feat: allow sending notifications to authenticated EdgeX endpoints (#4763)

* feat: allow sending notifications to authenticated EdgeX endpoints

Signed-off-by: Jeff Titus <[email protected]>

* refactor: remove extraneous else

Signed-off-by: Jeff Titus <[email protected]>

* build(deps): bump github.com/edgexfoundry/go-mod-core-contracts/v3 to v3.2.0-dev.9

Signed-off-by: Jeff Titus <[email protected]>

* docs: update support-notifications openapi spec

Signed-off-by: Jeff Titus <[email protected]>

---------

Signed-off-by: Jeff Titus <[email protected]>

Author: jrtitus

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/eclipse/paho.mqtt.golang v1.4.3
 	github.com/edgexfoundry/go-mod-bootstrap/v3 v3.2.0-dev.18
 	github.com/edgexfoundry/go-mod-configuration/v3 v3.2.0-dev.2
-	github.com/edgexfoundry/go-mod-core-contracts/v3 v3.2.0-dev.8
+	github.com/edgexfoundry/go-mod-core-contracts/v3 v3.2.0-dev.9
 	github.com/edgexfoundry/go-mod-messaging/v3 v3.2.0-dev.12
 	github.com/edgexfoundry/go-mod-secrets/v3 v3.2.0-dev.5
 	github.com/fxamacker/cbor/v2 v2.6.0

go.sum

@@ -30,8 +30,8 @@ github.com/edgexfoundry/go-mod-bootstrap/v3 v3.2.0-dev.18 h1:h59Vx7wpVVjkbxvs62+
 github.com/edgexfoundry/go-mod-bootstrap/v3 v3.2.0-dev.18/go.mod h1:M3/344c8Zq4Bna/nR2WD2SWZ5tD5gLU8ukYus4dTb6s=
 github.com/edgexfoundry/go-mod-configuration/v3 v3.2.0-dev.2 h1:71C39GPP7nbxa5GTOqoc1eAXbogoie1DCYCLBQo71t0=
 github.com/edgexfoundry/go-mod-configuration/v3 v3.2.0-dev.2/go.mod h1:+RykcMAHe6rluqJSKOAy+EwtzaeSc/qbxRYdtY2vA0g=
-github.com/edgexfoundry/go-mod-core-contracts/v3 v3.2.0-dev.8 h1:la7SU8i0TwgJ1tnbgUacHtuCKmUEnb7R3VVgvJ2EiPY=
-github.com/edgexfoundry/go-mod-core-contracts/v3 v3.2.0-dev.8/go.mod h1:mXa4zgfgECdC/8WLULwCWmI5ZZNG7pzXeGGh4SH0FC0=
+github.com/edgexfoundry/go-mod-core-contracts/v3 v3.2.0-dev.9 h1:JzwiVf/r+hBNweRFOrMWL8BiHqD5cAidrRZ6Socuz+w=
+github.com/edgexfoundry/go-mod-core-contracts/v3 v3.2.0-dev.9/go.mod h1:mXa4zgfgECdC/8WLULwCWmI5ZZNG7pzXeGGh4SH0FC0=
 github.com/edgexfoundry/go-mod-messaging/v3 v3.2.0-dev.12 h1:/Z9Uxttg8ofl4Vv55ZPBz2tHkTyZTPIQiYENNnPeAPU=
 github.com/edgexfoundry/go-mod-messaging/v3 v3.2.0-dev.12/go.mod h1:/oGknon5z25PsBFnPHa74i54XM5xxwZ0AXCQLvk0qWw=
 github.com/edgexfoundry/go-mod-registry/v3 v3.2.0-dev.2 h1:Fj2CLjWB8I0KSjysV5oITrFlPI82K5aJXMt0/ZPC+/4=

internal/support/notifications/application/channel/sender.go

@@ -10,8 +10,11 @@ import (
 	notificationContainer "github.com/edgexfoundry/edgex-go/internal/support/notifications/container"
 
 	"github.com/edgexfoundry/go-mod-bootstrap/v3/bootstrap/container"
+	bootstrapInterfaces "github.com/edgexfoundry/go-mod-bootstrap/v3/bootstrap/interfaces"
+	"github.com/edgexfoundry/go-mod-bootstrap/v3/bootstrap/secret"
 	"github.com/edgexfoundry/go-mod-bootstrap/v3/di"
 
+	"github.com/edgexfoundry/go-mod-core-contracts/v3/clients/interfaces"
 	"github.com/edgexfoundry/go-mod-core-contracts/v3/errors"
 	"github.com/edgexfoundry/go-mod-core-contracts/v3/models"
 )
@@ -23,12 +26,13 @@ type Sender interface {
 
 // RESTSender is the implementation of the interfaces.ChannelSender, which is used to send the notifications via REST
 type RESTSender struct {
-	dic *di.Container
+	dic            *di.Container
+	secretProvider bootstrapInterfaces.SecretProviderExt
 }
 
 // NewRESTSender creates the RESTSender instance
-func NewRESTSender(dic *di.Container) Sender {
-	return &RESTSender{dic: dic}
+func NewRESTSender(dic *di.Container, secretProvider bootstrapInterfaces.SecretProviderExt) Sender {
+	return &RESTSender{dic: dic, secretProvider: secretProvider}
 }
 
 // Send sends the REST request to the specified address
@@ -39,9 +43,13 @@ func (sender *RESTSender) Send(notification models.Notification, address models.
 	if !ok {
 		return "", errors.NewCommonEdgeX(errors.KindContractInvalid, "fail to cast Address to RESTAddress", nil)
 	}
-	// NOTE: Not currently passing an AuthenticationInjector here;
-	// no current notifications are calling EdgeX services
-	return utils.SendRequestWithRESTAddress(lc, notification.Content, notification.ContentType, restAddress, nil)
+
+	var injector interfaces.AuthenticationInjector
+	if restAddress.InjectEdgeXAuth {
+		injector = secret.NewJWTSecretProvider(sender.secretProvider)
+	}
+
+	return utils.SendRequestWithRESTAddress(lc, notification.Content, notification.ContentType, restAddress, injector)
 }
 
 // EmailSender is the implementation of the interfaces.ChannelSender, which is used to send the notifications via email

internal/support/notifications/init.go

@@ -50,7 +50,7 @@ func NewBootstrap(router *echo.Echo, serviceName string) *Bootstrap {
 func (b *Bootstrap) BootstrapHandler(ctx context.Context, _ *sync.WaitGroup, _ startup.Timer, dic *di.Container) bool {
 	LoadRestRoutes(b.router, dic, b.serviceName)
 
-	restSender := channel.NewRESTSender(dic)
+	restSender := channel.NewRESTSender(dic, bootstrapContainer.SecretProviderExtFrom(dic.Get))
 	emailSender := channel.NewEmailSender(dic)
 	dic.Update(di.ServiceConstructorMap{
 		channel.RESTSenderName: func(get di.Get) interface{} {

openapi/v3/support-notifications.yaml

@@ -102,6 +102,9 @@ components:
         httpMethod:
           description: "Indicates which Http verb should be used for the REST endpoint."
           type: string
+        injectEdgeXAuth:
+          description: "Specifies whether or not to inject the EdgeX services JWT into the request."
+          type: boolean
       required:
         - type
         - host