build(deps): bump EDC to 0.10.0-20241022-SNAPSHOT (#1645)

eclipse-tractusx · Oct 22, 2024 · 4b76a58 · 4b76a58
1 parent 7ff2f6c
commit 4b76a58
Show file tree

Hide file tree

Showing 28 changed files with 614 additions and 647 deletions.
diff --git a/DEPENDENCIES b/DEPENDENCIES
diff --git a/...t/src/test/java/org/eclipse/tractusx/edc/identity/mapper/BdrsClientImplComponentTest.java b/...t/src/test/java/org/eclipse/tractusx/edc/identity/mapper/BdrsClientImplComponentTest.java
@@ -40,11 +40,13 @@
 import org.eclipse.edc.iam.verifiablecredentials.spi.model.VerifiablePresentation;
 import org.eclipse.edc.iam.verifiablecredentials.spi.model.VerifiablePresentationContainer;
 import org.eclipse.edc.junit.annotations.ComponentTest;
+import org.eclipse.edc.jwt.validation.jti.JtiValidationStore;
 import org.eclipse.edc.keys.spi.PrivateKeyResolver;
 import org.eclipse.edc.security.token.jwt.DefaultJwsSignerProvider;
 import org.eclipse.edc.spi.EdcException;
 import org.eclipse.edc.spi.monitor.Monitor;
 import org.eclipse.edc.spi.result.Result;
+import org.eclipse.edc.token.InMemoryJtiValidationStore;
 import org.eclipse.edc.token.JwtGenerationService;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -123,6 +125,7 @@ class BdrsClientImplComponentTest {
     private final ObjectMapper mapper = new ObjectMapper();
     private final CredentialServiceClient csMock = mock();
     private final PrivateKeyResolver privateKeyResolver = mock();
+    private final JtiValidationStore validationStore = new InMemoryJtiValidationStore();
 
     private BdrsClientImpl client;
     private ECKey vpHolderKey;
@@ -136,7 +139,7 @@ void setup() throws JOSEException, IOException, ParseException {
         vpHolderKey = ECKey.parse(Files.readString(Path.of(SHARED_TEMP_DIR, HOLDER_NAME + "/key.json")));
 
         var pk = vpHolderKey.toPrivateKey();
-        var sts = new EmbeddedSecureTokenService(new JwtGenerationService(new DefaultJwsSignerProvider(privateKeyResolver)), () -> privateKeyAlias, () -> vpHolderKey.getKeyID(), Clock.systemUTC(), 10);
+        var sts = new EmbeddedSecureTokenService(new JwtGenerationService(new DefaultJwsSignerProvider(privateKeyResolver)), () -> privateKeyAlias, () -> vpHolderKey.getKeyID(), Clock.systemUTC(), 10, validationStore);
 
         var directoryPort = BDRS_SERVER_CONTAINER.getMappedPort(8082);
         client = new BdrsClientImpl("http://%s:%d/api/directory".formatted(BDRS_SERVER_CONTAINER.getHost(), directoryPort), 1,
@@ -272,4 +275,4 @@ private Map<String, Object> asMap(String rawContent) {
             throw new RuntimeException(e);
         }
     }
-}
+}
diff --git a/edc-extensions/bpn-validation/bpn-validation-core/build.gradle.kts b/edc-extensions/bpn-validation/bpn-validation-core/build.gradle.kts
@@ -29,6 +29,7 @@ dependencies {
     api(libs.edc.spi.core)
     implementation(libs.edc.spi.catalog)
     implementation(libs.edc.spi.contract)
+    implementation(libs.edc.spi.participant)
     implementation(libs.edc.spi.policy)
     implementation(libs.edc.spi.policyengine)
 

diff --git a/...pse/tractusx/edc/validation/businesspartner/BusinessPartnerNumberValidationExtension.java b/...pse/tractusx/edc/validation/businesspartner/BusinessPartnerNumberValidationExtension.java
@@ -75,11 +75,10 @@ public String name() {
 
     @Override
     public void initialize(ServiceExtensionContext context) {
-        var function = new BusinessPartnerNumberPermissionFunction();
 
