From a9be55abebb01c36daf161d7c0df9358dc8f68df Mon Sep 17 00:00:00 2001 From: ndr_brt Date: Mon, 19 Feb 2024 11:39:22 +0100 Subject: [PATCH] refactor: cleanup ContractValidationService --- .../contract/ContractCoreExtension.java | 6 +- .../ContractValidationServiceImpl.java | 35 +---- .../ContractValidationServiceImplTest.java | 9 +- .../ControlPlaneServicesExtension.java | 2 +- .../catalog/CatalogProtocolServiceImpl.java | 12 +- .../protocol/ProtocolTokenValidatorImpl.java | 21 --- .../TransferProcessProtocolServiceImpl.java | 24 ++-- .../CatalogProtocolServiceImplTest.java | 32 +---- ...ransferProcessProtocolServiceImplTest.java | 131 +++++++++--------- .../HttpProvisionerExtensionEndToEndTest.java | 3 +- .../validation/ContractValidationService.java | 63 --------- .../spi/protocol/ProtocolTokenValidator.java | 13 -- 12 files changed, 94 insertions(+), 257 deletions(-) diff --git a/core/control-plane/contract-core/src/main/java/org/eclipse/edc/connector/contract/ContractCoreExtension.java b/core/control-plane/contract-core/src/main/java/org/eclipse/edc/connector/contract/ContractCoreExtension.java index d953713632a..84568ca0d92 100644 --- a/core/control-plane/contract-core/src/main/java/org/eclipse/edc/connector/contract/ContractCoreExtension.java +++ b/core/control-plane/contract-core/src/main/java/org/eclipse/edc/connector/contract/ContractCoreExtension.java @@ -40,7 +40,6 @@ import org.eclipse.edc.runtime.metamodel.annotation.Inject; import org.eclipse.edc.runtime.metamodel.annotation.Provides; import org.eclipse.edc.runtime.metamodel.annotation.Setting; -import org.eclipse.edc.spi.agent.ParticipantAgentService; import org.eclipse.edc.spi.asset.AssetIndex; import org.eclipse.edc.spi.event.EventRouter; import org.eclipse.edc.spi.message.RemoteMessageDispatcherRegistry; @@ -109,9 +108,6 @@ public class ContractCoreExtension implements ServiceExtension { @Inject private ContractNegotiationStore store; - @Inject - private ParticipantAgentService agentService; - @Inject private PolicyEngine policyEngine; @@ -180,7 +176,7 @@ private void registerServices(ServiceExtensionContext context) { var participantId = context.getParticipantId(); var policyEquality = new PolicyEquality(typeManager); - var validationService = new ContractValidationServiceImpl(agentService, assetIndex, policyEngine, policyEquality); + var validationService = new ContractValidationServiceImpl(assetIndex, policyEngine, policyEquality); context.registerService(ContractValidationService.class, validationService); // bind/register rule to evaluate contract expiry diff --git a/core/control-plane/contract-core/src/main/java/org/eclipse/edc/connector/contract/validation/ContractValidationServiceImpl.java b/core/control-plane/contract-core/src/main/java/org/eclipse/edc/connector/contract/validation/ContractValidationServiceImpl.java index 24e990b90b2..99ae470d230 100644 --- a/core/control-plane/contract-core/src/main/java/org/eclipse/edc/connector/contract/validation/ContractValidationServiceImpl.java +++ b/core/control-plane/contract-core/src/main/java/org/eclipse/edc/connector/contract/validation/ContractValidationServiceImpl.java @@ -26,9 +26,7 @@ import org.eclipse.edc.policy.engine.spi.PolicyEngine; import org.eclipse.edc.policy.model.Policy; import org.eclipse.edc.spi.agent.ParticipantAgent; -import org.eclipse.edc.spi.agent.ParticipantAgentService; import org.eclipse.edc.spi.asset.AssetIndex; -import org.eclipse.edc.spi.iam.ClaimToken; import org.eclipse.edc.spi.query.Criterion; import org.eclipse.edc.spi.result.Result; import org.eclipse.edc.spi.types.domain.agreement.ContractAgreement; @@ -51,16 +49,13 @@ */ public class ContractValidationServiceImpl implements ContractValidationService { - private final ParticipantAgentService agentService; private final AssetIndex assetIndex; private final PolicyEngine policyEngine; private final PolicyEquality policyEquality; - public ContractValidationServiceImpl(ParticipantAgentService agentService, - AssetIndex assetIndex, + public ContractValidationServiceImpl(AssetIndex assetIndex, PolicyEngine policyEngine, PolicyEquality policyEquality) { - this.agentService = agentService; this.assetIndex = assetIndex; this.policyEngine = policyEngine; this.policyEquality = policyEquality; @@ -125,34 +120,6 @@ public ContractValidationServiceImpl(ParticipantAgentService agentService, return success(); } - @Override - public @NotNull Result validateInitialOffer(ClaimToken token, ValidatableConsumerOffer consumerOffer) { - return validateInitialOffer(agentService.createFor(token), consumerOffer); - } - - @Override - @NotNull - public Result validateAgreement(ClaimToken token, ContractAgreement agreement) { - return validateAgreement(agentService.createFor(token), agreement); - } - - @Override - public @NotNull Result validateRequest(ClaimToken token, ContractAgreement agreement) { - return validateRequest(agentService.createFor(token), agreement); - } - - @Override - @NotNull - public Result validateRequest(ClaimToken token, ContractNegotiation negotiation) { - return validateRequest(agentService.createFor(token), negotiation); - } - - @Override - @NotNull - public Result validateConfirmed(ClaimToken token, ContractAgreement agreement, ContractOffer latestOffer) { - return validateConfirmed(agentService.createFor(token), agreement, latestOffer); - } - /** * Validates an initial contract offer, ensuring that the referenced asset exists, is selected by the corresponding policy definition and the agent fulfills the contract policy. * A sanitized policy definition is returned to avoid clients injecting manipulated policies. diff --git a/core/control-plane/contract-core/src/test/java/org/eclipse/edc/connector/contract/validation/ContractValidationServiceImplTest.java b/core/control-plane/contract-core/src/test/java/org/eclipse/edc/connector/contract/validation/ContractValidationServiceImplTest.java index 8d06a0090b9..37578967b75 100644 --- a/core/control-plane/contract-core/src/test/java/org/eclipse/edc/connector/contract/validation/ContractValidationServiceImplTest.java +++ b/core/control-plane/contract-core/src/test/java/org/eclipse/edc/connector/contract/validation/ContractValidationServiceImplTest.java @@ -28,9 +28,7 @@ import org.eclipse.edc.policy.model.Permission; import org.eclipse.edc.policy.model.Policy; import org.eclipse.edc.spi.agent.ParticipantAgent; -import org.eclipse.edc.spi.agent.ParticipantAgentService; import org.eclipse.edc.spi.asset.AssetIndex; -import org.eclipse.edc.spi.iam.ClaimToken; import org.eclipse.edc.spi.result.Result; import org.eclipse.edc.spi.types.domain.agreement.ContractAgreement; import org.eclipse.edc.spi.types.domain.asset.Asset; @@ -77,10 +75,9 @@ class ContractValidationServiceImplTest { private final AssetIndex assetIndex = mock(); private final PolicyEngine policyEngine = mock(); private final PolicyEquality policyEquality = mock(); - private final ParticipantAgentService agentService = mock(); private final ContractValidationService validationService = - new ContractValidationServiceImpl(agentService, assetIndex, policyEngine, policyEquality); + new ContractValidationServiceImpl(assetIndex, policyEngine, policyEquality); private static ContractDefinition.Builder createContractDefinitionBuilder() { return ContractDefinition.Builder.newInstance() @@ -343,15 +340,13 @@ void validateInitialOffer_fails_whenContractPolicyEvaluationFails() { var validatableOffer = createValidatableConsumerOffer(); var participantAgent = new ParticipantAgent(emptyMap(), Map.of(PARTICIPANT_IDENTITY, CONSUMER_ID)); - var claimToken = ClaimToken.Builder.newInstance().build(); - when(agentService.createFor(eq(claimToken))).thenReturn(participantAgent); when(policyEngine.evaluate(eq(CATALOGING_SCOPE), any(), isA(PolicyContext.class))).thenReturn(Result.success()); when(policyEngine.evaluate(eq(NEGOTIATION_SCOPE), any(), isA(PolicyContext.class))).thenReturn(Result.failure("evaluation failure")); when(assetIndex.findById(anyString())).thenReturn(Asset.Builder.newInstance().build()); when(assetIndex.countAssets(anyList())).thenReturn(1L); - var result = validationService.validateInitialOffer(claimToken, validatableOffer); + var result = validationService.validateInitialOffer(participantAgent, validatableOffer); assertThat(result).isFailed().detail() .startsWith("Policy in scope %s not fulfilled for offer %s, policy evaluation".formatted(NEGOTIATION_SCOPE, validatableOffer.getOfferId().toString())) diff --git a/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/ControlPlaneServicesExtension.java b/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/ControlPlaneServicesExtension.java index 75e076c271c..4ab05a23b8e 100644 --- a/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/ControlPlaneServicesExtension.java +++ b/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/ControlPlaneServicesExtension.java @@ -172,7 +172,7 @@ public CatalogService catalogService() { @Provider public CatalogProtocolService catalogProtocolService(ServiceExtensionContext context) { - return new CatalogProtocolServiceImpl(datasetResolver, participantAgentService, dataServiceRegistry, + return new CatalogProtocolServiceImpl(datasetResolver, dataServiceRegistry, protocolTokenValidator(), context.getParticipantId(), transactionContext); } diff --git a/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/catalog/CatalogProtocolServiceImpl.java b/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/catalog/CatalogProtocolServiceImpl.java index 70611155b3a..1748d1173d8 100644 --- a/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/catalog/CatalogProtocolServiceImpl.java +++ b/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/catalog/CatalogProtocolServiceImpl.java @@ -23,8 +23,7 @@ import org.eclipse.edc.connector.spi.protocol.ProtocolTokenValidator; import org.eclipse.edc.policy.engine.spi.PolicyScope; import org.eclipse.edc.policy.model.Policy; -import org.eclipse.edc.spi.agent.ParticipantAgentService; -import org.eclipse.edc.spi.iam.ClaimToken; +import org.eclipse.edc.spi.agent.ParticipantAgent; import org.eclipse.edc.spi.iam.TokenRepresentation; import org.eclipse.edc.spi.result.ServiceResult; import org.eclipse.edc.transaction.spi.TransactionContext; @@ -41,7 +40,6 @@ public class CatalogProtocolServiceImpl implements CatalogProtocolService { private static final String PARTICIPANT_ID_PROPERTY_KEY = "participantId"; private final DatasetResolver datasetResolver; - private final ParticipantAgentService participantAgentService; private final DataServiceRegistry dataServiceRegistry; private final String participantId; private final TransactionContext transactionContext; @@ -49,13 +47,11 @@ public class CatalogProtocolServiceImpl implements CatalogProtocolService { private final ProtocolTokenValidator protocolTokenValidator; public CatalogProtocolServiceImpl(DatasetResolver datasetResolver, - ParticipantAgentService participantAgentService, DataServiceRegistry dataServiceRegistry, ProtocolTokenValidator protocolTokenValidator, String participantId, TransactionContext transactionContext) { this.datasetResolver = datasetResolver; - this.participantAgentService = participantAgentService; this.dataServiceRegistry = dataServiceRegistry; this.protocolTokenValidator = protocolTokenValidator; this.participantId = participantId; @@ -66,7 +62,6 @@ public CatalogProtocolServiceImpl(DatasetResolver datasetResolver, @NotNull public ServiceResult getCatalog(CatalogRequestMessage message, TokenRepresentation tokenRepresentation) { return transactionContext.execute(() -> verifyToken(tokenRepresentation) - .map(participantAgentService::createFor) .map(agent -> { try (var datasets = datasetResolver.query(agent, message.getQuerySpec())) { var dataServices = dataServiceRegistry.getDataServices(); @@ -84,7 +79,6 @@ public ServiceResult getCatalog(CatalogRequestMessage message, TokenRep @Override public @NotNull ServiceResult getDataset(String datasetId, TokenRepresentation tokenRepresentation) { return transactionContext.execute(() -> verifyToken(tokenRepresentation) - .map(participantAgentService::createFor) .map(agent -> datasetResolver.getById(agent, datasetId)) .compose(dataset -> { if (dataset == null) { @@ -95,8 +89,8 @@ public ServiceResult getCatalog(CatalogRequestMessage message, TokenRep })); } - private ServiceResult verifyToken(TokenRepresentation tokenRepresentation) { - return protocolTokenValidator.verifyToken(tokenRepresentation, CATALOGING_REQUEST_SCOPE, Policy.Builder.newInstance().build()); + private ServiceResult verifyToken(TokenRepresentation tokenRepresentation) { + return protocolTokenValidator.verify(tokenRepresentation, CATALOGING_REQUEST_SCOPE, Policy.Builder.newInstance().build()); } } diff --git a/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/protocol/ProtocolTokenValidatorImpl.java b/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/protocol/ProtocolTokenValidatorImpl.java index 6f94123e11d..04032e87c36 100644 --- a/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/protocol/ProtocolTokenValidatorImpl.java +++ b/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/protocol/ProtocolTokenValidatorImpl.java @@ -20,7 +20,6 @@ import org.eclipse.edc.policy.model.Policy; import org.eclipse.edc.spi.agent.ParticipantAgent; import org.eclipse.edc.spi.agent.ParticipantAgentService; -import org.eclipse.edc.spi.iam.ClaimToken; import