eclipse-edc · ndr-brt · Dec 11, 2023 · Dec 11, 2023 · Dec 11, 2023
diff --git a/DEPENDENCIES b/DEPENDENCIES
@@ -27,18 +27,18 @@ maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.15.3, Apache-2.
 maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.16.0, Apache-2.0, approved, #11605
 maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.14.0, Apache-2.0, approved, #5933
 maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.15.1, Apache-2.0, approved, #8802
-maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.16.0, , restricted, clearlydefined
-maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jakarta-jsonp/2.16.0, , restricted, clearlydefined
+maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.16.0, Apache-2.0, approved, #11855
+maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jakarta-jsonp/2.16.0, Apache-2.0, approved, #11854
 maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.14.0, Apache-2.0, approved, #4699
 maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.15.1, Apache-2.0, approved, #7930
-maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.16.0, , restricted, clearlydefined
-maven/mavencentral/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-base/2.16.0, , restricted, clearlydefined
+maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.16.0, Apache-2.0, approved, #11853
+maven/mavencentral/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-base/2.16.0, Apache-2.0, approved, #11851
 maven/mavencentral/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider/2.15.1, Apache-2.0, approved, #9236
-maven/mavencentral/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider/2.16.0, , restricted, clearlydefined
+maven/mavencentral/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider/2.16.0, Apache-2.0, approved, #11858
 maven/mavencentral/com.fasterxml.jackson.module/jackson-module-jakarta-xmlbind-annotations/2.15.3, Apache-2.0, approved, #9241
-maven/mavencentral/com.fasterxml.jackson.module/jackson-module-jakarta-xmlbind-annotations/2.16.0, , restricted, clearlydefined
+maven/mavencentral/com.fasterxml.jackson.module/jackson-module-jakarta-xmlbind-annotations/2.16.0, Apache-2.0, approved, #11856
 maven/mavencentral/com.fasterxml.jackson/jackson-bom/2.15.1, Apache-2.0, approved, #7929
-maven/mavencentral/com.fasterxml.jackson/jackson-bom/2.16.0, , restricted, clearlydefined
+maven/mavencentral/com.fasterxml.jackson/jackson-bom/2.16.0, Apache-2.0, approved, #11852
 maven/mavencentral/com.fasterxml.uuid/java-uuid-generator/4.1.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.github.cliftonlabs/json-simple/3.0.2, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.github.docker-java/docker-java-api/3.3.4, Apache-2.0, approved, #10346
@@ -180,8 +180,10 @@ maven/mavencentral/javax.ws.rs/javax.ws.rs-api/2.1, (CDDL-1.1 OR GPL-2.0 WITH Cl
 maven/mavencentral/joda-time/joda-time/2.10.5, Apache-2.0, approved, clearlydefined
 maven/mavencentral/junit/junit/4.13.2, EPL-2.0, approved, CQ23636
 maven/mavencentral/net.bytebuddy/byte-buddy-agent/1.14.1, Apache-2.0, approved, #7164
+maven/mavencentral/net.bytebuddy/byte-buddy-agent/1.14.10, Apache-2.0, approved, #7164
