diff --git a/DEPENDENCIES b/DEPENDENCIES index c860760a0..d3545f643 100644 --- a/DEPENDENCIES +++ b/DEPENDENCIES @@ -11,16 +11,16 @@ maven/mavencentral/com.azure/azure-core-http-netty/1.14.2, MIT AND Apache-2.0, a maven/mavencentral/com.azure/azure-core/1.45.1, MIT AND Apache-2.0, approved, #11845 maven/mavencentral/com.azure/azure-core/1.46.0, MIT AND Apache-2.0, approved, #13234 maven/mavencentral/com.azure/azure-core/1.47.0, MIT AND Apache-2.0, approved, #13678 -maven/mavencentral/com.azure/azure-core/1.48.0, , restricted, clearlydefined +maven/mavencentral/com.azure/azure-core/1.48.0, MIT AND Apache-2.0, approved, #14409 maven/mavencentral/com.azure/azure-identity/1.11.2, MIT AND Apache-2.0, approved, #13237 -maven/mavencentral/com.azure/azure-identity/1.12.0, , restricted, clearlydefined +maven/mavencentral/com.azure/azure-identity/1.12.0, MIT AND Apache-2.0, approved, #14412 maven/mavencentral/com.azure/azure-json/1.1.0, MIT AND Apache-2.0, approved, #10547 maven/mavencentral/com.azure/azure-security-keyvault-secrets/4.7.3, MIT, approved, #10868 maven/mavencentral/com.azure/azure-security-keyvault-secrets/4.8.1, MIT, approved, #13690 maven/mavencentral/com.azure/azure-storage-blob/12.25.2, MIT, approved, #13400 maven/mavencentral/com.azure/azure-storage-common/12.24.2, MIT, approved, #13402 maven/mavencentral/com.azure/azure-storage-internal-avro/12.10.2, MIT, approved, #13399 -maven/mavencentral/com.azure/azure-xml/1.0.0, , restricted, clearlydefined +maven/mavencentral/com.azure/azure-xml/1.0.0, MIT, approved, #14410 maven/mavencentral/com.ethlo.time/itu/1.7.0, Apache-2.0, approved, clearlydefined maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.10.3, Apache-2.0, approved, CQ21280 maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.13.5, Apache-2.0, approved, clearlydefined @@ -103,7 +103,7 @@ maven/mavencentral/com.jayway.jsonpath/json-path/2.7.0, Apache-2.0, approved, cl maven/mavencentral/com.jcraft/jzlib/1.1.3, BSD-2-Clause, approved, CQ6218 maven/mavencentral/com.lmax/disruptor/3.4.4, Apache-2.0, approved, clearlydefined maven/mavencentral/com.microsoft.azure/msal4j-persistence-extension/1.2.0, MIT, approved, clearlydefined -maven/mavencentral/com.microsoft.azure/msal4j-persistence-extension/1.3.0, , restricted, clearlydefined +maven/mavencentral/com.microsoft.azure/msal4j-persistence-extension/1.3.0, MIT, approved, #14411 maven/mavencentral/com.microsoft.azure/msal4j/1.14.0, MIT, approved, #14159 maven/mavencentral/com.microsoft.azure/msal4j/1.15.0, MIT, approved, clearlydefined maven/mavencentral/com.microsoft.azure/msal4j/1.4.0, MIT, approved, clearlydefined diff --git a/edc-tests/edc-controlplane/iatp-tests/src/test/java/org/eclipse/tractusx/edc/tests/transfer/AbstractIatpConsumerPullTest.java b/edc-tests/edc-controlplane/iatp-tests/src/test/java/org/eclipse/tractusx/edc/tests/transfer/AbstractIatpConsumerPullTest.java index 0d65bb858..047ecaddf 100644 --- a/edc-tests/edc-controlplane/iatp-tests/src/test/java/org/eclipse/tractusx/edc/tests/transfer/AbstractIatpConsumerPullTest.java +++ b/edc-tests/edc-controlplane/iatp-tests/src/test/java/org/eclipse/tractusx/edc/tests/transfer/AbstractIatpConsumerPullTest.java @@ -293,14 +293,14 @@ void catalogRequest_whenCredentialRevoked() { .add("statusListCredential", "http://localhost:%d/status/list/7".formatted(port)) .build()); - var newVcString = DATASPACE_ISSUER_PARTICIPANT.createLdpVc(jsonLd, newRawVc.build()); + var newVcString = DATASPACE_ISSUER_PARTICIPANT.createJwtVc(newRawVc.build(), did); store.update(VerifiableCredentialResource.Builder.newInstance() .id(existingCred.getId()) .issuerId(DATASPACE_ISSUER_PARTICIPANT.didUrl()) .participantId(did) .holderId(bpn) - .credential(new