Merge pull request #52 from Aitia-IIOT/development

Release v1.0.2

Author: borditamas

docs/api/communication-profiles/generic-http-template.md

@@ -10,7 +10,10 @@ This page describes the Generic HTTP Communication Profile (CP), which templates
 | Transfer protocol | [HTTP 1.1](https://datatracker.ietf.org/doc/html/rfc2616) |
 | Data Encryption | N/A |
 | Data Compression | N/A |
-| Payload Format | [JSON](https://datatracker.ietf.org/doc/html/rfc8259) / Text |
+
+## Payload Aspects
+
+Generic HTTP - CP does not regulate the service payload format. Any format (JSON, XML, Plain Text, etc.) may be used that best fits the requirements of the given [Service](../../help/definitions.md#microservice-or-service). The chosen data format and implemented data model are mandatory to specify in the Interface Design Descriptions (IDD).
 
 ## Service Interface Template
 
@@ -64,9 +67,9 @@ If the access right is required to be proven, then an [Access Token](../../help/
 
 ---
 
-### Payload
+### Body
 
-The data to be transmitted to or from a given [service-operation](../../help/definitions.md#service-operation) (endpoint). In case of hierarchical data, the payload must be in [JSON](https://datatracker.ietf.org/doc/html/rfc8259) data format and must be placed into the [HTTP Meassage Body](https://datatracker.ietf.org/doc/html/rfc2616#section-4.3). In case of non-hierarchical data, text data format can be used and placed into the [HTTP Meassage Body](https://datatracker.ietf.org/doc/html/rfc2616#section-4.3) or into the request [URI](https://en.wikipedia.org/wiki/Uniform_Resource_Identifier) as URI encoded path variable or query parameter. It is mandatory to specify it in IDDs.
+The data to be transmitted to or from a given [service-operation](../../help/definitions.md#service-operation) (endpoint). In case of hierarchical data, the body could be in [JSON](https://datatracker.ietf.org/doc/html/rfc8259) or in [XML](https://en.wikipedia.org/wiki/XML) or in any other suitable  data format and should be placed into the [HTTP Meassage Body](https://datatracker.ietf.org/doc/html/rfc2616#section-4.3). In case of simple and non-hierarchical data, text data format can be used and placed into the [HTTP Meassage Body](https://datatracker.ietf.org/doc/html/rfc2616#section-4.3) or into the request [URI](https://en.wikipedia.org/wiki/Uniform_Resource_Identifier) as URI encoded path variable or query parameter. It is mandatory to specify it in IDDs.
 
 ---
 

docs/api/communication-profiles/generic-https-template.md

@@ -10,7 +10,10 @@ This page describes the Generic HTTPS Communication Profile (CP), which template
 | Transfer protocol | [HTTP 1.1](https://datatracker.ietf.org/doc/html/rfc2616) |
 | Data Encryption | [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) |
 | Data Compression | N/A |
-| Payload Format | [JSON](https://datatracker.ietf.org/doc/html/rfc8259) / Text |
+
+## Payload Aspects
+
+Generic HTTPS - CP does not regulate the service payload format. Any format (JSON, XML, Plain Text, etc.) may be used that best fits the requirements of the given [Service](../../help/definitions.md#microservice-or-service). The chosen data format and implemented data model are mandatory to specify in the Interface Design Descriptions (IDD).
 
 ## Service Interface Template
 

docs/api/communication-profiles/generic-mqtt-template.md

@@ -10,7 +10,10 @@ This page describes the Generic MQTT Communication Profile (CP), which templates
 | Transfer protocol | [MQTT 3.1](https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html) [MQTT 3.1.1](https://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html) |
 | Data Encryption | N/A |
 | Data Compression | N/A |
-| Payload Format | [JSON](https://datatracker.ietf.org/doc/html/rfc8259) |
+
+## Payload Aspects
+
+Generic MQTT - CP regulates the message payload format and data model to be used, and it also regulates the service payload format (see the [message templates section](#message-templates)). However it does not regulate the service payload data model. All payload formats and data models are mandatory to specify in the Interface Design Descriptions (IDD).
 
