**feat(api): Add Patronage and PDS Fleet API controllers with routes and configuration**

JamesKane · JamesKane · commit d2f262ffc78d · 2026-03-06T18:13:22.000-06:00
- Implemented `PatronageApiController` with subscription management endpoints (create, cancel, list, and summary).
- Added `PdsFleetApiController` to handle PDS fleet operations, including heartbeat, submission, and node management.
- Updated routes configuration to include new APIs for Patronage and PDS Fleet operations.
- Enhanced `application.conf` with AT Protocol and PDS authentication settings.
diff --git a/app/controllers/PatronageApiController.scala b/app/controllers/PatronageApiController.scala
@@ -0,0 +1,85 @@
+package controllers
+
+import actions.ApiSecurityAction
+import jakarta.inject.{Inject, Singleton}
+import play.api.Logging
+import play.api.libs.json.{Json, OFormat}
+import play.api.mvc.*
+import services.{PatronageService, WebhookEvent}
+
+import java.util.UUID
+import scala.concurrent.ExecutionContext
+
+@Singleton
+class PatronageApiController @Inject()(
+                                        val controllerComponents: ControllerComponents,
+                                        secureApi: ApiSecurityAction,
+                                        patronageService: PatronageService
+                                      )(implicit ec: ExecutionContext) extends BaseController with Logging {
+
+  case class CreateSubscriptionRequest(
+                                        userId: UUID,
+                                        tier: String,
+                                        billingInterval: String,
+                                        paymentProvider: String,
+                                        providerSubscriptionId: Option[String] = None,
+                                        providerCustomerId: Option[String] = None
+                                      )
+  object CreateSubscriptionRequest { implicit val format: OFormat[CreateSubscriptionRequest] = Json.format }
+
+  case class CancelSubscriptionRequest(userId: UUID)
+  object CancelSubscriptionRequest { implicit val format: OFormat[CancelSubscriptionRequest] = Json.format }
+
+  def createSubscription(): Action[CreateSubscriptionRequest] =
+    secureApi.jsonAction[CreateSubscriptionRequest].async { request =>
+      val r = request.body
+      patronageService.createSubscription(
+        userId = r.userId,
+        tier = r.tier,
+        billingInterval = r.billingInterval,
+        paymentProvider = r.paymentProvider,
+        providerSubscriptionId = r.providerSubscriptionId,
+        providerCustomerId = r.providerCustomerId
+      ).map {
+        case Right(sub) => Created(Json.toJson(sub))
+        case Left(error) => BadRequest(Json.obj("error" -> error))
+      }
+    }
+
+  def cancelSubscription(id: Int): Action[CancelSubscriptionRequest] =
+    secureApi.jsonAction[CancelSubscriptionRequest].async { request =>
+      patronageService.cancelSubscription(id, request.body.userId).map {
+        case Right(_) => Ok(Json.obj("cancelled" -> true))
+        case Left(error) => BadRequest(Json.obj("error" -> error))
+      }
+    }
+
+  def getSubscription(userId: UUID): Action[AnyContent] = secureApi.async { _ =>
+    patronageService.getActiveSubscription(userId).map {
+      case Some(sub) => Ok(Json.toJson(sub))
+      case None => NotFound(Json.obj("error" -> "No active subscription"))
+    }
+  }
+
+  def getUserSubscriptions(userId: UUID): Action[AnyContent] = secureApi.async { _ =>
+    patronageService.getUserSubscriptions(userId).map { subs =>
+      Ok(Json.obj("subscriptions" -> subs, "total" -> subs.size))
+    }
+  }
+
+  def isPatron(userId: UUID): Action[AnyContent] = secureApi.async { _ =>
+    patronageService.isPatron(userId).map { isPatron =>
+      Ok(Json.obj("isPatron" -> isPatron))
+    }
+  }
+
+  def getPatronSummary: Action[AnyContent] = secureApi.async { _ =>
+    patronageService.getPatronSummary.map(summary => Ok(Json.toJson(summary)))
+  }
+
+  def expireOverdue(): Action[AnyContent] = secureApi.async { _ =>
+    patronageService.expireOverdueSubscriptions().map { count =>
+      Ok(Json.obj("expired" -> count))
+    }
+  }
+}
diff --git a/app/controllers/PdsFleetApiController.scala b/app/controllers/PdsFleetApiController.scala
@@ -0,0 +1,155 @@
+package controllers
+
+import actions.{ApiSecurityAction, PdsAuthAction}
+import jakarta.inject.{Inject, Singleton}
+import play.api.Logging
+import play.api.libs.json.{Json, OFormat}
+import play.api.mvc.*
+import services.{HeartbeatRequest, PdsFleetService, SubmissionProvenanceService}
+
+import java.util.UUID
+import scala.concurrent.ExecutionContext
+
+@Singleton
+class PdsFleetApiController @Inject()(
+                                       val controllerComponents: ControllerComponents,
+                                       pdsAuth: PdsAuthAction,
+                                       secureApi: ApiSecurityAction,
+                                       fleetService: PdsFleetService,
+                                       submissionService: SubmissionProvenanceService
