add simple token auth

Author: paullatzelsperger

Requests/ControlPlane Management/Download Data from Public API.bru

@@ -1,17 +1,17 @@
 meta {
   name: Download Data from Public API
   type: http
-  seq: 8
+  seq: 9
 }
 
 get {
-  url: {{CONSUMER_DP}}/api/proxy/flows/{{flowId}}
+  url: {{CONSUMER_DP}}/api/proxy/flows/{{flowId}}/data
   body: none
   auth: none
 }
 
 headers {
-  Authorization: {{AUTHORIZATION}}
+  ~Authorization: {{accessToken}}
 }
 
 script:post-response {

Requests/ControlPlane Management/Get open dataflow by ID.bru

@@ -1,11 +1,11 @@
 meta {
   name: Get open dataflow by ID
   type: http
-  seq: 9
+  seq: 8
 }
 
 get {
-  url: {{CONSUMER_DP}}/api/proxy/flows
+  url: {{CONSUMER_DP}}/api/proxy/flows/{{flowId}}
   body: json
   auth: none
 }
@@ -21,12 +21,12 @@ body:text {
 
 script:post-response {
   const body = res.getBody()
-  const map = new Map(Object.entries(body));
-  // just use the first entry in the map
-  const [flowId, address] = map.entries().next().value;
 
-  expect(flowId).not.to.be.undefined
-  bru.setVar("flowId",flowId)
+  const token = body.endpointProperties.find(obj => obj.name === "access_token");
+  expect(token).not.to.be.undefined
+  console.log(token.value)
+  bru.setVar("accessToken", token.value)
+  
 
 
 }

Requests/ControlPlane Management/Get open dataflows.bru

@@ -26,9 +26,15 @@ script:post-response {
   const [flowId, address] = map.entries().next().value;
 
   expect(flowId).not.to.be.undefined
-  bru.setVar("flowId",flowId)
+  bru.setVar("flowId", flowId)
+  console.log(flowId)
 
 
+  const token = address.endpointProperties.find(obj => obj.name === "access_token");
+  expect(token).not.to.be.undefined
+  console.log(token.value)
+  bru.setVar("accessToken", token.value)
+  
 }
 
 settings {

launchers/dataplane/src/main/java/org/eclipse/edc/mvd/dataplane/SignalingDataPlaneRuntimeExtension.java

@@ -40,6 +40,7 @@
 import org.jetbrains.annotations.NotNull;
 
 import java.net.URI;
+import java.util.List;
 
 import static java.util.Collections.emptyList;
 
@@ -115,7 +116,7 @@ public void initialize(ServiceExtensionContext context) {
 
         webService.registerResource(ApiContext.SIGNALING, dataplane.controller());
         webService.registerResource(ApiContext.SIGNALING, dataplane.registrationController());
-        webService.registerResource(APICONTEXT_PUBLIC, new DataPlanePublicApiController(httpClient, monitor));
+        webService.registerResource(APICONTEXT_PUBLIC, new DataPlanePublicApiController(httpClient, monitor, "foobar"));
         webService.registerResource(APICONTEXT_PROXY, new ConsumerProxyController(dataFetcher));
     }
 
@@ -135,7 +136,9 @@ private Result<DataFlow> prepare(DataFlow dataFlow) {
     private @NotNull Result<DataFlow> startDataFlow(DataFlow dataFlow) {
         switch (dataFlow.getTransferType()) {
             case "NonFinite-PULL", "Finite-PULL", "HttpData-PULL" -> {
-                var dataAddress = new DataAddress(dataFlow.getTransferType(), "http", publicApiConfig.dataSourceEndpoint(hostname.get()), emptyList());
+                var dataAddress = new DataAddress(dataFlow.getTransferType(), "http",
+                        publicApiConfig.dataSourceEndpoint(hostname.get()),
+                        List.of(new DataAddress.EndpointProperty("authorization", "access_token", "foobar")));
                 dataFlow.setDataAddress(dataAddress);
                 return Result.success(dataFlow);
             }

launchers/dataplane/src/main/java/org/eclipse/edc/mvd/dataplane/data/DataPlanePublicApiController.java

@@ -17,6 +17,9 @@
 import jakarta.ws.rs.GET;
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.core.Context;
+import jakarta.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.Response;
 import okhttp3.Request;
 import org.eclipse.edc.http.spi.EdcHttpClient;
 import org.eclipse.edc.spi.monitor.Monitor;
@@ -30,32 +33,48 @@ public class DataPlanePublicApiController {
 
     private final EdcHttpClient client;
     private final Monitor monitor;
+    private final String expectedAuthHeader;
 
-    public DataPlanePublicApiController(EdcHttpClient client, Monitor monitor) {
+    public DataPlanePublicApiController(EdcHttpClient client, Monitor monitor, String expectedAuthHeader) {
         this.client = client;
         this.monitor = monitor;
+        this.expectedAuthHeader = expectedAuthHeader;
     }
 
     @GET
     @Path("/source")
-    public String dataSource() {
-        return downloadJsonFromUrl("https://jsonplaceholder.typicode.com/todos");
+    public Response dataSource(@Context HttpHeaders headers) {
+        if (!isAuthorized(headers)) {
+            return Response.status(Response.Status.UNAUTHORIZED).build();
+        }
+        return Response.ok(downloadJsonFromUrl("https://jsonplaceholder.typicode.com/todos")).build();
     }
 
 
 
