From dd85726078ba5c811ab35b2bcf0993bd63671790 Mon Sep 17 00:00:00 2001 From: Ronak Thacker Date: Fri, 14 Jul 2023 15:40:18 +0530 Subject: [PATCH 01/11] feat: added administrator documentation --- README.md | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/README.md b/README.md index c5b8b96a9..71d5d0d5a 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,72 @@ Following tools the MIW development team used successfully: | Database | DBeaver | https://dbeaver.io/ | | IAM | Keycloak | https://www.keycloak.org/ | | +# Administrator Documentation + +## Manual Keycloak Configuration + +Within the development setup the Keycloak is initially prepared with the +values in `./dev-assets/docker-environment/keycloak`. The realm could also be +manually added and configured at http://localhost:8080 via the "Add realm" +button. It can be for example named `localkeycloak`. Also add an additional client, +e.g. named `ManagedIdentityWallets` with *valid redirect url* set to +`http://localhost:8080/*`. The roles +* add_wallets +* view_wallets +* update_wallets +* delete_wallets +* view_wallet +* update_wallet + can be added under *Clients > ManagedIdentityWallets > Roles* and then + assigned to the client using *Clients > ManagedIdentityWallets > Client Scopes* + *> Service Account Roles > Client Roles > ManagedIdentityWallets*. The + available scopes/roles are: + +1. Role `add_wallets` to create a new wallet + +2. Role `view_wallets`: + * to get a list of all wallets + * to retrieve one wallet by its identifier + * to validate a Verifiable Credential + * to validate a Verifiable Presentation + * to get all stored Verifiable Credentials + +3. Role `update_wallets` for the following actions: + * to store Verifiable Credential + * to issue a Verifiable Credential + * to issue a Verifiable Presentation + +4. Role `update_wallet`: + * to remove a Verifiable Credential + * to store a Verifiable Credential + * to issue a Verifiable Credential + * to issue a Verifiable Presentation + +5. Role `view_wallet` requires the BPN of Caller and it can be used: + * to get the Wallet of the related BPN + * to get stored Verifiable Credentials of the related BPN + * to validate any Verifiable Credential + * to validate any Verifiable Presentation + +Additionally a Token mapper can to be created under *Clients* > +*ManagedIdentityWallets* > *Mappers* > *create* with the following +configuration (using as example `BPNL000000001`): + +| Key | Value | +|---------------------|---------------------------| +| Name | StaticBPN | +| Mapper Type | Hardcoded claim | +| Token Claim Name | BPN | +| Claim value | BPNL000000001 | +| Claim JSON Type | String | +| Add to ID token | OFF | +| Add to access token | ON | +| Add to userinfo | OFF | +| includeInAccessTokenResponse.label | ON | + +If you receive an error message, that the client secret is not valid, please go into +keycloak admin and within *Clients > Credentials* recreate the secret. + ## Development Setup ### Prerequisites From 6b46ab23e7f39fdd28a652a4e449b81390523f61 Mon Sep 17 00:00:00 2001 From: Nitin Vavdiya Date: Fri, 14 Jul 2023 15:52:30 +0530 Subject: [PATCH 02/11] docs: manage_app role added in keycloak doc --- README.md | 48 +++++++++++++++++++++++++++--------------------- 1 file changed, 27 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 71d5d0d5a..81ba1801b 100644 --- a/README.md +++ b/README.md @@ -31,18 +31,22 @@ Within the development setup the Keycloak is initially prepared with the values in `./dev-assets/docker-environment/keycloak`. The realm could also be manually added and configured at http://localhost:8080 via the "Add realm" button. It can be for example named `localkeycloak`. Also add an additional client, -e.g. named `ManagedIdentityWallets` with *valid redirect url* set to +e.g. named `miw_private_client` with *valid redirect url* set to `http://localhost:8080/*`. The roles + * add_wallets * view_wallets * update_wallets * delete_wallets * view_wallet * update_wallet - can be added under *Clients > ManagedIdentityWallets > Roles* and then - assigned to the client using *Clients > ManagedIdentityWallets > Client Scopes* - *> Service Account Roles > Client Roles > ManagedIdentityWallets*. The - available scopes/roles are: +* manage_app + +Roles can be added under *Clients > miw_private_client > Roles* and then +assigned to the client using *Clients > miw_private_client > Client Scopes* +*> Service Account Roles > Client Roles > miw_private_client*. + +The available scopes/roles are: 1. Role `add_wallets` to create a new wallet @@ -59,32 +63,34 @@ e.g. named `ManagedIdentityWallets` with *valid redirect url* set to * to issue a Verifiable Presentation 4. Role `update_wallet`: - * to remove a Verifiable Credential - * to store a Verifiable Credential - * to issue a Verifiable Credential - * to issue a Verifiable Presentation - + * to remove a Verifiable Credential + * to store a Verifiable Credential + * to issue a Verifiable Credential + * to issue a Verifiable Presentation + 5. Role `view_wallet` requires the BPN of Caller and it can be used: * to get the Wallet of the related BPN * to get stored Verifiable Credentials of the related BPN * to validate any Verifiable Credential * to validate any Verifiable Presentation +6. Role `manage_app` used to change log level of application at runtime. Check Logging in application section for more + details Additionally a Token mapper can to be created under *Clients* > *ManagedIdentityWallets* > *Mappers* > *create* with the following configuration (using as example `BPNL000000001`): -| Key | Value | -|---------------------|---------------------------| -| Name | StaticBPN | -| Mapper Type | Hardcoded claim | -| Token Claim Name | BPN | -| Claim value | BPNL000000001 | -| Claim JSON Type | String | -| Add to ID token | OFF | -| Add to access token | ON | -| Add to userinfo | OFF | -| includeInAccessTokenResponse.label | ON | +| Key | Value | +|------------------------------------|-----------------| +| Name | StaticBPN | +| Mapper Type | Hardcoded claim | +| Token Claim Name | BPN | +| Claim value | BPNL000000001 | +| Claim JSON Type | String | +| Add to ID token | OFF | +| Add to access token | ON | +| Add to userinfo | OFF | +| includeInAccessTokenResponse.label | ON | If you receive an error message, that the client secret is not valid, please go into keycloak admin and within *Clients > Credentials* recreate the secret. From 670facae38caddb404a63831c470d61d9858898f Mon Sep 17 00:00:00 2001 From: Ronak Thacker Date: Fri, 14 Jul 2023 16:31:34 +0530 Subject: [PATCH 03/11] feat: added end user documentation --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index 81ba1801b..4aa66ab68 100644 --- a/README.md +++ b/README.md @@ -160,6 +160,11 @@ When you just run `task` without parameters, you will see all tasks available. 5. Click on "Authorize" and "close" 6. MIW is up and running +# End Users +See OpenAPI documentation, which is automatically created from +the source and available on each deployment at the `/docs` endpoint +(e.g. locally at http://localhost:8000/docs). An export of the JSON +document can be also found in [docs/openapi_v001.json](docs/openapi_v001.json). ## Test Coverage From b12df99183ef6594db86dfab0364d6280a5eddb8 Mon Sep 17 00:00:00 2001 From: Nitin Vavdiya Date: Fri, 14 Jul 2023 16:41:41 +0530 Subject: [PATCH 04/11] docs: User guide adn API spec added --- README.md | 16 +- docs/openapi_v002.json | 1854 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 1862 insertions(+), 8 deletions(-) create mode 100644 docs/openapi_v002.json diff --git a/README.md b/README.md index 4aa66ab68..24d7cc145 100644 --- a/README.md +++ b/README.md @@ -162,11 +162,11 @@ When you just run `task` without parameters, you will see all tasks available. # End Users See OpenAPI documentation, which is automatically created from -the source and available on each deployment at the `/docs` endpoint -(e.g. locally at http://localhost:8000/docs). An export of the JSON -document can be also found in [docs/openapi_v001.json](docs/openapi_v001.json). +the source and available on each deployment at the `/docs/api-docs/docs` endpoint +(e.g. locally at http://localhost:8087/docs/api-docs/docs). An export of the JSON +document can be also found in [docs/openapi_v002.json](docs/openapi_v002.json). -## Test Coverage +# Test Coverage Jacoco is used to generate the coverage report. The report generation and the coverage verification are automatically executed after tests. @@ -187,7 +187,7 @@ task app:coverage Currently, the minimum is 80% coverage. -## Common issues and solutions during local setup +# Common issues and solutions during local setup #### 1. Can not build with test cases @@ -214,7 +214,7 @@ In case you encounter any database-related issues, you can resolve them by follo This process ensures that any issues with the database schema are resolved by recreating it in a fresh state. -## Environment Variables +# Environment Variables | name | description | default value | |---------------------------------|----------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------| @@ -245,14 +245,14 @@ This process ensures that any issues with the database schema are resolved by re | APP_LOG_LEVEL | Log level of application | INFO | | | | | -## Technical Debts and Known issue +# Technical Debts and Known issue 1. Keys are stored in database in encrypted format, need to store keys in more secure place ie. Vault 2. Policies can be validated dynamically as per request while validating VP and VC. [Check this for more