Cucumber and tavern test fixes

.github/workflows/BETA-xray-cucumber-integration.yaml

@@ -38,7 +38,8 @@ jobs:
       - name: Build with Maven
         if: ${{ steps.download.outputs.http_response == '200' }}
         env:
-          OAUTH2_CLIENT_SECRET: ${{ secrets.OAUTH2_CLIENT_SECRET_BETA }}
+          REGULAR_USER_API_KEY: ${{ secrets.BETA_REGULAR_USER_API_KEY }}
+          ADMIN_USER_API_KEY: ${{ secrets.BETA_ADMIN_USER_API_KEY }}
         run: |
           unzip -o features.zip -d irs-cucumber-tests/src/test/resources/features
           mvn --batch-mode clean install -pl irs-cucumber-tests,irs-models -D"cucumber.filter.tags"="not @Ignore and @INTEGRATION_TEST"

.github/workflows/integration-test-DEV.yaml

@@ -23,9 +23,8 @@ jobs:
   trigger-integration-test:
     uses: ./.github/workflows/xray-cucumber-integration.yaml
     secrets:
-      oauth2TokenUrl: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
-      clientId: ${{ secrets.OAUTH2_CLIENT_ID }}
-      clientSecret: ${{ secrets.OAUTH2_CLIENT_SECRET }}
+      regularUserApiKey: ${{ secrets.DEV_REGULAR_USER_API_KEY }}
+      adminUserApiKey: ${{ secrets.DEV_ADMIN_USER_API_KEY }}
       jiraUser: ${{ secrets.ORG_IRS_JIRA_USERNAME }}
       jiraPassword: ${{ secrets.ORG_IRS_JIRA_PASSWORD }}
     with:

.github/workflows/integration-test-DIL.yaml

@@ -12,9 +12,8 @@ jobs:
   trigger-integration-test:
     uses: ./.github/workflows/xray-cucumber-integration.yaml
     secrets:
-      oauth2TokenUrl: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
-      clientId: ${{ secrets.IRS_OAUTH2_CLIENT_ID_DIL }}
-      clientSecret: ${{ secrets.IRS_OAUTH2_CLIENT_SECRET_DIL }}
+      regularUserApiKey: ${{ secrets.DIL_REGULAR_USER_API_KEY }}
+      adminUserApiKey: ${{ secrets.DIL_ADMIN_USER_API_KEY }}
       jiraUser: ${{ secrets.ORG_IRS_JIRA_USERNAME }}
       jiraPassword: ${{ secrets.ORG_IRS_JIRA_PASSWORD }}
     with:

.github/workflows/integration-test-INT.yaml

@@ -7,9 +7,8 @@ jobs:
   trigger-integration-test:
     uses: ./.github/workflows/xray-cucumber-integration.yaml
     secrets:
-      oauth2TokenUrl: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
-      clientId: ${{ secrets.ORG_IRS_OAUTH2_CLIENT_ID_INT }}
-      clientSecret: ${{ secrets.ORG_IRS_OAUTH2_CLIENT_SECRET_INT }}
+      regularUserApiKey: ${{ secrets.INT_REGULAR_USER_API_KEY }}
+      adminUserApiKey: ${{ secrets.INT_ADMIN_USER_API_KEY }}
       jiraUser: ${{ secrets.ORG_IRS_JIRA_USERNAME }}
       jiraPassword: ${{ secrets.ORG_IRS_JIRA_PASSWORD }}
     with:

.github/workflows/tavern-integration.yml

@@ -61,9 +61,8 @@ jobs:
         env:
           IRS_HOST: ${{ 'https://irs.int.demo.catena-x.net' }}
           IRS_ESS_HOST: ${{ github.event.inputs.irs-ess-host || 'https://irs-ess.int.demo.catena-x.net' }}
-          OAUTH2_HOST: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
-          OAUTH2_CLIENT_ID: ${{ secrets.ORG_IRS_OAUTH2_CLIENT_ID_INT }}
-          OAUTH2_CLIENT_SECRET: ${{ secrets.ORG_IRS_OAUTH2_CLIENT_SECRET_INT }}
+          REGULAR_USER_API_KEY: ${{ secrets.INT_REGULAR_USER_API_KEY }}
+          ADMIN_USER_API_KEY: ${{ secrets.INT_ADMIN_USER_API_KEY }}
           GLOBAL_ASSET_ID_AS_PLANNED: ${{ github.event.inputs.global-asset-id-asPlanned || 'urn:uuid:0733946c-59c6-41ae-9570-cb43a6e4c79e' }}
           BPN_AS_PLANNED: ${{ github.event.inputs.bpn-asPlanned || 'BPNL00000003AYRE' }}
           GLOBAL_ASSET_ID_AS_BUILT: ${{ github.event.inputs.global-asset-id-asBuilt || 'urn:uuid:1b17682e-5e2a-4913-aa1b-7d59a072a3cb' }}

