diff --git a/.github/actions/setup-java/action.yml b/.github/actions/setup-java/action.yml
new file mode 100644
index 0000000..78839fe
--- /dev/null
+++ b/.github/actions/setup-java/action.yml
@@ -0,0 +1,31 @@
+#
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+---
+name: "Setup JDK 21"
+description: "Setup JDK 21"
+runs:
+ using: "composite"
+ steps:
+ - name: Setup JDK 21
+ uses: actions/setup-java@v3.11.0
+ with:
+ java-version: '21'
+ distribution: 'temurin'
+ cache: 'gradle'
diff --git a/.github/dependabot.yml b/.github/dependabot.yaml
similarity index 100%
rename from .github/dependabot.yml
rename to .github/dependabot.yaml
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
new file mode 100644
index 0000000..be491ab
--- /dev/null
+++ b/.github/workflows/codeql.yaml
@@ -0,0 +1,93 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ "main" ]
+ paths-ignore:
+ - "**/*.md"
+ - "**/*.txt"
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ "main" ]
+ paths-ignore:
+ - "**/*.md"
+ - "**/*.txt"
+ schedule:
+ - cron: "0 0 * * 0"
+ workflow_dispatch:
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ timeout-minutes: 360
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ "java" ] # Define languages here
+ # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ]
+ # Use only 'java' to analyze code written in Java, Kotlin or both
+ # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+ # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v3
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ with:
+ languages: ${{ matrix.language }}
+ # If you wish to specify custom queries, you can do so here or in a config file
+ # By default, queries listed here will override any specified in a config file
+ # Prefix the list here with "+" to use these queries and those in the config file
+
+ # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+ # Use +security-extended,security-and-quality for wider security and better code quality
+ queries: +security-extended,security-and-quality
+
+ # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift)
+ # Automates dependency installation for Python, Ruby, and JavaScript, optimizing the CodeQL analysis setup
+ # If this step fails, then you should remove it and run the build manually (see below)
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v2
+
+ # âšī¸ Command-line programs to run using the OS shell.
+ # đ See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+ # If the Autobuild fails above, remove it and uncomment the following three lines modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance
+
+ # - run: |
+ # echo "Run, Build Application using script"
+ # ./location_of_script_within_repo/buildscript.sh
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v3
+ with:
+ category: "/language:${{matrix.language}}"
+ fail-on: error
diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml
new file mode 100644
index 0000000..4451dea
--- /dev/null
+++ b/.github/workflows/helm-release.yml
@@ -0,0 +1,53 @@
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# SPDX-License-Identifier: Apache-2.0
+
+name: Release - Helm Charts
+
+on:
+ push:
+ paths:
+ - 'charts/**'
+ branches:
+ - main
+ workflow_dispatch:
+
+jobs:
+ release:
+ permissions:
+ contents: write
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ - name: Configure Git
+ run: |
+ git config user.name "$GITHUB_ACTOR"
+ git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+ - name: Install Helm
+ uses: azure/setup-helm@v3
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Run chart-releaser
+ uses: helm/chart-releaser-action@v1.4.1
+ env:
+ CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/kics.yaml b/.github/workflows/kics.yaml
new file mode 100644
index 0000000..a89a038
--- /dev/null
+++ b/.github/workflows/kics.yaml
@@ -0,0 +1,72 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+name: "KICS"
+
+on:
+ push:
+ branches: [ main ]
+ # pull_request:
+ # The branches below must be a subset of the branches above
+ # branches: [main, master]
+ # paths-ignore:
+ # - "**/*.md"
+ # - "**/*.txt"
+ schedule:
+ - cron: "0 0 * * *"
+ workflow_dispatch:
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: KICS scan
+ uses: checkmarx/kics-github-action@master
+ with:
+ # Scanning directory .
+ path: "."
+ # Exclude paths from scan by providing the paths as comma separated list
+ # exclude_paths: "postgres-init.yaml,templates/sharedidp.yaml"
+ # Exclude queries by providing the query / rule ID as comma separated list
+ # exclude_queries: "b9c83569-459b-4110-8f79-6305aa33cb37"
+ # Fail on HIGH severity results
+ fail_on: high
+ # Disable secrets detection - we use GitGuardian
+ disable_secrets: true
+ # When provided with a directory on output_path
+ # it will generate the specified reports file named 'results.{extension}'
+ # in this example it will generate:
+ # - results-dir/results.json and results-dir/results.sarif
+ output_path: kicsResults/
+ output_formats: "json,sarif"
+
+ # Upload findings to GitHub Advanced Security Dashboard
+ - name: Upload SARIF file for GitHub Advanced Security Dashboard
+ if: always()
+ uses: github/codeql-action/upload-sarif@v2
+ with:
+ sarif_file: kicsResults/results.sarif
diff --git a/.github/workflows/verify.yaml b/.github/workflows/verify.yaml
new file mode 100644
index 0000000..a42bfce
--- /dev/null
+++ b/.github/workflows/verify.yaml
@@ -0,0 +1,57 @@
+#
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+---
+name: "Verify"
+
+on:
+ workflow_call:
+ # Allows you to run this workflow manually from the Actions tab
+ workflow_dispatch:
+
+jobs:
+
+ verify-license-headers:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v3.5.2
+ - name: "Check for files without a license header"
+ run: |-
+ # checks all java, yaml, kts and sql files for an Apache 2.0 license header
+ cmd="grep -riL \"SPDX-License-Identifier: Apache-2.0\" --include=\*.{java,yaml,yml,kts,sql} --exclude-dir={.gradle,\*\openapi} ."
+ violations=$(eval $cmd | wc -l)
+ if [[ $violations -ne 0 ]] ; then
+ echo "$violations files without license headers were found:";
+ eval $cmd;
+ exit 1;
+ fi
+
+ verify-dependencies:
+ uses: eclipse-edc/.github/.github/workflows/dependency-check.yml@main
+
+ unit-tests:
+ runs-on: ubuntu-latest
+ needs: [ verify-dependencies, verify-license-headers ]
+ steps:
+ - uses: actions/checkout@v3.5.2
+
+ - uses: ./.github/actions/setup-java
+
+ - name: Run Unit tests
+ run: ./gradlew test
diff --git a/.gitignore b/.gitignore
index e1b5f2c..4193ff6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -80,3 +80,5 @@ deps.txt
.env
.idea/codeStyles/Project.xml
+charts/**/values-*.yaml
+**/charts/*.tgz
diff --git a/.idea/codeStyles/codeStyleConfig.xml b/.idea/codeStyles/codeStyleConfig.xml
index de1bbda..aa86ab9 100644
--- a/.idea/codeStyles/codeStyleConfig.xml
+++ b/.idea/codeStyles/codeStyleConfig.xml
@@ -22,6 +22,5 @@
-
diff --git a/AUTHORS.md b/AUTHORS.md
index e69de29..607950d 100644
--- a/AUTHORS.md
+++ b/AUTHORS.md
@@ -0,0 +1,9 @@
+# Authors
+
+The following people have contributed to this repository:
+
+* Julia Jeroch, Cofinity-X GmbH, https://github.com/jjeroch
+* Hakan Yildiz, Cofinity-X GmbH, https://github.com/hkny
+* Ronak Thacker, Cofinity-X GmbH, https://github.com/thackerronak
+* Leandro Willians Cavalcante Farias, Cofinity-X GmbH, https://github.com/leandro-cavalcante
+* Nitin Vavdiya, Cofinity-X GmbH, https://github.com/nitin-vavdiya
diff --git a/DEPENDENCIES b/DEPENDENCIES
index e69de29..03be8b2 100644
--- a/DEPENDENCIES
+++ b/DEPENDENCIES
@@ -0,0 +1,205 @@
+maven/mavencentral/ch.qos.logback/logback-classic/1.5.6, EPL-1.0 AND LGPL-2.1-only, approved, #15279
+maven/mavencentral/ch.qos.logback/logback-core/1.5.6, EPL-1.0 AND LGPL-2.1-only, approved, #15210
+maven/mavencentral/com.apicatalog/carbon-did/0.3.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/com.apicatalog/copper-multibase/0.5.0, Apache-2.0, approved, #14501
+maven/mavencentral/com.apicatalog/copper-multicodec/0.1.1, Apache-2.0, approved, #14500
+maven/mavencentral/com.apicatalog/iron-verifiable-credentials/0.14.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/com.apicatalog/titanium-json-ld/1.4.0, Apache-2.0, approved, #15200
+maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.17.2, Apache-2.0, approved, #13672
+maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.17.2, , approved, #13665
+maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.17.2, Apache-2.0, approved, #13671
+maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.17.2, Apache-2.0, approved, #13669
+maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.17.2, Apache-2.0, approved, #15117
+maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.17.2, Apache-2.0, approved, #14160
+maven/mavencentral/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-base/2.17.2, Apache-2.0, approved, #14194
+maven/mavencentral/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider/2.17.2, Apache-2.0, approved, #14195
+maven/mavencentral/com.fasterxml.jackson.module/jackson-module-jakarta-xmlbind-annotations/2.17.2, Apache-2.0, approved, #13668
+maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.17.2, Apache-2.0, approved, #15122
+maven/mavencentral/com.fasterxml.jackson/jackson-bom/2.17.2, Apache-2.0, approved, #14162
+maven/mavencentral/com.github.curious-odd-man/rgxgen/2.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/com.github.java-json-tools/json-patch/1.13, Apache-2.0 OR LGPL-3.0-or-later, approved, CQ23929
+maven/mavencentral/com.google.code.findbugs/jsr305/3.0.2, CC-BY-2.5, approved, #15220
+maven/mavencentral/com.google.code.gson/gson/2.10.1, Apache-2.0, approved, #6159
+maven/mavencentral/com.google.crypto.tink/tink/1.13.0, Apache-2.0, approved, #14502
+maven/mavencentral/com.google.errorprone/error_prone_annotations/2.22.0, Apache-2.0, approved, #10661
+maven/mavencentral/com.google.protobuf/protobuf-java/3.25.1, BSD-3-Clause, approved, clearlydefined
+maven/mavencentral/com.ibm.async/asyncutil/0.1.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/com.jayway.jsonpath/json-path/2.9.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.40, Apache-2.0, approved, #15156
+maven/mavencentral/com.sun.istack/istack-commons-runtime/4.1.2, BSD-3-Clause, approved, #15290
+maven/mavencentral/com.sun.istack/istack-commons-tools/4.1.2, BSD-3-Clause, approved, #2580
+maven/mavencentral/com.sun.xml.bind.external/relaxng-datatype/4.0.3, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/com.sun.xml.bind.external/rngom/4.0.3, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/com.vaadin.external.google/android-json/0.0.20131108.vaadin1, Apache-2.0, approved, CQ21310
+maven/mavencentral/commons-codec/commons-codec/1.16.1, Apache-2.0 AND (Apache-2.0 AND BSD-3-Clause), approved, #9157
+maven/mavencentral/commons-fileupload/commons-fileupload/1.5, Apache-2.0, approved, #7109
+maven/mavencentral/commons-io/commons-io/2.11.0, Apache-2.0, approved, CQ23745
+maven/mavencentral/commons-logging/commons-logging/1.2, Apache-2.0, approved, CQ10162
+maven/mavencentral/dev.failsafe/failsafe/3.3.2, Apache-2.0, approved, #9268
+maven/mavencentral/io.github.classgraph/classgraph/4.8.165, MIT, approved, CQ22530
+maven/mavencentral/io.github.openfeign.form/feign-form-spring/3.8.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/io.github.openfeign.form/feign-form/3.8.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/io.github.openfeign/feign-core/13.3, Apache-2.0, approved, clearlydefined
+maven/mavencentral/io.github.openfeign/feign-slf4j/13.3, Apache-2.0, approved, clearlydefined
+maven/mavencentral/io.micrometer/micrometer-commons/1.13.2, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #14826
+maven/mavencentral/io.micrometer/micrometer-core/1.13.2, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #14827
+maven/mavencentral/io.micrometer/micrometer-jakarta9/1.13.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/io.micrometer/micrometer-observation/1.13.2, Apache-2.0, approved, #14829
+maven/mavencentral/io.opentelemetry/opentelemetry-api/1.37.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/io.opentelemetry/opentelemetry-context/1.37.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/io.setl/rdf-urdna/1.1, Apache-2.0, approved, clearlydefined
+maven/mavencentral/io.swagger.core.v3/swagger-annotations-jakarta/2.2.20, Apache-2.0, approved, #5947
+maven/mavencentral/io.swagger.core.v3/swagger-annotations-jakarta/2.2.22, Apache-2.0, approved, #5947
+maven/mavencentral/io.swagger.core.v3/swagger-core-jakarta/2.2.20, Apache-2.0, approved, #5929
+maven/mavencentral/io.swagger.core.v3/swagger-core-jakarta/2.2.22, Apache-2.0, approved, #5929
+maven/mavencentral/io.swagger.core.v3/swagger-integration-jakarta/2.2.22, Apache-2.0, approved, #11475
+maven/mavencentral/io.swagger.core.v3/swagger-jaxrs2-jakarta/2.2.22, Apache-2.0, approved, #11477
+maven/mavencentral/io.swagger.core.v3/swagger-models-jakarta/2.2.20, Apache-2.0, approved, #5919
+maven/mavencentral/io.swagger.core.v3/swagger-models-jakarta/2.2.22, Apache-2.0, approved, #5919
+maven/mavencentral/jakarta.activation/jakarta.activation-api/2.1.3, EPL-2.0 OR BSD-3-Clause OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jaf
+maven/mavencentral/jakarta.annotation/jakarta.annotation-api/2.1.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.ca
+maven/mavencentral/jakarta.json/jakarta.json-api/2.1.3, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jsonp
+maven/mavencentral/jakarta.mail/jakarta.mail-api/2.1.3, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.mail
