Ejemplos de plantilla de definición de API y producto
Puede utilizar archivos de plantilla al crear definiciones de API y de producto. Los archivos de plantilla son plantillas de barras de descriptor de contexto que contienen variables con el formato {{variable-name}} que se sustituyen por valores al crear la definición de API o producto. En
este tema se proporcionan las plantillas de barras de descriptor de contexto utilizadas por apic para crear productos y APIs como ejemplo
que puede utilizar para copiar y personalizar para su propio uso.
Plantilla de definición de API predeterminada (OpenAPI 2.0)
La plantilla de ejemplo siguiente, que es para una definición de API de OpenAPI 2.0 , es la plantilla predeterminada que developer toolkit utiliza al crear una definición de API. Copie esta plantilla de
ejemplo en su propio archivo de plantilla (que debe tener la extensión .hbs) y edítelo para ajustarlo a sus propósitos. Las
variables de plantilla están encerradas entre llaves dobles, por ejemplo {{name}}. Para obtener información sobre las variables de plantilla, consulte Variables de plantilla para definiciones de API y producto. Para obtener más información sobre las barras de descriptor de contexto, consulte https://handlebarsjs.com/.
swagger: '2.0'
info:
x-ibm-name: {{name}}
title: {{title}}
version: {{version}}
schemes:
{{#if schemes}}
{{#each schemes}}
- {{this}}
{{/each}}
{{else}}
- https
{{/if}}
host: {{hostname}}
basePath: {{basepath}}
consumes:
- application/json
produces:
- application/json
securityDefinitions:
clientIdHeader:
type: apiKey
in: header
name: X-IBM-Client-Id
clientSecretHeader:
in: "header"
name: "X-IBM-Client-Secret"
type: "apiKey"
security:
-
clientIdHeader: []
clientSecretHeader: []
x-ibm-configuration:
testable: true
enforced: true
gateway: datapower-gateway
cors:
enabled: true
catalogs:
apic-dev:
properties:
runtime-url: $(TARGET_URL)
sb:
properties:
runtime-url: 'http://localhost:4001'
assembly:
execute:
- invoke:
{{#if targeturl}}
target-url: {{targeturl}}
{{else}}
target-url: $(runtime-url)$(request.path)
{{/if}}
paths:
/users:
post:
summary: Create a user
description: Create a new user
operationId: userCreate
externalDocs:
description: Blah
url: http://host/docs-about-routes-post
tags:
- Users
responses:
'201':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
get:
summary: User list
description: Get a list of users
operationId: userList
externalDocs:
description: Blah
url: http://host/docs-about-routes-post
tags:
- Users
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/UserList'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
/users/{user}:
get:
summary: Retrieve the User
description: Retrieve the User
operationId: userGet
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
patch:
summary: Update User
description: Update User
operationId: userUpdate
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
- name: payload
in: body
description: User to update
required: true
schema:
$ref: '#/definitions/UserUpdate'
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
delete:
summary: Delete the User
description: Delete the User
operationId: userDelete
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
responses:
'204':
description: 'Successful delete'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
definitions:
User:
type: object
additionalProperties: false
UserUpdate:
type: object
additionalProperties: false
UserList:
type: object
additionalProperties: false
Error:
type: object
additionalProperties: false
properties:
status:
type: integer
message:
type:
- string
- array
tags:
- name: Users
description: Tags on all the user operations
externalDocs:
description: External information about Users
url: http://host/url-of-my-entire-set-of-tag-docs-for-this-tag
- name: Routes
description: Tags on all the route operations
externalDocs:
description: External information about Routes
url: http://host/url-of-my-entire-set-of-tag-docs-for-this-tag
Plantilla de definición de API OpenAPI 3.0
La plantilla de ejemplo siguiente es para una definición de API OpenAPI 3.0 . Copie esta plantilla de
ejemplo en su propio archivo de plantilla (que debe tener la extensión .hbs) y edítelo para ajustarlo a sus propósitos. Las
variables de plantilla están encerradas entre llaves dobles, por ejemplo {{name}}. Para obtener información sobre las variables de plantilla, consulte Variables de plantilla para definiciones de API y producto. Para obtener más información sobre las barras de descriptor de contexto, consulte https://handlebarsjs.com/.
