From d9453d946a9a52925238f9e007365458fa984564 Mon Sep 17 00:00:00 2001 From: frankkilcommins Date: Wed, 12 Jun 2024 08:46:14 +0000 Subject: [PATCH] Update ReSpec versions Signed-off-by: GitHub --- arazzo/latest.html | 165 ++++++++++++++++++++++++--------------------- arazzo/v1.0.0.html | 165 ++++++++++++++++++++++++--------------------- 2 files changed, 180 insertions(+), 150 deletions(-) diff --git a/arazzo/latest.html b/arazzo/latest.html index 71ef025701..0c75f18617 100644 --- a/arazzo/latest.html +++ b/arazzo/latest.html @@ -75,7 +75,7 @@

Relative References in URLs

-

Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]]. +

Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]] Section 4.2. Unless specified otherwise, relative references are resolved using the URL of the referring document.

Schema

In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL.

@@ -228,7 +228,7 @@

Source Description Object

Describes a source description (such as an OpenAPI description) that will be referenced by one or more workflows described within an Arazzo Description.

-

An object storing a map between named description keys and location URLs to the source descriptions (such as an OpenAPI description) this Arazzo Description SHALL apply to. Each source location string MUST be in the form of a URI-reference as defined by RFC3986 section 4.1.

+

An object storing a map between named description keys and location URLs to the source descriptions (such as an OpenAPI description) this Arazzo Description SHALL apply to. Each source location string MUST be in the form of a URI-reference as defined by [[!RFC3986]] Section 4.1.

Fixed Fields

@@ -247,7 +247,7 @@ - + @@ -363,7 +363,7 @@ tokenExpires:$steps.loginStep.outputs.tokenExpires

Step Object

-

Describes a single workflow step which MAY be a call to an API operation (OpenAPI Operation Object or another Workflow Object.

+

Describes a single workflow step which MAY be a call to an API operation (OpenAPI Operation Object or another Workflow Object).

Fixed Fields

url stringREQUIRED. A URL to a source description to be used by a workflow. If a relative reference is used, it MUST be in the form of a URI-reference as defined by RFC3986 section 4.2.REQUIRED. A URL to a source description to be used by a workflow. If a relative reference is used, it MUST be in the form of a URI-reference as defined by [[!RFC3986]] Section 4.2.
type
@@ -407,7 +407,7 @@ - + @@ -497,7 +497,7 @@
  • path - Used together with OpenAPI style Path Templating, where the parameter value is actually part of the operation’s URL. This does not include the host or base path of the API. For example, in /items/{itemId}, the path parameter is itemId.
  • query - Parameters that are appended to the URL. For example, in /items?id=###, the query parameter is id.
    • -
  • header - Custom headers that are expected as part of the request. Note that [[!RFC7230]] states header names are case insensitive.
    • +
  • header - Custom headers that are expected as part of the request. Note that [[!RFC7230]] Page 22 states header names are case insensitive.
  • cookie - Used to pass a specific cookie value to the source API.

Fixed Fields

@@ -594,7 +594,7 @@ # assertions to determine if this success action should be executed - context: $response.body condition: $[?count(@.pets) > 0] - type: JSONPath + type: jsonpath

Failure Action Object

A single failure action which describes an action to take upon failure of a workflow step. There are three possible values for the type field.

@@ -636,7 +636,7 @@
- + @@ -788,6 +788,11 @@ + + + + + @@ -820,7 +825,7 @@
  • simple - where basic literals, operators, and loose comparisons are used in combination with Runtime Expressions.
  • regex - where a regex pattern is applied on the supplied context. The context is defined by a Runtime Expression.
    • -
  • jsonpath - where a JSON Path expression is applied. The root node context is defined by a Runtime Expression.
    • +
  • jsonpath - where a JSONPath expression is applied. The root node context is defined by a Runtime Expression.
  • xpath - where an XPath expression is applied. The root node context is defined by a Runtime Expression.

