From 91e8575c7632286a186dbde2f86e754bf2820579 Mon Sep 17 00:00:00 2001 From: Timothy Tschampel Date: Fri, 29 Aug 2025 11:44:37 -0700 Subject: [PATCH 1/5] adding v2 auth service client --- sdk/src/main/java/io/opentdf/platform/sdk/SDK.java | 3 +++ sdk/src/main/java/io/opentdf/platform/sdk/SDKBuilder.java | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/SDK.java b/sdk/src/main/java/io/opentdf/platform/sdk/SDK.java index d1c91fcc..7cef2999 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/SDK.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/SDK.java @@ -4,6 +4,7 @@ import com.connectrpc.impl.ProtocolClient; import io.opentdf.platform.authorization.AuthorizationServiceClientInterface; +import io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface; import io.opentdf.platform.policy.attributes.AttributesServiceClientInterface; import io.opentdf.platform.policy.kasregistry.KeyAccessServerRegistryServiceClientInterface; import io.opentdf.platform.policy.namespaces.NamespaceServiceClientInterface; @@ -74,6 +75,8 @@ public interface Services extends AutoCloseable { AuthorizationServiceClientInterface authorization(); + io.opentdf.platform.authorization.v2.AuthorizationServiceClient authorizationV2(); + KeyAccessServerRegistryServiceClientInterface kasRegistry(); WellKnownServiceClientInterface wellknown(); diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/SDKBuilder.java b/sdk/src/main/java/io/opentdf/platform/sdk/SDKBuilder.java index c88b3875..698953f0 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/SDKBuilder.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/SDKBuilder.java @@ -275,6 +275,7 @@ ServicesAndInternals buildServices() { var subjectMappingService = new SubjectMappingServiceClient(client); var resourceMappingService = new ResourceMappingServiceClient(client); var authorizationService = new AuthorizationServiceClient(client); + var authorizationServiceV2 = new io.opentdf.platform.authorization.v2.AuthorizationServiceClient(client); var kasRegistryService = new KeyAccessServerRegistryServiceClient(client); var wellKnownService = new WellKnownServiceClient(client); @@ -311,6 +312,11 @@ public AuthorizationServiceClient authorization() { return authorizationService; } + @Override + public io.opentdf.platform.authorization.v2.AuthorizationServiceClient authorizationV2() { + return authorizationServiceV2; + } + @Override public KeyAccessServerRegistryServiceClient kasRegistry() { return kasRegistryService; From eb8c7ce7867aefc16021f1e20403ebc6f418140c Mon Sep 17 00:00:00 2001 From: Timothy Tschampel Date: Fri, 29 Aug 2025 12:07:55 -0700 Subject: [PATCH 2/5] wip, buf limits locally --- .../main/java/io/opentdf/platform/GetEntitlements.java | 3 +++ sdk/src/main/java/io/opentdf/platform/sdk/SDK.java | 3 +-- .../test/java/io/opentdf/platform/sdk/FakeServices.java | 8 ++++++++ .../java/io/opentdf/platform/sdk/FakeServicesBuilder.java | 8 +++++++- 4 files changed, 19 insertions(+), 3 deletions(-) diff --git a/examples/src/main/java/io/opentdf/platform/GetEntitlements.java b/examples/src/main/java/io/opentdf/platform/GetEntitlements.java index f9479577..c44211e3 100644 --- a/examples/src/main/java/io/opentdf/platform/GetEntitlements.java +++ b/examples/src/main/java/io/opentdf/platform/GetEntitlements.java @@ -4,6 +4,8 @@ import io.opentdf.platform.authorization.EntityEntitlements; import io.opentdf.platform.authorization.GetEntitlementsRequest; import io.opentdf.platform.authorization.GetEntitlementsResponse; +import io.opentdf.platform.authorization.v2.EntityIdentifier; +import io.opentdf.platform.entity.EntityChain; import io.opentdf.platform.sdk.*; import java.util.Collections; @@ -31,5 +33,6 @@ public static void main(String[] args) { List entitlements = resp.getEntitlementsList(); System.out.println(entitlements.get(0).getAttributeValueFqnsList()); + } } diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/SDK.java b/sdk/src/main/java/io/opentdf/platform/sdk/SDK.java index 7cef2999..ba1c8082 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/SDK.