.github/workflows/tavern.yml

@@ -63,9 +63,10 @@ jobs:
         env:
           IRS_HOST: ${{ 'https://irs.dev.demo.catena-x.net' }}
           IRS_ESS_HOST: ${{ github.event.inputs.irs-ess-host || 'https://irs-ess.int.demo.catena-x.net' }}
-          OAUTH2_HOST: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
-          OAUTH2_CLIENT_ID: ${{ secrets.OAUTH2_CLIENT_ID }}
-          OAUTH2_CLIENT_SECRET: ${{ secrets.OAUTH2_CLIENT_SECRET }}
+          REGULAR_USER_API_KEY: ${{ secrets.DEV_REGULAR_USER_API_KEY }}
+          ADMIN_USER_API_KEY: ${{ secrets.DEV_ADMIN_USER_API_KEY }}
+          REGULAR_USER_API_KEY_ESS: ${{ secrets.INT_REGULAR_USER_API_KEY }}
+          ADMIN_USER_API_KEY_ESS: ${{ secrets.INT_ADMIN_USER_API_KEY }}
           GLOBAL_ASSET_ID_AS_PLANNED: ${{ github.event.inputs.global-asset-id-asPlanned || 'urn:uuid:0733946c-59c6-41ae-9570-cb43a6e4c79e' }}
           BPN_AS_PLANNED: ${{ github.event.inputs.bpn-asPlanned || 'BPNL00000003AYRE' }}
           GLOBAL_ASSET_ID_AS_BUILT: ${{ github.event.inputs.global-asset-id-asBuilt || 'urn:uuid:6d505432-8b31-4966-9514-4b753372683f' }}

.github/workflows/xray-cucumber-integration.yaml

@@ -3,11 +3,9 @@ name: IRS Cucumber Integration test Xray execution
 on:
   workflow_call: # Trigger by another workflow
     secrets:
-      oauth2TokenUrl:
+      regularUserApiKey:
         required: true
-      clientId:
-        required: true
-      clientSecret:
+      adminUserApiKey:
         required: true
       jiraUser:
         required: true
@@ -57,9 +55,8 @@ jobs:
       - name: Build with Maven
         if: ${{ steps.download.outputs.http_response == '200' }}
         env:
-          OAUTH2_HOST: ${{ secrets.oauth2TokenUrl }}
-          OAUTH2_CLIENT_ID: ${{ secrets.clientId }}
-          OAUTH2_CLIENT_SECRET: ${{ secrets.clientSecret }}
+          REGULAR_USER_API_KEY: ${{ secrets.regularUserApiKey }}
+          ADMIN_USER_API_KEY: ${{ secrets.adminUserApiKey }}
           ISSUE_FILTER: ${{ inputs.executionFilter }}
         run: |
           unzip -o features.zip -d irs-cucumber-tests/src/test/resources/features

.github/workflows/xray-cucumber.yaml

@@ -31,9 +31,8 @@ jobs:
   trigger-integration-test:
     uses: ./.github/workflows/xray-cucumber-integration.yaml
     secrets:
-      oauth2TokenUrl: ${{ secrets.OAUTH2_CLIENT_TOKEN_URI }}
-      clientId: ${{ secrets.OAUTH2_CLIENT_ID }}
-      clientSecret: ${{ secrets.OAUTH2_CLIENT_SECRET }}
+      regularUserApiKey: ${{ secrets.DEV_REGULAR_USER_API_KEY }}
+      adminUserApiKey: ${{ secrets.DEV_ADMIN_USER_API_KEY }}
       jiraUser: ${{ secrets.ORG_IRS_JIRA_USERNAME }}
       jiraPassword: ${{ secrets.ORG_IRS_JIRA_PASSWORD }}
     with:

irs-cucumber-tests/src/test/java/org/eclipse/tractusx/irs/cucumber/AuthenticationProperties.java

