From 7b76b833a2964cd4b74f39cc06f88b3832161614 Mon Sep 17 00:00:00 2001 From: Alexander Zaslonov Date: Thu, 18 Nov 2021 17:12:46 -0800 Subject: [PATCH 1/6] Added CORS and CSP configuration resources. --- .../apimportalsettings.json | 384 ++++++++++++++++++ .../apimportalsettingscors.json | 14 + .../apimportalsettingscsp.json | 28 ++ .../apimportalsettingscspmode.json | 31 ++ .../ApiManagementPortalSettingsCorsGet.json | 20 + .../ApiManagementPortalSettingsCorsHead.json | 15 + .../ApiManagementPortalSettingsCorsPatch.json | 17 + .../ApiManagementPortalSettingsCorsPut.json | 26 ++ .../ApiManagementPortalSettingsCspGet.json | 25 ++ .../ApiManagementPortalSettingsCspHead.json | 15 + .../ApiManagementPortalSettingsCspPatch.json | 23 ++ .../ApiManagementPortalSettingsCspPut.json | 37 ++ .../apimanagement/resource-manager/readme.md | 3 + 13 files changed, 638 insertions(+) create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscors.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscsp.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscspmode.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsGet.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsHead.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsPatch.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsPut.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspGet.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspHead.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspPatch.json create mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspPut.json diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json index 25a5a75f79c2..c3ed38d544f2 100644 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json @@ -693,6 +693,390 @@ } } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/portalsettings/csp": { + "head": { + "tags": [ + "PortalSettingsCsp" + ], + "operationId": "PortalSettingsCsp_GetEntityTag", + "description": "Get the entity state (Etag) version of the Content Security Policy (CSP) settings for the developer portal.", + "x-ms-examples": { + "ApiManagementPortalSettingsCspHead": { + "$ref": "./examples/ApiManagementPortalSettingsCspHead.json" + } + }, + "parameters": [ + { + "$ref": "./apimanagement.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ServiceNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Operation completed successfully.", + "headers": { + "ETag": { + "description": "Current entity state version. Should be treated as opaque and used to make conditional HTTP requests.", + "type": "string" + } + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./apimanagement.json#/definitions/ErrorResponse" + } + } + } + }, + "get": { + "tags": [ + "PortalSettingsCsp" + ], + "operationId": "PortalSettingsCsp_Get", + "description": "Get the Content Security Policy (CSP) settings for the developer portal.", + "x-ms-examples": { + "ApiManagementPortalSettingsCspGet": { + "$ref": "./examples/ApiManagementPortalSettingsCspGet.json" + } + }, + "parameters": [ + { + "$ref": "./apimanagement.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ServiceNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "The developer portal Content Security Policy (CSP) settings.", + "schema": { + "$ref": "./definitions.json#/definitions/ApiManagementPortalSettingsCsp" + }, + "headers": { + "ETag": { + "description": "Current entity state version. Should be treated as opaque and used to make conditional HTTP requests.", + "type": "string" + } + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./apimanagement.json#/definitions/ErrorResponse" + } + } + } + }, + "patch": { + "tags": [ + "PortalSettingsCsp" + ], + "operationId": "PortalSettingsCsp_Update", + "description": "Update the Content Security Policy (CSP) settings for the developer portal.", + "x-ms-examples": { + "ApiManagementPortalSettingsCspPatch": { + "$ref": "./examples/ApiManagementPortalSettingsCspPatch.json" + } + }, + "parameters": [ + { + "$ref": "./apimanagement.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ServiceNameParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "./definitions.json#/definitions/PortalSettingsCsp" + }, + "description": "Update the Content Security Policy (CSP) settings for the developer portal." + }, + { + "$ref": "./apimanagement.json#/parameters/IfMatchRequiredParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "The settings were successfully updated." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./apimanagement.json#/definitions/ErrorResponse" + } + } + } + }, + "put": { + "tags": [ + "PortalSettingsCsp" + ], + "operationId": "PortalSettingsCsp_CreateOrUpdate", + "description": "Create or update Content Security Policy (CSP) settings for the developer portal.", + "x-ms-examples": { + "PortalSettingsCspPut": { + "$ref": "./examples/PortalSettingsCspPut.json" + } + }, + "parameters": [ + { + "$ref": "./apimanagement.