Skip to content

feat: enable participant context in the DCP identity service #5298

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
wolf4ood merged 1 commit into from
Oct 29, 2025
Merged

feat: enable participant context in the DCP identity service #5298

wolf4ood merged 1 commit into from
Oct 29, 2025

Conversation

@wolf4ood
Copy link
Contributor

@wolf4ood wolf4ood commented Oct 28, 2025
edited
Loading

What this PR changes/adds

enable participant context in the DCP identity service:

  • The setting edc.iam.issuer.id is not loaded at boot time but derived from ParticipantContextConfig when needed at runtime.
  • The TokenValidationAction have been changed to receive the participantContextId in input
  • The AudienceValidationRule has been moved into SelfIssueIdTokenValidationAction as runtime check using the above mechanism.
  • The VerifiableCredentialValidationService and PresentationVerifier have been changed to receive in input the audience when checking the VP.

Why it does that

Briefly state why the change was necessary.

Further notes

Breaking change only at SPI layer

Who will sponsor this feature?

Please @-mention the committer that will sponsor your feature.

Linked Issue(s)

Closes #5295

Please be sure to take a look at the contributing guidelines and our etiquette for pull requests.

@wolf4ood wolf4ood force-pushed the feat/5295_dcp_identity_participant_context branch 3 times, most recently from be9ea1c to 7b85ff9 Compare October 28, 2025 11:44
@wolf4ood wolf4ood added the enhancement New feature or request label Oct 28, 2025
@wolf4ood wolf4ood force-pushed the feat/5295_dcp_identity_participant_context branch from 7b85ff9 to cce0d40 Compare October 28, 2025 12:06
@wolf4ood wolf4ood changed the title feat: enable participant context in the DCP indentity service feat: enable participant context in the DCP identity service Oct 28, 2025
@wolf4ood wolf4ood added the breaking-change Will require manual intervention for version update label Oct 28, 2025
@wolf4ood wolf4ood marked this pull request as ready for review October 28, 2025 13:13
@wolf4ood wolf4ood requested a review from a team as a code owner October 28, 2025 13:13
paullatzelsperger
paullatzelsperger reviewed Oct 29, 2025
View reviewed changes
...ust-core/src/main/java/org/eclipse/edc/iam/identitytrust/core/IdentityAndTrustExtension.java
public static final String JSON_2020_SIGNATURE_SUITE = "JsonWebSignature2020";
public static final long DEFAULT_CLEANUP_PERIOD_SECONDS = 60;
@Setting(description = "DID of the participant")
private static final String ISSUER_ID_KEY = "edc.iam.issuer.id";
Copy link
Member

@paullatzelsperger paullatzelsperger Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'm wondering if issuer is the correct term, considering we now have an IssuerService and that might get a bit confusing....

Maybe we could deprecate this, and add something like edc.iam.connector.did or something?

Copy link
Contributor Author

@wolf4ood wolf4ood Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah it's not super clear, also it could make sense to use the edc.participant.id to have a single setting for the id

Copy link
Contributor Author

@wolf4ood wolf4ood Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In case i would defer this in a separated PR wdyt?

Copy link
Member

@paullatzelsperger paullatzelsperger Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yep sure

@wolf4ood wolf4ood merged commit 0618fac into eclipse-edc:main Oct 29, 2025
31 of 32 checks passed
@wolf4ood wolf4ood mentioned this pull request Oct 29, 2025
Open
@wolf4ood wolf4ood deleted the feat/5295_dcp_identity_participant_context branch October 29, 2025 13:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@paullatzelsperger paullatzelsperger paullatzelsperger approved these changes

Assignees

No one assigned

Labels

breaking-change Will require manual intervention for version update enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Dcp Identity service: support for multiple participant context

2 participants

@wolf4ood @paullatzelsperger