org.eclipse.edc.spi.iam.IdentityService; import org.eclipse.edc.spi.iam.RequestScope; import org.eclipse.edc.spi.iam.TokenRepresentation; @@ -35,7 +34,6 @@ public class ProtocolTokenValidatorImpl implements ProtocolTokenValidator { private final IdentityService identityService; - private final PolicyEngine policyEngine; private final ParticipantAgentService agentService; @@ -49,25 +47,6 @@ public ProtocolTokenValidatorImpl(IdentityService identityService, PolicyEngine this.agentService = agentService; } - /** - * Validate and extract the {@link ClaimToken} from the input {@link TokenRepresentation} by using the {@link IdentityService} - * - * @param tokenRepresentation The input {@link TokenRepresentation} - * @param policyScope The policy scope - * @param policy The {@link Policy} - * @return The {@link ClaimToken} if success, failure otherwise - */ - @Override - public ServiceResult verifyToken(TokenRepresentation tokenRepresentation, String policyScope, Policy policy) { - var result = identityService.verifyJwtToken(tokenRepresentation, createVerificationContext(policyScope, policy)); - - if (result.failed()) { - monitor.debug(() -> "Unauthorized: %s".formatted(result.getFailureDetail())); - return ServiceResult.unauthorized("Unauthorized"); - } - return ServiceResult.success(result.getContent()); - } - @Override public ServiceResult verify(TokenRepresentation tokenRepresentation, String policyScope, Policy policy) { var tokenValidation = identityService.verifyJwtToken(tokenRepresentation, createVerificationContext(policyScope, policy)); diff --git a/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/transferprocess/TransferProcessProtocolServiceImpl.java b/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/transferprocess/TransferProcessProtocolServiceImpl.java index d0f925cd90f..b08a208b28b 100644 --- a/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/transferprocess/TransferProcessProtocolServiceImpl.java +++ b/core/control-plane/control-plane-aggregate-services/src/main/java/org/eclipse/edc/connector/service/transferprocess/TransferProcessProtocolServiceImpl.java @@ -32,7 +32,7 @@ import org.eclipse.edc.connector.transfer.spi.types.protocol.TransferStartMessage; import org.eclipse.edc.connector.transfer.spi.types.protocol.TransferTerminationMessage; import org.eclipse.edc.policy.engine.spi.PolicyScope; -import org.eclipse.edc.spi.iam.ClaimToken; +import org.eclipse.edc.spi.agent.ParticipantAgent; import org.eclipse.edc.spi.iam.TokenRepresentation; import org.eclipse.edc.spi.monitor.Monitor; import org.eclipse.edc.spi.result.ServiceResult; @@ -105,7 +105,7 @@ public ServiceResult notifyRequested(TransferRequestMessage mes public ServiceResult notifyStarted(TransferStartMessage message, TokenRepresentation tokenRepresentation) { return transactionContext.execute(() -> fetchRequestContext(message, this::findTransferProcess) .compose(context -> verifyRequest(tokenRepresentation, context)) - .compose(context -> onMessageDo(message, context.claimToken(), context.agreement(), transferProcess -> startedAction(message, transferProcess))) + .compose(context -> onMessageDo(message, context.participantAgent(), context.agreement(), transferProcess -> startedAction(message, transferProcess))) ); } @@ -115,7 +115,7 @@ public ServiceResult notifyStarted(TransferStartMessage message public ServiceResult notifyCompleted(TransferCompletionMessage message, TokenRepresentation tokenRepresentation) { return transactionContext.execute(() -> fetchRequestContext(message, this::findTransferProcess) .compose(context -> verifyRequest(tokenRepresentation, context)) - .compose(context -> onMessageDo(message, context.claimToken(), context.agreement(), transferProcess -> completedAction(message, transferProcess))) + .compose(context -> onMessageDo(message, context.participantAgent(), context.agreement(), transferProcess -> completedAction(message, transferProcess))) ); } @@ -125,7 +125,7 @@ public ServiceResult notifyCompleted(TransferCompletionMessage public ServiceResult notifyTerminated(TransferTerminationMessage message, TokenRepresentation tokenRepresentation) { return transactionContext.execute(() -> fetchRequestContext(message, this::findTransferProcess) .compose(context -> verifyRequest(tokenRepresentation, context)) - .compose(context -> onMessageDo(message, context.claimToken(), context.agreement(), transferProcess -> terminatedAction(message, transferProcess))) + .compose(context -> onMessageDo(message, context.participantAgent(), context.agreement(), transferProcess -> terminatedAction(message, transferProcess))) ); } @@ -135,7 +135,7 @@ public ServiceResult notifyTerminated(TransferTerminationMessag public ServiceResult findById(String id, TokenRepresentation tokenRepresentation) { return transactionContext.execute(() -> fetchRequestContext(id, this::findTransferProcessById) .compose(context -> verifyRequest(tokenRepresentation, context)) - .compose(context -> validateCounterParty(context.claimToken(), context.agreement(), context.transferProcess()))); + .compose(context -> validateCounterParty(context.participantAgent(), context.agreement(), context.transferProcess()))); } @NotNull @@ -229,7 +229,7 @@ private ServiceResult validateDestination(TransferRequestMess } private ServiceResult validateAgreement(TransferRemoteMessage message, ClaimTokenContext context) { - var validationResult = contractValidationService.validateAgreement(context.claimToken(), context.agreement()); + var validationResult = contractValidationService.validateAgreement(context.participantAgent(), context.agreement()); if (validationResult.failed()) { return ServiceResult.conflict(format("Cannot process %s because %s", message.getClass().getSimpleName(), "agreement not found or not valid")); } @@ -248,7 +248,7 @@ private ServiceResult fetchRequestContext(T i } private ServiceResult verifyRequest(TokenRepresentation tokenRepresentation, TransferRequestMessageContext context) { - var result = protocolTokenValidator.verifyToken(tokenRepresentation, TRANSFER_PROCESS_REQUEST_SCOPE, context.agreement().getPolicy()); + var result = protocolTokenValidator.verify(tokenRepresentation, TRANSFER_PROCESS_REQUEST_SCOPE, context.agreement().getPolicy()); if (result.failed()) { monitor.debug(() -> "Verification Failed: %s".formatted(result.getFailureDetail())); return ServiceResult.notFound("Not found"); @@ -265,9 +265,9 @@ private ServiceResult findContractByTransferProcess(TransferP return ServiceResult.success(agreement); } - private ServiceResult onMessageDo(TransferRemoteMessage message, ClaimToken claimToken, ContractAgreement agreement, Function> action) { + private ServiceResult onMessageDo(TransferRemoteMessage