From 330152bd963fb246ff8141f353f2373343e12023 Mon Sep 17 00:00:00 2001
From: kulgg <75735874+kulgg@users.noreply.github.com>
Date: Wed, 17 Jan 2024 17:41:01 +0100
Subject: [PATCH] chore: prepare release (#722)
---
.env | 6 +-
CHANGELOG.md | 33 +++++-
extensions/jwks/README.md | 41 -------
extensions/jwks/build.gradle.kts | 68 -----------
.../edc/extension/jwks/JwksExtension.java | 57 ---------
.../jwks/controller/JwksController.java | 68 -----------
.../jwks/controller/JwksJsonTransformer.java | 31 -----
.../extension/jwks/jwk/VaultJwkFactory.java | 52 ---------
.../controller/EdcJwksControllerTest.java | 95 ---------------
.../jwks/controller/JwksControllerTest.java | 109 ------------------
.../jwks/jwk/VaultJwkFactoryTest.java | 99 ----------------
.../jwks/util/TestCertFromFileUtil.java | 35 ------
...rg.eclipse.edc.spi.system.ServiceExtension | 1 -
extensions/jwks/src/test/resources/cert.pem | 48 --------
gradle.properties | 1 -
launchers/common/auth-daps/build.gradle.kts | 2 -
settings.gradle.kts | 1 -
17 files changed, 31 insertions(+), 716 deletions(-)
delete mode 100644 extensions/jwks/README.md
delete mode 100644 extensions/jwks/build.gradle.kts
delete mode 100644 extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/JwksExtension.java
delete mode 100644 extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/controller/JwksController.java
delete mode 100644 extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/controller/JwksJsonTransformer.java
delete mode 100644 extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/jwk/VaultJwkFactory.java
delete mode 100644 extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/controller/EdcJwksControllerTest.java
delete mode 100644 extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/controller/JwksControllerTest.java
delete mode 100644 extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/jwk/VaultJwkFactoryTest.java
delete mode 100644 extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/util/TestCertFromFileUtil.java
delete mode 100644 extensions/jwks/src/test/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension
delete mode 100644 extensions/jwks/src/test/resources/cert.pem
diff --git a/.env b/.env
index 0e491bd63..78e52a79e 100644
--- a/.env
+++ b/.env
@@ -1,6 +1,6 @@
# Env variables for docker-compose.yaml
-EDC_IMAGE=ghcr.io/sovity/edc-dev:7.0.0
-TEST_BACKEND_IMAGE=ghcr.io/sovity/test-backend:7.0.0
-EDC_UI_IMAGE=ghcr.io/sovity/edc-ui:2.2.0
+EDC_IMAGE=ghcr.io/sovity/edc-dev:7.1.0
+TEST_BACKEND_IMAGE=ghcr.io/sovity/test-backend:7.1.0
+EDC_UI_IMAGE=ghcr.io/sovity/edc-ui:2.3.0
EDC_UI_ACTIVE_PROFILE=sovity-open-source
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5bd884b60..4468d3fae 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,17 +15,40 @@ please see [changelog_updates.md](docs/dev/changelog_updates.md).
#### Minor Changes
-- UI API: New endpoint `editAssetMetadata`
-- Added `JWKS-Extension`, which provides an endpoint in the default API, that returns the JWKS of the connector.
-- Added shortDescriptionText to `UiAsset`
-- Added isOwnConnector to `UiAsset`
-
#### Patch Changes
### Deployment Migration Notes
#### Compatible Versions
+## [7.1.0] - 2024-01-17
+
+### Overview
+
+MDS feature release: Asset markdown descriptions and editable metadata
+
+### EDC UI
+
+https://github.com/sovity/edc-ui/releases/tag/v2.3.0
+
+### EDC Extensions
+
+#### Minor Changes
+
+- Asset metadata is now editable
+- Asset descriptions now support Markdown
+- Negotiate button is no longer shown for own connector endpoints
+
+### Deployment Migration Notes
+
+#### Compatible Versions
+
+- Connector Backend Docker Images:
+ - Dev EDC: `ghcr.io/sovity/edc-dev:7.1.0`
+ - sovity EDC CE: `ghcr.io/sovity/edc-ce:7.1.0`
+ - MDS EDC CE: `ghcr.io/sovity/edc-ce-mds:7.1.0`
+- Connector UI Docker Image: `ghcr.io/sovity/edc-ui:2.3.0`
+
## [7.0.0] - 2023-12-06
### Overview
diff --git a/extensions/jwks/README.md b/extensions/jwks/README.md
deleted file mode 100644
index 9f687c668..000000000
--- a/extensions/jwks/README.md
+++ /dev/null
@@ -1,41 +0,0 @@
-
-
-
-
-## About this Extension
-
-The JWKS-Extension provides an endpoint in the default API of the EDC-Connector, that returns the
-[JWKS]{https://datatracker.ietf.org/doc/html/rfc7517#section-5} of the connector. It can be accessed
-using the `:{WEB_HTTP_PROTOCOL_PORT}/{WEB_HTTP_PROTOCOL_PATH}/jwks` (default: `:11003/api/dsp/jwks`) endpoint.
