Skip to content

Commit

Permalink
Merge pull request eclipse-tractusx#42 from mercedes-benz/miw-3-aug-2023
Browse files Browse the repository at this point in the history 
Miw 3 aug 2023
  • Loading branch information
@SebastianBezold
SebastianBezold authored Aug 3, 2023
2 parents f8a3f9f + 036d4c4 commit d49a2b0
Show file tree
Hide file tree
Showing 25 changed files with 2,624 additions and 306 deletions.
304 changes: 264 additions & 40 deletions CHANGELOG.md
View file

Large diffs are not rendered by default.

87 changes: 56 additions & 31 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Managed Identity Wallets <a id="introduction"></a>
# Managed Identity Wallets `<a id="introduction"></a>`

The Managed Identity Wallets (MIW) service implements the Self-Sovereign-Identity (SSI) using did:web

Expand All @@ -15,13 +15,13 @@ There are two possible flows, which can be used for development:

Following tools the MIW development team used successfully:

| Area | Tool | Download Link | Comment |
|----------|----------|-------------------------------------------------|---------------------------------------------------------------------------------------------------|
| IDE | IntelliJ | https://www.jetbrains.com/idea/download/ | Use [envfile plugin](https://plugins.jetbrains.com/plugin/7861-envfile) to use the **local** flow |
| Build | Gradle | https://gradle.org/install/ |
| Runtime | Docker | https://www.docker.com/products/docker-desktop/ | |
| Database | DBeaver | https://dbeaver.io/ |
| IAM | Keycloak | https://www.keycloak.org/ | |
| Area | Tool | Download Link | Comment |
| -------- | -------- | ----------------------------------------------- | --------------------------------------------------------------------------------------------------- |
| IDE | IntelliJ | https://www.jetbrains.com/idea/download/ | Use[envfile plugin](https://plugins.jetbrains.com/plugin/7861-envfile) to use the **local** flow |
| Build | Gradle | https://gradle.org/install/ | |
| Runtime | Docker | https://www.docker.com/products/docker-desktop/ | |
| Database | DBeaver | https://dbeaver.io/ | |
| IAM | Keycloak | https://www.keycloak.org/ | |

# Administrator Documentation

Expand Down Expand Up @@ -49,39 +49,63 @@ assigned to the client using *Clients > miw_private_client > Client Scopes*
The available scopes/roles are:

1. Role `add_wallets` to create a new wallet

2. Role `view_wallets`:
* to get a list of all wallets
* to retrieve one wallet by its identifier
* to validate a Verifiable Credential
* to validate a Verifiable Presentation
* to get all stored Verifiable Credentials

* to get a list of all wallets
* to retrieve one wallet by its identifier
* to validate a Verifiable Credential
* to validate a Verifiable Presentation
* to get all stored Verifiable Credentials
3. Role `update_wallets` for the following actions:
* to store Verifiable Credential
* to issue a Verifiable Credential
* to issue a Verifiable Presentation

* to store Verifiable Credential
* to issue a Verifiable Credential
* to issue a Verifiable Presentation
4. Role `update_wallet`:
* to remove a Verifiable Credential
* to store a Verifiable Credential
* to issue a Verifiable Credential
* to issue a Verifiable Presentation

* to remove a Verifiable Credential
* to store a Verifiable Credential
* to issue a Verifiable Credential
* to issue a Verifiable Presentation
5. Role `view_wallet` requires the BPN of Caller and it can be used:
* to get the Wallet of the related BPN
* to get stored Verifiable Credentials of the related BPN
* to validate any Verifiable Credential
* to validate any Verifiable Presentation

* to get the Wallet of the related BPN
* to get stored Verifiable Credentials of the related BPN
* to validate any Verifiable Credential
* to validate any Verifiable Presentation
6. Role `manage_app` used to change the log level of the application at runtime. Check Logging in the application section for more
details

