": "object",
+ "properties": {
+ "value": {
+ "type": "string"
},
- "certified" : {
- "$ref" : "#/components/schemas/CertificationEnum"
+ "certified": {
+ "$ref": "#/components/schemas/CertificationEnum"
}
}
},
- "CertificationEnum" : {
- "enum" : [ "NONE", "SPID" ],
- "type" : "string"
+ "CertificationEnum": {
+ "enum": [
+ "NONE",
+ "SPID"
+ ],
+ "type": "string"
},
- "CreateUserDto" : {
- "required" : [ "institutionId", "user", "product" ],
- "type" : "object",
- "properties" : {
- "institutionId" : {
- "minLength" : 1,
- "type" : "string"
+ "CreateUserDto": {
+ "required": [
+ "institutionId",
+ "user",
+ "product"
+ ],
+ "type": "object",
+ "properties": {
+ "institutionId": {
+ "minLength": 1,
+ "type": "string"
},
- "user" : {
- "$ref" : "#/components/schemas/User"
+ "user": {
+ "$ref": "#/components/schemas/User"
},
- "product" : {
- "$ref" : "#/components/schemas/Product1"
+ "product": {
+ "$ref": "#/components/schemas/Product1"
},
- "institutionDescription" : {
- "type" : "string"
+ "institutionDescription": {
+ "type": "string"
},
- "institutionRootName" : {
- "type" : "string"
+ "institutionRootName": {
+ "type": "string"
},
- "hasToSendEmail" : {
- "type" : "boolean"
+ "hasToSendEmail": {
+ "type": "boolean"
}
}
},
- "Env" : {
- "enum" : [ "ROOT", "DEV", "COLL", "PROD" ],
- "type" : "string"
+ "Env": {
+ "enum": [
+ "ROOT",
+ "DEV",
+ "COLL",
+ "PROD"
+ ],
+ "type": "string"
},
- "LocalDateTime" : {
- "format" : "date-time",
- "type" : "string",
- "example" : "2022-03-10T12:15:50"
+ "LocalDateTime": {
+ "format": "date-time",
+ "type": "string",
+ "example": "2022-03-10T12:15:50"
},
- "OnboardedProductResponse" : {
- "type" : "object",
- "properties" : {
- "productId" : {
- "type" : "string"
+ "OnboardedProductResponse": {
+ "type": "object",
+ "properties": {
+ "productId": {
+ "type": "string"
},
- "tokenId" : {
- "type" : "string"
+ "tokenId": {
+ "type": "string"
},
- "status" : {
- "$ref" : "#/components/schemas/OnboardedProductState"
+ "status": {
+ "$ref": "#/components/schemas/OnboardedProductState"
},
- "productRole" : {
- "type" : "string"
+ "productRole": {
+ "type": "string"
},
- "role" : {
- "description" : "Available values: MANAGER, DELEGATE, SUB_DELEGATE, OPERATOR, ADMIN_EA",
- "type" : "string"
+ "role": {
+ "description": "Available values: MANAGER, DELEGATE, SUB_DELEGATE, OPERATOR, ADMIN_EA",
+ "type": "string"
},
- "env" : {
- "$ref" : "#/components/schemas/Env"
+ "env": {
+ "$ref": "#/components/schemas/Env"
},
- "createdAt" : {
- "$ref" : "#/components/schemas/LocalDateTime"
+ "createdAt": {
+ "$ref": "#/components/schemas/LocalDateTime"
},
- "updatedAt" : {
- "$ref" : "#/components/schemas/LocalDateTime"
+ "updatedAt": {
+ "$ref": "#/components/schemas/LocalDateTime"
}
}
},
- "OnboardedProductState" : {
- "enum" : [ "ACTIVE", "PENDING", "TOBEVALIDATED", "SUSPENDED", "DELETED", "REJECTED" ],
- "type" : "string"
+ "OnboardedProductState": {
+ "enum": [
+ "ACTIVE",
+ "PENDING",
+ "TOBEVALIDATED",
+ "SUSPENDED",
+ "DELETED",
+ "REJECTED"
+ ],
+ "type": "string"
},
- "PartyRole" : {
- "enum" : [ "MANAGER", "DELEGATE", "SUB_DELEGATE", "OPERATOR", "ADMIN_EA" ],
- "type" : "string"
+ "PartyRole": {
+ "enum": [
+ "MANAGER",
+ "DELEGATE",
+ "SUB_DELEGATE",
+ "OPERATOR",
+ "ADMIN_EA"
+ ],
+ "type": "string"
},
- "PermissionTypeEnum" : {
- "enum" : [ "ADMIN", "ANY" ],
- "type" : "string"
+ "PermissionTypeEnum": {
+ "enum": [
+ "ADMIN",
+ "ANY"
+ ],
+ "type": "string"
},
- "Product" : {
- "required" : [ "productId", "role", "productRoles" ],
- "type" : "object",
- "properties" : {
- "productId" : {
- "minLength" : 1,
- "type" : "string"
