Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[INJICERT-657] pass keyID from CertifyIssuanceImpl #155

Merged
merged 5 commits into from
Dec 17, 2024
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ public class Constants {

public static final String UTC_DATETIME_PATTERN = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";
public static final String SPACE = " ";
public static final String APPLICATION_ID = "applicationId";
public static final String REFERENCE_ID = "referenceId";

public static final String C_NONCE = "c_nonce";
public static final String C_NONCE_EXPIRES_IN = "c_nonce_expires_in";
Expand All @@ -20,4 +22,7 @@ public class Constants {
public static final String ROOT_KEY = "ROOT";
public static final String EMPTY_REF_ID = "";
public static final String ED25519_REF_ID = "ED25519_SIGN";
public static final String TEMPLATE_NAME = "templateName";
public static final String ISSUER_URI = "issuerURI";
public static final String RENDERING_TEMPLATE = "svgTemplate";
vharsh marked this conversation as resolved.
Show resolved Hide resolved
}
Original file line number Diff line number Diff line change
Expand Up @@ -25,4 +25,5 @@ public class ErrorConstants {
public static final String UNSUPPORTED_OPENID_VERSION = "unsupported_openid4vci_version";
public static final String INVALID_TEMPLATE_ID = "template_with_id_not_found";
public static final String EMPTY_TEMPLATE_CONTENT = "empty_template_content";
public static final String EXPECTED_TEMPLATE_NOT_FOUND = "expected_template_not_found";
}
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@
@EnableAsync
@EnableCaching
@SpringBootApplication(scanBasePackages = "io.mosip.certify,"+
"io.mosip.certify.services.repository," +
"io.mosip.certify.services.entity," +
"io.mosip.certify.repository," +
"io.mosip.certify.entity," +
vharsh marked this conversation as resolved.
Show resolved Hide resolved
"io.mosip.kernel.crypto," +
"io.mosip.kernel.keymanager.hsm," +
"io.mosip.kernel.cryptomanager," +
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package io.mosip.certify.services.spi;
package io.mosip.certify.api.spi;

vharsh marked this conversation as resolved.
Show resolved Hide resolved
import io.mosip.certify.api.exception.DataProviderExchangeException;
import org.json.JSONObject;
Expand All @@ -7,7 +7,7 @@

/**
* DataProviderPlugin is implemented by VC plugin
* implementors who want to make use of the CertifyIssuer to generate the VC.
* implementors who want to make use of the Certify to generate the VC.
* Data is fetched from a Plugin implementation, templated using {@link VCFormatter}
* and then signed using {@link VCSigner}.
*/
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@
import org.springframework.web.client.RestTemplate;

@Configuration
@EnableJpaRepositories(basePackages = {"io.mosip.kernel.keymanagerservice.repository", "io.mosip.certify.services.repository"})
@EntityScan(basePackages = {"io.mosip.kernel.keymanagerservice.entity, io.mosip.certify.services.entity"})
@EnableJpaRepositories(basePackages = {"io.mosip.kernel.keymanagerservice.repository", "io.mosip.certify.repository"})
@EntityScan(basePackages = {"io.mosip.kernel.keymanagerservice.entity, io.mosip.certify.entity"})
@Slf4j
public class AppConfig implements ApplicationRunner {

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/

/* This is for temporary purpose till an API isn’t added to simplify Issuer onboarding. */

package io.mosip.certify.config;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.mosip.certify.entity.RenderingTemplate;
import io.mosip.certify.repository.RenderingTemplateRepository;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.CommandLineRunner;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import org.springframework.web.client.RestTemplate;

import java.io.IOException;
import java.nio.file.Files;
import java.time.LocalDateTime;
import java.util.*;


@Configuration
@Slf4j
public class TemplatesLoader implements CommandLineRunner {
vharsh marked this conversation as resolved.
Show resolved Hide resolved
@Autowired
RenderingTemplateRepository svgRenderTemplateRepository;

@Value("${mosip.certify.rendering-templates:}")
private String svgTemplateJson;

@Autowired
private ObjectMapper objectMapper;

@Autowired
private RestTemplate restTemplate;

