feat: store refresh token in vault (#1128)

* feat: store refresh token in vault * checkstyle, dependencies
eclipse-tractusx · Mar 14, 2024 · a3b4c06 · a3b4c06
1 parent bd6f22d
commit a3b4c06
Show file tree

Hide file tree

Showing 14 changed files with 490 additions and 279 deletions.
diff --git a/DEPENDENCIES b/DEPENDENCIES
@@ -3,19 +3,18 @@ maven/mavencentral/com.apicatalog/iron-ed25519-cryptosuite-2020/0.8.1, Apache-2.
 maven/mavencentral/com.apicatalog/iron-verifiable-credentials/0.8.1, Apache-2.0, approved, #9234
 maven/mavencentral/com.apicatalog/titanium-json-ld/1.0.0, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.apicatalog/titanium-json-ld/1.3.1, Apache-2.0, approved, #8912
-maven/mavencentral/com.apicatalog/titanium-json-ld/1.3.3, Apache-2.0, approved, #8912
-maven/mavencentral/com.apicatalog/titanium-json-ld/1.4.0, , restricted, clearlydefined
+maven/mavencentral/com.apicatalog/titanium-json-ld/1.4.0, Apache-2.0, approved, #13683
 maven/mavencentral/com.azure/azure-core-http-netty/1.13.11, MIT AND Apache-2.0, approved, #7948
 maven/mavencentral/com.azure/azure-core-http-netty/1.14.0, MIT AND Apache-2.0, approved, #13238
 maven/mavencentral/com.azure/azure-core-http-netty/1.14.1, MIT AND Apache-2.0, approved, #13238
 maven/mavencentral/com.azure/azure-core/1.45.1, MIT AND Apache-2.0, approved, #11845
 maven/mavencentral/com.azure/azure-core/1.46.0, MIT AND Apache-2.0, approved, #13234
-maven/mavencentral/com.azure/azure-core/1.47.0, , restricted, clearlydefined
+maven/mavencentral/com.azure/azure-core/1.47.0, MIT AND Apache-2.0, approved, #13678
 maven/mavencentral/com.azure/azure-identity/1.11.2, MIT AND Apache-2.0, approved, #13237
 maven/mavencentral/com.azure/azure-identity/1.11.3, MIT AND Apache-2.0, approved, #13237
 maven/mavencentral/com.azure/azure-json/1.1.0, MIT AND Apache-2.0, approved, #10547
 maven/mavencentral/com.azure/azure-security-keyvault-secrets/4.7.3, MIT, approved, #10868
-maven/mavencentral/com.azure/azure-security-keyvault-secrets/4.8.0, , restricted, clearlydefined
+maven/mavencentral/com.azure/azure-security-keyvault-secrets/4.8.0, MIT, approved, #13690
 maven/mavencentral/com.azure/azure-storage-blob/12.25.2, MIT, approved, #13400
 maven/mavencentral/com.azure/azure-storage-common/12.24.2, MIT, approved, #13402
 maven/mavencentral/com.azure/azure-storage-internal-avro/12.10.2, MIT, approved, #13399
@@ -111,9 +110,9 @@ maven/mavencentral/dev.failsafe/failsafe/3.3.2, Apache-2.0, approved, #9268
 maven/mavencentral/info.picocli/picocli/4.7.5, Apache-2.0, approved, #4365
 maven/mavencentral/io.github.classgraph/classgraph/4.8.154, MIT, approved, CQ22530
 maven/mavencentral/io.github.classgraph/classgraph/4.8.162, MIT, approved, CQ22530
-maven/mavencentral/io.micrometer/micrometer-commons/1.12.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11679
-maven/mavencentral/io.micrometer/micrometer-core/1.12.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11678
-maven/mavencentral/io.micrometer/micrometer-observation/1.12.3, Apache-2.0, approved, #11680
+maven/mavencentral/io.micrometer/micrometer-commons/1.12.4, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11679
+maven/mavencentral/io.micrometer/micrometer-core/1.12.4, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11678
+maven/mavencentral/io.micrometer/micrometer-observation/1.12.4, Apache-2.0, approved, #11680
 maven/mavencentral/io.netty/netty-buffer/4.1.100.Final, Apache-2.0, approved, CQ21842
 maven/mavencentral/io.netty/netty-buffer/4.1.101.Final, Apache-2.0, approved, CQ21842
 maven/mavencentral/io.netty/netty-buffer/4.1.107.Final, Apache-2.0, approved, CQ21842
@@ -184,9 +183,9 @@ maven/mavencentral/io.swagger.core.v3/swagger-models/2.2.15, Apache-2.0, approve
 maven/mavencentral/jakarta.activation/jakarta.activation-api/1.2.1, EPL-2.0 OR BSD-3-Clause OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jaf
 maven/mavencentral/jakarta.activation/jakarta.activation-api/2.1.0, EPL-2.0 OR BSD-3-Clause OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jaf