details](https://docs.walt.id/v/ssikit/concepts/verification-policies) -## Logging in application +# Logging in application Log level in application can be set using environment variable ``APP_LOG_LEVEL``. Possible values are ``OFF, ERROR, WARN, INFO, DEBUG, TRACE`` and default value set to ``INFO`` diff --git a/docs/openapi_v002.json b/docs/openapi_v002.json new file mode 100644 index 000000000..138dc89c8 --- /dev/null +++ b/docs/openapi_v002.json @@ -0,0 +1,1854 @@ +{ + "openapi": "3.0.1", + "info": + { + "title": "Managed Identity Wallets API", + "description": "Managed Identity Wallets API", + "contact": + { + "name": "Eclipse Tractus-X", + "url": "https://projects.eclipse.org/projects/automotive.tractusx", + "email": "tractusx-dev@eclipse.org" + }, + "license": + { + "name": "Apache 2.0", + "url": "https://github.com/eclipse-tractusx/managed-identity-wallets/blob/develop/LICENSE" + }, + "version": "0.0.1" + }, + "servers": + [ + { + "url": "http://localhost:8087", + "description": "Generated server url" + } + ], + "security": + [ + { + "Authenticate using access_token": + [] + } + ], + "paths": + { + "/api/wallets": + { + "get": + { + "tags": + [ + "Wallets" + ], + "summary": "List of wallets", + "description": "Permission: **view_wallets** \n\n Retrieve list of registered wallets", + "operationId": "getWallets", + "parameters": + [ + { + "name": "pageNumber", + "in": "query", + "required": false, + "schema": + { + "type": "integer", + "format": "int32", + "default": 0 + } + }, + { + "name": "size", + "in": "query", + "required": false, + "schema": + { + "type": "integer", + "format": "int32", + "default": 2147483647 + } + }, + { + "name": "sortColumn", + "in": "query", + "required": false, + "schema": + { + "type": "string", + "default": "createdAt" + } + }, + { + "name": "sortTpe", + "in": "query", + "required": false, + "schema": + { + "type": "string", + "default": "desc" + } + } + ], + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/PageWallet" + } + } + } + } + } + }, + "post": + { + "tags": + [ + "Wallets" + ], + "summary": "Create Wallet", + "description": "Permission: **add_wallets** \n\n Create a wallet and store it", + "operationId": "createWallet", + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/CreateWalletRequest" + }, + "examples": + { + "Create wallet with BPN": + { + "description": "Create wallet with BPN", + "value": + { + "bpn": "BPNL000000000001", + "name": "companyA" + } + } + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/Wallet" + } + } + } + } + } + } + }, + "/api/wallets/{identifier}/credentials": + { + "post": + { + "tags": + [ + "Wallets" + ], + "summary": "Store Verifiable Credential", + "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of wallet to extract credentials from must equal BPN of caller) \n\n Store a verifiable credential in the wallet of the given identifier", + "operationId": "storeCredential", + "parameters": + [ + { + "name": "identifier", + "in": "path", + "description": "Did or BPN", + "required": true, + "schema": + { + "type": "string" + } + } + ], + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + }, + "example": + { + "id": "http://example.edu/credentials/3732", + "@context": + [ + "https://www.w3.org/2018/credentials/v1", + "https://www.w3.org/2018/credentials/examples/v1" + ], + "type": + [ + "University-Degree-Credential", + "VerifiableCredential" + ], + "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", + "issuanceDate": "2019-06-16T18:56:59Z", + "expirationDate": "2019-06-17T18:56:59Z", + "credentialSubject": + [ + { + "college": "Test-University" + } + ], + "proof": + { + "type": "Ed25519Signature2018", + "created": "2021-11-17T22:20:27Z", + "proofPurpose": "assertionMethod", + "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1", + "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg" + } + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "string" + } + } + } + } + } + } + } + }, + "/api/presentations": + { + "post": + { + "tags": + [ + "Verifiable Presentations - Generation" + ], + "summary": "Create Verifiable Presentation", + "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Presentation must equal to BPN of caller) \n\n Create a verifiable presentation from a list of verifiable credentials, signed by the holder", + "operationId": "createPresentation", + "parameters": + [ + { + "name": "audience", + "in": "query", + "required": false, + "schema": + { + "type": "string" + } + }, + { + "name": "asJwt", + "in": "query", + "required": false, + "schema": + { + "type": "boolean", + "default": false + } + } + ], + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + }, + "example": + { + "holderIdentifier": "did:example:76e12ec712ebc6f1c221ebfeb1f", + "verifiableCredentials": + [ + { + "id": "http://example.edu/credentials/333", + "@context": + [ + "https://www.w3.org/2018/credentials/v1", + "https://www.w3.org/2018/credentials/examples/v1" + ], + "type": + [ + "University-Degree-Credential", + "VerifiableCredential" + ], + "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", + "issuanceDate": "2019-06-16T18:56:59Z", + "expirationDate": "2019-06-17T18:56:59Z", + "credentialSubject": + [ + { + "college": "Test-University" + } + ], + "proof": + { + "type": "Ed25519Signature2018", + "created": "2021-11-17T22:20:27Z", + "proofPurpose": "assertionMethod", + "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#keys-1", + "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg" + } + } + ] + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + } + } + } + } + } + } + }, + "/api/presentations/validation": + { + "post": + { + "tags": + [ + "Verifiable Presentations - Validation" + ], + "summary": "Validate Verifiable Presentation", + "description": "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Presentation with all included credentials", + "operationId": "validatePresentation", + "parameters": + [ + { + "name": "audience", + "in": "query", + "description": "Audience to validate in VP (Only supported in case of JWT formatted VP)", + "required": false, + "schema": + { + "type": "string" + } + }, + { + "name": "asJwt", + "in": "query", + "description": "Pass true in case of VP is in JWT format", + "required": false, + "schema": + { + "type": "boolean", + "default": false + } + }, + { + "name": "withCredentialExpiryDate", + "in": "query", + "description": "Check expiry of VC(Only supported in case of JWT formatted VP)", + "required": false, + "schema": + { + "type": "boolean", + "default": false + } + } + ], + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + }, + "examples": + { + "VP as JWT": + { + "description": "VP as JWT", + "value": + { + "vp": "eyJhbGciOiJFZERTQSJ9.eyJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiYXVkIjoic21hcnRTZW5zZSIsImlzcyI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJ2cCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAjMWQ2ODg4N2EtMzY4NC00ZDU0LWFkYjAtMmM4MWJiNjc4NTJiIiwidHlwZSI6WyJWZXJpZmlhYmxlUHJlc2VudGF0aW9uIl0sIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sInZlcmlmaWFibGVDcmVkZW50aWFsIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJCcG5DcmVkZW50aWFsQ1giXSwiaWQiOiJhY2I5NTIyZi1kYjIyLTRmOTAtOTQ3NS1jM2YzNTExZjljZGUiLCJpc3N1ZXIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wNi0wMVQwODo1Nzo1MFoiLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjQtMTItMzFUMTg6MzA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYnBuIjoiQlBOTDAwMDAwMDAwMDAwMCIsImlkIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCIsInR5cGUiOiJCcG5DcmVkZW50aWFsIn0sInByb29mIjp7InByb29mUHVycG9zZSI6InByb29mUHVycG9zZSIsInZlcmlmaWNhdGlvbk1ldGhvZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJ0eXBlIjoiRWQyNTUxOVNpZ25hdHVyZTIwMjAiLCJwcm9vZlZhbHVlIjoiejRkdUJmY0NzYVN6aU5lVXc4WUJ5eUZkdlpYVzhlQUs5MjhkeDNQeExqV0N2S3p0Slo5bWh4aEh3ZTVCdVRRUW5KRmtvb01nUUdLREU0OGNpTHJHaHBzUEEiLCJjcmVhdGVkIjoiMjAyMy0wNi0wMVQwODo1Nzo1MFoifX19LCJleHAiOjE2ODU2ODEwNTIsImp0aSI6IjFhYmQxYjAxLTBkZTUtNGY1Ny04ZjBlLWRmNzBhNzNkMjE2NyJ9.Hfm-ANjoeZ8fO-32LPOsQ3-xXSclPUd28p9hvlWyVVB0Mz7n0k-KAHra5kpT0oGrGtdhC1lZ0AitdB_td6VrAQ" + } + }, + "VP as json-ld": + { + "description": "VP as json-ld", + "value": + { + "vp": + { + "id": "b9d97cef-758d-4a7c-843d-86f17632b08a", + "type": + [ + "VerifiablePresentation" + ], + "@context": + [ + "https://www.w3.org/2018/credentials/v1" + ], + "verifiableCredential": + [ + { + "issuanceDate": "2023-06-01T08:57:50Z", + "credentialSubject": + [ + { + "bpn": "BPNL000000000000", + "id": "did:web:localhost:BPNL000000000000", + "type": "BpnCredential" + } + ], + "id": "acb9522f-db22-4f90-9475-c3f3511f9cde", + "proof": + { + "proofPurpose": "proofPurpose", + "verificationMethod": "did:web:localhost:BPNL000000000000", + "type": "Ed25519Signature2020", + "proofValue": "z4duBfcCsaSziNeUw8YByyFdvZXW8eAK928dx3PxLjWCvKztJZ9mhxhHwe5BuTQQnJFkooMgQGKDE48ciLrGhpsPA", + "created": "2023-06-01T08:57:50Z" + }, + "type": + [ + "VerifiableCredential", + "BpnCredentialCX" + ], + "@context": + [ + "https://www.w3.org/2018/credentials/v1", + "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json" + ], + "issuer": "did:web:localhost:BPNL000000000000", + "expirationDate": "2024-12-31T18:30:00Z" + } + ] + } + } + } + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + } + } + } + } + } + } + }, + "/api/credentials": + { + "get": + { + "tags": + [ + "Verifiable Credential - Holder" + ], + "summary": "Query Verifiable Credentials", + "description": "Permission: **view_wallets** OR **view_wallet** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria", + "operationId": "getCredentials", + "parameters": + [ + { + "name": "credentialId", + "in": "query", + "required": false, + "schema": + { + "type": "string" + } + }, + { + "name": "issuerIdentifier", + "in": "query", + "required": false, + "schema": + { + "type": "string" + } + }, + { + "name": "type", + "in": "query", + "required": false, + "schema": + { + "type": "array", + "items": + { + "type": "string" + } + } + }, + { + "name": "sortColumn", + "in": "query", + "required": false, + "schema": + { + "type": "string", + "default": "createdAt" + } + }, + { + "name": "sortTpe", + "in": "query", + "required": false, + "schema": + { + "type": "string", + "default": "desc" + } + }, + { + "name": "pageNumber", + "in": "query", + "description": "Page number, Page number start with zero", + "required": false, + "schema": + { + "maximum": 2147483647, + "minimum": 0, + "type": "integer", + "format": "int32", + "default": 0 + } + }, + { + "name": "size", + "in": "query", + "description": "Number of records per page", + "required": false, + "schema": + { + "maximum": 2147483647, + "minimum": 0, + "type": "integer", + "format": "int32", + "default": 2147483647 + } + } + ], + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/PageImplVerifiableCredential" + } + } + } + } + } + }, + "post": + { + "tags": + [ + "Verifiable Credential - Holder" + ], + "summary": "Issue Verifiable Credential", + "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Credential must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID", + "operationId": "issueCredential", + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + }, + "example": + { + "id": "http://example.edu/credentials/333", + "@context": + [ + "https://www.w3.org/2018/credentials/v1", + "https://www.w3.org/2018/credentials/examples/v1" + ], + "type": + [ + "University-Degree-Credential", + "VerifiableCredential" + ], + "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", + "issuanceDate": "2019-06-16T18:56:59Z", + "expirationDate": "2019-06-17T18:56:59Z", + "credentialSubject": + [ + { + "college": "Test-University" + } + ] + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/VerifiableCredential" + } + } + } + } + } + }, + "delete": + { + "tags": + [ + "Verifiable Credential - Holder" + ], + "summary": "Delete a verifiable credential by its ID", + "description": "Permission: **update_wallet** (The BPN of holderIdentifier must equal BPN of caller)\n\n Delete a verifiable credential by its ID", + "operationId": "deleteCredential", + "parameters": + [ + { + "name": "id", + "in": "query", + "required": true, + "schema": + { + "type": "string" + } + } + ], + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "type": "object" + } + } + } + } + } + } + }, + "/api/credentials/validation": + { + "post": + { + "tags": + [ + "Verifiable Credential - Validation" + ], + "summary": "Validate Verifiable Credentials", + "description": "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Credentials", + "operationId": "credentialsValidation", + "parameters": + [ + { + "name": "withCredentialExpiryDate", + "in": "query", + "description": "Check expiry of VC", + "required": false, + "schema": + { + "type": "boolean", + "default": false + } + } + ], + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + }, + "example": + { + "id": "http://example.edu/credentials/333", + "@context": + [ + "https://www.w3.org/2018/credentials/v1", + "https://www.w3.org/2018/credentials/examples/v1" + ], + "type": + [ + "University-Degree-Credential", + "VerifiableCredential" + ], + "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", + "issuanceDate": "2019-06-16T18:56:59Z", + "expirationDate": "2019-06-17T18:56:59Z", + "credentialSubject": + [ + { + "college": "Test-University" + } + ], + "proof": + { + "type": "Ed25519Signature2018", + "created": "2021-11-17T22:20:27Z", + "proofPurpose": "assertionMethod", + "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#keys-1", + "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg" + } + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + } + } + } + } + } + } + }, + "/api/credentials/issuer": + { + "get": + { + "tags": + [ + "Verifiable Credential - Issuer" + ], + "summary": "Query Verifiable Credentials", + "description": "Permission: **view_wallets** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria", + "operationId": "getCredentials_1", + "parameters": + [ + { + "name": "credentialId", + "in": "query", + "required": false, + "schema": + { + "type": "string" + } + }, + { + "name": "holderIdentifier", + "in": "query", + "required": false, + "schema": + { + "type": "string" + } + }, + { + "name": "type", + "in": "query", + "required": false, + "schema": + { + "type": "array", + "items": + { + "type": "string" + } + } + }, + { + "name": "pageNumber", + "in": "query", + "description": "Page number, Page number start with zero", + "required": false, + "schema": + { + "maximum": 2147483647, + "minimum": 0, + "type": "integer", + "format": "int32", + "default": 0 + } + }, + { + "name": "size", + "in": "query", + "description": "Number of records per page", + "required": false, + "schema": + { + "maximum": 2147483647, + "minimum": 0, + "type": "integer", + "format": "int32", + "default": 2147483647 + } + }, + { + "name": "sortColumn", + "in": "query", + "required": false, + "schema": + { + "type": "string", + "default": "createdAt" + } + }, + { + "name": "sortTpe", + "in": "query", + "required": false, + "schema": + { + "type": "string", + "default": "desc" + } + } + ], + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/PageImplVerifiableCredential" + } + } + } + } + } + }, + "post": + { + "tags": + [ + "Verifiable Credential - Issuer" + ], + "summary": "Issue Verifiable Credential", + "description": "Permission: **update_wallets** (The BPN of the base wallet must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID", + "operationId": "issueCredentialUsingBaseWallet", + "parameters": + [ + { + "name": "holderDid", + "in": "query", + "required": true, + "schema": + { + "type": "string" + } + } + ], + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "type": "object", + "additionalProperties": + { + "type": "object" + } + }, + "example": + { + "id": "http://example.edu/credentials/333", + "@context": + [ + "https://www.w3.org/2018/credentials/v1", + "https://www.w3.org/2018/credentials/examples/v1" + ], + "type": + [ + "University-Degree-Credential", + "VerifiableCredential" + ], + "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", + "issuanceDate": "2019-06-16T18:56:59Z", + "expirationDate": "2019-06-17T18:56:59Z", + "credentialSubject": + [ + { + "college": "Test-University" + } + ] + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/VerifiableCredential" + } + } + } + } + } + } + }, + "/api/credentials/issuer/membership": + { + "post": + { + "tags": + [ + "Verifiable Credential - Issuer" + ], + "summary": "Issue a Membership Verifiable Credential with base wallet issuer", + "description": "Permission: **update_wallets** (The BPN of base wallet must equal BPN of caller)\n\n Issue a verifiable credential by base wallet", + "operationId": "issueMembershipCredential", + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/IssueMembershipCredentialRequest" + }, + "example": + { + "bpn": "BPNL000000000000" + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/VerifiableCredential" + } + } + } + } + } + } + }, + "/api/credentials/issuer/framework": + { + "post": + { + "tags": + [ + "Verifiable Credential - Issuer" + ], + "summary": "Issue a Use Case Verifiable Credential with base wallet issuer", + "description": "Permission: **update_wallets** (The BPN of base wallet must equal BPN of caller)\n\n Issue a verifiable credential by base wallet", + "operationId": "issueFrameworkCredential", + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/IssueFrameworkCredentialRequest" + }, + "example": + { + "holderIdentifier": "BPNL000000000000", + "type": "BehaviorTwinCredential", + "contract-template": "https://public.catena-x.org/contracts/traceabilty.v1.pdf", + "contract-version": "1.0.0" + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/VerifiableCredential" + } + } + } + } + } + } + }, + "/api/credentials/issuer/dismantler": + { + "post": + { + "tags": + [ + "Verifiable Credential - Issuer" + ], + "summary": "Issue a Dismantler Verifiable Credential with base wallet issuer", + "description": "Permission: **update_wallets** (The BPN of base wallet must equal BPN of caller)\n\n Issue a verifiable credential by base wallet", + "operationId": "issueDismantlerCredential", + "requestBody": + { + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/IssueDismantlerCredentialRequest" + }, + "example": + { + "bpn": "BPNL000000000000", + "activityType": "vehicleDismantle", + "allowedVehicleBrands": + [ + "Audi", + "Abarth", + "Alfa Romeo", + "Chrysler" + ] + } + } + }, + "required": true + }, + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/VerifiableCredential" + } + } + } + } + } + } + }, + "/{bpn}/did.json": + { + "get": + { + "tags": + [ + "DIDDocument" + ], + "summary": "Resolve DID Document", + "description": "Resolve the DID document for a given BPN", + "operationId": "getDidResolve", + "parameters": + [ + { + "name": "bpn", + "in": "path", + "description": "Did or BPN", + "required": true, + "schema": + { + "type": "string" + } + } + ], + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/DidDocument" + } + } + } + } + } + } + }, + "/api/wallets/{identifier}": + { + "get": + { + "tags": + [ + "Wallets" + ], + "summary": "Retrieve wallet by