Skip to content

Commit

Permalink
chore: [TRX-105] secure edc callbacks (#19)
Browse files Browse the repository at this point in the history 
(cherry picked from commit ad88b53f9629fe3fd7d2fe024e511c8422fdbb7e)
  • Loading branch information
@ds-awahl @ds-mwesener
ds-awahl authored and ds-mwesener committed Oct 10, 2024
1 parent 7378cc3 commit 19f8f4a
Show file tree
Hide file tree
Showing 4 changed files with 157 additions and 71 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ _**For better traceability add the corresponding GitHub issue number in each cha

## [Unreleased]

### Added
- Added api key authentication for edc notification requests

### Changed

- Added the discovery type configurable, with a default value of bpnl in (ConnectorEndpointsService) (#12)
Expand Down
47 changes: 32 additions & 15 deletions irs-edc-client/src/main/java/org/eclipse/tractusx/irs/edc/client/asset/EdcAssetService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
import org.eclipse.tractusx.irs.edc.client.asset.model.exception.DeleteEdcAssetException;
import org.eclipse.tractusx.irs.edc.client.asset.model.exception.EdcAssetAlreadyExistsException;
import org.eclipse.tractusx.irs.edc.client.configuration.JsonLdConfiguration;
import org.eclipse.tractusx.irs.edc.client.model.EdcTechnicalServiceAuthentication;
import org.eclipse.tractusx.irs.edc.client.transformer.EdcTransformer;
import org.springframework.http.HttpStatus;
import org.springframework.http.HttpStatusCode;
Expand All @@ -64,6 +65,7 @@ public class EdcAssetService {
private static final String ASSET_DATA_ADDRESS_PROXY_BODY = NAMESPACE_EDC + "proxyBody";
private static final String ASSET_DATA_ADDRESS_PROXY_PATH = NAMESPACE_EDC + "proxyPath";
private static final String ASSET_DATA_ADDRESS_PROXY_QUERY_PARAMS = NAMESPACE_EDC + "proxyQueryParams";
private static final String ASSET_DATA_ADDRESS_TECHNICAL_SERVICE_API_KEY = "header:x-technical-service-key";
private static final String ASSET_DATA_ADDRESS_METHOD = NAMESPACE_EDC + "method";
private static final String ASSET_PROPERTY_DESCRIPTION = NAMESPACE_EDC + "description";
private static final String ASSET_PROPERTY_CONTENT_TYPE = NAMESPACE_EDC + "contenttype";
Expand All @@ -85,16 +87,17 @@ public class EdcAssetService {
private final RestTemplate restTemplate;

public String createNotificationAsset(final String baseUrl, final String assetName,
final NotificationMethod notificationMethod, final NotificationType notificationType)
final NotificationMethod notificationMethod, final NotificationType notificationType, final EdcTechnicalServiceAuthentication edcTechnicalServiceAuthentication)
throws CreateEdcAssetException {
final Notification notification = Notification.toNotification(notificationMethod, notificationType);
final Asset request = createNotificationAssetRequest(assetName, baseUrl, notification);
final Asset request = createNotificationAssetRequest(assetName, baseUrl, notification,
edcTechnicalServiceAuthentication);
return sendRequest(request);
}

public String createNotificationAsset(final String baseUrl, final String assetName, final Notification notification)
throws CreateEdcAssetException {
final Asset request = createNotificationAssetRequest(assetName, baseUrl, notification);
final Asset request = createNotificationAssetRequest(assetName, baseUrl, notification, null);
return sendRequest(request);
}

