Skip to content

Add SPF4Peppol support for sender authorization policies #427

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
stevenn wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add SPF4Peppol support for sender authorization policies #427

stevenn wants to merge 1 commit into from

Conversation

@stevenn
Copy link

@stevenn stevenn commented Jan 26, 2026

Summary

  • Implement SPF4Peppol (Sender Policy Framework for Peppol) to allow participants to declare which Access Points are authorized to send documents on their behalf
  • Add domain model with policy terms (qualifier + mechanism + value)
  • Add XML backend storage manager
  • Add REST API endpoint: GET /security/{participantId}/spf

Details

New classes in com.helger.phoss.smp.domain.spf:

  • ESPF4PeppolQualifier - Enum: pass, fail, softfail, neutral
  • ESPF4PeppolMechanism - Enum: seatid, certfp, smp, reference, all
  • SPF4PeppolTerm - Single policy term
  • ISMPSPF4PeppolPolicy / SMPSPF4PeppolPolicy - Policy interface and implementation
  • ISMPSPF4PeppolPolicyManager - Manager interface
  • SMPSPF4PeppolPolicyMicroTypeConverter - XML serialization

XML Backend:

  • SMPSPF4PeppolPolicyManagerXML - File-based storage

REST API:

  • APIExecutorSPF4PeppolGet - Returns XML per SPF4Peppol 1.0 spec

Example Response

<?xml version="1.0" encoding="UTF-8"?>
<Policy xmlns="urn:peppol:spf4peppol:1.0" version="1.0">
  <Terms>
    <Term qualifier="pass" mechanism="seatid">PEPPOL-SEAT-001</Term>
    <Term qualifier="softfail" mechanism="all" />
  </Terms>
  <Modifiers>
    <TTL>3600</TTL>
    <Explanation>Test SPF4Peppol policy</Explanation>
  </Modifiers>
</Policy>

Test plan

  • Build passes (mvn clean install -DskipTests)
  • Unit tests pass for backend and backend-xml modules
  • Manual test: endpoint returns 404 when no policy exists
  • Manual test: endpoint returns correct XML when policy exists

@phax phax self-requested a review January 26, 2026 16:05
@phax
Copy link
Owner

phax commented Jan 26, 2026

Thx Steven - good starting point. However, we need to do a little refinement on the original repo first. So please have a little patience on this PR :)

@stevenn stevenn force-pushed the feature/spf4peppol-support branch from 753898e to 7f07f49 Compare January 27, 2026 07:02
@stevenn
Copy link
Author

stevenn commented Jan 27, 2026

Hey @phax I amended the PR with the suggested endpoint structure. At your leisure!

@stevenn
Add SPF4Peppol support for sender authorization policies
30c8fc6 
Implement SPF4Peppol (Sender Policy Framework for Peppol) to allow
participants to declare which Access Points are authorized to send
documents on their behalf.

New features:
- Domain model: ESPF4PeppolQualifier, ESPF4PeppolMechanism, SPF4PeppolTerm,
  ISMPSPF4PeppolPolicy, SMPSPF4PeppolPolicy, ISMPSPF4PeppolPolicyManager
- XML backend: SMPSPF4PeppolPolicyManagerXML for file-based storage
- REST API: GET /ext/spf/{participantId} endpoint

The implementation follows the SPF4Peppol specification v1.0 and uses
the namespace urn:peppol:spf4peppol:1.0 for XML responses.
@stevenn stevenn force-pushed the feature/spf4peppol-support branch from 7f07f49 to 30c8fc6 Compare January 27, 2026 09:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@phax phax Awaiting requested review from phax

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stevenn @phax