 ## Service Interface Template
 

docs/api/communication-profiles/generic-mqtts-template.md

@@ -10,7 +10,10 @@ This page describes the Generic MQTTS Communication Profile (CP), which template
 | Transfer protocol | [MQTT 3.1](https://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html) [MQTT 3.1.1](https://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html) |
 | Data Encryption | [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) |
 | Data Compression | N/A |
-| Payload Format | [JSON](https://datatracker.ietf.org/doc/html/rfc8259) |
+
+## Payload Aspects
+
+Generic MQTTS - CP regulates the message payload format and data model to be used, and it also regulates the service payload format (see the [message templates section](./generic-mqtt-template.md#message-templates)). However it does not regulate the service payload data model. All payload formats and data models are mandatory to specify in the Interface Design Descriptions (IDD).
 
 ## Service Interface Template
 

docs/api/primitives.md

@@ -6,7 +6,7 @@ A unique **String** of characters that is issued for a beneficiary system and is
 
 ## AccessTokenVariant
 
-**String** value that specifies an exact token technology variant. The possible values are `TIME_LIMITED_TOKEN_AUTH`, `USAGE_LIMITED_TOKEN_AUTH`, `BASE64_SELF_CONTAINED_TOKEN_AUTH`, `RSA_SHA256_JSON_WEB_TOKEN_AUTH`, `RSA_SHA512_JSON_WEB_TOKEN_AUTH`.
+**String** value that specifies an exact token technology variant. The possible values are `TIME_LIMITED_TOKEN_AUTH`, `USAGE_LIMITED_TOKEN_AUTH`, `BASE64_SELF_CONTAINED_TOKEN_AUTH`, `RSA_SHA256_JSON_WEB_TOKEN_AUTH`, `RSA_SHA512_JSON_WEB_TOKEN_AUTH`, `TRANSLATION_BRIDGE_TOKEN_AUTH`.
 
 ## Address 
 
@@ -133,7 +133,6 @@ A **String** identifier of any suitable validator function chosen by the impleme
             }
     ```
     The validation and normalization happens according to the HTTP standards.
-
   
 ## Protocol
 
@@ -145,7 +144,7 @@ A Base64 **String** representation of the public byte array cryptographic key re
 
 ## SecurityPolicy
 
-A **String** representation of security policies. The possible values are: `NONE`, `CERT_AUTH`, `TIME_LIMITED_TOKEN_AUTH`, `USAGE_LIMITED_TOKEN_AUTH`, `BASE64_SELF_CONTAINED_TOKEN_AUTH`, `RSA_SHA256_JSON_WEB_TOKEN_AUTH`, `RSA_SHA512_JSON_WEB_TOKEN_AUTH`.
+A **String** representation of security policies. The possible values are: `NONE`, `CERT_AUTH`, `TIME_LIMITED_TOKEN_AUTH`, `USAGE_LIMITED_TOKEN_AUTH`, `BASE64_SELF_CONTAINED_TOKEN_AUTH`, `RSA_SHA256_JSON_WEB_TOKEN_AUTH`, `RSA_SHA512_JSON_WEB_TOKEN_AUTH`, `TRANSLATION_BRIDGE_TOKEN_AUTH`.
 
 ## ServiceInstanceID
 
@@ -176,7 +175,7 @@ A **String** identifier that is intended to be both human and machine-readable.
 
 ## TokenType
 
-A **String** name that groups token technologies by usage characteristics. Can be `USAGE_LIMITED_TOKEN`, `TIME_LIMITED_TOKEN` or `SELF_CONTAINED_TOKEN`.
+A **String** name that groups token technologies by usage characteristics. Can be `USAGE_LIMITED_TOKEN`, `TIME_LIMITED_TOKEN`, `SELF_CONTAINED_TOKEN` or `TRANSLATION_BRIDGE_TOKEN`.
 
