From 832b85dad50acf1abcd5ec5206cb2469396c660c Mon Sep 17 00:00:00 2001 From: KiruthikaJeyashankar Date: Wed, 9 Oct 2024 09:16:33 +0530 Subject: [PATCH] [INJIMOB-1588] add mso_mdoc vc format support (#90) * [INJIMOB-1588] add mdoc builder Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] connecting to local redis servier cache other changes: Validating of credential request based on VC format (Not fully developed) Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] expose separate endpoint for mso_mdoc VC Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] validate credential request body based on VC format Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] add required properties for mock crypto needs Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] remove unused declared dependency Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] remove separate credential endpoint for mso_mdoc VC Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] revert application-local properties Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] add credential type for mso_mdoc vc in issuerMetadata Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] fix build failure on mismatching mock-certify version Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] remove debug statement & mock-certify plugin Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] modify to have scope check for any vc formats Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] add issuer and ca cryto details to config property Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] revert IDE format changes Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] update dummy secrets in application-local property Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] update certify version to 0.10.0-SNAPSHOT Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] revert modifying InsuranceCredential and add req config new other changes: To avoid the SpEL expression is too long issue, vd11 support has been removed from application-local.properties temporarily Signed-off-by: KiruthikaJeyashankar * [INJIMOB-1588] add DL issuerMetadata config in docker-compose mock config Signed-off-by: KiruthikaJeyashankar --------- Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> Signed-off-by: KiruthikaJeyashankar --- certify-core/pom.xml | 2 +- .../certify/core/constants/VCFormats.java | 12 +++ .../certify/core/dto/CredentialRequest.java | 7 +- .../CredentialRequestValidator.java | 8 ++ .../CredentialRequestValidatorFactory.java | 15 ++++ .../LdpVcCredentialRequestValidator.java | 10 +++ .../MsoMdocCredentialRequestValidator.java | 15 ++++ certify-integration-api/pom.xml | 2 +- .../mosip/certify/api/dto/VCRequestDto.java | 3 +- certify-service/pom.xml | 2 +- .../controller/VCIssuanceController.java | 1 + .../services/VCIssuanceServiceImpl.java | 36 ++++++-- .../resources/application-local.properties | 90 ++++++------------- db_scripts/mosip_certify/deploy.sh | 0 .../config/certify-mock-identity.properties | 23 ++++- 15 files changed, 146 insertions(+), 80 deletions(-) create mode 100644 certify-core/src/main/java/io/mosip/certify/core/constants/VCFormats.java create mode 100644 certify-core/src/main/java/io/mosip/certify/core/validators/CredentialRequestValidator.java create mode 100644 certify-core/src/main/java/io/mosip/certify/core/validators/CredentialRequestValidatorFactory.java create mode 100644 certify-core/src/main/java/io/mosip/certify/core/validators/LdpVcCredentialRequestValidator.java create mode 100644 certify-core/src/main/java/io/mosip/certify/core/validators/MsoMdocCredentialRequestValidator.java mode change 100644 => 100755 db_scripts/mosip_certify/deploy.sh diff --git a/certify-core/pom.xml b/certify-core/pom.xml index 93a6c4fb..942ecdcd 100644 --- a/certify-core/pom.xml +++ b/certify-core/pom.xml @@ -54,4 +54,4 @@ spring-boot-starter-cache - + \ No newline at end of file diff --git a/certify-core/src/main/java/io/mosip/certify/core/constants/VCFormats.java b/certify-core/src/main/java/io/mosip/certify/core/constants/VCFormats.java new file mode 100644 index 00000000..af52961d --- /dev/null +++ b/certify-core/src/main/java/io/mosip/certify/core/constants/VCFormats.java @@ -0,0 +1,12 @@ +/* + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at https://mozilla.org/MPL/2.0/. + */ +package io.mosip.certify.core.constants; + +public class VCFormats { + + public static final String MSO_MDOC = "mso_mdoc"; + public static final String LDP_VC = "ldp_vc"; +} diff --git a/certify-core/src/main/java/io/mosip/certify/core/dto/CredentialRequest.java b/certify-core/src/main/java/io/mosip/certify/core/dto/CredentialRequest.java index 73986e97..07cafdb0 100644 --- a/certify-core/src/main/java/io/mosip/certify/core/dto/CredentialRequest.java +++ b/certify-core/src/main/java/io/mosip/certify/core/dto/CredentialRequest.java @@ -12,6 +12,8 @@ import jakarta.validation.constraints.NotBlank; import jakarta.validation.constraints.NotNull; +import java.util.Map; + @Data public class CredentialRequest { @@ -40,6 +42,9 @@ public class CredentialRequest { * in the subsequent Credential Request. */ @Valid - @NotNull(message = ErrorConstants.INVALID_REQUEST) private CredentialDefinition credential_definition; + + private String doctype; + + private Map claims; } diff --git a/certify-core/src/main/java/io/mosip/certify/core/validators/CredentialRequestValidator.java b/certify-core/src/main/java/io/mosip/certify/core/validators/CredentialRequestValidator.java new file mode 100644 index 00000000..48911fdb --- /dev/null +++ b/certify-core/src/main/java/io/mosip/certify/core/validators/CredentialRequestValidator.java @@ -0,0 +1,8 @@ +package io.mosip.certify.core.validators; + +import io.mosip.certify.core.constants.VCFormats; +import io.mosip.certify.core.dto.CredentialRequest; + +public interface CredentialRequestValidator { + boolean isValidCheck(CredentialRequest credentialRequest); +} diff --git a/certify-core/src/main/java/io/mosip/certify/core/validators/CredentialRequestValidatorFactory.java b/certify-core/src/main/java/io/mosip/certify/core/validators/CredentialRequestValidatorFactory.java new file mode 100644 index 00000000..a9dce6e2 --- /dev/null +++ b/certify-core/src/main/java/io/mosip/certify/core/validators/CredentialRequestValidatorFactory.java @@ -0,0 +1,15 @@ +package io.mosip.certify.core.validators; + +import io.mosip.certify.core.constants.VCFormats; +import io.mosip.certify.core.dto.CredentialRequest; + +public class CredentialRequestValidatorFactory { + public boolean isValid(CredentialRequest credentialRequest) { + if (credentialRequest.getFormat().equals(VCFormats.LDP_VC)) { + return new LdpVcCredentialRequestValidator().isValidCheck(credentialRequest); + } else if (credentialRequest.getFormat().equals(VCFormats.MSO_MDOC)) { + return new MsoMdocCredentialRequestValidator().isValidCheck(credentialRequest); + } + return false; + } +} diff --git a/certify-core/src/main/java/io/mosip/certify/core/validators/LdpVcCredentialRequestValidator.java b/certify-core/src/main/java/io/mosip/certify/core/validators/LdpVcCredentialRequestValidator.java new file mode 100644 index 00000000..ac7a747a --- /dev/null +++ b/certify-core/src/main/java/io/mosip/certify/core/validators/LdpVcCredentialRequestValidator.java @@ -0,0 +1,10 @@ +package io.mosip.certify.core.validators; + +import io.mosip.certify.core.dto.CredentialRequest; + +public class LdpVcCredentialRequestValidator implements CredentialRequestValidator { + @Override + public boolean isValidCheck(CredentialRequest credentialRequest) { + return credentialRequest.getCredential_definition() != null; + } +} diff --git a/certify-core/src/main/java/io/mosip/certify/core/validators/MsoMdocCredentialRequestValidator.java b/certify-core/src/main/java/io/mosip/certify/core/validators/MsoMdocCredentialRequestValidator.java new file mode 100644 index 00000000..a8aca48e --- /dev/null +++ b/certify-core/src/main/java/io/mosip/certify/core/validators/MsoMdocCredentialRequestValidator.java @@ -0,0 +1,15 @@ +package io.mosip.certify.core.validators; + +import io.mosip.certify.core.dto.CredentialRequest; + +public class MsoMdocCredentialRequestValidator implements CredentialRequestValidator { + @Override + public boolean isValidCheck(CredentialRequest credentialRequest) { + if (credentialRequest.getDoctype() == null || credentialRequest.getDoctype().isBlank()) { + return false; + } + if (credentialRequest.getClaims() == null || credentialRequest.getClaims().isEmpty()) + return false; + return true; + } +} diff --git a/certify-integration-api/pom.xml b/certify-integration-api/pom.xml index ff6fcbde..e11a2717 100644 --- a/certify-integration-api/pom.xml +++ b/certify-integration-api/pom.xml @@ -24,4 +24,4 @@ - + \ No newline at end of file diff --git a/certify-integration-api/src/main/java/io/mosip/certify/api/dto/VCRequestDto.java b/certify-integration-api/src/main/java/io/mosip/certify/api/dto/VCRequestDto.java index ae9b11b5..f06d50e3 100644 --- a/certify-integration-api/src/main/java/io/mosip/certify/api/dto/VCRequestDto.java +++ b/certify-integration-api/src/main/java/io/mosip/certify/api/dto/VCRequestDto.java @@ -12,9 +12,10 @@ @Data public class VCRequestDto { - private List context; //holds @context values private List type; private String format; private Map credentialSubject; + private String doctype; + private Map claims; } diff --git a/certify-service/pom.xml b/certify-service/pom.xml index 0314ef45..f535c5c6 100644 --- a/certify-service/pom.xml +++ b/certify-service/pom.xml @@ -90,4 +90,4 @@ - + \ No newline at end of file diff --git a/certify-service/src/main/java/io/mosip/certify/controller/VCIssuanceController.java b/certify-service/src/main/java/io/mosip/certify/controller/VCIssuanceController.java index b530d87d..50185bf2 100644 --- a/certify-service/src/main/java/io/mosip/certify/controller/VCIssuanceController.java +++ b/certify-service/src/main/java/io/mosip/certify/controller/VCIssuanceController.java @@ -44,6 +44,7 @@ public CredentialResponse getCredential(@Valid @RequestBody CredentialRequest cr } + /** * 1. The credential Endpoint MUST accept Access Tokens * @param credentialRequest VC credential request diff --git a/certify-service/src/main/java/io/mosip/certify/services/VCIssuanceServiceImpl.java b/certify-service/src/main/java/io/mosip/certify/services/VCIssuanceServiceImpl.java index fb0f0189..bda09424 100644 --- a/certify-service/src/main/java/io/mosip/certify/services/VCIssuanceServiceImpl.java +++ b/certify-service/src/main/java/io/mosip/certify/services/VCIssuanceServiceImpl.java @@ -14,6 +14,7 @@ import io.mosip.certify.api.spi.VCIssuancePlugin; import io.mosip.certify.api.util.Action; import io.mosip.certify.api.util.ActionStatus; +import io.mosip.certify.core.constants.VCFormats; import io.mosip.certify.core.dto.CredentialMetadata; import io.mosip.certify.core.dto.CredentialRequest; import io.mosip.certify.core.dto.CredentialResponse; @@ -27,6 +28,7 @@ import io.mosip.certify.core.spi.VCIssuanceService; import io.mosip.certify.core.util.AuditHelper; import io.mosip.certify.core.util.SecurityHelperService; +import io.mosip.certify.core.validators.CredentialRequestValidatorFactory; import io.mosip.certify.exception.InvalidNonceException; import io.mosip.certify.proof.ProofValidator; import io.mosip.certify.proof.ProofValidatorFactory; @@ -75,13 +77,18 @@ public class VCIssuanceServiceImpl implements VCIssuanceService { @Override public