message, ParticipantAgent participantAgent, ContractAgreement agreement, Function> action) { return findAndLease(message) - .compose(transferProcess -> validateCounterParty(claimToken, agreement, transferProcess) + .compose(transferProcess -> validateCounterParty(participantAgent, agreement, transferProcess) .compose(p -> { if (p.shouldIgnoreIncomingMessage(message.getId())) { return ServiceResult.success(p); @@ -278,8 +278,8 @@ private ServiceResult onMessageDo(TransferRemoteMessage message .onFailure(f -> breakLease(transferProcess))); } - private ServiceResult validateCounterParty(ClaimToken claimToken, ContractAgreement agreement, TransferProcess transferProcess) { - var validation = contractValidationService.validateRequest(claimToken, agreement); + private ServiceResult validateCounterParty(ParticipantAgent participantAgent, ContractAgreement agreement, TransferProcess transferProcess) { + var validation = contractValidationService.validateRequest(participantAgent, agreement); if (validation.failed()) { return ServiceResult.badRequest(validation.getFailureMessages()); } @@ -326,7 +326,7 @@ private void update(TransferProcess transferProcess) { private record TransferRequestMessageContext(ContractAgreement agreement, TransferProcess transferProcess) { } - private record ClaimTokenContext(ClaimToken claimToken, ContractAgreement agreement, + private record ClaimTokenContext(ParticipantAgent participantAgent, ContractAgreement agreement, TransferProcess transferProcess) { } } diff --git a/core/control-plane/control-plane-aggregate-services/src/test/java/org/eclipse/edc/connector/service/catalog/CatalogProtocolServiceImplTest.java b/core/control-plane/control-plane-aggregate-services/src/test/java/org/eclipse/edc/connector/service/catalog/CatalogProtocolServiceImplTest.java index 00195049c5b..9a7cfa9433e 100644 --- a/core/control-plane/control-plane-aggregate-services/src/test/java/org/eclipse/edc/connector/service/catalog/CatalogProtocolServiceImplTest.java +++ b/core/control-plane/control-plane-aggregate-services/src/test/java/org/eclipse/edc/connector/service/catalog/CatalogProtocolServiceImplTest.java @@ -23,8 +23,6 @@ import org.eclipse.edc.connector.spi.protocol.ProtocolTokenValidator; import org.eclipse.edc.policy.model.Policy; import org.eclipse.edc.spi.agent.ParticipantAgent; -import org.eclipse.edc.spi.agent.ParticipantAgentService; -import org.eclipse.edc.spi.iam.ClaimToken; import org.eclipse.edc.spi.iam.TokenRepresentation; import org.eclipse.edc.spi.query.QuerySpec; import org.eclipse.edc.spi.result.ServiceFailure; @@ -53,28 +51,24 @@ class CatalogProtocolServiceImplTest { private final DatasetResolver datasetResolver = mock(); - private final ParticipantAgentService participantAgentService = mock(); private final DataServiceRegistry dataServiceRegistry = mock(); private final ProtocolTokenValidator protocolTokenValidator = mock(); private final TransactionContext transactionContext = spy(new NoopTransactionContext()); private final CatalogProtocolServiceImpl service = new CatalogProtocolServiceImpl(datasetResolver, - participantAgentService, dataServiceRegistry, protocolTokenValidator, "participantId", - transactionContext); + dataServiceRegistry, protocolTokenValidator, "participantId", transactionContext); @Test void getCatalog_shouldReturnCatalogWithConnectorDataServiceAndItsDataset() { var querySpec = QuerySpec.none(); var message = CatalogRequestMessage.Builder.newInstance().protocol("protocol").querySpec(querySpec).build(); - var token = create(); var tokenRepresentation = createTokenRepresentation(); var participantAgent = createParticipantAgent(); var dataService = DataService.Builder.newInstance().build(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(token)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(dataServiceRegistry.getDataServices()).thenReturn(List.of(dataService)); when(datasetResolver.query(any(), any())).thenReturn(Stream.of(createDataset())); - when(participantAgentService.createFor(any())).thenReturn(participantAgent); var result = service.getCatalog(message, tokenRepresentation); @@ -83,7 +77,6 @@ void getCatalog_shouldReturnCatalogWithConnectorDataServiceAndItsDataset() { assertThat(catalog.getDatasets()).hasSize(1); }); verify(datasetResolver).query(eq(participantAgent), eq(querySpec)); - verify(participantAgentService).createFor(token); verify(transactionContext).execute(any(TransactionContext.ResultTransactionBlock.class)); } @@ -93,7 +86,7 @@ void getCatalog_shouldFail_whenTokenValidationFails() { var message = CatalogRequestMessage.Builder.newInstance().protocol("protocol").querySpec(querySpec).build(); var tokenRepresentation = createTokenRepresentation(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.unauthorized("unauthorized")); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.unauthorized("unauthorized")); var result = service.getCatalog(message, tokenRepresentation); @@ -102,32 +95,26 @@ void getCatalog_shouldFail_whenTokenValidationFails() { @Test void getDataset_shouldReturnDataset() { - var claimToken = create(); var tokenRepresentation = createTokenRepresentation(); - var participantAgent = createParticipantAgent(); var dataset = createDataset(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); - when(participantAgentService.createFor(any())).thenReturn(participantAgent); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(datasetResolver.getById(any(), any())).thenReturn(dataset); var result = service.getDataset("datasetId", tokenRepresentation); assertThat(result).isSucceeded().isEqualTo(dataset); - verify(participantAgentService).createFor(claimToken); verify(datasetResolver).getById(participantAgent, "datasetId"); verify(transactionContext).execute(any(TransactionContext.ResultTransactionBlock.class)); } @Test void getDataset_shouldFail_whenDatasetIsNull() { - var claimToken = create(); - var tokenRepresentation = createTokenRepresentation(); var participantAgent = createParticipantAgent(); + var tokenRepresentation = createTokenRepresentation(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); - when(participantAgentService.createFor(any())).thenReturn(participantAgent); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(datasetResolver.getById(any(), any())).thenReturn(null); var result = service.getDataset("datasetId", tokenRepresentation); @@ -137,10 +124,9 @@ void getDataset_shouldFail_whenDatasetIsNull() { @Test void getDataset_shouldFail_whenTokenValidationFails() { - var querySpec = QuerySpec.none(); var tokenRepresentation = createTokenRepresentation(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.unauthorized("unauthorized")); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(CATALOGING_REQUEST_SCOPE), any())).thenReturn(ServiceResult.unauthorized("unauthorized")); var