 ## UUID
 

docs/contribute/bug-report.md

@@ -0,0 +1,25 @@
+# Bug Report
+
+## Suspect a Vulnerability?
+
+If you think you have found a vulnerability, please report it to us through coordinated disclosure.
+
+**Please do not report security vulnerabilities through public issues, discussions, or change requests.**
+
+Instead, report it using one of the following ways:
+
+* Contact the [Eclipse Foundation Security Team](mailto:security@eclipse-foundation.org) via email
+* Create a [confidential issue](https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/new?issuable_template=new_vulnerability) in the Eclipse Foundation Vulnerability Reporting Tracker
+
+You can find more information about reporting and disclosure at the [Eclipse Foundation Security page](https://www.eclipse.org/security/).
+
+## Found a Bug?
+
+| Please open a GitHUB Issue in the related repository |   |
+|---|---|
+| ServiceRegistry Core System  | [:octicons-link-external-16::material-bug: report a bug](https://github.com/eclipse-arrowhead/ah5-core-java-spring/issues/new) |
+| DynamicServiceOrchestration Core System | [:octicons-link-external-16::material-bug: report a bug](https://github.com/eclipse-arrowhead/ah5-core-java-spring/issues/new) |
+| ConsumerAuthorization Core System  | [:octicons-link-external-16::material-bug: report a bug](https://github.com/eclipse-arrowhead/ah5-core-java-spring/issues/new) |
+| Authentication Core System  | [:octicons-link-external-16::material-bug: report a bug](https://github.com/eclipse-arrowhead/ah5-core-java-spring/issues/new) |
+| Blacklist Support System  | [:octicons-link-external-16::material-bug: report a bug](https://github.com/eclipse-arrowhead/ah5-blacklist-java-spring/issues/new) |
+| **Not sure where it belongs?** | [:octicons-link-external-16::material-bug: report a bug](https://github.com/eclipse-arrowhead/ah5-common-java-spring/issues/new) |

docs/home/contribute.md docs/contribute/code-contribution.mddocs/home/contribute.md renamed to docs/contribute/code-contribution.md

@@ -1,8 +1,8 @@
-# Contribute
+# Code Contribution
 
 ## Eclipse Contributor Agreement
 
-Since Arrowhead project is governed within the Eclipse Foundation, the authors of any contribution must agree and accept the [Eclipse Contributor Agreement ("ECA")](https://www.eclipse.org/legal/ECA.php).
+Since Arrowhead project is governed within the [Eclipse Foundation](https://projects.eclipse.org/projects/iot.arrowhead), the authors of any contribution must agree and accept the [Eclipse Contributor Agreement ("ECA")](https://www.eclipse.org/legal/ECA.php).
 
 Technically it means that contributors need an [Eclipse Fundation Account](https://accounts.eclipse.org/user/register?destination=user/edit) which makes possible to submit a signed ECA! GitHub Pull Requests could be accepted only when all the authors own an Eclipse Foundation Account with the signed ECA!
 
@@ -18,19 +18,22 @@ Use the command below to configure your git client globally:
 
 Whithout the `--global` flag you can set the email address only for that specific project where the command was executed.
 
+[Learn more from Eclipse Handbook.](https://www.eclipse.org/projects/handbook/#resources-commit)
+
 ## Way of contributing
 
 1) **Fork (and not clone) the project repository.**
 
    - [Working with forks](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks)
+   - For developing a completely new components, [open a ticket](https://github.com/eclipse-arrowhead/roadmap/issues/new)
 
 2) **Create a new branch in your fork and from the `development` branch for your contribution.**
 
 _(Creating and pushing new branches within a cloned repository is allowed only for official [Committers](https://projects.eclipse.org/projects/iot.arrowhead/who))_
 
 3) **Take care of coding clean!**
 
-   - Stick to the [Implementation Structure](./implementation.md#implementation-structure)
+   - Stick to the [Implementation Structure](../home/implementation.md#implementation-structure)
    - [Clean coding in Java](https://www.baeldung.com/java-clean-code)
    - [A short summary of Java coding best practices](https://rhamedy.medium.com/a-short-summary-of-java-coding-best-practices-31283d0167d3)
 

docs/downloads/releases.md

@@ -2,12 +2,12 @@
 
 #### :material-tag: 5.0.0
 
-Changelog: [CL-5.0.0](../general/changelogs/cl500.md)
+:material-calendar: 07/08/2025
 