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/SDK.java @@ -4,7 +4,6 @@ import com.connectrpc.impl.ProtocolClient; import io.opentdf.platform.authorization.AuthorizationServiceClientInterface; -import io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface; import io.opentdf.platform.policy.attributes.AttributesServiceClientInterface; import io.opentdf.platform.policy.kasregistry.KeyAccessServerRegistryServiceClientInterface; import io.opentdf.platform.policy.namespaces.NamespaceServiceClientInterface; @@ -75,7 +74,7 @@ public interface Services extends AutoCloseable { AuthorizationServiceClientInterface authorization(); - io.opentdf.platform.authorization.v2.AuthorizationServiceClient authorizationV2(); + io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface authorizationV2(); KeyAccessServerRegistryServiceClientInterface kasRegistry(); diff --git a/sdk/src/test/java/io/opentdf/platform/sdk/FakeServices.java b/sdk/src/test/java/io/opentdf/platform/sdk/FakeServices.java index 2851b22b..019d8d16 100644 --- a/sdk/src/test/java/io/opentdf/platform/sdk/FakeServices.java +++ b/sdk/src/test/java/io/opentdf/platform/sdk/FakeServices.java @@ -13,6 +13,7 @@ public class FakeServices implements SDK.Services { private final AuthorizationServiceClientInterface authorizationService; + private final io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface authorizationServiceV2; private final AttributesServiceClientInterface attributesService; private final NamespaceServiceClientInterface namespaceService; private final SubjectMappingServiceClientInterface subjectMappingService; @@ -23,6 +24,7 @@ public class FakeServices implements SDK.Services { public FakeServices( AuthorizationServiceClientInterface authorizationService, + io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface authorizationServiceV2, AttributesServiceClientInterface attributesService, NamespaceServiceClientInterface namespaceService, SubjectMappingServiceClientInterface subjectMappingService, @@ -31,6 +33,7 @@ public FakeServices( WellKnownServiceClientInterface wellKnownServiceClient, SDK.KAS kas) { this.authorizationService = authorizationService; + this.authorizationServiceV2 = authorizationServiceV2; this.attributesService = attributesService; this.namespaceService = namespaceService; this.subjectMappingService = subjectMappingService; @@ -40,6 +43,11 @@ public FakeServices( this.kas = kas; } + @Override + public io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface authorizationV2() { + return Objects.requireNonNull(authorizationServiceV2); + } + @Override public AuthorizationServiceClientInterface authorization() { return Objects.requireNonNull(authorizationService); diff --git a/sdk/src/test/java/io/opentdf/platform/sdk/FakeServicesBuilder.java b/sdk/src/test/java/io/opentdf/platform/sdk/FakeServicesBuilder.java index 558aee3b..51f389f1 100644 --- a/sdk/src/test/java/io/opentdf/platform/sdk/FakeServicesBuilder.java +++ b/sdk/src/test/java/io/opentdf/platform/sdk/FakeServicesBuilder.java @@ -10,6 +10,7 @@ public class FakeServicesBuilder { private AuthorizationServiceClientInterface authorizationService; + private io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface authorizationServiceV2; private AttributesServiceClientInterface attributesService; private NamespaceServiceClientInterface namespaceService; private SubjectMappingServiceClientInterface subjectMappingService; @@ -23,6 +24,11 @@ public FakeServicesBuilder setAuthorizationService(AuthorizationServiceClientInt return this; } + public FakeServicesBuilder setAuthorizationServiceV2(io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface