api_lollipop_first_consumer.yaml

openapi: 3.0.1
servers:
  - url: https://api-app.io.pagopa.it/first-lollipop
info:
  title: LolliPoP Consumer Example
  version: 1.0.0
security:
  - Bearer: []

# Example endpoint
paths:
  /sign:
    post:
      operationId: signMessage
      summary: POST a signed request with Lollipop
      parameters:
        - name: x-pagopa-lollipop-original-method
          in: header
          description: The method of the endpoint called by IO app
          required: true
          schema:
            $ref: "#/components/schemas/LollipopMethod"
        - name: x-pagopa-lollipop-original-url
          in: header
          description: The url of the endpoint called by IO app
          required: true
          schema:
            $ref: "#/components/schemas/LollipopOriginalURL"
        - name: content-digest
          in: header
          description: The body digest, if any, as defined in https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-digest-headers-10
          required: true
          schema:
            $ref: "#/components/schemas/LollipopContentDigest"
        - name: signature-input
          in: header
          description: The signature input, needed to verify the `signature` header
          required: true
          schema:
            $ref: "#/components/schemas/LollipopSignatureInput"
        - name: signature
          in: header
          description: The signature of the HTTP request, signed by the client with its private key.
          required: true
          schema:
            $ref: "#/components/schemas/LollipopSignature"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/SignMessagePayload"
      responses:
        "200":
          description: "Success response"
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/SignMessageResponse"
        "400":
          description: Bad request
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/ProblemJson"
        "401":
          description: Token null or invalid.
        "500":
          description: There was an error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/ProblemJson"

components:
  securitySchemes:
    Bearer:
      type: apiKey
      description: Session token
      in: header
      name: Authorization
  schemas:
    LollipopMethod:
      type: string
      enum:
        - GET
        - POST
        - PUT
        - PATCH
        - DELETE
    LollipopOriginalURL:
      type: string
      pattern: "^https:\/\/"
    LollipopContentType:
      type: string
      enum:
        - application/json
        - application/octet-stream
    LollipopContentDigest:
      type: string
      pattern: "^(sha-256=:[A-Za-z0-9+/=]{44}:|sha-384=:[A-Za-z0-9+/=]{66}:|sha-512=:[A-Za-z0-9+/=]{88}:)$"

    LollipopSignatureInput:
      type: string
      pattern: "^(?:sig\\d+=[^,]*)(?:,\\s*(?:sig\\d+=[^,]*))*$"
    LollipopSignature:
      type: string
      pattern: "^((sig[0-9]+)=:[A-Za-z0-9+/=]*:(, ?)?)+$"

    SignMessagePayload:
      type: object
      properties:
        message:
          type: string
      required:
        - message
    SignMessageResponse:
      type: object
      properties:
        response:
          type: string
          
    ProblemJson:
      $ref: "https://raw.githubusercontent.com/pagopa/io-functions-commons/v26.1.0/openapi/definitions.yaml#/ProblemJson"