 maven/mavencentral/net.bytebuddy/byte-buddy/1.12.21, Apache-2.0 AND BSD-3-Clause, approved, #1811
 maven/mavencentral/net.bytebuddy/byte-buddy/1.14.1, Apache-2.0 AND BSD-3-Clause, approved, #7163
+maven/mavencentral/net.bytebuddy/byte-buddy/1.14.10, Apache-2.0 AND BSD-3-Clause, approved, #7163
 maven/mavencentral/net.java.dev.jna/jna/5.13.0, Apache-2.0 AND LGPL-2.1-or-later, approved, #6709
 maven/mavencentral/net.javacrumbs.json-unit/json-unit-core/2.36.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/net.minidev/accessors-smart/2.4.7, Apache-2.0, approved, #7515
@@ -277,9 +279,8 @@ maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk8/1.9.10, Apache-2.0, a
 maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib/1.9.10, Apache-2.0, approved, #11827
 maven/mavencentral/org.jetbrains/annotations/13.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/org.jetbrains/annotations/17.0.0, Apache-2.0, approved, clearlydefined
-maven/mavencentral/org.jetbrains/annotations/24.0.1, Apache-2.0, approved, #7417
 maven/mavencentral/org.jetbrains/annotations/24.1.0, Apache-2.0, approved, clearlydefined
-maven/mavencentral/org.junit-pioneer/junit-pioneer/2.2.0, , restricted, clearlydefined
+maven/mavencentral/org.junit-pioneer/junit-pioneer/2.2.0, EPL-2.0, approved, #11857
 maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.10.1, EPL-2.0, approved, #9714
 maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.10.1, EPL-2.0, approved, #9711
 maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.10.1, EPL-2.0, approved, #9708
@@ -295,6 +296,7 @@ maven/mavencentral/org.mock-server/mockserver-client-java/5.15.0, Apache-2.0 AND
 maven/mavencentral/org.mock-server/mockserver-core/5.15.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/org.mock-server/mockserver-netty/5.15.0, Apache-2.0, approved, #9276
 maven/mavencentral/org.mockito/mockito-core/5.2.0, MIT AND (Apache-2.0 AND MIT) AND Apache-2.0, approved, #7401
+maven/mavencentral/org.mockito/mockito-core/5.8.0, MIT AND (Apache-2.0 AND MIT) AND Apache-2.0, approved, #11787
 maven/mavencentral/org.mockito/mockito-inline/5.2.0, MIT, approved, clearlydefined
 maven/mavencentral/org.mozilla/rhino/1.7.7.2, MPL-2.0 AND BSD-3-Clause AND ISC, approved, CQ16320
 maven/mavencentral/org.objenesis/objenesis/3.3, Apache-2.0, approved, clearlydefined
@@ -307,7 +309,7 @@ maven/mavencentral/org.ow2.asm/asm-tree/9.6, BSD-3-Clause, approved, #10773
 maven/mavencentral/org.ow2.asm/asm/9.1, BSD-3-Clause, approved, CQ23029
 maven/mavencentral/org.ow2.asm/asm/9.2, BSD-3-Clause, approved, CQ23635
 maven/mavencentral/org.ow2.asm/asm/9.6, BSD-3-Clause, approved, #10776
-maven/mavencentral/org.postgresql/postgresql/42.7.0, BSD-2-Clause AND LicenseRef-scancode-free-unknown AND Apache-2.0, restricted, #11681
+maven/mavencentral/org.postgresql/postgresql/42.7.0, BSD-2-Clause AND Apache-2.0, approved, #11681
 maven/mavencentral/org.reflections/reflections/0.10.2, Apache-2.0 AND WTFPL, approved, clearlydefined
 maven/mavencentral/org.rnorth.duct-tape/duct-tape/1.0.8, MIT, approved, clearlydefined
 maven/mavencentral/org.slf4j/slf4j-api/1.7.22, MIT, approved, CQ11943

