feat: port v5alpha catalog management api for virtual edc (#5603)

* Feat: port v5alpha catalog management api for virtual edc

* chore: fix open api verification

* chore: fix open api verification

Author: wolf4ood

data-protocols/data-plane-signaling/src/main/resources/signaling-api-version.json

@@ -2,7 +2,7 @@
   {
     "version": "1.0.0-alpha",
     "urlPath": "/v1",
-    "lastUpdated": "2026-03-27T12:00:01Z",
+    "lastUpdated": "2026-03-27T13:00:01Z",
     "maturity": "alpha"
   }
 ]

extensions/common/api/management-api-configuration/src/main/resources/management-api-version.json

@@ -14,7 +14,7 @@
   {
     "version": "5.0.0-alpha",
     "urlPath": "/v5alpha",
-    "lastUpdated": "2026-03-24T09:00:00Z",
+    "lastUpdated": "2026-03-27T09:00:00Z",
     "maturity": "alpha"
   }
 ]

extensions/control-plane/api/management-api-v5/build.gradle.kts

@@ -22,6 +22,7 @@ dependencies {
     api(project(":extensions:control-plane:api:management-api-v5:asset-api-v5"))
     api(project(":extensions:control-plane:api:management-api-v5:contract-definition-api-v5"))
     api(project(":extensions:control-plane:api:management-api-v5:policy-definition-api-v5"))
+    api(project(":extensions:control-plane:api:management-api-v5:catalog-api-v5"))
     api(project(":extensions:control-plane:api:management-api-v5:contract-negotiation-api-v5"))
     api(project(":extensions:control-plane:api:management-api-v5:contract-agreement-api-v5"))
     api(project(":extensions:control-plane:api:management-api-v5:transfer-process-api-v5"))

extensions/control-plane/api/management-api-v5/catalog-api-v5/build.gradle.kts

@@ -0,0 +1,49 @@
+/*
+ *  Copyright (c) 2025 Metaform Systems, Inc.
+ *
+ *  This program and the accompanying materials are made available under the
+ *  terms of the Apache License, Version 2.0 which is available at
+ *  https://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Contributors:
+ *       Metaform Systems, Inc. - initial API and implementation
+ *
+ */
+plugins {
+    `java-library`
+    id(libs.plugins.swagger.get().pluginId)
+}
+
+dependencies {
+    api(project(":spi:common:auth-spi"))
+    api(project(":spi:control-plane:control-plane-spi"))
+    api(project(":spi:common:participant-context-single-spi"))
+
+    implementation(project(":core:common:lib:api-lib"))
+    implementation(project(":core:common:lib:validator-lib"))
+    implementation(project(":extensions:common:api:lib:management-api-lib"))
+    implementation(project(":extensions:common:http:lib:jersey-providers-lib"))
+    implementation(project(":core:control-plane:control-plane-transform"))
+
+    implementation(libs.jakarta.rsApi)
+    implementation(libs.jakarta.annotation)
+
+    testImplementation(project(":core:common:junit"))
+    testImplementation(project(":core:common:lib:transform-lib"))
+    testImplementation(project(":core:control-plane:control-plane-core"))
+    testImplementation(project(":core:data-plane-selector:data-plane-selector-core"))
+    testImplementation(project(":extensions:common:http"))
+    testImplementation(project(":extensions:common:iam:iam-mock"))
+    testImplementation(testFixtures(project(":extensions:common:http:jersey-core")))
+    testImplementation(libs.restAssured)
+}
+
+edcBuild {
+    swagger {
+        apiGroup.set("management-api")
+    }
+}
+
+

extensions/control-plane/api/management-api-v5/catalog-api-v5/src/main/java/org/eclipse/edc/connector/controlplane/api/management/catalog/CatalogApiV5Extension.java