authorizationServiceV2) { + this.authorizationServiceV2 = authorizationServiceV2; + return this; + } + public FakeServicesBuilder setAttributesService(AttributesServiceClientInterface attributesService) { this.attributesService = attributesService; return this; @@ -59,7 +65,7 @@ public FakeServicesBuilder setKas(SDK.KAS kas) { } public FakeServices build() { - return new FakeServices(authorizationService, attributesService, namespaceService, subjectMappingService, + return new FakeServices(authorizationService, authorizationServiceV2, attributesService, namespaceService, subjectMappingService, resourceMappingService, keyAccessServerRegistryServiceFutureStub, wellKnownServiceClient, kas); } } \ No newline at end of file From 6af7314b3c753a33f21ff9cab34c113b49f8dc93 Mon Sep 17 00:00:00 2001 From: Timothy Tschampel Date: Fri, 29 Aug 2025 12:51:56 -0700 Subject: [PATCH 3/5] add simple test --- sdk/src/test/java/io/opentdf/platform/sdk/SDKTest.java | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/sdk/src/test/java/io/opentdf/platform/sdk/SDKTest.java b/sdk/src/test/java/io/opentdf/platform/sdk/SDKTest.java index 5b70848d..c5dda9eb 100644 --- a/sdk/src/test/java/io/opentdf/platform/sdk/SDKTest.java +++ b/sdk/src/test/java/io/opentdf/platform/sdk/SDKTest.java @@ -30,6 +30,15 @@ void testReadingProtocolClient() { assertThat(sdk.getPlatformServicesClient()).isSameAs(platformServicesClient); } + @Test + void testAuthorizationServiceClientV2() { + var platformServicesClient = mock(ProtocolClient.class); + io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface authSvcV2 = mock(io.opentdf.platform.authorization.v2.AuthorizationServiceClientInterface.class); + var fakeServiceBuilder = new FakeServicesBuilder().setAuthorizationServiceV2(authSvcV2).build(); + var sdk = new SDK(fakeServiceBuilder, null, null, platformServicesClient, null); + assertThat(sdk.getServices().authorizationV2()).isSameAs(fakeServiceBuilder.authorizationV2()); + } + @Test void testExaminingInvalidFile() { var chan = new SeekableByteChannel() { From d7fcea5028842a839de705627f49825f68536e37 Mon Sep 17 00:00:00 2001 From: Timothy Tschampel Date: Fri, 29 Aug 2025 14:36:51 -0700 Subject: [PATCH 4/5] remove changes --- .../src/main/java/io/opentdf/platform/GetEntitlements.java | 3 --- 1 file changed, 3 deletions(-) diff --git a/examples/src/main/java/io/opentdf/platform/GetEntitlements.java b/examples/src/main/java/io/opentdf/platform/GetEntitlements.java index c44211e3..f9479577 100644 --- a/examples/src/main/java/io/opentdf/platform/GetEntitlements.java +++ b/examples/src/main/java/io/opentdf/platform/GetEntitlements.java @@ -4,8 +4,6 @@ import io.opentdf.platform.authorization.EntityEntitlements; import io.opentdf.platform.authorization.GetEntitlementsRequest; import io.opentdf.platform.authorization.GetEntitlementsResponse; -import io.opentdf.platform.authorization.v2.EntityIdentifier; -import io.opentdf.platform.entity.EntityChain; import io.opentdf.platform.sdk.*; import java.util.Collections; @@ -33,6 +31,5 @@ public static void main(String[] args) { List entitlements = resp.getEntitlementsList(); System.out.println(entitlements.get(0).getAttributeValueFqnsList()); - } } From cb9acbb68dde9f4d4b6426a4471bfd745e3d3b89 Mon Sep 17 00:00:00 2001 From: Timothy Tschampel Date: Sat, 30 Aug 2025 18:36:14 -0700 Subject: [PATCH 5/5] add test --- sdk/src/test/java/io/opentdf/platform/sdk/SDKBuilderTest.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sdk/src/test/java/io/opentdf/platform/sdk/SDKBuilderTest.java b/sdk/src/test/java/io/opentdf/platform/sdk/SDKBuilderTest.java index a0a3c01a..3a07c17b 100644 --- a/sdk/src/test/java/io/opentdf/platform/sdk/SDKBuilderTest.java +++ b/sdk/src/test/java/io/opentdf/platform/sdk/SDKBuilderTest.java @@ -268,6 +268,9 @@ public ServerCall.Listener interceptCall(ServerCall