-
-## Why does this extension exist?
-
-The JWKS-endpoint can be used to validate tokens issued by the EDC-Connector. This is part of our
-goal of simplifying the on-boarding process of connectors to a DAPS.
-
-## Configuration
-
-### X509 Secret Alias
-
-The alias of the pem-encoded X509-certificate stored in the `Vault` is determined by
-the `edc.oauth.certificate.alias` property.
-
-## License
-
-Apache License 2.0 - see [LICENSE](../../LICENSE)
-
-## Contact
-
-sovity GmbH - contact@sovity.de
diff --git a/extensions/jwks/build.gradle.kts b/extensions/jwks/build.gradle.kts
deleted file mode 100644
index f401f24dd..000000000
--- a/extensions/jwks/build.gradle.kts
+++ /dev/null
@@ -1,68 +0,0 @@
-val edcVersion: String by project
-val edcGroup: String by project
-val restAssured: String by project
-val mockitoVersion: String by project
-val lombokVersion: String by project
-val jettyVersion: String by project
-val jettyGroup: String by project
-val nimbusJoseJwtVersion: String by project
-
-plugins {
- `java-library`
- `maven-publish`
-}
-
-dependencies {
- implementation("com.nimbusds:nimbus-jose-jwt:${nimbusJoseJwtVersion}")
- implementation("${edcGroup}:dsp-api-configuration:${edcVersion}")
-
- annotationProcessor("org.projectlombok:lombok:${lombokVersion}")
- compileOnly("org.projectlombok:lombok:${lombokVersion}")
-
- api("${edcGroup}:core-spi:${edcVersion}")
- api("${edcGroup}:control-plane-spi:${edcVersion}")
- implementation("${edcGroup}:api-core:${edcVersion}")
-
- implementation("jakarta.ws.rs:jakarta.ws.rs-api:3.1.0")
- implementation("jakarta.validation:jakarta.validation-api:3.0.2")
-
- testAnnotationProcessor("org.projectlombok:lombok:${lombokVersion}")
- testCompileOnly("org.projectlombok:lombok:${lombokVersion}")
-
- testImplementation("${edcGroup}:control-plane-core:${edcVersion}")
- testImplementation("${edcGroup}:junit:${edcVersion}")
- testImplementation("${edcGroup}:http:${edcVersion}") {
- exclude(group = "org.eclipse.jetty", module = "jetty-client")
- exclude(group = "org.eclipse.jetty", module = "jetty-http")
- exclude(group = "org.eclipse.jetty", module = "jetty-io")
- exclude(group = "org.eclipse.jetty", module = "jetty-server")
- exclude(group = "org.eclipse.jetty", module = "jetty-util")
- exclude(group = "org.eclipse.jetty", module = "jetty-webapp")
- }
-
- // Updated jetty versions for e.g. CVE-2023-26048
- testImplementation("${jettyGroup}:jetty-client:${jettyVersion}")
- testImplementation("${jettyGroup}:jetty-http:${jettyVersion}")
- testImplementation("${jettyGroup}:jetty-io:${jettyVersion}")
- testImplementation("${jettyGroup}:jetty-server:${jettyVersion}")
- testImplementation("${jettyGroup}:jetty-util:${jettyVersion}")
- testImplementation("${jettyGroup}:jetty-webapp:${jettyVersion}")
-
- testImplementation("io.rest-assured:rest-assured:${restAssured}")
- testImplementation("${edcGroup}:data-plane-selector-core:${edcVersion}")
- testImplementation("org.mockito:mockito-core:${mockitoVersion}")
- testImplementation("org.mockito:mockito-junit-jupiter:${mockitoVersion}")
- testImplementation("org.junit.jupiter:junit-jupiter-api:5.10.0")
- testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.10.0")
-}
-
-val sovityEdcExtensionGroup: String by project
-group = sovityEdcExtensionGroup
-
-publishing {
- publications {
- create(project.name) {
- from(components["java"])
- }
- }
-}
diff --git a/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/JwksExtension.java b/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/JwksExtension.java
deleted file mode 100644
index 9bd347b0c..000000000
--- a/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/JwksExtension.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (c) 2023 sovity GmbH
- *
- * This program and the accompanying materials are made available under the
- * terms of the Apache License, Version 2.0 which is available at
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * SPDX-License-Identifier: Apache-2.0