+maven/mavencentral/jakarta.validation/jakarta.validation-api/3.0.2, Apache-2.0, approved, ee4j.validation
+maven/mavencentral/jakarta.ws.rs/jakarta.ws.rs-api/3.1.0, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.rest
+maven/mavencentral/jakarta.xml.bind/jakarta.xml.bind-api/4.0.2, BSD-3-Clause, approved, ee4j.jaxb
+maven/mavencentral/net.bytebuddy/byte-buddy-agent/1.14.18, Apache-2.0, approved, #7164
+maven/mavencentral/net.bytebuddy/byte-buddy/1.14.18, Apache-2.0 AND BSD-3-Clause, approved, #7163
+maven/mavencentral/net.minidev/accessors-smart/2.5.1, Apache-2.0, approved, clearlydefined
+maven/mavencentral/net.minidev/json-smart/2.5.1, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.apache.commons/commons-lang3/3.15.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.apache.httpcomponents.client5/httpclient5/5.3.1, Apache-2.0, approved, #12911
+maven/mavencentral/org.apache.httpcomponents.core5/httpcore5-h2/5.2.5, Apache-2.0, approved, #10658
+maven/mavencentral/org.apache.httpcomponents.core5/httpcore5/5.2.5, Apache-2.0, approved, #9652
+maven/mavencentral/org.apache.httpcomponents/httpclient/4.5.14, Apache-2.0, approved, #15248
+maven/mavencentral/org.apache.httpcomponents/httpcore/4.4.16, Apache-2.0, approved, CQ23528
+maven/mavencentral/org.apache.james/apache-mime4j-core/0.8.9, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.apache.james/apache-mime4j-dom/0.8.9, Apache-2.0, approved, #2340
+maven/mavencentral/org.apache.james/apache-mime4j-storage/0.8.9, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.apache.logging.log4j/log4j-api/2.23.1, Apache-2.0, approved, #13368
+maven/mavencentral/org.apache.logging.log4j/log4j-to-slf4j/2.23.1, Apache-2.0, approved, #15121
+maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-core/10.1.26, Apache-2.0 AND (EPL-2.0 OR (GPL-2.0 WITH Classpath-exception-2.0)) AND CDDL-1.0 AND (CDDL-1.1 OR (GPL-2.0-only WITH Classpath-exception-2.0)) AND EPL-2.0, approved, #15195
+maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.26, Apache-2.0, approved, #6997
+maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.26, Apache-2.0, approved, #7920
+maven/mavencentral/org.apiguardian/apiguardian-api/1.1.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.assertj/assertj-core/3.25.3, Apache-2.0, approved, #12585
+maven/mavencentral/org.awaitility/awaitility/4.2.1, Apache-2.0, approved, #14178
+maven/mavencentral/org.bouncycastle/bcprov-jdk18on/1.78, MIT AND CC0-1.0, approved, #14433
+maven/mavencentral/org.bouncycastle/bcprov-jdk18on/1.78.1, MIT AND CC0-1.0, approved, #14433
+maven/mavencentral/org.eclipse.angus/angus-activation/2.0.2, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.angus
+maven/mavencentral/org.eclipse.angus/angus-mail/2.0.3, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.angus
+maven/mavencentral/org.eclipse.edc/api-configuration/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/boot-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/core-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/crypto-common-lib/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/did-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/identity-did-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/identity-hub-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/identity-hub-store-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/identity-trust-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/identity-trust-sts-api/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/identity-trust-sts-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/jersey-providers-lib/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/json-ld-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/jwt-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/keypair-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/keys-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/participant-context-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/policy-engine-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/policy-model/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/runtime-metamodel/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/token-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/transform-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/util-lib/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/validator-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/verifiable-credential-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/verifiable-credentials-api/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/verifiable-credentials-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/web-spi/0.8.1, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.jetty.toolchain/jetty-jakarta-servlet-api/5.0.2, EPL-2.0 OR Apache-2.0, approved, rt.jetty
+maven/mavencentral/org.eclipse.parsson/parsson/1.1.6, EPL-2.0, approved, ee4j.parsson
+maven/mavencentral/org.glassfish.jaxb/codemodel/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish.jaxb/jaxb-core/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish.jaxb/jaxb-jxc/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish.jaxb/jaxb-runtime/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish.jaxb/jaxb-xjc/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish.jaxb/txw2/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish.jaxb/xsom/4.0.5, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish/jakarta.json/2.0.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jsonp
+maven/mavencentral/org.hamcrest/hamcrest/2.2, BSD-3-Clause, approved, clearlydefined
+maven/mavencentral/org.hdrhistogram/HdrHistogram/2.2.2, BSD-2-Clause AND CC0-1.0 AND CC0-1.0, approved, #14828
+maven/mavencentral/org.jacoco/org.jacoco.agent/0.8.11, EPL-2.0, approved, CQ23285
+maven/mavencentral/org.jacoco/org.jacoco.ant/0.8.11, EPL-2.0, approved, #1068
+maven/mavencentral/org.jacoco/org.jacoco.core/0.8.11, EPL-2.0, approved, CQ23283
+maven/mavencentral/org.jacoco/org.jacoco.report/0.8.11, EPL-2.0 AND Apache-2.0, approved, CQ23284
+maven/mavencentral/org.javassist/javassist/3.30.2-GA, Apache-2.0 AND LGPL-2.1-or-later AND MPL-1.1, approved, #12108
+maven/mavencentral/org.jboss.logging/jboss-logging/3.5.3.Final, Apache-2.0, approved, #9471
+maven/mavencentral/org.jboss.resteasy/resteasy-client-api/6.2.7.Final, Apache-2.0, approved, #10223
+maven/mavencentral/org.jboss.resteasy/resteasy-client/6.2.7.Final, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.jboss.resteasy/resteasy-core-spi/6.2.7.Final, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.jboss.resteasy/resteasy-core/6.2.7.Final, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.jboss.resteasy/resteasy-jackson2-provider/6.2.7.Final, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.jboss.resteasy/resteasy-jaxb-provider/6.2.7.Final, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.jboss.resteasy/resteasy-multipart-provider/6.2.7.Final, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.jboss/jandex/2.4.4.Final, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.jetbrains/annotations/24.1.0, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.10.3, EPL-2.0, approved, #9714
+maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.10.3, EPL-2.0, approved, #9711
+maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.10.3, EPL-2.0, approved, #15250
+maven/mavencentral/org.junit.jupiter/junit-jupiter/5.10.3, EPL-2.0, approved, #15197
+maven/mavencentral/org.junit.platform/junit-platform-commons/1.10.3, EPL-2.0, approved, #9715
+maven/mavencentral/org.junit.platform/junit-platform-engine/1.10.3, EPL-2.0, approved, #9709
+maven/mavencentral/org.junit.platform/junit-platform-launcher/1.10.3, EPL-2.0, approved, #15216
+maven/mavencentral/org.junit/junit-bom/5.10.3, EPL-2.0, approved, #9844
+maven/mavencentral/org.keycloak/keycloak-admin-client/25.0.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.keycloak/keycloak-common/25.0.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.keycloak/keycloak-core/25.0.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.latencyutils/LatencyUtils/2.0.3, CC0-1.0, approved, #15280
+maven/mavencentral/org.mockito/mockito-core/5.11.0, MIT AND (Apache-2.0 AND MIT) AND Apache-2.0, approved, #13505
+maven/mavencentral/org.mockito/mockito-junit-jupiter/5.11.0, MIT, approved, #13504
+maven/mavencentral/org.objenesis/objenesis/3.3, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.opentest4j/opentest4j/1.3.0, Apache-2.0, approved, #9713
+maven/mavencentral/org.ow2.asm/asm-commons/9.6, BSD-3-Clause, approved, #10775
+maven/mavencentral/org.ow2.asm/asm-tree/9.6, BSD-3-Clause, approved, #10773
+maven/mavencentral/org.ow2.asm/asm/9.6, BSD-3-Clause, approved, #10776
+maven/mavencentral/org.projectlombok/lombok/1.18.34, MIT, approved, #15192
+maven/mavencentral/org.reactivestreams/reactive-streams/1.0.4, CC0-1.0, approved, CQ16332
+maven/mavencentral/org.skyscreamer/jsonassert/1.5.3, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.slf4j/jul-to-slf4j/2.0.13, MIT, approved, #7698
+maven/mavencentral/org.slf4j/slf4j-api/2.0.13, MIT, approved, #5915
+maven/mavencentral/org.springdoc/springdoc-openapi-starter-common/2.4.0, Apache-2.0, approved, #13755
+maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-api/2.4.0, Apache-2.0, approved, #13748
+maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-ui/2.4.0, Apache-2.0, approved, #13754
+maven/mavencentral/org.springframework.boot/spring-boot-actuator-autoconfigure/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-actuator/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-devtools/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-starter-actuator/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-starter-json/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-starter-logging/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-starter-test/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-starter-tomcat/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-starter-web/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-starter/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-test-autoconfigure/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot-test/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.boot/spring-boot/3.3.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.cloud/spring-cloud-commons/4.1.4, Apache-2.0, approved, #13495
+maven/mavencentral/org.springframework.cloud/spring-cloud-context/4.1.4, Apache-2.0, approved, #13494
+maven/mavencentral/org.springframework.cloud/spring-cloud-openfeign-core/4.1.3, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.cloud/spring-cloud-starter-openfeign/4.1.3, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.cloud/spring-cloud-starter/4.1.4, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.security/spring-security-crypto/6.3.1, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework.security/spring-security-rsa/1.1.3, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.springframework/spring-aop/6.1.11, Apache-2.0, approved, #15221
+maven/mavencentral/org.springframework/spring-beans/6.1.11, Apache-2.0, approved, #15213
+maven/mavencentral/org.springframework/spring-context/6.1.11, Apache-2.0, approved, #15261
+maven/mavencentral/org.springframework/spring-core/6.1.11, Apache-2.0 AND BSD-3-Clause, approved, #15206
+maven/mavencentral/org.springframework/spring-expression/6.1.11, Apache-2.0, approved, #15264
+maven/mavencentral/org.springframework/spring-jcl/6.1.11, Apache-2.0, approved, #15266
+maven/mavencentral/org.springframework/spring-test/6.1.11, Apache-2.0, approved, #15265
+maven/mavencentral/org.springframework/spring-web/6.1.11, Apache-2.0, approved, #15188
+maven/mavencentral/org.springframework/spring-webmvc/6.1.11, Apache-2.0, approved, #15182
+maven/mavencentral/org.webjars/swagger-ui/5.11.8, Apache-2.0, approved, #13756
+maven/mavencentral/org.xmlunit/xmlunit-core/2.9.1, Apache-2.0, approved, #6272
+maven/mavencentral/org.yaml/snakeyaml/2.2, Apache-2.0 AND (Apache-2.0 OR BSD-3-Clause OR EPL-1.0 OR GPL-2.0-or-later OR LGPL-2.1-or-later), approved, #10232
diff --git a/DOCKER_NOTICE.md b/DOCKER_NOTICE.md
new file mode 100644
index 0000000..c01d6f8
--- /dev/null
+++ b/DOCKER_NOTICE.md
@@ -0,0 +1,29 @@
+## Notice for Docker image
+
+This application provides container images for demonstration purposes.
+
+DockerHub: To be added once we have Docker publish workflow
+
+Eclipse Tractus-X product(s) installed within the image:
+
+SSI DIM Wallet stub
+
+- GitHub: https://github.com/eclipse-tractusx/ssi-dim-wallet-stub
+- Project home: https://projects.eclipse.org/projects/automotive.tractusx
+- Dockerfile: https://github.com/eclipse-tractusx/ssi-dim-wallet-stub/blob/main/Dockerfile
+- Project
+ license: [Apache License, Version 2.0](https://github.com/eclipse-tractusx/ssi-dim-wallet-stub/blob/main/LICENSE)
+
+**Used base image**
+
+- [eclipse-temurin:21-jre-alpine](https://github.com/adoptium/containers)
+- Official Eclipse Temurin DockerHub page: https://hub.docker.com/_/eclipse-temurin
+- Eclipse Temurin Project: https://projects.eclipse.org/projects/adoptium.temurin
+- Additional information about the Eclipse Temurin
+ images: https://github.com/docker-library/repo-info/tree/master/repos/eclipse-temurin
+
+As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc
+from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
+
+As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies
+with any relevant licenses for all software contained within.