Overview by Endpoint

| Artefact | CRUD | HTTP Verb/ Request | Endpoint | Roles | Constraints |
| ----------------------------------------------- | ------ | ------------------ | ------------------------------------- | -------------------------------------------------------- | ---------------------------------------------------------------- |
| **Wallets** | Read | GET | /api/wallets | **view_wallets** | |
| **Wallets** | Create | POST | /api/wallets | **add_wallets** | **1 BPN : 1 WALLET**(PER ONE [1] BPN ONLY ONE [1] WALLET!) |
| **Wallets** | Create | POST | /api/wallets/{identifier}/credentials | **update_wallets** <br />OR**update_wallet** | |
| **Wallets** | Read | GET | /api/wallets/{identifier} | **view_wallets**OR<br />**view_wallet** | |
| **Verifiable Presentations - Generation** | Create | POST | /api/presentation | **update_wallets**OR<br />**update_wallet** | |
| **Verifiable Presentations - Validation** | Create | POST | /api/presentations/validation | **view_wallets**OR<br />**view_wallet** | |
| **Verifiable Credential - Holder** | Read | GET | /api/credentials | **view_wallets**OR<br />**view_wallet** | |
| **Verifiable Credential - Holder** | Create | POST | /api/credentials | **update_wallet**OR<br />**update_wallet** | |
| **Verifiable Credential - Holder** | Delete | DELETE | /api/credentials | **update_wallet** | |
| **Verfiable Credential - Validation** | Create | POST | /api/credentials/validation | **view_wallets**OR<br />**view_wallet** | |
| **Verfiable Credential - Issuer** | Read | GET | /api/credentials/issuer | **view_wallets** | |
| **Verfiable Credential - Issuer** | Create | POST | /api/credentials/issuer | **update_wallets** | |
| **Verfiable Credential - Issuer** | Create | POST | /api/credentials/issuer/membership | **update_wallets** | |
| **Verfiable Credential - Issuer** | Create | POST | /api/credentials/issuer/framework | **update_wallets** | |
| **Verfiable Credential - Issuer** | Create | POST | /api/credentials/issuer/distmantler | **update_wallets** | |
| **DIDDocument** | Read | GET | /{bpn}/did.json | N/A | |
| **DIDDocument** | Read | GET | /api/didDocuments/{identifier} | N/A | ` |



Additionally a Token mapper can be created under *Clients* &gt;
*ManagedIdentityWallets* &gt; *Mappers* &gt; *create* with the following
configuration (using as an example `BPNL000000001`):

| Key | Value |
|------------------------------------|-----------------|
| ---------------------------------- | --------------- |
| Name | StaticBPN |
| Mapper Type | Hardcoded claim |
| Token Claim Name | BPN |
Expand All @@ -90,7 +114,7 @@ configuration (using as an example `BPNL000000001`):
| Add to ID token | OFF |
| Add to access token | ON |
| Add to userinfo | OFF |
| includeInAccessTokenResponse.label | ON |
| includeInAccessTokenResponse.label | ON |

If you receive an error message, that the client secret is not valid, please go into
keycloak admin and within *Clients > Credentials* recreate the secret.
Expand Down Expand Up @@ -161,6 +185,7 @@ When you just run `task` without parameters, you will see all tasks available.
6. MIW is up and running

# End Users

See OpenAPI documentation, which is automatically created from
the source and available on each deployment at the `/docs/api-docs/docs` endpoint
(e.g. locally at http://localhost:8087/docs/api-docs/docs). An export of the JSON
Expand Down Expand Up @@ -199,7 +224,7 @@ PostgreSQL and Keycloak Docker containers locally.
Before running the tests, please ensure that you have Docker runtime installed and that you have the necessary
permissions to run containers.

Alternative, you can skip test during the build with ``` ./gradlew clean build -x test```
Alternative, you can skip test during the build with `` ./gradlew clean build -x test``

#### 2. Database migration related issue

Expand All @@ -214,11 +239,11 @@ In case you encounter any database-related issues, you can resolve them by follo

This process ensures that any issues with the database schema are resolved by recreating it in a fresh state.

# Environment Variables <a id= "environmentVariables"></a>
# Environment Variables `<a id= "environmentVariables"></a>`

| name | description | default value |
|---------------------------------|----------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|
| APPLICATION_PORT | port number of application | 8080 |
| ------------------------------- | -------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
| APPLICATION_PORT | port number of application | 8080 |
| APPLICATION_ENVIRONMENT | Environment of the application ie. local, dev, int and prod | local |
| DB_HOST | Database host | localhost |
| DB_PORT | Port of database | 5432 |
Expand Down
6 changes: 6 additions & 0 deletions Taskfile.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,12 @@ tasks:
cmds:
- task: check:check-all

changelog:
desc: Generate Changelog
cmds:
- rm -f CHANGELOG.md
- git-changelog -o CHANGELOG.md -c conventional -t keepachangelog .

clean-all:
desc: Cleans everything...
cmds:
Expand Down
2 changes: 1 addition & 1 deletion dev-assets/env-files/env.docker.dist
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ AUTHORITY_WALLET_NAME=Catena-X
KEYCLOAK_REALM=miw_test
VC_SCHEMA_LINK="https://www.w3.org/2018/credentials/v1, https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json"
VC_EXPIRY_DATE=01-01-2025
SUPPORTED_FRAMEWORK_VC_TYPES="cx-behavior-twin=Behavior Twin,cx-pcf=PCF,cx-quality=Quality,cx-resiliency=Resiliency,cx-sustainability=Sustainability,cx-traceability=ID_3.0_Trace"
SUPPORTED_FRAMEWORK_VC_TYPES="PcfCredential, SustainabilityCredential, QualityCredential, TraceabilityCredential, BehaviorTwinCredential, ResiliencyCredential"
MIW_HOST_NAME=miw