- },
- "role" : {
- "$ref" : "#/components/schemas/PartyRole"
- },
- "tokenId" : {
- "type" : "string"
- },
- "productRoles" : {
- "type" : "array",
- "items" : {
- "type" : "string"
+ "Product": {
+ "required": [
+ "productId",
+ "role",
+ "productRoles"
+ ],
+ "type": "object",
+ "properties": {
+ "productId": {
+ "minLength": 1,
+ "type": "string"
+ },
+ "role": {
+ "$ref": "#/components/schemas/PartyRole"
+ },
+ "tokenId": {
+ "type": "string"
+ },
+ "productRoles": {
+ "type": "array",
+ "items": {
+ "type": "string"
}
},
- "delegationId" : {
- "type" : "string"
+ "delegationId": {
+ "type": "string"
}
}
},
- "Product1" : {
- "required" : [ "productId", "role", "productRoles" ],
- "type" : "object",
- "properties" : {
- "productId" : {
- "minLength" : 1,
- "type" : "string"
- },
- "role" : {
- "$ref" : "#/components/schemas/PartyRole"
- },
- "tokenId" : {
- "type" : "string"
- },
- "productRoles" : {
- "type" : "array",
- "items" : {
- "type" : "string"
+ "Product1": {
+ "required": [
+ "productId",
+ "role",
+ "productRoles"
+ ],
+ "type": "object",
+ "properties": {
+ "productId": {
+ "minLength": 1,
+ "type": "string"
+ },
+ "role": {
+ "$ref": "#/components/schemas/PartyRole"
+ },
+ "tokenId": {
+ "type": "string"
+ },
+ "productRoles": {
+ "type": "array",
+ "items": {
+ "type": "string"
}
}
}
},
- "QueueEvent" : {
- "enum" : [ "ADD", "UPDATE" ],
- "type" : "string"
+ "QueueEvent": {
+ "enum": [
+ "ADD",
+ "UPDATE"
+ ],
+ "type": "string"
},
- "SearchUserDto" : {
- "required" : [ "fiscalCode" ],
- "type" : "object",
- "properties" : {
- "fiscalCode" : {
- "type" : "string"
+ "SearchUserDto": {
+ "required": [
+ "fiscalCode"
+ ],
+ "type": "object",
+ "properties": {
+ "fiscalCode": {
+ "type": "string"
}
}
},
- "UpdateDescriptionDto" : {
- "required" : [ "institutionDescription" ],
- "type" : "object",
- "properties" : {
- "institutionDescription" : {
- "minLength" : 1,
- "type" : "string"
- },
- "institutionRootName" : {
- "type" : "string"
+ "UpdateDescriptionDto": {
+ "required": [
+ "institutionDescription"
+ ],
+ "type": "object",
+ "properties": {
+ "institutionDescription": {
+ "minLength": 1,
+ "type": "string"
+ },
+ "institutionRootName": {
+ "type": "string"
}
}
},
- "UpdateUserRequest" : {
- "required" : [ "email" ],
- "type" : "object",
- "properties" : {
- "name" : {
- "type" : "string"
+ "UpdateUserRequest": {
+ "required": [
+ "email"
+ ],
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string"
},
- "familyName" : {
- "type" : "string"
+ "familyName": {
+ "type": "string"
},
- "email" : {
- "type" : "string"
+ "email": {
+ "type": "string"
}
}
},
- "User" : {
- "required" : [ "fiscalCode", "institutionEmail" ],
- "type" : "object",
- "properties" : {
- "birthDate" : {
- "type" : "string"
- },
- "familyName" : {
- "type" : "string"
- },
- "name" : {
- "type" : "string"
- },
- "fiscalCode" : {
- "minLength" : 1,
- "type" : "string"
- },
- "institutionEmail" : {
- "minLength" : 1,
- "type" : "string"
+ "User": {
+ "required": [
+ "fiscalCode",
+ "institutionEmail"
+ ],
+ "type": "object",
+ "properties": {
+ "birthDate": {
+ "type": "string"
+ },
+ "familyName": {
+ "type": "string"
+ },
+ "name": {
+ "type": "string"
+ },
+ "fiscalCode": {
+ "minLength": 1,
+ "type": "string"
+ },
+ "institutionEmail": {
+ "minLength": 1,
+ "type": "string"
}
}
},
- "UserDataResponse" : {
- "type" : "object",
- "properties" : {
- "id" : {
- "type" : "string"
+ "UserDataResponse": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string"
},
- "userId" : {
- "type" : "string"
+ "userId": {
+ "type": "string"
},
- "institutionId" : {
- "type" : "string"