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..17a3325
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,43 @@
+#################################################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+#################################################################################
+
+FROM gradle:8.9-jdk21-alpine AS build
+
+COPY --chown=gradle:gradle . /home/gradle/src
+WORKDIR /home/gradle/src
+
+RUN gradle clean build --no-daemon -i -x test -x javadoc;
+
+FROM eclipse-temurin:21-jre-alpine
+
+# run as non-root user
+RUN addgroup -g 11111 -S wallet && adduser -u 11111 -S -s /bin/false -G wallet wallet
+
+# add curl for healthcheck
+RUN apk --no-cache add curl
+
+USER wallet
+
+COPY --from=build /home/gradle/src/build/libs/wallet-latest.jar /app/
+
+WORKDIR /app
+
+HEALTHCHECK --start-period=30s CMD curl --fail http://localhost:8080/actuator/health/liveness || exit 1
+
+CMD ["java", "-jar", "wallet-latest.jar"]
diff --git a/README.md b/README.md
index ba138d4..35d43c7 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,85 @@
-# ssi-dim-wallet-stub
+# SSI DIM Wallet stub application
-Stub application for Decentralize Identity Management (DIM) Wallet
+#### Note: *This application is meant and developed for local and integration testing only*
-### WIP
+The Decentralized Identity Management (DIM) Wallet stub application provides REST APIs for below wallet functionality.
+
+1. Setup Wallet and push Did document to portal backend
+2. Issue Verifiable Credentials
+3. Sign and get Verifiable Credentials by ID
+4. Create Self issued (SI) token with scope and without scope
+5. Query Verifiable Presentation
+6. Create technical user for wallet to access APIs using OAuth flow
+
+This application can be used as a temporary wallet solution for local and integration testing.
+
+This application is using Java 21 and Spring boot framework to serve REST APIs.
+
+The DIM Wallet is part of the Self-Sovereign Identity (SSI) Flow of Eclipse Tractus-X.
+
+### Run in local
+
+1. Update env variables in [application.yaml](src%2Fmain%2Fresources%2Fapplication.yaml)
+
+| Name | Description | Default value |
+|------------------------|----------------------------------------------------------------------------------|--------------------------------------|
+| APPLICATION_PORT | Application port | 8080 |
+| STUB_ENV | Environment(LZ) in with application is running. | local |
+| BASE_WALLET_BPN | Issuer BPN number | BPNL000000000000 |
+| STUB_HOST | Wallet stub application host | |
+| STATUS_LIST_VC_ID | VC id of status list credential of base wallet | 8a6c7486-1e1f-4555-bdd2-1a178182651e |
+| TOKEN_EXPIRY_TIME | JWT(STS, VC and VP) expiry time in minutes | 5 |
+| PORTAL_WAIT_TIME | Wait time before we push did document to portal after wallet creation in seconds | 60 |
+| PORTAL_HOST | Host of port backend application | |
+| PORTAL_CLIENT_ID | Keycloak client_id to access portal API | |
+| PORTAL_CLIENT_SECRET | keycloak client_secret to access portal API | |
+| PORTAL_REALM | keycloak realm | |
+| PORTAL_AUTH_SERVER_URL | Authentication server(keycloak) | |
+| APP_LOG_LEVEL | Log level of application | DEBUG |
+
+2. Run application using gradle
+
+`./gradlew clean bootrun`
+
+3. After successful running orf the application, you can access swagger
+ on ``http://localhost:8080/ui/swagger-ui/index.html``
+
+### Deploy application using helm chart
+
+Please refer [deploy using helm](charts%2Fssi-dim-wallet-stub%2FREADME.md)
+
+### Documentation
+
+Detailed documentation can be found [here](docs%2FREADME.md)
+
+### Important notes and limitation of application
+
+1. Simple Java ``Map`` is used to store keypair, VC and VP of wallet to avoid any further complexity. Please
+ refer [MemoryStorage.java](src%2Fmain%2Fjava%2Forg%2Feclipse%2Ftractusx%2Fwallet%2Fstub%2Fstorage%2FMemoryStorage.java)
+2. This application will create same key for given BPN on given environment. Please
+ refer [DeterministicECKeyPairGenerator.java](src%2Fmain%2Fjava%2Forg%2Feclipse%2Ftractusx%2Fwallet%2Fstub%2Futils%2FDeterministicECKeyPairGenerator.java)
+3. If a wallet is not created at any point of request, application will create a new wallet at runtime
+4. Application will issue new VC during ``/presentations/query`` API if not issued previously
+5. Application will not give error if request VC is not already issue
+6. There is no separate IDP for this wallet application. OAuth token creation API is part of this application only
+7. We are not validating ``client_secret`` while creating OAuth token and ``client_id`` will be BPN
+8. Negative scenarios are not covered
+9. ``jti`` claim is not validated
+10. No actual revocation of verifiable credentials
+11. All stored credentials will be lost on restart of the application
+12. JWTs are printed with debug log level for debugging purposes
+
+
+### Notice for Docker image
+
+This application provides container images for demonstration purposes.
+
+See Docker notice files for more information:
+
+- [SSI DIM Wallet stub Docker notice](DOCKER_NOTICE.md)
+
+
+## License
+
+Distributed under the Apache 2.0 License.
+See [LICENSE](./LICENSE) for more information.
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 0000000..fd56863
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,197 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+plugins {
+ id 'java'
+ id 'org.springframework.boot' version "${springBootVersion}"
+ id 'io.spring.dependency-management' version "${springDependencyVersion}"
+ id "de.undercouch.download" version "5.6.0"
+ id 'project-report'
+ id "jacoco"
+ id "org.sonarqube" version "5.1.0.4882"
+}
+
+group = "${group}"
+version = "${version}"
+
+java {
+ sourceCompatibility = JavaVersion.VERSION_21
+}
+
+configurations {
+ compileOnly {
+ extendsFrom annotationProcessor
+ }
+}
+
+repositories {
+ mavenLocal()
+ mavenCentral()
+}
+
+dependencies {
+
+ //Spring
+ implementation 'org.springframework.boot:spring-boot-starter-web'
+ implementation 'org.springframework.boot:spring-boot-starter-actuator'
+ implementation 'org.springframework.cloud:spring-cloud-starter-openfeign:4.1.3'
+
+ //swagger
+ implementation "org.springdoc:springdoc-openapi-starter-common:${openApiVersion}"
+ implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${openApiVersion}"
+
+ //utils
+ implementation 'org.apache.commons:commons-lang3:3.15.0'
+
+ //Edc
+ implementation "org.eclipse.edc:crypto-common-lib:${edcLibVersion}"
+ implementation "org.eclipse.edc:identity-trust-sts-api:${edcLibVersion}"
+ implementation "org.eclipse.edc:verifiable-credentials-api:${edcLibVersion}"
+
+ //keycloak
+ implementation 'org.keycloak:keycloak-admin-client:25.0.2'
+
+
+ compileOnly 'org.projectlombok:lombok'
+ developmentOnly 'org.springframework.boot:spring-boot-devtools'
+ annotationProcessor 'org.projectlombok:lombok'
+
+
+ testImplementation 'org.springframework.boot:spring-boot-starter-test'
+ testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+ testCompileOnly 'org.projectlombok:lombok'
+ testAnnotationProcessor 'org.projectlombok:lombok'
+ testImplementation group: 'com.github.curious-odd-man', name: 'rgxgen', version: '2.0'
+
+ // added for test cases to support patch method
+ testImplementation 'org.apache.httpcomponents.client5:httpclient5:5.3.1'
+}
+
+test {
+ useJUnitPlatform()
+ finalizedBy jacocoTestReport
+ testLogging {
+ events("passed", "skipped", "failed")
+ }
+}
+
+jacoco {
+ toolVersion = "${jacocoVersion}"
+}
+
+jacocoTestReport {
+
+ reports {
+ xml.required = true
+ csv.required = false
+ html.required = true
+ }
+
+ afterEvaluate {
+ classDirectories.setFrom(files(classDirectories.files.collect {
+ fileTree(dir: it, exclude: [
+ "org/eclipse/tractusx/wallet/stub/apidoc/*"
+
+ ])
+ }))
+ }
+}
+
+jacocoTestCoverageVerification {
+ afterEvaluate {
+ classDirectories.setFrom(files(classDirectories.files.collect {
+ fileTree(dir: it, exclude: [
+ "org/eclipse/tractusx/wallet/stub/apidoc/*"
+ ])
+ }))
+ }
+ violationRules {
+ rule {
+ limit {
+ minimum = 0.80
+ }
+ }
+ }
+}
+
+check.dependsOn jacocoTestCoverageVerification
+build {
+ archivesBaseName = "wallet"
+ version = "latest"
+}
+
+tasks.register('dashDownload', Download) {
+ description = 'Download the Dash License Tool standalone jar'
+ group = 'License'
+ src 'https://repo.eclipse.org/service/local/artifact/maven/redirect?r=dash-licenses&g=org.eclipse.dash&a=org.eclipse.dash.licenses&v=LATEST'
+ dest layout.projectDirectory.file('dash.jar')
+ // will not replace an existing file. If you know you need a new version
+ // then manually delete the file yourself, or run `dashClean`
+ overwrite false
+}
+
+
+tasks.register('dashClean') {
+ description = "Clean all files used by the 'License' group"
+ group = 'License'
+ logger.lifecycle("Removing 'dash.jar'")
+ file('dash.jar').delete()
+ logger.lifecycle("Removing 'deps.txt'")
+ file('deps.txt').delete()
+}
+
+tasks.register('dashDependencies') { dashDependencies ->
+ description = "Output all project dependencies as a flat list and save an intermediate file 'deps.txt'."
+ group = 'License'
+ dashDependencies.dependsOn('dashDownload')
+ doLast {
+ def deps = []
+ project.configurations.each { conf ->
+ if (conf.canBeResolved && conf.getName() != 'archives' && conf.getName() != 'default') {
+ deps.addAll(conf.incoming.resolutionResult.allDependencies
+ .findAll({ it instanceof ResolvedDependencyResult })
+ .collect { ResolvedDependencyResult dep ->
+ "${dep.selected}"
+ })
+ }
+ }
+
+ def uniqueSorted = deps.unique().sort()
+ uniqueSorted.each { logger.quiet("{}", it) }
+ file("deps.txt").write(uniqueSorted.join('\n'))
+ }
+}
+
+tasks.register('dashLicenseCheck', JavaExec) { dashLicenseCheck ->
+ description = "Run the Dash License Tool and save the summary in the 'DEPENDENCIES' file"
+ group = 'License'
+ dashLicenseCheck.dependsOn('dashDownload')
+ dashLicenseCheck.dependsOn('dashDependencies')
+ doFirst {
+ classpath = files('dash.jar')
+ // docs: https://eclipse-tractusx.github.io/docs/release/trg-7/trg-7-04
+ args('-project', 'automotive.tractusx', '-summary', 'DEPENDENCIES', 'deps.txt')
+ }
+ doLast {
+ logger.lifecycle("Removing 'deps.txt' now.")
