Merge branch 'eclipse-edc:main' into base

eclipse-edc · Nov 11, 2024 · b572b98 · b572b98
2 parents 9dda650 + ca48bd9
commit b572b98
Show file tree

Hide file tree

Showing 14 changed files with 59 additions and 218 deletions.
diff --git a/README.md b/README.md
@@ -735,18 +735,7 @@ DataProcessor VC.
 
 > Hint: all credentials, where the `credentialSubject` has the same shape/schema can be evaluated by the same function!
 
-### 8.5 Scope-to-criterion transformer
-
-When IdentityHub receives a Presentation query, that carries an access token, it must be able to convert a scope string
-into a filter expression, for example `org.eclipse.edc.vc.type:DataProcessorCredential:read` is converted into
-`verifiableCredential.credential.type = DataProcessorCredential`. This filter expression is then used by IdentityHub to
-query for `DataProcessorCredentials` in the database.
-
-This is implemented in the
-[MvdScopeTransformer.java](launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/MvdScopeTransformer.java)
-class.
-
-### 8.6 Super-user seeding
+### 8.5 Super-user seeding
 
 IdentityHub's [Identity
 API](https://github.com/eclipse-edc/IdentityHub/blob/main/docs/developer/architecture/identityhub-apis.md#identity-api)
@@ -860,4 +849,14 @@ into the stores by an extension called `IdentityHubExtension.java` and are **dif
 Kubernetes deployments.
 
 The [JwtSigner.java](launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java) test class can be
-used to re-generate and sign all credentials.
+used to re-generate and sign all credentials.
+
+### 10.4 Default scope-to-criterion transformer
+
+When IdentityHub receives a Presentation query, that carries an access token, it must be able to convert a scope string
+into a filter expression, for example `org.eclipse.edc.vc.type:DataProcessorCredential:read` is converted into
+`verifiableCredential.credential.type = DataProcessorCredential`. This filter expression is then used by IdentityHub to
+query for `DataProcessorCredentials` in the database.
+
+The MVD uses the default `EdcScopeToCriterionTransformer` to achieve this. It is recommended to implement a custom
+`ScopeToCriterionTransformer` for an actual production scenario.
diff --git a/deployment/assets/env/consumer_identityhub.env b/deployment/assets/env/consumer_identityhub.env
@@ -6,10 +6,17 @@ WEB_HTTP_IDENTITY_PORT=7082
 WEB_HTTP_IDENTITY_PATH="/api/identity"
 WEB_HTTP_DID_PORT=7083
 WEB_HTTP_DID_PATH="/"
+WEB_HTTP_ACCOUNTS_PORT=7084
+WEB_HTTP_ACCOUNTS_PATH="/api/accounts"
+WEB_HTTP_VERSION_PORT=7085
+WEB_HTTP_VERSION_PATH="/api/version"
+WEB_HTTP_STS_PORT=7086
+WEB_HTTP_STS_PATH="/api/sts"
 EDC_IAM_DID_WEB_USE_HTTPS="false"
 EDC_IAM_STS_PRIVATEKEY_ALIAS="key-1"
 EDC_IAM_STS_PUBLICKEY_ID="did:web:localhost%3A7083#key-1"
 EDC_IH_IAM_PUBLICKEY_PATH="./deployment/assets/consumer_public.pem"
 EDC_IH_IAM_ID="did:web:localhost%3A7083"
 EDC_IH_API_SUPERUSER_KEY="c3VwZXItdXNlcg==.c3VwZXItc2VjcmV0LWtleQo="
 EDC_MVD_CREDENTIALS_PATH="deployment/assets/credentials/local/consumer/"
+EDC_API_ACCOUNTS_KEY="password"
diff --git a/deployment/assets/env/provider_identityhub.env b/deployment/assets/env/provider_identityhub.env
@@ -6,10 +6,17 @@ WEB_HTTP_IDENTITY_PORT=7092
 WEB_HTTP_IDENTITY_PATH="/api/identity"
 WEB_HTTP_DID_PORT=7093
 WEB_HTTP_DID_PATH="/"
+WEB_HTTP_ACCOUNTS_PORT=7094
+WEB_HTTP_ACCOUNTS_PATH="/api/accounts"
+WEB_HTTP_VERSION_PORT=7095
+WEB_HTTP_VERSION_PATH="/api/version"
+WEB_HTTP_STS_PORT=7096
+WEB_HTTP_STS_PATH="/api/sts"
 EDC_IAM_DID_WEB_USE_HTTPS="false"
 EDC_IAM_STS_PRIVATEKEY_ALIAS="key-1"
 EDC_IAM_STS_PUBLICKEY_ID="did:web:localhost%3A7093#key-1"
 EDC_IH_IAM_PUBLICKEY_PATH="./deployment/assets/provider_public.pem"
 EDC_IH_IAM_ID="did:web:localhost%3A7093"
 EDC_IH_API_SUPERUSER_KEY="c3VwZXItdXNlcg==.c3VwZXItc2VjcmV0LWtleQo="
 EDC_MVD_CREDENTIALS_PATH="deployment/assets/credentials/local/provider/"
+EDC_API_ACCOUNTS_KEY="password"
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -2,21 +2,13 @@
 format.version = "1.1"
 