identifier", + "description": "Permission: **view_wallets** OR **view_wallet** (The BPN of Wallet to retrieve must equal the BPN of caller or Base wallet, authority wallet can see all wallets) \n\n Retrieve single wallet by identifier, with or without its credentials", + "operationId": "getWalletByIdentifier", + "parameters": + [ + { + "name": "identifier", + "in": "path", + "description": "Did or BPN", + "required": true, + "schema": + { + "type": "string" + } + }, + { + "name": "withCredentials", + "in": "query", + "required": false, + "schema": + { + "type": "boolean", + "default": false + } + } + ], + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/Wallet" + } + } + } + } + } + } + }, + "/api/didDocuments/{identifier}": + { + "get": + { + "tags": + [ + "DIDDocument" + ], + "summary": "Resolve DID Document", + "description": "Resolve the DID document for a given DID or BPN", + "operationId": "getDidDocument", + "parameters": + [ + { + "name": "identifier", + "in": "path", + "description": "Did or BPN", + "required": true, + "schema": + { + "type": "string" + } + } + ], + "responses": + { + "200": + { + "description": "OK", + "content": + { + "application/json": + { + "schema": + { + "$ref": "#/components/schemas/DidDocument" + } + } + } + } + } + } + } + }, + "components": + { + "schemas": + { + "CreateWalletRequest": + { + "required": + [ + "bpn", + "name" + ], + "type": "object", + "properties": + { + "bpn": + { + "maxLength": 255, + "minLength": 5, + "type": "string" + }, + "name": + { + "maxLength": 255, + "minLength": 1, + "type": "string" + } + } + }, + "DidDocument": + { + "type": "object", + "properties": + { + "id": + { + "type": "string", + "format": "uri" + }, + "verificationMethods": + { + "type": "array", + "items": + { + "$ref": "#/components/schemas/VerificationMethod" + } + }, + "context": + { + "type": "array", + "items": + { + "type": "string", + "format": "uri" + } + }, + "empty": + { + "type": "boolean" + } + }, + "additionalProperties": + { + "type": "object" + } + }, + "VerifiableCredential": + { + "type": "object", + "properties": + { + "id": + { + "type": "string", + "format": "uri" + }, + "types": + { + "type": "array", + "items": + { + "type": "string" + } + }, + "issuer": + { + "type": "string", + "format": "uri" + }, + "expirationDate": + { + "type": "string", + "format": "date-time" + }, + "credentialSubject": + { + "type": "array", + "items": + { + "$ref": "#/components/schemas/VerifiableCredentialSubject" + } + }, + "proof": + { + "type": "object", + "properties": + { + "type": + { + "type": "string" + }, + "empty": + { + "type": "boolean" + } + }, + "additionalProperties": + { + "type": "object" + } + }, + "issuanceDate": + { + "type": "string", + "format": "date-time" + }, + "context": + { + "type": "array", + "items": + { + "type": "string", + "format": "uri" + } + }, + "empty": + { + "type": "boolean" + } + }, + "additionalProperties": + { + "type": "object" + } + }, + "VerifiableCredentialSubject": + { + "type": "object", + "properties": + { + "id": + { + "type": "string", + "format": "uri" + }, + "empty": + { + "type": "boolean" + } + }, + "additionalProperties": + { + "type": "object" + } + }, + "VerificationMethod": + { + "type": "object", + "properties": + { + "id": + { + "type": "string", + "format": "uri" + }, + "type": + { + "type": "string" + }, + "controller": + { + "type": "string", + "format": "uri" + }, + "empty": + { + "type": "boolean" + } + }, + "additionalProperties": + { + "type": "object" + } + }, + "Wallet": + { + "type": "object", + "properties": + { + "name": + { + "type": "string" + }, + "did": + { + "type": "string" + }, + "bpn": + { + "type": "string" + }, + "algorithm": + { + "type": "string" + }, + "didDocument": + { + "type": "object", + "properties": + { + "id": + { + "type": "string", + "format": "uri" + }, + "verificationMethods": + { + "type": "array", + "items": + { + "$ref": "#/components/schemas/VerificationMethod" + } + }, + "context": + { + "type": "array", + "items": + { + "type": "string", + "format": "uri" + } + }, + "empty": + { + "type": "boolean" + } + }, + "additionalProperties": + { + "type": "object" + } + }, + "verifiableCredentials": + { + "type": "array", + "items": + { + "$ref": "#/components/schemas/VerifiableCredential" + } + } + } + }, + "IssueMembershipCredentialRequest": + { + "required": + [ + "bpn" + ], + "type": "object", + "properties": + { + "bpn": + { + "maxLength": 255, + "minLength": 5, + "type": "string" + } + } + }, + "IssueFrameworkCredentialRequest": + { + "required": + [ + "contract-template", + "contract-version", + "holderIdentifier", + "type" + ], + "type": "object", + "properties": + { + "holderIdentifier": + { + "maxLength": 255, + "minLength": 5, + "type": "string" + }, + "type": + { + "type": "string" + }, + "contract-template": + { + "type": "string" + }, + "contract-version": + { + "type": "string" + } + } + }, + "IssueDismantlerCredentialRequest": + { + "required": + [ + "activityType", + "bpn" + ], + "type": "object", + "properties": + { + "bpn": + { + "maxLength": 255, + "minLength": 5, + "type": "string" + }, + "activityType": + { + "maxLength": 2147483647, + "minLength": 1, + "type": "string" + }, + "allowedVehicleBrands": + { + "uniqueItems": true, + "type": "array", + "items": + { + "type": "string" + } + } + } + }, + "PageWallet": + { + "type": "object", + "properties": + { + "totalElements": + { + "type": "integer", + "format": "int64" + }, + "totalPages": + { + "type": "integer", + "format": "int32" + }, + "size": + { + "type": "integer", + "format": "int32" + }, + "content": + { + "type": "array", + "items": + { + "$ref": "#/components/schemas/Wallet" + } + }, + "number": + { + "type": "integer", + "format": "int32" + }, + "sort": + { + "$ref": "#/components/schemas/SortObject" + }, + "pageable": + { + "$ref": "#/components/schemas/PageableObject" + }, + "numberOfElements": + { + "type": "integer", + "format": "int32" + }, + "first": + { + "type": "boolean" + }, + "last": + { + "type": "boolean" + }, + "empty": + { + "type": "boolean" + } + } + }, + "PageableObject": + { + "type": "object", + "properties": + { + "offset": + { + "type": "integer", + "format": "int64" + }, + "sort": + { + "$ref": "#/components/schemas/SortObject" + }, + "pageNumber": + { + "type": "integer", + "format": "int32" + }, + "pageSize": + { + "type": "integer", + "format": "int32" + }, + "paged": + { + "type": "boolean" + }, + "unpaged": + { + "type": "boolean" + } + } + }, + "SortObject": + { + "type": "object", + "properties": + { + "empty": + { + "type": "boolean" + }, + "sorted": + { + "type": "boolean" + }, + "unsorted": + { + "type": "boolean" + } + } + }, + "PageImplVerifiableCredential": + { + "type": "object", + "properties": + { + "content": + { + "type": "array", + "items": + { + "$ref": "#/components/schemas/VerifiableCredential" + } + }, + "pageable": + { + "$ref": "#/components/schemas/PageableObject" + }, + "totalElements": + { + "type": "integer", + "format": "int64" + }, + "totalPages": + { + "type": "integer", + "format": "int32" + }, + "last": + { + "type": "boolean" + }, + "size": + { + "type": "integer", + "format": "int32" + }, + "number": + { + "type": "integer", + "format": "int32" + }, + "sort": + { + "$ref": "#/components/schemas/SortObject" + }, + "numberOfElements": + { + "type": "integer", + "format": "int32" + }, + "first": + { + "type": "boolean" + }, + "empty": + { + "type": "boolean" + } + } + } + }, + "securitySchemes": + { + "Authenticate using access_token": + { + "type": "apiKey", + "description": "**Bearer (apiKey)** \nJWT Authorization header using the Bearer scheme.\n\nEnter **Bearer** [space] and then your token in the text input below.\n\nExample: Bearer 12345abcdef", + "name": "Authorization", + "in": "header" + } + } + } +} \ No newline at end of file From 4e8d45800ea22f22e3ed59b688d8f4f1b21eebc4 Mon Sep 17 00:00:00 2001 From: Nitin <45592624+nitin-vavdiya@users.noreply.github.com> Date: Fri, 14 Jul 2023 18:03:19 +0530 Subject: [PATCH 05/11] Update README.md Co-authored-by: Boris Rizov <138589018+borisrizov-zf@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 24d7cc145..4a6d2077a 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ The available scopes/roles are: 6. Role `manage_app` used to change log level of application at runtime. Check Logging in application section for more details -Additionally a Token mapper can to be created under *Clients* > +Additionally a Token mapper can be created under *Clients* > *ManagedIdentityWallets* > *Mappers* > *create* with the following configuration (using as example `BPNL000000001`): From c086da7aae3a3ce23fdaedd3734356512c02feda Mon Sep 17 00:00:00 2001 From: Nitin <45592624+nitin-vavdiya@users.noreply.github.com> Date: Fri, 14 Jul 2023 18:03:29 +0530 Subject: [PATCH 06/11] Update README.md Co-authored-by: Boris Rizov <138589018+borisrizov-zf@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4a6d2077a..9e42b7292 100644 --- a/README.md +++ b/README.md @@ -78,7 +78,7 @@ The available scopes/roles are: Additionally a Token mapper can be created under *Clients* > *ManagedIdentityWallets* > *Mappers* > *create* with the following -configuration (using as example `BPNL000000001`): +configuration (using as an example `BPNL000000001`): | Key | Value | |------------------------------------|-----------------| From d743c95cf3abd322b3881f88dc9c1c8d459a92a7 Mon Sep 17 00:00:00 2001 From: Nitin <45592624+nitin-vavdiya@users.noreply.github.com> Date: Fri, 14 Jul 2023 18:03:42 +0530 Subject: [PATCH 07/11] Update README.md Co-authored-by: Boris Rizov <138589018+borisrizov-zf@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9e42b7292..bb8fab5f9 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ Following tools the MIW development team used successfully: ## Manual Keycloak Configuration -Within the development setup the Keycloak is initially prepared with the +Within the development setup the Keycloak instance is initially prepared with the values in `./dev-assets/docker-environment/keycloak`. The realm could also be manually added and configured at http://localhost:8080 via the "Add realm" button. It can be for example named `localkeycloak`. Also add an additional client, From 6479ba0c2e0cd10fc29613f39810ebbe695538d7 Mon Sep 17 00:00:00 2001 From: Nitin <45592624+nitin-vavdiya@users.noreply.github.com> Date: Fri, 14 Jul 2023 18:03:54 +0530 Subject: [PATCH 08/11] Update README.md Co-authored-by: Boris Rizov <138589018+borisrizov-zf@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bb8fab5f9..74a002ee4 100644 --- a/README.md +++ b/README.md @@ -73,7 +73,7 @@ The available scopes/roles are: * to get stored Verifiable Credentials of the related BPN * to validate any Verifiable Credential * to validate any Verifiable Presentation -6. Role `manage_app` used to change log level of application at runtime. Check Logging in application section for more +6. Role `manage_app` used to change the log level of the application at runtime. Check Logging in the application section for more details Additionally a Token mapper can be created under *Clients* > From a888bad72f92da24515cf79b2b8cddef2006914e Mon Sep 17 00:00:00 2001 From: Nitin Vavdiya Date: Mon, 17 Jul 2023 16:37:43 +0530 Subject: [PATCH 09/11] docs: API doc fix --- docs/openapi_v002.json | 25 +++++++++---------- .../config/openapi/OpenApiConfig.java | 19 ++++++++++++-- 2 files changed, 29 insertions(+), 15 deletions(-) diff --git a/docs/openapi_v002.json b/docs/openapi_v002.json index 138dc89c8..a8c2f69f8 100644 --- a/docs/openapi_v002.json +++ b/docs/openapi_v002.json @@ -2,19 +2,18 @@ "openapi": "3.0.1", "info": { - "title": "Managed Identity Wallets API", - "description": "Managed Identity Wallets API", - "contact": - { - "name": "Eclipse Tractus-X", - "url": "https://projects.eclipse.org/projects/automotive.tractusx", - "email": "tractusx-dev@eclipse.org" - }, - "license": - { - "name": "Apache 2.0", - "url": "https://github.com/eclipse-tractusx/managed-identity-wallets/blob/develop/LICENSE" - }, + "title": "Managed Identity Wallets API", + "description": "Managed Identity Wallets API", + "termsOfService": "https://www.eclipse.org/legal/termsofuse.php", + "contact": { + "name": "Eclipse Tractus-X", + "url": "https://projects.eclipse.org/projects/automotive.tractusx", + "email": "tractusx-dev@eclipse.org" + }, + "license": { + "name": "Apache 2.0", + "url": "https://github.com/eclipse-tractusx/managed-identity-wallets/blob/develop/LICENSE" + }, "version": "0.0.1" }, "servers": diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java index 435ae8585..76dd3f645 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java @@ -24,7 +24,9 @@ import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.OpenAPI; +import io.swagger.v3.oas.models.info.Contact; import io.swagger.v3.oas.models.info.Info; +import io.swagger.v3.oas.models.info.License; import io.swagger.v3.oas.models.security.SecurityRequirement; import io.swagger.v3.oas.models.security.SecurityScheme; import lombok.AllArgsConstructor; @@ -53,9 +55,22 @@ public class OpenApiConfig { @Bean public OpenAPI openAPI() { Info info = new Info(); - info.setTitle("MIW API"); - info.setDescription("MIW API"); + info.setTitle("Managed Identity Wallets API"); + info.setDescription("Managed Identity Wallets API"); + info.termsOfService("https://www.eclipse.org/legal/termsofuse.php"); info.setVersion("0.0.1"); + + Contact contact = new Contact(); + contact.name("Eclipse Tractus-X"); + contact.email("tractusx-dev@eclipse.org"); + contact.url("https://projects.eclipse.org/projects/automotive.tractusx"); + info.contact(contact); + + License license = new License(); + license.name("Apache 2.0"); + license.url("https://github.com/eclipse-tractusx/managed-identity-wallets/blob/develop/LICENSE"); + info.license(license); + OpenAPI openAPI = new OpenAPI(); if (Boolean.TRUE.equals(properties.enabled())) { openAPI = enableSecurity(openAPI); From 955b9b43a26ed607023df63f96348c4cd5586b9c Mon Sep 17 00:00:00 2001 From: Nitin Vavdiya Date: Mon, 17 Jul 2023 17:35:47 +0530 Subject: [PATCH 10/11] docs: openAPI v2 doc deleted, new example added for VC and VP --- README.md | 2 +- docs/openapi_v002.json | 1853 ----------------- .../HoldersCredentialController.java | 4 +- .../IssuersCredentialController.java | 56 +- .../controller/PresentationController.java | 148 +- 5 files changed, 120 insertions(+), 1943 deletions(-) delete mode 100644 docs/openapi_v002.json diff --git a/README.md b/README.md index 74a002ee4..0eb4b85af 100644 --- a/README.md +++ b/README.md @@ -164,7 +164,7 @@ When you just run `task` without parameters, you will see all tasks available. See OpenAPI documentation, which is automatically created from the source and available on each deployment at the `/docs/api-docs/docs` endpoint (e.g. locally at http://localhost:8087/docs/api-docs/docs). An export of the JSON -document can be also found in [docs/openapi_v002.json](docs/openapi_v002.json). +document can be also found in [docs/openapi_v001.json](docs/openapi_v001.json). # Test Coverage diff --git a/docs/openapi_v002.json b/docs/openapi_v002.json deleted file mode 100644 index a8c2f69f8..000000000 --- a/docs/openapi_v002.json +++ /dev/null @@ -1,1853 +0,0 @@ -{ - "openapi": "3.0.1", - "info": - { - "title": "Managed Identity Wallets API", - "description": "Managed Identity Wallets API", - "termsOfService": "https://www.eclipse.org/legal/termsofuse.php", - "contact": { - "name": "Eclipse Tractus-X", - "url": "https://projects.eclipse.org/projects/automotive.tractusx", - "email": "tractusx-dev@eclipse.org" - }, - "license": { - "name": "Apache 2.0", - "url": "https://github.com/eclipse-tractusx/managed-identity-wallets/blob/develop/LICENSE" - }, - "version": "0.0.1" - }, - "servers": - [ - { - "url": "http://localhost:8087", - "description": "Generated server url" - } - ], - "security": - [ - { - "Authenticate using access_token": - [] - } - ], - "paths": - { - "/api/wallets": - { - "get": - { - "tags": - [ - "Wallets" - ], - "summary": "List of wallets", - "description": "Permission: **view_wallets** \n\n Retrieve list of registered wallets", - "operationId": "getWallets", - "parameters": - [ - { - "name": "pageNumber", - "in": "query", - "required": false, - "schema": - { - "type": "integer", - "format": "int32", - "default": 0 - } - }, - { - "name": "size", - "in": "query", - "required": false, - "schema": - { - "type": "integer", - "format": "int32", - "default": 2147483647 - } - }, - { - "name": "sortColumn", - "in": "query", - "required": false, - "schema": - { - "type": "string", - "default": "createdAt" - } - }, - { - "name": "sortTpe", - "in": "query", - "required": false, - "schema": - { - "type": "string", - "default": "desc" - } - } - ], - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/PageWallet" - } - } - } - } - } - }, - "post": - { - "tags": - [ - "Wallets" - ], - "summary": "Create Wallet", - "description": "Permission: **add_wallets** \n\n Create a wallet and store it", - "operationId": "createWallet", - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/CreateWalletRequest" - }, - "examples": - { - "Create wallet with BPN": - { - "description": "Create wallet with BPN", - "value": - { - "bpn": "BPNL000000000001", - "name": "companyA" - } - } - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/Wallet" - } - } - } - } - } - } - }, - "/api/wallets/{identifier}/credentials": - { - "post": - { - "tags": - [ - "Wallets" - ], - "summary": "Store Verifiable Credential", - "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of wallet to extract credentials from must equal BPN of caller) \n\n Store a verifiable credential in the wallet of the given identifier", - "operationId": "storeCredential", - "parameters": - [ - { - "name": "identifier", - "in": "path", - "description": "Did or BPN", - "required": true, - "schema": - { - "type": "string" - } - } - ], - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - }, - "example": - { - "id": "http://example.edu/credentials/3732", - "@context": - [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": - [ - "University-Degree-Credential", - "VerifiableCredential" - ], - "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "issuanceDate": "2019-06-16T18:56:59Z", - "expirationDate": "2019-06-17T18:56:59Z", - "credentialSubject": - [ - { - "college": "Test-University" - } - ], - "proof": - { - "type": "Ed25519Signature2018", - "created": "2021-11-17T22:20:27Z", - "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1", - "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg" - } - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "string" - } - } - } - } - } - } - } - }, - "/api/presentations": - { - "post": - { - "tags": - [ - "Verifiable Presentations - Generation" - ], - "summary": "Create Verifiable Presentation", - "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Presentation must equal to BPN of caller) \n\n Create a verifiable presentation from a list of verifiable credentials, signed by the holder", - "operationId": "createPresentation", - "parameters": - [ - { - "name": "audience", - "in": "query", - "required": false, - "schema": - { - "type": "string" - } - }, - { - "name": "asJwt", - "in": "query", - "required": false, - "schema": - { - "type": "boolean", - "default": false - } - } - ], - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - }, - "example": - { - "holderIdentifier": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "verifiableCredentials": - [ - { - "id": "http://example.edu/credentials/333", - "@context": - [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": - [ - "University-Degree-Credential", - "VerifiableCredential" - ], - "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "issuanceDate": "2019-06-16T18:56:59Z", - "expirationDate": "2019-06-17T18:56:59Z", - "credentialSubject": - [ - { - "college": "Test-University" - } - ], - "proof": - { - "type": "Ed25519Signature2018", - "created": "2021-11-17T22:20:27Z", - "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#keys-1", - "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg" - } - } - ] - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - } - } - } - } - } - } - }, - "/api/presentations/validation": - { - "post": - { - "tags": - [ - "Verifiable Presentations - Validation" - ], - "summary": "Validate Verifiable Presentation", - "description": "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Presentation with all included credentials", - "operationId": "validatePresentation", - "parameters": - [ - { - "name": "audience", - "in": "query", - "description": "Audience to validate in VP (Only supported in case of JWT formatted VP)", - "required": false, - "schema": - { - "type": "string" - } - }, - { - "name": "asJwt", - "in": "query", - "description": "Pass true in case of VP is in JWT format", - "required": false, - "schema": - { - "type": "boolean", - "default": false - } - }, - { - "name": "withCredentialExpiryDate", - "in": "query", - "description": "Check expiry of VC(Only supported in case of JWT formatted VP)", - "required": false, - "schema": - { - "type": "boolean", - "default": false - } - } - ], - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - }, - "examples": - { - "VP as JWT": - { - "description": "VP as JWT", - "value": - { - "vp": "eyJhbGciOiJFZERTQSJ9.eyJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiYXVkIjoic21hcnRTZW5zZSIsImlzcyI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJ2cCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAjMWQ2ODg4N2EtMzY4NC00ZDU0LWFkYjAtMmM4MWJiNjc4NTJiIiwidHlwZSI6WyJWZXJpZmlhYmxlUHJlc2VudGF0aW9uIl0sIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sInZlcmlmaWFibGVDcmVkZW50aWFsIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJCcG5DcmVkZW50aWFsQ1giXSwiaWQiOiJhY2I5NTIyZi1kYjIyLTRmOTAtOTQ3NS1jM2YzNTExZjljZGUiLCJpc3N1ZXIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wNi0wMVQwODo1Nzo1MFoiLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjQtMTItMzFUMTg6MzA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYnBuIjoiQlBOTDAwMDAwMDAwMDAwMCIsImlkIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCIsInR5cGUiOiJCcG5DcmVkZW50aWFsIn0sInByb29mIjp7InByb29mUHVycG9zZSI6InByb29mUHVycG9zZSIsInZlcmlmaWNhdGlvbk1ldGhvZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJ0eXBlIjoiRWQyNTUxOVNpZ25hdHVyZTIwMjAiLCJwcm9vZlZhbHVlIjoiejRkdUJmY0NzYVN6aU5lVXc4WUJ5eUZkdlpYVzhlQUs5MjhkeDNQeExqV0N2S3p0Slo5bWh4aEh3ZTVCdVRRUW5KRmtvb01nUUdLREU0OGNpTHJHaHBzUEEiLCJjcmVhdGVkIjoiMjAyMy0wNi0wMVQwODo1Nzo1MFoifX19LCJleHAiOjE2ODU2ODEwNTIsImp0aSI6IjFhYmQxYjAxLTBkZTUtNGY1Ny04ZjBlLWRmNzBhNzNkMjE2NyJ9.Hfm-ANjoeZ8fO-32LPOsQ3-xXSclPUd28p9hvlWyVVB0Mz7n0k-KAHra5kpT0oGrGtdhC1lZ0AitdB_td6VrAQ" - } - }, - "VP as json-ld": - { - "description": "VP as json-ld", - "value": - { - "vp": - { - "id": "b9d97cef-758d-4a7c-843d-86f17632b08a", - "type": - [ - "VerifiablePresentation" - ], - "@context": - [ - "https://www.w3.org/2018/credentials/v1" - ], - "verifiableCredential": - [ - { - "issuanceDate": "2023-06-01T08:57:50Z", - "credentialSubject": - [ - { - "bpn": "BPNL000000000000", - "id": "did:web:localhost:BPNL000000000000", - "type": "BpnCredential" - } - ], - "id": "acb9522f-db22-4f90-9475-c3f3511f9cde", - "proof": - { - "proofPurpose": "proofPurpose", - "verificationMethod": "did:web:localhost:BPNL000000000000", - "type": "Ed25519Signature2020", - "proofValue": "z4duBfcCsaSziNeUw8YByyFdvZXW8eAK928dx3PxLjWCvKztJZ9mhxhHwe5BuTQQnJFkooMgQGKDE48ciLrGhpsPA", - "created": "2023-06-01T08:57:50Z" - }, - "type": - [ - "VerifiableCredential", - "BpnCredentialCX" - ], - "@context": - [ - "https://www.w3.org/2018/credentials/v1", - "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json" - ], - "issuer": "did:web:localhost:BPNL000000000000", - "expirationDate": "2024-12-31T18:30:00Z" - } - ] - } - } - } - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - } - } - } - } - } - } - }, - "/api/credentials": - { - "get": - { - "tags": - [ - "Verifiable Credential - Holder" - ], - "summary": "Query Verifiable Credentials", - "description": "Permission: **view_wallets** OR **view_wallet** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria", - "operationId": "getCredentials", - "parameters": - [ - { - "name": "credentialId", - "in": "query", - "required": false, - "schema": - { - "type": "string" - } - }, - { - "name": "issuerIdentifier", - "in": "query", - "required": false, - "schema": - { - "type": "string" - } - }, - { - "name": "type", - "in": "query", - "required": false, - "schema": - { - "type": "array", - "items": - { - "type": "string" - } - } - }, - { - "name": "sortColumn", - "in": "query", - "required": false, - "schema": - { - "type": "string", - "default": "createdAt" - } - }, - { - "name": "sortTpe", - "in": "query", - "required": false, - "schema": - { - "type": "string", - "default": "desc" - } - }, - { - "name": "pageNumber", - "in": "query", - "description": "Page number, Page number start with zero", - "required": false, - "schema": - { - "maximum": 2147483647, - "minimum": 0, - "type": "integer", - "format": "int32", - "default": 0 - } - }, - { - "name": "size", - "in": "query", - "description": "Number of records per page", - "required": false, - "schema": - { - "maximum": 2147483647, - "minimum": 0, - "type": "integer", - "format": "int32", - "default": 2147483647 - } - } - ], - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/PageImplVerifiableCredential" - } - } - } - } - } - }, - "post": - { - "tags": - [ - "Verifiable Credential - Holder" - ], - "summary": "Issue Verifiable Credential", - "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Credential must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID", - "operationId": "issueCredential", - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - }, - "example": - { - "id": "http://example.edu/credentials/333", - "@context": - [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": - [ - "University-Degree-Credential", - "VerifiableCredential" - ], - "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "issuanceDate": "2019-06-16T18:56:59Z", - "expirationDate": "2019-06-17T18:56:59Z", - "credentialSubject": - [ - { - "college": "Test-University" - } - ] - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/VerifiableCredential" - } - } - } - } - } - }, - "delete": - { - "tags": - [ - "Verifiable Credential - Holder" - ], - "summary": "Delete a verifiable credential by its ID", - "description": "Permission: **update_wallet** (The BPN of holderIdentifier must equal BPN of caller)\n\n Delete a verifiable credential by its ID", - "operationId": "deleteCredential", - "parameters": - [ - { - "name": "id", - "in": "query", - "required": true, - "schema": - { - "type": "string" - } - } - ], - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "type": "object" - } - } - } - } - } - } - }, - "/api/credentials/validation": - { - "post": - { - "tags": - [ - "Verifiable Credential - Validation" - ], - "summary": "Validate Verifiable Credentials", - "description": "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Credentials", - "operationId": "credentialsValidation", - "parameters": - [ - { - "name": "withCredentialExpiryDate", - "in": "query", - "description": "Check expiry of VC", - "required": false, - "schema": - { - "type": "boolean", - "default": false - } - } - ], - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - }, - "example": - { - "id": "http://example.edu/credentials/333", - "@context": - [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": - [ - "University-Degree-Credential", - "VerifiableCredential" - ], - "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "issuanceDate": "2019-06-16T18:56:59Z", - "expirationDate": "2019-06-17T18:56:59Z", - "credentialSubject": - [ - { - "college": "Test-University" - } - ], - "proof": - { - "type": "Ed25519Signature2018", - "created": "2021-11-17T22:20:27Z", - "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#keys-1", - "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg" - } - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - } - } - } - } - } - } - }, - "/api/credentials/issuer": - { - "get": - { - "tags": - [ - "Verifiable Credential - Issuer" - ], - "summary": "Query Verifiable Credentials", - "description": "Permission: **view_wallets** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria", - "operationId": "getCredentials_1", - "parameters": - [ - { - "name": "credentialId", - "in": "query", - "required": false, - "schema": - { - "type": "string" - } - }, - { - "name": "holderIdentifier", - "in": "query", - "required": false, - "schema": - { - "type": "string" - } - }, - { - "name": "type", - "in": "query", - "required": false, - "schema": - { - "type": "array", - "items": - { - "type": "string" - } - } - }, - { - "name": "pageNumber", - "in": "query", - "description": "Page