 maven/mavencentral/jakarta.annotation/jakarta.annotation-api/2.1.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.ca
-maven/mavencentral/jakarta.inject/jakarta.inject-api/2.0.1, Apache-2.0, approved, clearlydefined
-maven/mavencentral/jakarta.json/jakarta.json-api/2.1.1, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, #7907
-maven/mavencentral/jakarta.transaction/jakarta.transaction-api/2.0.0, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, #7697
+maven/mavencentral/jakarta.inject/jakarta.inject-api/2.0.1, Apache-2.0, approved, ee4j.cdi
+maven/mavencentral/jakarta.json/jakarta.json-api/2.1.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jsonp
+maven/mavencentral/jakarta.transaction/jakarta.transaction-api/2.0.0, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jta
 maven/mavencentral/jakarta.validation/jakarta.validation-api/2.0.2, Apache-2.0, approved, ee4j.validation
 maven/mavencentral/jakarta.validation/jakarta.validation-api/3.0.2, Apache-2.0, approved, ee4j.validation
 maven/mavencentral/jakarta.ws.rs/jakarta.ws.rs-api/3.1.0, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.rest
@@ -290,6 +289,7 @@ maven/mavencentral/org.eclipse.edc/crypto-common/0.5.2-SNAPSHOT, Apache-2.0, app
 maven/mavencentral/org.eclipse.edc/data-address-http-data-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/data-plane-aws-s3/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/data-plane-azure-storage/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/data-plane-client-embedded/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/data-plane-client/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/data-plane-control-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/data-plane-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc
@@ -519,58 +519,58 @@ maven/mavencentral/org.xmlresolver/xmlresolver/5.2.2, Apache-2.0, approved, clea
 maven/mavencentral/org.yaml/snakeyaml/2.0, Apache-2.0 AND (Apache-2.0 OR BSD-3-Clause OR EPL-1.0 OR GPL-2.0-or-later OR LGPL-2.1-or-later), approved, #7275
 maven/mavencentral/org.yaml/snakeyaml/2.2, Apache-2.0 AND (Apache-2.0 OR BSD-3-Clause OR EPL-1.0 OR GPL-2.0-or-later OR LGPL-2.1-or-later), approved, #10232
 maven/mavencentral/software.amazon.awssdk/annotations/2.24.10, Apache-2.0, approved, #13251
-maven/mavencentral/software.amazon.awssdk/annotations/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/annotations/2.25.1, Apache-2.0, approved, #13691
 maven/mavencentral/software.amazon.awssdk/apache-client/2.24.10, Apache-2.0, approved, #13257
-maven/mavencentral/software.amazon.awssdk/apache-client/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/apache-client/2.25.1, Apache-2.0, approved, #13687
 maven/mavencentral/software.amazon.awssdk/arns/2.24.10, Apache-2.0, approved, #13243
-maven/mavencentral/software.amazon.awssdk/arns/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/arns/2.25.1, Apache-2.0, approved, #13695
 maven/mavencentral/software.amazon.awssdk/auth/2.24.10, Apache-2.0, approved, #13256
-maven/mavencentral/software.amazon.awssdk/auth/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/auth/2.25.1, Apache-2.0, approved, #13692
 maven/mavencentral/software.amazon.awssdk/aws-core/2.24.10, Apache-2.0, approved, #13240
-maven/mavencentral/software.amazon.awssdk/aws-core/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/aws-core/2.25.1, Apache-2.0, approved, #13702
 maven/mavencentral/software.amazon.awssdk/aws-query-protocol/2.24.10, Apache-2.0, approved, #13262
-maven/mavencentral/software.amazon.awssdk/aws-query-protocol/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/aws-query-protocol/2.25.1, Apache-2.0, approved, #13701
 maven/mavencentral/software.amazon.awssdk/aws-xml-protocol/2.24.10, Apache-2.0, approved, #13247
-maven/mavencentral/software.amazon.awssdk/aws-xml-protocol/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/aws-xml-protocol/2.25.1, Apache-2.0, approved, #13684
