diff --git a/docker-compose/docker-compose-injistack/README.md b/docker-compose/docker-compose-injistack/README.md new file mode 100644 index 00000000..73a700fe --- /dev/null +++ b/docker-compose/docker-compose-injistack/README.md @@ -0,0 +1,159 @@ +# Inji Stack Setup + +This guide provides instructions for setting up and running Inji Stack. + +## Prerequisites +- Docker and Docker Compose installed on your system +- Git (to clone the repository) +- Basic understanding of Docker and container operations +### Building inji-web-proxy +Before running the docker-compose, you need to build the inji-web-proxy image: + +```bash +# Clone the repository +git clone https://github.com/mosip/inji-web.git -b release-0.11.x +cd inji-web/inji-web-proxy + +# Build the Docker image +docker build -t inji-web-proxy:local . +``` + +## Directory Structure Setup +Create the following directory structure before proceeding: + +``` +docker-compose-injistack/ +├── data/ +│ └── CERTIFY_PKCS12/(p12 file generated at runtime) +├── certs/ +│ └── oidckeystore.p12 (to be obtained during onboarding of mimoto to esignet) +├── loader_path/ +│ └── certify/ (plugin jar to be placed here) +├── config/ (default setup should work as is for csvplugin, any other config changes user can make as per their setup) +│ ├── certify-default.properties +│ ├── certify-mock-identity.properties +│ ├── mimoto-default.properties +│ ├── mimoto-issuers-config.json +│ ├── mimoto-trusted-verifiers.json +│ └── credential-template.html +├── nginx.conf +├── certify_init.sql +└── docker-compose.yml +``` + +## Mock Certify Plugin Setup +You have two options for the certify plugin: + +### Option 1: Use Existing Mock Plugin +- Supported versions: 0.3.0 and above +- Download the snapshot JAR from: + ``` + https://oss.sonatype.org/content/repositories/snapshots/io/mosip/certify/mock-certify-plugin/0.3.0-SNAPSHOT/ + ``` +- Place the downloaded JAR in `loader_path/certify/` + +### Option 2: Create Custom Plugin +You can create your own plugin by implementing the following interface and place the resultant jar in loader_path: + +Reference Implementation: [CSVDataProviderPlugin](https://github.com/mosip/digital-credential-plugins/blob/develop/mock-certify-plugin/src/main/java/io.mosip.certify.mock.integration/service/MockCSVDataProviderPlugin.java) +```java +public interface DataProviderPlugin { + // Implement your custom logic here +} +``` + +## Configuration Setup + + + +### 1. Certificate Setup +- Place your PKCS12 certificate file (obtained from esignet onboarding) in: + ``` + certs/oidckeystore.p12 + ``` + [Collab Env OIDCKeystore](https://docs.inji.io/inji-wallet/inji-mobile/customization-overview/credential_providers#onboarding-mimoto-as-oidc-client-for-a-new-issuer) + +### 2. Configuration Files +Ensure all configuration files are properly updated in the config directory: +- certify-default.properties +- certify-mock-identity.properties +- mimoto-default.properties +- mimoto-issuers-config.json +- mimoto-trusted-verifiers.json +- credential-template.html + +[Mimoto Docker Compose Configuration Docs](https://github.com/mosip/mimoto/tree/release-0.15.x/docker-compose) +[Inji Certify Configuration Docs](../../README.md) +## Running the Application + +### 1. Start the Services +```bash +docker-compose up -d +``` + +### 2. Verify Services +Check if all services are running: +```bash +docker-compose ps +``` + +## Service Endpoints +The following services will be available: +- Database (PostgreSQL): `localhost:5433` +- Certify Service: `localhost:8090` +- Nginx: `localhost:80` +- Mimoto Service: `localhost:8099` +- Inji Web Proxy: `localhost:3010` +- Inji Web: `localhost:3001` + +## Using the Application + +### Accessing the Web Interface +1. Open your browser and navigate to `http://localhost:3001` +2. You