Skip to content

Commit a0cfb69

Browse files
committed
partial integration-tests solved
1 parent e5ee5ff commit a0cfb69

27 files changed

Lines changed: 1119 additions & 1062 deletions

aggregator-platform/values.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,10 @@
11
loglevel: info
22

3+
auth:
4+
oidc: {}
5+
client_credentials: {}
6+
provision: {}
7+
38
spec:
49
service_collection: /services
510
transformation_catalog: /transformations

containers/aggregator-server/registration/registration_client_credentials.go

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,8 @@ func handleClientCredentialsFlow(w http.ResponseWriter, req model.RegistrationRe
2222
var inst *instance.AggregatorInstance
2323
if isUpdate {
2424
// Check if aggregator exists and user is authorized to update it
25-
inst, err := instance.GetAggregatorInstance(req.AggregatorID)
25+
var err error
26+
inst, err = instance.GetAggregatorInstance(req.AggregatorID)
2627
if err != nil {
2728
logrus.WithError(err).Errorf("Failed to retrieve aggregator %s for update", req.AggregatorID)
2829
http.Error(w, "Aggregator not found for update", http.StatusNotFound)
@@ -42,10 +43,6 @@ func handleClientCredentialsFlow(w http.ResponseWriter, req model.RegistrationRe
4243
http.Error(w, "authorization_server is required", http.StatusBadRequest)
4344
return
4445
}
45-
if req.WebID == "" {
46-
http.Error(w, "webid is required", http.StatusBadRequest)
47-
return
48-
}
4946
if req.ClientID == "" {
5047
http.Error(w, "client_id is required", http.StatusBadRequest)
5148
return
@@ -70,7 +67,9 @@ func handleClientCredentialsFlow(w http.ResponseWriter, req model.RegistrationRe
7067
}
7168

7269
// Some IDPs support a webid parameter to specify which WebID to act as
73-
tokenData.Set("webid", req.WebID)
70+
if req.WebID != "" {
71+
tokenData.Set("webid", req.WebID)
72+
}
7473

7574
resp, err := doTokenRequest(
7675
oidcConfig.TokenEndpoint,
@@ -133,7 +132,7 @@ func handleClientCredentialsFlow(w http.ResponseWriter, req model.RegistrationRe
133132

134133
// Deploy aggregator resources
135134
aggregatorId, err := instance.DeployAggregator(
136-
req.WebID,
135+
id,
137136
req.AuthorizationServer,
138137
"",
139138
ctx,
@@ -152,7 +151,11 @@ func handleClientCredentialsFlow(w http.ResponseWriter, req model.RegistrationRe
152151
aggregatorId,
153152
)
154153

155-
logrus.Infof("Aggregator created (client_credentials): %s for ID %s (acting as %s)", inst.AggregatorID, id, req.WebID)
154+
if req.WebID != "" {
155+
logrus.Infof("Aggregator created (client_credentials): %s for ID %s (acting as %s)", inst.AggregatorID, id, req.WebID)
156+
} else {
157+
logrus.Infof("Aggregator created (client_credentials): %s for ID %s", inst.AggregatorID, id)
158+
}
156159
}
157160

158161
// Return response

containers/aggregator/config/description.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ func handleAggregatorDescription(w http.ResponseWriter, r *http.Request) {
5858

5959
// TODO: semantic representations need to be added at some point
6060
desc := AggregatorDescription{
61-
ID: model.ID,
61+
ID: model.ExternalBaseURL(),
6262
CreatedAt: createdAt,
6363
LoginStatus: loginStatus,
6464
TransformationCatalog: model.ExternalBaseURL() + model.TransformationCatalog,

demo/kvasir/management.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -101,7 +101,7 @@ export class KvasirManagement {
101101
method: "GET",
102102
headers: {
103103
"Content-Type": "text/turtle",
104-
"Authorization": assigner,
104+
"Authorization": `Bearer ${await this.auth.getAccessToken()}`,
105105
},
106106
});
107107

demo/kvasir/policies.ts

Lines changed: 7 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ interface PolicyOptions {
99
assigner: string;
1010
target: string;
1111
scopes?: string[];
12-
containerName?: string;
12+
container?: boolean;
1313
client?: string;
1414
}
1515

@@ -44,12 +44,12 @@ export async function createPolicies(policies: PolicyOptions[]): Promise<{ turtl
4444
}
4545

4646
export function createPolicy(store: Store, options: PolicyOptions): string {
47-
const { name, assignee, assigner, scopes = ["read"], target, containerName, client } = options;
47+
const { name, assignee, assigner, scopes = ["read"], target, container, client } = options;
4848
const uuid = randomUUID();
4949
const baseIRI = `http://example.com/${uuid}#`;
5050