Literals

@@ -929,12 +934,12 @@
- + - +
requestBody Request Body ObjectThe request body to pass to an operation as referenced by operationId or operationPath. The requestBody is fully supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague (such as GET, HEAD and DELETE), requestBody is permitted but does not have well-defined semantics and SHOULD be avoided if possible.The request body to pass to an operation as referenced by operationId or operationPath. The requestBody is fully supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] Section 4.3.1 has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague (such as GET, HEAD and DELETE), requestBody is permitted but does not have well-defined semantics and SHOULD be avoided if possible.
successCriteria
retryAfter numberA non-negative decimal indicating the seconds to delay after the step failure before another attempt SHALL be made. Note: if an HTTP Retry-After response header was returned to a step from a targeted operation, then it SHOULD overrule this particular field value. This field only applies when the type field value is "retry" or "function".A non-negative decimal indicating the seconds to delay after the step failure before another attempt SHALL be made. Note: if an HTTP Retry-After response header was returned to a step from a targeted operation, then it SHOULD overrule this particular field value. This field only applies when the type field value is "retry" or "function".
retryLimit
reference{expression}REQUIRED. A runtime expression used to reference the desired object.
value string Sets a value of the referenced parameter. This is only applicable for parameter object references.
condition stringREQUIRED. The condition to apply. Conditions can be simple (e.g. $statusCode == 200 which applies a operator on a value obtained from a runtime expression), or a regex, or a JSONPath expression. For regex and JSONPath, the type and context MUST be specified.REQUIRED. The condition to apply. Conditions can be simple (e.g. $statusCode == 200 which applies an operator on a value obtained from a runtime expression), or a regex, or a JSONPath expression. For regex or JSONPath, the type and context MUST be specified.
type string | Criterion Expression Type ObjectThe type of condition to be applied. If specified, the options allowed are simple, regex, jsonpath or xpath. If omitted, then the condition is assumed to be simple, which at most combines literals, operators and Runtime Expressions. If jsonpath, then the expression MUST conform to JSON Path. If xpath the expression MUST conform to XML Path Language 3.1. Should other variants of JSON Path or XPath be required, then a Criterion Expression Type Object MUST be specified.The type of condition to be applied. If specified, the options allowed are simple, regex, jsonpath or xpath. If omitted, then the condition is assumed to be simple, which at most combines literals, operators and Runtime Expressions. If jsonpath, then the expression MUST conform to JSONPath. If xpath the expression MUST conform to XML Path Language 3.1. Should other variants of JSONPath or XPath be required, then a Criterion Expression Type Object MUST be specified.
@@ -959,11 +964,11 @@

Criterion Expression Type Object

An object used to describe the type and version of an expression used within a Criterion Object. If this object is not defined, then the following defaults apply:

-

Defining this object gives the ability to utilize tooling compatible with older versions of either JSON Path or XPath.

-
Fixed Fields
+

Defining this object gives the ability to utilize tooling compatible with older versions of either JSONPath or XPath.

+

Fixed Fields

@@ -981,13 +986,13 @@
Fixed Fields
- +
version stringREQUIRED. A short hand string representing the version of the expression type being used. The allowed values for JSON Path are draft-goessner-dispatch-jsonpath-00. The allowed values for XPath are xpath-30, xpath-20, or xpath-10.REQUIRED. A short hand string representing the version of the expression type being used. The allowed values for JSONPath are draft-goessner-dispatch-jsonpath-00. The allowed values for XPath are xpath-30, xpath-20, or xpath-10.

This object MAY be extended with Specification Extensions.

-

Criterion Expression Type Example

-

JSON Path Example

+

Criterion Expression Type Example

+

JSONPath Example


   type: jsonpath
   version: draft-goessner-dispatch-jsonpath-00
@@ -1019,66 +1024,76 @@ 
Fixed Fields

 Any
 A value representing the request body payload. The value can be a literal value or can contain Runtime Expressions which MUST be evaluated prior to calling the referenced operation. To represent examples of media types that cannot be naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary.
 
+
+ replacements
+[Payload Replacement Object]
+A list of locations and values to set within a payload.
+
 
 
-
 replacements | [Payload Replacement Object] | A list of locations and values to set within a payload.

 
This object MAY be extended with Specification Extensions.

