diff --git a/docs/postman-collections/inji-certify-with-mock-mdoc-vci.postman_collection.json b/docs/postman-collections/inji-certify-with-mock-mdoc-vci.postman_collection.json new file mode 100644 index 00000000..d6b204ee --- /dev/null +++ b/docs/postman-collections/inji-certify-with-mock-mdoc-vci.postman_collection.json @@ -0,0 +1,659 @@ +{ + "info": { + "_postman_id": "c5f84837-c122-44b4-ae04-982be55d58f3", + "name": "Inji Certify Mock MDL VCI", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", + "_exporter_id": "29153193" + }, + "item": [ + { + "name": "VCI", + "item": [ + { + "name": "Get CSRF token", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var token = pm.cookies.get(\"XSRF-TOKEN\")", + "pm.environment.set(\"csrf_token\", token);" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "GET", + "header": [], + "body": { + "mode": "raw", + "raw": "", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{url}}/csrf/token", + "host": [ + "{{url}}" + ], + "path": [ + "csrf", + "token" + ] + } + }, + "response": [] + }, + { + "name": "Authorize / OAuthdetails request V2", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var btoa = require('btoa');", + "", + "var token = pm.cookies.get(\"XSRF-TOKEN\")", + "pm.environment.set(\"csrf_token\", token);", + "", + "pm.test(\"Validate transactionId\", function () {", + " var jsonData = pm.response.json();", + " pm.expect(jsonData.response.transactionId).not.equals(null);", + " pm.environment.set(\"transaction_id\", jsonData.response.transactionId);", + "});", + "", + "pm.test(\"Validate auth factors\", function () {", + " var jsonData = pm.response.json();", + " pm.expect(jsonData.response.authFactors[0].name).to.eql(pm.environment.get(\"expected_amr\"));", + "});", + "", + "pm.test(\"set oauth-details-hash\", function () {", + " var jsonData = pm.response.json();", + " var sha256Hash = CryptoJS.SHA256(JSON.stringify(jsonData.response));", + " var base64Encoded = sha256Hash.toString(CryptoJS.enc.Base64);", + " // Remove padding characters", + " base64Encoded = base64Encoded.replace(/=+$/, '');", + " // Replace '+' with '-' and '/' with '_' to convert to base64 URL encoding", + " base64Encoded = base64Encoded.replace(/\\+/g, '-').replace(/\\//g, '_');", + " console.log(\"base64Encoded : \" + base64Encoded);", + " pm.environment.set(\"oauth_details_key\", jsonData.response.transactionId);", + " pm.environment.set(\"oauth_details_hash\", base64Encoded);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "eval(pm.globals.get('pmlib_code'))", + "", + "const pkce = pmlib.pkceChallenge();", + "pm.collectionVariables.set(\"codeChallenge\",pkce.code_challenge);", + "pm.collectionVariables.set(\"codeChallengeMethod\",pkce.code_challenge_method);", + "pm.collectionVariables.set(\"codeVerifier\",pkce.code_verifier);" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "X-XSRF-TOKEN", + "value": "{{csrf_token}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"requestTime\": \"{{$isoTimestamp}}\",\n \"request\": {\n \"clientId\": \"{{clientId}}\",\n \"scope\": \"sample_vc_mdoc\",\n \"responseType\": \"code\",\n \"redirectUri\": \"{{redirectionUrl}}\",\n \"display\": \"popup\",\n \"prompt\": \"login\",\n \"acrValues\": \"mosip:idp:acr:generated-code\",\n \"nonce\" : \"{{nonce}}\",\n \"state\" : \"{{state}}\",\n \"claimsLocales\" : \"en\",\n \"codeChallenge\" : \"{{codeChallenge}}\",\n \"codeChallengeMethod\" : \"{{codeChallengeMethod}}\"\n }\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{url}}/authorization/v2/oauth-details", + "host": [ + "{{url}}" + ], + "path": [ + "authorization", + "v2", + "oauth-details" + ] + } + }, + "response": [] + }, + { + "name": "Send OTP", + "request": { + "method": "POST", + "header": [ + { + "key": "X-XSRF-TOKEN", + "value": "{{csrf_token}}", + "type": "text" + }, + { + "key": "oauth-details-key", + "value": "{{oauth_details_key}}", + "type": "text" + }, + { + "key": "oauth-details-hash", + "value": "{{oauth_details_hash}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"requestTime\": \"{{$isoTimestamp}}\",\n \"request\": {\n \"transactionId\": \"{{transaction_id}}\",\n \"individualId\": \"{{individual_id}}\",\n \"otpChannels\" : [\"email\", \"phone\"],\n \"captchaToken\" : \"dummy\"\n }\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{url}}/authorization/send-otp", + "host": [ + "{{url}}" + ], + "path": [ + "authorization", + "send-otp" + ] + } + }, + "response": [] + }, + { + "name": "Authenticate User", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var token = pm.cookies.get(\"XSRF-TOKEN\")", + "pm.environment.set(\"csrf_token\", token);" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "X-XSRF-TOKEN", + "value": "{{csrf_token}}", + "type": "text" + }, + { + "key": "oauth-details-key", + "value": "{{oauth_details_key}}", + "type": "text" + }, + { + "key": "oauth-details-hash", + "value": "{{oauth_details_hash}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"requestTime\": \"{{$isoTimestamp}}\",\n \"request\": {\n \"transactionId\": \"{{transaction_id}}\",\n \"individualId\": \"{{individual_id}}\",\n \"challengeList\" : [\n {\n \"authFactorType\" : \"OTP\",\n \"challenge\" : \"111111\",\n \"format\" : \"alpha-numeric\"\n }\n ]\n }\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{url}}/authorization/v3/authenticate", + "host": [ + "{{url}}" + ], + "path": [ + "authorization", + "v3", + "authenticate" + ] + } + }, + "response": [] + }, + { + "name": "Authorization Code", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var token = pm.cookies.get(\"XSRF-TOKEN\")", + "pm.environment.set(\"csrf_token\", token);", + "", + "pm.test(\"Validate code\", function () {", + " var jsonData = pm.response.json();", + " pm.expect(jsonData.response.code).not.equals(null);", + " pm.collectionVariables.set(\"code\", jsonData.response.code);", + "});" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [ + { + "key": "X-XSRF-TOKEN", + "value": "{{csrf_token}}", + "type": "text" + }, + { + "key": "oauth-details-key", + "value": "{{oauth_details_key}}", + "type": "text" + }, + { + "key": "oauth-details-hash", + "value": "{{oauth_details_hash}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"requestTime\": \"{{$isoTimestamp}}\",\n \"request\": {\n \"transactionId\": \"{{transaction_id}}\",\n \"acceptedClaims\": [],\n \"permittedAuthorizeScopes\" : []\n }\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{url}}/authorization/auth-code", + "host": [ + "{{url}}" + ], + "path": [ + "authorization", + "auth-code" + ] + } + }, + "response": [] + }, + { + "name": "Get Tokens V2", + "event": [ + { + "listen": "prerequest", + "script": { + "exec": [ + "eval(pm.globals.get('pmlib_code'))", + "", + "// Set headers for JWT", + "var header = {\t", + "\t\"alg\": \"RS256\"", + "};", + "", + "", + "//sign token", + "//Note: Key pair is generated in \"Create OIDC client\" pre-requests script", + "//generated private and public keys are stored in the postman environment ", + "console.log(\"::::\", pm.environment.get(\"privateKey_jwk\"))", + "const signed_jwt = pmlib.clientAssertPrivateKey(JSON.parse(pm.environment.get(\"privateKey_jwk\")), pm.environment.get('clientId'), pm.environment.get('aud'), exp = 60, \"RS256\");", + "", + "console.log(\"signed_jwt \",signed_jwt)", + "pm.collectionVariables.set(\"client_assertion\",signed_jwt);", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Validate Id-token\", function () {", + " var jsonData = pm.response.json();", + " pm.expect(jsonData.id_token).not.equals(null);", + "});", + "", + "pm.test(\"Validate access-token\", function () {", + " var jsonData = pm.response.json();", + " pm.expect(jsonData.access_token).not.equals(null);", + " pm.environment.set(\"access_token\", jsonData.access_token);", + " console.log(\"jsonData.access_token \",jsonData.access_token)", + "", + " var jwt_parts = pm.environment.get('access_token').split('.'); // header.payload.signature", + " var jwt_payload = JSON.parse(atob(jwt_parts[1]));", + " pm.environment.set(\"c_nonce\", jwt_payload.c_nonce);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "urlencoded", + "urlencoded": [ + { + "key": "code", + "value": "{{code}}", + "type": "text" + }, + { + "key": "client_id", + "value": "{{clientId}}", + "type": "text" + }, + { + "key": "redirect_uri", + "value": "{{redirectionUrl}}", + "type": "text" + }, + { + "key": "grant_type", + "value": "authorization_code", + "type": "text" + }, + { + "key": "client_assertion_type", + "value": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", + "type": "text" + }, + { + "key": "client_assertion", + "value": "{{client_assertion}}", + "type": "text" + }, + { + "key": "code_verifier", + "value": "{{codeVerifier}}", + "type": "text" + } + ] + }, + "url": { + "raw": "{{url}}/oauth/v2/token", + "host": [ + "{{url}}" + ], + "path": [ + "oauth", + "v2", + "token" + ] + } + }, + "response": [] + }, + { + "name": "Get Mdoc Credential", + "event": [ + { + "listen": "prerequest", + "script": { + "exec": [ + "eval(pm.globals.get('pmlib_code'))", + "keyPair = pmlib.rs.KEYUTIL.generateKeypair(\"EC\", \"secp256r1\");", + "jwkPrivateKey = pmlib.rs.KEYUTIL.getJWK(keyPair.prvKeyObj);", + "jwkPublicKey = pmlib.rs.KEYUTIL.getJWK(keyPair.pubKeyObj);", + "jwkPublicKey[\"alg\"] = \"ES256\";", + "jwkPublicKey[\"use\"] = \"sig\";", + "", + "pm.environment.set(\"holder_public_key\", JSON.stringify(jwkPublicKey))", + "pm.environment.set(\"holder_private_key\", JSON.stringify(jwkPrivateKey));", + "", + "// Set headers for JWT", + "var header = {\t", + "\t\"alg\": \"ES256\",", + " \"typ\" : \"openid4vci-proof+jwt\",", + " \"jwk\" : JSON.parse(pm.environment.get(\"holder_public_key\"))", + "};", + "", + "", + "console.log(\"Getting c_nonce >> \" + pm.environment.get('c_nonce'));", + "", + "const signed_jwt = pmlib.jwtSign(JSON.parse(pm.environment.get(\"holder_private_key\")), {", + " // \"aud\" : 'http://localhost:8090',", + " \"aud\": pm.environment.get(\"vci_aud\"),", + "\t\"nonce\": pm.environment.get('c_nonce'),", + " \"iss\" : pm.environment.get('clientId'),", + "}, header, exp=600, alg = \"ES256\")", + "", + "console.log(\"modified aud\")", + "", + "console.log(\"proof - \",signed_jwt)", + "", + "pm.collectionVariables.set(\"proof_jwt\",signed_jwt);", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Validate c_nonce\", function () {", + " var jsonData = pm.response.json();", + " if(jsonData.c_nonce != null) {", + " pm.environment.set(\"c_nonce\", jsonData.c_nonce);", + " console.log(\"setting c_nonce\");", + " } ", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{access_token}}", + "type": "string" + } + ] + }, + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"format\": \"mso_mdoc\",\n \"doctype\": \"org.iso.18013.5.1.mDL\",\n \"claims\": {\n \"org.iso.18013.5.1\": {\n \"given_name\": {},\n \"family_name\": {},\n \"birth_date\": {},\n \"driving_privileges\":{},\n \"document_number\":{},\n \"issue_date\":{},\n \"issuing_country\":{},\n \"expiry_date\":{}\n }\n },\n \"proof\": {\n \"proof_type\": \"jwt\",\n \"jwt\": \"{{proof_jwt}}\"\n }\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{ceritifyUrl}}/issuance/credential", + "host": [ + "{{ceritifyUrl}}" + ], + "path": [ + "issuance", + "credential" + ] + } + }, + "response": [] + } + ] + } + ], + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ], + "variable": [ + { + "key": "clientId", + "value": "mock-oidc-client" + }, + { + "key": "redirectionUrl", + "value": "https://mosip.io/index.php" + }, + { + "key": "relayingPartyId", + "value": "mock-relaying-party-id" + }, + { + "key": "status", + "value": "\"ACTIVE\"" + }, + { + "key": "acr_values", + "value": "level0 level1" + }, + { + "key": "scope", + "value": "openid profile" + }, + { + "key": "claims_request_param", + "value": "{\n \"userinfo\": {\n \"email\": {\n \"value\": null,\n \"values\": null,\n ..." + }, + { + "key": "nonce", + "value": "2erwER34WW" + }, + { + "key": "state", + "value": "ptOO76SD" + }, + { + "key": "expected_amr", + "value": "\"pin\"" + }, + { + "key": "transaction_id", + "value": "ece56bfa-d0c2-46ce-a5a2-8500dfb393a7" + }, + { + "key": "individual_id", + "value": "8267411571" + }, + { + "key": "auth_pin", + "value": "34789" + }, + { + "key": "url", + "value": "http://localhost:8088/v1/idp" + }, + { + "key": "url", + "value": "" + }, + { + "key": "code", + "value": "" + }, + { + "key": "client_assertion", + "value": "" + }, + { + "key": "access_token", + "value": "" + }, + { + "key": "linkTransactionId", + "value": "" + }, + { + "key": "wla_challenge", + "value": "" + }, + { + "key": "client_secret", + "value": "JfoG3eLWLW7iSZDt" + }, + { + "key": "client_secret", + "value": "" + }, + { + "key": "csrf_token", + "value": "08a17840-da3c-4b93-9ab3-83d9b297ac68" + }, + { + "key": "proof_jwt", + "value": "" + }, + { + "key": "codeChallenge", + "value": "" + }, + { + "key": "codeChallengeMethod", + "value": "" + }, + { + "key": "codeVerifier", + "value": "" + }, + { + "key": "proof_cwt", + "value": "" + } + ] +}