N-times usage policy implementation

[carlosperezdengra777]

Question: Implementing a usage-based access policy in EDC

Hello,

I'm currently working on a custom policy evaluation function that restricts access to an asset once it has been used more than N times (e.g., N successful transfers). I'm following the recommended pattern by:

• Defining the policy constraint in resources/<...>/extensions.policy
• Registering it via a PolicyFunctionsExtension class
• Implementing a UsageCountConstraintFunction that retrieves the number of completed transfers for a given assetId

My function currently tries to call the /transferprocesses/request API to count how many completed transfers exist for a given asset:

private int getCompletedTransferCount(String assetId) {
    try {
        URL url = new URL("http://localhost:29193/management/v3/transferprocesses/request");
        HttpURLConnection conn = (HttpURLConnection) url.openConnection();
        conn.setRequestMethod("POST");
        conn.setRequestProperty("Content-Type", "application/json");
        conn.setDoOutput(true);

        String body = "{\"filterExpression\":[{\"operandLeft\":\"assetId\",\"operator\":\"=\",\"operandRight\":\"" + assetId + "\"}]}";
        conn.getOutputStream().write(body.getBytes());

        Scanner scanner = new Scanner(conn.getInputStream());
        StringBuilder json = new StringBuilder();
        while (scanner.hasNext()) json.append(scanner.nextLine());
        scanner.close();

        return json.toString().split("\"state\"\\s*:\\s*\"COMPLETED\"").length - 1;
    } catch (IOException e) {
        return 0;
    }
}

However, the evaluation function is not triggered or doesn't behave as expected — I don't see it being logged even when policies are evaluated during negotiation. Regarding this topic, I have a few questions:

1.- Is it correct to assume that the number of "accesses" means the number of completed transfer processes, and not just contract negotiations?

2.- Is there a supported or recommended way to access assetId and connectorId inside the evaluation function during contract negotiation?

3.- I tried context.getContextData(...) but those values are not available at that point — as expected.

4.- I noticed that the sample LocationConstraintFunction uses claims configured externally (e.g., via the participant agent). Is this the only reliable way to inject dynamic context values into the policy evaluation at negotiation time?

5.- Finally, is calling an external API like /transferprocesses/request inside a policy evaluation function considered an anti-pattern? Or is there a more idiomatic way in EDC to query internal transfer state for policy logic?

Thank you very much in advance — any guidance, clarification or examples are greatly appreciated!

Similar questions have been related: #4032, but do not satisfy the reason of the consultation.

[jimmarino]

What is your question? Please remember discussions are for specific topics regarding the codebase. If you have a user-related question, please use the Discord channel.

[carlosperezdengra777]

Sorry, it was incomplete. Now the topic is conveniently updated with the proper questions.