+ "institutionId": {
+ "type": "string"
},
- "institutionDescription" : {
- "type" : "string"
+ "institutionDescription": {
+ "type": "string"
},
- "institutionRootName" : {
- "type" : "string"
+ "institutionRootName": {
+ "type": "string"
},
- "userMailUuid" : {
- "type" : "string"
+ "userMailUuid": {
+ "type": "string"
},
- "role" : {
- "type" : "string"
+ "role": {
+ "type": "string"
},
- "status" : {
- "type" : "string"
+ "status": {
+ "type": "string"
},
- "products" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/OnboardedProductResponse"
+ "products": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/OnboardedProductResponse"
}
},
- "userResponse" : {
- "$ref" : "#/components/schemas/UserResponse"
+ "userResponse": {
+ "$ref": "#/components/schemas/UserResponse"
}
}
},
- "UserDetailResponse" : {
- "type" : "object",
- "properties" : {
- "id" : {
- "type" : "string"
+ "UserDetailResponse": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string"
},
- "fiscalCode" : {
- "type" : "string"
+ "fiscalCode": {
+ "type": "string"
},
- "name" : {
- "$ref" : "#/components/schemas/CertifiableFieldResponseString"
+ "name": {
+ "$ref": "#/components/schemas/CertifiableFieldResponseString"
},
- "familyName" : {
- "$ref" : "#/components/schemas/CertifiableFieldResponseString"
+ "familyName": {
+ "$ref": "#/components/schemas/CertifiableFieldResponseString"
},
- "email" : {
- "$ref" : "#/components/schemas/CertifiableFieldResponseString"
+ "email": {
+ "$ref": "#/components/schemas/CertifiableFieldResponseString"
},
- "workContacts" : {
- "type" : "object",
- "additionalProperties" : {
- "$ref" : "#/components/schemas/WorkContactResponse"
+ "workContacts": {
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/components/schemas/WorkContactResponse"
}
}
}
},
- "UserInfoResponse" : {
- "type" : "object",
- "properties" : {
- "userId" : {
- "type" : "string"
- },
- "institutions" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/UserInstitutionRoleResponse"
+ "UserInfoResponse": {
+ "type": "object",
+ "properties": {
+ "userId": {
+ "type": "string"
+ },
+ "institutions": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserInstitutionRoleResponse"
}
}
}
},
- "UserInstitutionResponse" : {
- "type" : "object",
- "properties" : {
- "id" : {
- "type" : "string"
+ "UserInstitutionResponse": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string"
},
- "userId" : {
- "type" : "string"
+ "userId": {
+ "type": "string"
},
- "institutionId" : {
- "type" : "string"
+ "institutionId": {
+ "type": "string"
},
- "institutionDescription" : {
- "type" : "string"
+ "institutionDescription": {
+ "type": "string"
},
- "institutionRootName" : {
- "type" : "string"
+ "institutionRootName": {
+ "type": "string"
},
- "userMailUuid" : {
- "type" : "string"
+ "userMailUuid": {
+ "type": "string"
},
- "products" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/OnboardedProductResponse"
+ "products": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/OnboardedProductResponse"
}
}
}
},
- "UserInstitutionRoleResponse" : {
- "type" : "object",
- "properties" : {
- "institutionId" : {
- "type" : "string"
+ "UserInstitutionRoleResponse": {
+ "type": "object",
+ "properties": {
+ "institutionId": {
+ "type": "string"
},
- "institutionName" : {
- "type" : "string"
+ "institutionName": {
+ "type": "string"
},
- "institutionRootName" : {
- "type" : "string"
+ "institutionRootName": {
+ "type": "string"
},
- "role" : {
- "description" : "Available values: MANAGER, DELEGATE, SUB_DELEGATE, OPERATOR, ADMIN_EA",
- "type" : "string"
+ "role": {