CredentialResponse getCredential(CredentialRequest credentialRequest) { + boolean isValidCredentialRequest = new CredentialRequestValidatorFactory().isValid(credentialRequest); + if(!isValidCredentialRequest) { + throw new InvalidRequestException(ErrorConstants.INVALID_REQUEST); + } + if(!parsedAccessToken.isActive()) throw new NotAuthenticatedException(); String scopeClaim = (String) parsedAccessToken.getClaims().getOrDefault("scope", ""); CredentialMetadata credentialMetadata = null; for(String scope : scopeClaim.split(Constants.SPACE)) { - Optional result = getScopeCredentialMapping(scope); + Optional result = getScopeCredentialMapping(scope, credentialRequest.getFormat()); if(result.isPresent()) { credentialMetadata = result.get(); //considering only first credential scope break; @@ -120,14 +127,15 @@ private VCResult getVerifiableCredential(CredentialRequest credentialRequest, parsedAccessToken.getClaims().put("accessTokenHash", parsedAccessToken.getAccessTokenHash()); VCRequestDto vcRequestDto = new VCRequestDto(); vcRequestDto.setFormat(credentialRequest.getFormat()); - vcRequestDto.setContext(credentialRequest.getCredential_definition().getContext()); - vcRequestDto.setType(credentialRequest.getCredential_definition().getType()); - vcRequestDto.setCredentialSubject(credentialRequest.getCredential_definition().getCredentialSubject()); + VCResult vcResult = null; try { switch (credentialRequest.getFormat()) { case "ldp_vc" : + vcRequestDto.setContext(credentialRequest.getCredential_definition().getContext()); + vcRequestDto.setType(credentialRequest.getCredential_definition().getType()); + vcRequestDto.setCredentialSubject(credentialRequest.getCredential_definition().getCredentialSubject()); validateLdpVcFormatRequest(credentialRequest, credentialMetadata); vcResult = vcIssuancePlugin.getVerifiableCredentialWithLinkedDataProof(vcRequestDto, holderId, parsedAccessToken.getClaims()); @@ -136,6 +144,15 @@ private VCResult getVerifiableCredential(CredentialRequest credentialRequest, // jwt_vc_json & jwt_vc_json-ld cases are merged case "jwt_vc_json-ld" : case "jwt_vc_json" : + vcRequestDto.setContext(credentialRequest.getCredential_definition().getContext()); + vcRequestDto.setType(credentialRequest.getCredential_definition().getType()); + vcRequestDto.setCredentialSubject(credentialRequest.getCredential_definition().getCredentialSubject()); + vcResult = vcIssuancePlugin.getVerifiableCredential(vcRequestDto, holderId, + parsedAccessToken.getClaims()); + break; + case VCFormats.MSO_MDOC : + vcRequestDto.setClaims(credentialRequest.getClaims()); + vcRequestDto.setDoctype( credentialRequest.getDoctype()); vcResult = vcIssuancePlugin.getVerifiableCredential(vcRequestDto, holderId, parsedAccessToken.getClaims()); break; @@ -164,6 +181,7 @@ private CredentialResponse getCredentialResponse(String format, VCResult v case "jwt_vc_json-ld": case "jwt_vc_json": + case VCFormats.MSO_MDOC : CredentialResponse jsonResponse = new CredentialResponse<>(); jsonResponse.setCredential((String)vcResult.getCredential()); return jsonResponse; @@ -171,7 +189,7 @@ private CredentialResponse getCredentialResponse(String format, VCResult v throw new CertifyException(ErrorConstants.UNSUPPORTED_VC_FORMAT); } - private Optional getScopeCredentialMapping(String scope) { + private Optional getScopeCredentialMapping(String scope, String format) { Map vciMetadata = getCredentialIssuerMetadata("latest"); LinkedHashMap supportedCredentials = (LinkedHashMap) vciMetadata.get("credential_configurations_supported"); Optional> result = supportedCredentials.entrySet().stream() @@ -183,15 +201,17 @@ private Optional getScopeCredentialMapping(String scope) { credentialMetadata.setFormat((String) metadata.get("format")); credentialMetadata.setScope((String) metadata.get("scope")); credentialMetadata.setId(result.get().getKey()); - LinkedHashMap