     @GET
     @Path("/source/{resource}")
-    public String dataSource(@PathParam("resource") String resource) {
+    public Response dataSource(@PathParam("resource") String resource, @Context HttpHeaders headers) {
+        if (!isAuthorized(headers)) {
+            return Response.status(Response.Status.UNAUTHORIZED).build();
+        }
         var formatted = "https://jsonplaceholder.typicode.com/%s".formatted(resource);
-        return downloadJsonFromUrl(formatted);
+        return Response.ok(downloadJsonFromUrl(formatted)).build();
     }
 
     @GET
     @Path("/source/{resource}/{id}")
-    public String dataSource(@PathParam("resource") String resource, @PathParam("id") String id) {
+    public Response dataSource(@PathParam("resource") String resource, @PathParam("id") String id, @Context HttpHeaders headers) {
+        if (!isAuthorized(headers)) {
+            return Response.status(Response.Status.UNAUTHORIZED).build();
+        }
         var formatted = "https://jsonplaceholder.typicode.com/%s/%s".formatted(resource, id);
-        return downloadJsonFromUrl(formatted);
+        return Response.ok(downloadJsonFromUrl(formatted)).build();
+    }
+
+    private boolean isAuthorized(HttpHeaders headers) {
+        var authHeader = headers.getHeaderString(HttpHeaders.AUTHORIZATION);
+        return expectedAuthHeader.equals(authHeader);
     }
 
     private @NotNull String downloadJsonFromUrl(String formatted) {

launchers/dataplane/src/main/java/org/eclipse/edc/mvd/dataplane/signaling/ConsumerDataHandler.java

@@ -58,7 +58,15 @@ public Result<String> downloadData(String flowId) {
             return Result.failure(new IllegalArgumentException("No data flow found for id %s".formatted(flowId)));
         }
         var sourceUri = URI.create(dataAddress.endpoint());
-        var request = new Request.Builder().url(sourceUri.toString()).get().build();
+        var token = dataAddress.endpointProperties().stream().filter(ep -> ep.name().equals("access_token"))
+                .findFirst()
+                .map(DataAddress.EndpointProperty::value)
+                .orElseThrow(() -> new IllegalArgumentException("No access token found in data address properties"));
+        var request = new Request.Builder()
+                .addHeader("Authorization", token)
+                .url(sourceUri.toString())
+                .get()
+                .build();
         try (var response = httpClient.execute(request)) {
             if (response.isSuccessful()) {
                 var body = response.body().string();

tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java

@@ -66,24 +66,6 @@ private static RequestSpecification baseRequest() {
     @DisplayName("Tests a successful End-to-End contract negotiation and data transfer")
     @Test
     void transferData_hasPermission_shouldTransferData() {
-//        System.out.println("Waiting for Provider dataplane to come online");
-//        // wait until provider's dataplane is available
-//        await().atMost(TEST_TIMEOUT_DURATION)
-//                .pollDelay(TEST_POLL_DELAY)
-//                .untilAsserted(() -> {
-//                    var jp = baseRequest()
-//                            .get(PROVIDER_MANAGEMENT_URL + "/api/mgmt/v4/dataplanes")
-//                            .then()
-//                            .statusCode(200)
-//                            .log().ifValidationFails()
-//                            .extract().body().jsonPath();
-//
-//                    var state = jp.getString("state");
-//                    assertThat(state).isEqualTo("[REGISTERED]");
-//                });
-//
-//        System.out.println("Provider dataplane is online, fetching catalog");
-
         var catalogRequestBody = Json.createObjectBuilder()
                 .add("@context", Json.createObjectBuilder().add("edc", "https://w3id.org/edc/connector/management/v2"))
                 .add("@type", "CatalogRequest")
@@ -191,15 +173,15 @@ void transferData_hasPermission_shouldTransferData() {
                             .extract().body().jsonPath();
 
                     endpoint.set(jp.getString("endpoint"));
-//                    token.set(jp.getString("authorization"));
+                    token.set(jp.get("endpointProperties.find { it.name == 'access_token' }.value"));
 
                     assertThat(endpoint.get()).isNotNull().endsWith("/api/public/data/source");
-//                    assertThat(token.get()).isNotNull();
+                    assertThat(token.get()).isNotNull();
                 });
 
         //download exemplary JSON data from public endpoint
         var response = given()
-//                .header("Authorization", token.get())
+                .header("Authorization", token.get())
                 .get(CONSUMER_PROXY_URL + "/flows/%s/data".formatted(transferProcessId))
                 .then()
                 .log().ifError()
@@ -212,24 +194,6 @@ void transferData_hasPermission_shouldTransferData() {
     @DisplayName("Tests a failing End-to-End contract negotiation because of an unfulfilled policy")
     @Test
     void transferData_doesNotHavePermission_shouldTerminate() {
-        System.out.println("Waiting for Provider dataplane to come online");
-        // wait until provider's dataplane is available
-        await().atMost(TEST_TIMEOUT_DURATION)
-                .pollDelay(TEST_POLL_DELAY)
-                .untilAsserted(() -> {
-                    var jp = baseRequest()
-                            .get(PROVIDER_MANAGEMENT_URL + "/api/mgmt/v4/dataplanes")
-                            .then()
-                            .statusCode(200)
-                            .log().ifValidationFails()
-                            .extract().body().jsonPath();
-
-                    var state = jp.getString("state");
-                    assertThat(state).isEqualTo("[REGISTERED]");
-                });
-
-        System.out.println("Provider dataplane is online, fetching catalog");
-
         var catalogRequestBody = Json.createObjectBuilder()
                 .add("@context", Json.createObjectBuilder().add("edc", "https://w3id.org/edc/connector/management/v2"))
                 .add("@type", "CatalogRequest")