@@ -23,47 +23,23 @@
  ********************************************************************************/
 package org.eclipse.tractusx.irs.cucumber;
 
-import static io.restassured.RestAssured.given;
-
-import java.util.HashMap;
-import java.util.Map;
-
 import io.restassured.builder.RequestSpecBuilder;
 import io.restassured.specification.RequestSpecification;
 import lombok.Builder;
 
 @Builder
 /* package */ class AuthenticationProperties {
     private final String uri;
-    private final String clientId;
-    private final String clientSecret;
-    private final String oauth2Url;
-    private final String grantType;
-    private final String tokenPath;
+    private final String apiKey;
 
-    /* package */ AuthenticationProperties(final String uri, final String clientId, final String clientSecret,
-            final String oauth2Url, final String grantType, final String tokenPath) {
+    /* package */ AuthenticationProperties(final String uri, final String apiKey) {
         this.uri = uri;
-        this.clientId = clientId;
-        this.clientSecret = clientSecret;
-        this.oauth2Url = oauth2Url;
-        this.grantType = grantType;
-        this.tokenPath = tokenPath;
-    }
-
-    private String obtainAccessToken() {
-        final Map<String, String> oauth2Payload = new HashMap<>();
-        oauth2Payload.put("grant_type", grantType);
-        oauth2Payload.put("client_id", clientId);
-        oauth2Payload.put("client_secret", clientSecret);
-
-        return given().params(oauth2Payload).post(oauth2Url).then().extract().jsonPath().getString(tokenPath);
+        this.apiKey = apiKey;
     }
 
     /* package */ RequestSpecification getNewAuthenticationRequestSpecification() {
-        final String accessToken = obtainAccessToken();
         final RequestSpecBuilder builder = new RequestSpecBuilder();
-        builder.addHeader("Authorization", "Bearer " + accessToken);
+        builder.addHeader("X-API-KEY", apiKey);
         builder.setBaseUri(uri);
 
         return builder.build();

irs-cucumber-tests/src/test/java/org/eclipse/tractusx/irs/cucumber/E2ETestStepDefinitions.java

@@ -88,7 +88,6 @@ public void setup() {
         registerJobBuilder = RegisterJob.builder();
         registerBatchOrderBuilder = RegisterBatchOrder.builder();
         authenticationPropertiesBuilder = AuthenticationProperties.builder();
-        authenticationPropertiesBuilder.grantType("client_credentials").tokenPath("access_token");
 
         objectMapper = new ObjectMapper();
         objectMapper.registerModule(new JavaTimeModule());
@@ -105,21 +104,26 @@ public void theIRSURL(String irsUrl) {
         authenticationPropertiesBuilder.uri(irsUrl);
     }
 
-    @And("the user {string} with authentication")
-    public void theUser(String clientId) throws PropertyNotFoundException {
-        authenticationPropertiesBuilder.clientId(clientId);
-        final String oauth2UrlClientSecretKey = "OAUTH2_CLIENT_SECRET";
-        String clientSecret = System.getenv(oauth2UrlClientSecretKey);
-        if (clientSecret != null) {
-            authenticationPropertiesBuilder.clientSecret(clientSecret);
+    @And("the regular user api key")
+    public void theRegularUser() throws PropertyNotFoundException {
+        final String regularUserApiKey = "REGULAR_USER_API_KEY";
+        String apiKey = System.getenv(regularUserApiKey);
+        if (apiKey != null) {
+            authenticationPropertiesBuilder.apiKey(apiKey);
         } else {
-            throw new PropertyNotFoundException("Environment Variable missing: " + oauth2UrlClientSecretKey);
+            throw new PropertyNotFoundException("Environment Variable missing: " + regularUserApiKey);
         }
     }
 
-    @And("the OAuth2 token url {string}")
-    public void theOAuth2TokenUrl(String tokenUrl) {
-        authenticationPropertiesBuilder.oauth2Url(tokenUrl);
+    @And("the admin user api key")
+    public void theAdminUser() throws PropertyNotFoundException {
+        final String adminUserApiKey = "ADMIN_USER_API_KEY";
+        String apiKey = System.getenv(adminUserApiKey);
+        if (apiKey != null) {
+            authenticationPropertiesBuilder.apiKey(apiKey);
+        } else {
+            throw new PropertyNotFoundException("Environment Variable missing: " + adminUserApiKey);
+        }
     }
 