+ file('deps.txt').delete()
+ }
+}
diff --git a/charts/README.md b/charts/README.md
deleted file mode 100644
index e69de29..0000000
diff --git a/charts/ssi-dim-wallet-stub/.helmignore b/charts/ssi-dim-wallet-stub/.helmignore
new file mode 100644
index 0000000..f04df63
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/.helmignore
@@ -0,0 +1,25 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+values?*.yaml
+values?*.yml
diff --git a/charts/ssi-dim-wallet-stub/Chart.lock b/charts/ssi-dim-wallet-stub/Chart.lock
new file mode 100644
index 0000000..a87ef07
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: centralidp
+ repository: https://eclipse-tractusx.github.io/charts/dev
+ version: 3.0.0
+digest: sha256:4a16133a0c3bc6fbcc85e2f307460c5ab7b6dae226de269414ae81298cb4dcac
+generated: "2024-08-12T17:49:14.692969+05:30"
diff --git a/charts/ssi-dim-wallet-stub/Chart.yaml b/charts/ssi-dim-wallet-stub/Chart.yaml
new file mode 100644
index 0000000..105ecd9
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/Chart.yaml
@@ -0,0 +1,34 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+apiVersion: v2
+name: ssi-dim-wallet-stub
+description: |
+ A Helm chart to deploy SSI DIM wallet stub in kubernetes cluster
+type: application
+version: 0.1.0
+appVersion: "0.0.1"
+home: https://github.com/eclipse-tractusx/ssi-dim-wallet-stub/tree/main/charts/ssi-dim-wallet-stub
+sources:
+ - https://github.com/eclipse-tractusx/ssi-dim-wallet-stub/tree/main/charts/ssi-dim-wallet-stub
+dependencies:
+ - name: centralidp
+ version: 3.0.0
+ repository: https://eclipse-tractusx.github.io/charts/dev
+ condition: keycloak.enabled
diff --git a/charts/ssi-dim-wallet-stub/LICENSE b/charts/ssi-dim-wallet-stub/LICENSE
new file mode 100644
index 0000000..c815b0d
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/LICENSE
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright 2022 Catena-X
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/charts/ssi-dim-wallet-stub/README.md b/charts/ssi-dim-wallet-stub/README.md
new file mode 100644
index 0000000..e72c65e
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/README.md
@@ -0,0 +1,83 @@
+## Helm chart to deploy SSI DIM Wallet stub application
+
+### Source Code
+
+*
+
+### Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.bitnami.com/bitnami | keycloak | 22.1.0 |
+
+### Prerequisites
+- Kubernetes 1.19+
+- Helm 3.2.0+
+
+### Install with released helm chart
+
+```
+helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
+helm install ssi-dim-wallet-stub tractusx-dev/ssi-dim-wallet-stub
+```
+
+### Install with local configuration
+```
+helm dep up charts/ssi-dim-wallet-stub
+kubectl create namespace wallet
+helm install wallet-stub -n wallet charts/ssi-dim-wallet-stub
+```
+
+## Configuration Values
+
+| Parameter | Description | Default Value |
+|------------------------------------------|---------------------------------------------------------------------------------------------------------------|--------------------------------------------------|
+| `wallet.replicaCount` | The amount of replicas to run | `1` |
+| `wallet.host` | Hostname for the wallet stub application | `localhost` |
+| `wallet.nameSpace` | The namespace | `"wallet"` |
+| `wallet.appName` | The application name | `"ssi-dim-wallet-stub"` |
+| `wallet.configName` | The configmap name | `"ssi-dim-wallet-config"` |
+| `wallet.serviceName` | The service name | `"ssi-dim-wallet-service"` |
+| `wallet.secretName` | The secret name | `"ssi-dim-wallet-secret"` |
+| `wallet.ingressName` | The ingress name | `"ssi-dim-wallet-ingress"` |
+| `wallet.image.repository` | Image repository | `tractusx/managed-identity-wallet` |
+| `wallet.image.pullPolicy` | Pull policy for the image | `IfNotPresent` |
+| `wallet.image.tag` | Image tag (leave empty to use "appVersion" value from chart definition) | `""` |
+| `wallet.resources.requests.cpu` | CPU resource requests | `250m` |
+| `wallet.resources.requests.memory` | Memory resource requests | `512Mi` |
+| `wallet.resources.limits.cpu` | CPU resource limits | `500m` |
+| `wallet.resources.limits.memory` | Memory resource limits | `1Gi` |
+| `wallet.livenessProbe.enabled` | Enables/Disables the liveness probe | `true` |
+| `wallet.livenessProbe.failureThreshold` | Number of failures before restarting the container | `3` |
+| `wallet.livenessProbe.initialDelaySeconds` | Initial delay before starting the liveness probe | `20` |
+| `wallet.livenessProbe.timeoutSeconds` | Timeout for the liveness probe | `15` |
+| `wallet.livenessProbe.periodSeconds` | How often to perform the liveness probe | `5` |
+| `wallet.readinessProbe.enabled` | Enables/Disables the readiness probe | `true` |
+| `wallet.readinessProbe.failureThreshold` | Number of failures before marking the Pod as Unready | `3` |
+| `wallet.readinessProbe.initialDelaySeconds` | Initial delay before starting the readiness probe | `30` |
+| `wallet.readinessProbe.periodSeconds` | How often to perform the readiness probe | `5` |
+| `wallet.readinessProbe.successThreshold` | Minimum consecutive successes for the readiness probe to be considered successful | `1` |
+| `wallet.readinessProbe.timeoutSeconds` | Timeout for the readiness probe | `5` |
+| `wallet.ingress.enabled` | Enable ingress configuration | `false` |
+| `wallet.ingress.tls` | Enable TLS for ingress | `false` |
+| `wallet.ingress.urlPrefix` | URL prefix for the ingress | `/` |
+| `wallet.ingress.className` | Ingress class name | `nginx` |
+| `wallet.ingress.annotations` | Annotations for the ingress | `{}` |
+| `wallet.swagger.ui.status` | Enable Swagger API documentation UI | `true` |
+| `wallet.swagger.apiDoc.status` | Enable OpenAPI documentation | `true` |
+| `wallet.logLevel` | Application log level | `"debug"` |
+| `wallet.environment` | Name of the landing zone (e.g., dev, int, prod) | `"default"` |
+| `wallet.baseWalletBpn` | Operator Business Partner Number (BPN) | `"BPNL000000000000"` |
+| `wallet.didHost` | DID document host, used as part of the DID string (e.g., did:web:) | `"localhost"` |
+| `wallet.stubUrl` | Wallet stub server URL, used as part of the presentation query API in the DID document | `"http://localhost"` |
+| `wallet.statusListVcId` | Default status list Verifiable Credential (VC) ID | `"8a6c7486-1e1f-4555-bdd2-1a178182651e"` |
+| `wallet.tokenExpiryTime` | Token expiry time in seconds | `"5"` |
+| `wallet.portal.waitTime` | Wait time before pushing data to portal backend after wallet creation | `60` |
+| `wallet.portal.host` | Portal backend application host | `"http://localhost"` |
+| `wallet.portal.clientId` | Keycloak client ID for accessing portal backend APIs | `"client_id"` |
+| `wallet.portal.clientSecret` | Keycloak client secret for accessing portal backend APIs | `"client_secret"` |
+| `wallet.keycloak.realm` | Keycloak realm name | `"CX-Central"` |
+| `wallet.keycloak.authServerUrl` | Keycloak host URL | `"http://localhost:28080/auth"` |
+| `wallet.service.type` | Kubernetes service type | `ClusterIP` |
+| `wallet.service.port` | Kubernetes service port | `8080` |
+| `keycloak.enabled` | Enable Keycloak configuration | `false` |
diff --git a/charts/ssi-dim-wallet-stub/templates/configmap.yaml b/charts/ssi-dim-wallet-stub/templates/configmap.yaml
new file mode 100644
index 0000000..390ca31
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/templates/configmap.yaml
@@ -0,0 +1,39 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Values.wallet.configName }}
+ namespace: {{ .Values.wallet.nameSpace }}
+data:
+ ENABLE_SWAGGER_UI: {{ .Values.wallet.swagger.ui.status | quote }}
+ ENABLE_API_DOC: {{ .Values.wallet.swagger.apiDoc.status | quote }}
+ APP_LOG_LEVEL: {{ .Values.wallet.logLevel | quote }}
+ STUB_ENV: {{ .Values.wallet.environment | quote }}
+ BASE_WALLET_BPN: {{ .Values.wallet.baseWalletBpn | quote }}
+ DID_HOST: {{ .Values.wallet.didHost | quote }}
+ STUB_URL: {{ .Values.wallet.stubUrl | quote }}
+ STATUS_LIST_VC_ID: {{ .Values.wallet.statusListVcId | quote }}
+ TOKEN_EXPIRY_TIME: {{ .Values.wallet.tokenExpiryTime | quote }}
+ PORTAL_WAIT_TIME: {{ .Values.wallet.portal.waitTime | quote }}
+ PORTAL_HOST: {{ .Values.wallet.portal.host | quote }}
+ PORTAL_REALM: {{ .Values.wallet.keycloak.realm | quote }}
+ PORTAL_AUTH_SERVER_URL: {{ .Values.wallet.keycloak.authServerUrl | quote }}
diff --git a/charts/ssi-dim-wallet-stub/templates/deployment.yaml b/charts/ssi-dim-wallet-stub/templates/deployment.yaml
new file mode 100644
index 0000000..007f691
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/templates/deployment.yaml
@@ -0,0 +1,84 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+ name: {{ .Values.wallet.appName }}
+ namespace: {{ .Values.wallet.nameSpace }}
+spec:
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxUnavailable: 0
+ maxSurge: 1
+ selector:
+ matchLabels:
+ app: {{ .Values.wallet.appName }}
+ replicas: {{ .Values.wallet.replicaCount }}
+ revisionHistoryLimit: 2
+ template:
+ metadata:
+ name: {{ .Values.wallet.appName }}
+ labels:
+ app: {{ .Values.wallet.appName }}
+ spec:
+ containers:
+ - name: {{ .Values.wallet.appName }}
+ image: {{ .Values.wallet.image.repository }}:{{ default .Chart.AppVersion .Values.wallet.image.tag }}
+ imagePullPolicy: {{ .Values.wallet.image.pullPolicy }}
+ resources:
+ {{- toYaml .Values.wallet.resources | nindent 12 }}
+ envFrom:
+ - secretRef:
+ name: {{ .Values.wallet.secretName }}
+ - configMapRef:
+ name: {{ .Values.wallet.configName }}
+ {{- with .Values.wallet.livenessProbe }}
+ {{- if .enabled }}
+ ports:
+ - name: http
+ containerPort: 8080
+ protocol: TCP
+ livenessProbe:
+ httpGet:
+ path: /actuator/health/liveness
+ port: 8080
+ scheme: HTTP
+ failureThreshold: {{ .failureThreshold }}
+ initialDelaySeconds: {{ .initialDelaySeconds }}
+ periodSeconds: {{ .periodSeconds }}
+ timeoutSeconds: {{ .timeoutSeconds }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.wallet.readinessProbe }}
+ {{- if .enabled }}
+ readinessProbe:
+ httpGet:
+ path: /actuator/health/readiness
+ port: 8080
+ scheme: HTTP
+ failureThreshold: {{ .failureThreshold }}
+ initialDelaySeconds: {{ .initialDelaySeconds }}
+ periodSeconds: {{ .periodSeconds }}
+ successThreshold: {{ .successThreshold }}
+ timeoutSeconds: {{ .timeoutSeconds }}
+ {{- end }}
+ {{- end }}
+
diff --git a/charts/ssi-dim-wallet-stub/templates/ingress.yaml b/charts/ssi-dim-wallet-stub/templates/ingress.yaml
new file mode 100644
index 0000000..695bfc4
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/templates/ingress.yaml
@@ -0,0 +1,48 @@
+{{- if .Values.wallet.ingress.enabled }}
+
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: {{ .Values.wallet.ingressName }}
+ namespace: {{ .Values.wallet.nameSpace }}
+ annotations:
+{{ .Values.wallet.ingress.annotations | toYaml | indent 4 }}
+spec:
+ ingressClassName: {{ .Values.wallet.ingress.className }}
+ {{- if .Values.wallet.ingress.tls }}
+ tls:
+ - hosts:
+ - {{ .Values.wallet.host }}
+ secretName: ssi-dim-wallet-stub-certificate-secret
+ {{- end }}
+ rules:
+ - host: {{ .Values.wallet.host }}
+ http:
+ paths:
+ - path: {{ .Values.wallet.ingress.urlPrefix }}
+ pathType: Prefix
+ backend:
+ service:
+ name: {{ .Values.wallet.serviceName }}
+ port:
+ number: {{ .Values.wallet.service.port }}
+{{- end }}
diff --git a/charts/ssi-dim-wallet-stub/templates/secret.yaml b/charts/ssi-dim-wallet-stub/templates/secret.yaml
new file mode 100644
index 0000000..061b7a8
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/templates/secret.yaml
@@ -0,0 +1,28 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.wallet.secretName }}
+ namespace: {{ .Values.wallet.nameSpace }}
+type: Opaque
+data:
+ PORTAL_CLIENT_SECRET: {{ .Values.wallet.portal.clientSecret | b64enc}}
+ PORTAL_CLIENT_ID: {{ .Values.wallet.portal.clientId | b64enc}}
diff --git a/charts/ssi-dim-wallet-stub/templates/service.yaml b/charts/ssi-dim-wallet-stub/templates/service.yaml
new file mode 100644
index 0000000..922c659
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/templates/service.yaml
@@ -0,0 +1,33 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.wallet.serviceName }}
+ namespace: {{ .Values.wallet.nameSpace }}
+spec:
+ type: {{ .Values.wallet.service.type }}
+ ports:
+ - port: {{ .Values.wallet.service.port }}
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ app: {{ .Values.wallet.appName }}
diff --git a/charts/ssi-dim-wallet-stub/values.yaml b/charts/ssi-dim-wallet-stub/values.yaml
new file mode 100644
index 0000000..fb7652b
--- /dev/null
+++ b/charts/ssi-dim-wallet-stub/values.yaml
@@ -0,0 +1,141 @@
+###############################################################
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+# -- The amount of replicas to run
+wallet:
+ replicaCount: 1
+
+ host: localhost
+
+ # -- The name space
+ nameSpace: "wallet"
+
+ # -- The application name
+ appName: "ssi-dim-wallet-stub"
+
+ # -- The configmap name
+ configName: "ssi-dim-wallet-config"
+
+ # -- The service name
+ serviceName: "ssi-dim-wallet-service"
+
+ # -- The secret name
+ secretName: "ssi-dim-wallet-secret"
+
+ ingressName: "ssi-dim-wallet-ingress"
+
+ image:
+ # -- Image repository
+ repository: tractusx/managed-identity-wallet
+ # -- PullPolicy
+ pullPolicy: IfNotPresent
+ # -- Image tag (empty one will use "appVersion" value from chart definition)
+ tag: ""
+
+ resources:
+ requests:
+ # -- CPU resource requests
+ cpu: 250m
+ # -- Memory resource requests
+ memory: 512Mi
+ limits:
+ # -- CPU resource limits
+ cpu: 500m
+ # -- Memory resource limits
+ memory: 1Gi
+
+ # -- Kubernetes [liveness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
+ livenessProbe:
+ # -- Enables/Disables the livenessProbe at all
+ enabled: true
+ # -- When a probe fails, Kubernetes will try failureThreshold times before giving up. Giving up in case of liveness probe means restarting the container.
+ failureThreshold: 3
+ # -- Number of seconds after the container has started before readiness probes are initiated.
+ initialDelaySeconds: 20
+ # -- Number of seconds after which the probe times out.