Expand Down Expand Up @@ -143,24 +146,30 @@ public void deleteAsset(final String assetId) throws DeleteEdcAssetException {
}

private Asset createNotificationAssetRequest(final String assetName, final String baseUrl,
final Notification notification) {
final Notification notification, final EdcTechnicalServiceAuthentication edcTechnicalServiceAuthentication) {
final String assetId = UUID.randomUUID().toString();
final Map<String, Object> properties = Map.of(ASSET_PROPERTY_DESCRIPTION, assetName,
ASSET_PROPERTY_CONTENT_TYPE, DEFAULT_CONTENT_TYPE, ASSET_PROPERTY_POLICY_ID, DEFAULT_POLICY_ID,
ASSET_PROPERTY_COMMON_VERSION_KEY, ASSET_PROPERTY_NOTIFICATION_VERSION, ASSET_PROPERTY_DCAT_TYPE,
Map.of("@id", JsonLdConfiguration.NAMESPACE_CX_TAXONOMY + notification.getValue()));

final DataAddress dataAddress = DataAddress.Builder.newInstance()
.type(DATA_ADDRESS_TYPE_HTTP_DATA)
.property(EDC_DATA_ADDRESS_TYPE_PROPERTY,
DATA_ADDRESS_TYPE_HTTP_DATA)
.property(ASSET_DATA_ADDRESS_BASE_URL, baseUrl)
.property(ASSET_DATA_ADDRESS_PROXY_METHOD,
Boolean.TRUE.toString())
.property(ASSET_DATA_ADDRESS_PROXY_BODY,
Boolean.TRUE.toString())
.property(ASSET_DATA_ADDRESS_METHOD, DEFAULT_METHOD)
.build();
final DataAddress.Builder dataAddressBuilder = DataAddress.Builder.newInstance()
.type(DATA_ADDRESS_TYPE_HTTP_DATA) // Address type HTTP
.property(EDC_DATA_ADDRESS_TYPE_PROPERTY,
DATA_ADDRESS_TYPE_HTTP_DATA) // Address type property
.property(ASSET_DATA_ADDRESS_BASE_URL,
baseUrl) // Base URL
.property(ASSET_DATA_ADDRESS_PROXY_METHOD,
Boolean.TRUE.toString()) // Enable proxy method
.property(ASSET_DATA_ADDRESS_PROXY_BODY,
Boolean.TRUE.toString()) // Enable proxy body
.property(ASSET_DATA_ADDRESS_METHOD,
DEFAULT_METHOD); // Default method (e.g., GET, POST)

enrichOptionalEdcApiAuthenticationToDataAddress(edcTechnicalServiceAuthentication, dataAddressBuilder);

final DataAddress dataAddress = dataAddressBuilder.build();

return Asset.Builder.newInstance()
.id(assetId)
.contentType("Asset")
Expand Down Expand Up @@ -222,4 +231,12 @@ private Asset createSubmodelAssetRequest(final String assetId, final String base
.dataAddress(dataAddress)
.build();
}

private static void enrichOptionalEdcApiAuthenticationToDataAddress(
final EdcTechnicalServiceAuthentication edcTechnicalServiceAuthentication, final DataAddress.Builder dataAddressBuilder) {
if (edcTechnicalServiceAuthentication != null && edcTechnicalServiceAuthentication.getTechnicalServiceApiKey() != null
&& !edcTechnicalServiceAuthentication.getTechnicalServiceApiKey().isEmpty()) {
dataAddressBuilder.property(ASSET_DATA_ADDRESS_TECHNICAL_SERVICE_API_KEY, edcTechnicalServiceAuthentication.getTechnicalServiceApiKey());
}
}
}
32 changes: 32 additions & 0 deletions ...ain/java/org/eclipse/tractusx/irs/edc/client/model/EdcTechnicalServiceAuthentication.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
/********************************************************************************
* Copyright (c) 2022,2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG)
* Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
*
* This program and the accompanying materials are made available under the
* terms of the Apache License, Version 2.0 which is available at
* https://www.apache.org/licenses/LICENSE-2.0.
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*
* SPDX-License-Identifier: Apache-2.0
********************************************************************************/
package org.eclipse.tractusx.irs.edc.client.model;

import lombok.Builder;
import lombok.Data;

/**
* EDC Technical Service API authentication.
*/
@Builder
@Data
public class EdcTechnicalServiceAuthentication {
private String technicalServiceApiKey;
}
Loading

0 comments on commit 19f8f4a

Please sign in to comment.