5151
const policyNode = namedNode(`${baseIRI}${name}Policy`);
52-
const permissionNode = blankNode();
52+
const permissionNode = namedNode(`${baseIRI}${name}Permission`);
5353

5454
// Policy triples
5555
store.addQuad(policyNode, namedNode("rdf:type"), namedNode("odrl:Agreement"));
@@ -65,23 +65,20 @@ export function createPolicy(store: Store, options: PolicyOptions): string {
6565
store.addQuad(permissionNode, namedNode("odrl:assigner"), namedNode(assigner));
6666

6767
// Target triples
68-
if (containerName) {
69-
const containerNode = namedNode(`${baseIRI}${containerName}`);
68+
if (container) {
69+
const containerNode = namedNode(`collection:${target}:http://www.w3.org/ns/ldp#contains`);
7070
store.addQuad(permissionNode, namedNode("odrl:target"), containerNode);
71-
store.addQuad(containerNode, namedNode("rdf:type"), namedNode("odrl:AssetCollection"));
72-
store.addQuad(containerNode, namedNode("odrl:source"), namedNode(target));
73-
store.addQuad(containerNode, namedNode("odrl_p:relation"), namedNode("ldp:contains"));
7471
} else {
7572
store.addQuad(permissionNode, namedNode("odrl:target"), namedNode(target));
7673
}
7774

7875
// Client triples
7976
if (client) {
80-
const constraintNode = blankNode();
77+
const constraintNode = namedNode(`${baseIRI}${name}ClientConstraint`);
8178
store.addQuad(permissionNode, namedNode("odrl:constraint"), constraintNode);
8279
store.addQuad(constraintNode, namedNode("odrl:leftOperand"), namedNode("odrl:purpose"));
8380
store.addQuad(constraintNode, namedNode("odrl:operator"), namedNode("odrl:eq"));
84-
store.addQuad(constraintNode, namedNode("odrl:rightOperand"), namedNode(`ex:${client}`));
81+
store.addQuad(constraintNode, namedNode("odrl:rightOperand"), namedNode(`${client}`));
8582
}
8683

8784
return policyNode.value;

demo/kvasir/setup-pod.ts

Lines changed: 9 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,9 @@ const IDP = "http://localhost:8280";
77
const REALM = "quarkus";
88
const CLIENT_ID = "demo-client";
99
const CLIENT_UMA_ID = `http://example.com/id/${CLIENT_ID}`;
10-
const CLIENT_SECRET = "0XAqVqleHW96DIPzvSzsyfSUOqWv8n2y";
10+
const CLIENT_SECRET = "SsIyMNGjbKrbcJPHr8gWwc36DdqMGvvd";
1111

12-
const USER_ID = "ed9ee96a-2572-4353-905f-e2495ee601c1";
12+
const USER_ID = "3744e254-9865-4c42-a1f0-ee03f866c186";
1313
const USER_UMA_ID = `http://example.com/id/${USER_ID}`;
1414
const USERNAME = "alice@example.com";
1515
const PASSWORD = "alice";
@@ -70,20 +70,20 @@ async function main() {
7070
console.log("▶ Delegating pod access control to UMA");
7171
await kvasir.delegatePodToUMA();
7272

73-
console.log("▶ Creating pod-management policy for owner…");
73+
console.log("▶ Creating slice-management policy for owner…");
7474
// enable owner to create slices
7575
const {
7676
turtle: ownerPolicyTurtle,
7777
ids: ownerPolicyIds,
7878
} = await createPolicies([
7979
{
80-
name: "owner_pod_management",
80+
name: "owner_slice_management",
8181
assignee: USER_UMA_ID,
8282
assigner: USER_UMA_ID,
8383
scopes: ["read", "write", "delete"],
8484
target: POD_URL + "/",
85-
containerName: "pod",
8685
client: CLIENT_UMA_ID,
86+
container: true
8787
},
8888
]);
8989

@@ -144,14 +144,13 @@ async function main() {
144144
await kvasir.addData(slice, CONTEXT, "obs", generateObservation());
145145

146146
console.log("▶ Setup complete.");
147-
console.log("▶ Waiting for termination signal (Ctrl+C)…\n");
148-
149-
// Wait for SIGINT or SIGTERM
150-
await waitForExitSignal();
151-
152147
} catch (err) {
153148
console.error("❌ Error during setup:", err);
154149
} finally {
150+
// Wait for SIGINT or SIGTERM
151+
console.log("▶ Waiting for termination signal (Ctrl+C)…\n");
152+
await waitForExitSignal();
153+
155154
console.log("\n⏳ Cleaning up setup…");
156155