result = service.getDataset("datasetId", tokenRepresentation); @@ -160,10 +146,6 @@ private Dataset createDataset() { .build(); } - private ClaimToken create() { - return ClaimToken.Builder.newInstance().build(); - } - private TokenRepresentation createTokenRepresentation() { return TokenRepresentation.Builder.newInstance().build(); } diff --git a/core/control-plane/control-plane-aggregate-services/src/test/java/org/eclipse/edc/connector/service/transferprocess/TransferProcessProtocolServiceImplTest.java b/core/control-plane/control-plane-aggregate-services/src/test/java/org/eclipse/edc/connector/service/transferprocess/TransferProcessProtocolServiceImplTest.java index 52b96e19eb1..540d803cfe6 100644 --- a/core/control-plane/control-plane-aggregate-services/src/test/java/org/eclipse/edc/connector/service/transferprocess/TransferProcessProtocolServiceImplTest.java +++ b/core/control-plane/control-plane-aggregate-services/src/test/java/org/eclipse/edc/connector/service/transferprocess/TransferProcessProtocolServiceImplTest.java @@ -32,7 +32,7 @@ import org.eclipse.edc.connector.transfer.spi.types.protocol.TransferStartMessage; import org.eclipse.edc.connector.transfer.spi.types.protocol.TransferTerminationMessage; import org.eclipse.edc.policy.model.Policy; -import org.eclipse.edc.spi.iam.ClaimToken; +import org.eclipse.edc.spi.agent.ParticipantAgent; import org.eclipse.edc.spi.iam.TokenRepresentation; import org.eclipse.edc.spi.result.Result; import org.eclipse.edc.spi.result.ServiceFailure; @@ -59,6 +59,7 @@ import java.util.UUID; import java.util.stream.Stream; +import static java.util.Collections.emptyMap; import static org.assertj.core.api.Assertions.assertThat; import static org.eclipse.edc.connector.service.transferprocess.TransferProcessProtocolServiceImpl.TRANSFER_PROCESS_REQUEST_SCOPE; import static org.eclipse.edc.connector.transfer.dataplane.spi.TransferDataPlaneConstants.HTTP_PROXY; @@ -113,7 +114,7 @@ void setUp() { @Test void notifyRequested_validAgreement_shouldInitiateTransfer() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var message = TransferRequestMessage.Builder.newInstance() .consumerPid("consumerPid") @@ -124,9 +125,9 @@ void notifyRequested_validAgreement_shouldInitiateTransfer() { .dataDestination(DataAddress.Builder.newInstance().type("any").build()) .build(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(validationService.validateAgreement(any(ClaimToken.class), any())).thenReturn(Result.success(null)); + when(validationService.validateAgreement(any(ParticipantAgent.class), any())).thenReturn(Result.success(null)); when(dataAddressValidator.validateDestination(any())).thenReturn(ValidationResult.success()); var result = service.notifyRequested(message, tokenRepresentation); @@ -152,12 +153,12 @@ void notifyRequested_doNothingIfProcessAlreadyExist() { .callbackAddress("http://any") .dataDestination(DataAddress.Builder.newInstance().type("any").build()) .build(); - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(validationService.validateAgreement(any(ClaimToken.class), any())).thenReturn(Result.success(null)); + when(validationService.validateAgreement(any(ParticipantAgent.class), any())).thenReturn(Result.success(null)); when(dataAddressValidator.validateDestination(any())).thenReturn(ValidationResult.success()); when(store.findForCorrelationId(any())).thenReturn(transferProcess(REQUESTED, "transferProcessId")); @@ -177,12 +178,12 @@ void notifyRequested_invalidAgreement_shouldNotInitiateTransfer() { .contractId("agreementId") .dataDestination(DataAddress.Builder.newInstance().type("any").build()) .build(); - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(validationService.validateAgreement(any(ClaimToken.class), any())).thenReturn(Result.failure("error")); + when(validationService.validateAgreement(any(ParticipantAgent.class), any())).thenReturn(Result.failure("error")); when(dataAddressValidator.validateDestination(any())).thenReturn(ValidationResult.success()); var result = service.notifyRequested(message, tokenRepresentation); @@ -194,7 +195,7 @@ void notifyRequested_invalidAgreement_shouldNotInitiateTransfer() { @Test void notifyRequested_invalidDestination_shouldNotInitiateTransfer() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var message = TransferRequestMessage.Builder.newInstance() .consumerPid("consumerPid") @@ -205,7 +206,7 @@ void notifyRequested_invalidDestination_shouldNotInitiateTransfer() { .build(); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(dataAddressValidator.validateDestination(any())).thenReturn(ValidationResult.failure(violation("invalid data address", "path"))); var result = service.notifyRequested(message, tokenRepresentation); @@ -217,7 +218,7 @@ void notifyRequested_invalidDestination_shouldNotInitiateTransfer() { @Test void notifyRequested_missingDestination_shouldInitiateTransfer() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var message = TransferRequestMessage.Builder.newInstance() .consumerPid("consumerPid") @@ -227,9 +228,9 @@ void notifyRequested_missingDestination_shouldInitiateTransfer() { .callbackAddress("http://any") .build(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(validationService.validateAgreement(any(ClaimToken.class), any())).thenReturn(Result.success(null)); + when(validationService.validateAgreement(any(ParticipantAgent.class), any())).thenReturn(Result.success(null)); var result = service.notifyRequested(message, tokenRepresentation); @@ -247,7 +248,7 @@ void notifyRequested_missingDestination_shouldInitiateTransfer() { @Test void notifyStarted_shouldTransitionToStarted() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var message = TransferStartMessage.Builder.newInstance() .protocol("protocol") @@ -260,11 +261,11 @@ void notifyStarted_shouldTransitionToStarted() { var agreement = contractAgreement(); var transferProcess = transferProcess(STARTED, "transferProcessId"); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById("correlationId")).thenReturn(transferProcess); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.success()); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.success()); var result = service.notifyStarted(message, tokenRepresentation); @@ -281,7 +282,7 @@ void notifyStarted_shouldTransitionToStarted() { @Test void notifyStarted_shouldReturnConflict_whenTransferCannotBeStarted() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var transferProcess = transferProcess(DEPROVISIONING, UUID.randomUUID().toString()); var message = TransferStartMessage.Builder.newInstance() @@ -293,11 +294,11 @@ void notifyStarted_shouldReturnConflict_whenTransferCannotBeStarted() { .build(); var agreement = contractAgreement(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById("correlationId")).thenReturn(transferProcess); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.success()); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.success()); var result = service.notifyStarted(message, tokenRepresentation); @@ -309,7 +310,7 @@ void notifyStarted_shouldReturnConflict_whenTransferCannotBeStarted() { @Test void notifyStarted_shouldReturnBadRequest_whenCounterPartyUnauthorized() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var message = TransferStartMessage.Builder.newInstance() .protocol("protocol") @@ -322,11 +323,11 @@ void notifyStarted_shouldReturnBadRequest_whenCounterPartyUnauthorized() { var agreement = contractAgreement(); var transferProcess = transferProcess(REQUESTED, "transferProcessId"); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById("correlationId")).thenReturn(transferProcess); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.failure("error")); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.failure("error")); var result = service.notifyStarted(message, tokenRepresentation); @@ -341,7 +342,7 @@ void notifyStarted_shouldReturnBadRequest_whenCounterPartyUnauthorized() { @Test void notifyCompleted_shouldTransitionToCompleted() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var message = TransferCompletionMessage.Builder.newInstance() .protocol("protocol") @@ -354,10 +355,10 @@ void notifyCompleted_shouldTransitionToCompleted() { var transferProcess = transferProcess(STARTED, "transferProcessId"); when(store.findById("correlationId")).thenReturn(transferProcess); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.success()); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.success()); var result = service.notifyCompleted(message, tokenRepresentation); @@ -370,7 +371,7 @@ void notifyCompleted_shouldTransitionToCompleted() { @Test void notifyCompleted_shouldReturnConflict_whenStatusIsNotValid() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var transferProcess = transferProcess(REQUESTED, UUID.randomUUID().toString()); var message = TransferCompletionMessage.Builder.newInstance() @@ -382,11 +383,11 @@ void notifyCompleted_shouldReturnConflict_whenStatusIsNotValid() { .build(); var agreement = contractAgreement(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById("correlationId")).thenReturn(transferProcess); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.success()); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.success()); var result = service.notifyCompleted(message, tokenRepresentation); @@ -398,7 +399,7 @@ void notifyCompleted_shouldReturnConflict_whenStatusIsNotValid() { @Test void notifyCompleted_shouldReturnBadRequest_whenCounterPartyUnauthorized() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var message = TransferCompletionMessage.Builder.newInstance() .protocol("protocol") @@ -411,11 +412,11 @@ void notifyCompleted_shouldReturnBadRequest_whenCounterPartyUnauthorized() { var agreement = contractAgreement(); var transferProcess = transferProcess(STARTED, "transferProcessId"); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById("correlationId")).thenReturn(transferProcess); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.failure("error")); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.failure("error")); var result = service.notifyCompleted(message, tokenRepresentation); @@ -430,7 +431,7 @@ void notifyCompleted_shouldReturnBadRequest_whenCounterPartyUnauthorized() { @Test void notifyTerminated_shouldTransitionToTerminated() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var message = TransferTerminationMessage.Builder.newInstance() .protocol("protocol") @@ -444,11 +445,11 @@ void notifyTerminated_shouldTransitionToTerminated() { var agreement = contractAgreement(); var transferProcess = transferProcess(STARTED, "transferProcessId"); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById("correlationId")).thenReturn(transferProcess); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.success()); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.success()); var result = service.notifyTerminated(message, tokenRepresentation); assertThat(result).isSucceeded(); @@ -460,7 +461,7 @@ void notifyTerminated_shouldTransitionToTerminated() { @Test void notifyTerminated_shouldReturnConflict_whenTransferProcessCannotBeTerminated() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var transferProcess = transferProcess(DEPROVISIONING, UUID.randomUUID().toString()); var agreement = contractAgreement(); @@ -474,11 +475,11 @@ void notifyTerminated_shouldReturnConflict_whenTransferProcessCannotBeTerminated .reason("TestReason") .build(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById("correlationId")).thenReturn(transferProcess); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.success()); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.success()); var result = service.notifyTerminated(message, tokenRepresentation); @@ -490,7 +491,7 @@ void notifyTerminated_shouldReturnConflict_whenTransferProcessCannotBeTerminated @Test void notifyTerminated_shouldReturnBadRequest_whenCounterPartyUnauthorized() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var agreement = contractAgreement(); var transferProcess = transferProcess(TERMINATED, UUID.randomUUID().toString()); @@ -504,11 +505,11 @@ void notifyTerminated_shouldReturnBadRequest_whenCounterPartyUnauthorized() { .reason("TestReason") .build(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById("correlationId")).thenReturn(transferProcess); when(store.findByIdAndLease("correlationId")).