- *
- * Contributors:
- * sovity GmbH - initial API and implementation
- *
- */
-
-package de.sovity.edc.extension.jwks;
-
-import de.sovity.edc.extension.jwks.controller.JwksController;
-import de.sovity.edc.extension.jwks.controller.JwksJsonTransformer;
-import de.sovity.edc.extension.jwks.jwk.VaultJwkFactory;
-import org.eclipse.edc.protocol.dsp.api.configuration.DspApiConfigurationExtension;
-import org.eclipse.edc.runtime.metamodel.annotation.Inject;
-import org.eclipse.edc.spi.security.Vault;
-import org.eclipse.edc.spi.system.ServiceExtension;
-import org.eclipse.edc.spi.system.ServiceExtensionContext;
-import org.eclipse.edc.web.spi.WebService;
-
-
-public class JwksExtension implements ServiceExtension {
-
- public static final String EXTENSION_NAME = "JwksExtension";
- public static final String CERTIFICATE_ALIAS = "edc.oauth.certificate.alias";
- @Inject
- private WebService webService;
- @Inject
- private Vault vault;
-
- @Override
- public String name() {
- return EXTENSION_NAME;
- }
-
- @Override
- public void initialize(ServiceExtensionContext context) {
- var monitor = context.getMonitor();
- var pemSecretAlias = context.getSetting(CERTIFICATE_ALIAS, null);
- if (pemSecretAlias == null) {
- monitor.warning(() -> "No vault alias provided for JWKS-Extension");
- }
- var controller = new JwksController(
- new VaultJwkFactory(vault),
- new JwksJsonTransformer(),
- pemSecretAlias,
- monitor);
- webService.registerResource(DspApiConfigurationExtension.CONTEXT_ALIAS, controller);
- }
-
-}
diff --git a/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/controller/JwksController.java b/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/controller/JwksController.java
deleted file mode 100644
index 543729202..000000000
--- a/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/controller/JwksController.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Copyright (c) 2023 sovity GmbH
- *
- * This program and the accompanying materials are made available under the
- * terms of the Apache License, Version 2.0 which is available at
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * SPDX-License-Identifier: Apache-2.0
- *
- * Contributors:
- * sovity GmbH - initial API and implementation
- *
- */
-
-package de.sovity.edc.extension.jwks.controller;
-
-import de.sovity.edc.extension.jwks.JwksExtension;
-import de.sovity.edc.extension.jwks.jwk.VaultJwkFactory;
-import jakarta.ws.rs.GET;
-import jakarta.ws.rs.Path;
-import jakarta.ws.rs.Produces;
-import jakarta.ws.rs.core.MediaType;
-import jakarta.ws.rs.core.Response;
-import lombok.RequiredArgsConstructor;
-import org.eclipse.edc.spi.EdcException;
-import org.eclipse.edc.spi.monitor.Monitor;
-
-import java.util.Objects;
-
-@RequiredArgsConstructor
-@Produces({MediaType.APPLICATION_JSON})
-@Path(JwksController.JWKS_PATH)
-public class JwksController {
-
- static final String ALIAS_NOT_SET_MESSAGE = String.format(
- "No alias for JWKS-Extension configured. Please set the %s property",
- JwksExtension.CERTIFICATE_ALIAS);
- static final String JWKS_RESPONSE_FAILED_MESSAGE_TEMPLATE =
- "Creating JWKS response failed: %s";
- public static final String JWKS_PATH = "/jwks";
- private final VaultJwkFactory vaultJkwFactory;
- private final JwksJsonTransformer jwksJsonTransformer;
- private final String pemSecretAlias;
- private final Monitor monitor;
-
- @GET
- @Produces(MediaType.APPLICATION_JSON)
- public Response getJwks() {
- try {
- validateAliasSet(pemSecretAlias);
- var jwk = vaultJkwFactory.publicX509JwkFromAlias(pemSecretAlias);
- return Response
- .ok(jwksJsonTransformer.toJwksJson(jwk), MediaType.APPLICATION_JSON)
- .build();
- } catch (EdcException e) {
- monitor.warning(String.format(JWKS_RESPONSE_FAILED_MESSAGE_TEMPLATE, e.getMessage()));
- return Response
- .status(Response.Status.INTERNAL_SERVER_ERROR)
- .build();
- }
- }
-
- private void validateAliasSet(String pemSecretAlias) {