@@ -0,0 +1,83 @@
+/*
+ *  Copyright (c) 2026 Metaform Systems, Inc.
+ *
+ *  This program and the accompanying materials are made available under the
+ *  terms of the Apache License, Version 2.0 which is available at
+ *  https://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Contributors:
+ *       Metaform Systems, Inc. - initial API and implementation
+ *
+ */
+
+package org.eclipse.edc.connector.controlplane.api.management.catalog;
+
+import org.eclipse.edc.api.auth.spi.AuthorizationService;
+import org.eclipse.edc.api.management.schema.ManagementApiJsonSchema;
+import org.eclipse.edc.connector.controlplane.api.management.catalog.v5.CatalogApiV5Controller;
+import org.eclipse.edc.connector.controlplane.services.spi.catalog.CatalogService;
+import org.eclipse.edc.connector.controlplane.transform.edc.catalog.to.JsonObjectToCatalogRequestTransformer;
+import org.eclipse.edc.connector.controlplane.transform.edc.catalog.to.JsonObjectToDatasetRequestTransformer;
+import org.eclipse.edc.jsonld.spi.JsonLd;
+import org.eclipse.edc.participantcontext.spi.service.ParticipantContextService;
+import org.eclipse.edc.runtime.metamodel.annotation.Extension;
+import org.eclipse.edc.runtime.metamodel.annotation.Inject;
+import org.eclipse.edc.spi.system.ServiceExtension;
+import org.eclipse.edc.spi.system.ServiceExtensionContext;
+import org.eclipse.edc.spi.types.TypeManager;
+import org.eclipse.edc.transform.spi.TypeTransformerRegistry;
+import org.eclipse.edc.validator.spi.JsonObjectValidatorRegistry;
+import org.eclipse.edc.web.jersey.providers.jsonld.JerseyJsonLdInterceptor;
+import org.eclipse.edc.web.spi.WebService;
+import org.eclipse.edc.web.spi.configuration.ApiContext;
+
+import static org.eclipse.edc.api.management.ManagementApi.MANAGEMENT_SCOPE_V4;
+import static org.eclipse.edc.spi.constants.CoreConstants.JSON_LD;
+
+@Extension(value = CatalogApiV5Extension.NAME)
+public class CatalogApiV5Extension implements ServiceExtension {
+
+    public static final String NAME = "Management API: Catalog";
+
+    @Inject
+    private WebService webService;
+
+    @Inject
+    private TypeTransformerRegistry transformerRegistry;
+
+    @Inject
+    private CatalogService service;
+
+    @Inject
+    private JsonObjectValidatorRegistry validatorRegistry;
+
+    @Inject
+    private JsonLd jsonLd;
+
+    @Inject
+    private TypeManager typeManager;
+    @Inject
+    private AuthorizationService authorizationService;
+    @Inject
+    private ParticipantContextService participantContextService;
+
+    @Override
+    public String name() {
+        return NAME;
+    }
+
+    @Override
+    public void initialize(ServiceExtensionContext context) {
+        transformerRegistry.register(new JsonObjectToCatalogRequestTransformer());
+        transformerRegistry.register(new JsonObjectToDatasetRequestTransformer());
+
+        var managementApiTransformerRegistry = transformerRegistry.forContext("management-api");
+
+        // authorization service does need an additional lookup function - catalogs are not a persisted entity
+
+        webService.registerResource(ApiContext.MANAGEMENT, new CatalogApiV5Controller(service, managementApiTransformerRegistry, authorizationService, participantContextService));
+        webService.registerDynamicResource(ApiContext.MANAGEMENT, CatalogApiV5Controller.class, new JerseyJsonLdInterceptor(jsonLd, typeManager, JSON_LD, MANAGEMENT_SCOPE_V4, validatorRegistry, ManagementApiJsonSchema.V4.version()));
+    }
+}

extensions/control-plane/api/management-api-v5/catalog-api-v5/src/main/java/org/eclipse/edc/connector/controlplane/api/management/catalog/v5/CatalogApiV5.java