@Override
public void run(String... args) throws Exception {
Long count = svgRenderTemplateRepository.count();
if (count != 0) {
return;
}
String svgTemplateContent = "";

if(svgTemplateJson.startsWith("http")) {
svgTemplateContent = restTemplate.getForObject(svgTemplateJson, String.class);
} else {
Resource resource = new ClassPathResource(svgTemplateJson);
// TODO: Verify this w.r.t local path
try {
svgTemplateContent = (Files.readString(resource.getFile().toPath()));
} catch (IOException e) {
log.error("Missing local json file for referring svg templates", e);
}
}

if(!svgTemplateContent.isEmpty()) {
try {
List <Object> svgTemplateMap = objectMapper.readValue(svgTemplateContent, List.class);
svgTemplateMap.forEach((value) -> {
RenderingTemplate svgRenderTemplate = new RenderingTemplate();
LinkedHashMap<String, Object> valueMap = (LinkedHashMap<String, Object>) value;
String id = valueMap.get("id").toString();
svgRenderTemplate.setId(id);
String templateURI = valueMap.get("content").toString();
if(templateURI.startsWith("http")) {
String templateFromUrl = restTemplate.getForObject(templateURI, String.class);
svgRenderTemplate.setTemplate(templateFromUrl);
} else {
svgRenderTemplate.setTemplate(templateURI);
}
LocalDateTime localDateTime = LocalDateTime.now();
svgRenderTemplate.setCreatedtimes(localDateTime);
svgRenderTemplate.setUpdatedtimes(localDateTime);
log.info("Template inserted in svg template table.");
svgRenderTemplateRepository.save(svgRenderTemplate);
});
} catch (JsonProcessingException e) {
log.error("Missing configuration for svg template content " + e.getMessage());
}

}
log.info("=============== CERTIFY TEMPLATE SETUP COMPLETED ===============");
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
package io.mosip.certify.controller;

import io.mosip.certify.api.dto.RenderingTemplateDTO;
import io.mosip.certify.services.entity.RenderingTemplate;
import io.mosip.certify.core.exception.RenderingTemplateException;
import io.mosip.certify.services.spi.RenderingTemplateService;
import lombok.extern.slf4j.Slf4j;
Expand All @@ -25,14 +24,14 @@

@Slf4j
@RestController
@RequestMapping("/public")
@RequestMapping("/rendering-template")
public class RenderingTemplateController {
@Value("${mosip.certify.rendering-template.cache-max-age-days:1}")
Integer maxAgeDays;
@Autowired
RenderingTemplateService renderingTemplateService;

@GetMapping("/rendering-template/{id}")
@GetMapping("/{id}")
public ResponseEntity<String> serveSvgTemplate(@PathVariable String id) throws RenderingTemplateException {
RenderingTemplateDTO template = renderingTemplateService.getSvgTemplate(id);
return ResponseEntity.ok()
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package io.mosip.certify.services.entity;
package io.mosip.certify.entity;


import jakarta.persistence.Entity;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
package io.mosip.certify.services.entity;
package io.mosip.certify.entity;

import io.mosip.certify.core.constants.ErrorConstants;
import jakarta.persistence.*;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package io.mosip.certify.services.entity;
package io.mosip.certify.entity;

import lombok.*;

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package io.mosip.certify.services.proofgenerators;
package io.mosip.certify.proofgenerators;

import com.danubetech.keyformats.jose.JWSAlgorithm;
import info.weboftrust.ldsignatures.LdProof;
Expand All @@ -13,6 +13,8 @@
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;

import java.util.Map;

/**
* Ed25519SignatureAlgorithm2018 as per https://w3c-ccg.github.io/lds-ed25519-2018/
*/
Expand All @@ -35,9 +37,11 @@ public Canonicalizer getCanonicalizer() {
}

@Override
public LdProof generateProof(LdProof vcLdProof, String vcEncodedHash) {
public LdProof generateProof(LdProof vcLdProof, String vcEncodedHash, Map<String, String> keyID) {
JWSSignatureRequestDto payload = new JWSSignatureRequestDto();
payload.setDataToSign(vcEncodedHash);
payload.setApplicationId(keyID.get(Constants.APPLICATION_ID));
payload.setReferenceId(keyID.get(Constants.REFERENCE_ID));
payload.setApplicationId(Constants.CERTIFY_VC_SIGN_ED25519);
payload.setReferenceId(Constants.ED25519_REF_ID); // alg, empty = RSA
payload.setIncludePayload(false);
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package io.mosip.certify.services.proofgenerators;
package io.mosip.certify.proofgenerators;

import com.danubetech.keyformats.jose.JWSAlgorithm;
import info.weboftrust.ldsignatures.LdProof;
Expand All @@ -10,9 +10,12 @@
import io.mosip.kernel.signature.dto.SignResponseDto;
import io.mosip.kernel.signature.service.SignatureServicev2;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
vishwa-vyom marked this conversation as resolved.
Show resolved Hide resolved
import org.springframework.stereotype.Component;

import java.util.Map;

