Skip to content

Commit

Permalink
Merge pull request eclipse-tractusx#23 from nitin-vavdiya/features/ja…
Browse files Browse the repository at this point in the history 
…va-did-web

Features/java did web
feat: merge pull request after skimming through all 60+ files modified.
  • Loading branch information
@mknoopvw
mknoopvw authored Jun 12, 2023
2 parents 1d7b23d + c5ad2a1 commit 0b49352
Show file tree
Hide file tree
Showing 61 changed files with 6,917 additions and 1,121 deletions.
1 change: 0 additions & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@ bin/
hs_err_pid*.log

.env
dev.env

dev-assets/secrets/*
local.db
Expand Down
99 changes: 99 additions & 0 deletions README_did_web.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
# Managed Identity Wallets <a id="introduction"></a>

The Managed Identity Wallets (MIW) service implements the Self-Sovereign-Identity (SSI) using did:web

# Developer Documentation

To run MIW locally, this section describes the tooling as well as
the local development setup.

## Tooling

Following tools the MIW development team used successfully:

| Area | Tool | Download Link | Comment |
|----------|----------|-------------------------------------------------|---------------------------------------------------------------------------------------------------|
| IDE | IntelliJ | https://www.jetbrains.com/idea/download/ | Additionally the [envfile plugin](https://plugins.jetbrains.com/plugin/7861-envfile) is suggested |
| Build | Gradle | https://gradle.org/install/ |
| Runtime | Docker | https://www.docker.com/products/docker-desktop/ | |
| Database | DBeaver | https://dbeaver.io/ |
| IAM | Keycloak | https://www.keycloak.org/ | |

## Local Development Setup

1. Run keycloak and database server using [docker-compose.yaml](dev-assets%2Fdid-web%2Fdocker-compose.yaml)
2. Connect database and create miw database and user to access the database
3. Update DB_USER_NAME, DB_PASSWORD, and DB_NAME in [dev.env](dev-assets%2Fdid-web%2Fdev.env)
4. Create personal access token(classic) with `read:packages` access (ref: https://github.com/settings/tokens/new)
5. set ORG_GRADLE_PROJECT_githubUserName and ORG_GRADLE_PROJECT_githubToken values
in [dev.env](dev-assets%2Fdid-web%2Fdev.env)
6. Setup [dev.env](dev-assets%2Fdid-web%2Fdev.env) values either in application.yaml or in IDE
7. Run [ManagedIdentityWalletsApplication.java](src%2Fmain%2Fjava%2Forg%2Feclipse%2Ftractusx%2Fmanagedidentitywallets%2FManagedIdentityWalletsApplication.java) in IDE
8. Open API doc on http://localhost:8080
9. Click on Authorize on swagger UI and on the dialog click again on Authorize.
10. Login with username=catena-x and password=password

## Test Coverage

Jacoco is used to generate the coverage report. The report generation
and the coverage verification are automatically executed after tests.

The generated HTML report can be found under `jacoco-report/html/`

To generate the report run the command

```
./gradlew jacocoTestReport
```

To check the coverage run the command

```
./gradlew jacocoTestCoverageVerification
```

Currently the minimum is 80%

## Environment Variables <a id= "environmentVariables"></a>

| name | description | default value |
|---------------------------------|-----------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|
| APPLICATION_PORT | port number of application | 8080 |
| APPLICATION_ENVIRONMENT | Environment of the application ie. local, dev, int and prod | local |
| DB_HOST | Database host | localhost |
| DB_PORT | Port of database | 5432 |
| DB_NAME | Database name | miw |
| USE_SSL | Whether SSL is enabled in database server | false |
| DB_USER_NAME | Database username | |
| DB_PASSWORD | Database password | |
| DB_POOL_SIZE | Max number of database connection acquired by application | 10 |
| KEYCLOAK_MIW_PUBLIC_CLIENT | Only needed if we want enable login with keyalock in swagger | miw_public |
| MANAGEMENT_PORT | Spring actuator port | 8090 |
| MIW_HOST_NAME | Application host name, this will be used in creation of did ie. did:web:MIW_HOST_NAME:BPN | localhost |
| ENCRYPTION_KEY | encryption key used to encrypt and decrypt private and public key of wallet | |
| AUTHORITY_WALLET_BPN | base wallet BPN number | BPNL000000000000 |
| AUTHORITY_WALLET_NAME | Base wallet name | Catena-X |
| AUTHORITY_WALLET_DID | Base wallet web did | web:did:host:BPNL000000000000 |
| VC_SCHEMA_LINK | Comma separated list of VC schema URL | https://www.w3.org/2018/credentials/v1, https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/businessPartnerData |
| VC_EXPIRY_DATE | Expiry date of VC (dd-MM-yyyy ie. 01-01-2025 expiry date will be 2024-12-31T18:30:00Z in VC) | 01-01-2025 |
| KEYCLOAK_REALM | Realm name of keycloak | miw_test |
| KEYCLOAK_CLIENT_ID | Keycloak private client id | |
| AUTH_SERVER_URL | Keycloak server url | |
| SUPPORTED_FRAMEWORK_VC_TYPES | Supported framework VC, provide values ie type1=value1,type2=value2 | cx-behavior-twin=Behavior Twin,cx-pcf=PCF,cx-quality=Quality,cx-resiliency=Resiliency,cx-sustainability=Sustainability,cx-traceability=ID_3.0_Trace |
| ENFORCE_HTTPS_IN_DID_RESOLUTION | Enforce https during web did resolution | true |
| CONTRACT_TEMPLATES_URL | Contract templates URL used in summary VC | https://public.catena-x.org/contracts/ |
| | | |

