Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TS29510_Nnrf_AccessToken has no servers section? #23

Open
gatopeich opened this issue Mar 11, 2020 · 2 comments
Open

TS29510_Nnrf_AccessToken has no servers section? #23

gatopeich opened this issue Mar 11, 2020 · 2 comments

Comments

@gatopeich
Copy link

How come there is no "servers" for the OAuth2 service in NRF?

I was expecting something like "{apiRoot}/nnrf-auth/v1"...

@jdegre
Copy link
Owner

jdegre commented Mar 13, 2020

It's intentional, and the reason is that the URI structure you refer to: {apiRoot}/{serviceName}/{serviceVersion} is intended for those services registered in NRF (and later on discovered via NRF Service Discovery).

However, the Oauth2 Access Token service is not discovered; it must be configured on each Network Function. So, the "token endpoint" is always: https://<nrf-fqdn>/oauth2/token (no "service name", and no "serviceVersion").

Still, it would've been possible to define a servers section, having something like {nrfApiRoot}; we use this approach to identify the Oauth2 tokenUrl from the "securitySchemes" section in all other APIs; e.g., take TS29518_Namf_Communication.yaml API. You can see there:

  securitySchemes:
    oAuth2ClientCredentials:
      type: oauth2
      flows:
        clientCredentials:
          tokenUrl: '{nrfApiRoot}/oauth2/token'
          scopes:
            namf-comm: Access to the Namf_Communication API

So, if we were to define a servers section in the Oauth2 API, it should be something like:

servers:
  - url: '{nrfApiRoot}'
    variables:
      nrfApiRoot:
        default: https://example.com
        description: nrfApiRoot as defined in clause clause 6.3.2 of 3GPP TS 29.510

I'll discuss this approach with other 3GPP folks, to see if that could be a better approach than having no "servers" section at all.

@gatopeich
Copy link
Author

Thanks for the clarification. I was suspecting something like that but could not find a clear statement in the specs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants