Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: IATP: STS core services #3551

Merged
merged 3 commits into from
Oct 20, 2023
Merged

feat: IATP: STS core services #3551

merged 3 commits into from
Oct 20, 2023

Conversation

wolf4ood
Copy link
Contributor

@wolf4ood wolf4ood commented Oct 19, 2023
edited
Loading

What this PR changes/adds

Implements STS core services specifically

STS-SPI

Added module :spi:common:identity-trust-sts-spi for sts specific interfaces and models:

  • StsClient: modeling the clients in STS
  • StsClientService: Service layer for StsClients
  • StsClientStore: Persistence layer for StsClients.
  • StsClientTokenGeneratorService: Token generator for StsClients

STS-Core

Added module :extensions:common:iam:identity-trust:identity-trust-sts-core with the default implementation
of the sts-spi services.

Why it does that

iatp adoption

Further notes

And additional token generation service has been implemented LazyTokenGenerationService to be able to work with non cached keys.

Linked Issue(s)

Closes #3550

@wolf4ood wolf4ood self-assigned this Oct 19, 2023
@codecov-commenter
Copy link

codecov-commenter commented Oct 19, 2023
edited
Loading

Codecov Report

Attention: 9 lines in your changes are missing coverage. Please review.

Comparison is base (027a961) 72.43% compared to head (de00622) 72.49%.
Report is 3 commits behind head on main.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3551      +/-   ##
==========================================
+ Coverage   72.43%   72.49%   +0.06%     
==========================================
  Files         871      877       +6     
  Lines       17394    17474      +80     
  Branches      988      994       +6     
==========================================
+ Hits        12599    12668      +69     
- Misses       4379     4390      +11     
  Partials      416      416
Files Coverage Δ
...ts/core/defaults/service/StsClientServiceImpl.java 100.00% <100.00%> (ø)
...ts/service/StsClientTokenGeneratorServiceImpl.java 100.00% <100.00%> (ø)
...ts/core/defaults/store/InMemoryStsClientStore.java 100.00% <100.00%> (ø)
...ntitytrust/sts/core/StsDefaultStoresExtension.java 66.66% <66.66%> (ø)
...itytrust/sts/core/StsDefaultServicesExtension.java 71.42% <71.42%> (ø)
...rg/eclipse/edc/jwt/LazyTokenGenerationService.java 0.00% <0.00%> (ø)

... and 5 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@wolf4ood wolf4ood force-pushed the feat/3550_sts_core_services branch 3 times, most recently from 6d84803 to 0698b75 Compare October 19, 2023 10:21
@wolf4ood wolf4ood added the enhancement New feature or request label Oct 19, 2023
@wolf4ood wolf4ood force-pushed the feat/3550_sts_core_services branch 10 times, most recently from 01b1e0e to cc1e5a0 Compare October 19, 2023 14:46
@wolf4ood wolf4ood marked this pull request as ready for review October 19, 2023 15:23
bscholtes1A
bscholtes1A reviewed Oct 19, 2023
View reviewed changes
core/common/jwt-core/src/main/java/org/eclipse/edc/jwt/LazyTokenGenerationService.java
@Override
public Result<TokenRepresentation> generate(@NotNull JwtDecorator... decorators) {
var key = privateKeyResolver.resolvePrivateKey(keyAlias, PrivateKey.class);
return new TokenGenerationServiceImpl(key).generate(decorators);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks a bit convoluted...

Could we modify the current TokenGenerationService that it does not take directly a private key in the ctor, but instead a Function<String,PrivateKey> (the input string being the alias)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a refactor that i would do later, if i change the TokenGenerationServiceImpl not i might end up changing a lot of files :)

I would raise an issue and address this in another PR wdyt?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, it would be good to look at simplifying this in a separate PR

...re/src/main/java/org/eclipse/edc/iam/identitytrust/sts/core/StsDefaultServicesExtension.java Show resolved Hide resolved
@wolf4ood wolf4ood force-pushed the feat/3550_sts_core_services branch from 76e1e74 to 61fbb4f Compare October 19, 2023 15:46
@wolf4ood wolf4ood force-pushed the feat/3550_sts_core_services branch from 61fbb4f to da1fb7a Compare October 19, 2023 15:50
jimmarino
jimmarino requested changes Oct 20, 2023
View reviewed changes
Copy link
Contributor

@jimmarino jimmarino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good so far, a few comments/clarifications

core/common/jwt-core/src/main/java/org/eclipse/edc/jwt/LazyTokenGenerationService.java Outdated Show resolved Hide resolved
core/common/jwt-core/src/main/java/org/eclipse/edc/jwt/LazyTokenGenerationService.java
@Override
public Result<TokenRepresentation> generate(@NotNull JwtDecorator... decorators) {
var key = privateKeyResolver.resolvePrivateKey(keyAlias, PrivateKey.class);
return new TokenGenerationServiceImpl(key).generate(decorators);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, it would be good to look at simplifying this in a separate PR

...ipse/edc/iam/identitytrust/sts/core/defaults/service/StsClientTokenGeneratorServiceImpl.java Outdated Show resolved Hide resolved
...ipse/edc/iam/identitytrust/sts/core/defaults/service/StsClientTokenGeneratorServiceImpl.java Outdated Show resolved Hide resolved
@wolf4ood wolf4ood merged commit d5f0c75 into eclipse-edc:main Oct 20, 2023
16 checks passed
@wolf4ood wolf4ood deleted the feat/3550_sts_core_services branch October 20, 2023 07:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bscholtes1A bscholtes1A bscholtes1A approved these changes

@paullatzelsperger paullatzelsperger paullatzelsperger approved these changes

@jimmarino jimmarino jimmarino approved these changes

Assignees

@wolf4ood wolf4ood

Labels
core feature dcp enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

IATP: STS core services
5 participants
@wolf4ood @codecov-commenter @jimmarino @paullatzelsperger @bscholtes1A