+ timeoutSeconds: 15
+ # -- How often (in seconds) to perform the probe
+ periodSeconds: 5
+
+ # -- Kubernetes [readiness-probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
+ readinessProbe:
+ # -- Enables/Disables the readinessProbe at all
+ enabled: true
+ # -- When a probe fails, Kubernetes will try failureThreshold times before giving up. In case of readiness probe the Pod will be marked Unready.
+ failureThreshold: 3
+ # -- Number of seconds after the container has started before readiness probe are initiated.
+ initialDelaySeconds: 30
+ # -- How often (in seconds) to perform the probe
+ periodSeconds: 5
+ # -- Minimum consecutive successes for the probe to be considered successful after having failed.
+ successThreshold: 1
+ # -- Number of seconds after which the probe times out.
+ timeoutSeconds: 5
+
+ # -- ingress configuration
+ ingress:
+ enabled: false
+ tls: false
+ urlPrefix: /
+ className: nginx
+ annotations: {}
+ swagger:
+ ui:
+ # -- enable swagger API doc UI
+ status: true
+ apiDoc:
+ # -- enable Open API doc
+ status: true
+ # -- Application log level
+ logLevel: "debug"
+ # -- Name of landing zone ie. dev, int, prod etc
+ environment: "default"
+ # -- Operator BPN
+ baseWalletBpn: "BPNL000000000000"
+ # -- Did document host, this will be part of did String i.e., did:web:
+ didHost: "localhost"
+ # -- Wallet stub server URL. This will pe part of the presentation query API in the did document
+ stubUrl: "http://localhost"
+ # -- Default status list VC id
+ statusListVcId: "8a6c7486-1e1f-4555-bdd2-1a178182651e"
+ # -- Token expiry time in seconds
+ tokenExpiryTime: "5"
+ portal:
+ # -- Wait for given seconds before pushing data to portal backend after wallet creation
+ waitTime: "60"
+ # -- Portal backend application host
+ host: "http://localhost"
+
+ # -- Keycloak client_id and client_secret. We will create an access token and using this we access portal backend APIs
+ clientId: "client_id"
+ clientSecret: "client_secret"
+ keycloak:
+ # -- Keycloak realm name
+ realm: "CX-Central"
+ # -- keycloak host
+ authServerUrl: "http://localhost:28080/auth"
+ # --- Service configuration
+ service:
+ type: ClusterIP
+ port: 8080
+
+
+# -- Keycloak configuration
+keycloak:
+ enabled: false
diff --git a/docs/README.md b/docs/README.md
index e69de29..da7d3d4 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -0,0 +1,20 @@
+# Introduction
+
+This repository provides the SSI DIM wallet stub application.
+
+The following table links you to the respective documentations.
+
+| Documentation | Purpose |
+|-----------------------------------------------------------------------|--------------------------------------------------------------------------------------------|
+| [Arc42](architecture/main.md) | Architecture Documentation. |
+| [Open API doc](api/openAPI.json) | Open API specification. |
+| [Integration Documentation](admin%2Fintegration%2Fintegration.md) | Information about what configs need to be done in other component for integration testing. |
+| [How to contribute](admin%2FDev%20Process%2FHow%20to%20contribute.md) | Explanation of the views and how to use them. |
+
+## NOTICE
+
+This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).
+
+- SPDX-License-Identifier: Apache-2.0
+- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation
+- Source URL: https://github.com/eclipse-tractusx/ssi-dim-wallet-stub
diff --git a/docs/admin/integration/integration.md b/docs/admin/integration/integration.md
new file mode 100644
index 0000000..8610249
--- /dev/null
+++ b/docs/admin/integration/integration.md
@@ -0,0 +1,70 @@
+# Wallet Stub Application Integration Guide
+
+This document provides instructions for integrating the wallet stub application with other
+applications: `portal-backend`, `ssi-credential-issuer`, `edc`, and `bpn-did-resolution-service`.
+
+## Portal Backend Integration
+
+Set the following environment variables for the `portal-backend` to integrate with the wallet stub application:
+
+| Name | Description | Expected Value |
+|----------------------------------------|----------------------------|-----------------------------|
+| dim.clientId | Client ID for Wallet | BPNL000000000000 |
+| dim.clientSecret | Client Secret for Wallet | BPNL000000000000 |
+| dim.grantType | Grant Type | client_credentials |
+| dim.scope | Scope | openid |
+| dim.baseAddress | Base Address | https://localhost |
+| dim.universalResolverAddress | Universal Resolver Address | https://dev.uniresolver.io/ |
+| decentralIdentityManagementAuthAddress | Auth Address | https://localhost/api/sts |
+
+## SSI Credential Issuer Integration
+
+Set the following environment variables for the `ssi-credential-issuer` to integrate with the wallet stub application:
+
+| Name | Description | Expected Value |
+|--------------------------|------------------|---------------------------------------------------------------------------------------------|
+| walletAddress | Wallet URL | https://localhost |
+| walletTokenAddress | Wallet OAuth URL | https://localhost/oauth/token |
+| credential.issuerDid | Issuer DID | did:web:locahost:BPNL000000000000 |
+| credential.issuerBpn | Issuer BPN | BPNL000000000000 |
+| credential.statusListUrl | Status List URL | https://localhost/api/dim/status-list/BPNL000000000000/8a6c7486-1e1f-4555-bdd2-1a178182651e |
+
+## EDC Integration
+
+Set the following environment variables for the `edc` to integrate with the wallet stub application:
+
+| Name | Description | Expected Value |
+|---------------------------------------|-----------------------------|------------------------------------|
+| edc.iam.issuer.id | IAM Issuer ID | did:web:localhost:BPNL000000000000 |
+| edc.iam.trusted-issuer.1-issuer.id | Trusted Issuer ID | did:web:localhost:BPNL000000000000 |
+| edc.iam.sts.dim.url | DIM URL | https://localhost/api/sts |
+| edc.iam.sts.oauth.token.url | OAuth Token URL | https://localhost/oauth/token |
+| tx.edc.iam.iatp.credentialservice.url | IATP Credential Service URL | https://localhost/api |
+| edc.iam.sts.oauth.client.id | OAuth Client ID | BPNL000000000000 |
+| edc.iam.sts.oauth.client.secret.alias | OAuth Client Secret Alias | BPNL000000000000 |
+
+## BPN DID Resolution Service Integration
+
+Set the following environment variables for the `bpn-did-resolution-service` to integrate with the wallet stub
+application:
+
+| Name | Description | Expected Value |
+|-----------------|-----------------|----------------------------------------|
+| BASE_WALLET_BPN | Base Wallet BPN | BPNL000000000000 |
+| BASE_WALLET_DID | Base Wallet DID | did:web:localhost:BPNL000000000000 |
+| trustedIssuers | Trusted Issuers | ["did:web:localhost:BPNL000000000000"] |
+
+## Notes
+
+- Ensure that all values are correctly set to the wallet stub application.
+- Update any missing or placeholder values with the actual configuration details.
+- For any additional configuration or troubleshooting, refer to the respective service documentation.
+
+
+## NOTICE
+
+This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).
+
+- SPDX-License-Identifier: Apache-2.0
+- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation
+- Source URL: https://github.com/eclipse-tractusx/ssi-dim-wallet-stub
diff --git a/docs/api/openAPI.json b/docs/api/openAPI.json
new file mode 100644
index 0000000..d179d41
--- /dev/null
+++ b/docs/api/openAPI.json
@@ -0,0 +1,730 @@
+{
+ "openapi" : "3.0.1",
+ "info" : {
+ "title" : "SSI DIM Wallet Stub API",
+ "description" : "SSI DIM Wallet Stub API",
+ "termsOfService" : "https://www.eclipse.org/legal/termsofuse.php",
+ "contact" : {
+ "name" : "Eclipse Tractus-X",
+ "url" : "https://projects.eclipse.org/projects/automotive.tractusx",
+ "email" : "tractusx-dev@eclipse.org"
+ },
+ "version" : "0.0.1"
+ },
+ "servers" : [
+ {
+ "url" : "http://localhost:8080",
+ "description" : "Generated server url"
+ }
+ ],
+ "security" : [
+ {
+ "Authenticate using access_token" : []
+ }
+ ],
+ "paths" : {
+ "/oauth/token" : {
+ "post" : {
+ "tags" : [
+ "OAuth Token"
+ ],
+ "summary" : "Create OAuth token",
+ "description" : "Create OAuth token to access wallet APIs\n",
+ "operationId" : "createAccessToken",
+ "requestBody" : {
+ "content" : {
+ "application/x-www-form-urlencoded" : {
+ "schema" : {
+ "$ref" : "#/components/schemas/TokenRequest"
+ }
+ }
+ },
+ "required" : true
+ },
+ "responses" : {
+ "200" : {
+ "description" : "JWT presentation",
+ "content" : {
+ "application/json" : {
+ "examples" : {
+ "IDP token to access wallet API" : {
+ "description" : "IDP token to access wallet API",
+ "value" : {
+ "access_token" : "eyJraWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjYzM5MzJmZjUtOGRhNC0zZGU5LWE5NDItNjIxMjVmMzk0ZTQxIiwidHlwIjoiSldUIiwiYWxnIjoiRVMyNTZLIn0.eyJhdWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwic3ViIjoiZGlkOndlYjpjNDY0LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwIiwibmJmIjoxNzE5NDgxNjYxLCJpc3MiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJleHAiOjE3MTk0ODE5NjEsImlhdCI6MTcxOTQ4MTY2MSwianRpIjoiOWUxOTYzOGUtZDVmZi00NWMyLWI5MTktZDJmMGE1YTg0ODRlIn0.Ap96JWRJga-CEIE6p85TKy6u3X1b21z87rXJRhD5K2lNgADjxyJk967vvW5jf6_avQEyg8sEPN37rtarT4ayTw",
+ "token_type" : "Bearer",
+ "expires_in" : 300,
+ "refresh_expires_in" : 0,
+ "not-before-policy" : 0,
+ "scope" : "email profile"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/api/v2.0.0/credentials" : {
+ "post" : {
+ "tags" : [
+ "APIs consumed by SSI Issuer component"
+ ],
+ "summary" : "Create a new credential | Store credential for a holder",
+ "description" : "New credential sign with issuer wallet and saved in in-memory db and send VC id in the response. | Store credential will give only static response with id.\n",
+ "operationId" : "createCredential",
+ "requestBody" : {
+ "content" : {
+ "application/json" : {
+ "schema" : {
+ "$ref" : "#/components/schemas/IssueCredentialRequest"
+ },
+ "examples" : {
+ "Create a new credential" : {
+ "description" : "Create a new credential",
+ "value" : {
+ "application" : "catena-x",
+ "payload" : {
+ "issue" : {
+ "@context" : [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id" : "did:web:localhost:BPNL000000000000#a1f8ae36-9919-4ed8-8546-535280acc5bf",
+ "type" : [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer" : "did:web:localhost:BPNL000000000000",
+ "issuanceDate" : "2023-07-19T09:14:45Z",
+ "expirationDate" : "2023-09-30T18:30:00Z",
+ "credentialSubject" : {
+ "bpn" : "BPNL000000000001",
+ "id" : "did:web:localhost:BPNL000000000001",
+ "type" : "BpnCredential"
+ }
+ }
+ }
+ }
+ },
+ "Store credential for a holder" : {
+ "description" : "Store credential for a holder",
+ "value" : {
+ "application" : "catena-x-portal",
+ "payload" : {
+ "derive" : {
+ "verifiableCredential" : "eyJraWQiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyI2tleS0xIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJkZWdyZWVTdWIiLCJhdWQiOiJkaWQ6d2ViOmJkcnMtY2xpZW50IiwibmJmIjoxNzE4MzQzOTAzLCJpc3MiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyIiwiZXhwIjoxNzE4MzQzOTYzLCJpYXQiOjE3MTgzNDM5MDMsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzL3YxLjAuMCJdLCJpZCI6IjFmMzZhZjU4LTBmYzAtNGIyNC05YjFjLWUzN2Q1OTY2ODA4OSIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6d2ViOmNvbS5leGFtcGxlLmlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjEtMDYtMTZUMTg6NTY6NTlaIiwiZXhwaXJhdGlvbkRhdGUiOiIyMDk5LTA2LTE2VDE4OjU2OjU5WiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpiZHJzLWNsaWVudCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE5MMDAwMDAwMDAxIn19LCJqdGkiOiJlZDlhNjhkMS0yZjFkLTQxZjgtYWUwOS1hNDBhMTA2OTUwMTUifQ.tdLmrcQpGH-SGBpRpRmFX4AXQJx99uUhDOwuGtSejWkkQ2N_yNtEsoP93xDuBod_AY7zVqY4P_Ofdz-H4zE6nw"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "required" : true