RequestBody Object Example

JSON Templated Example

-
 contentType: application/json
- payload: |
-   {
-     "petOrder": {
-       "petId": "{$inputs.pet_id}",
-       "couponCode": "{$inputs.coupon_code}",
-       "quantity": "{$inputs.quantity}",
-       "status": "placed",
-       "complete": false
-     }
-   }
+

+  contentType: application/json
+  payload: |
+    {
+      "petOrder": {
+        "petId": "{$inputs.pet_id}",
+        "couponCode": "{$inputs.coupon_code}",
+        "quantity": "{$inputs.quantity}",
+        "status": "placed",
+        "complete": false
+      }
+    }
 

 
JSON Object Example

-
 contentType: application/json
- payload: 
-   petOrder:
-     petId: $inputs.pet_id
-     couponCode: $inputs.coupon_code
-     quantity: $inputs.quantity
-     status: placed
-     complete: false
+

+  contentType: application/json
+  payload: 
+    petOrder:
+      petId: $inputs.pet_id
+      couponCode: $inputs.coupon_code
+      quantity: $inputs.quantity
+      status: placed
+      complete: false
 

 
Complete Runtime Expression

-
 contentType: application/json
- payload: $inputs.petOrderRequest
+

+  contentType: application/json
+  payload: $inputs.petOrderRequest
 

 
XML Templated Example

-
 contentType: application/xml
- payload: |
-   <petOrder>
-     <petId>{$inputs.pet_id}</petId>
-     <couponCode>{$inputs.coupon_code}</couponCode>
-     <quantity>{$inputs.quantity}</quantity>
-     <status>placed</status>
-     <complete>false</complete>
-   </petOrder>
+

+  contentType: application/xml
+  payload: |
+    <petOrder>
+      <petId>{$inputs.pet_id}</petId>
+      <couponCode>{$inputs.coupon_code}</couponCode>
+      <quantity>{$inputs.quantity}</quantity>
+      <status>placed</status>
+      <complete>false</complete>
+    </petOrder>
 

 
Form Data Example

-
 contentType: application/x-www-form-urlencoded
- payload: 
-   client_id: $inputs.clientId
-   grant_type: $inputs.grantType
-   redirect_uri: $inputs.redirectUri
-   client_secret: $inputs.clientSecret
-   code: $steps.browser-authorize.outputs.code
-   scope: $inputs.scope  
+

+  contentType: application/x-www-form-urlencoded
+  payload: 
+    client_id: $inputs.clientId
+    grant_type: $inputs.grantType
+    redirect_uri: $inputs.redirectUri
+    client_secret: $inputs.clientSecret
+    code: $steps.browser-authorize.outputs.code
+    scope: $inputs.scope  
 

 
Form Data String Example

-
 contentType: application/x-www-form-urlencoded
- payload: "client_id={$inputs.clientId}&grant_type={$inputs.grantType}&redirect_uri={$inputs.redirectUri}&client_secret={$inputs.clientSecret}&code{$steps.browser-authorize.outputs.code}&scope=$inputs.scope}"
+

+  contentType: application/x-www-form-urlencoded
+  payload: "client_id={$inputs.clientId}&grant_type={$inputs.grantType}&redirect_uri={$inputs.redirectUri}&client_secret={$inputs.clientSecret}&code{$steps.browser-authorize.outputs.code}&scope=$inputs.scope}"
 

-
Payload Replacement Object

+

Payload Replacement Object

Describes a location within a payload (e.g., a request body) and a value to set within the location.

-
Fixed Fields
+

Fixed Fields

@@ -1101,18 +1116,18 @@
Fixed Fields

This object MAY be extended with Specification Extensions.

-
Payload Replacement Object Example
+

Payload Replacement Object Example

Runtime Expression Example


-    target: /petId
-    value: $inputs.pet_id
+  target: /petId
+  value: $inputs.pet_id

Literal Example


-    target: /quantity
-    value: 10
+  target: /quantity
+  value: 10
-

Runtime Expressions

+

Runtime Expressions

A runtime expression allows values to be defined based on information that will be available within an HTTP message, an event message, and within objects serialized from the Arazzo document such as workflows or steps.

The runtime expression is defined by the following ABNF syntax:


@@ -1134,7 +1149,7 @@ 
Runtime Expressions

       tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
         "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
-
Examples
+

Examples

@@ -1203,7 +1218,7 @@
Examples

Runtime expressions preserve the type of the referenced value. Expressions can be embedded into string values by surrounding the expression with {} curly braces.

-

Specification Extensions

+

Specification Extensions

While the Arazzo Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points.

The extension properties are implemented as patterned fields that are always prefixed by "x-".

@@ -1223,13 +1238,13 @@

Specification Extensions

The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced).

-

Security Considerations

+

Security Considerations

The Arazzo Specification does not enforce a security mechanism. Security is left to the implementer, though TLS, specifically HTTPS may be recommended for exchanging sensitive workflows.

-

Arazzo Descriptions can be JSON or YAML values. As such, all security considerations defined in RFC 8259 and within YAML version 1.2 apply.