/**
* Ed25519SignatureAlgorithm2020 as per
* https://www.w3.org/community/reports/credentials/CG-FINAL-di-eddsa-2020-20220724/
Expand All @@ -37,8 +40,10 @@ public Canonicalizer getCanonicalizer() {
}

@Override
public LdProof generateProof(LdProof vcLdProof, String vcEncodedHash) {
public LdProof generateProof(LdProof vcLdProof, String vcEncodedHash, Map<String, String> keyID) {
SignRequestDtoV2 srd = new SignRequestDtoV2();
srd.setApplicationId(keyID.get(Constants.APPLICATION_ID));
srd.setReferenceId(keyID.get(Constants.REFERENCE_ID));
srd.setApplicationId(Constants.CERTIFY_VC_SIGN_ED25519);
srd.setReferenceId(Constants.ED25519_REF_ID);
srd.setDataToSign(vcEncodedHash);
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
package io.mosip.certify.services.proofgenerators;
package io.mosip.certify.proofgenerators;

import info.weboftrust.ldsignatures.LdProof;
import info.weboftrust.ldsignatures.canonicalizer.Canonicalizer;

import java.util.Map;

/**
* ProofGenerator is a helper class for KeymanagerLibSigner
* to better deal with multiple signature algorithms for JSON-LD VCs.
Expand All @@ -27,5 +29,5 @@ public interface ProofGenerator {
* @param vcHash is the output of the
* @return
*/
LdProof generateProof(LdProof vcLdProof, String vcHash);
LdProof generateProof(LdProof vcLdProof, String vcHash, Map<String, String> keyID);
}
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package io.mosip.certify.services.proofgenerators;
package io.mosip.certify.proofgenerators;

import com.danubetech.keyformats.jose.JWSAlgorithm;
import info.weboftrust.ldsignatures.LdProof;
Expand All @@ -15,6 +15,7 @@

import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Map;

@Component
@ConditionalOnProperty(name = "mosip.certify.data-provider-plugin.issuer.vc-sign-algo", havingValue = SignatureAlg.RSA_SIGNATURE_SUITE_2018)
Expand All @@ -35,12 +36,12 @@ public Canonicalizer getCanonicalizer() {
}

@Override
public LdProof generateProof(LdProof vcLdProof, String vcEncodedHash) {
public LdProof generateProof(LdProof vcLdProof, String vcEncodedHash, Map<String, String> keyID) {
String vcEncodedData = Base64.getUrlEncoder().encodeToString(vcEncodedHash.getBytes(StandardCharsets.UTF_8));
JWSSignatureRequestDto payload = new JWSSignatureRequestDto();
payload.setDataToSign(vcEncodedData);
payload.setApplicationId(Constants.CERTIFY_VC_SIGN_RSA);
payload.setReferenceId(Constants.EMPTY_REF_ID); // alg, empty = RSA
payload.setApplicationId(keyID.get(Constants.APPLICATION_ID));
payload.setReferenceId(keyID.get(Constants.REFERENCE_ID)); // alg, empty = RSA
payload.setIncludePayload(false);
payload.setIncludeCertificate(false);
payload.setIncludeCertHash(true);
Expand Down
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
package io.mosip.certify.services.repository;
package io.mosip.certify.repository;

import io.mosip.certify.services.entity.CredentialTemplate;
import io.mosip.certify.services.entity.TemplateId;
import io.mosip.certify.entity.CredentialTemplate;
import io.mosip.certify.entity.TemplateId;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;

import java.util.Optional;

@Repository
public interface TemplateRepository extends JpaRepository<CredentialTemplate, TemplateId> {
public interface CredentialTemplateRepository extends JpaRepository<CredentialTemplate, TemplateId> {
Optional<CredentialTemplate> findByCredentialTypeAndContext(String credentialType, String context);
// NOTE: best practice? .save()
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
package io.mosip.certify.services.repository;
package io.mosip.certify.repository;

import io.mosip.certify.services.entity.RenderingTemplate;
import io.mosip.certify.entity.RenderingTemplate;
import org.springframework.data.jpa.repository.JpaRepository;

public interface RenderingTemplateRepository extends JpaRepository<RenderingTemplate, String> {
Expand Down
Loading
Loading