can: + - Download credentials + - View credential status + - Manage your digital identity + +## Troubleshooting + +### Common Issues and Solutions +1. Container startup issues: + ```bash + docker-compose logs [service_name] + ``` + +2. Database connection issues: + - Verify PostgreSQL container is running + - Check database credentials in configuration + +3. Plugin loading issues: + - Verify plugin JAR is in the correct directory + - Check plugin version compatibility + +### Health Checks +Monitor service health: +```bash +docker-compose ps +docker logs [container_name] +``` + +## Stopping the Application +To stop all services: +```bash +docker-compose down +``` + +To stop and remove all containers and volumes: +```bash +docker-compose down -v +``` + +## Security Considerations +- Keep your PKCS12 certificate secure +- Regularly update configurations and credentials +- Monitor service logs for security issues + + +## Additional Resources +- [Inji Documentation](https://docs.inji.io/) \ No newline at end of file diff --git a/docker-compose/docker-compose-injistack/certify_init.sql b/docker-compose/docker-compose-injistack/certify_init.sql new file mode 100644 index 00000000..ce556ee5 --- /dev/null +++ b/docker-compose/docker-compose-injistack/certify_init.sql @@ -0,0 +1,166 @@ +CREATE DATABASE inji_certify + ENCODING = 'UTF8' + LC_COLLATE = 'en_US.UTF-8' + LC_CTYPE = 'en_US.UTF-8' + TABLESPACE = pg_default + OWNER = postgres + TEMPLATE = template0; + +COMMENT ON DATABASE inji_certify IS 'certify related data is stored in this database'; + +\c inji_certify postgres + +DROP SCHEMA IF EXISTS certify CASCADE; +CREATE SCHEMA certify; +ALTER SCHEMA certify OWNER TO postgres; +ALTER DATABASE inji_certify SET search_path TO certify,pg_catalog,public; + +CREATE TABLE certify.key_alias( + id character varying(36) NOT NULL, + app_id character varying(36) NOT NULL, + ref_id character varying(128), + key_gen_dtimes timestamp, + key_expire_dtimes timestamp, + status_code character varying(36), + lang_code character varying(3), + cr_by character varying(256) NOT NULL, + cr_dtimes timestamp NOT NULL, + upd_by character varying(256), + upd_dtimes timestamp, + is_deleted boolean DEFAULT FALSE, + del_dtimes timestamp, + cert_thumbprint character varying(100), + uni_ident character varying(50), + CONSTRAINT pk_keymals_id PRIMARY KEY (id), + CONSTRAINT uni_ident_const UNIQUE (uni_ident) +); + +CREATE TABLE certify.key_policy_def( + app_id character varying(36) NOT NULL, + key_validity_duration smallint, + is_active boolean NOT NULL, + pre_expire_days smallint, + access_allowed character varying(1024), + cr_by character varying(256) NOT NULL, + cr_dtimes timestamp NOT NULL, + upd_by character varying(256), + upd_dtimes timestamp, + is_deleted boolean DEFAULT FALSE, + del_dtimes timestamp, + CONSTRAINT pk_keypdef_id PRIMARY KEY (app_id) +); + +CREATE TABLE certify.key_store( + id character varying(36) NOT NULL, + master_key character varying(36) NOT NULL, + private_key character varying(2500) NOT NULL, + certificate_data character varying NOT NULL, + cr_by character varying(256) NOT NULL, + cr_dtimes timestamp NOT NULL, + upd_by character varying(256), + upd_dtimes timestamp, + is_deleted boolean DEFAULT FALSE, + del_dtimes timestamp, + CONSTRAINT pk_keystr_id PRIMARY KEY (id) +); + +CREATE TABLE certify.svg_template ( + id UUID NOT NULL, + template VARCHAR NOT NULL, + cr_dtimes timestamp NOT NULL, + upd_dtimes timestamp, + CONSTRAINT pk_svgtmp_id PRIMARY KEY (id) +); + +CREATE TABLE certify.template_data( + context character varying(1024) NOT NULL, + credential_type character varying(512) NOT NULL, + template VARCHAR NOT NULL, + cr_dtimes timestamp NOT NULL default now(), + upd_dtimes timestamp, + CONSTRAINT pk_template PRIMARY KEY (context, credential_type) +); + +INSERT INTO certify.template_data (context, credential_type, template, cr_dtimes, upd_dtimes) VALUES ('https://vharsh.github.io/DID/mock-context.json,https://www.w3.org/2018/credentials/v1', 'MockVerifiableCredential,VerifiableCredential', '{ + "@context": [ + "https://www.w3.org/2018/credentials/v1", + "https://vharsh.github.io/DID/mock-context.json"], + "issuer": "${issuer}", + "type": ["VerifiableCredential", "MockVerifiableCredential"], + "issuanceDate": "${validFrom}", + "expirationDate": "${validUntil}", + "credentialSubject": { + "gender": ${gender}, + "postalCode": ${postalCode}, + "fullName": ${fullName}, + "dateOfBirth": "${dateOfBirth}", + "province": ${province}, + "phone": "${phone}", + "addressLine1": ${addressLine1}, + "region": ${region}, + "vcVer": "${vcVer}", + "UIN": ${UIN}, + "email": "${email}", + "face": "${face}" + } +}', '2024-10-22 17:08:17.826851', NULL); +INSERT INTO certify.template_data (context, credential_type, template, cr_dtimes, upd_dtimes) VALUES ('https://vharsh.github.io/DID/mock-context.json,https://www.w3.org/ns/credentials/v2', 'MockVerifiableCredential,VerifiableCredential', '{ + "@context": [ + "https://www.w3.org/ns/credentials/v2", "https://vharsh.github.io/DID/mock-context.json"], + "issuer": "${issuer}", + "type": ["VerifiableCredential", "MockVerifiableCredential"], + "validFrom": "${validFrom}", + "validUntil": "${validUntil}", + "credentialSubject": { + "gender": ${gender}, + "postalCode": ${postalCode}, + "fullName": ${fullName}, + "dateOfBirth": "${dateOfBirth}", + "province": ${province}, + "phone": "${phone}", + "addressLine1": ${addressLine1}, + "region": ${region}, + "vcVer": "${vcVer}", + "UIN": ${UIN}, + "email": "${email}", + "face": "${face}" + } +}', '2024-10-22 17:08:17.826851', NULL); +INSERT INTO certify.template_data (context, credential_type, template, cr_dtimes, upd_dtimes) VALUES ('https://www.w3.org/2018/credentials/v1', 'FarmerCredential,VerifiableCredential', '{ + "@context": [ + "https://www.w3.org/2018/credentials/v1", + "https://vharsh.github.io/DID/farmer.json", + "https://w3id.org/security/suites/ed25519-2020/v1" + ], + "issuer": "${issuer}", + "type": [ + "VerifiableCredential", + "FarmerCredential" + ], + "issuanceDate": "${validFrom}", + "expirationDate": "${validUntil}", + "credentialSubject": { + "name": "${name}", + "dateOfBirth": "${dateOfBirth}", + "highestEducation": "${highestEducation}", + "maritalStatus": "${maritalStatus}", + "typeOfHouse": "${typeOfHouse}", + "numberOfDependents": "${numberOfDependents}", + "phoneNumber": "${phoneNumber}", + "works": "${works}", + "landArea": "${landArea}", + "landOwnershipType": "${landOwnershipType}", + "primaryCropType": "${primaryCropType}", + "secondaryCropType": "${secondaryCropType}" + } +} +', '2024-10-24 12:32:38.065994', NULL); + + +INSERT INTO certify.key_policy_def(APP_ID,KEY_VALIDITY_DURATION,PRE_EXPIRE_DAYS,ACCESS_ALLOWED,IS_ACTIVE,CR_BY,CR_DTIMES) VALUES('ROOT', 2920, 1125, 'NA', true, 'mosipadmin', now()); +INSERT INTO certify.key_policy_def(APP_ID,KEY_VALIDITY_DURATION,PRE_EXPIRE_DAYS,ACCESS_ALLOWED,IS_ACTIVE,CR_BY,CR_DTIMES) VALUES('CERTIFY_SERVICE', 1095, 60, 'NA', true, 'mosipadmin', now()); +INSERT INTO certify.key_policy_def(APP_ID,KEY_VALIDITY_DURATION,PRE_EXPIRE_DAYS,ACCESS_ALLOWED,IS_ACTIVE,CR_BY,CR_DTIMES) VALUES('CERTIFY_PARTNER', 1095, 60, 'NA', true, 'mosipadmin', now()); +INSERT INTO certify.key_policy_def(APP_ID,KEY_VALIDITY_DURATION,PRE_EXPIRE_DAYS,ACCESS_ALLOWED,IS_ACTIVE,CR_BY,CR_DTIMES) VALUES('CERTIFY_MOCK_RSA', 1095, 60, 'NA', true, 'mosipadmin', now()); +INSERT INTO certify.key_policy_def(APP_ID,KEY_VALIDITY_DURATION,PRE_EXPIRE_DAYS,ACCESS_ALLOWED,IS_ACTIVE,CR_BY,CR_DTIMES) VALUES('CERTIFY_MOCK_ED25519', 1095, 60, 'NA', true, 