Postman

This section shows how OpenCAPIF is used through requests made with Postman, from the creation of a provider together with the publication of an api, to the creation of an invoker and the consumption of the published api. Everything you need to run the test is in Postman-Test.zip.

Requisites

We will need to have Node.js installed since we will use a small script to create the CSRs of the certificates.
An instance of CAPIF (If it is not local, certain variables would have to be modified both in the Node.js script and in the Postman environment variables).

First steps

Install the Node dependencies package.json to run the script with:

npm i

Run the script.js with the following command:

node script.js

Import Postman collection and environment variables (CAPIF.postman_collection.json and CAPIF.postman_environment.json)
Select CAPIF Environment before start testing.
Install the necessary dependencies from requirements.txt using the following command:

pip install -r requirements.txt

Remote CAPIF

If the CAPIF is not local, the host and port of both the CAPIF and the register would have to be specified in the variables, and the CAPIF_HOSTNAME in the script, necessary to obtain the server certificate.

Enviroments in Postman

CAPIF_HOSTNAME     capifcore
CAPIF_PORT         8080
REGISTER_HOSTNAME  register
REGISTER_PORT      8084

Const in script.js

CAPIF_HOSTNAME    capifcore

CAPIF Flows

Once the first steps have been taken, we can now use Postman requests. These requests are numbered in the order that must be followed to obtain everything necessary from CAPIF.

Creation of User by Admin

The first step would be for an administrator to create a user with which a provider and an invoker will be created. To do this, the admin must log in to obtain the token needed in admin requests.

01-Login_admin

Flow

02-Creation of User

Flow

Publication of an API

The next step is to register a provider using the user created by the administrator in order to publish an API.

03-getauth_provider

Flow

04-onboard_provider

Flow

05-publish_api

At this point we move on to using certificate authentication in CAPIF. In Postman it is necessary to add the certificates manually and using more than one certificate for the same host as we do in CAPIF complicates things. For this reason, we use the script to overwrite a certificate and a key when it is necessary to have a specific one.

To configure go to settings in Postman and open the certificates section.

Here, activate the CA certificates option and add the ca_cert.pem file found in the Responses folder.
Adds a client certificate specifying the CAPIF host being used and the files client_cert.crt and client_key.key in the Responses folder.

Once this is done, the node script will be in charge of changing the certificate that is necessary in each request.

Flow

Once the api is published, we can start it. In this case we have a test one created in python called hello_api.py that can be executed with the following command:

python3 hello_api.py

The API publication interface is set to localhost with port 8088, so the service must be set up locally. If you wanted to build it on another site, you would have to change the interface description in the body of publish_api.

With this the provider part would be finished.

Calling the API

Finally, we will create an invoker with the user given by the administrator to be able to use the published api.

06-getauth_invoker

Flow

07-onboard_invoker

Flow

08-discover

At this point we move on to using certificate authentication in CAPIF. If you did not configure the provider's certificates, you would have to do it now.

Flow

09-security_context

Flow

10-get_token

Flow

11-call_service

Flow

With this, we would have made the API call and finished the flow.

Other requests

Other requests that we have added are the following:

offboard_provider Performs offboarding of the provider, thereby eliminating the published APIs.
offboard_invoker Offboards the invoker, also eliminating access to the APIs of that invoker.
remove_user Delete the user.
refresh_admin_token Return a new access token to the admin.

Notes

This process is designed to teach how requests are made in Postman and the flow that should be followed to publish and use an API.
It is possible that if external CAPIFs are used (Public CAPIF) the test data may already be used or the API already registered.
It is necessary to have the Node service running to make the certificate change for the requests, otherwise it will not work.
We are working on adding more requests to the Postman collection.
This collection is a testing guide and is recommended for testing purposes only.