add token based auth on data plane consumer proxy

edc-dataplane/edc-dataplane-base/build.gradle.kts

@@ -29,6 +29,7 @@ dependencies {
     runtimeOnly(project(":edc-extensions:dataplane-proxy:edc-dataplane-proxy-provider-core"))
 
     runtimeOnly(libs.edc.config.filesystem)
+    runtimeOnly(libs.edc.auth.tokenbased)
     runtimeOnly(libs.edc.dpf.awss3)
     runtimeOnly(libs.edc.dpf.oauth2)
     runtimeOnly(libs.edc.dpf.http)

edc-extensions/dataplane-proxy/edc-dataplane-proxy-consumer-api/README.md

@@ -17,6 +17,27 @@ The path is `<proxyContext>/aas/request` and the body is something like this exa
 The body should contain the `assetId` or the `transferProcessId` which identify the data that we want to fetch
 and an `endpointUrl` which is the provider gateway on which the data is available. More info [here](../edc-dataplane-proxy-provider-api/README.md) on the gateway.
 
+Alternatively if the `endpointUrl` is not known or the gateway on the provider side is not configured, it can be omitted and the `Edr#endpointUrl`
+will be used. In this scenario if needed users can provide additional properties to the request for composing the final
+url:
+
+- `pathSegments` sub path to append to the base url
+- `queryParams` query parameters to add to the url
+
+Example with base url `http://localhost:8080/test`
+
+```json
+{
+  "assetId": "1",
+  "pathSegments": "/sub",
+  "queryParams": "foo=bar"
+}
+```
+
+The final url will look like `http://localhost:8080/test/sub?foo=bar` composed by the DataPlane manager with the Http request flow,
+
+> Note: the endpoint is not protected with configured `AuthenticationService`, which most likely will be the token based (auth key) one.
+
 ## Configuration
 
 | Key                             | Required | Default       | Description                |

edc-extensions/dataplane-proxy/edc-dataplane-proxy-consumer-api/build.gradle.kts

@@ -26,6 +26,7 @@ dependencies {
     implementation(libs.edc.dpf.framework)
     implementation(libs.edc.dpf.util)
     implementation(libs.edc.ext.http)
+    implementation(libs.edc.spi.auth)
 
     implementation(project(":spi:edr-spi"))
 

edc-extensions/dataplane-proxy/edc-dataplane-proxy-consumer-api/src/main/java/org/eclipse/tractusx/edc/dataplane/proxy/consumer/api/DataPlaneProxyConsumerApiExtension.java

@@ -14,6 +14,8 @@
 
 package org.eclipse.tractusx.edc.dataplane.proxy.consumer.api;
 
+import org.eclipse.edc.api.auth.spi.AuthenticationRequestFilter;
+import org.eclipse.edc.api.auth.spi.AuthenticationService;
 import org.eclipse.edc.connector.dataplane.spi.manager.DataPlaneManager;
 import org.eclipse.edc.runtime.metamodel.annotation.Extension;
 import org.eclipse.edc.runtime.metamodel.annotation.Inject;
@@ -63,6 +65,9 @@ public class DataPlaneProxyConsumerApiExtension implements ServiceExtension {
     @Inject
     private WebServiceConfigurer configurer;
 
+    @Inject
+    private AuthenticationService authenticationService;
+
     @Inject
     private Monitor monitor;
 
@@ -80,6 +85,7 @@ public void initialize(ServiceExtensionContext context) {
 
         executorService = newFixedThreadPool(context.getSetting(THREAD_POOL_SIZE, DEFAULT_THREAD_POOL));
 
+        webService.registerResource(CONSUMER_API_ALIAS, new AuthenticationRequestFilter(authenticationService));
         webService.registerResource(CONSUMER_API_ALIAS, new ClientErrorExceptionMapper());
         webService.registerResource(CONSUMER_API_ALIAS, new ConsumerAssetRequestController(edrCache, dataPlaneManager, executorService, monitor));
     }

edc-tests/e2e-tests/src/test/java/org/eclipse/tractusx/edc/lifecycle/Participant.java

@@ -391,6 +391,7 @@ private String getProxyData(Map<String, String> body) {
     private Response proxyRequest(Map<String, String> body) {
         return given()
                 .baseUri(proxyUrl)
+                .header("x-api-key", apiKey)
                 .contentType("application/json")
                 .body(body)
                 .post(PROXY_SUBPATH);

edc-tests/edc-dataplane-proxy-e2e/build.gradle.kts

@@ -24,6 +24,7 @@ dependencies {
     // test runtime config
     testImplementation(libs.edc.config.filesystem)
     testImplementation(libs.edc.dpf.http)
+    testImplementation(libs.edc.auth.tokenbased)
     testImplementation(project(":spi:edr-spi"))
     testImplementation(project(":core:edr-cache-core"))
     testImplementation(project(":edc-extensions:dataplane-proxy:edc-dataplane-proxy-consumer-api"))

edc-tests/edc-dataplane-proxy-e2e/src/test/java/org/eclipse/tractusx/edc/dataplane/proxy/e2e/DpfProxyEndToEndTest.java

@@ -74,16 +74,17 @@ public class DpfProxyEndToEndTest {
     private static final String REQUEST_TEMPLATE_TP = "{\"transferProcessId\": \"%s\", \"endpointUrl\" : \"http://localhost:%s/api/gateway/aas/test\"}";
     private static final String REQUEST_TEMPLATE_ASSET = "{\"assetId\": \"%s\", \"endpointUrl\" : \"http://localhost:%s/api/gateway/aas/test\"}";
     private static final String MOCK_ENDPOINT_200_BODY = "{\"message\":\"test\"}";
+    private static final String API_KEY = "testkey";
 
     @RegisterExtension
     static EdcRuntimeExtension consumer = new EdcRuntimeExtension(
             LAUNCHER_MODULE,
             "consumer",
             baseConfig(Map.of(
                     "web.http.port", valueOf(CONSUMER_HTTP_PORT),
+                    "edc.api.auth.key", API_KEY,
                     "tx.dpf.consumer.proxy.port", valueOf(CONSUMER_PROXY_PORT)
             )));
-
     @RegisterExtension
     static EdcRuntimeExtension provider = new EdcRuntimeExtension(
             LAUNCHER_MODULE,
@@ -184,6 +185,7 @@ private RequestSpecification createSpecification(String body) {
         return given()
                 .baseUri("http://localhost:" + CONSUMER_PROXY_PORT)
                 .contentType("application/json")
+                .header("x-api-key", API_KEY)
                 .body(body);
     }