number, Page number start with zero", - "required": false, - "schema": - { - "maximum": 2147483647, - "minimum": 0, - "type": "integer", - "format": "int32", - "default": 0 - } - }, - { - "name": "size", - "in": "query", - "description": "Number of records per page", - "required": false, - "schema": - { - "maximum": 2147483647, - "minimum": 0, - "type": "integer", - "format": "int32", - "default": 2147483647 - } - }, - { - "name": "sortColumn", - "in": "query", - "required": false, - "schema": - { - "type": "string", - "default": "createdAt" - } - }, - { - "name": "sortTpe", - "in": "query", - "required": false, - "schema": - { - "type": "string", - "default": "desc" - } - } - ], - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/PageImplVerifiableCredential" - } - } - } - } - } - }, - "post": - { - "tags": - [ - "Verifiable Credential - Issuer" - ], - "summary": "Issue Verifiable Credential", - "description": "Permission: **update_wallets** (The BPN of the base wallet must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID", - "operationId": "issueCredentialUsingBaseWallet", - "parameters": - [ - { - "name": "holderDid", - "in": "query", - "required": true, - "schema": - { - "type": "string" - } - } - ], - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "type": "object", - "additionalProperties": - { - "type": "object" - } - }, - "example": - { - "id": "http://example.edu/credentials/333", - "@context": - [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": - [ - "University-Degree-Credential", - "VerifiableCredential" - ], - "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "issuanceDate": "2019-06-16T18:56:59Z", - "expirationDate": "2019-06-17T18:56:59Z", - "credentialSubject": - [ - { - "college": "Test-University" - } - ] - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/VerifiableCredential" - } - } - } - } - } - } - }, - "/api/credentials/issuer/membership": - { - "post": - { - "tags": - [ - "Verifiable Credential - Issuer" - ], - "summary": "Issue a Membership Verifiable Credential with base wallet issuer", - "description": "Permission: **update_wallets** (The BPN of base wallet must equal BPN of caller)\n\n Issue a verifiable credential by base wallet", - "operationId": "issueMembershipCredential", - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/IssueMembershipCredentialRequest" - }, - "example": - { - "bpn": "BPNL000000000000" - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/VerifiableCredential" - } - } - } - } - } - } - }, - "/api/credentials/issuer/framework": - { - "post": - { - "tags": - [ - "Verifiable Credential - Issuer" - ], - "summary": "Issue a Use Case Verifiable Credential with base wallet issuer", - "description": "Permission: **update_wallets** (The BPN of base wallet must equal BPN of caller)\n\n Issue a verifiable credential by base wallet", - "operationId": "issueFrameworkCredential", - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/IssueFrameworkCredentialRequest" - }, - "example": - { - "holderIdentifier": "BPNL000000000000", - "type": "BehaviorTwinCredential", - "contract-template": "https://public.catena-x.org/contracts/traceabilty.v1.pdf", - "contract-version": "1.0.0" - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/VerifiableCredential" - } - } - } - } - } - } - }, - "/api/credentials/issuer/dismantler": - { - "post": - { - "tags": - [ - "Verifiable Credential - Issuer" - ], - "summary": "Issue a Dismantler Verifiable Credential with base wallet issuer", - "description": "Permission: **update_wallets** (The BPN of base wallet must equal BPN of caller)\n\n Issue a verifiable credential by base wallet", - "operationId": "issueDismantlerCredential", - "requestBody": - { - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/IssueDismantlerCredentialRequest" - }, - "example": - { - "bpn": "BPNL000000000000", - "activityType": "vehicleDismantle", - "allowedVehicleBrands": - [ - "Audi", - "Abarth", - "Alfa Romeo", - "Chrysler" - ] - } - } - }, - "required": true - }, - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/VerifiableCredential" - } - } - } - } - } - } - }, - "/{bpn}/did.json": - { - "get": - { - "tags": - [ - "DIDDocument" - ], - "summary": "Resolve DID Document", - "description": "Resolve the DID document for a given BPN", - "operationId": "getDidResolve", - "parameters": - [ - { - "name": "bpn", - "in": "path", - "description": "Did or BPN", - "required": true, - "schema": - { - "type": "string" - } - } - ], - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/DidDocument" - } - } - } - } - } - } - }, - "/api/wallets/{identifier}": - { - "get": - { - "tags": - [ - "Wallets" - ], - "summary": "Retrieve wallet by identifier", - "description": "Permission: **view_wallets** OR **view_wallet** (The BPN of Wallet to retrieve must equal the BPN of caller or Base wallet, authority wallet can see all wallets) \n\n Retrieve single wallet by identifier, with or without its credentials", - "operationId": "getWalletByIdentifier", - "parameters": - [ - { - "name": "identifier", - "in": "path", - "description": "Did or BPN", - "required": true, - "schema": - { - "type": "string" - } - }, - { - "name": "withCredentials", - "in": "query", - "required": false, - "schema": - { - "type": "boolean", - "default": false - } - } - ], - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/Wallet" - } - } - } - } - } - } - }, - "/api/didDocuments/{identifier}": - { - "get": - { - "tags": - [ - "DIDDocument" - ], - "summary": "Resolve DID Document", - "description": "Resolve the DID document for a given DID or BPN", - "operationId": "getDidDocument", - "parameters": - [ - { - "name": "identifier", - "in": "path", - "description": "Did or BPN", - "required": true, - "schema": - { - "type": "string" - } - } - ], - "responses": - { - "200": - { - "description": "OK", - "content": - { - "application/json": - { - "schema": - { - "$ref": "#/components/schemas/DidDocument" - } - } - } - } - } - } - } - }, - "components": - { - "schemas": - { - "CreateWalletRequest": - { - "required": - [ - "bpn", - "name" - ], - "type": "object", - "properties": - { - "bpn": - { - "maxLength": 255, - "minLength": 5, - "type": "string" - }, - "name": - { - "maxLength": 255, - "minLength": 1, - "type": "string" - } - } - }, - "DidDocument": - { - "type": "object", - "properties": - { - "id": - { - "type": "string", - "format": "uri" - }, - "verificationMethods": - { - "type": "array", - "items": - { - "$ref": "#/components/schemas/VerificationMethod" - } - }, - "context": - { - "type": "array", - "items": - { - "type": "string", - "format": "uri" - } - }, - "empty": - { - "type": "boolean" - } - }, - "additionalProperties": - { - "type": "object" - } - }, - "VerifiableCredential": - { - "type": "object", - "properties": - { - "id": - { - "type": "string", - "format": "uri" - }, - "types": - { - "type": "array", - "items": - { - "type": "string" - } - }, - "issuer": - { - "type": "string", - "format": "uri" - }, - "expirationDate": - { - "type": "string", - "format": "date-time" - }, - "credentialSubject": - { - "type": "array", - "items": - { - "$ref": "#/components/schemas/VerifiableCredentialSubject" - } - }, - "proof": - { - "type": "object", - "properties": - { - "type": - { - "type": "string" - }, - "empty": - { - "type": "boolean" - } - }, - "additionalProperties": - { - "type": "object" - } - }, - "issuanceDate": - { - "type": "string", - "format": "date-time" - }, - "context": - { - "type": "array", - "items": - { - "type": "string", - "format": "uri" - } - }, - "empty": - { - "type": "boolean" - } - }, - "additionalProperties": - { - "type": "object" - } - }, - "VerifiableCredentialSubject": - { - "type": "object", - "properties": - { - "id": - { - "type": "string", - "format": "uri" - }, - "empty": - { - "type": "boolean" - } - }, - "additionalProperties": - { - "type": "object" - } - }, - "VerificationMethod": - { - "type": "object", - "properties": - { - "id": - { - "type": "string", - "format": "uri" - }, - "type": - { - "type": "string" - }, - "controller": - { - "type": "string", - "format": "uri" - }, - "empty": - { - "type": "boolean" - } - }, - "additionalProperties": - { - "type": "object" - } - }, - "Wallet": - { - "type": "object", - "properties": - { - "name": - { - "type": "string" - }, - "did": - { - "type": "string" - }, - "bpn": - { - "type": "string" - }, - "algorithm": - { - "type": "string" - }, - "didDocument": - { - "type": "object", - "properties": - { - "id": - { - "type": "string", - "format": "uri" - }, - "verificationMethods": - { - "type": "array", - "items": - { - "$ref": "#/components/schemas/VerificationMethod" - } - }, - "context": - { - "type": "array", - "items": - { - "type": "string", - "format": "uri" - } - }, - "empty": - { - "type": "boolean" - } - }, - "additionalProperties": - { - "type": "object" - } - }, - "verifiableCredentials": - { - "type": "array", - "items": - { - "$ref": "#/components/schemas/VerifiableCredential" - } - } - } - }, - "IssueMembershipCredentialRequest": - { - "required": - [ - "bpn" - ], - "type": "object", - "properties": - { - "bpn": - { - "maxLength": 255, - "minLength": 5, - "type": "string" - } - } - }, - "IssueFrameworkCredentialRequest": - { - "required": - [ - "contract-template", - "contract-version", - "holderIdentifier", - "type" - ], - "type": "object", - "properties": - { - "holderIdentifier": - { - "maxLength": 