 [versions]
-assertj = "3.24.2"
 awaitility = "4.2.2"
-edc = "0.10.0-SNAPSHOT"
-failsafe = "3.3.2"
-jackson = "2.18.0"
+edc = "0.11.0-SNAPSHOT"
+jackson = "2.18.1"
 jakarta-json = "2.1.3"
-jupiter = "5.10.1"
-mockserver = "5.15.0"
-nimbus = "9.41.2"
 parsson = "1.1.6"
 postgres = "42.7.3"
 restAssured = "5.5.0"
-swagger = "2.2.18"
-rsApi = "3.1.0"
-testcontainers = "1.19.1"
 
 [libraries]
 # upstream EDC dependencies
@@ -25,7 +17,6 @@ edc-junit = { module = "org.eclipse.edc:junit", version.ref = "edc" }
 edc-did-core = { module = "org.eclipse.edc:identity-did-core", version.ref = "edc" }
 edc-did-web = { module = "org.eclipse.edc:identity-did-web", version.ref = "edc" }
 edc-core-connector = { module = "org.eclipse.edc:connector-core", version.ref = "edc" }
-edc-core-crypto = { module = "org.eclipse.edc:crypto-core", version.ref = "edc" }
 edc-core-token = { module = "org.eclipse.edc:token-core", version.ref = "edc" }
 edc-core-edrstore = { module = "org.eclipse.edc:edr-store-core", version.ref = "edc" }
 edc-ext-http = { module = "org.eclipse.edc:http", version.ref = "edc" }
@@ -35,35 +26,17 @@ edc-dcp = { module = "org.eclipse.edc:identity-trust-service", version.ref = "ed
 edc-controlplane-core = { module = "org.eclipse.edc:control-plane-core", version.ref = "edc" }
 edc-controlplane-transform = { module = "org.eclipse.edc:control-plane-transform", version.ref = "edc" }
 edc-controlplane-services = { module = "org.eclipse.edc:control-plane-aggregate-services", version.ref = "edc" }
-edc-config-filesystem = { module = "org.eclipse.edc:configuration-filesystem", version.ref = "edc" }
-edc-auth-tokenbased = { module = "org.eclipse.edc:auth-tokenbased", version.ref = "edc" }
-edc-auth-configuration = { module = "org.eclipse.edc:auth-configuration", version.ref = "edc" }
 edc-api-management-config = { module = "org.eclipse.edc:management-api-configuration", version.ref = "edc" }
 edc-api-version = { module = "org.eclipse.edc:version-api", version.ref = "edc" }
 edc-api-management = { module = "org.eclipse.edc:management-api", version.ref = "edc" }
-edc-api-management-asset = { module = "org.eclipse.edc:asset-api", version.ref = "edc" }
-edc-api-management-edr = { module = "org.eclipse.edc:edr-cache-api", version.ref = "edc" }
-edc-api-management-policy = { module = "org.eclipse.edc:policy-definition-api", version.ref = "edc" }
-edc-api-management-contractdef = { module = "org.eclipse.edc:contract-definition-api", version.ref = "edc" }
-edc-api-management-dataplaneselector = { module = "org.eclipse.edc:data-plane-selector-api", version.ref = "edc" }
 edc-api-observability = { module = "org.eclipse.edc:api-observability", version.ref = "edc" }
-edc-api-control-configuration = { module = "org.eclipse.edc:control-api-configuration", version.ref = "edc" }
 edc-dsp = { module = "org.eclipse.edc:dsp", version.ref = "edc" }
-edc-edr-storereceiver = { module = "org.eclipse.edc:edr-store-receiver", version.ref = "edc" }
 
