-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathopenapi.yaml
481 lines (476 loc) · 17.5 KB
/
openapi.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
openapi: 3.0.0
info:
title: Clkhash REST API
version: 0.1.0
x-logo:
url: http://clkhash.readthedocs.io/en/latest/_static/logo.svg
description: |
A simple REST wrapper around [clkhash](https://github.com/data61/clkhash).
This API lets you upload personally identifying information (PII) for hashing, and to retrieve the hashes.
It does not provide the option to download the raw PII.
contact:
name: 'Confidential Computing, Data61 | CSIRO'
email: confidential-computing@csiro.au
url: https://github.com/data61/anonlink-encoding-service
servers:
- url: http://localhost:8000
description: Local deployment
tags:
- name: projects
description: A project is a namespace associated with a schema and keys. All uploaded
data must belong to a project. Before uploading any private data, a
project with some ID assigned by the user must be created.
- name: clks
description: These methods operate on the data and the hashes, permitting us to upload
private information, view progress of the hashing, retrieve the clks, and
delete information.
paths:
/projects/:
get:
summary: List existing linkage projects.
description: Lists the IDs of existing linkage projects. Every linkage project has a
unique ID. To retrieve more information about a project, use
`/projects/{project_id}`.
tags:
- projects
operationId: clkhash_service.get_projects
responses:
"200":
description: List of linkage projects. Every item in the list is a project ID.
content:
application/json:
examples:
response:
value:
projects:
- example-project
- another-project
post:
summary: Add a new linkage project.
description: Create a new project. This permits us to save the schema and keys in the
server and bind all related private data to the same ID. The keys
uploaded here cannot be retrieved from the server.
tags:
- projects
operationId: clkhash_service.post_project
parameters:
- name: project_id
in: query
description: The ID of the linkage project. Must be unique.
required: true
schema:
type: string
- name: secret_key
description: A base64 encoding string of the shared secret. These need to be
URL-encoded since base64 is not URL-safe by default.
in: query
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
example:
version: 1
clkConfig:
l: 1024
k: 20
hash:
type: doubleHash
kdf:
type: HKDF
hash: SHA256
salt: SCbL2zHNnmsckfzchsNkZY9XoHk96P/G5nUBrM7ybymlEFsMV6PAeDZCNp3rfNUPCtLDMOGQHG4pCQpfhiHCyA==
info: c2NoZW1hX2V4YW1wbGU=
keySize: 64
features:
- identifier: NAME freetext
format:
type: string
encoding: utf-8
case: mixed
minLength: 3
hashing:
ngram: 2
weight: 0.5
- identifier: DOB YYYY/MM/DD
format:
type: string
encoding: ascii
description: Numbers separated by slashes, in the year, month, day
order
pattern: \d\d\d\d/\d\d/\d\d
hashing:
ngram: 1
positional: true
- identifier: GENDER M or F
format:
type: enum
values:
- M
- F
hashing:
ngram: 1
weight: 2
description: Controls the way the hashing is performed and the format of the
fields. This must be consistent between the parties whose data is
being linked. See documentation at
http://clkhash.readthedocs.io/en/latest/schema.html.
required: true
responses:
"201":
description: Successfully created project. The response body is empty.
"409":
description: Project with this ID already exists. The `"errMsg"` key contains the
error message.
content:
application/json:
examples:
response:
value:
errMsg: Project 'example_project' already exists.
"422":
description: The parameters are not valid. The `"errMsg"` key contains the error
message.
content:
application/json:
examples:
response:
value:
errMsg: The schema does not conform to the master schema.
"/projects/{project_id}":
parameters:
- $ref: "#/components/parameters/project_id"
get:
summary: Retrieve properties of the specified project.
description: Retrieves the public properties (currently the schema) of the specified
object.
tags:
- projects
operationId: clkhash_service.get_project
responses:
"200":
description: Properties of specified object.
content:
application/json:
examples:
response:
value:
projectId: example-project
schema:
version: 1
clkConfig:
l: 1024
k: 20
hash:
type: doubleHash
kdf:
type: HKDF
hash: SHA256
salt: SCbL2zHNnmsckfzchsNkZY9XoHk96P/G5nUBrM7ybymlEFsMV6PAeDZCNp3rfNUPCtLDMOGQHG4pCQpfhiHCyA==
info: c2NoZW1hX2V4YW1wbGU=
keySize: 64
features:
- identifier: NAME freetext
format:
type: string
encoding: utf-8
case: mixed
minLength: 3
hashing:
ngram: 2
weight: 0.5
- identifier: DOB YYYY/MM/DD
format:
type: string
encoding: ascii
description: Numbers separated by slashes, in the year, month,
day order
pattern: \d\d\d\d/\d\d/\d\d
hashing:
ngram: 1
positional: true
- identifier:
format:
type: enum
values:
- M
- F
hashing:
ngram: 1
weight: 2
"404":
description: No such project. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: Project 'example-project' does not exist.
delete:
summary: Delete the linkage project.
description: Deletes the linkage project, along with its schema and keys. This
deletes any computed all hashes. If some hashing was still pending,
those jobs are aborted.
tags:
- projects
operationId: clkhash_service.delete_project
responses:
"204":
description: Successfully deleted. The response body is empty.
"404":
description: No such project. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: Project 'example-project' does not exist.