+ "description": "Available values: MANAGER, DELEGATE, SUB_DELEGATE, OPERATOR, ADMIN_EA",
+ "type": "string"
},
- "status" : {
- "$ref" : "#/components/schemas/OnboardedProductState"
+ "status": {
+ "$ref": "#/components/schemas/OnboardedProductState"
}
}
},
- "UserNotificationResponse" : {
- "type" : "object",
- "properties" : {
- "id" : {
- "type" : "string"
+ "UserNotificationResponse": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string"
},
- "institutionId" : {
- "type" : "string"
+ "institutionId": {
+ "type": "string"
},
- "productId" : {
- "type" : "string"
+ "productId": {
+ "type": "string"
},
- "onboardingTokenId" : {
- "type" : "string"
+ "onboardingTokenId": {
+ "type": "string"
},
- "createdAt" : {
- "$ref" : "#/components/schemas/LocalDateTime"
+ "createdAt": {
+ "$ref": "#/components/schemas/LocalDateTime"
},
- "updatedAt" : {
- "$ref" : "#/components/schemas/LocalDateTime"
+ "updatedAt": {
+ "$ref": "#/components/schemas/LocalDateTime"
},
- "eventType" : {
- "$ref" : "#/components/schemas/QueueEvent"
+ "eventType": {
+ "$ref": "#/components/schemas/QueueEvent"
},
- "user" : {
- "$ref" : "#/components/schemas/UserToNotify"
+ "user": {
+ "$ref": "#/components/schemas/UserToNotify"
}
}
},
- "UserProductResponse" : {
- "type" : "object",
- "properties" : {
- "id" : {
- "type" : "string"
+ "UserProductResponse": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string"
},
- "taxCode" : {
- "type" : "string"
+ "taxCode": {
+ "type": "string"
},
- "name" : {
- "type" : "string"
+ "name": {
+ "type": "string"
},
- "surname" : {
- "type" : "string"
+ "surname": {
+ "type": "string"
},
- "email" : {
- "type" : "string"
+ "email": {
+ "type": "string"
},
- "products" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/OnboardedProductResponse"
+ "products": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/OnboardedProductResponse"
}
}
}
},
- "UserResponse" : {
- "required" : [ "id", "name", "surname" ],
- "type" : "object",
- "properties" : {
- "id" : {
- "minLength" : 1,
- "type" : "string"
- },
- "taxCode" : {
- "type" : "string"
- },
- "name" : {
- "pattern" : "\\S",
- "type" : "string"
- },
- "surname" : {
- "pattern" : "\\S",
- "type" : "string"
- },
- "email" : {
- "type" : "string"
- },
- "workContacts" : {
- "type" : "object",
- "additionalProperties" : {
- "type" : "string"
+ "UserResponse": {
+ "required": [
+ "id",
+ "name",
+ "surname"
+ ],
+ "type": "object",
+ "properties": {
+ "id": {
+ "minLength": 1,
+ "type": "string"
+ },
+ "taxCode": {
+ "type": "string"
+ },
+ "name": {
+ "pattern": "\\S",
+ "type": "string"
+ },
+ "surname": {
+ "pattern": "\\S",
+ "type": "string"
+ },
+ "email": {
+ "type": "string"
+ },
+ "workContacts": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
}
}
}
},
- "UserToNotify" : {
- "type" : "object",
- "properties" : {
- "userId" : {
- "type" : "string"
+ "UserToNotify": {
+ "type": "object",
+ "properties": {
+ "userId": {
+ "type": "string"
},
- "name" : {
- "type" : "string"
+ "name": {
+ "type": "string"
},
- "familyName" : {
- "type" : "string"
+ "familyName": {
+ "type": "string"
},
- "email" : {
- "type" : "string"
+ "email": {
+ "type": "string"
},
- "role" : {
- "description" : "Available values: MANAGER, DELEGATE, SUB_DELEGATE, OPERATOR, ADMIN_EA",
- "type" : "string"
+ "role": {
+ "description": "Available values: MANAGER, DELEGATE, SUB_DELEGATE, OPERATOR, ADMIN_EA",
+ "type": "string"
},
- "productRole" : {
- "type" : "string"
+ "productRole": {
+ "type": "string"
},
- "relationshipStatus" : {
- "$ref" : "#/components/schemas/OnboardedProductState"
+ "relationshipStatus": {
+ "$ref": "#/components/schemas/OnboardedProductState"