diff --git a/...d/src/test/java/org/eclipse/edc/api/auth/token/TokenBasedAuthenticationExtensionTest.java b/...d/src/test/java/org/eclipse/edc/api/auth/token/TokenBasedAuthenticationExtensionTest.java
@@ -17,7 +17,6 @@
 import org.eclipse.edc.junit.extensions.DependencyInjectionExtension;
 import org.eclipse.edc.spi.security.Vault;
 import org.eclipse.edc.spi.system.ServiceExtensionContext;
-import org.eclipse.edc.spi.system.injection.ObjectFactory;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
@@ -27,78 +26,55 @@
 import static org.mockito.Mockito.isNull;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.never;
-import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
 @ExtendWith(DependencyInjectionExtension.class)
 public class TokenBasedAuthenticationExtensionTest {
 
-    private TokenBasedAuthenticationExtension extension;
-
     private static final String AUTH_SETTING_APIKEY = "edc.api.auth.key";
-
     private static final String AUTH_SETTING_APIKEY_ALIAS = "edc.api.auth.key.alias";
-
     private static final String VAULT_KEY = "foo";
 
-    private Vault vaultMock;
-    private ServiceExtensionContext serviceExtensionContextMock;
+    private final Vault vault = mock();
 
     @BeforeEach
-    void setup(ServiceExtensionContext context, ObjectFactory factory) {
-
-        serviceExtensionContextMock = spy(context); //used to inject the config
-        vaultMock = mock(Vault.class);
-
-        context.registerService(Vault.class, vaultMock);
-        context.registerService(ServiceExtensionContext.class, serviceExtensionContextMock);
+    void setup(ServiceExtensionContext context) {
+        context.registerService(Vault.class, vault);
 
-        when(vaultMock.resolveSecret(VAULT_KEY)).thenReturn("foo");
-
-        extension = factory.constructInstance(TokenBasedAuthenticationExtension.class);
+        when(vault.resolveSecret(VAULT_KEY)).thenReturn("foo");
     }
 
     @Test
-    public void testPrimaryMethod_loadKeyFromVault() {
-        setAuthSettingApiKeyAlias(VAULT_KEY);
-        setAuthSettingApiKey("bar");
+    public void testPrimaryMethod_loadKeyFromVault(ServiceExtensionContext context, TokenBasedAuthenticationExtension extension) {
+        when(context.getSetting(eq(AUTH_SETTING_APIKEY_ALIAS), isNull())).thenReturn(VAULT_KEY);
+        when(context.getSetting(eq(AUTH_SETTING_APIKEY), anyString())).thenReturn("bar");
 
-        extension.initialize(serviceExtensionContextMock);
+        extension.initialize(context);
 
-        verify(serviceExtensionContextMock, never())
+        verify(context, never())
                 .getSetting(eq(AUTH_SETTING_APIKEY), anyString());
 
-        verify(serviceExtensionContextMock)
+        verify(context)
                 .getSetting(AUTH_SETTING_APIKEY_ALIAS, null);
 
-        verify(vaultMock).resolveSecret(VAULT_KEY);
+        verify(vault).resolveSecret(VAULT_KEY);
     }
 
     @Test
-    public void testSecondaryMethod_loadKeyFromConfig() {
-
-        setAuthSettingApiKeyAlias(null);
-        setAuthSettingApiKey("bar");
+    public void testSecondaryMethod_loadKeyFromConfig(ServiceExtensionContext context, TokenBasedAuthenticationExtension extension) {
+        when(context.getSetting(eq(AUTH_SETTING_APIKEY_ALIAS), isNull())).thenReturn(null);
+        when(context.getSetting(eq(AUTH_SETTING_APIKEY), anyString())).thenReturn("bar");
 
-        extension.initialize(serviceExtensionContextMock);
+        extension.initialize(context);
 
-        verify(serviceExtensionContextMock)
+        verify(context)
                 .getSetting(eq(AUTH_SETTING_APIKEY), anyString());
 
-        verify(serviceExtensionContextMock)
+        verify(context)
                 .getSetting(AUTH_SETTING_APIKEY_ALIAS, null);
 
-        verify(vaultMock, never()).resolveSecret(anyString());
+        verify(vault, never()).resolveSecret(anyString());
     }
 
-    private void setAuthSettingApiKey(String value) {
-        when(serviceExtensionContextMock.getSetting(eq(AUTH_SETTING_APIKEY), anyString()))
-                .thenReturn(value);
-    }
-
-    private void setAuthSettingApiKeyAlias(String value) {
-        when(serviceExtensionContextMock.getSetting(eq(AUTH_SETTING_APIKEY_ALIAS), isNull()))
-                .thenReturn(value);
-    }
 }
diff --git a/...e/src/test/java/org/eclipse/edc/iam/identitytrust/core/IdentityAndTrustExtensionTest.java b/...e/src/test/java/org/eclipse/edc/iam/identitytrust/core/IdentityAndTrustExtensionTest.java
@@ -29,33 +29,29 @@
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.atLeastOnce;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
 @ExtendWith(DependencyInjectionExtension.class)
 class IdentityAndTrustExtensionTest {
 