-Date | System Name | File
---- | --- | ---  
-07/08/2025 | ServiceRegistry | [AH-serviceregistry-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0/AH-serviceregistry-5.0.0.zip)
-07/08/2025 | DynamicServiceOrchestration | [AH-serviceorchestration-dynamic-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0/AH-serviceorchestration-dynamic-5.0.0.zip)
-07/08/2025 | ConsumerAuthorization | [AH-consumerauthorization-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0/AH-consumerauthorization-5.0.0.zip)
-07/08/2025 | Authentication | [AH-authentication-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0/AH-authentication-5.0.0.zip)
-07/08/2025 | Blacklist | [AH-blacklist-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-blacklist-java-spring/releases/download/v5.0.0/AH-blacklist-5.0.0.zip)
+System Name | File
+--- | ---  
+ServiceRegistry Core System | [AH-serviceregistry-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0/AH-serviceregistry-5.0.0.zip)
+DynamicServiceOrchestration Core System | [AH-serviceorchestration-dynamic-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0/AH-serviceorchestration-dynamic-5.0.0.zip)
+ConsumerAuthorization Core System | [AH-consumerauthorization-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0/AH-consumerauthorization-5.0.0.zip)
+Authentication Core System | [AH-authentication-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0/AH-authentication-5.0.0.zip)
+Blacklist Support System | [AH-blacklist-5.0.0.zip](https://github.com/eclipse-arrowhead/ah5-blacklist-java-spring/releases/download/v5.0.0/AH-blacklist-5.0.0.zip)

docs/downloads/test-certificates.md

@@ -0,0 +1,18 @@
+# Test Certificates
+
+| Certificate Profile | Common Name | File |
+| ------------------- | ----------- | ---- |
+| Master Profile | `arrowhead.eu` | [master.p12](https://raw.githubusercontent.com/eclipse-arrowhead/ah5-common-java-spring/master/certificates/master.p12) |
+| Organization Profile | `Company.arrowhead.eu` | [Company.p12](https://raw.githubusercontent.com/eclipse-arrowhead/ah5-common-java-spring/master/certificates/Company.p12) |
+| Local Cloud Profile | `TestCloud.Company.arrowhead.eu` | [TestCloud.p12](https://raw.githubusercontent.com/eclipse-arrowhead/ah5-common-java-spring/master/certificates/TestCloud.p12) |
+| Operator Profile | `Operator.TestCloud.Company.arrowhead.eu` | [Operator.p12](https://raw.githubusercontent.com/eclipse-arrowhead/ah5-common-java-spring/master/certificates/Operator.p12) |
+| Broker Profile | `Broker.TestCloud.Company.arrowhead.eu` | [Broker.p12](https://raw.githubusercontent.com/eclipse-arrowhead/ah5-common-java-spring/master/certificates/Broker.p12) |
+
+_Truststore_
+
+| Trust in | File |
+| ------- | ---- |
+| `TestCloud.Company.arrowhead.eu` | [truststore.p12](https://raw.githubusercontent.com/eclipse-arrowhead/ah5-common-java-spring/master/certificates/truststore.p12) | |
+
+
+**Password for all**: `123456`

docs/downloads/test_builds.md

@@ -10,31 +10,34 @@ No recent TESTBUILD is available.
 
 #### :material-tag: 5.0.0-TESTBUILD-2
 
-Changelog: [CL-5.0.0](../general/changelogs/cl500.md)
+:material-calendar: 20/06/2025 <br/>
+:material-note-text: [CL-5.0.0](../general/changelogs/cl500.md)
 