}
}
},
- "UsersNotificationResponse" : {
- "type" : "object",
- "properties" : {
- "users" : {
- "type" : "array",
- "items" : {
- "$ref" : "#/components/schemas/UserNotificationResponse"
+ "UsersNotificationResponse": {
+ "type": "object",
+ "properties": {
+ "users": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserNotificationResponse"
}
}
}
},
- "WorkContactResponse" : {
- "type" : "object",
- "properties" : {
- "email" : {
- "$ref" : "#/components/schemas/CertifiableFieldResponseString"
+ "WorkContactResponse": {
+ "type": "object",
+ "properties": {
+ "email": {
+ "$ref": "#/components/schemas/CertifiableFieldResponseString"
}
}
}
},
- "securitySchemes" : {
- "SecurityScheme" : {
- "type" : "http",
- "description" : "Authentication",
- "scheme" : "bearer",
- "bearerFormat" : "JWT"
+ "securitySchemes": {
+ "SecurityScheme": {
+ "type": "http",
+ "description": "Authentication",
+ "scheme": "bearer",
+ "bearerFormat": "JWT"
}
}
}
diff --git a/apps/onboarding-functions/src/main/resources/application.properties b/apps/onboarding-functions/src/main/resources/application.properties
index 3f866a8b1..c2f92f464 100644
--- a/apps/onboarding-functions/src/main/resources/application.properties
+++ b/apps/onboarding-functions/src/main/resources/application.properties
@@ -17,6 +17,12 @@ onboarding-functions.retry.max-attempts = ${RETRY_MAX_ATTEMPTS:5}
onboarding-functions.retry.first-retry-interval = ${FIRST_RETRY_INTERVAL:5}
onboarding-functions.retry.backoff-coefficient = ${BACKOFF_COEFFICIENT:5}
+## JWT
+onboarding-functions.jwt.token.signing-key = ${JWT_TOKEN_EXCHANGE_PRIVATE_KEY:private-key}
+onboarding-functions.jwt.token.kid = ${JWT_TOKEN_EXCHANGE_KID:kid}
+onboarding-functions.jwt.token.issuer = ${JWT_TOKEN_EXCHANGE_ISSUER:issuer}
+onboarding-functions.jwt.token.duration = ${JWT_TOKEN_EXCHANGE_DURATION:PT5S}
+
## PURGE FUNCTION ##
# configuration for the start and end dates of the two functions
onboarding-functions.purge.completed-from = 60
diff --git a/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/client/EventhubSasTokenAuthorizationTest.java b/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/client/EventhubSasTokenAuthorizationTest.java
index 6022feb2b..a9d97aa1f 100644
--- a/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/client/EventhubSasTokenAuthorizationTest.java
+++ b/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/client/EventhubSasTokenAuthorizationTest.java
@@ -23,7 +23,7 @@ public class EventhubSasTokenAuthorizationTest {
@Test
void filter() throws URISyntaxException {
ClientRequestContext clientRequest = mock(ClientRequestContext.class);
- URI uri = new URI("http://test.it/SC-Contracts-SAP");
+ final URI uri = new URI("http://test.it/SC-Contracts-SAP");
when(clientRequest.getUri()).thenReturn(uri);
when(clientRequest.getHeaders()).thenReturn(new MultivaluedHashMap<>());
eventhubSasTokenAuthorization.filter(clientRequest);
diff --git a/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/service/CompletionServiceDefaultTest.java b/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/service/CompletionServiceDefaultTest.java
index e0cdfe16d..ecac70d42 100644
--- a/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/service/CompletionServiceDefaultTest.java
+++ b/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/service/CompletionServiceDefaultTest.java
@@ -1,6 +1,5 @@
package it.pagopa.selfcare.onboarding.service;
-import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import io.quarkus.mongodb.panache.common.PanacheUpdate;
@@ -500,12 +499,12 @@ void persistUsers() {
onboarding.setDelegationId("delegationId");