-        bindToScope(TransferProcessPolicyContext.class, function.transferProcess(), TRANSFER_SCOPE);
-        bindToScope(ContractNegotiationPolicyContext.class, function.contractNegotiation(), NEGOTIATION_SCOPE);
-        bindToScope(CatalogPolicyContext.class, function.catalog(), CATALOG_SCOPE);
+        bindToScope(TransferProcessPolicyContext.class, new BusinessPartnerNumberPermissionFunction<>(), TRANSFER_SCOPE);
+        bindToScope(ContractNegotiationPolicyContext.class, new BusinessPartnerNumberPermissionFunction<>(), NEGOTIATION_SCOPE);
+        bindToScope(CatalogPolicyContext.class, new BusinessPartnerNumberPermissionFunction<>(), CATALOG_SCOPE);
     }
 
     private <C extends PolicyContext> void bindToScope(Class<C> contextType, AtomicConstraintRuleFunction<Permission, C> function, String scope) {

diff --git a/...g/eclipse/tractusx/edc/validation/businesspartner/BusinessPartnerValidationExtension.java b/...g/eclipse/tractusx/edc/validation/businesspartner/BusinessPartnerValidationExtension.java
@@ -75,11 +75,10 @@ public class BusinessPartnerValidationExtension implements ServiceExtension {
 
     @Override
     public void initialize(ServiceExtensionContext context) {
-        var function = new BusinessPartnerGroupFunction(store);
 
-        bindToScope(TRANSFER_SCOPE, TransferProcessPolicyContext.class, function.transferProcess());
-        bindToScope(NEGOTIATION_SCOPE, ContractNegotiationPolicyContext.class, function.contractNegotiation());
-        bindToScope(CATALOG_SCOPE, CatalogPolicyContext.class, function.catalog());
+        bindToScope(TRANSFER_SCOPE, TransferProcessPolicyContext.class, new BusinessPartnerGroupFunction<>(store));
+        bindToScope(NEGOTIATION_SCOPE, ContractNegotiationPolicyContext.class, new BusinessPartnerGroupFunction<>(store));
+        bindToScope(CATALOG_SCOPE, CatalogPolicyContext.class, new BusinessPartnerGroupFunction<>(store));
     }
 
     private <C extends PolicyContext> void bindToScope(String scope, Class<C> contextType, AtomicConstraintRuleFunction<Permission, C> function) {

diff --git a/...lipse/tractusx/edc/validation/businesspartner/functions/BusinessPartnerGroupFunction.java b/...lipse/tractusx/edc/validation/businesspartner/functions/BusinessPartnerGroupFunction.java
@@ -19,16 +19,12 @@
 
 package org.eclipse.tractusx.edc.validation.businesspartner.functions;
 
-import org.eclipse.edc.connector.controlplane.catalog.spi.policy.CatalogPolicyContext;
-import org.eclipse.edc.connector.controlplane.contract.spi.policy.ContractNegotiationPolicyContext;
-import org.eclipse.edc.connector.controlplane.contract.spi.policy.TransferProcessPolicyContext;
+import org.eclipse.edc.participant.spi.ParticipantAgent;
+import org.eclipse.edc.participant.spi.ParticipantAgentPolicyContext;
 import org.eclipse.edc.policy.engine.spi.AtomicConstraintRuleFunction;
 import org.eclipse.edc.policy.engine.spi.PolicyContext;
 import org.eclipse.edc.policy.model.Operator;
 import org.eclipse.edc.policy.model.Permission;
-import org.eclipse.edc.spi.agent.ParticipantAgent;
-import org.eclipse.edc.spi.result.StoreFailure;
-import org.eclipse.edc.spi.result.StoreFailure.Reason;
 import org.eclipse.tractusx.edc.validation.businesspartner.spi.BusinessPartnerStore;
 
 import java.util.Arrays;
@@ -81,7 +77,7 @@
  *
  * @see BusinessPartnerStore
  */
-public class BusinessPartnerGroupFunction {
+public class BusinessPartnerGroupFunction<C extends ParticipantAgentPolicyContext> implements AtomicConstraintRuleFunction<Permission, C> {
     public static final String BUSINESS_PARTNER_CONSTRAINT_KEY = TX_NAMESPACE + "BusinessPartnerGroup";
     private static final List<Operator> ALLOWED_OPERATORS = List.of(EQ, NEQ, IN, IS_ALL_OF, IS_ANY_OF, IS_NONE_OF);
     private static final Map<Operator, Function<BpnGroupHolder, Boolean>> OPERATOR_EVALUATOR_MAP = new HashMap<>();
@@ -97,42 +93,13 @@ public BusinessPartnerGroupFunction(BusinessPartnerStore store) {
         OPERATOR_EVALUATOR_MAP.put(IS_NONE_OF, this::evaluateIsNoneOf);
     }
 