 maven/mavencentral/software.amazon.awssdk/checksums-spi/2.24.10, Apache-2.0, approved, #13245
-maven/mavencentral/software.amazon.awssdk/checksums-spi/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/checksums-spi/2.25.1, Apache-2.0, approved, #13686
 maven/mavencentral/software.amazon.awssdk/checksums/2.24.10, Apache-2.0, approved, #13242
-maven/mavencentral/software.amazon.awssdk/checksums/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/checksums/2.25.1, Apache-2.0, approved, #13677
 maven/mavencentral/software.amazon.awssdk/crt-core/2.24.10, Apache-2.0, approved, #13252
-maven/mavencentral/software.amazon.awssdk/crt-core/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/crt-core/2.25.1, Apache-2.0, approved, #13705
 maven/mavencentral/software.amazon.awssdk/endpoints-spi/2.24.10, Apache-2.0, approved, #13246
-maven/mavencentral/software.amazon.awssdk/endpoints-spi/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/endpoints-spi/2.25.1, Apache-2.0, approved, #13681
 maven/mavencentral/software.amazon.awssdk/http-auth-aws/2.24.10, Apache-2.0, approved, #13253
-maven/mavencentral/software.amazon.awssdk/http-auth-aws/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/http-auth-aws/2.25.1, Apache-2.0, approved, #13696
 maven/mavencentral/software.amazon.awssdk/http-auth-spi/2.24.10, Apache-2.0, approved, #13264
-maven/mavencentral/software.amazon.awssdk/http-auth-spi/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/http-auth-spi/2.25.1, Apache-2.0, approved, #13704
 maven/mavencentral/software.amazon.awssdk/http-auth/2.24.10, Apache-2.0, approved, #13248
-maven/mavencentral/software.amazon.awssdk/http-auth/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/http-auth/2.25.1, Apache-2.0, approved, #13682
 maven/mavencentral/software.amazon.awssdk/http-client-spi/2.24.10, Apache-2.0, approved, #13259
-maven/mavencentral/software.amazon.awssdk/http-client-spi/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/http-client-spi/2.25.1, Apache-2.0, approved, #13706
 maven/mavencentral/software.amazon.awssdk/iam/2.24.10, Apache-2.0, approved, #13444
 maven/mavencentral/software.amazon.awssdk/identity-spi/2.24.10, Apache-2.0, approved, #13244
-maven/mavencentral/software.amazon.awssdk/identity-spi/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/identity-spi/2.25.1, Apache-2.0, approved, #13685
 maven/mavencentral/software.amazon.awssdk/json-utils/2.24.10, Apache-2.0, approved, #13261
-maven/mavencentral/software.amazon.awssdk/json-utils/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/json-utils/2.25.1, Apache-2.0, approved, #13698
 maven/mavencentral/software.amazon.awssdk/metrics-spi/2.24.10, Apache-2.0, approved, #13239
-maven/mavencentral/software.amazon.awssdk/metrics-spi/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/metrics-spi/2.25.1, Apache-2.0, approved, #13680
 maven/mavencentral/software.amazon.awssdk/netty-nio-client/2.24.10, Apache-2.0, approved, #13260
-maven/mavencentral/software.amazon.awssdk/netty-nio-client/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/netty-nio-client/2.25.1, Apache-2.0, approved, #13693
 maven/mavencentral/software.amazon.awssdk/profiles/2.24.10, Apache-2.0, approved, #13258
-maven/mavencentral/software.amazon.awssdk/profiles/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/profiles/2.25.1, Apache-2.0, approved, #13697
 maven/mavencentral/software.amazon.awssdk/protocol-core/2.24.10, Apache-2.0, approved, #13241
-maven/mavencentral/software.amazon.awssdk/protocol-core/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/protocol-core/2.25.1, Apache-2.0, approved, #13679
 maven/mavencentral/software.amazon.awssdk/regions/2.24.10, Apache-2.0, approved, #13255
-maven/mavencentral/software.amazon.awssdk/regions/2.25.1, , restricted, clearlydefined
-maven/mavencentral/software.amazon.awssdk/s3-transfer-manager/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/regions/2.25.1, Apache-2.0, approved, #13694