- if (Objects.isNull(pemSecretAlias) || pemSecretAlias.isBlank()) {
- throw new EdcException(ALIAS_NOT_SET_MESSAGE);
- }
- }
-}
diff --git a/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/controller/JwksJsonTransformer.java b/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/controller/JwksJsonTransformer.java
deleted file mode 100644
index 6a914eabb..000000000
--- a/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/controller/JwksJsonTransformer.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (c) 2023 sovity GmbH
- *
- * This program and the accompanying materials are made available under the
- * terms of the Apache License, Version 2.0 which is available at
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * SPDX-License-Identifier: Apache-2.0
- *
- * Contributors:
- * sovity GmbH - initial API and implementation
- *
- */
-
-package de.sovity.edc.extension.jwks.controller;
-
-import com.nimbusds.jose.jwk.JWK;
-import jakarta.json.Json;
-
-public class JwksJsonTransformer {
-
- public String toJwksJson(JWK jwk) {
- var jwkJsonObject = Json.createObjectBuilder(jwk.toJSONObject());
- var jwksJsonArray = Json.createArrayBuilder()
- .add(jwkJsonObject)
- .build();
- return Json.createObjectBuilder()
- .add("keys", jwksJsonArray)
- .build().toString();
- }
-}
diff --git a/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/jwk/VaultJwkFactory.java b/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/jwk/VaultJwkFactory.java
deleted file mode 100644
index 78a505fa8..000000000
--- a/extensions/jwks/src/main/java/de/sovity/edc/extension/jwks/jwk/VaultJwkFactory.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright (c) 2023 sovity GmbH
- *
- * This program and the accompanying materials are made available under the
- * terms of the Apache License, Version 2.0 which is available at
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * SPDX-License-Identifier: Apache-2.0
- *
- * Contributors:
- * sovity GmbH - initial API and implementation
- *
- */
-
-package de.sovity.edc.extension.jwks.jwk;
-
-import com.nimbusds.jose.JOSEException;
-import com.nimbusds.jose.jwk.JWK;
-import lombok.RequiredArgsConstructor;
-import org.eclipse.edc.spi.EdcException;
-import org.eclipse.edc.spi.security.Vault;
-
-import java.util.Optional;
-
-@RequiredArgsConstructor
-public class VaultJwkFactory {
-
- public static final String RESOLVE_ALIAS_FROM_VAULT_FAILED_MESSAGE =
- "Could not resolve PEM-Encoded-X509-Certificate for alias %s";
- public static final String PARSE_VALUE_FROM_VAULT_FAILED_MESSAGE =
- "Could not parse PEM-Encoded-X509-Certificate for alias %s, Reason: %s";
- private final Vault vault;
-
- public JWK publicX509JwkFromAlias(String alias) {
- return Optional
- .ofNullable(vault.resolveSecret(alias))
- .map(pemString -> parseX509Cert(pemString, alias))
- .orElseThrow(() -> new EdcException(String.format(RESOLVE_ALIAS_FROM_VAULT_FAILED_MESSAGE, alias)));
- }
-
- private JWK parseX509Cert(String pem, String alias) {
- try {
- return JWK.parseFromPEMEncodedX509Cert(pem);
- } catch (JOSEException e) {
- throw new EdcException(String.format(
- PARSE_VALUE_FROM_VAULT_FAILED_MESSAGE,
- alias,
- e.getMessage()));
- }
- }
-
-}
diff --git a/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/controller/EdcJwksControllerTest.java b/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/controller/EdcJwksControllerTest.java
deleted file mode 100644
index 92cb524d1..000000000
--- a/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/controller/EdcJwksControllerTest.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Copyright (c) 2023 sovity GmbH
- *
- * This program and the accompanying materials are made available under the
- * terms of the Apache License, Version 2.0 which is available at
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * SPDX-License-Identifier: Apache-2.0
- *
- * Contributors:
- * sovity GmbH - initial API and implementation
- *
- */
-
