From 718b4c78318aa17d1a549f0b42c2356499bb66ac Mon Sep 17 00:00:00 2001 From: ds-mkanal <100209308+mkanal@users.noreply.github.com> Date: Tue, 7 Nov 2023 15:21:32 +0100 Subject: [PATCH 1/6] Remove Scope from PolicyStoreController.java --- .../irs/policystore/controllers/PolicyStoreController.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/irs-policy-store/src/main/java/org/eclipse/tractusx/irs/policystore/controllers/PolicyStoreController.java b/irs-policy-store/src/main/java/org/eclipse/tractusx/irs/policystore/controllers/PolicyStoreController.java index 5f3069a397..f122a6831e 100644 --- a/irs-policy-store/src/main/java/org/eclipse/tractusx/irs/policystore/controllers/PolicyStoreController.java +++ b/irs-policy-store/src/main/java/org/eclipse/tractusx/irs/policystore/controllers/PolicyStoreController.java @@ -74,7 +74,7 @@ public class PolicyStoreController { @Operation(operationId = "registerAllowedPolicy", summary = "Register a policy that should be accepted in EDC negotiation.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }, description = "Register a policy that should be accepted in EDC negotiation.") @ApiResponses(value = { @ApiResponse(responseCode = "201"), From ef33d325f8685f7b726d195df36d6a91bbec06b0 Mon Sep 17 00:00:00 2001 From: ds-mkanal <100209308+mkanal@users.noreply.github.com> Date: Tue, 7 Nov 2023 15:24:22 +0100 Subject: [PATCH 2/6] Update PolicyStoreController.java --- .../irs/policystore/controllers/PolicyStoreController.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/irs-policy-store/src/main/java/org/eclipse/tractusx/irs/policystore/controllers/PolicyStoreController.java b/irs-policy-store/src/main/java/org/eclipse/tractusx/irs/policystore/controllers/PolicyStoreController.java index f122a6831e..efad6f94d8 100644 --- a/irs-policy-store/src/main/java/org/eclipse/tractusx/irs/policystore/controllers/PolicyStoreController.java +++ b/irs-policy-store/src/main/java/org/eclipse/tractusx/irs/policystore/controllers/PolicyStoreController.java @@ -106,7 +106,7 @@ public void registerAllowedPolicy(final @Valid @RequestBody CreatePolicyRequest @Operation(operationId = "getAllowedPolicies", summary = "Lists the registered policies that should be accepted in EDC negotiation.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }, description = "Lists the registered policies that should be accepted in EDC negotiation.") @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Returns the policies.", @@ -135,7 +135,7 @@ public List getPolicies() { @Operation(operationId = "deleteAllowedPolicy", summary = "Removes a policy that should no longer be accepted in EDC negotiation.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }, description = "Removes a policy that should no longer be accepted in EDC negotiation.") @ApiResponses(value = { @ApiResponse(responseCode = "200"), @@ -166,7 +166,7 @@ public void deleteAllowedPolicy(@PathVariable("policyId") final String policyId) } @Operation(operationId = "updateAllowedPolicy", summary = "Updates an existing policy with new validUntil value.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }, description = "Updates an existing policy with new validUntil value.") @ApiResponses(value = { @ApiResponse(responseCode = "200"), From 9370d33c7fa58e62c3717a5f308c2d8a6c509f1b Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 8 Nov 2023 11:27:11 +0100 Subject: [PATCH 3/6] chore(controller):[#] remove scope "profile email" --- .../irs/configuration/OpenApiConfiguration.java | 6 ++---- .../tractusx/irs/controllers/BatchController.java | 10 +++++----- .../tractusx/irs/controllers/IrsController.java | 10 +++++----- .../tractusx/irs/ess/controller/EssController.java | 4 ++-- 4 files changed, 14 insertions(+), 16 deletions(-) diff --git a/irs-api/src/main/java/org/eclipse/tractusx/irs/configuration/OpenApiConfiguration.java b/irs-api/src/main/java/org/eclipse/tractusx/irs/configuration/OpenApiConfiguration.java index 14eac06c63..a9c227ef9a 100644 --- a/irs-api/src/main/java/org/eclipse/tractusx/irs/configuration/OpenApiConfiguration.java +++ b/irs-api/src/main/java/org/eclipse/tractusx/irs/configuration/OpenApiConfiguration.java @@ -59,7 +59,7 @@ public class OpenApiConfiguration { @Bean public OpenAPI customOpenAPI() { return new OpenAPI().addServersItem(new Server().url(irsConfiguration.getApiUrl().toString())) - .addSecurityItem(new SecurityRequirement().addList("oAuth2", "profile email")) + .addSecurityItem(new SecurityRequirement().addList("oAuth2")) .info(new Info().title("IRS API") .version(IrsApplication.API_VERSION) .description( @@ -79,9 +79,7 @@ public OpenApiCustomizer customizer( final Components components = openApi.getComponents(); components.addSecuritySchemes("oAuth2", new SecurityScheme().type(SecurityScheme.Type.OAUTH2) .flows(new OAuthFlows().clientCredentials( - new OAuthFlow().scopes( - new Scopes().addString( - "profile email", "")) + new OAuthFlow() .tokenUrl(tokenUri)))); openApi.getComponents().getSchemas().values().forEach(s -> s.setAdditionalProperties(false)); new OpenApiExamples().createExamples(components); diff --git a/irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/BatchController.java b/irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/BatchController.java index d1a3ebc20c..f638ac0bcb 100644 --- a/irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/BatchController.java +++ b/irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/BatchController.java @@ -84,7 +84,7 @@ public class BatchController { @Operation(operationId = "registerOrder", summary = "Registers an IRS order with an array of {globalAssetIds}. " + "Each globalAssetId will be processed in an IRS Job, grouped in batches.