157156
// delete slices

demo/kvasir/test-pod.ts

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
import { createPolicies } from "./policies.js";
2+
import { KvasirManagement } from "./management.js";
3+
4+
const POD_URL = "http://localhost:8080/alice";
5+
const AS_SERVER = "http://localhost:4000/uma"
6+
const IDP = "http://localhost:8280";
7+
const REALM = "quarkus";
8+
const CLIENT_ID = "demo-client";
9+
const CLIENT_UMA_ID = `http://example.com/id/${CLIENT_ID}`;
10+
const CLIENT_SECRET = "SsIyMNGjbKrbcJPHr8gWwc36DdqMGvvd";
11+
12+
const USER_ID = "3744e254-9865-4c42-a1f0-ee03f866c186";
13+
const USER_UMA_ID = `http://example.com/id/${USER_ID}`;
14+
const USERNAME = "alice@example.com";
15+
const PASSWORD = "alice";
16+
const DOCTOR_ID = "7cbe4aea-f394-4907-969a-0387a9774273";
17+
const DOCTOR_UMA_ID = `http://example.com/id/${DOCTOR_ID}`
18+
19+
const kvasir = new KvasirManagement(POD_URL, AS_SERVER);
20+
await kvasir.init(IDP, REALM);
21+
await kvasir.login(USERNAME, PASSWORD, CLIENT_ID, CLIENT_SECRET);
22+
23+
async function test() {
24+
await kvasir.readPolicies(USER_UMA_ID);
25+
}
26+
27+
test()

demo/package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,8 @@
1414
"stream-service-demo": "tsc && node dist/stream-service-demo.js",
1515
"kv-create-pod": "tsc && node dist/kvasir/create-pod.js",
1616
"kv-delete-pod": "tsc && node dist/kvasir/delete-pod.js",
17-
"kv-setup-pod": "tsc && node dist/kvasir/setup-pod.js"
17+
"kv-setup-pod": "tsc && node dist/kvasir/setup-pod.js",
18+
"kv-test-pod": "tsc && node dist/kvasir/test-pod.js"
1819
},
1920
"dependencies": {
2021
"@inrupt/solid-client-authn-core": "^3.1.0",

demo/pacsoi/create-service.ts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ const df = new DataFactory();
66

77
// Aggregator configuration
88
const AGGREGATOR_SERVER = "https://aggregator.local:5443";
9-
const AGGREGATOR = "https://aggregator.local:5443/693819fa-2ef1-447f-8eea-64c2e7789825";
9+
const AGGREGATOR = "https://aggregator.local:5443/419d851a-a6ab-4273-815d-0e59b6b44db4";
1010
const TF = "/transformations";
1111
const SVC = "/services";
1212

@@ -16,10 +16,10 @@ const TF_ID = "Pacsoi";
1616
const PARAMS = {};
1717

1818
// Authz configuration
19-
const USERNAME = "alice@example.com";
19+
const USERNAME = "alice";
2020
const PASSWORD = "alice";
2121
const CLIENT_ID = "demo-client";
22-
const CLIENT_SECRET = "0XAqVqleHW96DIPzvSzsyfSUOqWv8n2y";
22+
const CLIENT_SECRET = "SsIyMNGjbKrbcJPHr8gWwc36DdqMGvvd";
2323
const IDP = "http://localhost:8280";
2424
const REALM = "quarkus";
2525

demo/pacsoi/get-config.ts

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,16 @@
11
import { KeycloakOIDCAuth } from "../util.js";
22

3-
const IDP = "https://pacsoi-idp.faqir.org";
4-
const REALM = "kvasir";
5-
const USERNAME = "patient0@example.com";
6-
const PASSWORD = "1234";
7-
const CLIENT_ID = "moveup-backend";
8-
const CLIENT_SECRET = "GD7VyY29Eeim5BWfdTAFJ8FTDW7SeU2g";
9-
const AGGREGATOR = "https://aggregator.local/18739d56-85ab-4837-a60c-e07df93d6fff";
10-
const PATH = "/services"; // "", "/services", "/transformations"
3+
// Authz configuration
4+
const USERNAME = "alice";
5+
const PASSWORD = "alice";
6+
const CLIENT_ID = "demo-client";
7+
const CLIENT_SECRET = "SsIyMNGjbKrbcJPHr8gWwc36DdqMGvvd";
8+
const IDP = "http://localhost:8280";
9+
const REALM = "quarkus";
10+
11+
// Aggregator
12+
const AGGREGATOR = "https://aggregator.local:5443/419d851a-a6ab-4273-815d-0e59b6b44db4";
13+
const PATH = "/transformations"; // "", "/services", "/transformations"
1114

1215
async function main() {
1316
console.log("=== Initializing Keycloak Authentication ===");

0 commit comments

Comments
 (0)