Creates Backward Compatible Context Class (cedar-policy#286)

Signed-off-by: Mudit Chaudhary <chmudit@amazon.com>

Author: muditchaudhary

CedarJava/.gitignore

@@ -13,6 +13,6 @@
 .factorypath
 .project
 .settings/
-
+bin/
 # Ignore changes to gradle.properties because we enter passwords here for releases
 /gradle.properties

CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationRequest.java

@@ -95,6 +95,34 @@ public AuthorizationRequest(
         this.enableRequestValidation = enableRequestValidation;
     }
 
+    /**
+     * Create an authorization request from the EUIDs and Context.
+     * Constructor overloading to support Context object while preserving backward compatability.
+     *
+     * @param principalEUID Principal's EUID.
+     * @param actionEUID Action's EUID.
+     * @param resourceEUID Resource's EUID.
+     * @param context Context object.
+     * @param schema Schema (optional).
+     * @param enableRequestValidation Whether to use the schema for just
+     * schema-based parsing of `context` (false) or also for request validation
+     * (true). No effect if `schema` is not provided.
+     */
+    public AuthorizationRequest(
+        EntityUID principalEUID,
+        EntityUID actionEUID,
+        EntityUID resourceEUID,
+        Context context,
+        Optional<Schema> schema,
+        boolean enableRequestValidation) {
+    this.principalEUID = principalEUID;
+    this.actionEUID = actionEUID;
+    this.resourceEUID = resourceEUID;
+    this.context = Optional.of(context.getContext());
+    this.schema = schema;
+    this.enableRequestValidation = enableRequestValidation;
+}
+
     /**
      * Create a request without a schema.
      *
@@ -113,6 +141,25 @@ public AuthorizationRequest(EntityUID principalEUID, EntityUID actionEUID, Entit
                 false);
     }
 
+    /**
+     * Create a request without a schema.
+     * Constructor overloading to support Context object while preserving backward compatability.
+     *
+     * @param principalEUID Principal's EUID.
+     * @param actionEUID Action's EUID.
+     * @param resourceEUID Resource's EUID.
+     * @param context Key/Value context.
+     */
+    public AuthorizationRequest(EntityUID principalEUID, EntityUID actionEUID, EntityUID resourceEUID, Context context) {
+        this(
+                principalEUID,
+                actionEUID,
+                resourceEUID,
+                context,
+                Optional.empty(),
+                false);
+    }
+
     /**
      * Create a request without a schema, using Entity objects for principal/action/resource.
      *
@@ -129,6 +176,24 @@ public AuthorizationRequest(Entity principalEUID, Entity actionEUID, Entity reso
                 context);
     }
 
+    /**
+     * Create a request without a schema, using Entity objects for principal/action/resource.
+     * Constructor overloading to support Context object while preserving backward compatability.
+     *
+     * @param principalEUID Principal's EUID.
+     * @param actionEUID Action's EUID.
+     * @param resourceEUID Resource's EUID.
+     * @param context Key/Value context.
+     */
+    public AuthorizationRequest(Entity principalEUID, Entity actionEUID, Entity resourceEUID, Context context) {
+        this(
+                principalEUID.getEUID(),
+                actionEUID.getEUID(),
+                resourceEUID.getEUID(),
+                context);
+    }
+
+
     /**
      * Create a request from Entity objects and Context.
      *
@@ -154,6 +219,31 @@ public AuthorizationRequest(Entity principal, Entity action, Entity resource,
         );
     }
 
+    /**
+     * Create a request from Entity objects and Context.
+     * Constructor overloading to support Context object while preserving backward compatability.
+     *
+     * @param principal
+     * @param action
+     * @param resource
+     * @param context
+     * @param schema
+     * @param enableRequestValidation Whether to use the schema for just
+     * schema-based parsing of `context` (false) or also for request validation
+     * (true). No effect if `schema` is not provided.
+     */
+
+    public AuthorizationRequest(Entity principal, Entity action, Entity resource,
+                                Context context, Optional<Schema> schema, boolean enableRequestValidation) {
+        this(
+            principal.getEUID(),
+            action.getEUID(),
+            resource.getEUID(),
+            context,
+            schema,
+            enableRequestValidation
+        );
+    }
 