-    public AtomicConstraintRuleFunction<Permission, TransferProcessPolicyContext> transferProcess() {
-        return (operator, rightValue, permission, context) ->
-                evaluate(operator, rightValue, context.agent(), context);
-    }
-
-    public AtomicConstraintRuleFunction<Permission, ContractNegotiationPolicyContext> contractNegotiation() {
-        return (operator, rightValue, permission, context) ->
-                evaluate(operator, rightValue, context.agent(), context);
-    }
-
-    public AtomicConstraintRuleFunction<Permission, CatalogPolicyContext> catalog() {
-        return (operator, rightValue, permission, context) ->
-                evaluate(operator, rightValue, context.agent(), context);
-    }
-
-    /**
-     * Policy evaluation function that checks whether a given BusinessPartnerNumber is covered by a given policy.
-     * The evaluation is prematurely aborted (returns {@code false}) if:
-     * <ul>
-     *     <li>No {@link ParticipantAgent} was found on the {@link PolicyContext}</li>
-     *     <li>The operator is invalid. Check {@link BusinessPartnerGroupFunction#ALLOWED_OPERATORS} for valid operators.</li>
-     *     <li>No database entry was found for the BPN (taken from the {@link ParticipantAgent}) and the {@link StoreFailure#getReason()} is different than {@link Reason#NOT_FOUND}</li>
-     *     <li>The right value is anything other than {@link String} or {@link Collection}</li>
-     * </ul>
-     */
-    public boolean evaluate(Operator operator, Object rightValue, ParticipantAgent participantAgent, PolicyContext policyContext) {
-        // No participant agent found in context
-        if (participantAgent == null) {
-            policyContext.reportProblem("ParticipantAgent not found on PolicyContext");
-            return false;
-        }
-
+    @Override
+    public boolean evaluate(Operator operator, Object rightOperand, Permission permission, C context) {
+        var participantAgent = context.participantAgent();
         // invalid operator
         if (!ALLOWED_OPERATORS.contains(operator)) {
             var ops = ALLOWED_OPERATORS.stream().map(Enum::name).collect(Collectors.joining(", "));
-            policyContext.reportProblem(format("Operator must be one of [%s] but was [%s]", ops, operator.name()));
+            context.reportProblem(format("Operator must be one of [%s] but was [%s]", ops, operator.name()));
             return false;
         }
 
@@ -143,18 +110,18 @@ public boolean evaluate(Operator operator, Object rightValue, ParticipantAgent p
 
         // BPN not found in database
         if (groups.failed()) {
-            policyContext.reportProblem(groups.getFailureDetail());
+            context.reportProblem(groups.getFailureDetail());
             return false;
         }
 
         // right-operand is anything other than String or Collection
-        var rightOperand = parseRightOperand(rightValue, policyContext);
-        if (rightOperand == null) {
+        var rightOperand1 = parseRightOperand(rightOperand, context);
+        if (rightOperand1 == null) {
             return false;
         }
 
         //call evaluator function
-        return OPERATOR_EVALUATOR_MAP.get(operator).apply(new BpnGroupHolder(assignedGroups, rightOperand));
+        return OPERATOR_EVALUATOR_MAP.get(operator).apply(new BpnGroupHolder(assignedGroups, rightOperand1));
     }
 
     private List<String> parseRightOperand(Object rightValue, PolicyContext context) {

diff --git a/...usx/edc/validation/businesspartner/functions/BusinessPartnerNumberPermissionFunction.java b/...usx/edc/validation/businesspartner/functions/BusinessPartnerNumberPermissionFunction.java
@@ -19,14 +19,11 @@
 
 package org.eclipse.tractusx.edc.validation.businesspartner.functions;
 
-import org.eclipse.edc.connector.controlplane.catalog.spi.policy.CatalogPolicyContext;
-import org.eclipse.edc.connector.controlplane.contract.spi.policy.ContractNegotiationPolicyContext;
-import org.eclipse.edc.connector.controlplane.contract.spi.policy.TransferProcessPolicyContext;
+import org.eclipse.edc.participant.spi.ParticipantAgentPolicyContext;
 import org.eclipse.edc.policy.engine.spi.AtomicConstraintRuleFunction;
 import org.eclipse.edc.policy.engine.spi.PolicyContext;
 import org.eclipse.edc.policy.model.Operator;
 import org.eclipse.edc.policy.model.Permission;
-import org.eclipse.edc.spi.agent.ParticipantAgent;
 import org.eclipse.edc.spi.result.Failure;
 import org.eclipse.edc.spi.result.Result;
 import org.jetbrains.annotations.NotNull;
@@ -45,7 +42,7 @@
 /**
  * AtomicConstraintFunction to validate business partner numbers for edc permissions.
  */
-public class BusinessPartnerNumberPermissionFunction {
+public class BusinessPartnerNumberPermissionFunction<C extends ParticipantAgentPolicyContext> implements AtomicConstraintRuleFunction<Permission, C> {
 
     private static final List<Operator> SUPPORTED_OPERATORS = Arrays.asList(
             EQ,
@@ -58,51 +55,33 @@ public class BusinessPartnerNumberPermissionFunction {
             Operator.HAS_PART
     );
 