-edc-controlplane-callback-dispatcher-event = { module = "org.eclipse.edc:callback-event-dispatcher", version.ref = "edc" }
-edc-controlplane-callback-dispatcher-http = { module = "org.eclipse.edc:callback-http-dispatcher", version.ref = "edc" }
 edc-dcp-core = { module = "org.eclipse.edc:identity-trust-core", version.ref = "edc" }
-edc-identity-trust-transform = { module = "org.eclipse.edc:identity-trust-transform", version.ref = "edc" }
-edc-identity-core-did = { module = "org.eclipse.edc:identity-did-core", version.ref = "edc" }
-edc-identity-vc-ldp = { module = "org.eclipse.edc:ldp-verifiable-credentials", version.ref = "edc" }
-edc-identity-vc-jwt = { module = "org.eclipse.edc:jwt-verifiable-credentials", version.ref = "edc" }
 edc-vault-hashicorp = { module = "org.eclipse.edc:vault-hashicorp", version.ref = "edc" }
-edc-spi-core = { module = "org.eclipse.edc:core-spi", version.ref = "edc" }
 edc-spi-identity-trust = { module = "org.eclipse.edc:identity-trust-spi", version.ref = "edc" }
 edc-spi-transform = { module = "org.eclipse.edc:transform-spi", version.ref = "edc" }
 edc-spi-catalog = { module = "org.eclipse.edc:catalog-spi", version.ref = "edc" }
-edc-spi-jwt = { module = "org.eclipse.edc:jwt-spi", version.ref = "edc" }
 edc-spi-identity-did = { module = "org.eclipse.edc:identity-did-spi", version.ref = "edc" }
 
 
@@ -74,28 +47,6 @@ edc-lib-crypto = { module = "org.eclipse.edc:crypto-common-lib", version.ref = "
 edc-lib-keys = { module = "org.eclipse.edc:keys-lib", version.ref = "edc" }
 edc-lib-jsonld = { module = "org.eclipse.edc:json-ld-lib", version.ref = "edc" }
 