+                                     )(implicit ec: ExecutionContext) extends BaseController with Logging {
+
+  // --- PDS-authenticated endpoints (called by edge nodes) ---
+
+  case class HeartbeatPayload(
+                               status: String,
+                               softwareVersion: Option[String] = None,
+                               loadMetrics: Option[play.api.libs.json.JsValue] = None,
+                               processingQueueSize: Option[Int] = None,
+                               errorMessage: Option[String] = None,
+                               lastCommitCid: Option[String] = None,
+                               lastCommitRev: Option[String] = None
+                             )
+  object HeartbeatPayload { implicit val format: OFormat[HeartbeatPayload] = Json.format }
+
+  def heartbeat(): Action[HeartbeatPayload] = pdsAuth.jsonAction[HeartbeatPayload].async { request =>
+    val node = request.pdsNode
+    val payload = request.body
+    val hbRequest = HeartbeatRequest(
+      did = node.did,
+      pdsUrl = node.pdsUrl,
+      handle = node.handle,
+      nodeName = node.nodeName,
+      softwareVersion = payload.softwareVersion,
+      status = payload.status,
+      loadMetrics = payload.loadMetrics,
+      processingQueueSize = payload.processingQueueSize,
+      lastCommitCid = payload.lastCommitCid,
+      lastCommitRev = payload.lastCommitRev,
+      errorMessage = payload.errorMessage
+    )
+
+    fleetService.processHeartbeat(hbRequest).map {
+      case Right(updatedNode) => Ok(Json.toJson(updatedNode))
+      case Left(error) => BadRequest(Json.obj("error" -> error))
+    }
+  }
+
+  case class SubmissionPayload(
+                                submissionType: String,
+                                proposedValue: String,
+                                biosampleId: Option[Int] = None,
+                                biosampleGuid: Option[UUID] = None,
+                                confidenceScore: Option[Double] = None,
+                                algorithmVersion: Option[String] = None,
+                                softwareVersion: Option[String] = None,
+                                payload: Option[play.api.libs.json.JsValue] = None,
+                                atUri: Option[String] = None,
+                                atCid: Option[String] = None
+                              )
+  object SubmissionPayload { implicit val format: OFormat[SubmissionPayload] = Json.format }
+
+  def submitData(): Action[SubmissionPayload] = pdsAuth.jsonAction[SubmissionPayload].async { request =>
+    val node = request.pdsNode
+    val p = request.body
+
+    submissionService.recordSubmission(
+      did = node.did,
+      submissionType = p.submissionType,
+      proposedValue = p.proposedValue,
+      biosampleId = p.biosampleId,
+      biosampleGuid = p.biosampleGuid,
+      confidenceScore = p.confidenceScore,
+      algorithmVersion = p.algorithmVersion,
+      softwareVersion = p.softwareVersion,
+      payload = p.payload,
+      atUri = p.atUri,
+      atCid = p.atCid
+    ).map {
+      case Right(submission) => Created(Json.toJson(submission))
+      case Left(error) => BadRequest(Json.obj("error" -> error))
+    }
+  }
+
+  // --- Admin-authenticated endpoints (X-API-Key secured) ---
+
+  def getFleetSummary: Action[AnyContent] = secureApi.async { _ =>
+    fleetService.getFleetSummary.map(summary => Ok(Json.toJson(summary)))
+  }
+
+  def listNodes(status: Option[String]): Action[AnyContent] = secureApi.async { _ =>
+    fleetService.listNodes(status).map { nodes =>
+      Ok(Json.obj("nodes" -> nodes, "total" -> nodes.size))
+    }
+  }
+
+  def getNode(did: String): Action[AnyContent] = secureApi.async { _ =>
+    fleetService.getNode(did).map {
+      case Some(node) => Ok(Json.toJson(node))
+      case None => NotFound(Json.obj("error" -> s"Node not found: $did"))
+    }
+  }
+
+  def removeNode(did: String): Action[AnyContent] = secureApi.async { _ =>
+    fleetService.removeNode(did).map {
+      case Right(_) => Ok(Json.obj("removed" -> true))
+      case Left(error) => NotFound(Json.obj("error" -> error))
+    }
+  }
+
+  def markStaleOffline(): Action[AnyContent] = secureApi.async { _ =>
+    fleetService.markStaleNodesOffline().map { count =>
+      Ok(Json.obj("markedOffline" -> count))
+    }
+  }
+
+  def getPendingSubmissions(submissionType: Option[String], limit: Int): Action[AnyContent] = secureApi.async { _ =>
+    submissionService.getPendingSubmissions(submissionType, limit).map { submissions =>
+      Ok(Json.obj("submissions" -> submissions, "total" -> submissions.size))
+    }
+  }
+
+  case class ReviewRequest(reviewedBy: String, notes: Option[String] = None)
+  object ReviewRequest { implicit val format: OFormat[ReviewRequest] = Json.format }
+
+  def acceptSubmission(id: Int): Action[ReviewRequest] = secureApi.jsonAction[ReviewRequest].async { request =>
+    submissionService.acceptSubmission(id, request.body.reviewedBy, request.body.notes).map {
+      case Right(_) => Ok(Json.obj("accepted" -> true))
+      case Left(error) => BadRequest(Json.obj("error" -> error))
+    }
+  }
+
