Merge pull request #237 from catenax-ng/release/v2.2.0/refactor-dpp-s…

…cript

Release/v2.2.0/refactor dpp script: Refactored the dpp-script and updated readme

CHANGELOG.md

@@ -25,6 +25,14 @@
 
 The changelog format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [unreleased]
+## [v2.2.0] - 22-02-2024
+
+## Updated
+- Refactored dpp-script by adding AppId as a script parameter
+- Updated dpp-script readme
+
+
 ## [released]
 ## [v2.1.3] - 19-02-2024
 

dpp-backend/scripts/README.md

@@ -32,40 +32,55 @@ A command line python script to request for any aspect model data using the Digi
 - The consumer components setup:
     - DPP backend service
     - EDC and IRS services setup
+- Company is onboarded and credentials are issued from the portal
+- Python version 3+ is installed in your Operating System
+
+### Install Python-requests library
+
+Prior to execute the script, the `python-requests` library must be installed:
+
+```bash
+# if python is used
+apt-get install python-requests
+
+# if python3 is used
+apt-get install python3-requests
+```
 
 ## Features
 - Retrieve DPP information using the backend in json format and prints it to the standard output
 -  Prints data retrieval status to console output on each step
-- Perform authentication from the centrally managed authorization server (keycloak) based on company and user credentials provided by the user
+- Perform authentication either from the centrally managed authorization server (keycloak) based on company and user credentials or from the access token provided by the user
 - Export enabled/disabled option to export the requested aspect data to a json file
 - Logging to log intermediate retrieval status to a file for further backtracking/debugging/troubleshooting
 - The backend API and authorization server settings are configurable
 - Capable to handle exception and error messages
-- When doing contract negotiation the first contract is always used
+- When doing contract negotiation by using this script the first contract is always used
 
 ## TL;DR 
 - The default script configuration is provided in [Constants.py](./utilities/constants.py) and can be changed based on the authentication provider.
-- Configure the username and password and following required script parameters (shown in below table) in [get-data.sh](./get-data.sh)
+- Configure the username/password, appId and following required script parameters (shown in below table) in [get-data.sh](./get-data.sh)
 - Execute the script `get-data.sh` in a terminal
 ```bash
 ./get-data.sh
 ```
 
-The following parameters can be added in the [test.sh](./test.sh)
+The following parameters can be added in the [get-data.sh](./get-data.sh)
 
 #### Script Parameters:
 | Parameter         |  Description                                                    | Default value                                                                      | Required/Optionl |
 | :---:             | :---                                                           | :---                                                                                | :---:            |
 | --company         | Company name                                                   |         CX-Test-Access                                                              | Optional         |
-| --username        | username                                                       |         your username                                                               | Optional         |
-| --password        | password                                                       |         your password                                                               | Optional         |
+| --username        | username                                                       |         <place your username>                                                 | Optional         |
+| --password        | password                                                       |         <place your password>                                                 | Optional         |
+| --appId           | The client Id/app Id issued from the portal                    |         <place your appId>                                                    | Required         |
 | --semanticId      | Semantic ID of the aspect model                                |         *Managed by the Backend*                                                    | Optional         | 
 | -idType           | Product type attribute to lookup into digital twin registry    |         *Managed by the Backend*: "partInstanceId"                                  | Optional         |
-| --id              |Product type value to lookup into the digital twin registry     |         BAT-XYZ789                                                                  | Required         |
+| --id              |Product type value to lookup into the digital twin registry     |         NCM-6789                                                                    | Required         |
 | --discoveryType   |  Discovery type attribute to lookup into the discovery service |         *Managed by the Backend*: "manufacturerPartId"                              | Optional         |
-| --discoveryId     | Discovery type value to lookup into the discovery service      |         XYZ78901                                                                    | Required         |
+| --discoveryId     | Discovery type value to lookup into the discovery service      |         MAT781                                                                      | Required         |
 | -getChildren      | Boolean value to check if children are retrieved               |         False                                                                       | Optional         |
-| --access_token    | Access token to be used instead of username / password         |         -                                                                       | Optional         |
+| --access_token    | Access token to be used instead of username / password         |         -                                                                           | Optional         |
 |                   |                                                                |                                                                                     |                  |
 