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.failure("error")); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.failure("error")); var result = service.notifyTerminated(message, tokenRepresentation); @@ -523,16 +524,16 @@ void notifyTerminated_shouldReturnBadRequest_whenCounterPartyUnauthorized() { @Test void findById_shouldReturnTransferProcess_whenValidCounterParty() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var processId = "transferProcessId"; var transferProcess = transferProcess(INITIAL, processId); var agreement = contractAgreement(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById(processId)).thenReturn(transferProcess); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.success()); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.success()); var result = service.findById(processId, tokenRepresentation); @@ -543,10 +544,10 @@ void findById_shouldReturnTransferProcess_whenValidCounterParty() { @Test void findById_shouldReturnNotFound_whenNegotiationNotFound() { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById(any())).thenReturn(null); var result = service.findById("invalidId", tokenRepresentation); @@ -561,14 +562,14 @@ void findById_shouldReturnNotFound_whenNegotiationNotFound() { void findById_shouldReturnBadRequest_whenCounterPartyUnauthorized() { var processId = "transferProcessId"; var transferProcess = transferProcess(INITIAL, processId); - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); var agreement = contractAgreement(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findById(processId)).thenReturn(transferProcess); when(negotiationStore.findContractAgreement(any())).thenReturn(agreement); - when(validationService.validateRequest(claimToken, agreement)).thenReturn(Result.failure("error")); + when(validationService.validateRequest(participantAgent, agreement)).thenReturn(Result.failure("error")); var result = service.findById(processId, tokenRepresentation); @@ -581,10 +582,10 @@ void findById_shouldReturnBadRequest_whenCounterPartyUnauthorized() { @ParameterizedTest @ArgumentsSource(NotifyArguments.class) void notify_shouldFail_whenTransferProcessNotFound(MethodCall methodCall, M message) { - var claimToken = claimToken(); + var participantAgent = participantAgent(); var tokenRepresentation = tokenRepresentation(); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken)); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent)); when(store.findByIdAndLease(any())).thenReturn(StoreResult.notFound("not found")); when(store.findByCorrelationIdAndLease(any())).thenReturn(StoreResult.notFound("not found")); @@ -603,7 +604,7 @@ void notify_shouldFail_whenTokenValidationFails(Method when(store.findById(any())).thenReturn(transferProcessBuilder().build()); when(store.findByIdAndLease(any())).thenReturn(StoreResult.success(transferProcessBuilder().build())); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(protocolTokenValidator.verifyToken(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.unauthorized("unauthorized")); + when(protocolTokenValidator.verify(eq(tokenRepresentation), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.unauthorized("unauthorized")); var result = methodCall.call(service, message, tokenRepresentation); @@ -624,10 +625,8 @@ private TransferProcess.Builder transferProcessBuilder() { .dataRequest(dataRequest()); } - private ClaimToken claimToken() { - return ClaimToken.Builder.newInstance() - .claim("key", "value") - .build(); + private ParticipantAgent participantAgent() { + return new ParticipantAgent(emptyMap(), emptyMap()); } private TokenRepresentation tokenRepresentation() { @@ -695,12 +694,12 @@ void notify_shouldStoreReceivedMessageId(Method TransferProcess.Type type, TransferProcessStates currentState) { var transferProcess = transferProcessBuilder().state(currentState.code()).type(type).build(); - when(protocolTokenValidator.verifyToken(any(), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken())); + when(protocolTokenValidator.verify(any(), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent())); when(store.findById(any())).thenReturn(transferProcess); when(store.findByIdAndLease(any())).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(validationService.validateAgreement(any(ClaimToken.class), any())).thenAnswer(i -> Result.success(i.getArgument(1))); - when(validationService.validateRequest(any(ClaimToken.class), isA(ContractAgreement.class))).thenReturn(Result.success()); + when(validationService.validateAgreement(any(ParticipantAgent.class), any())).thenAnswer(i -> Result.success(i.getArgument(1))); + when(validationService.validateRequest(any(ParticipantAgent.class), isA(ContractAgreement.class))).thenReturn(Result.success()); var result = methodCall.call(service, message, tokenRepresentation()); @@ -718,12 +717,12 @@ void notify_shouldIgnoreMessage_whenAlreadyRece TransferProcessStates currentState) { var transferProcess = transferProcessBuilder().state(currentState.code()).type(type).build(); transferProcess.protocolMessageReceived(message.getId()); - when(protocolTokenValidator.verifyToken(any(), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken())); + when(protocolTokenValidator.verify(any(), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent())); when(store.findById(any())).thenReturn(transferProcess); when(store.findByIdAndLease(any())).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(validationService.validateAgreement(any(ClaimToken.class), any())).thenAnswer(i -> Result.success(i.getArgument(1))); - when(validationService.validateRequest(any(ClaimToken.class), isA(ContractAgreement.class))).thenReturn(Result.success()); + when(validationService.validateAgreement(any(ParticipantAgent.class), any())).thenAnswer(i -> Result.success(i.getArgument(1))); + when(validationService.validateRequest(any(ParticipantAgent.class), isA(ContractAgreement.class))).thenReturn(Result.success()); var result = methodCall.call(service, message, tokenRepresentation()); @@ -737,12 +736,12 @@ void notify_shouldIgnoreMessage_whenAlreadyRece void notify_shouldIgnoreMessage_whenFinalState(MethodCall methodCall, M message, TransferProcess.Type type) { var transferProcess = transferProcessBuilder().state(COMPLETED.code()).type(type).build(); - when(protocolTokenValidator.verifyToken(any(), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(claimToken())); + when(protocolTokenValidator.verify(any(), eq(TRANSFER_PROCESS_REQUEST_SCOPE), any())).thenReturn(ServiceResult.success(participantAgent())); when(store.findById(any())).thenReturn(transferProcess); when(store.findByIdAndLease(any())).thenReturn(StoreResult.success(transferProcess)); when(negotiationStore.findContractAgreement(any())).thenReturn(contractAgreement()); - when(validationService.validateAgreement(any(ClaimToken.class), any())).thenAnswer(i -> Result.success(i.getArgument(1))); - when(validationService.validateRequest(any(ClaimToken.class), isA(ContractAgreement.class))).thenReturn(Result.success()); + when(validationService.validateAgreement(any(ParticipantAgent.class), any())).thenAnswer(i -> Result.success(i.getArgument(1))); + when(validationService.validateRequest(any(ParticipantAgent.class), isA(ContractAgreement.class))).thenReturn(Result.success()); var result = methodCall.call(service, message, tokenRepresentation()); diff --git a/extensions/control-plane/provision/provision-http/src/test/java/org/eclipse/edc/connector/provision/http/impl/HttpProvisionerExtensionEndToEndTest.java b/extensions/control-plane/provision/provision-http/src/test/java/org/eclipse/edc/connector/provision/http/impl/HttpProvisionerExtensionEndToEndTest.java