+

Arazzo Descriptions can be JSON or YAML values. As such, all security considerations defined in [[!RFC8259]] and within YAML version 1.2 apply.

Arazzo Descriptions are frequently written by untrusted third parties, to be deployed on public Internet servers. Processing an Arazzo Description can cause both safe and unsafe operations to be performed on arbitrary network resources. It is the responsibility of the description consumer to ensure that the operations performed are not harmful.

-

IANA Considerations

+

IANA Considerations

The proposed MIME media types for the Arazzo Specification are described below.

-

application/vnd.oai.workflows

+

application/vnd.oai.workflows

The default (or general) MIME type for Arazzo documents (e.g. workflows) is defined as follows:

  Media type name: application

  Media subtype name: vnd.oai.workflows

@@ -1239,7 +1254,7 @@

application/vnd.oai.workflows

  Security considerations: See security considerations above.

  Interoperability considerations: N/A

Note: When using the application/vnd.oai.workflows media type the consumer should be prepared to receive YAML formatted content

-

application/vnd.oai.workflows+json

+

application/vnd.oai.workflows+json

The proposed MIME media type for Arazzo documents (e.g. workflows) that require a JSON-specific media type is defined as follows:

  Media type name: application

  Media subtype name: vnd.oai.workflows+json

@@ -1248,7 +1263,7 @@

application/vnd.oai.workflows+json

  Encoding considerations: Encoding considerations are identical to those specified for the application/json media type.

  Security considerations: See security considerations above.

  Interoperability considerations: N/A

-

application/vnd.oai.workflows+yaml

+

application/vnd.oai.workflows+yaml

The proposed MIME media type for Arazzo documents (e.g. workflows) that require a YAML-specific media type is defined as follows:

  Media type name: application

  Media subtype name: vnd.oai.workflows+yaml

@@ -1257,7 +1272,7 @@

application/vnd.oai.workflows+yaml

  Encoding considerations: Encoding considerations are identical to those specified for the application/yaml media type.

  Security considerations: See security considerations above.

  Interoperability considerations: N/A

-

Appendix A: Revision History

+

Appendix A: Revision History

diff --git a/arazzo/v1.0.0.html b/arazzo/v1.0.0.html index 71ef025701..0c75f18617 100644 --- a/arazzo/v1.0.0.html +++ b/arazzo/v1.0.0.html @@ -75,7 +75,7 @@

Relative References in URLs

-

Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]]. +

Unless specified otherwise, all properties that are URLs MAY be relative references as defined by [[!RFC3986]] Section 4.2. Unless specified otherwise, relative references are resolved using the URL of the referring document.

Schema

In the following description, if a field is not explicitly REQUIRED or described with a MUST or SHALL, it can be considered OPTIONAL.

@@ -228,7 +228,7 @@

Source Description Object

Describes a source description (such as an OpenAPI description) that will be referenced by one or more workflows described within an Arazzo Description.

-

An object storing a map between named description keys and location URLs to the source descriptions (such as an OpenAPI description) this Arazzo Description SHALL apply to. Each source location string MUST be in the form of a URI-reference as defined by RFC3986 section 4.1.

+

An object storing a map between named description keys and location URLs to the source descriptions (such as an OpenAPI description) this Arazzo Description SHALL apply to. Each source location string MUST be in the form of a URI-reference as defined by [[!RFC3986]] Section 4.1.

Fixed Fields

@@ -247,7 +247,7 @@ - + @@ -363,7 +363,7 @@ tokenExpires:$steps.loginStep.outputs.tokenExpires

Step Object

-

Describes a single workflow step which MAY be a call to an API operation (OpenAPI Operation Object or another Workflow Object.

+

Describes a single workflow step which MAY be a call to an API operation (OpenAPI Operation Object or another Workflow Object).

Fixed Fields

url stringREQUIRED. A URL to a source description to be used by a workflow. If a relative reference is used, it MUST be in the form of a URI-reference as defined by RFC3986 section 4.2.REQUIRED. A URL to a source description to be used by a workflow. If a relative reference is used, it MUST be in the form of a URI-reference as defined by [[!RFC3986]] Section 4.2.
type
@@ -407,7 +407,7 @@ - + @@ -497,7 +497,7 @@
  • path - Used together with OpenAPI style Path Templating, where the parameter value is actually part of the operation’s URL. This does not include the host or base path of the API. For example, in /items/{itemId}, the path parameter is itemId.
  • query - Parameters that are appended to the URL. For example, in /items?id=###, the query parameter is id.
    • -
  • header - Custom headers that are expected as part of the request. Note that [[!RFC7230]] states header names are case insensitive.
    • +
  • header - Custom headers that are expected as part of the request. Note that [[!RFC7230]] Page 22 states header names are case insensitive.
  • cookie - Used to pass a specific cookie value to the source API.