'mosipadmin', now()); +INSERT INTO certify.key_policy_def(APP_ID,KEY_VALIDITY_DURATION,PRE_EXPIRE_DAYS,ACCESS_ALLOWED,IS_ACTIVE,CR_BY,CR_DTIMES) VALUES('BASE', 1095, 60, 'NA', true, 'mosipadmin', now()); + diff --git a/docker-compose/docker-compose-injistack/config/certify-default.properties b/docker-compose/docker-compose-injistack/config/certify-default.properties new file mode 100644 index 00000000..31166d40 --- /dev/null +++ b/docker-compose/docker-compose-injistack/config/certify-default.properties @@ -0,0 +1,168 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at https://mozilla.org/MPL/2.0/. + +## Application Name +spring.application.name=certify +spring.cloud.config.uri=http://localhost:8888 + +server.port=8090 +server.servlet.path=/v1/certify + +openapi.info.title=Certify Service +openapi.info.description=Rest Endpoints for operations related to certify +openapi.info.version=1.0 +openapi.info.license.name=Mosip +openapi.info.license.url=https://docs.mosip.io/platform/license +mosipbox.public.url=http://certify:${server.port} +openapi.service.server.url=${mosipbox.public.url}${server.servlet.path} +openapi.service.server.description=Certify Service +springdoc.swagger-ui.disable-swagger-default-url=true +spring.mvc.servlet.path=${server.servlet.path} + +spring.messages.basename=messages +spring.messages.encoding=UTF-8 + +spring.main.allow-bean-definition-overriding=true +spring.mvc.pathmatch.matching-strategy=ANT_PATH_MATCHER + + + +## -------------------------------------- Authentication & Authorization ----------------------------------------------- + +mosip.certify.security.auth.post-urls={} +mosip.certify.security.auth.put-urls={} +mosip.certify.security.auth.get-urls={} + +mosip.certify.security.ignore-csrf-urls=**/actuator/**,/favicon.ico,**/error,\ + **/swagger-ui/**,**/v3/api-docs/**,\ + **/issuance/** + +mosip.certify.security.ignore-auth-urls=**/actuator/**,**/error,**/swagger-ui/**,\ + **/v3/api-docs/**, **/issuance/**,/public/**, **/system-info/** + + +## ------------------------------------------ Discovery openid-configuration ------------------------------------------- +mosip.certify.discovery.issuer-id=${mosipbox.public.url}${server.servlet.path} +mosip.certify.authorization.url=https://esignet-mock.dev1.mosip.net + +##--------------change this later--------------------------------- +mosip.certify.supported.jwt-proof-alg={'RS256','PS256'} +mosip.certify.issuer=CertifyIssuer + + +##----- These are reference to the oauth resource server providing jwk----------------------------------## +mosip.certify.cnonce-expire-seconds=40 + +mosip.certify.identifier=${mosipbox.public.url} +mosip.certify.authn.filter-urls={ '${server.servlet.path}/issuance/credential', '${server.servlet.path}/issuance/vd11/credential', '${server.servlet.path}/issuance/vd12/credential' } +mosip.certify.authn.issuer-uri=${mosip.certify.authorization.url}/v1/esignet +mosip.certify.authn.jwk-set-uri=https://esignet-mock.dev1.mosip.net/v1/esignet/oauth/.well-known/jwks.json +mosip.certify.authn.allowed-audiences={ '${mosipbox.public.url}${server.servlet.path}/issuance/credential', '${mosip.certify.authorization.url}/v1/esignet/vci/credential' } + +#------------------------------------ Key-manager specific properties -------------------------------------------------- +#Crypto asymmetric algorithm name +mosip.kernel.crypto.asymmetric-algorithm-name=RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING +#Crypto symmetric algorithm name +mosip.kernel.crypto.symmetric-algorithm-name=AES/GCM/NoPadding +#Keygenerator asymmetric algorithm name +mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA +#Keygenerator symmetric algorithm name +mosip.kernel.keygenerator.symmetric-algorithm-name=AES +#Asymmetric algorithm key length +mosip.kernel.keygenerator.asymmetric-key-length=2048 +#Symmetric algorithm key length +mosip.kernel.keygenerator.symmetric-key-length=256 +#Encrypted data and encrypted symmetric key separator +mosip.kernel.data-key-splitter=#KEY_SPLITTER# +#GCM tag length +mosip.kernel.crypto.gcm-tag-length=128 +#Hash algo name +mosip.kernel.crypto.hash-algorithm-name=PBKDF2WithHmacSHA512 +#Symmtric key length used in hash +mosip.kernel.crypto.hash-symmetric-key-length=256 +#No of iterations in hash +mosip.kernel.crypto.hash-iteration=100000 +#Sign algo name +mosip.kernel.crypto.sign-algorithm-name=RS256 +#Certificate Sign algo name +mosip.kernel.certificate.sign.algorithm=SHA256withRSA + +mosip.kernel.keymanager.hsm.config-path=CERTIFY_PKCS12/local.p12 +mosip.kernel.keymanager.hsm.keystore-type=PKCS12 +mosip.kernel.keymanager.hsm.keystore-pass=local + +#Type of keystore, Supported Types: PKCS11, PKCS12, Offline, JCE +#mosip.kernel.keymanager.hsm.keystore-type=PKCS11 +# For PKCS11 provide Path of config file. +# For PKCS12 keystore type provide the p12/pfx file path. P12 file will be created internally so provide only file path & file name. +# For Offline & JCE property can be left blank, specified value will be ignored. +#mosip.kernel.keymanager.hsm.config-path=/config/softhsm-application.conf +# Passkey of keystore for PKCS11, PKCS12 +# For Offline & JCE proer can be left blank. JCE password use other JCE specific properties. +#mosip.kernel.keymanager.hsm.keystore-pass=${softhsm.certify.mock.security.pin} + + +mosip.kernel.keymanager.certificate.default.common-name=www.example.com +mosip.kernel.keymanager.certificate.default.organizational-unit=EXAMPLE-CENTER +mosip.kernel.keymanager.certificate.default.organization=IIITB +mosip.kernel.keymanager.certificate.default.location=BANGALORE +mosip.kernel.keymanager.certificate.default.state=KA +mosip.kernel.keymanager.certificate.default.country=IN + +mosip.kernel.keymanager.softhsm.certificate.common-name=www.example.com +mosip.kernel.keymanager.softhsm.certificate.organizational-unit=Example Unit +mosip.kernel.keymanager.softhsm.certificate.organization=IIITB +mosip.kernel.keymanager.softhsm.certificate.country=IN + +# Application Id for PMS master key. +mosip.kernel.partner.sign.masterkey.application.id=PMS +mosip.kernel.partner.allowed.domains=DEVICE + +mosip.kernel.keymanager-service-validate-url=https://${mosip.hostname}/keymanager/validate +mosip.kernel.keymanager.jwtsign.validate.json=false +mosip.keymanager.dao.enabled=false +crypto.PrependThumbprint.enable=true + +mosip.kernel.keymgr.hsm.health.check.enabled=true +mosip.kernel.keymgr.hsm.health.key.app-id=CERTIFY_SERVICE +mosip.kernel.keymgr.hsm.healthkey.ref-id=TRANSACTION_CACHE + +mosip.kernel.keymgr.hsm.health.check.encrypt=true + +mosip.certify.cache.security.secretkey.reference-id=TRANSACTION_CACHE + +##----------------------------------------- Database properties -------------------------------------------------------- + +mosip.certify.database.hostname=database +mosip.certify.database.port=5432 +spring.datasource.url=jdbc:postgresql://${mosip.certify.database.hostname}:${mosip.certify.database.port}/inji_certify?currentSchema=certify +spring.datasource.username=postgres +spring.datasource.password=postgres + +spring.jpa.database-platform=org.hibernate.dialect.PostgreSQLDialect +spring.jpa.show-sql=false +spring.jpa.hibernate.ddl-auto=none +spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true + +## ---------------------------------------- Cache configuration -------------------------------------------------------- +spring.cache.type=simple +spring.data.redis.host=cache +spring.data.redis.port=6379 +spring.data.redis.password=redis + +#spring.cache.type=simple +spring.cache.cache-names=${mosip.certify.cache.names} + +management.health.redis.enabled=false + +mosip.certify.access-token-expire-seconds=86400 + +mosip.certify.cache.names=userinfo,vcissuance +# Cache size setup is applicable only for 'simple' cache type. +# Cache size configuration will not be considered with 'Redis' cache type +mosip.certify.cache.size={'userinfo': 200, 'vcissuance' : 2000 } + + +# Cache expire in seconds is applicable for both 'simple' and 'Redis' cache type +mosip.certify.cache.expire-in-seconds={'userinfo': ${mosip.certify.access-token-expire-seconds}, 'vcissuance': ${mosip.certify.access-token-expire-seconds}} \ No newline at end of file diff --git a/docker-compose/docker-compose-injistack/config/certify-mock-identity.properties b/docker-compose/docker-compose-injistack/config/certify-mock-identity.properties new file mode 100644 index 00000000..29b59424 --- /dev/null +++ b/docker-compose/docker-compose-injistack/config/certify-mock-identity.properties @@ -0,0 +1,102 @@ +## ------------------------------------------- Mock ID Integration properties ------------------------------------------------------------ +mosip.certify.integration.scan-base-package=io.mosip.certify.mock.integration +mosip.certify.integration.audit-plugin=LoggerAuditService +mosip.certify.integration.vci-plugin=MockVCIssuancePlugin + +## ------------------------------------------- Mock ID plugin related properties ------------------------------------------------------------ +mosip.certify.mock.vciplugin.verification-method=${mosip.certify.authn.jwk-set-uri} +mosip.certify.mock.authenticator.get-identity-url=http://mock-identity-system:8082/v1/mock-identity-system/identity +mosip.certify.cache.security.algorithm-name=AES/ECB/PKCS5Padding +mosip.certify.cache.secure.individual-id=false +mosip.certify.cache.store.individual-id=true +# TODO: Onboard secrets for local build +mosip.certify.mock.vciplugin.issuer.key-cert="dummy-issuer-cert" +mosip.certify.mock.vciplugin.ca.key-cert=dummy +mosip.certify.svg-templates=insurance-svg-template.json +mosip.certify.identifier=http://localhost:8090 + +mosip.certify.issuer.uri=did:web:vharsh.github.io:DID:harsh +mosip.certify.issuer.pub.key=did:web:vharsh.github.io:DID:harsh#key-0 + +mosip.certify.issuer=CertifyIssuer +mosip.certify.integration.data-provider-plugin=MockCSVDataProviderPlugin +mosip.certify.issuer.vc-sign-algo=Ed25519Signature2020 +## CSV specific config +mosip.certify.data-provider.identifier.column=id +mosip.certify.data-provider.fields.include=id,name,phoneNumber,dateOfBirth,highestEducation,typeOfHouse,numberOfDependents,works,landArea,landOwnershipType,primaryCropType,secondaryCropType,maritalStatus +mosip.certify.plugin.csv.file.uri=https://raw.githubusercontent.com/jainhitesh9998/digital-credential-plugins/refs/heads/develop/mock-certify-plugin/src/test/resources/farmer_identity_data.csv +mosip.certify.issuer.svg.template.id= +mosip.certify.key-values={\ + 'vd12' : {\ + 'credential_issuer': '${mosip.certify.identifier}',\ + 'authorization_servers': {'${mosip.certify.authorization.url}'},\ + 'credential_endpoint': '${mosipbox.public.url}${server.servlet.path}/issuance/vd12/credential',\ + 'display': {{'name': 'Insurance', 'locale': 'en'}},\ + 'credentials_supported' : {\ + 'FarmerProfileCredential' : {\ + 'format': 'ldp_vc',\ + 'scope' : 'farmer_vc_ldp',\ + 'cryptographic_binding_methods_supported': {'did:jwk'},\ + 'cryptographic_suites_supported': {'RsaSignature2018'},\ + 'proof_types_supported': {'jwt'},\ + 'credential_definition': {\ + 'type': {'VerifiableCredential','FarmerCredential'},\ + 'credentialSubject': {\ + 'name': {'display': {{'name': 'Name','locale': 'en'}}}, \ + 'highestEducation': {'display': {{'name': 'Highest Education','locale': 'en'}}},\ + 'dateOfBirth': {'display': {{'name': 'Date of Birth','locale': 'en'}}},\ + 'maritalStatus': {'display': {{'name': 