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }, description = "Registers an IRS order with an array of {globalAssetIds}. " + "Each globalAssetId will be processed in an IRS Job, grouped in batches.") @@ -124,7 +124,7 @@ public BatchOrderCreated registerBatchOrder(final @Valid @RequestBody RegisterBa @Operation(operationId = "registerESSInvestigationOrder", summary = "Registers an order for an ESS investigation with an array of {globalAssetIds}. Each globalAssetId will be processed in an separate job, grouped in batches.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Environmental and Social Standards" }, description = "Registers an order for an ESS investigation with an array of {globalAssetIds}. Each globalAssetId will be processed in an separate job, grouped in batches.") @ApiResponses(value = { @ApiResponse(responseCode = "201", description = "Returns orderId of registered Batch order.", @@ -164,7 +164,7 @@ public BatchOrderCreated registerESSInvestigationOrder(final @Valid @RequestBody @Operation(description = "Get a batch order for a given orderId.", operationId = "getBatchOrder", summary = "Get a batch order for a given orderId.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Get a batch order for a given orderId.", @@ -210,7 +210,7 @@ public BatchOrderResponse getBatchOrder( @Operation(description = "Get a batch with a given batchId for a given orderId.", operationId = "getBatch", summary = "Get a batch with a given batchId for a given orderId.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Get a batch with a given batchId for a given orderId.", @@ -259,7 +259,7 @@ public BatchResponse getBatch( @Operation(description = "Cancel a batch order for a given orderId.", operationId = "cancelBatchOrder", summary = "Cancel a batch order for a given orderId.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Cancel a batch order for a given orderId.", diff --git a/irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/IrsController.java b/irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/IrsController.java index 129b733c30..4c89914ed7 100644 --- a/irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/IrsController.java +++ b/irs-api/src/main/java/org/eclipse/tractusx/irs/controllers/IrsController.java @@ -95,7 +95,7 @@ public class IrsController { @Operation(operationId = "registerJobForGlobalAssetId", summary = "Register an IRS job to retrieve an item graph for given {globalAssetId}.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }, description = "Register an IRS job to retrieve an item graph for given {globalAssetId}.") @ApiResponses(value = { @ApiResponse(responseCode = "201", description = "Returns id of registered job.", @@ -135,7 +135,7 @@ public JobHandle registerJobForGlobalAssetId(final @Valid @RequestBody RegisterJ @Operation(description = "Return job with optional item graph result for requested id.", operationId = "getJobForJobId", summary = "Return job with optional item graph result for requested id.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Return job with item graph for the requested id.", @@ -192,7 +192,7 @@ public Jobs getJobById( @Operation(description = "Cancel job for requested jobId.", operationId = "cancelJobByJobId", summary = "Cancel job for requested jobId.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Job with requested jobId canceled.", content = { @Content(mediaType = APPLICATION_JSON_VALUE, @@ -238,7 +238,7 @@ public Job cancelJobByJobId( @Operation(description = "Returns paginated jobs with state and execution times.", operationId = "getJobsByJobStates", summary = "Returns paginated jobs with state and execution times.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Item Relationship Service" }) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Paginated list of jobs with state and execution times for requested job states.", @@ -281,7 +281,7 @@ public PageResult getJobsByState( @Operation(operationId = "getAllAspectModels", summary = "Get all available aspect models from semantic hub or local models.