-package de.sovity.edc.extension.jwks.controller;
-
-
-import de.sovity.edc.extension.jwks.JwksExtension;
-import io.restassured.http.ContentType;
-import org.eclipse.edc.connector.dataplane.selector.spi.store.DataPlaneInstanceStore;
-import org.eclipse.edc.jsonld.spi.JsonLd;
-import org.eclipse.edc.junit.extensions.EdcExtension;
-import org.eclipse.edc.spi.protocol.ProtocolWebhook;
-import org.eclipse.edc.spi.security.Vault;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-
-import java.io.IOException;
-import java.util.Map;
-
-import static de.sovity.edc.extension.jwks.util.TestCertFromFileUtil.getCertStringFromFile;
-import static io.restassured.RestAssured.given;
-import static org.eclipse.edc.junit.testfixtures.TestUtils.getFreePort;
-import static org.hamcrest.Matchers.equalTo;
-import static org.hamcrest.Matchers.notNullValue;
-import static org.mockito.Mockito.mock;
-
-@ExtendWith(EdcExtension.class)
-public class EdcJwksControllerTest {
-
- private static final int WEB_HTTP_PROTOCOL_PORT = getFreePort();
- private static final String WEB_HTTP_PROTOCOL_PATH = "/api/v1/dsp";
-
- private static final String CERTIFICATE_VAULT_ALIAS = "transfer-proxy";
-
- @BeforeEach
- void setUp(EdcExtension extension) {
- extension.registerServiceMock(ProtocolWebhook.class, mock(ProtocolWebhook.class));
- extension.registerServiceMock(JsonLd.class, mock(JsonLd.class));
- extension.registerServiceMock(
- DataPlaneInstanceStore.class,
- mock(DataPlaneInstanceStore.class));
- extension.setConfiguration(Map.of(
- "web.http.protocol.port", String.valueOf(WEB_HTTP_PROTOCOL_PORT),
- "web.http.protocol.path", WEB_HTTP_PROTOCOL_PATH,
- "web.http.management.port", String.valueOf(getFreePort()),
- "web.http.management.path", "/api/v1/data",
- JwksExtension.CERTIFICATE_ALIAS, CERTIFICATE_VAULT_ALIAS));
- }
-
- @Test
- void jwksSuccessfullyExposed(Vault vault) throws IOException {
- vault.storeSecret(CERTIFICATE_VAULT_ALIAS, getCertStringFromFile());
- var request = given()
- .baseUri("http://localhost:" + WEB_HTTP_PROTOCOL_PORT)
- .basePath(WEB_HTTP_PROTOCOL_PATH)
- .when()
- .get(JwksController.JWKS_PATH)
- .then()
- .statusCode(200)
- .contentType(ContentType.JSON);
-
- request.assertThat()
- .body("keys[0].kty", equalTo("RSA"))
- .body("keys[0].e", equalTo("AQAB"))
- .body("keys[0].n", notNullValue())
- .body("keys[0].kid", equalTo("360586573322806545473834353174745870260060531097"))
- .body("keys[0].'x5t#S256'", equalTo("P-dbyBaTkocsAKpv0Lx3JHaOTEyPOclVNOdoi-hQ75o"))
- .body("keys[0].nbf", equalTo(1701353600))
- .body("keys[0].exp", equalTo(4854953600L))
- .body("keys[0].x5c", notNullValue());
- }
-
- @Test
- void certificateCannotBeLoadedFromVault() {
- given()
- .baseUri("http://localhost:" + WEB_HTTP_PROTOCOL_PORT)
- .basePath(WEB_HTTP_PROTOCOL_PATH)
- .when()
- .get(JwksController.JWKS_PATH)
- .then()
- .statusCode(500);
- }
-}
diff --git a/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/controller/JwksControllerTest.java b/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/controller/JwksControllerTest.java
deleted file mode 100644
index 0660a0970..000000000
--- a/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/controller/JwksControllerTest.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
- * Copyright (c) 2023 sovity GmbH
- *
- * This program and the accompanying materials are made available under the
- * terms of the Apache License, Version 2.0 which is available at
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * SPDX-License-Identifier: Apache-2.0
- *
- * Contributors:
- * sovity GmbH - initial API and implementation
- *
- */
-
-package de.sovity.edc.extension.jwks.controller;
-
-import com.nimbusds.jose.jwk.JWK;
-import de.sovity.edc.extension.jwks.jwk.VaultJwkFactory;
-import jakarta.ws.rs.core.Response;
-import org.eclipse.edc.spi.EdcException;
-import org.eclipse.edc.spi.monitor.Monitor;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.mockito.Mock;