Response response = new ServerResponse(null, 200, null);
- when(userControllerApi.usersUserIdPost(any(), any())).thenReturn(response);
+ when(userControllerApi.usersUserIdPost(any(), any(), any())).thenReturn(response);
completionServiceDefault.persistUsers(onboarding);
Mockito.verify(userControllerApi, times(1))
- .usersUserIdPost(any(), any());
+ .usersUserIdPost(any(), any(), any());
}
@Test
@@ -519,7 +518,7 @@ void persistUsersWithException() {
onboarding.setUsers(List.of(user));
Response response = new ServerResponse(null, 500, null);
- when(userControllerApi.usersUserIdPost(any(), any())).thenReturn(response);
+ when(userControllerApi.usersUserIdPost(any(), any(), any())).thenReturn(response);
assertThrows(RuntimeException.class, () -> completionServiceDefault.persistUsers(onboarding));
@@ -602,7 +601,7 @@ private Product createDummyProduct() {
}
@Test
- void testCreateAggregateOnboardingRequest() throws JsonProcessingException {
+ void testCreateAggregateOnboardingRequest() {
// Given
OnboardingAggregateOrchestratorInput input = createSampleOnboardingInput();
Onboarding onboardingToUpdate = createSampleOnboarding();
diff --git a/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/service/TokenServiceDefaultTest.java b/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/service/TokenServiceDefaultTest.java
new file mode 100644
index 000000000..9d8eec551
--- /dev/null
+++ b/apps/onboarding-functions/src/test/java/it/pagopa/selfcare/onboarding/service/TokenServiceDefaultTest.java
@@ -0,0 +1,46 @@
+package it.pagopa.selfcare.onboarding.service;
+
+import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.junit.QuarkusTestProfile;
+import io.quarkus.test.junit.TestProfile;
+import jakarta.inject.Inject;
+import org.junit.jupiter.api.Test;
+
+import java.io.BufferedReader;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.nio.charset.StandardCharsets;
+import java.util.Map;
+import java.util.Objects;
+import java.util.stream.Collectors;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+@QuarkusTest
+@TestProfile(TokenServiceDefaultTest.TokenProfile.class)
+class TokenServiceDefaultTest {
+
+ @Inject
+ TokenServiceDefault tokenService;
+
+ public static class TokenProfile implements QuarkusTestProfile {
+ @Override
+ public Map getConfigOverrides() {
+ InputStream is = getClass().getClassLoader().getResourceAsStream("certs/PKCS1Key.pem");
+ String privateKey = new BufferedReader(
+ new InputStreamReader(is, StandardCharsets.UTF_8)).lines()
+ .collect(Collectors.joining("\n"));
+ return Map.of("onboarding-functions.jwt.token.signing-key", privateKey,
+ "onboarding-functions.jwt.token.issuer", "https://dev.selfcare.pagopa.it"
+ );
+ }
+ }
+
+ @Test
+ void createJwt() {
+ final String userId = "userId";
+ String jwt = tokenService.createJwt(userId);
+ assertTrue(Objects.nonNull(jwt));
+ }
+
+}
diff --git a/apps/onboarding-functions/src/test/resources/certs/PKCS1Key.pem b/apps/onboarding-functions/src/test/resources/certs/PKCS1Key.pem
new file mode 100644
index 000000000..ab817a8be
--- /dev/null
+++ b/apps/onboarding-functions/src/test/resources/certs/PKCS1Key.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAr3CERHTxmicRgvT/cwXHxQfaSsiudsJWXXnG/svqnuiKrbju
+r2pU1BYI/onevt/2EVPdyvjJDjogZ7jA0zXvDCcUcGBRv1sJGHZGLlMGnP4E61yp
+w64JqGVxNfyPL9OaKpo83WoQAiRIlEAOb7bumph5hhb9QAQXlQXxNviUlrEIeTbj
+ZBmQlTMP4DtDJktEA6W1FX8f2/ZbeZryodWQHgM0dAVhUOmA/1UfQ/0cmz+KVG5F
+wuGEHypXPJs7AkQwZsc6VoX58rmrjBKFfqM2P3+On5m/qCSB8SlAqav61tOCvOpy
+wB3sMJHTtSgIBEBtgzI63md7/q/jx0+qiEpyHwIDAQABAoIBAQCMwnP9EO7/xbTR
+I40JVmvv89r7AYSpGEd+/EPjDu0RznXl6GjpKSEigQN6ZlfnQX4GbQmY3n9CAPUb