VerifiableCredentialContainer(newVcString, CredentialFormat.JSON_LD, newCred)) + .credential(new VerifiableCredentialContainer(newVcString, CredentialFormat.JWT, newCred)) .build()) .orElseThrow(f -> new RuntimeException(f.getFailureDetail())); diff --git a/edc-tests/edc-controlplane/iatp-tests/src/test/java/org/eclipse/tractusx/edc/tests/transfer/iatp/harness/DataspaceIssuer.java b/edc-tests/edc-controlplane/iatp-tests/src/test/java/org/eclipse/tractusx/edc/tests/transfer/iatp/harness/DataspaceIssuer.java index d9e645529..d4e980a1e 100644 --- a/edc-tests/edc-controlplane/iatp-tests/src/test/java/org/eclipse/tractusx/edc/tests/transfer/iatp/harness/DataspaceIssuer.java +++ b/edc-tests/edc-controlplane/iatp-tests/src/test/java/org/eclipse/tractusx/edc/tests/transfer/iatp/harness/DataspaceIssuer.java @@ -20,8 +20,16 @@ package org.eclipse.tractusx.edc.tests.transfer.iatp.harness; import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.ObjectMapper; +import com.nimbusds.jose.JOSEException; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.JWSHeader; +import com.nimbusds.jose.crypto.ECDSASigner; +import com.nimbusds.jose.jwk.ECKey; import com.nimbusds.jose.jwk.JWK; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; import jakarta.json.Json; import jakarta.json.JsonObject; import org.eclipse.edc.iam.did.spi.document.DidDocument; @@ -42,6 +50,8 @@ import java.time.Instant; import java.util.List; import java.util.Map; +import java.util.Objects; +import java.util.UUID; import java.util.function.Supplier; import static org.eclipse.edc.jsonld.util.JacksonJsonLd.createObjectMapper; @@ -86,12 +96,12 @@ public VerifiableCredentialResource issueCredential(String did, String bpn, Json .build(); var vcJson = createVc(didUrl(), type, subjectSupplier); - var rawVc = createLdpVc(jsonLd, vcJson); + var rawVc = createJwtVc(vcJson, did); return VerifiableCredentialResource.Builder.newInstance() .issuerId(didUrl()) .participantId(did) .holderId(bpn) - .credential(new VerifiableCredentialContainer(rawVc, CredentialFormat.JSON_LD, credential)) + .credential(new VerifiableCredentialContainer(rawVc, CredentialFormat.JWT, credential)) .build(); } @@ -154,6 +164,43 @@ public String createLdpVc(JsonLd jsonLd, JsonObject verifiableCredential) { } } + public String createJwtVc(JsonObject verifiableCredential, String participantDid) { + + try { + var vc = MAPPER.readValue(verifiableCredential.toString(), new TypeReference>() { + }); + var key = getKeyPairAsJwk(); + return signJwt(key.toECKey(), didUrl(), participantDid, "", Map.of("vc", vc)); + + } catch (JsonProcessingException e) { + throw new RuntimeException(e); + } + + } + + private String signJwt(ECKey privateKey, String issuerId, String subject, String audience, Map claims) { + try { + var signer = new ECDSASigner(privateKey.toECPrivateKey()); + var now = java.sql.Date.from(Instant.now()); + var claimsSet = new JWTClaimsSet.Builder() + .issuer(issuerId) + .subject(subject) + .issueTime(now) + .audience(audience) + .notBeforeTime(now) + .claim("jti", UUID.randomUUID().toString()) + .expirationTime(java.sql.Date.from(Instant.now().plusSeconds(300L))); + + Objects.requireNonNull(claimsSet); + claims.forEach(claimsSet::claim); + var signedJwt = new SignedJWT((new JWSHeader.Builder(JWSAlgorithm.ES256)).keyID(privateKey.getKeyID()).build(), claimsSet.build()); + signedJwt.sign(signer); + return signedJwt.serialize(); + } catch (JOSEException e) { + throw new RuntimeException(e); + } + } + private com.apicatalog.ld.signature.key.KeyPair createKeyPair(JWK jwk, String id) { var type = URI.create("https://w3id.org/security#JsonWebKey2020"); return new JwkMethod(URI.create(id), type, null, jwk);