-import org.mockito.junit.jupiter.MockitoExtension;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
-@ExtendWith(MockitoExtension.class)
-class JwksControllerTest {
-
- @Mock
- private Monitor monitor;
- @Mock
- private VaultJwkFactory vaultJkwFactory;
- @Mock
- private JwksJsonTransformer jwksJsonTransformer;
-
- @Test
- void loadingJwkSucceeds() {
- // given
- var jwksController = new JwksController(
- vaultJkwFactory,
- jwksJsonTransformer,
- "test",
- monitor);
- var jwk = mock(JWK.class);
- var jsonResponse = "jsonResponse";
-
- // when
- when(vaultJkwFactory.publicX509JwkFromAlias("test")).thenReturn(jwk);
- when(jwksJsonTransformer.toJwksJson(jwk)).thenReturn(jsonResponse);
- var jwksResponse = jwksController.getJwks();
-
- // then
- verify(vaultJkwFactory).publicX509JwkFromAlias("test");
- verify(jwksJsonTransformer).toJwksJson(jwk);
- assertEquals(
- Response.Status.OK.getStatusCode(),
- jwksResponse.getStatus());
- assertEquals(jsonResponse, jwksResponse.getEntity());
- }
-
- @Test
- void loadingJwkFails() {
- // given
- var jwksController = new JwksController(
- vaultJkwFactory,
- jwksJsonTransformer,
- "test",
- monitor);
- var exceptionMessage = "message";
-
- // when
- when(vaultJkwFactory.publicX509JwkFromAlias("test")).thenThrow(new EdcException(exceptionMessage));
- var jwksResponse = jwksController.getJwks();
-
- // then
- verify(monitor).warning(String.format(
- JwksController.JWKS_RESPONSE_FAILED_MESSAGE_TEMPLATE,
- exceptionMessage));
- assertEquals(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
- jwksResponse.getStatus());
- }
-
- @Test
- void loadingJwkFailsNoAliasConfigured() {
- // given
- var jwksController = new JwksController(
- vaultJkwFactory,
- jwksJsonTransformer,
- null,
- monitor);
-
- // when
- var jwksResponse = jwksController.getJwks();
-
- // then
- verify(monitor).warning(String.format(
- JwksController.JWKS_RESPONSE_FAILED_MESSAGE_TEMPLATE,
- JwksController.ALIAS_NOT_SET_MESSAGE));
- assertEquals(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(),
- jwksResponse.getStatus());
- }
-
-}
\ No newline at end of file
diff --git a/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/jwk/VaultJwkFactoryTest.java b/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/jwk/VaultJwkFactoryTest.java
deleted file mode 100644
index 025b21682..000000000
--- a/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/jwk/VaultJwkFactoryTest.java
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * Copyright (c) 2023 sovity GmbH
- *
- * This program and the accompanying materials are made available under the
- * terms of the Apache License, Version 2.0 which is available at
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * SPDX-License-Identifier: Apache-2.0
- *
- * Contributors:
- * sovity GmbH - initial API and implementation
- *
- */
-
-package de.sovity.edc.extension.jwks.jwk;
-
-import com.nimbusds.jose.jwk.RSAKey;
-import org.eclipse.edc.spi.EdcException;
-import org.eclipse.edc.spi.security.Vault;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.mockito.Mock;
-import org.mockito.junit.jupiter.MockitoExtension;
-
-import java.io.IOException;
-
-import static de.sovity.edc.extension.jwks.jwk.VaultJwkFactory.PARSE_VALUE_FROM_VAULT_FAILED_MESSAGE;
-import static de.sovity.edc.extension.jwks.jwk.VaultJwkFactory.RESOLVE_ALIAS_FROM_VAULT_FAILED_MESSAGE;
-import static de.sovity.edc.extension.jwks.util.TestCertFromFileUtil.getCertStringFromFile;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertNotNull;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.mockito.Mockito.when;
-
-
-@ExtendWith(MockitoExtension.class)
-class VaultJwkFactoryTest {
-
- private static final String PARSE_CERTIFICATE_FAILED_MESSAGE =
- "Couldn't parse PEM-encoded X.509 certificate";
- private static final String JWK_ALIAS = "jwk-alias";
-
- @Mock
- private Vault vault;
-
- @Test
- void jwkFromAliasSuccessful() throws IOException {
- // arrange
- var vaultJwkFactory = new VaultJwkFactory(vault);