@@ -0,0 +1,57 @@
+/*
+ *  Copyright (c) 2026 Metaform Systems, Inc.
+ *
+ *  This program and the accompanying materials are made available under the
+ *  terms of the Apache License, Version 2.0 which is available at
+ *  https://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Contributors:
+ *       Metaform Systems, Inc. - initial API and implementation
+ *
+ */
+
+package org.eclipse.edc.connector.controlplane.api.management.catalog.v5;
+
+import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.info.Info;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.Schema;
+import io.swagger.v3.oas.annotations.parameters.RequestBody;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.json.JsonObject;
+import jakarta.ws.rs.container.AsyncResponse;
+import jakarta.ws.rs.container.Suspended;
+import jakarta.ws.rs.core.SecurityContext;
+import org.eclipse.edc.api.management.schema.ManagementApiJsonSchema;
+
+@OpenAPIDefinition(info = @Info(version = "v5alpha"))
+@Tag(name = "Catalog v5alpha")
+public interface CatalogApiV5 {
+
+    @Operation(
+            requestBody = @RequestBody(content = @Content(schema = @Schema(ref = ManagementApiJsonSchema.V4.CATALOG_REQUEST))),
+            responses = {@ApiResponse(
+                    content = @Content(
+                            mediaType = "application/json",
+                            schema = @Schema(ref = "https://w3id.org/dspace/2025/1/catalog/catalog-schema.json")
+                    ),
+                    description = "Gets contract offers (=catalog) of a single connector")}
+    )
+    void requestCatalogV5(String participantContextId, JsonObject request, @Suspended AsyncResponse response, SecurityContext context);
+
+    @Operation(
+            requestBody = @RequestBody(content = @Content(schema = @Schema(ref = ManagementApiJsonSchema.V4.CATALOG_REQUEST))),
+            responses = {@ApiResponse(
+                    content = @Content(
+                            mediaType = "application/json",
+                            schema = @Schema(ref = "https://w3id.org/dspace/2025/1/catalog/dataset-schema.json")
+                    ),
+                    description = "Gets single dataset from a connector")}
+    )
+    void getDatasetV5(String participantContextId, JsonObject request, @Suspended AsyncResponse response, SecurityContext context);
+
+}

extensions/control-plane/api/management-api-v5/catalog-api-v5/src/main/java/org/eclipse/edc/connector/controlplane/api/management/catalog/v5/CatalogApiV5Controller.java