Fixed Fields

@@ -594,7 +594,7 @@ # assertions to determine if this success action should be executed - context: $response.body condition: $[?count(@.pets) > 0] - type: JSONPath + type: jsonpath

Failure Action Object

A single failure action which describes an action to take upon failure of a workflow step. There are three possible values for the type field.

@@ -636,7 +636,7 @@
- + @@ -788,6 +788,11 @@ + + + + + @@ -820,7 +825,7 @@
  • simple - where basic literals, operators, and loose comparisons are used in combination with Runtime Expressions.
  • regex - where a regex pattern is applied on the supplied context. The context is defined by a Runtime Expression.
    • -
  • jsonpath - where a JSON Path expression is applied. The root node context is defined by a Runtime Expression.
    • +
  • jsonpath - where a JSONPath expression is applied. The root node context is defined by a Runtime Expression.
  • xpath - where an XPath expression is applied. The root node context is defined by a Runtime Expression.

Literals

@@ -929,12 +934,12 @@
- + - +
requestBody Request Body ObjectThe request body to pass to an operation as referenced by operationId or operationPath. The requestBody is fully supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague (such as GET, HEAD and DELETE), requestBody is permitted but does not have well-defined semantics and SHOULD be avoided if possible.The request body to pass to an operation as referenced by operationId or operationPath. The requestBody is fully supported in HTTP methods where the HTTP 1.1 specification [[!RFC7231]] Section 4.3.1 has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague (such as GET, HEAD and DELETE), requestBody is permitted but does not have well-defined semantics and SHOULD be avoided if possible.
successCriteria
retryAfter numberA non-negative decimal indicating the seconds to delay after the step failure before another attempt SHALL be made. Note: if an HTTP Retry-After response header was returned to a step from a targeted operation, then it SHOULD overrule this particular field value. This field only applies when the type field value is "retry" or "function".A non-negative decimal indicating the seconds to delay after the step failure before another attempt SHALL be made. Note: if an HTTP Retry-After response header was returned to a step from a targeted operation, then it SHOULD overrule this particular field value. This field only applies when the type field value is "retry" or "function".
retryLimit
reference{expression}REQUIRED. A runtime expression used to reference the desired object.
value string Sets a value of the referenced parameter. This is only applicable for parameter object references.
condition stringREQUIRED. The condition to apply. Conditions can be simple (e.g. $statusCode == 200 which applies a operator on a value obtained from a runtime expression), or a regex, or a JSONPath expression. For regex and JSONPath, the type and context MUST be specified.REQUIRED. The condition to apply. Conditions can be simple (e.g. $statusCode == 200 which applies an operator on a value obtained from a runtime expression), or a regex, or a JSONPath expression. For regex or JSONPath, the type and context MUST be specified.
type string | Criterion Expression Type ObjectThe type of condition to be applied. If specified, the options allowed are simple, regex, jsonpath or xpath. If omitted, then the condition is assumed to be simple, which at most combines literals, operators and Runtime Expressions. If jsonpath, then the expression MUST conform to JSON Path. If xpath the expression MUST conform to XML Path Language 3.1. Should other variants of JSON Path or XPath be required, then a Criterion Expression Type Object MUST be specified.The type of condition to be applied. If specified, the options allowed are simple, regex, jsonpath or xpath. If omitted, then the condition is assumed to be simple, which at most combines literals, operators and Runtime Expressions. If jsonpath, then the expression MUST conform to JSONPath. If xpath the expression MUST conform to XML Path Language 3.1. Should other variants of JSONPath or XPath be required, then a Criterion Expression Type Object MUST be specified.
@@ -959,11 +964,11 @@

Criterion Expression Type Object

An object used to describe the type and version of an expression used within a Criterion Object. If this object is not defined, then the following defaults apply:

-

Defining this object gives the ability to utilize tooling compatible with older versions of either JSON Path or XPath.

