Skip to content
Permalink
stable-v5
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

ewp-specs-api-discovery/manifest.xsd

Go to file
 
 
Cannot retrieve contributors at this time
202 lines (175 sloc) 11.2 KB
Raw Blame
Open in GitHub Desktop
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:ewp="https://github.com/erasmus-without-paper/ewp-specs-architecture/blob/stable-v1/common-types.xsd"
xmlns:r="https://github.com/erasmus-without-paper/ewp-specs-api-registry/tree/stable-v1"
elementFormDefault="qualified"
targetNamespace="https://github.com/erasmus-without-paper/ewp-specs-api-discovery/tree/stable-v5"
xmlns="https://github.com/erasmus-without-paper/ewp-specs-api-discovery/tree/stable-v5"
>
<xs:import
schemaLocation="http://www.w3.org/2001/03/xml.xsd"
namespace="http://www.w3.org/XML/1998/namespace"
/>
<xs:import
schemaLocation="https://raw.githubusercontent.com/erasmus-without-paper/ewp-specs-architecture/stable-v1/common-types.xsd"
namespace="https://github.com/erasmus-without-paper/ewp-specs-architecture/blob/stable-v1/common-types.xsd"
/>
<xs:import
schemaLocation="https://raw.githubusercontent.com/erasmus-without-paper/ewp-specs-api-registry/stable-v1/catalogue.xsd"
namespace="https://github.com/erasmus-without-paper/ewp-specs-api-registry/tree/stable-v1"
/>
<xs:annotation>
<xs:documentation>
This schema is a part of the Erasmus Without Paper project. Before you start
using it, make sure you have read the general rules described here:
http://developers.erasmuswithoutpaper.eu/
</xs:documentation>
</xs:annotation>
<xs:element name="manifest">
<xs:annotation>
<xs:documentation>
EWP Discovery Manifest.
Manifest files describe a set of EWP Hosts. Manifest files are usually read by
the EWP Registry Service only.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="host" minOccurs="0" maxOccurs="1"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="host">
<xs:complexType>
<xs:sequence>
<xs:element ref="ewp:admin-email" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>
RECOMMENDED element. Address of a developer or server administrator who may be
contacted in case of problems (e.g. invalid Manifest file, invalid certificates,
server errors, etc.). Multiple addresses may be provided.
Please note, that additional `admin-email` elements can also be included inside
specific APIs sections (this allows you to add extra admins to specific APIs).
Please also note, that this address SHOULD NOT be associated
with any person because of GDPR. It is RECOMMENDED to use company aliases.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element ref="ewp:admin-notes" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
Additional information provided by administrators and/or developers of this
host for Registry maintainers and client developers. Must be provided in English.
E.g. "This host is a DEMO server. We plan to keep it online for testing.".
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element ref="r:apis-implemented" minOccurs="0" maxOccurs="1"/>
<xs:element name="institutions-covered" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
A list of HEIs (Higher Education Institutions) that are covered by this host.
**As of version 5.1.0 this list MUST consist of no more than one HEI**.
In conjunction with `apis-implemented`, enlisting a HEI here indicates that the
partner wants to receive specific HEI-related API queries regarding this HEI,
and that it will be able to understand them.
In conjunction with `client-credentials-in-use`, enlisting a HEI here indicates
that these credentials can be used to request resources "in the name of" this
HEI.
Be advised, that the Registry Service MAY ignore some (or all) of the items
published here, for example if it believes that this HEI does not *want* to be
covered by you. If, for some reason, your items are not being imported, and
you're not sure why, please contact the Registry Service maintainers. You can
also take a look at this thread:
https://github.com/erasmus-without-paper/ewp-specs-api-discovery/issues/12
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="r:hei" minOccurs="0" maxOccurs="1" />
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="client-credentials-in-use" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
The list of client credentials used by this host to make requests to
other EWP hosts.
You should have this element present if you intend to perform requests within
the EWP Network. However, it's worth noting, that not having it is also valid
(if you want your EWP Host to be "server only").
Be advised, that the Registry Service MAY ignore some (or all) of the
credentials submitted here, for example if it finds they do not meet proper
security standards. If, for some reason, your credentials are not being
imported, and you're not sure why, please contact the Registry Service
administrators.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="certificate" type="xs:base64Binary" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>
Base64-encoded X.509 certificate used by the partner for TLS Client
Authentication, as described here:
https://github.com/erasmus-without-paper/ewp-specs-sec-cliauth-tlscert
If your private key is compromised, you MUST immediately remove all
certificates based on this key from your manifest.
**Certificate MUST be unique in the whole EWP network**.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="rsa-public-key" type="xs:base64Binary" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>
Base64-encoded RSA public key used by the partner for HTTP Signature
Client Authentication, as described here:
https://github.com/erasmus-without-paper/ewp-specs-sec-cliauth-httpsig
If your private key is compromised, you MUST immediately remove all
public keys related to this key from your manifest.
**Public key MUST be unique in the whole EWP network**.
</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="server-credentials-in-use" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
The list of server credentials used by this host to authenticate its servers
when communicating to other EWP hosts. Note, that only *some* methods of server
authentication make use of these credentials.
As opposed to client authentication, the keys used in server authentication are
bound to specific endpoints (URLs).
This means that - if you create multiple manifests - then each of your
endpoints MAY use a different key for signing its responses. However, in most
cases, you will want to use only a single key for all your APIs and endpoints.
Be advised, that the Registry Service MAY ignore some (or all) of the
credentials submitted here, for example if it finds they do not meet proper
security standards. If, for some reason, your credentials are not being
imported, and you're not sure why, please contact the Registry Service
administrators.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="rsa-public-key" type="xs:base64Binary" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>
Base64-encoded RSA public key used by the partner for HTTP Signature
Server Authentication, as described here:
https://github.com/erasmus-without-paper/ewp-specs-sec-cliauth-httpsig
If your private key is compromised, you MUST immediately remove all
public keys related to this key from your manifest.
</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:schema>