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), tags = { "Aspect Models" }, + security = @SecurityRequirement(name = "oAuth2"), tags = { "Aspect Models" }, description = "Get all available aspect models from semantic hub or local models.") @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Returns all available aspect models.", content = { @Content(mediaType = APPLICATION_JSON_VALUE, diff --git a/irs-api/src/main/java/org/eclipse/tractusx/irs/ess/controller/EssController.java b/irs-api/src/main/java/org/eclipse/tractusx/irs/ess/controller/EssController.java index 9c33044fb8..2ba3374983 100644 --- a/irs-api/src/main/java/org/eclipse/tractusx/irs/ess/controller/EssController.java +++ b/irs-api/src/main/java/org/eclipse/tractusx/irs/ess/controller/EssController.java @@ -77,7 +77,7 @@ class EssController { @Operation(operationId = "registerBPNInvestigation", summary = "Registers an IRS job to start an investigation if a given bpn is contained in a part chain of a given globalAssetId.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Environmental and Social Standards" }, description = "Registers an IRS job to start an investigation if a given bpn is contained in a part chain of a given globalAssetId.") @ApiResponses(value = { @ApiResponse(responseCode = "201", description = "Returns id of registered job.", @@ -116,7 +116,7 @@ public JobHandle registerBPNInvestigation(final @Valid @RequestBody RegisterBpnI @Operation(description = "Return job with additional supplyChainImpacted information.", operationId = "getBPNInvestigation", summary = "Return job with additional supplyChainImpacted information.", - security = @SecurityRequirement(name = "oAuth2", scopes = "profile email"), + security = @SecurityRequirement(name = "oAuth2"), tags = { "Environmental and Social Standards" }) @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Return job with item graph for the requested id.", From 9858e700c1be4b9e184b46b70c1b0a870069055b Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 8 Nov 2023 14:05:40 +0100 Subject: [PATCH 4/6] fix(controller):[#] add empty scope --- .../tractusx/irs/configuration/OpenApiConfiguration.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/irs-api/src/main/java/org/eclipse/tractusx/irs/configuration/OpenApiConfiguration.java b/irs-api/src/main/java/org/eclipse/tractusx/irs/configuration/OpenApiConfiguration.java index a9c227ef9a..1541e01352 100644 --- a/irs-api/src/main/java/org/eclipse/tractusx/irs/configuration/OpenApiConfiguration.java +++ b/irs-api/src/main/java/org/eclipse/tractusx/irs/configuration/OpenApiConfiguration.java @@ -79,7 +79,8 @@ public OpenApiCustomizer customizer( final Components components = openApi.getComponents(); components.addSecuritySchemes("oAuth2", new SecurityScheme().type(SecurityScheme.Type.OAUTH2) .flows(new OAuthFlows().clientCredentials( - new OAuthFlow() + new OAuthFlow().scopes( + new Scopes()) .tokenUrl(tokenUri)))); openApi.getComponents().getSchemas().values().forEach(s -> s.setAdditionalProperties(false)); new OpenApiExamples().createExamples(components); From c2e963bff6fc40a95b2f41b1c05ba10248e52c29 Mon Sep 17 00:00:00 2001 From: mk Date: Wed, 8 Nov 2023 14:23:09 +0100 Subject: [PATCH 5/6] fix(api):[#] add array to oAuth2 --- docs/src/api/irs-api.yaml | 52 +++++++++++++-------------------------- 1 file changed, 17 insertions(+), 35 deletions(-) diff --git a/docs/src/api/irs-api.yaml b/docs/src/api/irs-api.yaml index 388c7b345d..83f49e5273 100644 --- a/docs/src/api/irs-api.yaml +++ b/docs/src/api/irs-api.yaml @@ -7,8 +7,7 @@ info: servers: - url: http://localhost:8080 security: - - oAuth2: - - profile email + - oAuth2: [] paths: /ess/bpn/investigations: post: @@ -59,8 +58,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2: [] summary: Registers an IRS job to start an investigation if a given bpn is contained in a part chain of a given globalAssetId. tags: @@ -125,8 +123,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Job with the requested jobId not found. security: - - oAuth2: - - profile email + - oAuth2: [] summary: Return job with additional supplyChainImpacted information. tags: - Environmental and Social Standards @@ -205,8 +202,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2: [] summary: "Registers an order for an ESS investigation with an array of {globalAssetIds}. Each globalAssetId will be processed in an separate job, grouped in batches." tags: @@ -296,8 +292,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2: [] summary: Returns paginated jobs with state and execution times. tags: - Item Relationship Service @@ -348,8 +343,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2: [] summary: "Register an IRS job to retrieve an item graph for given {globalAssetId}." tags: - Item Relationship Service @@ -433,8 +427,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Job with the requested jobId not found. security: - - oAuth2: - - profile email + - oAuth2: [] summary: Return job with optional item graph result for requested id. tags: - Item Relationship Service @@ -499,8 +492,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Job for requested jobId not found. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Cancel job for requested jobId. tags: - Item Relationship Service @@ -537,8 +529,7 @@ paths: $ref: "#/components/schemas/ErrorResponse" description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Get all available aspect models from semantic hub or local models. tags: - Aspect Models @@ -591,8 +582,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2:[] summary: "Registers an IRS order with an array of {globalAssetIds}.\ \ Each globalAssetId will be processed in an IRS Job, grouped in batches." tags: @@ -659,8 +649,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Batch Order with the requested orderId not found. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Get a batch order for a given orderId. tags: - Item Relationship Service @@ -725,8 +714,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Batch Order with the requested orderId not found. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Cancel a batch order for a given orderId. tags: - Item Relationship Service @@ -802,8 +790,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Batch with the requested orderId and batchId not found. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Get a batch with a given batchId for a given orderId. tags: - Item Relationship Service @@ -839,8 +826,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Lists the registered policies that should be accepted in EDC negotiation. tags: - Item Relationship Service @@ -884,8 +870,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Register a policy that should be accepted in EDC negotiation. tags: - Item Relationship Service @@ -930,8 +915,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Removes a policy that should no longer be accepted in EDC negotiation. tags: - Item Relationship Service @@ -981,8 +965,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2: - - profile email + - oAuth2:[] summary: Updates an existing policy with new validUntil value. tags: - Item Relationship Service @@ -2635,6 +2618,5 @@ components: flows: clientCredentials: scopes: - profile email: "" tokenUrl: https://localhost type: oauth2 \ No newline at end of file From 895b316eb2b1292bf547f04654f64145711895e6 Mon Sep 17 00:00:00 2001 From: "Krzysztof Massalski (Extern)" Date: Tue, 14 Nov 2023 14:36:19 +0100 Subject: [PATCH 6/6] feat(impl):[TRI-270] fix build and tests --- docs/src/api/irs-api.yaml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/docs/src/api/irs-api.yaml b/docs/src/api/irs-api.yaml index 83f49e5273..1b620bfa35 100644 --- a/docs/src/api/irs-api.yaml +++ b/docs/src/api/irs-api.yaml @@ -492,7 +492,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Job for requested jobId not found. security: - - oAuth2:[] + - oAuth2: [] summary: Cancel job for requested jobId. tags: - Item Relationship Service @@ -529,7 +529,7 @@ paths: $ref: "#/components/schemas/ErrorResponse" description: Authorization refused by server. security: - - oAuth2:[] + - oAuth2: [] summary: Get all available aspect models from semantic hub or local models. tags: - Aspect Models @@ -582,7 +582,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2:[] + - oAuth2: [] summary: "Registers an IRS order with an array of {globalAssetIds}.\ \ Each globalAssetId will be processed in an IRS Job, grouped in batches." tags: @@ -649,7 +649,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Batch Order with the requested orderId not found. security: - - oAuth2:[] + - oAuth2: [] summary: Get a batch order for a given orderId. tags: - Item Relationship Service @@ -714,7 +714,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Batch Order with the requested orderId not found. security: - - oAuth2:[] + - oAuth2: [] summary: Cancel a batch order for a given orderId. tags: - Item Relationship Service @@ -790,7 +790,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Batch with the requested orderId and batchId not found. security: - - oAuth2:[] + - oAuth2: [] summary: Get a batch with a given batchId for a given orderId. tags: - Item Relationship Service @@ -826,7 +826,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2:[] + - oAuth2: [] summary: Lists the registered policies that should be accepted in EDC negotiation. tags: - Item Relationship Service @@ -870,7 +870,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2:[] + - oAuth2: [] summary: Register a policy that should be accepted in EDC negotiation. tags: - Item Relationship Service @@ -915,7 +915,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2:[] + - oAuth2: [] summary: Removes a policy that should no longer be accepted in EDC negotiation. tags: - Item Relationship Service @@ -965,7 +965,7 @@ paths: $ref: '#/components/schemas/ErrorResponse' description: Authorization refused by server. security: - - oAuth2:[] + - oAuth2: [] summary: Updates an existing policy with new validUntil value. tags: - Item Relationship Service @@ -2618,5 +2618,6 @@ components: flows: clientCredentials: scopes: + {} tokenUrl: https://localhost type: oauth2 \ No newline at end of file