-    public AtomicConstraintRuleFunction<Permission, TransferProcessPolicyContext> transferProcess() {
-        return (operator, rightValue, permission, context) ->
-                evaluate(operator, rightValue, context.agent(), context);
-    }
-
-    public AtomicConstraintRuleFunction<Permission, ContractNegotiationPolicyContext> contractNegotiation() {
-        return (operator, rightValue, permission, context) ->
-                evaluate(operator, rightValue, context.agent(), context);
-    }
-
-    public AtomicConstraintRuleFunction<Permission, CatalogPolicyContext> catalog() {
-        return (operator, rightValue, permission, context) ->
-                evaluate(operator, rightValue, context.agent(), context);
-    }
-
-    public boolean evaluate(Operator operator, Object rightValue, ParticipantAgent participantAgent, PolicyContext context) {
+    @Override
+    public boolean evaluate(Operator operator, Object rightOperand, Permission permission, ParticipantAgentPolicyContext context) {
+        var participantAgent = context.participantAgent();
 
         if (!SUPPORTED_OPERATORS.contains(operator)) {
             var message = "Operator %s is not supported. Supported operators: %s".formatted(operator, SUPPORTED_OPERATORS);
             context.reportProblem(message);
             return false;
         }
 
-        if (participantAgent == null) {
-            context.reportProblem("Required PolicyContext data not found: " + ParticipantAgent.class.getName());
-            return false;
-        }
-
         var identity = participantAgent.getIdentity();
         if (identity == null) {
             context.reportProblem("Identity of the participant agent cannot be null");
             return false;
         }
 
         return switch (operator) {
-            case EQ, IS_ALL_OF -> checkEquality(identity, rightValue, operator)
+            case EQ, IS_ALL_OF -> checkEquality(identity, rightOperand, operator)
                     .orElse(reportFailure(context));
-            case NEQ -> checkEquality(identity, rightValue, operator)
+            case NEQ -> checkEquality(identity, rightOperand, operator)
                     .map(b -> !b)
                     .orElse(reportFailure(context));
-            case HAS_PART -> checkStringContains(identity, rightValue)
+            case HAS_PART -> checkStringContains(identity, rightOperand)
                     .orElse(reportFailure(context));
             case IN, IS_A, IS_ANY_OF ->
-                    checkListContains(identity, rightValue, operator).orElse(reportFailure(context));
-            case IS_NONE_OF -> checkListContains(identity, rightValue, operator)
+                    checkListContains(identity, rightOperand, operator).orElse(reportFailure(context));
+            case IS_NONE_OF -> checkListContains(identity, rightOperand, operator)
                     .map(b -> !b)
                     .orElse(reportFailure(context));
             default -> false;
@@ -120,14 +99,16 @@ private Result<Boolean> checkListContains(String identity, Object rightValue, Op
         if (rightValue instanceof List<?> numbers) {
             return success(numbers.contains(identity));
         }
-        return failure("Invalid right-value: operator '%s' requires a 'List' but got a '%s'".formatted(operator, Optional.of(rightValue).map(Object::getClass).map(Class::getName).orElse(null)));
+        return failure("Invalid right-value: operator '%s' requires a 'List' but got a '%s'"
+                .formatted(operator, Optional.of(rightValue).map(Object::getClass).map(Class::getName).orElse(null)));
     }
 
     private Result<Boolean> checkStringContains(String identity, Object rightValue) {
         if (rightValue instanceof String bpnString) {
             return success(identity.contains(bpnString));
         }
-        return failure("Invalid right-value: operator '%s' requires a 'String' but got a '%s'".formatted(HAS_PART, Optional.of(rightValue).map(Object::getClass).map(Class::getName).orElse(null)));
+        return failure("Invalid right-value: operator '%s' requires a 'String' but got a '%s'"
+                .formatted(HAS_PART, Optional.of(rightValue).map(Object::getClass).map(Class::getName).orElse(null)));
     }
 
     @SuppressWarnings({ "unchecked", "rawtypes" })
@@ -137,6 +118,7 @@ private Result<Boolean> checkEquality(String identity, Object rightValue, Operat
         } else if (rightValue instanceof List bpnList) {
             return success(bpnList.stream().allMatch(bpn -> Objects.equals(identity, bpn)));
         }
-        return failure("Invalid right-value: operator '%s' requires a 'String' or a 'List' but got a '%s'".formatted(operator, Optional.of(rightValue).map(Object::getClass).map(Class::getName).orElse(null)));
+        return failure("Invalid right-value: operator '%s' requires a 'String' or a 'List' but got a '%s'"
+                .formatted(operator, Optional.of(rightValue).map(Object::getClass).map(Class::getName).orElse(null)));
     }
 }