openapi: '3.0.3'
info:
x-ibm-name: {{name}}
version: {{version}}
title: {{title}}
x-ibm-configuration:
assembly:
execute:
- invoke:
title: invoke
version: 2.0.0
target-url: 'http://apicsrv01.dp.rtp.raleigh.ibm.com/sample.json'
cors:
enabled: true
enforced: true
phase: realized
testable: true
gateway: datapower-api-gateway
servers:
- url: "/oauth-supported-flows"
paths:
"/getData":
get:
summary: Operation Get Branches
operationId: basicImplicit
responses:
default:
description: Default response
security:
- Oauth:
- scopePub
components:
securitySchemes:
clientIdHeader:
type: apiKey
in: header
name: clientHeader
clientSecretHeader:
type: apiKey
in: header
name: X-IBM-Client-Secret
client_id:
type: apiKey
in: query
name: client_id
client_secret:
type: apiKey
in: query
name: client_secret
Plantilla de API de OAuth 2.0
La siguiente plantilla de ejemplo es la plantilla predeterminada que developer toolkit utiliza al crear una definición de API OAuth 2.0 con el mandato apic create:api --template oauth. Copie esta plantilla de ejemplo en su propio archivo de plantilla (que debe tener el.hbs ) y, a continuación, edítelo para sus propósitos. Las
variables de plantilla están encerradas entre llaves dobles, por ejemplo {{name}}. Para obtener información sobre las variables de plantilla, consulte Variables de plantilla para definiciones de API y producto. Para obtener más información sobre las barras de descriptor de contexto, consulte https://handlebarsjs.com/.
swagger: "2.0"
info:
x-ibm-name: {{name}}
title: {{title}}
version: {{version}}
schemes:
{{#if schemes}}
{{#each schemes}}
- {{this}}
{{/each}}
{{else}}
- https
{{/if}}
host: {{hostname}}
basePath: {{basepath}}
securityDefinitions:
clientID:
description: "application's client_id"
in: "query"
name: "client_id"
type: "apiKey"
security:
- clientID: []
paths:
/oauth2/authorize:
get:
produces:
- text/html
summary: endpoint for Authorization Code and Implicit grants
description: description
parameters:
- name: response_type
in: query
description: request an authorization code or or access token (implicit)
required: true
type: string
enum:
- code
- token
- name: client_id
in: query
description: Application client ID
required: true
type: string
- name: scope
in: query
description: Scope being requested
type: string
required: true
- name: redirect_uri
in: query
type: string
description: URI where user is redirected to after authorization
required: false
- name: state
in: query
type: string
description: This string will be echoed back to application when user is redirected
required: false
responses:
302:
description: |
Redirect to the clients redirect_uri containing one of the following
- **authorization code** for Authorization code grant
- **access token** for Implicity grant
- **error** in case of errors, such as the user has denied the request
200:
description: An HTML form for authentication or authorization of this request.
security:
- clientID: []
post:
consumes:
- application/x-www-form-urlencoded
produces:
- text/html
summary: submit approval to authorization code or access token
description: |
Submit resource owners approval (or rejection) for the OAuth2 Server to issue an
authorization code or access token to the application.
security:
- clientID: []
parameters:
- name: client_id
in: formData
description: application requesting the access code or token
required: true
type: string
- name: scope
in: formData
description: requested scope of this authorization
required: true
type: string
- name: resource-owner
in: formData
description: resource owners user name
required: true
type: string
- name: redirect_uri
in: formData
description: URI the application is requesting this code or token to be redirected to
required: true
type: string
- name: original-url
in: formData
description: URL of the original authorization request
required: true
type: string
- name: dp-state
in: formData
description: state information provided in the authorization form
required: true
type: string
- name: dp-data
in: formData
description: state information provided in the authorization form
required: true
type: string
#- name: response_type
# in: formData
# description:
# required: true
# type: string
responses:
200:
description: Cool
/oauth2/token:
post:
consumes:
- application/x-www-form-urlencoded
produces:
- application/json
summary: Request Access Tokens
description: |
This endpoint allows requesting an access token following one of the flows below:
- Authorization Code (exchange code for access token)
- Client Credentials (2-legged, there isnt resource owner information)
- Resource Owner Password Credentials (2-legged, client provides resource owner name and password)
- Refresh Token (exchange refresh token for a new access code)
The table below indicates the required parameters for each specific grant_type options.