-# EDC dataplane client modules (used in controlplane)
-edc-dpf-transfer = { module = "org.eclipse.edc:transfer-data-plane", version.ref = "edc" }
-edc-dpf-transfer-signaling = { module = "org.eclipse.edc:transfer-data-plane-signaling", version.ref = "edc" }
-edc-dpf-selector-client = { module = "org.eclipse.edc:data-plane-selector-client", version.ref = "edc" }
-edc-spi-dataplane-selector = { module = "org.eclipse.edc:data-plane-selector-spi", version.ref = "edc" }
-edc-dpf-selector-core = { module = "org.eclipse.edc:data-plane-selector-core", version.ref = "edc" }
-edc-dpf-selector-control-api = { module = "org.eclipse.edc:data-plane-selector-control-api", version.ref = "edc" }
-edc-dpf-signaling-client = { module = "org.eclipse.edc:data-plane-signaling-client", version.ref = "edc" }
-
-# EDC dataplane modules
-edc-dataplane-core = { module = "org.eclipse.edc:data-plane-core", version.ref = "edc" }
-edc-dataplane-api-control-config = { module = "org.eclipse.edc:control-api-configuration", version.ref = "edc" }
-edc-dataplane-api-control-client = { module = "org.eclipse.edc:control-plane-api-client", version.ref = "edc" }
-edc-dataplane-selfregistration = { module = "org.eclipse.edc:data-plane-self-registration", version.ref = "edc" }
-edc-dataplane-http = { module = "org.eclipse.edc:data-plane-http", version.ref = "edc" }
-edc-dataplane-http-oauth2 = { module = "org.eclipse.edc:data-plane-http-oauth2", version.ref = "edc" }
-edc-dataplane-api-control = { module = "org.eclipse.edc:data-plane-control-api", version.ref = "edc" }
-edc-dataplane-api-public = { module = "org.eclipse.edc:data-plane-public-api-v2", version.ref = "edc" }
-edc-dataplane-api-signaling = { module = "org.eclipse.edc:data-plane-signaling-api", version.ref = "edc" }
-edc-dataplane-iam = { module = "org.eclipse.edc:data-plane-iam", version.ref = "edc" }
-
-
 # EDC Postgres modules
 edc-sql-assetindex = { module = "org.eclipse.edc:asset-index-sql", version.ref = "edc" }
 edc-sql-edrcache = { module = "org.eclipse.edc:edr-index-sql", version.ref = "edc" }
@@ -107,41 +58,18 @@ edc-sql-core = { module = "org.eclipse.edc:sql-core", version.ref = "edc" }
 edc-sql-lease = { module = "org.eclipse.edc:sql-lease", version.ref = "edc" }
 edc-sql-pool = { module = "org.eclipse.edc:sql-pool-apache-commons", version.ref = "edc" }
 edc-sql-transactionlocal = { module = "org.eclipse.edc:transaction-local", version.ref = "edc" }
-edc-sql-accesstokendata = { module = "org.eclipse.edc:accesstokendata-store-sql", version.ref = "edc" }
-edc-sql-dataplane = { module = "org.eclipse.edc:data-plane-store-sql", version.ref = "edc" }
 edc-sql-dataplane-instancestore = { module = "org.eclipse.edc:data-plane-instance-store-sql", version.ref = "edc" }
 edc-sql-jtivdalidation = { module = "org.eclipse.edc:jti-validation-store-sql", version.ref = "edc" }
 
 
 # identity hub SQL implementations
-edc-sql-ih-credstore-sql = { module = "org.eclipse.edc:identity-hub-credentials-store-sql", version.ref = "edc" }
-edc-sql-ih-didstore-sql = { module = "org.eclipse.edc:identity-hub-did-store-sql", version.ref = "edc" }
-edc-sql-ih-keypairstore-sql = { module = "org.eclipse.edc:identity-hub-keypair-store-sql", version.ref = "edc" }
-edc-sql-ih-pcstore-sql = { module = "org.eclipse.edc:identity-hub-participantcontext-store-sql", version.ref = "edc" }
 edc-sql-ih-stsstore-sql = { module = "org.eclipse.edc:sts-client-store-sql", version.ref = "edc" }
 
-
-# identityhub dependencies
-edc-ih-core = { module = "org.eclipse.edc:identity-hub-core", version.ref = "edc" }
-edc-ih-keypairs = { module = "org.eclipse.edc:identity-hub-keypairs", version.ref = "edc" }
-edc-ih-did = { module = "org.eclipse.edc:identity-hub-did", version.ref = "edc" }
-edc-ih-participants = { module = "org.eclipse.edc:identity-hub-participants", version.ref = "edc" }
-
 # identityhub SPI modules
 edc-ih-spi-did = { module = "org.eclipse.edc:did-spi", version.ref = "edc" }
 edc-ih-spi-store = { module = "org.eclipse.edc:identity-hub-store-spi", version.ref = "edc" }
-edc-ih-spi-participant = { module = "org.eclipse.edc:participant-context-spi", version.ref = "edc" }
 
