Implements a feature to support the Submodel-based RBAC rules backend. This also includes the management of RBAC rules dynamically using the Submodel API. It separates the backend into InMemory and Submodel-based.
Only implemented for the AAS Repository and AAS Registry as of now, but will follow up on other Repos, registries, and discovery.
BaSyx Configuration for Testing
These extra configurations are required along with the current authorization configurations to configure the newly implemented feature:
basyx.feature.authorization.rules.backend=Submodel
basyx.feature.authorization.rules.backend.submodel.authorization.endpoint=\<Endpoint of the Security Submodel>
basyx.feature.authorization.rules.backend.submodel.authorization.token-endpoint=\<Token Endpoint>
basyx.feature.authorization.rules.backend.submodel.authorization.grant-type = \<CLIENT_CREDENTIALS> or \<PASSWORD>
basyx.feature.authorization.rules.backend.submodel.authorization.client-id=\<client-id>
basyx.feature.authorization.rules.backend.submodel.authorization.client-secret=\<client-secret>
basyx.feature.authorization.rules.backend.submodel.authorization.username=\<username>
basyx.feature.authorization.rules.backend.submodel.authorization.password=\<password>
Description of Changes
Implements a feature to support the Submodel-based RBAC rules backend. This also includes the management of RBAC rules dynamically using the Submodel API. It separates the backend into InMemory and Submodel-based.
Only implemented for the AAS Repository and AAS Registry as of now, but will follow up on other Repos, registries, and discovery.
BaSyx Configuration for Testing
These extra configurations are required along with the current authorization configurations to configure the newly implemented feature:
basyx.feature.authorization.rules.backend=Submodel basyx.feature.authorization.rules.backend.submodel.authorization.endpoint=\<Endpoint of the Security Submodel> basyx.feature.authorization.rules.backend.submodel.authorization.token-endpoint=\<Token Endpoint> basyx.feature.authorization.rules.backend.submodel.authorization.grant-type = \<CLIENT_CREDENTIALS> or \<PASSWORD> basyx.feature.authorization.rules.backend.submodel.authorization.client-id=\<client-id> basyx.feature.authorization.rules.backend.submodel.authorization.client-secret=\<client-secret> basyx.feature.authorization.rules.backend.submodel.authorization.username=\<username> basyx.feature.authorization.rules.backend.submodel.authorization.password=\<password>