     /** Readable string representation. */
     @Override

CedarJava/src/main/java/com/cedarpolicy/model/Context.java

@@ -0,0 +1,145 @@
+/*
+* Copyright Cedar Contributors
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*      https://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package com.cedarpolicy.model;
+
+import java.util.HashMap;
+import java.util.Collections;
+import java.util.stream.Collectors;
+import java.util.stream.StreamSupport;
+import java.util.Map;
+import com.cedarpolicy.value.Value;
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+
+public class Context {
+
+    private Map<String, Value> context;
+
+    /**
+     * Constructs a new empty Context with no key-value pairs. Initializes the internal context map as an empty
+     * immutable map.
+     */
+    public Context() {
+        context = Collections.emptyMap();
+    }
+
+    public boolean isEmpty() {
+        return context.isEmpty();
+    }
+
+    /**
+     * Constructs a new Context from an Iterable of key-value pairs. Creates a new HashMap and populates it with the
+     * provided entries. Equivalent to from_pairs in Cedar Rust.
+     *
+     * @param contextList An Iterable containing key-value pairs to initialize this context with
+     * @throws IllegalStateException    if a duplicate key is found within the iterable
+     * @throws IllegalArgumentException if the contextList parameter is null
+     */
+    @SuppressFBWarnings("CT_CONSTRUCTOR_THROW")
+    public Context(Iterable<Map.Entry<String, Value>> contextList) {
+        context = new HashMap<>();
+        mergeContextFromIterable(contextList);
+    }
+
+    /**
+     * Constructs a new Context with the provided map of key-value pairs. Creates a defensive copy of the input map to
+     * maintain immutability.
+     *
+     * @param contextMap The map of key-value pairs to initialize this context with
+     * @throws IllegalArgumentException if the contextMap parameter is null
+     */
+    public Context(Map<String, Value> contextMap) {
+        context = new HashMap<>();
+        context.putAll(contextMap);
+    }
+
+    /**
+     * Returns a defensive copy of the internal context map.
+     *
+     * @return A new HashMap containing all key-value pairs from the internal context
+     */
+    public Map<String, Value> getContext() {
+        return new HashMap<>(context);
+    }
+
+    /**
+     * Merges another Context object into the current context.
+     *
+     * @param contextToMerge The Context object to merge into this context
+     * @throws IllegalStateException    if a duplicate key is found while merging the context
+     * @throws IllegalArgumentException if the contextToMerge parameter is null
+     */
+    public void merge(Context contextToMerge) throws IllegalStateException, IllegalArgumentException {
+        mergeContextFromIterable(contextToMerge.getContext().entrySet());
+    }
+
+    /**
+     * Merges the provided key-value pairs into the current context.
+     *
+     * @param contextMaps An Iterable containing key-value pairs to merge into this context
+     * @throws IllegalStateException    if a duplicate key is found in the existing context or duplicate key found
+     *                                  within the iterable
+     * @throws IllegalArgumentException if the contextMaps parameter is null
+     */
+    public void merge(Iterable<Map.Entry<String, Value>> contextMaps)
+            throws IllegalStateException, IllegalArgumentException {
+        mergeContextFromIterable(contextMaps);
+    }
+
+    /**
+     * Retrieves the Value associated with the specified key from the context.
+     *
+     * @param key The key whose associated Value is to be returned
+     * @return The Value associated with the specified key, or null if the key is not found replicating Cedar Rust
+     *         behavior
+     * @throws IllegalArgumentException if the key parameter is null
+     */
+    public Value get(String key) {
+        if (key == null) {
+            throw new IllegalArgumentException("Key cannot be null");
+        }
+        return context.getOrDefault(key, null);
+    }
+
+    /**
+     * Processes an Iterable of Map entries and adds them to the context.
+     *
+     * @param contextIterator The Iterable containing key-value pairs to add to the context
+     * @throws IllegalStateException    if a duplicate key is found in the existing context or duplicate key found
+     *                                  within the iterable
+     * @throws IllegalArgumentException if the contextIterator is null
+     */
+    private void mergeContextFromIterable(Iterable<Map.Entry<String, Value>> contextIterator)
+            throws IllegalStateException, IllegalArgumentException {
+        if (contextIterator == null) {
+            throw new IllegalArgumentException("Context iterator cannot be null");
+        }
+
+        Map<String, Value> newEntries = StreamSupport.stream(contextIterator.spliterator(), false).peek(entry -> {
+            if (context.containsKey(entry.getKey())) {
+                throw new IllegalStateException(
+                        String.format("Duplicate key '%s' in existing context", entry.getKey()));
+            }
+        }).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
+        context.putAll(newEntries);
+    }
+
+    /** Readable string representation. */
+    @Override
+    public String toString() {
+        return context.toString();
+    }
+}

CedarJava/src/main/java/com/cedarpolicy/model/PartialAuthorizationRequest.java

@@ -160,6 +160,11 @@ public Builder context(Map<String, Value> context) {
             return this;
         }
 
+        public Builder context(Context context) {
+            this.context = Optional.of(ImmutableMap.copyOf(context.getContext()));
+            return this;
+        }
+
         /**
          * Set the context to be empty, not unknown
          * @return The builder.