credentialDefinition = (LinkedHashMap) metadata.get("credential_definition"); - credentialMetadata.setTypes((List) credentialDefinition.get("type")); + if(format.equals(VCFormats.LDP_VC)){ + LinkedHashMap credentialDefinition = (LinkedHashMap) metadata.get("credential_definition"); + credentialMetadata.setTypes((List) credentialDefinition.get("type")); + } return Optional.of(credentialMetadata); } return Optional.empty(); } private void validateLdpVcFormatRequest(CredentialRequest credentialRequest, - CredentialMetadata credentialMetadata) { + CredentialMetadata credentialMetadata) { if(!credentialRequest.getCredential_definition().getType().containsAll(credentialMetadata.getTypes())) throw new InvalidRequestException(ErrorConstants.UNSUPPORTED_VC_TYPE); diff --git a/certify-service/src/main/resources/application-local.properties b/certify-service/src/main/resources/application-local.properties index ac547ae6..9c1d25f4 100644 --- a/certify-service/src/main/resources/application-local.properties +++ b/certify-service/src/main/resources/application-local.properties @@ -19,7 +19,7 @@ mosip.certify.authorization.url=http://localhost:8088 mosip.certify.discovery.issuer-id=${mosip.certify.domain.url}${server.servlet.path} ##--------------change this later--------------------------------- -mosip.certify.supported.jwt-proof-alg={'RS256','PS256'} +mosip.certify.supported.jwt-proof-alg={'RS256','PS256','ES256'} ## ---------------------------------------------- VCI ------------------------------------------------------------------ ##----- These are properties for any oauth resource server providing jwk------------### @@ -29,68 +29,6 @@ mosip.certify.authn.issuer-uri=http://localhost:8088/v1/esignet mosip.certify.authn.jwk-set-uri=http://localhost:8088/v1/esignet/oauth/.well-known/jwks.json mosip.certify.authn.allowed-audiences={ '${mosip.certify.domain.url}${server.servlet.path}/issuance/credential', 'http://localhost:8088/v1/esignet/vci/credential' } mosip.certify.key-values={\ - 'vd11' : {\ - 'credential_issuer': '${mosip.certify.identifier}', \ - 'authorization_server': '${mosip.certify.authorization.url}', \ - 'credential_endpoint': '${mosip.certify.domain.url}${server.servlet.path}/issuance/vd11/credential', \ - 'display': {{'name': 'Insurance', 'locale': 'en'}},\ - 'credentials_supported': {{\ - 'format': 'ldp_vc',\ - 'id': 'InsuranceCredential', \ - 'scope' : 'sunbird_rc_insurance_vc_ldp',\ - 'cryptographic_binding_methods_supported': {'did:jwk'},\ - 'cryptographic_suites_supported': {'Ed25519Signature2020'},\ - 'proof_types_supported': {'jwt'},\ - 'credential_definition': {\ - 'type': {'VerifiableCredential','InsuranceCredential'},\ - 'credentialSubject': {\ - 'fullName': {'display': {{'name': 'Name','locale': 'en'}}}, \ - 'mobile': {'display': {{'name': 'Phone Number','locale': 'en'}}},\ - 'dob': {'display': {{'name': 'Date of Birth','locale': 'en'}}},\ - 'gender': {'display': {{'name': 'Gender','locale': 'en'}}},\ - 'benefits': {'display': {{'name': 'Benefits','locale': 'en'}}},\ - 'email': {'display': {{'name': 'Email Id','locale': 'en'}}},\ - 'policyIssuedOn': {'display': {{'name': 'Policy Issued On','locale': 'en'}}},\ - 'policyExpiresOn': {'display': {{'name': 'Policy Expires On','locale': 'en'}}},\ - 'policyName': {'display': {{'name': 'Policy Name','locale': 'en'}}},\ - 'policyNumber': {'display': {{'name': 'Policy Number','locale': 'en'}}}\ - }},\ - 'display': {{'name': 'Sunbird RC Insurance Verifiable Credential', \ - 'locale': 'en', \ - 'logo': {'url': 'https://sunbird.org/images/sunbird-logo-new.png', 'alt_text': 'a square logo of a Sunbird'},\ - 'background_color': '#FDFAF9',\ - 'text_color': '#7C4616'}},\ - 'order' : {'fullName','policyName','policyExpiresOn','policyIssuedOn','policyNumber','mobile','dob','gender','benefits','email'}\ - },\ - {\ - 'format': 'ldp_vc',\ - 'id': 'LifeInsuranceCredential', \ - 'scope' : 'life_insurance_vc_ldp',\ - 'cryptographic_binding_methods_supported': {'did:jwk'},\ - 'cryptographic_suites_supported': {'Ed25519Signature2020'},\ - 'proof_types_supported': {'jwt'},\ - 'credential_definition': {\ - 'type': {'VerifiableCredential', 'LifeInsuranceCredential'},\ - 'credentialSubject': {\ - 'fullName': {'display': {{'name': 'Name','locale': 'en'}}}, \ - 'mobile': {'display': {{'name': 'Phone Number','locale': 'en'}}},\ - 'dob': {'display': {{'name': 'Date of Birth','locale': 'en'}}},\ - 'gender': {'display': {{'name': 'Gender','locale': 'en'}}},\ - 'benefits': {'display': {{'name': 'Benefits','locale': 'en'}}},\ - 'email': {'display': {{'name': 'Email Id','locale': 'en'}}},\ - 'policyIssuedOn': {'display': {{'name': 'Policy Issued On','locale': 'en'}}},\ - 'policyExpiresOn': {'display': {{'name': 'Policy Expires On','locale': 'en'}}},\ - 'policyName': {'display': {{'name': 'Policy Name','locale': 'en'}}},\ - 'policyNumber': {'display': {{'name': 'Policy Number','locale': 'en'}}}\ - }},\ - 'display': {{'name': 'Life Insurance Verifiable Credential', \ - 'locale': 'en', \ - 'logo': {'url': 'https://sunbird.org/images/sunbird-logo-new.png','alt_text': 'a square logo of a Sunbird'},\ - 'background_color': '#FDFAF9',\ - 'text_color': '#7C4616'}},\ - 'order' : {'fullName','policyName','policyExpiresOn','policyIssuedOn','policyNumber','mobile','dob','gender','benefits','email'}\ - }}\ - },\ 'vd12' : {\ 'credential_issuer': '${mosip.certify.identifier}', \ 'authorization_servers': {'${mosip.certify.authorization.url}'}, \ @@ -213,6 +151,23 @@ mosip.certify.key-values={\ 'background_color': '#FDFAF9',\ 'text_color': '#7C4616'}},\ 'order' : {'fullName','policyName','policyExpiresOn','policyIssuedOn','policyNumber','mobile','dob','gender','benefits','email'}\ + },\ + "DrivingLicenseCredential":{\ + 'format': 'mso_mdoc',\ + 'doctype': 'org.iso.18013.5.1.mDL',\ + 'scope' : 'sample_vc_mdoc',\ + 'cryptographic_binding_methods_supported': {'cose_key'},\ + 'credential_signing_alg_values_supported': {'ES256'},\ + 'proof_types_supported': {'jwt': {'proof_signing_alg_values_supported': {'ES256'}}},\ + 'claims': {\ + 'org.iso.18013.5.1': {'given_name': {'display': {{'name': 'Given Name','locale': 'en'}}},'family_name': {'display': {{'name': 'Family Name','locale': 'en'}}},'issue_date': {'display': {{'name': 'Issue Date','locale': 'en'}}},'expiry_date': {'display': {{'name': 'Expiry Date','locale': 'en'}}},'birth_date': {'display': {{'name': 'Birth Date','locale': 'en'}}},'issuing_country': {'display': {{'name': 'Issuing Country','locale': 'en'}}},'document_number': {'display': {{'name': 'Document Number','locale': 'en'}}}}},\ + 'display': {{'name': 'Mobile Driving License Verifiable Credential', \ + 'locale': 'en', \ + 'background_image': { 'uri': 'https://sunbird.org/images/sunbird-logo-new.png' }, \ + 'logo': {'url': 'https://sunbird.org/images/sunbird-logo-new.png','alt_text': 'a square logo of a Sunbird Mobile Driving License'},\ + 'background_color': '#FDFAF9',\ + 'text_color': '#7C4616'}},\ + 'order' : {'org.iso.18013.5.1~family_name','org.iso.18013.5.1~given_name','org.iso.18013.5.1~document_number','org.iso.18013.5.1~issuing_country','org.iso.18013.5.1~issue_date','org.iso.18013.5.1~expiry_date','org.iso.18013.5.1~birth_date'}\ }}\ }\ } @@ -242,7 +197,12 @@ mosip.certify.integration.scan-base-package=io.mosip.certify.mock.integration mosip.certify.integration.audit-plugin=LoggerAuditService mosip.certify.integration.vci-plugin=MockVCIssuancePlugin mosip.certify.mock.vciplugin.verification-method=${mosip.certify.authn.jwk-set-uri} -mosip.certify.mock.authenticator.get-identity-url=http://localhost:8082/v1/mock-identity-system/identity +mosip.certify.mock.authenticator.get-identity-url="http://localhost:8082/v1/mock-identity-system/identity" +#TODO: get the secret for key-cert onboarded for local test +mosip.certify.mock.vciplugin.issuer.key-cert="dummy-issuer-cert" +mosip.certify.mock.vciplugin.ca.key-cert="dummy-ca-cert" + + ## ---------------------------------------- Cache configuration -------------------------------------------------------- mosip.certify.cache.secure.individual-id=true @@ -256,12 +216,12 @@ mosip.certify.cache.security.algorithm-name=AES/ECB/PKCS5Padding #spring.data.redis.password=redis spring.cache.type=simple +mosip.certify.cache.names=userinfo,vcissuance spring.cache.cache-names=${mosip.certify.cache.names} management.health.redis.enabled=false mosip.certify.access-token-expire-seconds=86400 -mosip.certify.cache.names=userinfo,vcissuance # Cache size setup is applicable only for 'simple' cache type. # Cache size configuration will not be considered with 'Redis' cache type mosip.certify.cache.size={'userinfo': 200, 'vcissuance' : 2000 } diff --git a/db_scripts/mosip_certify/deploy.sh b/db_scripts/mosip_certify/deploy.sh old mode 100644 new mode 100755 diff --git a/docker-compose/docker-compose-certify/config/certify-mock-identity.properties b/docker-compose/docker-compose-certify/config/certify-mock-identity.properties index a8436df3..a85029fa 100644 --- a/docker-compose/docker-compose-certify/config/certify-mock-identity.properties +++ b/docker-compose/docker-compose-certify/config/certify-mock-identity.properties @@ -9,7 +9,9 @@ mosip.certify.mock.authenticator.get-identity-url=http://mock-identity-system:80 mosip.certify.cache.security.algorithm-name=AES/ECB/PKCS5Padding mosip.certify.cache.secure.individual-id=false mosip.certify.cache.store.individual-id=true - +# TODO: Onboard secrets for local build +mosip.certify.mock.vciplugin.issuer.key-cert=dummy +mosip.certify.mock.vciplugin.ca.key-cert=dummy mosip.certify.key-values={\ 'vd11' : { \ 'credential_issuer': '${mosip.certify.identifier}', \ @@ -113,7 +115,24 @@ mosip.certify.key-values={\ 'background_image': { 'uri': 'https://${mosipbox.public.url}/inji/mosip-logo.png' }, \ 'text_color': '#FFFFFF'}},\ 'order' : {'fullName','phone','dateOfBirth','gender','email','region','province','UIN', 'VID', 'postalCode'}\ - }\ + },\ + "DrivingLicenseCredential":{\ + 'format': 'mso_mdoc',\ + 'doctype': 'org.iso.18013.5.1.mDL',\ + 'scope' : 'sample_vc_mdoc',\ + 'cryptographic_binding_methods_supported': {'cose_key'},\ + 'credential_signing_alg_values_supported': {'ES256'},\ + 'proof_types_supported': {'jwt': {'proof_signing_alg_values_supported': {'ES256'}}},\ + 'claims': {\ + 'org.iso.18013.5.1': {'given_name': {'display': {{'name': 'Given Name','locale': 'en'}}},'family_name': {'display': {{'name': 'Family Name','locale': 'en'}}},'issue_date': {'display': {{'name': 'Issue Date','locale': 'en'}}},'expiry_date': {'display': {{'name': 'Expiry Date','locale': 'en'}}},'birth_date': {'display': {{'name': 'Birth Date','locale': 'en'}}},'issuing_country': {'display': {{'name': 'Issuing Country','locale': 'en'}}},'document_number': {'display': {{'name': 'Document Number','locale': 'en'}}}}},\ + 'display': {{'name': 'Mobile Driving License Verifiable Credential', \ + 'locale': 'en', \ + 'background_image': { 'uri': 'https://sunbird.org/images/sunbird-logo-new.png' }, \ + 'logo': {'url': 'https://sunbird.org/images/sunbird-logo-new.png','alt_text': 'a square logo of a Sunbird Mobile Driving License'},\ + 'background_color': '#FDFAF9',\ + 'text_color': '#7C4616'}},\ + 'order' : {'org.iso.18013.5.1~family_name','org.iso.18013.5.1~given_name','org.iso.18013.5.1~document_number','org.iso.18013.5.1~issuing_country','org.iso.18013.5.1~issue_date','org.iso.18013.5.1~expiry_date','org.iso.18013.5.1~birth_date'}\ + }\ }\ }\ } \ No newline at end of file