index 1392fbecd7f..d82533711ba 100644 --- a/extensions/control-plane/provision/provision-http/src/test/java/org/eclipse/edc/connector/provision/http/impl/HttpProvisionerExtensionEndToEndTest.java +++ b/extensions/control-plane/provision/provision-http/src/test/java/org/eclipse/edc/connector/provision/http/impl/HttpProvisionerExtensionEndToEndTest.java @@ -30,6 +30,7 @@ import org.eclipse.edc.policy.model.Policy; import org.eclipse.edc.runtime.metamodel.annotation.Inject; import org.eclipse.edc.runtime.metamodel.annotation.Provides; +import org.eclipse.edc.spi.agent.ParticipantAgent; import org.eclipse.edc.spi.asset.AssetIndex; import org.eclipse.edc.spi.entity.StatefulEntity; import org.eclipse.edc.spi.http.EdcHttpClient; @@ -118,7 +119,7 @@ void processProviderRequestRetry(TransferProcessProtocolService protocolService, ContractNegotiationStore negotiationStore, AssetIndex assetIndex, TransferProcessStore store, PolicyDefinitionStore policyStore) throws Exception { - when(contractValidationService.validateAgreement(any(ClaimToken.class), any())).thenReturn(Result.success(null)); + when(contractValidationService.validateAgreement(any(ParticipantAgent.class), any())).thenReturn(Result.success(null)); negotiationStore.save(createContractNegotiation()); policyStore.create(createPolicyDefinition()); assetIndex.create(createAssetEntry()); diff --git a/spi/control-plane/contract-spi/src/main/java/org/eclipse/edc/connector/contract/spi/validation/ContractValidationService.java b/spi/control-plane/contract-spi/src/main/java/org/eclipse/edc/connector/contract/spi/validation/ContractValidationService.java index 3c0493a669d..fff39fc32c7 100644 --- a/spi/control-plane/contract-spi/src/main/java/org/eclipse/edc/connector/contract/spi/validation/ContractValidationService.java +++ b/spi/control-plane/contract-spi/src/main/java/org/eclipse/edc/connector/contract/spi/validation/ContractValidationService.java @@ -19,7 +19,6 @@ import org.eclipse.edc.policy.engine.spi.PolicyScope; import org.eclipse.edc.runtime.metamodel.annotation.ExtensionPoint; import org.eclipse.edc.spi.agent.ParticipantAgent; -import org.eclipse.edc.spi.iam.ClaimToken; import org.eclipse.edc.spi.result.Result; import org.eclipse.edc.spi.types.domain.agreement.ContractAgreement; import org.eclipse.edc.spi.types.domain.offer.ContractOffer; @@ -89,66 +88,4 @@ public interface ContractValidationService { @NotNull Result validateConfirmed(ParticipantAgent agent, ContractAgreement agreement, ContractOffer latestOffer); - /** - * Validates the contract offer for the consumer represented by the given claims. - * - * @param token The {@link ClaimToken} of the consumer - * @param consumerOffer The initial {@link ValidatableConsumerOffer} id to validate - * @return The referenced {@link ValidatedConsumerOffer}. - * @deprecated please use the same method that accepts {@link ParticipantAgent} - */ - @NotNull - @Deprecated(since = "0.5.1") - Result validateInitialOffer(ClaimToken token, ValidatableConsumerOffer consumerOffer); - - /** - * Validates the contract agreement that the consumer referenced in its transfer request. - * The {@code ClaimToken} must represent the counter-party that is referenced in the contract agreement. - * - * @param token The {@link ClaimToken} of the consumer - * @param agreement The {@link ContractAgreement} between consumer and provider to validate - * @return The result of the validation - * @deprecated please use the same method that accepts {@link ParticipantAgent} - */ - @NotNull - @Deprecated(since = "0.5.1") - Result validateAgreement(ClaimToken token, ContractAgreement agreement); - - /** - * Validates the request for a contract agreement. Verifies that the requesting party is involved - * in the contract agreement, but does not perform policy evaluation. - * - * @param token The {@link ClaimToken} of the counter-party - * @param agreement The agreement - * @return The result of the validation - * @deprecated please use the same method that accepts {@link ParticipantAgent} - */ - @NotNull - @Deprecated(since = "0.5.1") - Result validateRequest(ClaimToken token, ContractAgreement agreement); - - /** - * Validates the request for a contract negotiation. - * - * @param token The {@link ClaimToken} of the consumer - * @param negotiation The negotiation - * @return The result of the validation - * @deprecated please use the same method that accepts {@link ParticipantAgent} - */ - @NotNull - @Deprecated(since = "0.5.1") - Result validateRequest(ClaimToken token, ContractNegotiation negotiation); - - /** - * When the negotiation has been confirmed by the provider, the consumer must validate it ensuring that it is the same that was sent in the last offer. - * - * @param token The {@link ClaimToken} the provider token - * @param agreement The {@link ContractAgreement} between consumer and provider - * @param latestOffer The last {@link ContractOffer} - * @deprecated please use the same method that accepts {@link ParticipantAgent} - */ - @NotNull - @Deprecated(since = "0.5.1") - Result validateConfirmed(ClaimToken token, ContractAgreement agreement, ContractOffer latestOffer); - } diff --git a/spi/control-plane/control-plane-spi/src/main/java/org/eclipse/edc/connector/spi/protocol/ProtocolTokenValidator.java b/spi/control-plane/control-plane-spi/src/main/java/org/eclipse/edc/connector/spi/protocol/ProtocolTokenValidator.java index 95f26210df2..91cef0f9012 100644 --- a/spi/control-plane/control-plane-spi/src/main/java/org/eclipse/edc/connector/spi/protocol/ProtocolTokenValidator.java +++ b/spi/control-plane/control-plane-spi/src/main/java/org/eclipse/edc/connector/spi/protocol/ProtocolTokenValidator.java @@ -17,7 +17,6 @@ import org.eclipse.edc.policy.model.Policy; import org.eclipse.edc.runtime.metamodel.annotation.ExtensionPoint; import org.eclipse.edc.spi.agent.ParticipantAgent; -import org.eclipse.edc.spi.iam.ClaimToken; import org.eclipse.edc.spi.iam.TokenRepresentation; import org.eclipse.edc.spi.result.ServiceResult; @@ -27,18 +26,6 @@ */ @ExtensionPoint public interface ProtocolTokenValidator { - - /** - * Verify the {@link TokenRepresentation} in the context of a policy - * - * @param tokenRepresentation The token - * @param policyScope The policy scope - * @param policy The policy - * @return Returns the extracted {@link ClaimToken} if successful, failure otherwise - * @deprecated please use {@link #verify(TokenRepresentation, String, Policy)} - */ - @Deprecated(since = "0.5.1") - ServiceResult verifyToken(TokenRepresentation tokenRepresentation, String policyScope, Policy policy); /** * Verify the {@link TokenRepresentation} in the context of a policy