## Technical Debts and Known issue

1. Keys are stored in database in encrypted format, need to store keys in more secure place ie. Vault
2. Policies can be validated dynamically as per
request while validating VP and
VC. [Check this for more details](https://docs.walt.id/v/ssikit/concepts/verification-policies)

## Reference of external lib

1. https://www.testcontainers.org/modules/databases/postgres/
2. https://github.com/dasniko/testcontainers-keycloak
3. https://github.com/smartSenseSolutions/smartsense-java-commons
4. https://github.com/catenax-ng/product-lab-ssi
6 changes: 4 additions & 2 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ configurations {
}

repositories {
mavenLocal()
mavenCentral()
maven {
url = uri("https://repo.danubetech.com/repository/maven-public")
Expand Down Expand Up @@ -45,9 +46,9 @@ dependencies {
implementation 'org.springframework.cloud:spring-cloud-starter-openfeign'
implementation "org.springdoc:springdoc-openapi-starter-common:${openApiVersion}"
implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${openApiVersion}"
implementation group: 'com.smartsensesolutions', name: 'commons-dao', version: '0.0.2'
implementation group: 'com.smartsensesolutions', name: 'commons-dao', version: '0.0.5'
implementation 'org.liquibase:liquibase-core'
implementation 'org.eclipse.tractusx.ssi.lib:cx-ssi-lib:0.0.4'
implementation 'org.eclipse.tractusx.ssi:cx-ssi-lib:0.0.6'
runtimeOnly 'org.postgresql:postgresql'
compileOnly 'org.projectlombok:lombok'
developmentOnly 'org.springframework.boot:spring-boot-devtools'
Expand All @@ -57,6 +58,7 @@ dependencies {
testImplementation "org.testcontainers:postgresql"
testImplementation "org.testcontainers:junit-jupiter"
testImplementation group: 'com.github.dasniko', name: 'testcontainers-keycloak', version: '2.5.0'
testImplementation group: 'org.mockito', name: 'mockito-inline', version: '5.2.0'
testImplementation group: 'org.json', name: 'json', version: '20230227'
}

Expand Down
29 changes: 29 additions & 0 deletions dev-assets/did-web/dev.env
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#application env variables need to setup in IDE
APPLICATION_PORT=8080
APPLICATION_ENVIRONMENT=dev
DB_HOST=localhost
DB_PORT=5432
USE_SSL=false


#create miw database and update below properties
DB_USER_NAME=
DB_PASSWORD=
DB_NAME=
KEYCLOAK_MIW_PUBLIC_CLIENT=miw_public
MANAGEMENT_PORT=8090
MIW_HOST_NAME=localhost
ENCRYPTION_KEY=Woh9waid4Ei5eez0aitieghoow9so4oe
AUTHORITY_WALLET_BPN=BPNL000000000000
AUTHORITY_WALLET_NAME=Catena-X
AUTHORITY_WALLET_DID:did:web:localhost:BPNL000000000000
VC_SCHEMA_LINK=https://www.w3.org/2018/credentials/v1, https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/businessPartnerData
VC_EXPIRY_DATE=01-01-2025
SUPPORTED_FRAMEWORK_VC_TYPES=cx-behavior-twin=Behavior Twin,cx-pcf=PCF,cx-quality=Quality,cx-resiliency=Resiliency,cx-sustainability=Sustainability,cx-traceability=ID_3.0_Trace
KEYCLOAK_REALM=miw_test
KEYCLOAK_CLIENT_ID=miw_private_client
AUTH_SERVER_URL=http://localhost:8081

## Github user name
ORG_GRADLE_PROJECT_githubUserName=
ORG_GRADLE_PROJECT_githubToken=
35 changes: 35 additions & 0 deletions dev-assets/did-web/docker-compose.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
version: '3'

volumes:
postgres_data:
driver: local

services:
postgres:
image: postgres
volumes:
- postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
ports:
- "5432:5432"
keycloak:
image: quay.io/keycloak/keycloak:21.0.2
environment:
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloak
DB_USER: keycloak
DB_SCHEMA: public
DB_PASSWORD: password
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
entrypoint: [ "/opt/keycloak/bin/kc.sh", "start-dev" ,"--import-realm" ]
volumes:
- ./miw_test_realm.json:/opt/keycloak/data/import/miw_test_realm.json
ports:
- 8081:8080
depends_on:
- postgres
Loading

0 comments on commit 0b49352

Please sign in to comment.