-Date | System Name | Download
---- | --- | ---
-20/06/2025 | ServiceRegistry | [AH-serviceregistry-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-serviceregistry-5.0.0-TESTBUILD-2.zip)
-20/06/2025 | DynamicServiceOrchestration  | [AH-serviceorchestration-dynamic-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-serviceorchestration-dynamic-5.0.0-TESTBUILD-2.zip)
-20/06/2025 | ConsumerAuthorization | [AH-consumerauthorization-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-consumerauthorization-5.0.0-TESTBUILD-2.zip)
-20/06/2025 | Authentication | [AH-authentication-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-authentication-5.0.0-TESTBUILD-2.zip)
-20/06/2025 | Blacklist | [AH-blacklist-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-blacklist-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-blacklist-5.0.0-TESTBUILD-2.zip)
+System Name | Download
+--- | ---
+ServiceRegistry Core System | [AH-serviceregistry-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-serviceregistry-5.0.0-TESTBUILD-2.zip)
+DynamicServiceOrchestration Core System  | [AH-serviceorchestration-dynamic-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-serviceorchestration-dynamic-5.0.0-TESTBUILD-2.zip)
+ConsumerAuthorization Core System | [AH-consumerauthorization-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-consumerauthorization-5.0.0-TESTBUILD-2.zip)
+Authentication Core System | [AH-authentication-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-authentication-5.0.0-TESTBUILD-2.zip)
+Blacklist Support System | [AH-blacklist-5.0.0-TESTBUILD-2.zip](https://github.com/eclipse-arrowhead/ah5-blacklist-java-spring/releases/download/v5.0.0-TESTBUILD-2/AH-blacklist-5.0.0-TESTBUILD-2.zip)
 
 #### :material-tag: 5.0.0-TESTBUILD-1	
 
-Changelog: [CL-5.0.0](../general/changelogs/cl500.md)
+:material-calendar: 23/04/2025 <br/>
+:material-note-text: [CL-5.0.0](../general/changelogs/cl500.md)
 
-Date | System Name | Download
---- | --- | ---
-23/04/2025 | ServiceRegistry | [AH-serviceregistry-5.0.0-TESTBUILD-1.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-1/arrowhead-serviceregistry-5.0.0-TESTBUILD-1.zip)
-23/04/2025 | DynamicServiceOrchestration  | [AH-serviceorchestration-dynamic-5.0.0-TESTBUILD-1.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-1/arrowhead-serviceorchestration-dynamic-5.0.0-TESTBUILD-1.zip)
-23/04/2025 | Authentication | [AH-authentication-5.0.0-TESTBUILD-1.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-1/arrowhead-authentication-5.0.0-TESTBUILD-1.zip)
-23/04/2025 | Blacklist | [AH-blacklist-5.0.0-TESTBUILD-1.zip](https://github.com/eclipse-arrowhead/ah5-blacklist-java-spring/releases/download/v5.0.0-TESTBUILD-1/arrowhead-blacklist-5.0.0-TESTBUILD-1.zip)
+System Name | Download
+--- | ---
+ServiceRegistry Core System | [AH-serviceregistry-5.0.0-TESTBUILD-1.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-1/arrowhead-serviceregistry-5.0.0-TESTBUILD-1.zip)
+DynamicServiceOrchestration Core System | [AH-serviceorchestration-dynamic-5.0.0-TESTBUILD-1.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-1/arrowhead-serviceorchestration-dynamic-5.0.0-TESTBUILD-1.zip)
+Authentication Core System | [AH-authentication-5.0.0-TESTBUILD-1.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-1/arrowhead-authentication-5.0.0-TESTBUILD-1.zip)
+Blacklist Support System | [AH-blacklist-5.0.0-TESTBUILD-1.zip](https://github.com/eclipse-arrowhead/ah5-blacklist-java-spring/releases/download/v5.0.0-TESTBUILD-1/arrowhead-blacklist-5.0.0-TESTBUILD-1.zip)
 
 #### :material-tag: 5.0.0-TESTBUILD-0	
 
-Changelog: [CL-5.0.0](../general/changelogs/cl500.md)
+:material-calendar: 14/03/2025 <br/>
+:material-note-text: [CL-5.0.0](../general/changelogs/cl500.md)
 
-Date | System Name | Download
---- | --- | ---
-14/03/2025 | ServiceRegistry | [AH-serviceregistry-5.0.0-TESTBUILD-0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-0/arrowhead-serviceregistry-5.0.0-TESTBUILD-0.zip)
+System Name | Download
+--- | ---
+ServiceRegistry Core System | [AH-serviceregistry-5.0.0-TESTBUILD-0.zip](https://github.com/eclipse-arrowhead/ah5-core-java-spring/releases/download/v5.0.0-TESTBUILD-0/arrowhead-serviceregistry-5.0.0-TESTBUILD-0.zip)