     @Given("I register an IRS job for globalAssetId {string}")

irs-edc-client/src/main/java/org/eclipse/tractusx/irs/edc/client/policy/PolicyCheckerService.java

@@ -23,17 +23,14 @@
  ********************************************************************************/
 package org.eclipse.tractusx.irs.edc.client.policy;
 
-import java.nio.charset.StandardCharsets;
 import java.time.OffsetDateTime;
 import java.util.List;
-import java.util.stream.Stream;
 
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.eclipse.edc.policy.model.Permission;
 import org.eclipse.edc.policy.model.Policy;
 import org.springframework.stereotype.Service;
-import org.springframework.web.util.UriUtils;
 
 /**
  * Check and validate Policy in Catalog fetch from EDC providers.
@@ -47,25 +44,13 @@ public class PolicyCheckerService {
     private final ConstraintCheckerService constraintCheckerService;
 
     public boolean isValid(final Policy policy) {
-        if (getValidStoredPolicyIds().contains("*")) {
-            return true;
-        }
-
         return policy.getPermissions().stream().allMatch(permission -> isValid(permission, getValidStoredPolicies()));
     }
 
     private boolean isValid(final Permission permission, final List<AcceptedPolicy> validStoredPolicies) {
-        return validStoredPolicies.stream().anyMatch(acceptedPolicy ->
-                constraintCheckerService.hasAllConstraint(acceptedPolicy.policy(), permission.getConstraints()));
-    }
-
-    private List<String> getValidStoredPolicyIds() {
-        return policyStore.getAcceptedPolicies()
-                          .stream()
-                          .filter(p -> p.validUntil().isAfter(OffsetDateTime.now()))
-                          .map(acceptedPolicy -> acceptedPolicy.policy().getPolicyId())
-                          .flatMap(this::addEncodedVersion)
-                          .toList();
+        return validStoredPolicies.stream()
+                                  .anyMatch(acceptedPolicy -> constraintCheckerService.hasAllConstraint(
+                                          acceptedPolicy.policy(), permission.getConstraints()));
     }
 
     private List<AcceptedPolicy> getValidStoredPolicies() {
@@ -75,8 +60,4 @@ private List<AcceptedPolicy> getValidStoredPolicies() {
                           .toList();
     }
 
-    private Stream<String> addEncodedVersion(final String original) {
-        return Stream.of(original, UriUtils.encode(original, StandardCharsets.UTF_8));
-    }
-
 }

irs-edc-client/src/test/java/org/eclipse/tractusx/irs/edc/client/policy/PolicyCheckerServiceTest.java

@@ -84,39 +84,6 @@ void shouldRejectWhenPolicyStoreIsEmpty() {
         assertThat(result).isFalse();
     }
 
-    @Test
-    void shouldConfirmValidPolicyWhenWildcardIsSet() {
-        // given
-        final String wildcardPolicyId = "*";
-        final var policyList = List.of(
-                new AcceptedPolicy(policy(TestConstants.ID_3_0_TRACE), OffsetDateTime.now().plusYears(1)),
-                new AcceptedPolicy(policy(wildcardPolicyId), OffsetDateTime.now().plusYears(1)));
-        when(policyStore.getAcceptedPolicies()).thenReturn(policyList);
-        Policy policy = createAtomicConstraintPolicy(TestConstants.FRAMEWORK_AGREEMENT_TRACEABILITY,
-                TestConstants.STATUS_ACTIVE);
-        // when
-        boolean result = policyCheckerService.isValid(policy);
-
-        // then
-        assertThat(result).isTrue();
-    }
-
-    @Test
-    void shouldRejectWhenWildcardIsPartOfPolicy() {
-        // given
-        final String invalidWildcardPolicy = "Policy*";
-        final var policyList = List.of(
-                new AcceptedPolicy(policy(invalidWildcardPolicy), OffsetDateTime.now().plusYears(1)));
-        when(policyStore.getAcceptedPolicies()).thenReturn(policyList);
-        Policy policy = createAtomicConstraintPolicy(TestConstants.FRAMEWORK_AGREEMENT_TRACEABILITY,
-                TestConstants.STATUS_ACTIVE);
-        // when
-        boolean result = policyCheckerService.isValid(policy);
-
-        // then
-        assertThat(result).isFalse();
-    }
-
     @Test
     void shouldRejectAndConstraintsWhenOnlyOneMatch() {
         // given