chore: remove super-user creation

eclipse-edc · Feb 15, 2024 · 1f58f87 · 1f58f87
1 parent 65332e9
commit 1f58f87
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 194 deletions.
diff --git a/...va/org/eclipse/edc/identityhub/api/configuration/ManagementApiConfigurationExtension.java b/...va/org/eclipse/edc/identityhub/api/configuration/ManagementApiConfigurationExtension.java
@@ -18,15 +18,10 @@
 import org.eclipse.edc.identityhub.spi.AuthorizationService;
 import org.eclipse.edc.identityhub.spi.ManagementApiConfiguration;
 import org.eclipse.edc.identityhub.spi.ParticipantContextService;
-import org.eclipse.edc.identityhub.spi.authentication.ServicePrincipal;
 import org.eclipse.edc.identityhub.spi.model.ParticipantResource;
-import org.eclipse.edc.identityhub.spi.model.participant.KeyDescriptor;
-import org.eclipse.edc.identityhub.spi.model.participant.ParticipantManifest;
 import org.eclipse.edc.runtime.metamodel.annotation.Extension;
 import org.eclipse.edc.runtime.metamodel.annotation.Inject;
 import org.eclipse.edc.runtime.metamodel.annotation.Provider;
-import org.eclipse.edc.runtime.metamodel.annotation.Setting;
-import org.eclipse.edc.spi.EdcException;
 import org.eclipse.edc.spi.result.ServiceResult;
 import org.eclipse.edc.spi.security.Vault;
 import org.eclipse.edc.spi.system.ServiceExtension;
@@ -36,20 +31,15 @@
 import org.eclipse.edc.web.spi.configuration.WebServiceConfigurer;
 import org.eclipse.edc.web.spi.configuration.WebServiceSettings;
 
-import java.util.List;
-import java.util.Map;
 import java.util.function.Function;
 
-import static java.util.Optional.ofNullable;
 import static org.eclipse.edc.identityhub.api.configuration.ManagementApiConfigurationExtension.NAME;
 
 @Extension(value = NAME)
 public class ManagementApiConfigurationExtension implements ServiceExtension {
 
-    @Setting(value = "Explicitly set the initial API key for the Super-User")
-    public static final String SUPERUSER_APIKEY_PROPERTY = "edc.ih.api.superuser.key";
+
     public static final String NAME = "Management API Extension";
-    public static final String SUPER_USER_PARTICIPANT_ID = "super-user";
     private static final String MGMT_CONTEXT_ALIAS = "management";
     private static final String DEFAULT_DID_PATH = "/api/management";
     private static final int DEFAULT_DID_PORT = 8182;
@@ -79,41 +69,6 @@ public String name() {
         return NAME;
     }
 
-    @Override
-    public void initialize(ServiceExtensionContext context) {
-
-        // create super-user
-        participantContextService.createParticipantContext(ParticipantManifest.Builder.newInstance()
-                        .participantId(SUPER_USER_PARTICIPANT_ID)
-                        .did("did:web:%s".formatted(SUPER_USER_PARTICIPANT_ID)) // doesn't matter, not intended for resolution
-                        .active(true)
-                        .key(KeyDescriptor.Builder.newInstance()
-                                .keyGeneratorParams(Map.of("algorithm", "EdDSA", "curve", "Ed25519"))
-                                .keyId("%s-key".formatted(SUPER_USER_PARTICIPANT_ID))
-                                .privateKeyAlias("%s-alias".formatted(SUPER_USER_PARTICIPANT_ID))
-                                .build())
-                        .roles(List.of(ServicePrincipal.ROLE_ADMIN))
-                        .build())
-                .onSuccess(generatedKey -> {
-                    var monitor = context.getMonitor();
-                    var apiKey = ofNullable(context.getSetting(SUPERUSER_APIKEY_PROPERTY, null))
-                            .map(key -> {
-                                if (!key.contains(".")) {
-                                    monitor.warning("Super-user key override: this key appears to have an invalid format, you may be unable to access some APIs. It must follow the structure: 'base64(<participantId>).<random-string>'");
-                                }
-                                participantContextService.getParticipantContext(SUPER_USER_PARTICIPANT_ID)
-                                        .onSuccess(pc -> vault.storeSecret(pc.getApiTokenAlias(), key)
-                                                .onSuccess(u -> monitor.debug("Super-user key override successful"))
-                                                .onFailure(f -> monitor.warning("Error storing API key in vault: %s".formatted(f.getFailureDetail()))))
-                                        .onFailure(f -> monitor.warning("Error overriding API key for '%s': %s".formatted(SUPER_USER_PARTICIPANT_ID, f.getFailureDetail())));
-                                return key;
-                            })
-                            .orElse(generatedKey);
-                    monitor.info("Created user 'super-user'. Please take note of the API Key: %s".formatted(apiKey));
-                })
-                .orElseThrow(f -> new EdcException("Error creating Super-User: " + f.getFailureDetail()));
-    }
-
 
     @Provider
     public ManagementApiConfiguration createApiConfig(ServiceExtensionContext context) {

diff --git a/...rg/eclipse/edc/identityhub/api/configuration/ManagementApiConfigurationExtensionTest.java b/...rg/eclipse/edc/identityhub/api/configuration/ManagementApiConfigurationExtensionTest.java