- var certString = getCertStringFromFile();
- when(vault.resolveSecret(JWK_ALIAS)).thenReturn(certString);
-
- // act
- var jwk = vaultJwkFactory.publicX509JwkFromAlias(JWK_ALIAS);
-
- // assert
- assertNotNull(jwk);
- assertEquals("360586573322806545473834353174745870260060531097", jwk.getKeyID());
- assertEquals(1701353600000L, jwk.getNotBeforeTime().getTime());
- assertEquals(4854953600000L, jwk.getExpirationTime().getTime());
- assertEquals("RSA", jwk.getKeyType().getValue());
- assertEquals(
- "P-dbyBaTkocsAKpv0Lx3JHaOTEyPOclVNOdoi-hQ75o",
- jwk.getX509CertSHA256Thumbprint().toString());
- assertEquals("AQAB", ((RSAKey) jwk).getPublicExponent().toString());
- assertNotNull(jwk.getX509CertChain());
- }
-
- @Test
- void jwkFromAliasVaultJwkNull() {
- // arrange
- var vaultJwkFactory = new VaultJwkFactory(vault);
- when(vault.resolveSecret(JWK_ALIAS)).thenReturn(null);
-
- // act & assert
- var edcException = assertThrows(
- EdcException.class,
- () -> vaultJwkFactory.publicX509JwkFromAlias(JWK_ALIAS));
- var message = String.format(RESOLVE_ALIAS_FROM_VAULT_FAILED_MESSAGE, JWK_ALIAS);
- assertEquals(message, edcException.getMessage());
- }
-
- @Test
- void jwkFromAliasVaultInvalidValue() {
- // arrange
- var vaultJksFactory = new VaultJwkFactory(vault);
- when(vault.resolveSecret(JWK_ALIAS)).thenReturn("invalid-value");
-
- // act & assert
- var edcException = assertThrows(
- EdcException.class,
- () -> vaultJksFactory.publicX509JwkFromAlias(JWK_ALIAS));
- var message = String.format(
- PARSE_VALUE_FROM_VAULT_FAILED_MESSAGE,
- JWK_ALIAS,
- PARSE_CERTIFICATE_FAILED_MESSAGE);
- assertEquals(message, edcException.getMessage());
- }
-}
\ No newline at end of file
diff --git a/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/util/TestCertFromFileUtil.java b/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/util/TestCertFromFileUtil.java
deleted file mode 100644
index 193bf42c0..000000000
--- a/extensions/jwks/src/test/java/de/sovity/edc/extension/jwks/util/TestCertFromFileUtil.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2023 sovity GmbH
- *
- * This program and the accompanying materials are made available under the
- * terms of the Apache License, Version 2.0 which is available at
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * SPDX-License-Identifier: Apache-2.0
- *
- * Contributors:
- * sovity GmbH - initial API and implementation
- *
- */
-
-package de.sovity.edc.extension.jwks.util;
-
-import de.sovity.edc.extension.jwks.controller.EdcJwksControllerTest;
-import lombok.NoArgsConstructor;
-
-import java.io.IOException;
-import java.util.Scanner;
-
-@NoArgsConstructor(access = lombok.AccessLevel.PRIVATE)
-public class TestCertFromFileUtil {
-
- public static String getCertStringFromFile() throws IOException {
- var classLoader = EdcJwksControllerTest.class.getClassLoader();
- try (var inputStream = classLoader.getResourceAsStream("cert.pem")) {
- try (var scanner = new Scanner(inputStream).useDelimiter("\\A")) {
- return scanner.hasNext() ? scanner.next() : "";
- }
- }
- }
-
-}
diff --git a/extensions/jwks/src/test/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension b/extensions/jwks/src/test/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension
deleted file mode 100644
index 5a13cc3dc..000000000
--- a/extensions/jwks/src/test/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension
+++ /dev/null
@@ -1 +0,0 @@
-de.sovity.edc.extension.jwks.JwksExtension
diff --git a/extensions/jwks/src/test/resources/cert.pem b/extensions/jwks/src/test/resources/cert.pem
deleted file mode 100644
index 4574a231c..000000000
--- a/extensions/jwks/src/test/resources/cert.pem
+++ /dev/null
@@ -1,48 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEowIBAAKCAQEA8Infn3TWCPN06TvvniM/GGGYFwajZ4k2oyqDFFZY9PNyeTfx
-AGU/9AJckrZQcP47p+jmhJ5Yifcz/dgymIdLK/DkpV8tPJgvzrrZ05yz7IZQAuH9
-57USITYvKbKeKrHz928CbyiC64DzhuFVY9yA9SVLJwRnozvUXj12pdX1/c5L29Rw