+  def rejectSubmission(id: Int): Action[ReviewRequest] = secureApi.jsonAction[ReviewRequest].async { request =>
+    submissionService.rejectSubmission(id, request.body.reviewedBy, request.body.notes).map {
+      case Right(_) => Ok(Json.obj("rejected" -> true))
+      case Left(error) => BadRequest(Json.obj("error" -> error))
+    }
+  }
+
+  def getNodeSubmissionSummary(did: String): Action[AnyContent] = secureApi.async { _ =>
+    submissionService.getNodeSubmissionSummary(did).map {
+      case Right(summary) => Ok(Json.toJson(summary))
+      case Left(error) => NotFound(Json.obj("error" -> error))
+    }
+  }
+}
diff --git a/conf/application.conf b/conf/application.conf
@@ -87,6 +87,20 @@ contact {
   recipient.email = ${?CONTACT_RECIPIENT_EMAIL}  # Can be overridden by environment variable
 }
 
+# AT Protocol / PDS configuration
+atproto {
+  client.timeout = 5000
+  client.timeout = ${?ATPROTO_CLIENT_TIMEOUT}
+  plc.directory = "https://plc.directory"
+  plc.directory = ${?ATPROTO_PLC_DIRECTORY}
+}
+
+# PDS Edge node authentication
+pds.auth {
+  timestamp.window.seconds = 300
+  timestamp.window.seconds = ${?PDS_AUTH_TIMESTAMP_WINDOW}
+}
+
 pekko {
   loglevel = "DEBUG"
   stdout-loglevel = "DEBUG"
diff --git a/conf/routes b/conf/routes
@@ -310,6 +310,37 @@ GET           /curator/genome-regions/:id/edit
 POST          /curator/genome-regions/:id                                                        controllers.GenomeRegionsCuratorController.updateRegion(id: Int)
 DELETE        /curator/genome-regions/:id                                                        controllers.GenomeRegionsCuratorController.deleteRegion(id: Int)
 
+# =============================================
+# PDS Fleet Management API
+# =============================================
+# PDS-authenticated endpoints (signed by edge node private key)
++nocsrf
+POST          /api/v1/pds/heartbeat                                                              controllers.PdsFleetApiController.heartbeat()
++nocsrf
+POST          /api/v1/pds/submissions                                                            controllers.PdsFleetApiController.submitData()
+
+# Admin fleet management (X-API-Key secured)
+GET           /api/v1/pds/fleet/summary                                                          controllers.PdsFleetApiController.getFleetSummary
+GET           /api/v1/pds/fleet/nodes                                                            controllers.PdsFleetApiController.listNodes(status: Option[String])
+GET           /api/v1/pds/fleet/nodes/:did                                                       controllers.PdsFleetApiController.getNode(did: String)
+DELETE        /api/v1/pds/fleet/nodes/:did                                                       controllers.PdsFleetApiController.removeNode(did: String)
+POST          /api/v1/pds/fleet/mark-stale                                                       controllers.PdsFleetApiController.markStaleOffline()
+GET           /api/v1/pds/submissions/pending                                                    controllers.PdsFleetApiController.getPendingSubmissions(type: Option[String], limit: Int ?= 100)
+POST          /api/v1/pds/submissions/:id/accept                                                 controllers.PdsFleetApiController.acceptSubmission(id: Int)
+POST          /api/v1/pds/submissions/:id/reject                                                 controllers.PdsFleetApiController.rejectSubmission(id: Int)
+GET           /api/v1/pds/submissions/summary/:did                                               controllers.PdsFleetApiController.getNodeSubmissionSummary(did: String)
+
+# =============================================
+# Patronage API (X-API-Key secured)
+# =============================================
+POST          /api/v1/patronage/subscriptions                                                    controllers.PatronageApiController.createSubscription()
+POST          /api/v1/patronage/subscriptions/:id/cancel                                         controllers.PatronageApiController.cancelSubscription(id: Int)
+GET           /api/v1/patronage/subscriptions/user/:userId                                       controllers.PatronageApiController.getUserSubscriptions(userId: java.util.UUID)
+GET           /api/v1/patronage/subscriptions/active/:userId                                     controllers.PatronageApiController.getSubscription(userId: java.util.UUID)
+GET           /api/v1/patronage/is-patron/:userId                                                controllers.PatronageApiController.isPatron(userId: java.util.UUID)
+GET           /api/v1/patronage/summary                                                          controllers.PatronageApiController.getPatronSummary
+POST          /api/v1/patronage/expire-overdue                                                   controllers.PatronageApiController.expireOverdue()
+
 # --- API Routes (Handled by Tapir, including Swagger UI) ---
 POST          /api/registerPDS                                                                   controllers.PDSRegistrationController.registerPDS()
 