-    private ServiceExtensionContext spiedContext;
-
     @BeforeEach
     void setUp(ServiceExtensionContext context) {
-        spiedContext = spy(context);
-        spiedContext.registerService(SecureTokenService.class, mock());
+        context.registerService(SecureTokenService.class, mock());
         TypeManager mockedTm = mock();
         when(mockedTm.getMapper(eq(JSON_LD))).thenReturn(mock());
-        spiedContext.registerService(TypeManager.class, mockedTm);
+        context.registerService(TypeManager.class, mockedTm);
     }
 
     @Test
-    void verifyCorrectService(IdentityAndTrustExtension extension) {
+    void verifyCorrectService(IdentityAndTrustExtension extension, ServiceExtensionContext context) {
         var configMock = mock(Config.class);
         when(configMock.getString(eq(IdentityAndTrustExtension.CONNECTOR_DID_PROPERTY))).thenReturn("did:web:test");
-        when(spiedContext.getConfig()).thenReturn(configMock);
+        when(context.getConfig()).thenReturn(configMock);
 
-        var is = extension.createIdentityService(spiedContext);
+        var is = extension.createIdentityService(context);
 
         assertThat(is).isInstanceOf(IdentityAndTrustService.class);
         verify(configMock, atLeastOnce()).getString(eq(IdentityAndTrustExtension.CONNECTOR_DID_PROPERTY));
     }
-}
+}
@@ -27,34 +27,29 @@
 import static org.eclipse.edc.vault.hashicorp.model.Constants.VAULT_URL;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.when;
 
 @ExtendWith(DependencyInjectionExtension.class)
 class HashicorpVaultExtensionTest {
 
     private HashicorpVaultExtension extension;
 
-    // mocks
-    private ServiceExtensionContext context;
-
     @BeforeEach
     void setUp(ObjectFactory factory, ServiceExtensionContext context) {
-        this.context = spy(context);
         var healthCheckService = mock(HealthCheckService.class);
         context.registerService(HealthCheckService.class, healthCheckService);
         extension = factory.constructInstance(HashicorpVaultExtension.class);
     }
 
     @Test
-    void throwsHashicorpVaultExceptionOnVaultUrlUndefined() {
+    void throwsHashicorpVaultExceptionOnVaultUrlUndefined(ServiceExtensionContext context) {
         when(context.getSetting(VAULT_URL, null)).thenReturn(null);
 
         assertThrows(EdcException.class, () -> extension.initialize(context));
     }
 
     @Test
-    void throwsHashicorpVaultExceptionOnVaultTokenUndefined() {
+    void throwsHashicorpVaultExceptionOnVaultTokenUndefined(ServiceExtensionContext context) {
         when(context.getSetting(VAULT_TOKEN, null)).thenReturn(null);
         assertThrows(EdcException.class, () -> extension.initialize(context));
     }

@@ -39,28 +39,23 @@
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.eclipse.edc.connector.callback.staticendpoint.CallbackStaticEndpointExtension.EDC_CALLBACK_SETTING_PREFIX;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
 @ExtendWith(DependencyInjectionExtension.class)
 public class CallbackStaticEndpointExtensionTest {
 
     CallbackStaticEndpointExtension extension;
-
     CallbackRegistry callbackRegistry = mock(CallbackRegistry.class);
 
-    ServiceExtensionContext context;
-
     @BeforeEach
     void setUp(ServiceExtensionContext context, ObjectFactory factory) {
         context.registerService(CallbackRegistry.class, callbackRegistry);
         extension = factory.constructInstance(CallbackStaticEndpointExtension.class);
-        this.context = spy(context);
     }
 
     @Test
-    void initialize_shouldConfigureMultipleCallbacks() {
+    void initialize_shouldConfigureMultipleCallbacks(ServiceExtensionContext context) {
         var callback = CallbackAddress.Builder.newInstance()
                 .uri("http://url2")
                 .transactional(false)
@@ -91,7 +86,7 @@ void initialize_shouldConfigureMultipleCallbacks() {
 