"/projects/{project_id}/pii/":
parameters:
- $ref: "#/components/parameters/project_id"
post:
summary: Post PII to hash.
description: Save private information to the server and schedule the hashing. The
private information cannot be retrieved from the API in its original
form; only the hashes are made available. It is deleted as soon as the
hash is produced.
tags:
- clks
operationId: clkhash_service.post_pii
parameters:
- name: header
description: "Default 'true': the CSV input has a header row and we wish to
validate the column names against the schema. Set to 'ignore' to
skip the header row. Set to 'false' if the table does not have a
header row."
in: query
required: false
schema:
type: string
enum:
- "false"
- ignore
- "true"
default: "true"
- name: validate
description: If `true`, validate the PII before hashing.
in: query
required: false
schema:
type: boolean
default: true
requestBody:
content:
text/csv:
schema:
type: string
example: |
NAME freetext,DOB YYYY/MM/DD,GENDER M or F
Jane Doe,1968/05/19,F
Peter Griffin,1998/12/20,M
required: true
responses:
"202":
description: Successfully sent for hashing. Returns the IDs of the post rows as a
consecutive range. The range-end is inclusive.
content:
application/json:
examples:
response:
value:
dataIds:
rangeStart: 0
rangeEnd: 1
"404":
description: No such project. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: Project 'example-project' does not exist.
"422":
description: Invalid data. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: Invalid entry on line 21.
"/projects/{project_id}/clks/status":
parameters:
- $ref: "#/components/parameters/project_id"
get:
summary: Get status of all clks.
description: Returns the status of each clk.
tags:
- clks
operationId: clkhash_service.get_clks_status
responses:
"200":
description: The status of each clk, by index. For convenience, adjacent clks
with the same status are grouped together. The list is empty if
there are not clks. Each list element contains `rangeStart`, the
first index included; `rangeEnd`, the last index included; and a
`status` string. Possible statuses are `queued` (awaiting
processing), `in-progress` (being processed now), `done` (ready for
retrieval), `invalid-data` (data did not pass validation against the
schema), and `error` (internal error).
content:
application/json:
examples:
response:
value:
clksStatus:
- rangeStart: 0
rangeEnd: 16003
status: done
- rangeStart: 16002
rangeEnd: 100003
status: queued
"404":
description: No such project. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: Project 'example-project' does not exist.
"/projects/{project_id}/clks/":
parameters:
- $ref: "#/components/parameters/project_id"
- name: index_range_start
in: query
description: The index of the first clk to operate on.
required: false
schema:
type: integer
minimum: 0
- name: index_range_end
in: query
description: The index of the last clk to operate on, plus one.
required: false
schema:
type: integer
minimum: 0
- name: status
in: query
description: Comma-separated list. Permits filtering on status. Only clks with
their status listed here will be returned. Permitted statuses are
`queued`, `in-progress`, `done`, `invalid-data`, and `error`.
required: false
schema:
type: string
minLength: 1
get:
summary: Retrieve the clks, if available.
description: Retrieve the index, status, and hash of each clk.
tags:
- clks
parameters:
- name: page_limit
in: query
description: The number of items per page. Leave this out to disable pagination.
required: false
schema:
type: integer
minimum: 1
- name: cursor
in: query
description: The cursor used to iterate through pages. This is returned by the
previous response. Leave out to retrieve the first page.
required: false
schema:
type: string
minLength: 1
operationId: clkhash_service.get_clks
responses:
"200":
description: The clks are returned along with their status. The hash is `null`
where it has not been computed. The list is empty if there are no
clks with IDs in the specified range. A `responseMetadata` object is
returned. It contains a `nextCursor` string which must be passed in
the next request to retrieve the next page; it is URL-safe, so no
URL encoding is required. The `nextCursor` is `null` if no next page
is available.
content:
application/json:
examples:
response:
value:
count: 2
clks:
- errMsg: Column `DOB YYYY/MM/DD` did not pass validation.
hash: null
index: 0
status: invalid-data
- errMsg: null
hash: 2wRKwCio1SQDeAAEowBECdwNGkAJgChviDATAHTDRCgQECHqxiEARgl+iLQADIspmCB7gcFUgKGIwvCMBAirULh5kkDaiTlAJowckX8A0BEgk8MgkABIF2EmByhJK6AiMwCGjlGYIlCCwiQAICED4QEgBAMsIBiAMBDkGyCSQAI=
index: 1
status: done
responseMetadata:
nextCursor: LTE0Nzg0OTA3ODA5NDE2MDA0MTk
"404":
description: No such project. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: Project 'example-project' does not exist.
"422":
description: Invalid parameters. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: The provided cursor is invalid.
delete:
summary: If finished hashing, delete the clks. Otherwise, abandon hashing and
delete the PII.
description: Deletes specified entry from the server, including any hashes and
private data. If the hashing has not occured, cancels the scheduled job.
If there are no clks within the specified range, do nothing.
tags:
- clks
operationId: clkhash_service.delete_clks
responses:
"204":
description: Successfully deleted. Number of deleted items specified in the
payload. If there were no items within the range, this number will
be 0.
content:
application/json:
examples:
response:
value:
count: 2
"404":
description: No such project. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: Project 'example-project' does not exist.
"422":
description: Invalid parameters. The `"errMsg"` key contains the error message.
content:
application/json:
examples:
response:
value:
errMsg: "Error in argument `status`: 'obviously-wrong-status' is
not a valid status."
components:
parameters:
project_id:
name: project_id
in: path
description: The ID of the linkage project. Must be unique.
required: true
schema:
type: string