 # identityhub API modules
-edc-ih-api-presentation = { module = "org.eclipse.edc:presentation-api", version.ref = "edc" }
-edc-ih-mgmt-config = { module = "org.eclipse.edc:api-configuration", version.ref = "edc" }
-edc-ih-mgmt-authentication = { module = "org.eclipse.edc:identityhub-api-authentication", version.ref = "edc" }
-edc-ih-mgmt-authorization = { module = "org.eclipse.edc:identityhub-api-authorization", version.ref = "edc" }
-edc-ih-mgmt-participantcontext = { module = "org.eclipse.edc:participant-context-api", version.ref = "edc" }
-edc-ih-mgmt-verifiablecredential = { module = "org.eclipse.edc:verifiable-credentials-api", version.ref = "edc" }
-edc-ih-mgmt-did = { module = "org.eclipse.edc:did-api", version.ref = "edc" }
-edc-ih-mgmt-keypairs = { module = "org.eclipse.edc:keypair-api", version.ref = "edc" }
-edc-ih-did-localpub = { module = "org.eclipse.edc:local-did-publisher", version.ref = "edc" }
 edc-ih-lib-credentialquery = { module = "org.eclipse.edc:credential-query-lib", version.ref = "edc" }
 edc-oauth2-client = { module = "org.eclipse.edc:oauth2-client", version.ref = "edc" }
 
@@ -150,8 +78,6 @@ edc-sts-spi = { module = "org.eclipse.edc:identity-trust-sts-spi", version.ref =
 edc-sts-core = { module = "org.eclipse.edc:identity-trust-sts-core", version.ref = "edc" }
 edc-sts = { module = "org.eclipse.edc:identity-trust-sts-embedded", version.ref = "edc" }
 edc-sts-api = { module = "org.eclipse.edc:identity-trust-sts-api", version.ref = "edc" }
-edc-sts-accountprovisioner = { module = "org.eclipse.edc:sts-account-provisioner", version.ref = "edc" }
-edc-sts-accountservice-local = { module = "org.eclipse.edc:sts-account-service-local", version.ref = "edc" }
 edc-sts-accountservice-remote = { module = "org.eclipse.edc:sts-account-service-remote", version.ref = "edc" }
 edc-sts-remote-client = { module = "org.eclipse.edc:identity-trust-sts-remote-client", version.ref = "edc" }
 edc-sts-api-accounts = { module = "org.eclipse.edc:identity-trust-sts-accounts-api", version.ref = "edc" }
@@ -160,51 +86,34 @@ edc-sts-api-accounts = { module = "org.eclipse.edc:identity-trust-sts-accounts-a
 edc-fc-spi-crawler = { module = "org.eclipse.edc:crawler-spi", version.ref = "edc" }
 edc-fc-core = { module = "org.eclipse.edc:federated-catalog-core", version.ref = "edc" }
 edc-fc-api = { module = "org.eclipse.edc:federated-catalog-api", version.ref = "edc" }
-edc-fc-cache-sql = { module = "org.eclipse.edc:federated-catalog-cache-sql", version.ref = "edc" }
-
-# specific dependencies needed by the catalog server
-edc-controlplane-catalog = { module = "org.eclipse.edc:control-plane-catalog", version.ref = "edc" }
-edc-controlplane-contract = { module = "org.eclipse.edc:control-plane-contract", version.ref = "edc" }
 
 # Third party libs
-nimbus-jwt = { module = "com.nimbusds:nimbus-jose-jwt", version.ref = "nimbus" }
 postgres = { module = "org.postgresql:postgresql", version.ref = "postgres" }
 awaitility = { module = "org.awaitility:awaitility", version.ref = "awaitility" }
 restAssured = { module = "io.rest-assured:rest-assured", version.ref = "restAssured" }
 jakarta-json-api = { module = "jakarta.json:jakarta.json-api", version.ref = "jakarta-json" }
 jackson-datatype-jakarta-jsonp = { module = "com.fasterxml.jackson.datatype:jackson-datatype-jakarta-jsonp", version.ref = "jackson" }
 parsson = { module = "org.eclipse.parsson:parsson", version.ref = "parsson" }
 
-[bundles]
-dpf = ["edc-dpf-selector-core", "edc-spi-dataplane-selector", "edc-dpf-selector-control-api", "edc-dpf-signaling-client", "edc-dpf-transfer-signaling"]
+# BOM modules
+edc-bom-controlplane = { module = "org.eclipse.edc:controlplane-dcp-bom", version.ref = "edc" }
+edc-bom-dataplane = { module = "org.eclipse.edc:dataplane-base-bom", version.ref = "edc" }
+edc-bom-controlplane-sql = { module = "org.eclipse.edc:controlplane-feature-sql-bom", version.ref = "edc" }
+edc-bom-dataplane-sql = { module = "org.eclipse.edc:dataplane-feature-sql-bom", version.ref = "edc" }
+edc-bom-identithub = { module = "org.eclipse.edc:identityhub-bom", version.ref = "edc" }
+edc-bom-identithub-sts = { module = "org.eclipse.edc:identityhub-with-sts-bom", version.ref = "edc" }
+edc-bom-identithub-sql = { module = "org.eclipse.edc:identityhub-feature-sql-bom", version.ref = "edc" }
 