-
Fixed Fields
+

Defining this object gives the ability to utilize tooling compatible with older versions of either JSONPath or XPath.

+

Fixed Fields

@@ -981,13 +986,13 @@
Fixed Fields
- +
version stringREQUIRED. A short hand string representing the version of the expression type being used. The allowed values for JSON Path are draft-goessner-dispatch-jsonpath-00. The allowed values for XPath are xpath-30, xpath-20, or xpath-10.REQUIRED. A short hand string representing the version of the expression type being used. The allowed values for JSONPath are draft-goessner-dispatch-jsonpath-00. The allowed values for XPath are xpath-30, xpath-20, or xpath-10.

This object MAY be extended with Specification Extensions.

-

Criterion Expression Type Example

-

JSON Path Example

+

Criterion Expression Type Example

+

JSONPath Example


   type: jsonpath
   version: draft-goessner-dispatch-jsonpath-00
@@ -1019,66 +1024,76 @@ 
Fixed Fields

 Any
 A value representing the request body payload. The value can be a literal value or can contain Runtime Expressions which MUST be evaluated prior to calling the referenced operation. To represent examples of media types that cannot be naturally represented in JSON or YAML, use a string value to contain the example, escaping where necessary.
 
+
+ replacements
+[Payload Replacement Object]
+A list of locations and values to set within a payload.
+
 
 
-
 replacements | [Payload Replacement Object] | A list of locations and values to set within a payload.

 
This object MAY be extended with Specification Extensions.

RequestBody Object Example

JSON Templated Example

-
 contentType: application/json
- payload: |
-   {
-     "petOrder": {
-       "petId": "{$inputs.pet_id}",
-       "couponCode": "{$inputs.coupon_code}",
-       "quantity": "{$inputs.quantity}",
-       "status": "placed",
-       "complete": false
-     }
-   }
+

+  contentType: application/json
+  payload: |
+    {
+      "petOrder": {
+        "petId": "{$inputs.pet_id}",
+        "couponCode": "{$inputs.coupon_code}",
+        "quantity": "{$inputs.quantity}",
+        "status": "placed",
+        "complete": false
+      }
+    }
 

 
JSON Object Example

-
 contentType: application/json
- payload: 
-   petOrder:
-     petId: $inputs.pet_id
-     couponCode: $inputs.coupon_code
-     quantity: $inputs.quantity
-     status: placed
-     complete: false
+

+  contentType: application/json
+  payload: 
+    petOrder:
+      petId: $inputs.pet_id
+      couponCode: $inputs.coupon_code
+      quantity: $inputs.quantity
+      status: placed
+      complete: false
 

 
Complete Runtime Expression

-
 contentType: application/json
- payload: $inputs.petOrderRequest
+

+  contentType: application/json
+  payload: $inputs.petOrderRequest
 

 
XML Templated Example

-
 contentType: application/xml
- payload: |
-   <petOrder>
-     <petId>{$inputs.pet_id}</petId>
-     <couponCode>{$inputs.coupon_code}</couponCode>
-     <quantity>{$inputs.quantity}</quantity>
-     <status>placed</status>
-     <complete>false</complete>
-   </petOrder>
+

+  contentType: application/xml
+  payload: |
+    <petOrder>
+      <petId>{$inputs.pet_id}</petId>
+      <couponCode>{$inputs.coupon_code}</couponCode>
+      <quantity>{$inputs.quantity}</quantity>
+      <status>placed</status>
+      <complete>false</complete>
+    </petOrder>
 

 
Form Data Example

-
 contentType: application/x-www-form-urlencoded
- payload: 
-   client_id: $inputs.clientId
-   grant_type: $inputs.grantType
-   redirect_uri: $inputs.redirectUri
-   client_secret: $inputs.clientSecret
-   code: $steps.browser-authorize.outputs.code
-   scope: $inputs.scope  
+

+  contentType: application/x-www-form-urlencoded
+  payload: 
+    client_id: $inputs.clientId
+    grant_type: $inputs.grantType
+    redirect_uri: $inputs.redirectUri
+    client_secret: $inputs.clientSecret
+    code: $steps.browser-authorize.outputs.code
+    scope: $inputs.scope  
 

 
Form Data String Example

-
 contentType: application/x-www-form-urlencoded
- payload: "client_id={$inputs.clientId}&grant_type={$inputs.grantType}&redirect_uri={$inputs.redirectUri}&client_secret={$inputs.clientSecret}&code{$steps.browser-authorize.outputs.code}&scope=$inputs.scope}"
+

+  contentType: application/x-www-form-urlencoded
+  payload: "client_id={$inputs.clientId}&grant_type={$inputs.grantType}&redirect_uri={$inputs.redirectUri}&client_secret={$inputs.clientSecret}&code{$steps.browser-authorize.outputs.code}&scope=$inputs.scope}"
 

-
Payload Replacement Object

+

Payload Replacement Object

Describes a location within a payload (e.g., a request body) and a value to set within the location.