######### DON'T MODIFY ANYTHING BELOW THIS LINE !!! #########
Expand Down
2 changes: 1 addition & 1 deletion dev-assets/env-files/env.local.dist
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ AUTHORITY_WALLET_NAME=Catena-X
KEYCLOAK_REALM=miw_test
VC_SCHEMA_LINK="https://www.w3.org/2018/credentials/v1, https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json"
VC_EXPIRY_DATE=01-01-2025
SUPPORTED_FRAMEWORK_VC_TYPES="cx-behavior-twin=Behavior Twin,cx-pcf=PCF,cx-quality=Quality,cx-resiliency=Resiliency,cx-sustainability=Sustainability,cx-traceability=ID_3.0_Trace"
SUPPORTED_FRAMEWORK_VC_TYPES="PcfCredential, SustainabilityCredential, QualityCredential, TraceabilityCredential, BehaviorTwinCredential, ResiliencyCredential"
MIW_HOST_NAME=miw

######### DON'T MODIFY ANYTHING BELOW THIS LINE !!! #########
Expand Down
7 changes: 7 additions & 0 deletions dev-assets/tasks/darwin/check-tools.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ tasks:
- task: check-docker-compose
- task: check-java
- task: check-jq
- task: check-git-changelog
ignore_error: true

check-helm:
Expand Down Expand Up @@ -70,6 +71,12 @@ tasks:
cmds:
- ./check_bin.sh jq https://jqlang.github.io/jq/

check-git-changelog:
dir: dev-assets/tasks/darwin
silent: true
cmds:
- ./check_bin.sh git-changelog https://pypi.org/project/git-changelog/#description

check-java:
dir: dev-assets/tasks/darwin
silent: true
Expand Down
7 changes: 7 additions & 0 deletions dev-assets/tasks/linux/check-tools.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ tasks:
- task: check-docker-compose
- task: check-java
- task: check-jq
- task: check-git-changelog
ignore_error: true

check-helm:
Expand Down Expand Up @@ -67,6 +68,12 @@ tasks:
cmds:
- ./check_bin.sh jq https://jqlang.github.io/jq/

check-git-changelog:
dir: dev-assets/tasks/linux
silent: true
cmds:
- ./check_bin.sh git-changelog https://pypi.org/project/git-changelog/#description

check-java:
dir: dev-assets/tasks/linux
silent: true
Expand Down
7 changes: 7 additions & 0 deletions dev-assets/tasks/windows/check-tools.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ tasks:
- task: check-docker-compose
- task: check-java
- task: check-jq
- task: check-git-changelog
ignore_error: true

check-helm:
Expand Down Expand Up @@ -67,6 +68,12 @@ tasks:
cmds:
- echo "task 'check-prereq' not implemented for windows!"

check-git-changelog:
dir: dev-assets/tasks/windows
silent: true
cmds:
- echo "task 'check-prereq' not implemented for windows!"

check-java:
dir: dev-assets/tasks/windows
silent: true
Expand Down
31 changes: 29 additions & 2 deletions src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ApplicationConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,36 @@
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.smartsensesolutions.java.commons.specification.SpecificationUtil;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.text.StringEscapeUtils;
import org.springdoc.core.properties.SwaggerUiConfigProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.MessageSource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.ReloadableResourceBundleMessageSource;
import org.springframework.validation.beanvalidation.LocalValidatorFactoryBean;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import java.nio.charset.StandardCharsets;

/**
* The type Application config.
*/
@Configuration
@Slf4j
@RequiredArgsConstructor
public class ApplicationConfig implements WebMvcConfigurer {

private final SwaggerUiConfigProperties properties;
private final String resourceBundlePath;

@Autowired
public ApplicationConfig(@Value("${resource.bundle.path:classpath:i18n/language}") String resourceBundlePath, SwaggerUiConfigProperties properties) {
this.resourceBundlePath = resourceBundlePath;
this.properties = properties;
}

/**
* Object mapper object mapper.
Expand Down Expand Up @@ -71,4 +83,19 @@ public void addViewControllers(ViewControllerRegistry registry) {
log.info("Set landing page to path {}", StringEscapeUtils.escapeJava(redirectUri));
registry.addRedirectViewController("/", redirectUri);
}

@Bean
public MessageSource messageSource() {
ReloadableResourceBundleMessageSource bean = new ReloadableResourceBundleMessageSource();
bean.setBasename(resourceBundlePath);
bean.setDefaultEncoding(StandardCharsets.UTF_8.name());
return bean;
}

@Bean
public LocalValidatorFactoryBean validator() {
LocalValidatorFactoryBean beanValidatorFactory = new LocalValidatorFactoryBean();
beanValidatorFactory.setValidationMessageSource(messageSource());
return beanValidatorFactory;
}
}
Loading

0 comments on commit d49a2b0

Please sign in to comment.