+ },
+ "responses" : {
+ "200" : {
+ "description" : "JWT presentation",
+ "content" : {
+ "*/*" : {
+ "examples" : {
+ "Create a new credential" : {
+ "description" : "Create a new credential",
+ "value" : {
+ "id" : "1f36af58-0fc0-4b24-9b1c-e37d59668089"
+ }
+ },
+ "Store credential for a holder" : {
+ "description" : "Store credential for a holder",
+ "value" : {
+ "id" : "1f36af58-0fc0-4b24-9b1c-e37d59668089"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/api/sts" : {
+ "post" : {
+ "tags" : [
+ "APIs consumed by EDC"
+ ],
+ "summary" : "Create token with scope or with access token",
+ "description" : "Create token with scope or with access token \n this API will be used by EDCs while data transfer",
+ "operationId" : "createTokenWithScope",
+ "requestBody" : {
+ "content" : {
+ "application/json" : {
+ "schema" : {
+ "type" : "object",
+ "additionalProperties" : {
+ "type" : "object"
+ }
+ },
+ "examples" : {
+ "Create token with scope" : {
+ "description" : "Create token With scope",
+ "value" : {
+ "grantAccess" : {
+ "scope" : "read",
+ "credentialTypes" : [
+ "MembershipCredential"
+ ],
+ "consumerDid" : "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000000",
+ "providerDid" : "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000000"
+ }
+ }
+ },
+ "Create token with access token" : {
+ "description" : "Create token With access token",
+ "value" : {
+ "signToken" : {
+ "audience" : "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000000",
+ "subject" : "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000001",
+ "issuer" : "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000001",
+ "token" : "yJraWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjYzM5MzJmZjUtOGRhNC0zZGU5LWE5NDItNjIxMjVmMzk0ZTQxIiwidHlwIjoiSldUIiwiYWxnIjoiRVMyNTZLIn0.eyJhdWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwic3ViIjoiZGlkOndlYjpjNDY0LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwIiwibmJmIjoxNzE5NDc5NTcwLCJpc3MiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJleHAiOjE3MTk0Nzk4NzAsImlhdCI6MTcxOTQ3OTU3MCwianRpIjoiZThlNWZkNzYtMDA0OC00Y2E1LTgyMjgtOTNlZDA1MmFhYzMzIn0.Gmd7u0sOjVXde9nZeQlVbXo65xB1tZ2VBy6a1gZG-z9IrhdM0cZuXIaS2IUY3bydvQiWfYFU0ihkOYshnOGVeA"
+ }
+ }
+ }
+ }
+ }
+ },
+ "required" : true
+ },
+ "responses" : {
+ "200" : {
+ "description" : "JWT token created",
+ "content" : {
+ "application/json" : {
+ "examples" : {
+ "Created jwt token" : {
+ "description" : "Created jwt token",
+ "value" : {
+ "jwt" : "token"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/api/presentations/query" : {
+ "post" : {
+ "tags" : [
+ "APIs consumed by EDC"
+ ],
+ "summary" : "Query presentation ",
+ "description" : "Query presentation",
+ "operationId" : "queryPresentations",
+ "requestBody" : {
+ "content" : {
+ "application/json" : {
+ "schema" : {
+ "$ref" : "#/components/schemas/QueryPresentationRequest"
+ },
+ "examples" : {
+ "Create VP access token for membership VC" : {
+ "description" : "Create VP access token for membership VC",
+ "value" : {
+ "scope" : [
+ "org.eclipse.tractusx.vc.type:MembershipCredential:read"
+ ],
+ "@context" : [
+ "https://identity.foundation/presentation-exchange/submission/v1",
+ "https://w3id.org/tractusx-trust/v0.8"
+ ],
+ "@type" : "PresentationQueryMessage"
+ }
+ }
+ }
+ }
+ },
+ "required" : true
+ },
+ "responses" : {
+ "200" : {
+ "description" : "JWT presentation",
+ "content" : {
+ "*/*" : {
+ "examples" : {
+ "Created jwt token" : {
+ "description" : "Created jwt token",
+ "value" : {
+ "presentation" : [
+ "eyJraWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjYzM5MzJmZjUtOGRhNC0zZGU5LWE5NDItNjIxMjVmMzk0ZTQxIiwidHlwIjoiSldUIiwiYWxnIjoiRVMyNTZLIn0.eyJhdWQiOlsiZGlkOndlYjpjNDY0LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwIiwiZGlkOndlYjpjNDY0LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwIl0sImJwbiI6IkJQTkwwMDAwMDAwMDAwMDAiLCJzdWIiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJpc3MiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJ2cCI6eyJpZCI6ImRpZDp3ZWI6YzQ2NC0yMDMtMTI5LTIxMy0xMDcubmdyb2stZnJlZS5hcHA6QlBOTDAwMDAwMDAwMDAwMCNjNDAyYmRhOC0zMTEwLTQ5MGYtOWRkOS1lZjI3ZjFmNDEwM2UiLCJwcm9vZiI6eyJwcm9vZlB1cnBvc2UiOiJhc3NlcnRpb25NZXRob2QiLCJ0eXBlIjoiSnNvbldlYlNpZ25hdHVyZTIwMjAiLCJ2ZXJpZmljYXRpb25NZXRob2QiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjYzM5MzJmZjUtOGRhNC0zZGU5LWE5NDItNjIxMjVmMzk0ZTQxIiwiY3JlYXRlZCI6IjIwMjQtMDYtMjdUMDk6NTM6NDlaIiwiandzIjoiZXlKaGJHY2lPaUpGVXpJMU5rc2lmUS4ub0lmYWNXbU5kSDBpMVo0UzQ3MlBkczBTYkpBSGxSek90U2pGMTV1QWM3NHFaWVhkemZRRnZhcHFKT2xSMTFrblVDYkRjbFI3RDJJaUVBTjB0VUFTN2cifSwidHlwZSI6WyJWZXJpZmlhYmxlUHJlc2VudGF0aW9uIl0sIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlsiZXlKcmFXUWlPaUprYVdRNmQyVmlPbU0wTmpRdE1qQXpMVEV5T1MweU1UTXRNVEEzTG01bmNtOXJMV1p5WldVdVlYQndPa0pRVGt3d01EQXdNREF3TURBd01EQWpZek01TXpKbVpqVXRPR1JoTkMwelpHVTVMV0U1TkRJdE5qSXhNalZtTXprMFpUUXhJaXdpZEhsd0lqb2lTbGRVSWl3aVlXeG5Jam9pUlZNeU5UWkxJbjAuZXlKaGRXUWlPbHNpWkdsa09uZGxZanBqTkRZMExUSXdNeTB4TWprdE1qRXpMVEV3Tnk1dVozSnZheTFtY21WbExtRndjRHBDVUU1TU1EQXdNREF3TURBd01EQXdJaXdpWkdsa09uZGxZanBqTkRZMExUSXdNeTB4TWprdE1qRXpMVEV3Tnk1dVozSnZheTFtY21WbExtRndjRHBDVUU1TU1EQXdNREF3TURBd01EQXdJbDBzSW1Kd2JpSTZJa0pRVGt3d01EQXdNREF3TURBd01EQWlMQ0p6ZFdJaU9pSmthV1E2ZDJWaU9tTTBOalF0TWpBekxURXlPUzB5TVRNdE1UQTNMbTVuY205ckxXWnlaV1V1WVhCd09rSlFUa3d3TURBd01EQXdNREF3TURBaUxDSnBjM01pT2lKa2FXUTZkMlZpT21NME5qUXRNakF6TFRFeU9TMHlNVE10TVRBM0xtNW5jbTlyTFdaeVpXVXVZWEJ3T2tKUVRrd3dNREF3TURBd01EQXdNREFpTENKbGVIQWlPakUzTVRrME9ESXpNamtzSW1saGRDSTZNVGN4T1RRNE1qQXlPU3dpZG1NaU9uc2lRR052Ym5SbGVIUWlPbHNpYUhSMGNITTZMeTkzZDNjdWR6TXViM0puTHpJd01UZ3ZZM0psWkdWdWRHbGhiSE12ZGpFaUxDSm9kSFJ3Y3pvdkwzY3phV1F1YjNKbkwyTmhkR1Z1WVhndlkzSmxaR1Z1ZEdsaGJITXZkakV1TUM0d0lsMHNJbWxrSWpvaVpHbGtPbmRsWWpwak5EWTBMVEl3TXkweE1qa3RNakV6TFRFd055NXVaM0p2YXkxbWNtVmxMbUZ3Y0RwQ1VFNU1NREF3TURBd01EQXdNREF3SXpreVpHSXlOamRoTFRZM056SXRNMkZrTUMwNE16ZGhMVEprWVdFM1ptVmtPR013TnlJc0luUjVjR1VpT2xzaVZtVnlhV1pwWVdKc1pVTnlaV1JsYm5ScFlXd2lMQ0pOWlcxaVpYSnphR2x3UTNKbFpHVnVkR2xoYkNKZExDSnBjM04xWlhJaU9pSmthV1E2ZDJWaU9tTTBOalF0TWpBekxURXlPUzB5TVRNdE1UQTNMbTVuY205ckxXWnlaV1V1WVhCd09rSlFUa3d3TURBd01EQXdNREF3TURBaUxDSmpjbVZrWlc1MGFXRnNVM1ZpYW1WamRDSTZXM3NpYUc5c1pHVnlTV1JsYm5ScFptbGxjaUk2SWtKUVRrd3dNREF3TURBd01EQXdNREFpTENKcFpDSTZJbVJwWkRwM1pXSTZZelEyTkMweU1ETXRNVEk1TFRJeE15MHhNRGN1Ym1keWIyc3RabkpsWlM1aGNIQTZRbEJPVERBd01EQXdNREF3TURBd01DSjlYU3dpWTNKbFpHVnVkR2xoYkZOMFlYUjFjeUk2Ym5Wc2JDd2lhWE56ZFdGdVkyVkVZWFJsSWpvaU1qQXlOQzB3TmkweU4xUXdPVG8xTXpvME4xb2lMQ0psZUhCcGNtRjBhVzl1UkdGMFpTSTZJakl3TWpVdE1EWXRNamRVTURrNk5UTTZORGRhSWl3aWNISnZiMllpT25zaWNISnZiMlpRZFhKd2IzTmxJam9pWVhOelpYSjBhVzl1VFdWMGFHOWtJaXdpZEhsd1pTSTZJa3B6YjI1WFpXSlRhV2R1WVhSMWNtVXlNREl3SWl3aWRtVnlhV1pwWTJGMGFXOXVUV1YwYUc5a0lqb2laR2xrT25kbFlqcGpORFkwTFRJd015MHhNamt0TWpFekxURXdOeTV1WjNKdmF5MW1jbVZsTG1Gd2NEcENVRTVNTURBd01EQXdNREF3TURBd0kyTXpPVE15Wm1ZMUxUaGtZVFF0TTJSbE9TMWhPVFF5TFRZeU1USTFaak01TkdVME1TSXNJbU55WldGMFpXUWlPaUl5TURJMExUQTJMVEkzVkRBNU9qVXpPalEzV2lJc0ltcDNjeUk2SW1WNVNtaGlSMk5wVDJsS1JsVjZTVEZPYTNOcFpsRXVMbkI0V2xKQ2NYRkNjWGh5VVU1d1JtUk5Ua2RPVjJGRVZFSkZia3BLTTBaQ2MzcFlYMWhzVUdzMVJIaEllRjlhVTJka01sSXhUbXRIWW5kUGRXaG1TM0J6YXpoNVlVcGZOVzFJWlhoNFFuUmZWVWcyWlc1UkluMTlMQ0pxZEdraU9pSXhNV0ptWTJJM1pDMDJZV016TFRSbVptTXRZV1JsTXkwd00yWTNaR0V3T0daak1XSWlmUS5ud0pWNFlNYnlnLW1DUVRsaTd5cE1CaVZlRFRuUmE2bElzTlY1alluZXhLbzV2RGk2TEdsLXllR3ZiOF9pWkRqOHdvVlU5aGgwRF9tX1U3OXRtVVlwUSJdfSwiZXhwIjoxNzE5NDgyMzI5LCJpYXQiOjE3MTk0ODIwMjksImp0aSI6IjI1MjcyYjgxLWYxNDktNGNjZS05M2IwLWU5Mzg2MWIxNGY0MSJ9.ZGFfP1jhlRAmDxGcuyqpGq8j80-HhUgPcsyvavZzyFrSj7Zjwvssm7eMc6Poo7voUEHFfv2YG1K8hc_9XBm3Cg"
+ ],
+ "@context" : [
+ "https://w3id.org/tractusx-trust/v0.8"
+ ],
+ "@type" : "PresentationResponseMessage"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/api/dim/technical-user/{bpn}" : {
+ "post" : {
+ "tags" : [
+ "APIs consumed by Portal backend"
+ ],
+ "summary" : "Creates a technical user for the wallet of the given bpn.",
+ "description" : "Send clientId as BPN, clientSecret and OAuth back to portal backend.\n",
+ "operationId" : "createTechUser",
+ "parameters" : [
+ {
+ "name" : "bpn",
+ "in" : "path",
+ "required" : true,
+ "schema" : {
+ "type" : "string"
+ }
+ }
+ ],
+ "requestBody" : {
+ "content" : {
+ "application/json" : {
+ "schema" : {
+ "$ref" : "#/components/schemas/CreateTechUserRequest"
+ }
+ }
+ },
+ "required" : true
+ },
+ "responses" : {
+ "200" : {
+ "description" : "Ok"
+ }
+ }
+ }
+ },
+ "/api/dim/setup-dim" : {
+ "post" : {
+ "tags" : [
+ "APIs consumed by Portal backend"
+ ],
+ "summary" : "Create a new wallet",
+ "description" : "Create a new wallet with BPN and send the Did document back to portal backend. Everytime same wallet generated with bpn so same did document will be generated for a wallet.\n",
+ "operationId" : "setupDim",
+ "parameters" : [
+ {
+ "name" : "companyName",
+ "in" : "query",
+ "required" : false,
+ "schema" : {
+ "type" : "string"
+ }
+ },
+ {
+ "name" : "bpn",
+ "in" : "query",
+ "required" : false,
+ "schema" : {
+ "type" : "string"
+ }
+ },
+ {
+ "name" : "didDocumentLocation",
+ "in" : "query",
+ "required" : false,
+ "schema" : {
+ "type" : "string"
+ }
+ }
+ ],
+ "responses" : {
+ "201" : {
+ "description" : "Created"
+ }
+ }
+ }
+ },
+ "/api/v2.0.0/credentials/{credentialId}" : {
+ "patch" : {
+ "tags" : [
+ "APIs consumed by SSI Issuer component"
+ ],
+ "summary" : "Sign a credential / Revoke a credential",
+ "description" : "Credential already signed now it will send vc in response. | Revoke a credential will give static response.\n",
+ "operationId" : "signOrRevokeCredential",
+ "parameters" : [
+ {
+ "name" : "credentialId",
+ "in" : "path",
+ "required" : true,
+ "schema" : {
+ "type" : "string"
+ }
+ }
+ ],
+ "requestBody" : {
+ "content" : {
+ "application/json" : {
+ "schema" : {
+ "$ref" : "#/components/schemas/SignCredentialRequest"
+ },
+ "examples" : {
+ "Sign credential" : {
+ "description" : "Sign credential",
+ "value" : {
+ "sign" : {
+ "proofMechanism" : "external",
+ "proofType" : "jwt"
+ }
+ }
+ },
+ "Revoke credential" : {
+ "description" : "Revoke credential",
+ "value" : {
+ "payload" : {
+ "revoke" : true
+ }
+ }
+ }
+ }
+ }
+ },
+ "required" : true
+ },
+ "responses" : {
+ "200" : {
+ "description" : "JWT presentation",
+ "content" : {
+ "*/*" : {
+ "examples" : {
+ "Sign credential" : {
+ "description" : "Sign credential",
+ "value" : {