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ServiceNameParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "./definitions.json#/definitions/PortalSettingsCsp" + }, + "description": "Create or update parameters." + }, + { + "$ref": "./apimanagement.json#/parameters/IfMatchOptionalParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "The settings were successfully updated.", + "schema": { + "$ref": "./definitions.json#/definitions/PortalSettingsCsp" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./apimanagement.json#/definitions/ErrorResponse" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/portalsettings/cors": { + "head": { + "tags": [ + "PortalSettingsCors" + ], + "operationId": "PortalSettingsCors_GetEntityTag", + "description": "Get the entity state (Etag) version of the Cross-Origin Resource Sharing (CORS) settings for the developer portal.", + "x-ms-examples": { + "ApiManagementPortalSettingsCorsHead": { + "$ref": "./examples/ApiManagementPortalSettingsCorsHead.json" + } + }, + "parameters": [ + { + "$ref": "./apimanagement.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ServiceNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Operation completed successfully.", + "headers": { + "ETag": { + "description": "Current entity state version. Should be treated as opaque and used to make conditional HTTP requests.", + "type": "string" + } + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./apimanagement.json#/definitions/ErrorResponse" + } + } + } + }, + "get": { + "tags": [ + "PortalSettingsCors" + ], + "operationId": "PortalSettingsCors_Get", + "description": "Get the Cross-Origin Resource Sharing (CORS) settings for the developer portal.", + "x-ms-examples": { + "ApiManagementPortalSettingsCorsGet": { + "$ref": "./examples/ApiManagementPortalSettingsCorsGet.json" + } + }, + "parameters": [ + { + "$ref": "./apimanagement.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ServiceNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "The developer portal Cross-Origin Resource Sharing (CORS) settings.", + "schema": { + "$ref": "./definitions.json#/definitions/PortalSettingsCors" + }, + "headers": { + "ETag": { + "description": "Current entity state version. Should be treated as opaque and used to make conditional HTTP requests.", + "type": "string" + } + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./apimanagement.json#/definitions/ErrorResponse" + } + } + } + }, + "patch": { + "tags": [ + "PortalSettingsCors" + ], + "operationId": "PortalSettingsCors_Update", + "description": "Update the Cross-Origin Resource Sharing (CORS) settings for the developer portal.", + "x-ms-examples": { + "ApiManagementPortalSettingsCorsPatch": { + "$ref": "./examples/ApiManagementPortalSettingsCorsPatch.json" + } + }, + "parameters": [ + { + "$ref": "./apimanagement.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ServiceNameParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "./definitions.json#/definitions/PortalSettingsCors" + }, + "description": "Update the Cross-Origin Resource Sharing (CORS) settings for the developer portal." + }, + { + "$ref": "./apimanagement.json#/parameters/IfMatchRequiredParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "The settings were successfully updated." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./apimanagement.json#/definitions/ErrorResponse" + } + } + } + }, + "put": { + "tags": [ + "PortalSettingsCors" + ], + "operationId": "PortalSettingsCors_CreateOrUpdate", + "description": "Create or update the Cross-Origin Resource Sharing (CORS) settings for the developer portal.", + "x-ms-examples": { + "ApiManagementPortalSettingsCorsPut": { + "$ref": "./examples/ApiManagementPortalSettingsCorsPut.json" + } + }, + "parameters": [ + { + "$ref": "./apimanagement.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ServiceNameParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "./definitions.json#/definitions/PortalSettingsCors" + }, + "description": "Create or update parameters." + }, + { + "$ref": "./apimanagement.json#/parameters/IfMatchOptionalParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "./apimanagement.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "The settings were successfully updated.", + "schema": { + "$ref": "./definitions.json#/definitions/PortalSettingsCors" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./apimanagement.json#/definitions/ErrorResponse" + } + } + } + } } }, "definitions": {} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscors.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscors.json new file mode 100644 index 000000000000..2c39bdf250cf --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscors.json @@ -0,0 +1,14 @@ +{ + "type": "object", + "description": "The developer portal Cross-Origin Resource Sharing (CORS) settings.", + "x-apim-code-public": "true", + "properties": { + "allowedOrigins": { + "description": "Allowed origins, e.g. \"https://trusted.com\".", + "type": "array", + "items": { + "type": "string" + } + } + } +} \ No newline at end of file diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscsp.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscsp.json new file mode 100644 index 000000000000..8a2c56f6b7a3 --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscsp.json @@ -0,0 +1,28 @@ +{ + "type": "object", + "description": "The settings for Content Security Policy (CSP) of the developer portal.", + "x-apim-code-public": "true", + "properties": { + "mode": { + "allOf": [ + { + "$ref": "apimportalsettingscspmode.json" + }, + { + "description": "The mode of Content Security Policy (CSP) for the developer portal." + } + ] + }, + "reportUri": { + "type": "string", + "description": "The URL used by the browser to report CSP violations." + }, + "allowedSources": { + "description": "Allowed sources, e.g. \"*.trusted.com\", \"trusted.com\".", + "type": "array", + "items": { + "type": "string" + } + } + } +} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscspmode.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscspmode.json new file mode 100644 index 000000000000..f78c7a4b8d5e --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscspmode.json @@ -0,0 +1,31 @@ +{ + "type": "string", + "description": "Content security policy mode.", + "x-apim-public": "true", + "x-apim-code-flags": true, + "enum": [ + "http", + "https" + ], + "x-ms-enum": { + "modelAsString": true, + "name": "cspmode", + "values": [ + { + "value": "enabled", + "description": "The browser will block requests not matching allowed origins.", + "x-apim-code-enumValue": 1 + }, + { + "value": "disabled", + "description": "The browser will not apply CSP.", + "x-apim-code-enumValue": 2 + }, + { + "value": "reportOnly", + "description": "The browser will report requests not matching allowed origins without blocking them.", + "x-apim-code-enumValue": 4 + } + ] + } +} \ No newline at end of file diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsGet.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsGet.json new file mode 100644 index 000000000000..e759db21f616 --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsGet.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "serviceName": "apimService1", + "resourceGroupName": "rg1", + "api-version": "2021-04-01-preview", + "subscriptionId": "subid" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/portalsettings/cors", + "type": "Microsoft.ApiManagement/service/portalsettings/cors", + "name": "cors", + "properties": { + "allowedOrigins": ["https://trusted.com"] + } + } + } + } +} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsHead.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsHead.json new file mode 100644 index 000000000000..7407089f02d3 --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsHead.json @@ -0,0 +1,15 @@ +{ + "parameters": { + "serviceName": "apimService1", + "resourceGroupName": "rg1", + "api-version": "2021-04-01-preview", + "subscriptionId": "subid" + }, + "responses": { + "200": { + "headers": { + "etag": "AAAAAAAAAAa=" + } + } + } +} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsPatch.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsPatch.json new file mode 100644 index 000000000000..970b857d033c --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsPatch.json @@ -0,0 +1,17 @@ +{ + "parameters": { + "serviceName": "apimService1", + "resourceGroupName": "rg1", + "api-version": "2021-04-01-preview", + "subscriptionId": "subid", + "If-Match": "*", + "parameters": { + "properties": { + "allowedOrigins": ["https://trusted.com"] + } + } + }, + "responses": { + "204": {} + } +} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsPut.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsPut.json new file mode 100644 index 000000000000..59ebf9e43fb3 --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCorsPut.json @@ -0,0 +1,26 @@ +{ + "parameters": { + "serviceName": "apimService1", + "resourceGroupName": "rg1", + "api-version": "2021-04-01-preview", + "subscriptionId": "subid", + "If-Match": "*", + "parameters": { + "properties": { + "allowedOrigins": ["https://trusted.com"] + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/portalsettings/cors", + "type": "Microsoft.ApiManagement/service/portalsettings/cors", + "name": "cors", + "properties": { + "allowedOrigins": ["https://trusted.com"] + } + } + } + } +} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspGet.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspGet.json new file mode 100644 index 000000000000..a5e5775bcdd9 --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspGet.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "serviceName": "apimService1", + "resourceGroupName": "rg1", + "api-version": "2021-04-01-preview", + "subscriptionId": "subid" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/portalsettings/csp", + "type": "Microsoft.ApiManagement/service/portalsettings/csp", + "name": "csp", + "properties": { + "mode": "reportOnly", + "reportUri": "https://report.com", + "allowedSources": [ + "*.trusted.com", + "trusted.com" + ] + } + } + } + } +} \ No newline at end of file diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspHead.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspHead.json new file mode 100644 index 000000000000..7407089f02d3 --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspHead.json @@ -0,0 +1,15 @@ +{ + "parameters": { + "serviceName": "apimService1", + "resourceGroupName": "rg1", + "api-version": "2021-04-01-preview", + "subscriptionId": "subid" + }, + "responses": { + "200": { + "headers": { + "etag": "AAAAAAAAAAa=" + } + } + } +} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspPatch.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspPatch.json new file mode 100644 index 000000000000..2414c44f4c89 --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspPatch.json @@ -0,0 +1,23 @@ +{ + "parameters": { + "serviceName": "apimService1", + "resourceGroupName": "rg1", + "api-version": "2021-04-01-preview", + "subscriptionId": "subid", + "userId": "5931a75ae4bbd512288c680b", + "If-Match": "*", + "parameters": { + "properties": { + "mode": "reportOnly", + "reportUri": "https://report.com", + "allowedSources": [ + "*.trusted.com", + "trusted.com" + ] + } + } + }, + "responses": { + "204": {} + } +} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspPut.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspPut.json new file mode 100644 index 000000000000..9e677b320c8c --- /dev/null +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/examples/ApiManagementPortalSettingsCspPut.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "serviceName": "apimService1", + "resourceGroupName": "rg1", + "api-version": "2021-04-01-preview", + "subscriptionId": "subid", + "userId": "5931a75ae4bbd512288c680b", + "If-Match": "*", + "parameters": { + "properties": { + "mode": "reportOnly", + "reportUri": "https://report.com", + "allowedSources": [ + "*.trusted.com", + "trusted.com" + ] + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/portalsettings/csp", + "type": "Microsoft.ApiManagement/service/portalsettings/csp", + "name": "csp", + "properties": { + "mode": "reportOnly", + "reportUri": "https://report.com", + "allowedSources": [ + "*.trusted.com", + "trusted.com" + ] + } + } + } + } +} diff --git a/specification/apimanagement/resource-manager/readme.md b/specification/apimanagement/resource-manager/readme.md index 07eba9058b41..d7ed162393ca 100644 --- a/specification/apimanagement/resource-manager/readme.md +++ b/specification/apimanagement/resource-manager/readme.md @@ -120,6 +120,9 @@ input-file: - Microsoft.ApiManagement/preview/2021-04-01-preview/apimpolicydescriptions.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalrevisions.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json + - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingsCors.json + - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingsCsp.json + - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingsCspMode.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimprivatelink.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimproducts.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimproductsByTags.json From c276b9ac8046de1eee377b3baea102d7bde4df23 Mon Sep 17 00:00:00 2001 From: Alexander Zaslonov Date: Thu, 18 Nov 2021 17:19:44 -0800 Subject: [PATCH 2/6] Added missing definitions. --- .../2021-04-01-preview/definitions.json | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json index 353ef951ed96..94ad131fa59c 100644 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json @@ -3945,6 +3945,43 @@ }, "description": "Delegation settings contract properties." }, + "PortalSettingsCsp": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PortalSettingsCspProperties", + "description": "Delegation settings contract properties." + } + }, + "allOf": [ + { + "$ref": "./../../../../../common-types/resource-management/v2/types.json#/definitions/Resource" + } + ], + "description": "The developer portal Content Security Policy (CSP) settings." + }, + "PortalSettingsCspProperties": { + "properties": { + "mode": { + "type": "string", + "description": "A delegation Url." + }, + "allowedSources": { + "x-ms-secret": true, + "type": "string", + "description": "A base64-encoded validation key to validate, that a request is coming from Azure API Management." + }, + "subscriptions": { + "$ref": "#/definitions/SubscriptionsDelegationSettingsProperties", + "description": "Subscriptions delegation settings." + }, + "userRegistration": { + "$ref": "#/definitions/RegistrationDelegationSettingsProperties", + "description": "User registration delegation settings." + } + }, + "description": "The