+[bundles]
 connector = ["edc-boot", "edc-core-connector", "edc-ext-http", "edc-api-observability", "edc-ext-jsonld", "edc-core-token"]
 
-controlplane = ["edc-controlplane-core", "edc-config-filesystem", "edc-auth-tokenbased", "edc-auth-configuration", "edc-api-management",
-    "edc-api-management-config", "edc-api-management-edr", "edc-api-management-dataplaneselector",
-    "edc-api-observability", "edc-dsp", "edc-spi-jwt", "edc-ext-http", "edc-controlplane-callback-dispatcher-event", "edc-controlplane-callback-dispatcher-http",
-    "edc-identity-core-did", "edc-identity-trust-transform", "edc-api-control-configuration", "edc-lib-transform",
-    "edc-identity-vc-ldp", "edc-lib-jws2020", "edc-core-edrstore", "edc-edr-storereceiver"]
-
-did = ["edc-did-web", "edc-did-core", "edc-ih-did", "edc-ih-did-localpub"]
-
-identity-api = ["edc-ih-mgmt-config", "edc-ih-mgmt-did", "edc-ih-mgmt-participantcontext", "edc-ih-mgmt-verifiablecredential",
-    "edc-ih-mgmt-keypairs", "edc-ih-mgmt-authentication", "edc-ih-mgmt-authorization"]
-
-identityhub = ["edc-ih-core", "edc-ih-api-presentation", "edc-ih-participants", "edc-ih-keypairs", "edc-sts-accountprovisioner"]
-
 dcp = ["edc-dcp", "edc-did-core", "edc-did-web", "edc-oauth2-client", "edc-dcp-core"]
 
 sql-edc = ["edc-sql-assetindex", "edc-sql-contractdef", "edc-sql-contractneg", "edc-sql-policydef", "edc-sql-edrcache", "edc-sql-transferprocess", "edc-sql-dataplane-instancestore", "edc-sql-core", "edc-sql-lease", "edc-sql-pool", "edc-sql-transactionlocal", "postgres"]
-sql-edc-dataplane = ["edc-sql-accesstokendata", "edc-sql-dataplane", "edc-sql-core", "edc-sql-lease", "edc-sql-pool", "edc-sql-transactionlocal", "edc-sql-dataplane-instancestore", "postgres"]
-
-sql-ih = ["edc-sql-ih-credstore-sql","edc-sql-jtivdalidation", "edc-sql-ih-didstore-sql", "edc-sql-ih-keypairstore-sql", "edc-sql-ih-pcstore-sql", "edc-sql-ih-stsstore-sql", "edc-sql-core", "edc-sql-pool", "edc-sql-transactionlocal", "postgres"]
 
 sql-sts = ["edc-sql-ih-stsstore-sql", "edc-sql-jtivdalidation", "edc-sql-core", "edc-sql-pool", "edc-sql-transactionlocal", "postgres"]
 
 sts = ["edc-sts-core", "edc-sts-api", "edc-sts-spi", "edc-sts"]
 
-sql-fc = ["edc-fc-cache-sql"]
-
 [plugins]
 shadow = { id = "com.github.johnrengelman.shadow", version = "8.1.1" }
diff --git a/launchers/catalog-server/src/main/docker/Dockerfile b/launchers/catalog-server/src/main/docker/Dockerfile
@@ -1,5 +1,5 @@
 # -buster is required to have apt available
-FROM eclipse-temurin:23_37-jre-alpine
+FROM eclipse-temurin:23.0.1_11-jre-alpine
 
 # Optional JVM arguments, such as memory settings
 ARG JVM_ARGS=""