+ "jwt" : "eyJraWQiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyI2tleS0xIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJkZWdyZWVTdWIiLCJhdWQiOiJkaWQ6d2ViOmJkcnMtY2xpZW50IiwibmJmIjoxNzE4MzQzOTAzLCJpc3MiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyIiwiZXhwIjoxNzE4MzQzOTYzLCJpYXQiOjE3MTgzNDM5MDMsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzL3YxLjAuMCJdLCJpZCI6IjFmMzZhZjU4LTBmYzAtNGIyNC05YjFjLWUzN2Q1OTY2ODA4OSIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6d2ViOmNvbS5leGFtcGxlLmlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjEtMDYtMTZUMTg6NTY6NTlaIiwiZXhwaXJhdGlvbkRhdGUiOiIyMDk5LTA2LTE2VDE4OjU2OjU5WiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpiZHJzLWNsaWVudCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE5MMDAwMDAwMDAxIn19LCJqdGkiOiJlZDlhNjhkMS0yZjFkLTQxZjgtYWUwOS1hNDBhMTA2OTUwMTUifQ.tdLmrcQpGH-SGBpRpRmFX4AXQJx99uUhDOwuGtSejWkkQ2N_yNtEsoP93xDuBod_AY7zVqY4P_Ofdz-H4zE6nw"
+ }
+ },
+ "Revoke credential " : {
+ "description" : "Revoke credential ",
+ "value" : {}
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/{bpn}/did.json" : {
+ "get" : {
+ "tags" : [
+ "Resolve DID Document"
+ ],
+ "summary" : "Resolve the DID document for a given BPN",
+ "description" : "Resolve the DID document for a given BPN\n\n",
+ "operationId" : "getDocument",
+ "parameters" : [
+ {
+ "name" : "bpn",
+ "in" : "path",
+ "required" : true,
+ "schema" : {
+ "type" : "string"
+ }
+ }
+ ],
+ "responses" : {
+ "200" : {
+ "description" : "DID document",
+ "content" : {
+ "application/json" : {
+ "examples" : {
+ "DID document" : {
+ "description" : "DID document",
+ "value" : {
+ "service" : [
+ {
+ "id" : "https://localhost#credential-service",
+ "type" : "CredentialService",
+ "serviceEndpoint" : "https://localhost/api"
+ }
+ ],
+ "verificationMethod" : [
+ {
+ "id" : "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41",
+ "type" : "JsonWebKey2020",
+ "controller" : "did:web:localhost:BPNL000000000000",
+ "publicKeyJwk" : {
+ "kty" : "EC",
+ "use" : "sig",
+ "crv" : "secp256k1",
+ "x" : "NytYgtL_rte4EIXpb46e7pntJiPjH4l_pN1j1PVxkO8",
+ "y" : "99JkYiCOkBfb8qCncv_YWdHy3eZGAQojWbmaEDFwSlU"
+ }
+ }
+ ],
+ "authentication" : [
+ "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41"
+ ],
+ "id" : "did:web:localhost:BPNL000000000000",
+ "@context" : [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1",
+ "https://w3id.org/did-resolution/v1"
+ ]
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/api/v2.0.0/credentials/{externalCredentialId}" : {
+ "get" : {
+ "tags" : [
+ "APIs consumed by SSI Issuer component"
+ ],
+ "summary" : "Get a credential by external ID",
+ "description" : "Get a credential by external ID. It will work if vc is present in in-memory db.\n",
+ "operationId" : "getCredential",
+ "parameters" : [
+ {
+ "name" : "externalCredentialId",
+ "in" : "path",
+ "required" : true,
+ "schema" : {
+ "type" : "string"
+ }
+ }
+ ],
+ "responses" : {
+ "200" : {
+ "description" : "Get credential",
+ "content" : {
+ "*/*" : {
+ "examples" : {
+ "Get credential" : {
+ "description" : "Get credential",
+ "value" : {
+ "verifiableCredential" : "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwI2MzOTMyZmY1LThkYTQtM2RlOS1hOTQyLTYyMTI1ZjM5NGU0MSIsInR5cCI6IkpXVCIsImFsZyI6IkVTMjU2SyJ9.eyJhdWQiOlsiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCIsImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDEiXSwiYnBuIjoiQlBOTDAwMDAwMDAwMDAwMSIsInN1YiI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiZXhwIjoxNzE5ODA5NTQ1LCJpYXQiOjE3MTk4MDkyNDUsInZjIjp7Imlzc3VhbmNlRGF0ZSI6IjIwMjMtMDctMTlUMDk6MTQ6NDVaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYnBuIjoiQlBOTDAwMDAwMDAwMDAwMSIsImlkIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMSIsInR5cGUiOiJCcG5DcmVkZW50aWFsIn0sImlkIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCMxOWNiNjU2Mi1iYWM3LTNkYzMtYWFmNi00NjEyZTM0OWEwMTEiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiQnBuQ3JlZGVudGlhbCJdLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY2F0ZW5heC1uZy5naXRodWIuaW8vcHJvZHVjdC1jb3JlLXNjaGVtYXMvYnVzaW5lc3NQYXJ0bmVyRGF0YS5qc29uIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwiaXNzdWVyIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCIsImV4cGlyYXRpb25EYXRlIjoiMjAyMy0wOS0zMFQxODozMDowMFoifSwianRpIjoiYjcyMWY0NjMtMzM3Yi00MzBhLTkzMDktNjZlNzBjMjNkNTZiIn0._mGVXN4ublBx0-r0lG7_2tSGzwIlhjTWtx-ZFcQMmg4Q9pvF-RnbSDZ0vJLfvWv9egVtFSPE9oqbChCLXVg21g",
+ "credential" : {
+ "issuanceDate" : "2023-07-19T09:14:45Z",
+ "credentialSubject" : {
+ "bpn" : "BPNL000000000001",
+ "id" : "did:web:localhost:BPNL000000000001",
+ "type" : "BpnCredential"
+ },
+ "id" : "did:web:localhost:BPNL000000000000#19cb6562-bac7-3dc3-aaf6-4612e349a011",
+ "type" : [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context" : [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer" : "did:web:localhost:BPNL000000000000",
+ "expirationDate" : "2023-09-30T18:30:00Z"
+ },
+ "revocationStatus" : "false",
+ "signing_key_id" : "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/api/dim/status-list/{bpn}/{vcId}" : {
+ "get" : {
+ "tags" : [
+ "Status list credential"
+ ],
+ "summary" : "it works for only issuer",
+ "description" : "Gets the status list for the given company\n",
+ "operationId" : "getStatusListVc",
+ "parameters" : [
+ {
+ "name" : "bpn",
+ "in" : "path",
+ "required" : true,
+ "schema" : {
+ "type" : "string"
+ }
+ },
+ {
+ "name" : "vcId",
+ "in" : "path",
+ "required" : true,
+ "schema" : {
+ "type" : "string"
+ }
+ }
+ ],
+ "responses" : {
+ "200" : {
+ "description" : "Status List VC document",
+ "content" : {
+ "*/*" : {
+ "examples" : {
+ "Status List VC" : {
+ "description" : "Status List VC",
+ "value" : {
+ "credentialSubject" : {
+ "statusPurpose" : "revocation",
+ "type" : "StatusList2021Credential",
+ "encodedList" : "H4sIAAAAAAAA/+3BAQ0AAADCoErvn87NHEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3AD/hHvP//8BAA=="
+ },
+ "issuanceDate" : "2024-07-01T05:03:16Z",
+ "id" : "did:web:localhost:BPNL000000000000#8a6c7486-1e1f-4555-bdd2-1a178182651e",
+ "type" : [
+ "VerifiableCredential",
+ "StatusList2021Credential"
+ ],
+ "@context" : [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/catenax/credentials/v1.0.0"
+ ],
+ "issuer" : "did:web:localhost:BPNL000000000000",
+ "expirationDate" : "2025-07-01T05:03:16Z"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "components" : {
+ "schemas" : {
+ "TokenRequest" : {
+ "type" : "object",
+ "properties" : {
+ "client_id" : {
+ "type" : "string"
+ },
+ "client_secret" : {
+ "type" : "string"
+ },
+ "grant_type" : {
+ "type" : "string"
+ }
+ }
+ },
+ "CredentialPayload" : {
+ "type" : "object",
+ "properties" : {
+ "issue" : {
+ "type" : "object",
+ "additionalProperties" : {
+ "type" : "object"
+ }
+ },
+ "derive" : {
+ "$ref" : "#/components/schemas/StoreRequestDerive"
+ }
+ }
+ },
+ "IssueCredentialRequest" : {
+ "type" : "object",
+ "properties" : {
+ "application" : {
+ "type" : "string"
+ },
+ "payload" : {
+ "$ref" : "#/components/schemas/CredentialPayload"
+ }
+ }
+ },
+ "StoreRequestDerive" : {
+ "type" : "object",
+ "properties" : {
+ "verifiableCredential" : {
+ "type" : "string"
+ }
+ }
+ },
+ "QueryPresentationRequest" : {
+ "type" : "object",
+ "properties" : {
+ "scope" : {
+ "type" : "array",
+ "items" : {
+ "type" : "string"
+ }
+ },
+ "@context" : {
+ "type" : "array",
+ "items" : {
+ "type" : "string",
+ "format" : "uri"
+ }
+ },
+ "@type" : {
+ "type" : "string"
+ }
+ }
+ },
+ "CreateTechUserRequest" : {
+ "type" : "object",
+ "properties" : {
+ "externalId" : {
+ "type" : "string"
+ },
+ "name" : {
+ "type" : "string"
+ }
+ }
+ },
+ "Payload" : {
+ "type" : "object",
+ "properties" : {
+ "revoke" : {
+ "type" : "boolean"
+ }
+ }
+ },
+ "Sign" : {
+ "type" : "object",
+ "properties" : {
+ "proofType" : {
+ "type" : "string"
+ },
+ "proofMechanism" : {
+ "type" : "string"
+ }
+ }
+ },
+ "SignCredentialRequest" : {
+ "type" : "object",
+ "properties" : {
+ "sign" : {
+ "$ref" : "#/components/schemas/Sign"
+ },
+ "payload" : {
+ "$ref" : "#/components/schemas/Payload"
+ }
+ }
+ }
+ },
+ "securitySchemes" : {
+ "Authenticate using access_token" : {
+ "type" : "apiKey",
+ "description" : "**Bearer (apiKey)**\nJWT Authorization header using the Bearer scheme.\nEnter **Bearer** [space] and then your token in the text input below.\nExample: Bearer access_token\n",
+ "name" : "Authorization",
+ "in" : "header"
+ }
+ }
+ }
+}
diff --git a/docs/architecture/images/1.png b/docs/architecture/images/1.png
new file mode 100644
index 0000000..6509943
Binary files /dev/null and b/docs/architecture/images/1.png differ
diff --git a/docs/architecture/images/2.png b/docs/architecture/images/2.png
new file mode 100644
index 0000000..6509943
Binary files /dev/null and b/docs/architecture/images/2.png differ
diff --git a/docs/architecture/images/3.png b/docs/architecture/images/3.png
new file mode 100644
index 0000000..f3cd5f4
Binary files /dev/null and b/docs/architecture/images/3.png differ
diff --git a/docs/architecture/images/4.png b/docs/architecture/images/4.png
new file mode 100644
index 0000000..9706da4
Binary files /dev/null and b/docs/architecture/images/4.png differ
diff --git a/docs/architecture/images/5.png b/docs/architecture/images/5.png
new file mode 100644
index 0000000..cd466ec
Binary files /dev/null and b/docs/architecture/images/5.png differ
diff --git a/docs/architecture/images/6.png b/docs/architecture/images/6.png
new file mode 100644
index 0000000..7b44c6e
Binary files /dev/null and b/docs/architecture/images/6.png differ
diff --git a/docs/architecture/images/7.png b/docs/architecture/images/7.png
new file mode 100644
index 0000000..ba36285
Binary files /dev/null and b/docs/architecture/images/7.png differ
diff --git a/docs/architecture/images/8.png b/docs/architecture/images/8.png
new file mode 100644
index 0000000..243ab1f
Binary files /dev/null and b/docs/architecture/images/8.png differ
diff --git a/docs/architecture/images/9.png b/docs/architecture/images/9.png
new file mode 100644
index 0000000..cd79671
Binary files /dev/null and b/docs/architecture/images/9.png differ
diff --git a/docs/architecture/images/did.png b/docs/architecture/images/did.png
new file mode 100644
index 0000000..85c590c
Binary files /dev/null and b/docs/architecture/images/did.png differ
diff --git a/docs/architecture/images/get_creds.png b/docs/architecture/images/get_creds.png
new file mode 100644
index 0000000..50a0d17
Binary files /dev/null and b/docs/architecture/images/get_creds.png differ
diff --git a/docs/architecture/images/interfaces.png b/docs/architecture/images/interfaces.png
new file mode 100644
index 0000000..0cbbbee
Binary files /dev/null and b/docs/architecture/images/interfaces.png differ
diff --git a/docs/architecture/images/issue_cred.png b/docs/architecture/images/issue_cred.png
new file mode 100644
index 0000000..0b973b5
Binary files /dev/null and b/docs/architecture/images/issue_cred.png differ
diff --git a/docs/architecture/images/quality_tree.png b/docs/architecture/images/quality_tree.png
new file mode 100644
index 0000000..6350b89
Binary files /dev/null and b/docs/architecture/images/quality_tree.png differ
diff --git a/docs/architecture/images/query.png b/docs/architecture/images/query.png
new file mode 100644
index 0000000..3bee8f1
Binary files /dev/null and b/docs/architecture/images/query.png differ
diff --git a/docs/architecture/images/setup-dim.png b/docs/architecture/images/setup-dim.png
new file mode 100644
index 0000000..a909d5d
Binary files /dev/null and b/docs/architecture/images/setup-dim.png differ