+AysCy1UepQRLHZy5MWtcyxiH9mlp8I014cT7kVmCWNG6hQbFUrtwzwtigsSRU1dA
+SxzKGTXbp9Zo9Wz/vcjF8lyUxGFDfTYEEYjtOQNaKEvzPMpmTbGbgQVdQ8gflKV3
+Ue+BqyzpZxfpwFd69J/9f/r+rJz2N1Y6x5fvCOCcHBMBsb+qwFlZMw++TCT6x9Av
+lrO6JdkHWw3ZgBgKFB800l0kU+R4Ul+qUO5TVhA1ESf4f+MkS/xMHNg8q58S8ZJU
+PT99o/6RAoGBAOJtE44MZj97dPpl4uFv1HvHK/ojf0RIMZ2y80Titba+7g1Hm+r+
+DCf6REDlm4kwxGEG2cK+K+GAO+ML+CatjKfy6qcHsAKLfpmNTi/ZLZ4tgt4QppuQ
+lCNZG6yHhQtmgGwYtUxkrQdywJKSuL3cKhZqK4U9f3hdwsru/94mtTxrAoGBAMZa
+ny9zmQYM651I1n1U7570W+QuS9IEt0oHx7XAoV7CFJdy3nBHw4UoZHq0nY8AP0GO
+ynPG02nKNbl7F/A2nAjl18yztCcZ5O45RfWJSrIwcc1yJcHN30rzEYg4ssbVbma5
+8CYrvxXSMM9becw+i6GdqRC92wkoFa9kboK+jk4dAoGBAITF7XeYccS8AkZqxHXp
+e7Hxgyo08oX5x45vxxMX1fKJV1JWMWnE+x/eM3PSsDfsbttuhvcZSOX8qiFjfWpA
+zoAVg9/aNC3p2pz0LWsFcSiWC21oWipSx2tK711mQnAC9T9t5bIcPxJlCeNpQgej
+ONLYAxkojLzqTjVtnICKNjBtAoGASkzF1juB9Z8/XuJa3gXD4JH+HeItqpTzp3p0
+l6N5jwo6NmTj58Ep/yYbRU+EuX1JNKBtO6MdrEH/j+QJGoUKO9cE1/v0nrT3aTjw
++MGdxlOZPXDlrcwVOXkFdzZt2Uc3nKlHyLSYVm8us227mQNQwJBTNR84/hwSy2le
+cAE7Qw0CgYBF2iye7agP9okkY+sc/kOlj1hn4TtxPZpPX/D4PL4wmHpqHToXd5/f
+adJOrnMWeuJ602QFYgAGdakW/P6s9lxZINzTC0yvgHcef+/aRGku9gNYWO0h7NsH
+CmsHKLctqznNtO1m7fdG8imc30Axg55KWnMXsivJo2gYkMZ9N6WvjQ==
+-----END RSA PRIVATE KEY-----
diff --git a/infra/functions/onboarding-functions/env/dev-pnpg/terraform.tfvars b/infra/functions/onboarding-functions/env/dev-pnpg/terraform.tfvars
index 915c6869d..0694d0605 100644
--- a/infra/functions/onboarding-functions/env/dev-pnpg/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/dev-pnpg/terraform.tfvars
@@ -96,4 +96,7 @@ app_settings = {
"SAP_ALLOWED_INSTITUTION_TYPE" = "PA,GSP,SA,AS,SCP"
"SAP_ALLOWED_ORIGINS" = "IPA,SELC"
"MINUTES_THRESHOLD_FOR_UPDATE_NOTIFICATION" = "5"
+ "JWT_TOKEN_EXCHANGE_ISSUER" = "https://pnpg.dev.selfcare.pagopa.it"
+ "JWT_TOKEN_EXCHANGE_PRIVATE_KEY" = "@Microsoft.KeyVault(SecretUri=https://selc-d-pnpg-kv.vault.azure.net/secrets/jwt-exchange-private-key/)"
+ "JWT_TOKEN_EXCHANGE_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-d-pnpg-kv.vault.azure.net/secrets/jwt-exchange-kid/)"
}
\ No newline at end of file
diff --git a/infra/functions/onboarding-functions/env/dev/terraform.tfvars b/infra/functions/onboarding-functions/env/dev/terraform.tfvars
index f23ecbdeb..cda82be7c 100644
--- a/infra/functions/onboarding-functions/env/dev/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/dev/terraform.tfvars
@@ -93,7 +93,10 @@ app_settings = {
"MINUTES_THRESHOLD_FOR_UPDATE_NOTIFICATION" = "5"
"BYPASS_CHECK_ORGANIZATION" = "false"
"PROD_FD_URL" = "https://fid00001fe.siachain.sv.sia.eu:30008"
- "FD_TOKEN_GRANT_TYPE" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/prod-fd-grant-type/)"
- "FD_TOKEN_CLIENT_ID" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/prod-fd-client-id/)"
- "FD_TOKEN_CLIENT_SECRET" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/prod-fd-client-secret/)"
+ "JWT_TOKEN_EXCHANGE_ISSUER" = "https://dev.selfcare.pagopa.it"
+ "JWT_TOKEN_EXCHANGE_PRIVATE_KEY" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/jwt-exchange-private-key/)"
+ "JWT_TOKEN_EXCHANGE_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/jwt-exchange-kid/)"
+ "FD_TOKEN_GRANT_TYPE" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/prod-fd-grant-type/)"
+ "FD_TOKEN_CLIENT_ID" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/prod-fd-client-id/)"
+ "FD_TOKEN_CLIENT_SECRET" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/prod-fd-client-secret/)"
}
\ No newline at end of file
diff --git a/infra/functions/onboarding-functions/env/prod-pnpg/terraform.tfvars b/infra/functions/onboarding-functions/env/prod-pnpg/terraform.tfvars
