api_public.yaml

swagger: "2.0"
info:
  version: 1.0.0
  title: Public API
  description: Mobile and web proxy API gateway.
host: localhost
basePath: /
schemes:
  - https
paths:
  "/info":
    x-swagger-router-controller: ServerInfoController
    get:
      operationId: getServerInfo
      summary: Runtime server info
      description: >
        Returns runtime information about the server.
      responses:
        "200":
          description: Runtime server info.
          schema:
            $ref: "#/definitions/ServerInfo"
          examples:
            application/json:
              version: "0.0.1"
              min_app_version: "0.0.0"
              min_app_version_pagopa: "0.0.0"
  "/test-login":
    x-swagger-router-controller: AuthenticationController
    post:
      operationId: testLogin
      summary: Login Test User with password
      description: Login Test User with password and Fiscal Code
      parameters:
        - in: body
          name: body
          schema:
            $ref: "#/definitions/PasswordLogin"
          required: true
          x-examples:
            application/json:
              username: AAABBB01C02D345Z
              password: secret
        - $ref: "#/parameters/JwkPubKeyToken"
        - $ref: "#/parameters/JwkPubKeyHashAlgorithm"
        - $ref: "#/parameters/LoginType"
      responses:
        "200":
          description: Access token
          schema:
            $ref: "#/definitions/AccessToken"
        "401":
          description: Invalid credentials
        "500":
          description: Unavailable service
          schema:
            $ref: "#/definitions/ProblemJson"
  "/login":
    get:
      operationId: login
      summary: Login SPID/CIE
      description: Login with SPID or CIE for IO APP
      parameters:
        - $ref: "#/parameters/EntityId"
        - $ref: "#/parameters/AuthLevel"
        - $ref: "#/parameters/JwkPubKeyToken"
        - $ref: "#/parameters/JwkPubKeyHashAlgorithm"
        - $ref: "#/parameters/LoginType"
      responses:
        "302":
          description: Redirect to IDP
          headers:
            Location:
              type: string
              description: Redirect endpoint with SAML AuthNRequest query parameters
        "400":
          description: Bad Request
          schema:
            $ref: "#/definitions/ProblemJson"
        "500":
          description: Internal Server Error
          schema:
            $ref: "#/definitions/ProblemJson"
        "503":
          description: Service unavailable
  "/assertionConsumerService":
    post:
      operationId: acs
      summary: ACS step of Login SPID/CIE
      description: Login with SPID or CIE for IO APP
      parameters:
        - in: body
          name: body
          schema:
            $ref: "#/definitions/SAMLResponse"
      responses:
        "301":
          description: Redirect to home page
          headers:
            Location:
              type: string
        "500":
          description: Internal Server Error
          schema:
            $ref: "#/definitions/ProblemJson"

definitions:
  FiscalCode:
    $ref: "https://raw.githubusercontent.com/pagopa/io-functions-commons/v5.0.0/openapi/definitions.yaml#/FiscalCode"
  ProblemJson:
    $ref: "https://raw.githubusercontent.com/pagopa/io-functions-commons/v5.0.0/openapi/definitions.yaml#/ProblemJson"
  ServerInfo:
    type: object
    title: Server information
    properties:
      version:
        type: string
      min_app_version:
        $ref: "#/definitions/VersionPerPlatform"
      min_app_version_pagopa:
        $ref: "#/definitions/VersionPerPlatform"
    required:
      - version
      - min_app_version
      - min_app_version_pagopa
  VersionPerPlatform:
    type: object
    title: Specify a version for ios and another for android
    properties:
      ios:
        type: string
      android:
        type: string
    required:
      - ios
      - android
  PasswordLogin:
    type: object
    properties:
      username:
        $ref: "#/definitions/FiscalCode"
      password:
        type: string
        minLength: 1
    required:
      - username
      - password
  AccessToken:
    type: object
    properties:
      token:
        type: string
        minLength: 1
    required:
      - token
  SAMLResponse:
    type: string
    description: A string representation of a signed SPID/CIE response
    minLength: 1
consumes:
  - application/json
produces:
  - application/json

parameters:
  EntityId:
    name: entityID
    in: query
    type: string
    enum:
      - lepidaid
      - infocertid
      - sielteid
      - namirialid
      - timid
      - arubaid
      - posteid
      - spiditalia
      - teamsystemid
      - ehtid
      - infocamereid
      - intesiid
      - xx_servizicie_coll
      - xx_servizicie
      - xx_servizicie_test
    description: An ID that refers to a specific IDP
    required: true
  AuthLevel:
    name: authLevel
    in: query
    type: string
    enum: [SpidL2, SpidL3]
    description: SPID AuthLevel
    required: true
    x-example: SpidL2
  LoginType:
    name: loginType
    in: header
    type: string
    enum: [LV, LEGACY]
    required: false
    x-example: LEGACY
  JwkPubKeyToken:
    $ref: "./api_lollipop.yaml#/parameters/JwkPubKeyToken"
  JwkPubKeyHashAlgorithm:
    $ref: "./api_lollipop.yaml#/parameters/JwkPubKeyHashAlgorithm"