 

dpp-backend/scripts/get-data.sh

@@ -23,12 +23,30 @@
 
 ## this command in Python is recommended to run in UNBUFFERED mode, and to print standard output (stdout/stderr)
 export PYTHONUNBUFFERED=TRUE;
+PYTHON=""
 
-pip install -r requirements.txt --user
+## step 1: check if the python/python3 executable exists
+PYEXEC=$(which python)
 
-## execute the python script
-python ./getPassport.py --id NCM-6789  \
+if [ -f ${PYEXEC} ]; then
+  PYTHON=${PYEXEC};
+fi
+
+PYEXEC=$(which python3)
+
+if [ -f ${PYEXEC} ]; then
+  PYTHON=${PYEXEC};
+fi
+
+if [ ! -f ${PYTHON} ]; then
+  echo "Python executable not found";
+  exit 1
+fi
+
+## step 2: execute the python script
+${PYTHON} ./getPassport.py --id NCM-6789  \
   --discoveryId MAT7814 \
   --company CX-Test-Access \
   --username "<username>" \
-  --password "<password>"
+  --password "<password>" \
+  --appId "<appId>"

dpp-backend/scripts/getPassport.py

@@ -72,6 +72,9 @@ def get_arguments():
 
     parser.add_argument("-di", "--discoveryId", \
                             help="The discovery type value to lookup into the discovery service", required=True)
+
+    parser.add_argument("-a", "--appId", \
+                        help="The client Id/app Id issued from the portal", required=True)
 
     parser.add_argument("-c", "--getChildren", action = 'store_true' , \
                         help="A boolean value to check if the passport contains children", required=False)
@@ -256,6 +259,7 @@ def retrieve_passport(process_id, contract_id, token, session=None):
         serialized_id = args.id
         discovery_type = args.discoveryType
         discovery_id = args.discoveryId
+        app_id = args.appId
         children = args.getChildren
 
         retries = 0
@@ -273,7 +277,7 @@ def retrieve_passport(process_id, contract_id, token, session=None):
             logger.debug(f"Username/Password found.")
             if company is None:
                 raise("Company is required along with user and password") 
-            auth = Authentication(company, username, password)
+            auth = Authentication(company, username, password, app_id)
             access_token = auth.get_access_token()
         else:
             raise("Either username+password or access_token must be specified.")
@@ -333,6 +337,7 @@ def retrieve_passport(process_id, contract_id, token, session=None):
             logger.error(msg)
             raise Exception(msg)
 
+        passport = None
         while retries < max_retries: 
             status_response = get_status(process_id, session)
             status = op.get_attribute(status_response, "status")

dpp-backend/scripts/utilities/authentication.py

@@ -51,12 +51,12 @@ class Authentication:
     _central_idp_cookie = ""
 
 
-    def __init__(self, company_name, username, password) -> None:
+    def __init__(self, company_name, username, password, appId) -> None:
 
         self._company_name = company_name
         self._username = username
         self._password = password
-        self._client_id = Constants.CLIENT_ID
+        self._client_id = appId
         self._redirect_uri = Constants.REDIRECT_URI
         self._token_uri = Constants.TOKEN_URI
         self._scope = Constants.SCOPE

dpp-backend/scripts/utilities/constants.py

@@ -27,7 +27,6 @@ class Constants:
     TOKEN_URI = "https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token"
     AUTH_URI = "https://centralidp.int.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/auth"
     REDIRECT_URI = "https://dpp.int.demo.catena-x.net"
-    CLIENT_ID = "<addAppId>"
     REALM = "CX-Central"
     SCOPE = "openid"
     SERVER_URL = "https://dpp.int.demo.catena-x.net"