-
Fixed Fields
+

Fixed Fields

@@ -1101,18 +1116,18 @@
Fixed Fields

This object MAY be extended with Specification Extensions.

-
Payload Replacement Object Example
+

Payload Replacement Object Example

Runtime Expression Example


-    target: /petId
-    value: $inputs.pet_id
+  target: /petId
+  value: $inputs.pet_id

Literal Example


-    target: /quantity
-    value: 10
+  target: /quantity
+  value: 10
-

Runtime Expressions

+

Runtime Expressions

A runtime expression allows values to be defined based on information that will be available within an HTTP message, an event message, and within objects serialized from the Arazzo document such as workflows or steps.

The runtime expression is defined by the following ABNF syntax:


@@ -1134,7 +1149,7 @@ 
Runtime Expressions

       tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
         "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
-
Examples
+

Examples

@@ -1203,7 +1218,7 @@
Examples

Runtime expressions preserve the type of the referenced value. Expressions can be embedded into string values by surrounding the expression with {} curly braces.

-

Specification Extensions

+

Specification Extensions

While the Arazzo Specification tries to accommodate most use cases, additional data can be added to extend the specification at certain points.

The extension properties are implemented as patterned fields that are always prefixed by "x-".

@@ -1223,13 +1238,13 @@

Specification Extensions

The extensions may or may not be supported by the available tooling, but those may be extended as well to add requested support (if tools are internal or open-sourced).

-

Security Considerations

+

Security Considerations

The Arazzo Specification does not enforce a security mechanism. Security is left to the implementer, though TLS, specifically HTTPS may be recommended for exchanging sensitive workflows.

-

Arazzo Descriptions can be JSON or YAML values. As such, all security considerations defined in RFC 8259 and within YAML version 1.2 apply.

+

Arazzo Descriptions can be JSON or YAML values. As such, all security considerations defined in [[!RFC8259]] and within YAML version 1.2 apply.

Arazzo Descriptions are frequently written by untrusted third parties, to be deployed on public Internet servers. Processing an Arazzo Description can cause both safe and unsafe operations to be performed on arbitrary network resources. It is the responsibility of the description consumer to ensure that the operations performed are not harmful.

-

IANA Considerations

+

IANA Considerations

The proposed MIME media types for the Arazzo Specification are described below.

-

application/vnd.oai.workflows

+

application/vnd.oai.workflows

The default (or general) MIME type for Arazzo documents (e.g. workflows) is defined as follows:

  Media type name: application

  Media subtype name: vnd.oai.workflows

@@ -1239,7 +1254,7 @@

application/vnd.oai.workflows

  Security considerations: See security considerations above.

  Interoperability considerations: N/A

Note: When using the application/vnd.oai.workflows media type the consumer should be prepared to receive YAML formatted content

-

application/vnd.oai.workflows+json

+

application/vnd.oai.workflows+json

The proposed MIME media type for Arazzo documents (e.g. workflows) that require a JSON-specific media type is defined as follows:

  Media type name: application

  Media subtype name: vnd.oai.workflows+json

@@ -1248,7 +1263,7 @@

application/vnd.oai.workflows+json

  Encoding considerations: Encoding considerations are identical to those specified for the application/json media type.

  Security considerations: See security considerations above.

  Interoperability considerations: N/A

-

application/vnd.oai.workflows+yaml

+

application/vnd.oai.workflows+yaml

The proposed MIME media type for Arazzo documents (e.g. workflows) that require a YAML-specific media type is defined as follows:

  Media type name: application

  Media subtype name: vnd.oai.workflows+yaml

@@ -1257,7 +1272,7 @@

application/vnd.oai.workflows+yaml

  Encoding considerations: Encoding considerations are identical to those specified for the application/yaml media type.

  Security considerations: See security considerations above.

  Interoperability considerations: N/A

-

Appendix A: Revision History

+

Appendix A: Revision History