@@ -0,0 +1,146 @@
+/*
+ *  Copyright (c) 2026 Metaform Systems, Inc.
+ *
+ *  This program and the accompanying materials are made available under the
+ *  terms of the Apache License, Version 2.0 which is available at
+ *  https://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Contributors:
+ *       Metaform Systems, Inc. - initial API and implementation
+ *
+ */
+
+package org.eclipse.edc.connector.controlplane.api.management.catalog.v5;
+
+import jakarta.annotation.security.RolesAllowed;
+import jakarta.json.JsonObject;
+import jakarta.ws.rs.Consumes;
+import jakarta.ws.rs.POST;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.container.AsyncResponse;
+import jakarta.ws.rs.container.Suspended;
+import jakarta.ws.rs.core.Context;
+import jakarta.ws.rs.core.SecurityContext;
+import org.eclipse.edc.api.auth.spi.AuthorizationService;
+import org.eclipse.edc.api.auth.spi.ParticipantPrincipal;
+import org.eclipse.edc.api.auth.spi.RequiredScope;
+import org.eclipse.edc.connector.controlplane.catalog.spi.CatalogRequest;
+import org.eclipse.edc.connector.controlplane.catalog.spi.DatasetRequest;
+import org.eclipse.edc.connector.controlplane.services.spi.catalog.CatalogService;
+import org.eclipse.edc.participantcontext.spi.service.ParticipantContextService;
+import org.eclipse.edc.participantcontext.spi.types.ParticipantContext;
+import org.eclipse.edc.spi.EdcException;
+import org.eclipse.edc.spi.response.StatusResult;
+import org.eclipse.edc.transform.spi.TypeTransformerRegistry;
+import org.eclipse.edc.web.spi.exception.BadGatewayException;
+import org.eclipse.edc.web.spi.exception.InvalidRequestException;
+import org.eclipse.edc.web.spi.validation.SchemaType;
+
+import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
+import static org.eclipse.edc.connector.controlplane.catalog.spi.CatalogRequest.CATALOG_REQUEST_TYPE_TERM;
+import static org.eclipse.edc.connector.controlplane.catalog.spi.DatasetRequest.DATASET_REQUEST_TYPE_TERM;
+import static org.eclipse.edc.web.spi.exception.ServiceResultHandler.exceptionMapper;
+
+@Consumes(APPLICATION_JSON)
+@Produces(APPLICATION_JSON)
+@Path("/v5alpha/participants/{participantContextId}/catalog")
+public class CatalogApiV5Controller implements CatalogApiV5 {
+    private final AuthorizationService authorizationService;
+    private final CatalogService service;
+    private final TypeTransformerRegistry transformerRegistry;
+    private final ParticipantContextService participantContextService;
+
+    public CatalogApiV5Controller(CatalogService service, TypeTransformerRegistry transformerRegistry,
+                                  AuthorizationService authorizationService, ParticipantContextService participantContextService) {
+        this.service = service;
+        this.transformerRegistry = transformerRegistry;
+        this.authorizationService = authorizationService;
+        this.participantContextService = participantContextService;
+    }
+
+
+    @POST
+    @Path("/request")
+    @RolesAllowed({ParticipantPrincipal.ROLE_ADMIN, ParticipantPrincipal.ROLE_PARTICIPANT})
+    @RequiredScope("management-api:read")
+    @Override
+    public void requestCatalogV5(@PathParam("participantContextId") String participantContextId,
+                                 @SchemaType(CATALOG_REQUEST_TYPE_TERM) JsonObject requestBody,
+                                 @Suspended AsyncResponse response,
+                                 @Context SecurityContext securityContext) {
+
+        var participantContext = preAuthorize(participantContextId, securityContext);
+
+        var request = transformerRegistry.transform(requestBody, CatalogRequest.class)
+                .orElseThrow(InvalidRequestException::new);
+
+        var scopes = request.getAdditionalScopes().toArray(new String[0]);
+        service.requestCatalog(participantContext, request.getCounterPartyId(), request.getCounterPartyAddress(), request.getProtocol(), request.getQuerySpec(), scopes)
+                .whenComplete((result, throwable) -> {
+                    try {
+                        response.resume(toResponse(result, throwable));
+                    } catch (Throwable mapped) {
+                        response.resume(mapped);
+                    }
+                });
+    }
+
+    @POST
+    @Path("/dataset/request")
+    @RolesAllowed({ParticipantPrincipal.ROLE_ADMIN, ParticipantPrincipal.ROLE_PARTICIPANT})
+    @RequiredScope("management-api:read")
+    @Override
+    public void getDatasetV5(@PathParam("participantContextId") String participantContextId,
+                             @SchemaType(DATASET_REQUEST_TYPE_TERM) JsonObject requestBody,
+                             @Suspended AsyncResponse response,
+                             @Context SecurityContext securityContext) {
+
+        var participantContext = preAuthorize(participantContextId, securityContext);
+
+        var request = transformerRegistry.transform(requestBody, DatasetRequest.class)
+                .orElseThrow(InvalidRequestException::new);
+
+        service.requestDataset(participantContext, request.getId(), request.getCounterPartyId(), request.getCounterPartyAddress(), request.getProtocol())
+                .whenComplete((result, throwable) -> {
+                    try {
+                        response.resume(toResponse(result, throwable));
+                    } catch (Throwable mapped) {
+                        response.resume(mapped);
+                    }
+                });
+    }
+
+    /**
+     * utility method that performs authorization on the participant context with the given ID and return the {@link ParticipantContext}
+     * throws an exception if the authorization fails. the exception does not need to be caught.
+     */
+
+    private ParticipantContext preAuthorize(String participantContextId, SecurityContext securityContext) {
+        authorizationService.authorize(securityContext, participantContextId, participantContextId, ParticipantContext.class)
+                .orElseThrow(exceptionMapper(ParticipantContext.class, participantContextId));
+
+        return participantContextService.getParticipantContext(participantContextId)
+                .orElseThrow(exceptionMapper(ParticipantContext.class, participantContextId));
+    }
+
+    private byte[] toResponse(StatusResult<byte[]> result, Throwable throwable) throws Throwable {
+        if (throwable == null) {
+            if (result.succeeded()) {
+                return result.getContent();
+            } else {
+                throw new BadGatewayException(result.getFailureDetail());
+            }
+        } else {
+            if (throwable instanceof EdcException || throwable.getCause() instanceof EdcException) {
+                throw new BadGatewayException(throwable.getMessage());
+            } else {
+                throw throwable;
+            }
+        }
+    }
+
+}

extensions/control-plane/api/management-api-v5/catalog-api-v5/src/main/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension

@@ -0,0 +1,15 @@
+#
+#  Copyright (c) 2025 Metaform Systems, Inc.
+#
+#  This program and the accompanying materials are made available under the
+#  terms of the Apache License, Version 2.0 which is available at
+#  https://www.apache.org/licenses/LICENSE-2.0
+#
+#  SPDX-License-Identifier: Apache-2.0
+#
+#  Contributors:
+#       Metaform Systems, Inc. - initial API and implementation
+#
+#
+
+org.eclipse.edc.connector.controlplane.api.management.catalog.CatalogApiV5Extension