developer portal Content Security Policy (CSP) settings contract properties." + }, "PortalSettingsCollection": { "properties": { "value": { From a644c12aa4d79d2df18c6666e9d28db1296b04f3 Mon Sep 17 00:00:00 2001 From: Alexander Zaslonov Date: Thu, 18 Nov 2021 18:24:48 -0800 Subject: [PATCH 3/6] Cleanup. --- .../apimportalsettings.json | 2 +- .../apimportalsettingscors.json | 14 ---- .../apimportalsettingscsp.json | 28 ------- .../apimportalsettingscspmode.json | 31 -------- .../2021-04-01-preview/definitions.json | 75 ++++++++++++++++--- 5 files changed, 64 insertions(+), 86 deletions(-) delete mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscors.json delete mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscsp.json delete mode 100644 specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscspmode.json diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json index c3ed38d544f2..7fad2b3c338d 100644 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json @@ -767,7 +767,7 @@ "200": { "description": "The developer portal Content Security Policy (CSP) settings.", "schema": { - "$ref": "./definitions.json#/definitions/ApiManagementPortalSettingsCsp" + "$ref": "./definitions.json#/definitions/PortalSettingsCsp" }, "headers": { "ETag": { diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscors.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscors.json deleted file mode 100644 index 2c39bdf250cf..000000000000 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscors.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "type": "object", - "description": "The developer portal Cross-Origin Resource Sharing (CORS) settings.", - "x-apim-code-public": "true", - "properties": { - "allowedOrigins": { - "description": "Allowed origins, e.g. \"https://trusted.com\".", - "type": "array", - "items": { - "type": "string" - } - } - } -} \ No newline at end of file diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscsp.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscsp.json deleted file mode 100644 index 8a2c56f6b7a3..000000000000 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscsp.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "type": "object", - "description": "The settings for Content Security Policy (CSP) of the developer portal.", - "x-apim-code-public": "true", - "properties": { - "mode": { - "allOf": [ - { - "$ref": "apimportalsettingscspmode.json" - }, - { - "description": "The mode of Content Security Policy (CSP) for the developer portal." - } - ] - }, - "reportUri": { - "type": "string", - "description": "The URL used by the browser to report CSP violations." - }, - "allowedSources": { - "description": "Allowed sources, e.g. \"*.trusted.com\", \"trusted.com\".", - "type": "array", - "items": { - "type": "string" - } - } - } -} diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscspmode.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscspmode.json deleted file mode 100644 index f78c7a4b8d5e..000000000000 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingscspmode.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "type": "string", - "description": "Content security policy mode.", - "x-apim-public": "true", - "x-apim-code-flags": true, - "enum": [ - "http", - "https" - ], - "x-ms-enum": { - "modelAsString": true, - "name": "cspmode", - "values": [ - { - "value": "enabled", - "description": "The browser will block requests not matching allowed origins.", - "x-apim-code-enumValue": 1 - }, - { - "value": "disabled", - "description": "The browser will not apply CSP.", - "x-apim-code-enumValue": 2 - }, - { - "value": "reportOnly", - "description": "The browser will report requests not matching allowed origins without blocking them.", - "x-apim-code-enumValue": 4 - } - ] - } -} \ No newline at end of file diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json index 94ad131fa59c..376f7c5a1050 100644 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json @@ -3945,12 +3945,39 @@ }, "description": "Delegation settings contract properties." }, + "PortalSettingsCors": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PortalSettingsCorsProperties", + "description": "The developer portal Cross-Origin Resource Sharing (CORS) settings contract properties." + } + }, + "allOf": [ + { + "$ref": "./../../../../../common-types/resource-management/v2/types.json#/definitions/Resource" + } + ], + "description": "The developer portal Cross-Origin Resource Sharing (CORS) settings." + }, + "PortalSettingsCorsProperties": { + "properties": { + "allowedOrigins": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed origins, e.g. `https://trusted.com`." + } + }, + "description": "The developer portal Cross-Origin Resource Sharing (CORS) settings contract properties." + }, "PortalSettingsCsp": { "properties": { "properties": { "x-ms-client-flatten": true, "$ref": "#/definitions/PortalSettingsCspProperties", - "description": "Delegation