'Marital Status','locale': 'en'}}},\ + 'typeOfHouse': {'display': {{'name': 'Type of House','locale': 'en'}}},\ + 'numberOfDependents': {'display': {{'name': 'Number of Dependents','locale': 'en'}}},\ + 'phoneNumber': {'display': {{'name': 'Phone Number','locale': 'en'}}},\ + 'knowsLanguage': {'display': {{'name': 'Knows Language','locale': 'en'}}},\ + 'works': {'display': {{'name': 'Employment Type','locale': 'en'}}},\ + 'farmingType': {'display': {{'name': 'Farming Type','locale': 'en'}}},\ + 'landArea': {'display': {{'name': 'Land Area','locale': 'en'}}},\ + 'landOwnershipType': {'display': {{'name': 'Land Ownership Type','locale': 'en'}}},\ + 'primaryCropType': {'display': {{'name': 'Primary Crop Name','locale': 'en'}}},\ + 'secondaryCropType': {'display': {{'name': 'Secondary Crop type','locale': 'en'}}}\ + }},\ + 'display': {{'name': 'Farmer Profile Verifiable Credential', \ + 'locale': 'en', \ + 'logo': {'url': 'https://sunbird.org/images/sunbird-logo-new.png','alt_text': 'a square logo of a Sunbird'},\ + 'background_color': '#FDFAF9',\ + 'text_color': '#7C4616'}},\ + 'order' : {'fullName','policyName','policyExpiresOn','policyIssuedOn','policyNumber','mobile','dob','gender','benefits','email'}\ + }}},\ + 'latest' : {\ + 'credential_issuer': '${mosip.certify.identifier}', \ + 'authorization_servers': {'${mosip.certify.authorization.url}'}, \ + 'credential_endpoint': '${mosipbox.public.url}${server.servlet.path}/issuance/credential', \ + 'display': {{'name': 'Insurance', 'locale': 'en'}},\ + 'credential_configurations_supported' : { \ + 'FarmerProfileCredential' : {\ + 'format': 'ldp_vc',\ + 'scope' : 'mock_identity_vc_ldp',\ + 'cryptographic_binding_methods_supported': {'did:jwk'},\ + 'credential_signing_alg_values_supported': {'RsaSignature2018'},\ + 'proof_types_supported': {'jwt': {'proof_signing_alg_values_supported': {'RS256', 'PS256'}}},\ + 'credential_definition': {\ + 'type': {'VerifiableCredential','FarmerCredential'},\ + 'credentialSubject': {\ + 'name': {'display': {{'name': 'Name','locale': 'en'}}}, \ + 'highestEducation': {'display': {{'name': 'Highest Education','locale': 'en'}}},\ + 'dateOfBirth': {'display': {{'name': 'Date of Birth','locale': 'en'}}},\ + 'maritalStatus': {'display': {{'name': 'Marital Status','locale': 'en'}}},\ + 'typeOfHouse': {'display': {{'name': 'Type of House','locale': 'en'}}},\ + 'numberOfDependents': {'display': {{'name': 'Number of Dependents','locale': 'en'}}},\ + 'phoneNumber': {'display': {{'name': 'Phone Number','locale': 'en'}}},\ + 'knowsLanguage': {'display': {{'name': 'Knows Language','locale': 'en'}}},\ + 'works': {'display': {{'name': 'Employment Type','locale': 'en'}}},\ + 'farmingType': {'display': {{'name': 'Farming Type','locale': 'en'}}},\ + 'landArea': {'display': {{'name': 'Land Area','locale': 'en'}}},\ + 'landOwnershipType': {'display': {{'name': 'Land Ownership Type','locale': 'en'}}},\ + 'primaryCropType': {'display': {{'name': 'Primary Crop Name','locale': 'en'}}},\ + 'secondaryCropType': {'display': {{'name': 'Secondary Crop type','locale': 'en'}}}\ + }},\ + 'display': {{'name': 'Farmer Profile Verifiable Credential', \ + 'locale': 'en', \ + 'logo': {'url': 'https://sunbird.org/images/sunbird-logo-new.png','alt_text': 'a square logo of a Sunbird'},\ + 'background_color': '#FDFAF9',\ + 'background_image': { 'uri': 'https://sunbird.org/images/sunbird-logo-new.png' }, \ + 'text_color': '#7C4616'}}}}}} \ No newline at end of file diff --git a/docker-compose/docker-compose-injistack/config/credential-template.html b/docker-compose/docker-compose-injistack/config/credential-template.html new file mode 100644 index 00000000..4607e5b0 --- /dev/null +++ b/docker-compose/docker-compose-injistack/config/credential-template.html @@ -0,0 +1,39 @@ + + +
+ +