diff --git a/extensions/common/auth/auth-configuration/README.md b/extensions/common/auth/auth-configuration/README.md new file mode 100644 index 00000000000..0e8fdd85aca --- /dev/null +++ b/extensions/common/auth/auth-configuration/README.md @@ -0,0 +1,25 @@ +# Authentication Configuration + +This extension allows to secure a set of APIs grouped by a web context. It inspects +all `web.http.` and if the authentication is configured it applies the `AuthenticationRequestFilter` +to the `` with the chosen `AuthenticationService`. The chosen `AuthenticationService` is currently registered +in the `ApiAuthenticationRegistry`. This will be removed once the `ApiAuthenticationRegistry` will be refactored out. + +## Configuration + +| Key | Description | Mandatory | +|:--------------------------------|:-------------------------------------------------------------------------------------------|-----------| +| web.http..auth.type | The type of authentication to apply to the `` | | +| web.http..auth.context | Override the name of the context in the `ApiAuthenticationRegistry` instead of `` | | + +Depending on the `web.http..auth.type` chosen, additional properties might be required in order to configure +the `AuthenticationService`. + +Example of a complete configuration for a custom context with token based authentication + +```properties +web.http.custom.path=/custom +web.http.custom.port=8081 +web.http.custom.auth.type=tokenbased +web.http.custom.auth.key=apiKey +``` \ No newline at end of file diff --git a/extensions/common/auth/auth-configuration/src/main/java/org/eclipse/edc/api/auth/configuration/ApiAuthenticationConfigurationExtension.java b/extensions/common/auth/auth-configuration/src/main/java/org/eclipse/edc/api/auth/configuration/ApiAuthenticationConfigurationExtension.java index cff6b176442..7b12c2349d9 100644 --- a/extensions/common/auth/auth-configuration/src/main/java/org/eclipse/edc/api/auth/configuration/ApiAuthenticationConfigurationExtension.java +++ b/extensions/common/auth/auth-configuration/src/main/java/org/eclipse/edc/api/auth/configuration/ApiAuthenticationConfigurationExtension.java @@ -34,14 +34,13 @@ import java.util.stream.Collectors; import static org.eclipse.edc.api.auth.configuration.ApiAuthenticationConfigurationExtension.NAME; +import static org.eclipse.edc.web.spi.configuration.WebServiceConfigurer.WEB_HTTP_PREFIX; @Extension(NAME) public class ApiAuthenticationConfigurationExtension implements ServiceExtension { public static final String NAME = "Api Authentication Configuration Extension"; - public static final String WEB_HTTP_PREFIX = "web.http"; - public static final String AUTH_KEY = "auth"; public static final String CONFIG_ALIAS = WEB_HTTP_PREFIX + ".." + AUTH_KEY + "."; diff --git a/extensions/common/auth/auth-configuration/src/test/java/org/eclipse/edc/api/auth/configuration/ApiAuthenticationConfigurationExtensionTest.java b/extensions/common/auth/auth-configuration/src/test/java/org/eclipse/edc/api/auth/configuration/ApiAuthenticationConfigurationExtensionTest.java index 94bc514c797..ce433432aa7 100644 --- a/extensions/common/auth/auth-configuration/src/test/java/org/eclipse/edc/api/auth/configuration/ApiAuthenticationConfigurationExtensionTest.java +++ b/extensions/common/auth/auth-configuration/src/test/java/org/eclipse/edc/api/auth/configuration/ApiAuthenticationConfigurationExtensionTest.java @@ -31,7 +31,7 @@ import java.util.Map; import static org.assertj.core.api.Assertions.assertThatThrownBy; -import static org.eclipse.edc.api.auth.configuration.ApiAuthenticationConfigurationExtension.WEB_HTTP_PREFIX; +import static org.eclipse.edc.web.spi.configuration.WebServiceConfigurer.WEB_HTTP_PREFIX; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.Mockito.mock; diff --git a/extensions/common/auth/auth-delegated/src/main/java/org/eclipse/edc/api/auth/delegated/DelegatedAuthenticationExtension.java b/extensions/common/auth/auth-delegated/src/main/java/org/eclipse/edc/api/auth/delegated/DelegatedAuthenticationExtension.java index 740bcab566a..901c62708c6 100644 --- a/extensions/common/auth/auth-delegated/src/main/java/org/eclipse/edc/api/auth/delegated/DelegatedAuthenticationExtension.java +++ b/extensions/common/auth/auth-delegated/src/main/java/org/eclipse/edc/api/auth/delegated/DelegatedAuthenticationExtension.java @@ -36,6 +36,7 @@ import static com.nimbusds.jose.jwk.source.JWKSourceBuilder.DEFAULT_CACHE_TIME_TO_LIVE; import static org.eclipse.edc.api.auth.delegated.DelegatedAuthenticationService.MANAGEMENT_API_CONTEXT; +import static org.eclipse.edc.web.spi.configuration.WebServiceConfigurer.WEB_HTTP_PREFIX; /** * Extension that registers an AuthenticationService that delegates authentication and authorization to a third-party IdP @@ -52,7 +53,6 @@ public class DelegatedAuthenticationExtension implements ServiceExtension { @Deprecated(since = "0.7.1") @Setting(value = "URL where the third-party IdP's public key(s) can be resolved") public static final String AUTH_SETTING_KEY_URL = "edc.api.auth.dac.key.url"; - public static final String WEB_HTTP_PREFIX = "web.http"; public static final String AUTH_KEY = "auth"; public static final String CONFIG_ALIAS = WEB_HTTP_PREFIX + ".." + AUTH_KEY + "."; @Setting(context = CONFIG_ALIAS, value = "URL where the third-party IdP's public key(s) can be resolved for the configured ") diff --git a/extensions/common/auth/auth-tokenbased/src/main/java/org/eclipse/edc/api/auth/token/TokenBasedAuthenticationExtension.java b/extensions/common/auth/auth-tokenbased/src/main/java/org/eclipse/edc/api/auth/token/TokenBasedAuthenticationExtension.java index dbb0d5727d9..fe9f004b3d3 100644 --- a/extensions/common/auth/auth-tokenbased/src/main/java/org/eclipse/edc/api/auth/token/TokenBasedAuthenticationExtension.java +++ b/extensions/common/auth/auth-tokenbased/src/main/java/org/eclipse/edc/api/auth/token/TokenBasedAuthenticationExtension.java @@ -32,6 +32,8 @@ import java.util.Optional; import java.util.UUID; +import static org.eclipse.edc.web.spi.configuration.WebServiceConfigurer.WEB_HTTP_PREFIX; + /** * Extension that registers an AuthenticationService that uses API Keys and register * an {@link ApiAuthenticationProvider} under the type called tokenbased @@ -40,7 +42,6 @@ public class TokenBasedAuthenticationExtension implements ServiceExtension { public static final String NAME = "Static token API Authentication"; - public static final String WEB_HTTP_PREFIX = "web.http"; public static final String AUTH_KEY = "auth"; public static final String CONFIG_ALIAS = WEB_HTTP_PREFIX + ".." + AUTH_KEY + "."; diff --git a/extensions/common/http/jetty-core/src/main/java/org/eclipse/edc/web/jetty/JettyConfiguration.java b/extensions/common/http/jetty-core/src/main/java/org/eclipse/edc/web/jetty/JettyConfiguration.java index fcd853c5b58..ca4c7541419 100644 --- a/extensions/common/http/jetty-core/src/main/java/org/eclipse/edc/web/jetty/JettyConfiguration.java +++ b/extensions/common/http/jetty-core/src/main/java/org/eclipse/edc/web/jetty/JettyConfiguration.java @@ -23,9 +23,10 @@ import java.util.Set; import java.util.stream.Collectors; +import static org.eclipse.edc.web.spi.configuration.WebServiceConfigurer.WEB_HTTP_PREFIX; + public class JettyConfiguration { - public static final String WEB_HTTP_PREFIX = "web.http"; public static final String DEFAULT_PATH = "/api"; public static final String DEFAULT_CONTEXT_NAME = "default"; public static final int DEFAULT_PORT = 8181; diff --git a/spi/common/web-spi/src/main/java/org/eclipse/edc/web/spi/configuration/WebServiceConfigurer.java b/spi/common/web-spi/src/main/java/org/eclipse/edc/web/spi/configuration/WebServiceConfigurer.java index e5f36e78b31..13360625653 100644 --- a/spi/common/web-spi/src/main/java/org/eclipse/edc/web/spi/configuration/WebServiceConfigurer.java +++ b/spi/common/web-spi/src/main/java/org/eclipse/edc/web/spi/configuration/WebServiceConfigurer.java @@ -25,12 +25,14 @@ @ExtensionPoint public interface WebServiceConfigurer { + String WEB_HTTP_PREFIX = "web.http"; + /** * Build the configuration for an API * - * @param config The context configuration + * @param config The context configuration * @param webServer The WebServer - * @param settings WebService settings + * @param settings WebService settings * @return The final webservice configuration */ WebServiceConfiguration configure(Config config, WebServer webServer, WebServiceSettings settings);