+maven/mavencentral/software.amazon.awssdk/s3-transfer-manager/2.25.1, Apache-2.0, approved, #13699
 maven/mavencentral/software.amazon.awssdk/s3/2.24.10, Apache-2.0, approved, #13254
-maven/mavencentral/software.amazon.awssdk/s3/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/s3/2.25.1, Apache-2.0, approved, #13688
 maven/mavencentral/software.amazon.awssdk/sdk-core/2.24.10, Apache-2.0, approved, #13265
-maven/mavencentral/software.amazon.awssdk/sdk-core/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/sdk-core/2.25.1, Apache-2.0, approved, #13700
 maven/mavencentral/software.amazon.awssdk/sts/2.24.10, Apache-2.0, approved, #13442
 maven/mavencentral/software.amazon.awssdk/third-party-jackson-core/2.24.10, Apache-2.0, approved, #13249
-maven/mavencentral/software.amazon.awssdk/third-party-jackson-core/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/third-party-jackson-core/2.25.1, Apache-2.0, approved, #13703
 maven/mavencentral/software.amazon.awssdk/utils/2.24.10, Apache-2.0, approved, #13250
-maven/mavencentral/software.amazon.awssdk/utils/2.25.1, , restricted, clearlydefined
+maven/mavencentral/software.amazon.awssdk/utils/2.25.1, Apache-2.0, approved, #13689
 maven/mavencentral/software.amazon.eventstream/eventstream/1.0.1, Apache-2.0, approved, clearlydefined
diff --git a/core/edr-core/src/main/java/org/eclipse/tractusx/edc/edr/core/manager/EdrManagerImpl.java b/core/edr-core/src/main/java/org/eclipse/tractusx/edc/edr/core/manager/EdrManagerImpl.java
@@ -183,7 +183,6 @@ private ContractRequest createContractRequest(NegotiateEdrRequest request) {
                 .counterPartyAddress(request.getConnectorAddress())
                 .contractOffer(request.getOffer())
                 .protocol(request.getProtocol())
-                .providerId(request.getConnectorId())
                 .callbackAddresses(callbacks).build();
     }
 

diff --git a/...lipse/tractusx/edc/dataplane/tokenrefresh/core/DataPlaneTokenRefreshServiceExtension.java b/...lipse/tractusx/edc/dataplane/tokenrefresh/core/DataPlaneTokenRefreshServiceExtension.java
@@ -27,8 +27,10 @@
 import org.eclipse.edc.runtime.metamodel.annotation.Provider;
 import org.eclipse.edc.runtime.metamodel.annotation.Setting;
 import org.eclipse.edc.spi.security.PrivateKeyResolver;
+import org.eclipse.edc.spi.security.Vault;
 import org.eclipse.edc.spi.system.ServiceExtension;
 import org.eclipse.edc.spi.system.ServiceExtensionContext;
+import org.eclipse.edc.spi.types.TypeManager;
 import org.eclipse.edc.token.JwtGenerationService;
 import org.eclipse.edc.token.spi.TokenValidationService;
 import org.eclipse.tractusx.edc.dataplane.tokenrefresh.spi.DataPlaneTokenRefreshService;
@@ -57,6 +59,11 @@ public class DataPlaneTokenRefreshServiceExtension implements ServiceExtension {
     private PrivateKeyResolver privateKeyResolver;
     @Inject
     private Clock clock;
+    @Inject
+    private Vault vault;
+    @Inject
+    private TypeManager typeManager;
+
     private DataPlaneTokenRefreshServiceImpl tokenRefreshService;
 
     @Override
@@ -80,7 +87,8 @@ public DataPlaneTokenRefreshService createRefreshTokenService(ServiceExtensionCo
     private DataPlaneTokenRefreshServiceImpl getTokenRefreshService(ServiceExtensionContext context) {
         if (tokenRefreshService == null) {
             var epsilon = context.getConfig().getInteger(TOKEN_EXPIRY_TOLERANCE_SECONDS_PROPERTY, DEFAULT_TOKEN_EXPIRY_TOLERANCE_SECONDS);
-            tokenRefreshService = new DataPlaneTokenRefreshServiceImpl(clock, tokenValidationService, didPkResolver, accessTokenDataStore, new JwtGenerationService(), getPrivateKeySupplier(context), context.getMonitor(), null, epsilon);
+            tokenRefreshService = new DataPlaneTokenRefreshServiceImpl(clock, tokenValidationService, didPkResolver, accessTokenDataStore, new JwtGenerationService(), getPrivateKeySupplier(context), context.getMonitor(), null,
+                    epsilon, vault, typeManager.getMapper());
         }
         return tokenRefreshService;
     }