settings contract properties." + "description": "The developer portal Content Security Policy (CSP) settings contract properties." } }, "allOf": [ @@ -3964,20 +3991,44 @@ "properties": { "mode": { "type": "string", - "description": "A delegation Url." + "description": "The mode of the developer portal Content Security Policy (CSP).", + "enum": [ + "enabled", + "disabled", + "reportOnly" + ], + "x-ms-enum": { + "modelAsString": true, + "name": "PortalSettingsCspMode", + "values": [ + { + "value": "enabled", + "description": "The browser will block requests not matching allowed origins.", + "x-apim-code-enumValue": 1 + }, + { + "value": "disabled", + "description": "The browser will not apply the origin restrictions.", + "x-apim-code-enumValue": 2 + }, + { + "value": "reportOnly", + "description": "The browser will report requests not matching allowed origins without blocking them.", + "x-apim-code-enumValue": 4 + } + ] + } }, - "allowedSources": { - "x-ms-secret": true, + "reportUri": { "type": "string", - "description": "A base64-encoded validation key to validate, that a request is coming from Azure API Management." + "description": "The URL used by the browser to report CSP violations." }, - "subscriptions": { - "$ref": "#/definitions/SubscriptionsDelegationSettingsProperties", - "description": "Subscriptions delegation settings." - }, - "userRegistration": { - "$ref": "#/definitions/RegistrationDelegationSettingsProperties", - "description": "User registration delegation settings." + "allowedSources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed sources, e.g. `*.trusted.com`, `trusted.com`, `https://`." } }, "description": "The developer portal Content Security Policy (CSP) settings contract properties." From 91d65cb8d9372d1bde497071eeb08702e8681ad0 Mon Sep 17 00:00:00 2001 From: Alexander Zaslonov Date: Thu, 18 Nov 2021 18:27:42 -0800 Subject: [PATCH 4/6] Fixed reference to example. --- .../preview/2021-04-01-preview/apimportalsettings.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json index 7fad2b3c338d..30802bd2eefd 100644 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json @@ -841,7 +841,7 @@ "description": "Create or update Content Security Policy (CSP) settings for the developer portal.", "x-ms-examples": { "PortalSettingsCspPut": { - "$ref": "./examples/PortalSettingsCspPut.json" + "$ref": "./examples/ApiManagementPortalSettingsCspPut.json" } }, "parameters": [ From 9fb691531432999ffd9aa861849b2558066d3d02 Mon Sep 17 00:00:00 2001 From: Alexander Zaslonov Date: Thu, 18 Nov 2021 19:45:03 -0800 Subject: [PATCH 5/6] Cleanup. --- specification/apimanagement/resource-manager/readme.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/specification/apimanagement/resource-manager/readme.md b/specification/apimanagement/resource-manager/readme.md index d7ed162393ca..07eba9058b41 100644 --- a/specification/apimanagement/resource-manager/readme.md +++ b/specification/apimanagement/resource-manager/readme.md @@ -120,9 +120,6 @@ input-file: - Microsoft.ApiManagement/preview/2021-04-01-preview/apimpolicydescriptions.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalrevisions.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettings.json - - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingsCors.json - - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingsCsp.json - - Microsoft.ApiManagement/preview/2021-04-01-preview/apimportalsettingsCspMode.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimprivatelink.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimproducts.json - Microsoft.ApiManagement/preview/2021-04-01-preview/apimproductsByTags.json From 1bda422cff125bd31e30ee2cee41a4d4234da85b Mon Sep 17 00:00:00 2001 From: Alexander Zaslonov Date: Fri, 19 Nov 2021 09:15:31 -0800 Subject: [PATCH 6/6] Fixed enum. --- .../preview/2021-04-01-preview/definitions.json | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json index 376f7c5a1050..ae323cdc3d0a 100644 --- a/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json +++ b/specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2021-04-01-preview/definitions.json @@ -4003,18 +4003,15 @@ "values": [ { "value": "enabled", - "description": "The browser will block requests not matching allowed origins.", - "x-apim-code-enumValue": 1 + "description": "The browser will block requests not matching allowed origins." }, { "value": "disabled", - "description": "The browser will not apply the origin restrictions.", - "x-apim-code-enumValue": 2 + "description": "The browser will not apply the origin restrictions." }, { "value": "reportOnly", - "description": "The browser will report requests not matching allowed origins without blocking them.", - "x-apim-code-enumValue": 4 + "description": "The browser will report requests not matching allowed origins without blocking them." } ] }