     @ParameterizedTest
     @ArgumentsSource(CallbackArgumentProvider.class)
-    void initialize_shouldThrow_WhenWrongConfiguration(Map<String, String> callbackConfig) {
+    void initialize_shouldThrow_WhenWrongConfiguration(Map<String, String> callbackConfig, ServiceExtensionContext context) {
 
         var cfg = ConfigFactory.fromMap(callbackConfig);
 

@@ -38,15 +38,13 @@
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.ArgumentMatchers.isA;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
 @ExtendWith(DependencyInjectionExtension.class)
 class HttpWebhookExtensionTest {
 
     private HttpWebhookExtension extension;
-    private ServiceExtensionContext context;
     private final WebService webService = mock(WebService.class);
     private final Monitor monitor = mock(Monitor.class);
 
@@ -63,14 +61,13 @@ void setup(ServiceExtensionContext context, ObjectFactory factory) {
         context.registerService(AuthenticationService.class, mock(AuthenticationService.class));
         context.registerService(ManagementApiConfiguration.class, new ManagementApiConfiguration(webServiceConfiguration));
 
-        this.context = spy(context); //used to inject the config
-        when(this.context.getMonitor()).thenReturn(monitor);
+        when(context.getMonitor()).thenReturn(monitor);
 
         extension = factory.constructInstance(HttpWebhookExtension.class);
     }
 
     @Test
-    void initialize_shouldBeRegisteredAsManagementApiService() {
+    void initialize_shouldBeRegisteredAsManagementApiService(ServiceExtensionContext context) {
         when(context.getConfig()).thenReturn(ConfigFactory.empty());
 
         extension.initialize(context);

@@ -29,25 +29,19 @@
 import static org.eclipse.edc.connector.store.sql.assetindex.ConfigurationKeys.DATASOURCE_SETTING_NAME;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
 @ExtendWith(DependencyInjectionExtension.class)
 public class SqlAssetIndexServiceExtensionTest {
 
-    SqlAssetIndexServiceExtension extension;
-    ServiceExtensionContext context;
-
-
     @BeforeEach
     void setUp(ServiceExtensionContext context) {
-        this.context = spy(context);
         context.registerService(TypeManager.class, new TypeManager());
     }
 
     @Test
-    void shouldInitializeTheStore(SqlAssetIndexServiceExtension extension) {
+    void shouldInitializeTheStore(SqlAssetIndexServiceExtension extension, ServiceExtensionContext context) {
         var config = mock(Config.class);
         when(context.getConfig()).thenReturn(config);
         when(config.getString(any(), any())).thenReturn("test");

@@ -50,7 +50,6 @@
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
@@ -64,7 +63,6 @@ class TransferDataPlaneCoreExtensionTest {
     private final DataFlowManager dataFlowManager = mock(DataFlowManager.class);
     private final KeyPairFactory keyPairFactory = mock();
     private KeyPair keypair;
-    private ServiceExtensionContext context;
     private TransferDataPlaneCoreExtension extension;
 
     private static KeyPair keyPair() throws JOSEException {
@@ -99,14 +97,13 @@ public void setUp(ServiceExtensionContext context, ObjectFactory factory) throws
         context.registerService(Vault.class, vault);
         context.registerService(KeyPairFactory.class, keyPairFactory);
 
-        this.context = spy(context); //used to inject the config
-        when(this.context.getMonitor()).thenReturn(monitor);
+        when(context.getMonitor()).thenReturn(monitor);
 
         extension = factory.constructInstance(TransferDataPlaneCoreExtension.class);
     }
 
     @Test
-    void verifyInitializeSuccess() throws IOException, JOSEException {
+    void verifyInitializeSuccess(ServiceExtensionContext context) throws IOException {
         var publicKeyAlias = "publicKey";
         var privateKeyAlias = "privateKey";
         var config = mock(Config.class);