255, - "minLength": 5, - "type": "string" - }, - "type": - { - "type": "string" - }, - "contract-template": - { - "type": "string" - }, - "contract-version": - { - "type": "string" - } - } - }, - "IssueDismantlerCredentialRequest": - { - "required": - [ - "activityType", - "bpn" - ], - "type": "object", - "properties": - { - "bpn": - { - "maxLength": 255, - "minLength": 5, - "type": "string" - }, - "activityType": - { - "maxLength": 2147483647, - "minLength": 1, - "type": "string" - }, - "allowedVehicleBrands": - { - "uniqueItems": true, - "type": "array", - "items": - { - "type": "string" - } - } - } - }, - "PageWallet": - { - "type": "object", - "properties": - { - "totalElements": - { - "type": "integer", - "format": "int64" - }, - "totalPages": - { - "type": "integer", - "format": "int32" - }, - "size": - { - "type": "integer", - "format": "int32" - }, - "content": - { - "type": "array", - "items": - { - "$ref": "#/components/schemas/Wallet" - } - }, - "number": - { - "type": "integer", - "format": "int32" - }, - "sort": - { - "$ref": "#/components/schemas/SortObject" - }, - "pageable": - { - "$ref": "#/components/schemas/PageableObject" - }, - "numberOfElements": - { - "type": "integer", - "format": "int32" - }, - "first": - { - "type": "boolean" - }, - "last": - { - "type": "boolean" - }, - "empty": - { - "type": "boolean" - } - } - }, - "PageableObject": - { - "type": "object", - "properties": - { - "offset": - { - "type": "integer", - "format": "int64" - }, - "sort": - { - "$ref": "#/components/schemas/SortObject" - }, - "pageNumber": - { - "type": "integer", - "format": "int32" - }, - "pageSize": - { - "type": "integer", - "format": "int32" - }, - "paged": - { - "type": "boolean" - }, - "unpaged": - { - "type": "boolean" - } - } - }, - "SortObject": - { - "type": "object", - "properties": - { - "empty": - { - "type": "boolean" - }, - "sorted": - { - "type": "boolean" - }, - "unsorted": - { - "type": "boolean" - } - } - }, - "PageImplVerifiableCredential": - { - "type": "object", - "properties": - { - "content": - { - "type": "array", - "items": - { - "$ref": "#/components/schemas/VerifiableCredential" - } - }, - "pageable": - { - "$ref": "#/components/schemas/PageableObject" - }, - "totalElements": - { - "type": "integer", - "format": "int64" - }, - "totalPages": - { - "type": "integer", - "format": "int32" - }, - "last": - { - "type": "boolean" - }, - "size": - { - "type": "integer", - "format": "int32" - }, - "number": - { - "type": "integer", - "format": "int32" - }, - "sort": - { - "$ref": "#/components/schemas/SortObject" - }, - "numberOfElements": - { - "type": "integer", - "format": "int32" - }, - "first": - { - "type": "boolean" - }, - "empty": - { - "type": "boolean" - } - } - } - }, - "securitySchemes": - { - "Authenticate using access_token": - { - "type": "apiKey", - "description": "**Bearer (apiKey)** \nJWT Authorization header using the Bearer scheme.\n\nEnter **Bearer** [space] and then your token in the text input below.\n\nExample: Bearer 12345abcdef", - "name": "Authorization", - "in": "header" - } - } - } -} \ No newline at end of file diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java index 8b16fdaff..ace19aacd 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java @@ -97,9 +97,9 @@ public ResponseEntity> getCredentials(@RequestPar "https://www.w3.org/2018/credentials/examples/v1" ], "type": [ - "University-Degree-Credential","VerifiableCredential" + "VerifiableCredential", "University-Degree-Credential" ], - "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", + "issuer": "did:web:localhost:BPNL000000000000", "issuanceDate": "2019-06-16T18:56:59Z", "expirationDate": "2019-06-17T18:56:59Z", "credentialSubject": [{ diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java index 1e533b4b4..29c6f3012 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java @@ -175,28 +175,38 @@ public ResponseEntity issueFrameworkCredential(@Valid @Req @io.swagger.v3.oas.annotations.parameters.RequestBody(content = { @Content(examples = @ExampleObject(""" { - "id": "http://example.edu/credentials/333", - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": [ - "University-Degree-Credential", "VerifiableCredential" - ], - "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "issuanceDate": "2019-06-16T18:56:59Z", - "expirationDate": "2019-06-17T18:56:59Z", - "credentialSubject": [{ - "college": "Test-University" - }], - "proof": { - "type": "Ed25519Signature2018", - "created": "2021-11-17T22:20:27Z", - "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#keys-1", - "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg" - } - } + "credentialSubject": + [ + { + "bpn": "BPNL000000000000", + "id": "did:web:localhost:BPNL000000000000", + "type": "BpnCredential" + } + ], + "issuanceDate": "2023-07-14T11:05:44Z", + "id": "did:web:localhost:BPNL000000000000#f177b3e9-bbf9-45db-bc3d-80152abcb419", + "proof": + { + "created": "2023-07-14T11:05:48Z", + "jws": "eyJhbGciOiJFZERTQSJ9..C4oYBfTh11OKG0yV0qoCQxF6zZWZLb9dPXJCP6oCtpyB_sSc8o6cPhByKwf-0o7ElsUr0mh6AGPwGxdoOijfDw", + "proofPurpose": "proofPurpose", + "type": "JsonWebSignature2020", + "verificationMethod": "did:web:localhost:BPNL000000000000#" + }, + "type": + [ + "VerifiableCredential", + "BpnCredential" + ], + "@context": + [ + "https://www.w3.org/2018/credentials/v1", + "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json", + "https://w3id.org/security/suites/jws-2020/v1" + ], + "issuer": "did:web:localhost:BPNL000000000000", + "expirationDate": "2023-09-30T18:30:00Z" + } """)) }) public ResponseEntity> credentialsValidation(@RequestBody Map data, @@ -225,7 +235,7 @@ public ResponseEntity> credentialsValidation(@RequestBody Ma "https://www.w3.org/2018/credentials/examples/v1" ], "type": [ - "University-Degree-Credential","VerifiableCredential" + "VerifiableCredential", "University-Degree-Credential" ], "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", "issuanceDate": "2019-06-16T18:56:59Z", diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/PresentationController.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/PresentationController.java index 92a725242..81ec135dc 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/PresentationController.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/PresentationController.java @@ -67,33 +67,44 @@ public class PresentationController extends BaseController { @io.swagger.v3.oas.annotations.parameters.RequestBody(content = { @Content(examples = @ExampleObject(""" { - "holderIdentifier": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "verifiableCredentials": [ - { - "id": "http://example.edu/credentials/333", - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://www.w3.org/2018/credentials/examples/v1" - ], - "type": [ - "University-Degree-Credential", "VerifiableCredential" - ], - "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f", - "issuanceDate": "2019-06-16T18:56:59Z", - "expirationDate": "2019-06-17T18:56:59Z", - "credentialSubject": [{ - "college": "Test-University" - }], - "proof": { - "type": "Ed25519Signature2018", - "created": "2021-11-17T22:20:27Z", - "proofPurpose": "assertionMethod", - "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#keys-1", - "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg" - } - } - ] - } + "holderIdentifier": "did:web:localhost:BPNL000000000000", + "verifiableCredentials": + [ + { + "credentialSubject": + [ + { + "bpn": "BPNL000000000000", + "id": "did:web:localhost:BPNL000000000000", + "type": "BpnCredential" + } + ], + "issuanceDate": "2023-07-14T11:05:44Z", + "id": "did:web:localhost:BPNL000000000000#f177b3e9-bbf9-45db-bc3d-80152abcb419", + "proof": + { + "created": "2023-07-14T11:05:48Z", + "jws": "eyJhbGciOiJFZERTQSJ9..C4oYBfTh11OKG0yV0qoCQxF6zZWZLb9dPXJCP6oCtpyB_sSc8o6cPhByKwf-0o7ElsUr0mh6AGPwGxdoOijfDw", + "proofPurpose": "proofPurpose", + "type": "JsonWebSignature2020", + "verificationMethod": "did:web:localhost:BPNL000000000000#" + }, + "type": + [ + "VerifiableCredential", + "BpnCredential" + ], + "@context": + [ + "https://www.w3.org/2018/credentials/v1", + "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json", + "https://w3id.org/security/suites/jws-2020/v1" + ], + "issuer": "did:web:localhost:BPNL000000000000", + "expirationDate": "2023-09-30T18:30:00Z" + } + ] + } """)) }) public ResponseEntity> createPresentation(@RequestBody Map data, @@ -127,45 +138,54 @@ public ResponseEntity> createPresentation(@RequestBody Map Date: Tue, 18 Jul 2023 14:44:51 +0530 Subject: [PATCH 11/11] fix: Veracode finding for CVE-2023-24998 --- build.gradle | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/build.gradle b/build.gradle index 56badd693..bd114e96d 100644 --- a/build.gradle +++ b/build.gradle @@ -3,6 +3,8 @@ plugins { id 'org.springframework.boot' version "${springBootVersion}" id 'io.spring.dependency-management' version "${springDependencyVersion}" id "jacoco" + id 'project-report' + } group = "${groupName}" @@ -53,6 +55,10 @@ dependencies { //Added explicitly to mitigate CVE 2022-1471 implementation group: 'org.yaml', name: 'snakeyaml', version: '2.0' + //Added explicitly to mitigate CVE 2023-24998 + implementation group: 'commons-fileupload', name: 'commons-fileupload', version: '1.5' + + testImplementation 'org.projectlombok:lombok:1.18.28' runtimeOnly 'org.postgresql:postgresql' compileOnly 'org.projectlombok:lombok' @@ -88,6 +94,10 @@ test { finalizedBy jacocoTestReport } +htmlDependencyReport { + projects = project.allprojects +} + jacocoTestReport { dependsOn test