index 4b079e601..af32db031 100644
--- a/infra/functions/onboarding-functions/env/prod-pnpg/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/prod-pnpg/terraform.tfvars
@@ -104,6 +104,10 @@ app_settings = {
"MAIL_ONBOARDING_REJECTION_LINK" = "https://imprese.notifichedigitali.it/onboarding/cancel?jwt=",
"MAIL_ONBOARDING_URL" = "https://imprese.notifichedigitali.it/onboarding/",
"USER_MS_SEND_MAIL" = "false",
- "FORCE_INSTITUTION_PERSIST" = "true"
+ "FORCE_INSTITUTION_PERSIST" = "true",
+ "JWT_TOKEN_EXCHANGE_ISSUER" = "https://pnpg.selfcare.pagopa.it"
+ "JWT_TOKEN_EXCHANGE_PRIVATE_KEY" = "@Microsoft.KeyVault(SecretUri=https://selc-p-pnpg-kv.vault.azure.net/secrets/jwt-exchange-private-key/)"
+ "JWT_TOKEN_EXCHANGE_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-p-pnpg-kv.vault.azure.net/secrets/jwt-exchange-kid/)"
+
}
\ No newline at end of file
diff --git a/infra/functions/onboarding-functions/env/prod/terraform.tfvars b/infra/functions/onboarding-functions/env/prod/terraform.tfvars
index 908972fea..50bbc7f59 100644
--- a/infra/functions/onboarding-functions/env/prod/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/prod/terraform.tfvars
@@ -110,4 +110,8 @@ app_settings = {
"ARUBA_SIGN_SERVICE_BASE_URL" = "https://asbr-pagopa.arubapec.it/ArubaSignService/ArubaSignService"
"ARUBA_SIGN_SERVICE_REQUEST_TIMEOUT_MS" = "60000"
"ARUBA_SIGN_SERVICE_CONNECT_TIMEOUT_MS" = "60000"
+ "JWT_TOKEN_EXCHANGE_ISSUER" = "https://selfcare.pagopa.it"
+ "JWT_TOKEN_EXCHANGE_PRIVATE_KEY" = "@Microsoft.KeyVault(SecretUri=https://selc-p-kv.vault.azure.net/secrets/jwt-exchange-private-key/)"
+ "JWT_TOKEN_EXCHANGE_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-p-kv.vault.azure.net/secrets/jwt-exchange-kid/)"
+
}
\ No newline at end of file
diff --git a/infra/functions/onboarding-functions/env/uat-pnpg/terraform.tfvars b/infra/functions/onboarding-functions/env/uat-pnpg/terraform.tfvars
index 75a1fd300..dee019fa0 100644
--- a/infra/functions/onboarding-functions/env/uat-pnpg/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/uat-pnpg/terraform.tfvars
@@ -103,6 +103,10 @@ app_settings = {
"MAIL_ONBOARDING_REJECTION_LINK" = "https://imprese.uat.notifichedigitali.it/onboarding/cancel?jwt=",
"MAIL_ONBOARDING_URL" = "https://imprese.uat.notifichedigitali.it/onboarding/",
"USER_MS_SEND_MAIL" = "false",
- "FORCE_INSTITUTION_PERSIST" = "true"
+ "FORCE_INSTITUTION_PERSIST" = "true",
+ "JWT_TOKEN_EXCHANGE_ISSUER" = "https://pnpg.uat.selfcare.pagopa.it"
+ "JWT_TOKEN_EXCHANGE_PRIVATE_KEY" = "@Microsoft.KeyVault(SecretUri=https://selc-u-pnpg-kv.vault.azure.net/secrets/jwt-exchange-private-key/)"
+ "JWT_TOKEN_EXCHANGE_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-u-pnpg-kv.vault.azure.net/secrets/jwt-exchange-kid/)"
+
}
\ No newline at end of file
diff --git a/infra/functions/onboarding-functions/env/uat/terraform.tfvars b/infra/functions/onboarding-functions/env/uat/terraform.tfvars
index 9e0ea604b..78ebd7187 100644
--- a/infra/functions/onboarding-functions/env/uat/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/uat/terraform.tfvars
@@ -109,4 +109,9 @@ app_settings = {
"ARUBA_SIGN_SERVICE_BASE_URL" = "https://asbr-pagopa.arubapec.it/ArubaSignService/ArubaSignService"
"ARUBA_SIGN_SERVICE_REQUEST_TIMEOUT_MS" = "60000"
"ARUBA_SIGN_SERVICE_CONNECT_TIMEOUT_MS" = "60000"
+
+ "JWT_TOKEN_EXCHANGE_ISSUER" = "https://uat.selfcare.pagopa.it"
+ "JWT_TOKEN_EXCHANGE_PRIVATE_KEY" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/jwt-exchange-private-key/)"
+ "JWT_TOKEN_EXCHANGE_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/jwt-exchange-kid/)"
+
}
\ No newline at end of file