Empty cells indicate a parameter is ignored for that specific grant type.
Client authentication:
- Confidential clients should authenticate using HTTP Basic Authentication. Alternatively, they may post
their client_id and client_secret information as a formData parameter.
- Public clients should send their client_id as formData parameter.
| grant_type | code | client_credentials | password | refresh_token |
|----------------------|------------|--------------------|-------------|---------------|
| client_id | required* | required* | required* | required* |
| client_secret | required* | required* | required* | required* |
| code | required | | | |
| redirect_uri | required | | | |
| username | | | required | |
| password | | | required | |
| scope | | optional | optional | |
| refresh_token | | | | required |
The implicit grant requests, see /oauth2/authorize.
security: []
parameters:
- name: grant_type
in: formData
description: Type of grant
type: string
required: true
enum:
- authorization_code
- password
- client_credentials
- refresh_token
- name: client_id
in: formData
description: Application client ID, can be provided in formData or using HTTP Basic Authentication
required: false
type: string
- name: client_secret
in: formData
description: Application secret, must be provided in formData or using HTTP Basic Authentication
required: false
type: string
- name: code
in: formData
description: Authorization code provided by the /oauth2/authorize endpoint
required: false
type: string
- name: redirect_uri
in: formData
description: required only if the redirect_uri parameter was included in the authorization request /oauth2/authorize; their values MUST be identical.
required: false
type: string
- name: username
in: formData
type: string
description: Resource owner username
required: false
- name: password
in: formData
type: string
description: Resource owner password
required: false
- name: scope
in: formData
type: string
description: Scope being requested
required: false
- name: refresh_token
in: formData
type: string
description: The refresh token that the client wants to exchange for a new access token (refresh_token grant_type)
required: false
responses:
200:
description: json document containing token, etc.
schema:
$ref: "#/definitions/access_token_response"
400:
description: json document that may contain additional details about the failure
x-ibm-configuration:
testable: true
enforced: true
phase: "realized"
oauth2:
client-type: public #or confidential
scopes:
scope1: Description 1
scope2: Description 2
scope3: Description 3
grants:
- application
- password
- accessCode
- implicit
identity-extraction:
type: default-form #If identity extraction is not there use this form.
#type: basic
#type: custom-form #Customer provided form (needs location)
#type: redirect #Redirects user to authenticate somewhere else
#custom-form:
# url: https://example.com/authentication/form
# tls-profile: tls-profile-1
#redirect-url: https://example.com/external/form
authentication:
x-ibm-authentication-url:
url: https://example.com/auth/url
tls-profile: tls-profile-4
#x-ibm-authentication-registry: ldap-1
authorization:
type: authenticated #If the authorization section is missing this is the default
#type: default-form
#type: custom-form
#custom-form:
# url: https://example.com/authorization/form
# tls-profile: tls-profile-2
refresh-token:
count: 2048 # If this section is missing default is 0
revocation:
url: ""
tls-profile: ""
definitions:
access_token_response:
type: object
additionalProperties: false
required:
- token_type
- access_token
- expires_in
properties:
token_type:
enum:
- bearer
access_token:
type: string
expires_in:
type: integer
scope:
type: string
refresh_token:
type: string
Plantilla de definición de producto
La siguiente plantilla de ejemplo es la plantilla predeterminada que developer toolkit utiliza al crear una definición de producto. Copie esta plantilla de ejemplo en su propio archivo de plantilla (que debe tener el.hbs ) y, a continuación, edítelo para sus propósitos. Las
variables de plantilla están encerradas entre llaves dobles, por ejemplo {{name}}. Para obtener información sobre las variables de plantilla, consulte Variables de plantilla para definiciones de API y producto. Para obtener más información sobre las barras de descriptor de contexto, consulte https://handlebarsjs.com/.
product: '1.0.0'
info:
name: {{name}}
title: {{title}}
version: {{version}}
{{#isEmpty apis}}
{{else}}
apis:
{{/isEmpty}}
{{#each apis}}
'{{@key}}':
$ref: {{this}}
{{/each}}
visibility:
view:
type: public
subscribe:
type: authenticated
plans:
default:
title: Default Plan
description: Default Plan
approval: false
rate-limit:
value: 100/hour
hard-limit: false