Developers Instructions

The documentation provided in this repository describes the eMASS REST API structure. It is an OpenAPI (v3.0.3) specification compliant describing and visualizing the eMASS RESTful API web services (endpoints).

The API is documented in YAML and can be viewed utilizing Swagger Editor or Visual Studio Code (VSC) with swagger and yaml extensions.

Visualizing

Viewing the API via Swagger

There are online tool options for viewing and editing OpenAPI compliant RESTfull APIs like the eMASS API documentations. Some of these tools are Swagger Editor or SwaggerHub.

Note: We recommend utilizing the instruction provided here for viewing or editing the eMASS API.

Generate the API documentation (html)

The generated eMASS API documentation is available in the eMASS API Specification page

To generate the API documentation, viewable on a dependency-free (and nice looking) HTML use the redoc-cli command line tool.

Install the tool via npm:

npm install -g redoc-cli

To generate the HTML document, use the following command:

redoc-cli bundle -o ./output/eMASS.html eMASSRestOpenApi.yaml

The command above places the generated HTML file (eMASS.html) in a subfolder called output. The command assumes that the eMASSRestApi.yaml is in the current working directory. The generated file can be viewed in any web browser.

Development Environment

Setting up Visual Studio Code (VSC)

Install these Extensions (Ctrl+Shift+X):

Setting up PRISM HTTP mock Server

Install prism (if not installed) via npm:

npm install -g @stoplight/prism-cli

Run the prism server on the localhost, use the -p parameter to set the port (using 4010)

prism mock -p 4010 eMASSRestOpenApi.yaml

To invoke the mock server interactive use the -d parameter (provides fake responses using x-faker)

prism mock -d -p 4010 eMASSRestOpenAPI.yaml

Note:

Now you can access the mock API endpoints utilizing either CURL or the Swagger Editor. The following curl command invokes the systems endpoint with a path parameter of policy=rmf:

curl -X GET "http://localhost:4010/api/systems?policy=rmf" -H  "accept: application/json" -H  "api-key: f32516cc-57d3-43f5-9e16-8f86780a4cce" -H  "user-uid: 1647389405"

Note: The API expects an api-key and user-uid in the request headers for all endpoint calls. For interacting with the mock server, simply use any arbitrary value for these keys.

Building an eMASS Client SDK

The API clients are generated utilizing the OpenAPI Generator CLI.

Note: Currently there are three (3) client SDKs (ruby, typscript-axios, and python) that are automatically generated utilizing GitHub action implemented within this repository. They are generated when a push to the main branch occurs and the API specification file has been modified.

Generate an eMASS Client

Using Java executables

Follow these steps to generate an eMASS client for additional supported language provided by the OpenAPI Generator CLI:

Using Docker

An OpenAPI Generator CLI Docker Image solution is available and documented here as a Public Pre-built Docker image.

Available options are:

NOTICE

© 2020 The MITRE Corporation.

Approved for Public Release; Distribution Unlimited. Case Number 18-3678. NOTICE

MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project. NOTICE

This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.

No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation. DISA STIGs are published by DISA, see: https://public.cyber.mil/privacy-security/