-Yd54qMfsse4QobyiNLhL/StpfSmysqGYtEFBBcvpof6HCBSMwcTlrgSr5XOtljYX
-QGk6bP7Xdc3fyEeZFRhYJyF7ORGuXsegLFIhRUXm7rlZUsCIKE9na9CgMb8ytJK+
-RK++1StVQIW0so8G/Ev13oLMTesl8qV7RzQ3GwIDAQABAoIBACsxFq6TVDuXO88F
-rClBOvstyxmXX5Af22fBInhsaNzTOiL6IJRpmeo+4lCV3Cvt+thTwdDefheIBBX4
-1Fz/LkhdoTDwvja7PRpqAuM0qDo4g/WAjw8kPHUqPZ3HLQ+NlLlBfbZoF9oh9Ziq
-raKY3a8nWy9OYy20eJXTg5KTsPA52c1/eC29LqppKqbLEvtqxJICxwILVuxMd2Nd
-Y3KR7rO/B9D8od8/c7WcXU37UIYCgjNRvbsfnyjs0Nf6O/fQUnucvxPQJexX41cw
-cYsdO0R0zV7Hvi4Tz0WD2OflNTL63+APtn8TwgXsr07EVCvT4K4TNinEbVUYDUmZ
-OqhPCAECgYEA/3MwZ81iQ/eWKIYHiDAYrYc+mSGWmCFRIRgRWYLS70tPJtaPaR9r
-TmonjHGlOlXS74Hm6/EUZ6cBIqop7bBn5G17kJNz4qIvsa9Agj/8muGIWf6l3blQ
-ATlaS8dkGuEAuOEPE4lA8GTeRiXzDStOg6O4awebkaAGubiypuKtGpsCgYEA8Q53
-Aoy2D/r8wCttiunFXruWCykl8FgeGd+5WBSZRv0wzkfFBq2ivXLvmhk0fYpXS/ZK
-RgE/t0O6qmxg25lCgWdpYcGjo3SlblkgP5ucN4RIY0QyLa5Hr/nag/rI0g8h9awx
-NR0D7WEwOuJ0qDiWvAmnz9JSc7p6u+WTXjEm3YECgYAF3r3EBOI3MZ9PuxS9Om22
-vx7fIfh18n4MxqLPbcQvH4noGJIfFku+942FGq9zUbmRK2kFDvsrDplmFIb2IVGh
-3Co0vk6xbIywBpjy5UmGvZwGhWWGXNXL0WeTyjcwru73UKSqDENjws2gywp0yQP6
-3m5Ed15J0GWXKvlgAGF99QKBgQCSlwdMZ6F3ylvVyRMOfObnmw+9rcJCjHORrHmb
-1Lr5bpM1fnOUghcLOk/22AkRpwU7ToUQWUYT/n4PkWS9ZlAJPYfaSNVoW1EW7+Aq
-jkjLggg7RYd2PBugKkL2K5XgGA/AxHwQHpr6yjV4OapTekZAB2cjfHVjpy1oAk5B
-44YNAQKBgA9w/oMhc0RBeW7U+HDtAQg0qjkirDbNjTFn+mpB2CuMARjeFWfeq4nL
-PI5HSyHrvW/jVU0HdkSO3C6L4pNLc4lhhcRntw/nQAmMEU7Dg6Aq9DdWFGvDGsm7
-yTaRTASYK61qQm39yQq+A9HEmAeSj/7C719k4BEsoFHoqbPOBtKb
------END PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDczCCAlsCFD8pQtvO7azi4ByPOfg7733mB6mZMA0GCSqGSIb3DQEBCwUAMHUx
-CzAJBgNVBAYTAkRFMQwwCgYDVQQIDANOUlcxETAPBgNVBAcMCERvcnRtdW5kMQ8w
-DQYDVQQKDAZzb3ZpdHkxDzANBgNVBAMMBnNvdml0eTEjMCEGCSqGSIb3DQEJARYU
-ZXJpYy5maWVnZUBzb3ZpdHkuZGUwIBcNMjMxMTMwMTQxMzIwWhgPMjEyMzExMDYx
-NDEzMjBaMHUxCzAJBgNVBAYTAkRFMQwwCgYDVQQIDANOUlcxETAPBgNVBAcMCERv
-cnRtdW5kMQ8wDQYDVQQKDAZzb3ZpdHkxDzANBgNVBAMMBnNvdml0eTEjMCEGCSqG
-SIb3DQEJARYUZXJpYy5maWVnZUBzb3ZpdHkuZGUwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQDwid+fdNYI83TpO++eIz8YYZgXBqNniTajKoMUVlj083J5
-N/EAZT/0AlyStlBw/jun6OaEnliJ9zP92DKYh0sr8OSlXy08mC/OutnTnLPshlAC
-4f3ntRIhNi8psp4qsfP3bwJvKILrgPOG4VVj3ID1JUsnBGejO9RePXal1fX9zkvb
-1HBh3niox+yx7hChvKI0uEv9K2l9KbKyoZi0QUEFy+mh/ocIFIzBxOWuBKvlc62W
-NhdAaTps/td1zd/IR5kVGFgnIXs5Ea5ex6AsUiFFRebuuVlSwIgoT2dr0KAxvzK0
-kr5Er77VK1VAhbSyjwb8S/XegsxN6yXypXtHNDcbAgMBAAEwDQYJKoZIhvcNAQEL
-BQADggEBAO5nM+BjL1hZQQba/wK9Cc6XVt8A95CeuURdn+d7cEf1OW6tUwGVfJ3z
-ldaz15HMjs07yTnLK70dHxB1zQEiZ3KH8Vu3kmiEa4MetgF+AZ98pMjwkVsJ0tLu
-M9GDMTFCDwx0avKEg4bzp73TQ1hm1sB2avmgjHceQs+0wtF7o4pXTvDumw/axjfj
-yA0tJMS3hIi+EQn6rSPHkqcSDp4icOGu4TctEwfTeOF/tNJ8YfB8R7accNn9nlGL
-w8N5zYQxJoIhZ0GVCxSRAMCqOjKbxiRjEY8mZA9EtkdViuNTOs3r2GZ0JF7gCNVP
-o9WgVzii98WaHz423h6ZGYYU9kmqewk=
------END CERTIFICATE-----
\ No newline at end of file
diff --git a/gradle.properties b/gradle.properties
index 2adb9a67c..1603fab2d 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -17,7 +17,6 @@ awaitilityVersion=4.2.0
jettyGroup=org.eclipse.jetty
jettyVersion=11.0.15
jakartaJsonVersion=2.0.1
-nimbusJoseJwtVersion=9.31
org.gradle.jvmargs=-Xmx1024m
org.gradle.parallel=true
diff --git a/launchers/common/auth-daps/build.gradle.kts b/launchers/common/auth-daps/build.gradle.kts
index c6ecf1fc4..f2323a3d3 100644
--- a/launchers/common/auth-daps/build.gradle.kts
+++ b/launchers/common/auth-daps/build.gradle.kts
@@ -9,8 +9,6 @@ dependencies {
// OAuth2 IAM
api("${edcGroup}:oauth2-core:${edcVersion}")
api("${edcGroup}:vault-filesystem:${edcVersion}")
-
- api(project(":extensions:jwks"))
}
val sovityEdcGroup: String by project
diff --git a/settings.gradle.kts b/settings.gradle.kts
index 6d0de1776..a7bcffeb3 100644
--- a/settings.gradle.kts
+++ b/settings.gradle.kts
@@ -1,7 +1,6 @@
rootProject.name = "edc-extensions"
include(":extensions:edc-ui-config")
-include(":extensions:jwks")
include(":extensions:last-commit-info")
include(":extensions:policy-always-true")
include(":extensions:policy-referring-connector")
-
-
-