diff --git a/docs/architecture/images/sign_cred.png b/docs/architecture/images/sign_cred.png
new file mode 100644
index 0000000..c791a66
Binary files /dev/null and b/docs/architecture/images/sign_cred.png differ
diff --git a/docs/architecture/images/status_list.png b/docs/architecture/images/status_list.png
new file mode 100644
index 0000000..34a3230
Binary files /dev/null and b/docs/architecture/images/status_list.png differ
diff --git a/docs/architecture/images/sts.png b/docs/architecture/images/sts.png
new file mode 100644
index 0000000..9032f0a
Binary files /dev/null and b/docs/architecture/images/sts.png differ
diff --git a/docs/architecture/images/system_scope.png b/docs/architecture/images/system_scope.png
new file mode 100644
index 0000000..1dc93cf
Binary files /dev/null and b/docs/architecture/images/system_scope.png differ
diff --git a/docs/architecture/images/tech-user.png b/docs/architecture/images/tech-user.png
new file mode 100644
index 0000000..5dbbeb3
Binary files /dev/null and b/docs/architecture/images/tech-user.png differ
diff --git a/docs/architecture/images/use_case.png b/docs/architecture/images/use_case.png
new file mode 100644
index 0000000..66c6010
Binary files /dev/null and b/docs/architecture/images/use_case.png differ
diff --git a/docs/architecture/main.md b/docs/architecture/main.md
new file mode 100644
index 0000000..36afcd4
--- /dev/null
+++ b/docs/architecture/main.md
@@ -0,0 +1,1302 @@
+# **About arc42**
+
+arc42, the template for documentation of software and system architecture.
+
+Template Version 8.1 EN. (based upon AsciiDoc version), May 2022
+
+Created, maintained, and Š by Dr. Peter Hruschka, Dr. Gernot Starke, and contributors.
+See <[https://arc42.org](https://arc42.org)
+
+# **Introduction and Goals**
+
+This document describes the Wallet Stub, which is used to replace some functionalities of a real wallet implementation.
+It provides a set of mocked Restful API resources that can be used for testing and development purposes.
+
+### **Initial Situation from Business View**
+
+Currently the SSI Credential Issuer component depends on a configured wallet in order to start running and execute a
+sequence of steps to issue or revoke a credential. As the usage of a real wallet is not always possible and the
+component has to be tested, it became essential to create a stub wallet allowing the component to execute required API
+calls.
+
+There are similar dependencies of Portal and the EDC with the wallet component, and those dependencies also have to be
+addressed with the stub wallet for E2E and integration test while preparing the new landing zones for the release 24.05.
+
+The following goes have been established for the Wallet Stub:
+
+| **Functionality** | **Description** |
+|-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Wallet | Creation of mocked resources for the following endpoints:
* /credentials \[Post\]
* /credentials/{credentialId} \[Patch, GET\]
These endpoints are used to create, sign, store, and revoke a credential. |
+| DID | Creation of mocked resources for the following endpoints:
* /{bpn}/did.json \[GET\] |
+| Portal | Creation of mocked resources for the following endpoints:
* /dim/setup-dim \[Post\]
* /dim/technical-user/{bpn} \[Post\] |
+| Token | Creation of mocked resources for the following endpoints:
* /oauth/token \[Post\] |
+| EDC | Creation of mocked resources for the following endpoints:
* /api/sts \[Post\]
* /api/presentations/query \[Post\] |
+
+### Core Functionalities
+
+1. Create, sign, store, revoke, and get credential
+
+2. Request DID document
+
+3. Create tech user
+
+4. Request Status List
+
+5. Create access token, Create token with and without scope
+
+6. Request Verifiable Presentations
+
+### Integration Goals
+
+The wallet stub service is independent of any other service. The primary goal is that all components and systems can
+interact with the wallet stub and simulate the required resources. Dev Ops teams, developers and testers can make use of
+it in order to validate environments that depend on such service.
+
+### **Cross-cutting Concepts**
+
+**Service stubs:** Service stubs are simulations of an actual service, which can be used to functionally replace the
+service in a test environment. A stub server replaces the actual application server.
+
+From the point of view of the client application, the service stub looks identical to the actual service that it
+simulates. To use a service stub in replacement of the actual service, you must be able to replace the URL of the
+original service in the client application with the URL of the stub server.
+
+**Mocks:** programmable interface observers, that verifies outputs against expectations defined by the test. It is
+frequently created using a third party library, for example in Java that is Mockito, JMock or WireMock.
+
+**Virtual service:** a test double often provided as a Software-as-a-Service (SaaS), is always called remotely, and is
+never working in-process directly with methods or functions. A virtual service is often created by recording traffic
+using one of the service virtualization platforms instead of building the interaction pattern from scratch based on
+interface or API documentation.
+
+### **Business Solution Target Group**
+
+1. Portal
+
+2. Issuer Component
+
+3. EDC
+
+### **Challenges**
+
+* **Unknown full scope**: The full scope of the expectations from the stub service is at this point unclear. So far the
+ minimum requirement to address is enabling the dependent microservices to deploy and pass the E2E tests. However, the
+ business logic of multiple services outside of this scope might be too complex and error-prone for simulation. We have
+ to define a minimum viable stub and continue delivering if there is any necessity or further requirement. Currently
+ only `type:MembershipCredential` and `type:BPNCredential` are supported.
+
+* **Security:** Security features such as authentication, authorization, and data encryption must also be simulated with
+ the stub service.
+
+* **Case coverage:** The stub service must pass comprehensive test coverage across all microservices, excluding edge
+ cases and ânot happyâ scenarios.
+
+* **Data Consistency:** Deployment of dependent microservices is persistent and they keep logs and DB entries. The
+ returns of the stub service must be consistent, disregarding the overall software component architecture (i.e., design
+ choices around in-memory vs database), even when the stub service has to restart.
+
+* **Maintenance:** The service must be maintained with further breaking changes to the wallet service. In the near
+ future, those include the IATP issuance flow implementation.
+
+### **Benefit Hypothesis & Problem Statement**
+
+Benefits of the stub service are:
+
+* Fully managed and maintained by Open source community
+
+* Eclipse tractus-X can deploy the microservices that depends on a wallet to be deployed
+
+* Deployed microservices can be tested with the wallet stub
+
+### **Requirements Overview**
+
+After the deployment of this service, the below requirements shall be fulfilled:
+
+1. Creation of a wallet (Portal)
+
+2. Request a DID document (Portal)
+
+3. Create, sign, store, get, and revoke a credential (Issuer Component)
+
+4. Token creation (EDC / âĻ)
+
+5. Request for a status list (EDC/BDRS)
+
+6. Create a tech user (Portal)
+
+7. Create Verifiable Presentation (EDC)
+
+The service contains a set of mocked resources that simulate all above requirements. All of them must succeed when
+requested. At the moment simulation of errors are partially covered.
+
+**Quality Goals**
+
+1. All endpoints can be successfully executed
+
+2. No errors are expected
+
+3. Sonar Quality Gate should be passed
+
+4. No issues in code scanning (Trivy/Vera)
+
+5. Unit test coverage shall be more than 80%
+
+**Quality Tree**
+
+
+
+ Plant UML
+
+ ```plantuml
+ @startmindmap
+*Wallet Stub
+** Performance
+*** API response time
+*** Network latency
+** Availability
+*** In memory storage
+*** Horizontal scalability
+** Usability
+*** Simple API interface
+*** API documentation
+** Security
+*** Mock for Oauth Access Token
+*** Attribute-based authorization
+** Consistency
+*** Consistent response for wallet generation
+*** Consistent response for VCs/VPs
+*** Consistes response for Status List VC
+*** Consistent response for Oauth and SI tokens
+@endmindmap
+ ```
+
+
+
+### **Stakeholders**
+
+* **Development Team:** Responsible for implementing the integration.
+
+* **Security Team:** Ensures the security of the key management solution.
+
+* **Operations Team:** Manages the deployment and ongoing operation of the integrated system.
+
+### **Architecture Constraints**
+
+* The wallet stub can be deployed as a docker image, e.g., on Kubernetes (platform-independent, cloud, on-premise, or
+ local)
+
+* It should be horizontally scalable
+
+* Data will be stored in-memory storage. However, each time when a VP request is made, a VC is created as well. The
+ persistence of signing keys is achieved via creating the keys with seeds derived from the BPN or the issuer and
+ holder.
+
+* Token based authentication - there will be no roles assigned for the tokens but each token is unique due to
+ differenciation with BPN and issuance date and expiry date. Tokens can be generated on demand.
+
+* Only happy cases are covered - there will be no stubbing for unhappy cases
+
+### **Roles Rights Management**
+
+Token based authentication - for each BPN a different OAuth token can be created on
+demand (`clientId and secret == BPN`).
+
+### Use case diagram:
+
+**Note:** Create wallet also creates technical user. Meintion it during the API spec. Revocation is mock only it doesnât
+change the status but deliver success message back to issuer component.
+
+
+
+
+ Plant UML
+
+ ```plantuml
+ @startuml
+left to right direction
+actor "Portal" as portal
+actor "Issuer Component" as issuer
+actor "EDC" as edc
+
+rectangle "Wallet Stub" {
+ usecase "Create Tech User" as UC1
+ usecase "Create Wallet" as UC2
+ usecase "Create new Credential" as UC3
+ usecase "Sign Credential" as UC11
+ usecase "Get Credential" as UC12
+ usecase "Store Credential" as UC4
+ usecase "Revoke Credential" as UC5
+ usecase "Get Status List" as UC6
+ usecase "Get OAuth Token" as UC7
+ usecase "Get SI token with Scope" as UC8
+ usecase "Get SI token without Scope" as UC9
+ usecase "Query credential presentations" as UC10
+}
+portal --> UC1
+portal --> UC2
+issuer --> UC3
+issuer --> UC11
+issuer --> UC12
+issuer --> UC4
+issuer --> UC5
+issuer --> UC7
+portal --> UC7
+edc --> UC6
+edc --> UC7
+edc --> UC8
+edc --> UC9
+edc --> UC10
+@enduml
+ ```
+
+
+
+# **System Scope and Context**
+
+
+
+
+ Plant UML
+
+ ```plantuml
+@startuml
+!define RECTANGLE_ANTIALIASED true
+skinparam defaultFontName Arial
+skinparam rectangle {
+ BackgroundColor<< Backend >> White
+ BackgroundColor<< Issuer >> White
+ BackgroundColor<< Wallet >> White
+ BackgroundColor<< EDC >> White
+ BackgroundColor<< BDRS >> White
+}
+
+rectangle "Portal Backend" << Backend >> as PortalBackend
+rectangle "Issuer Component" << Issuer >> as IssuerComponent
+rectangle "SSI DIM Wallet Stub" << Wallet >> as WalletStub
+rectangle "EDC (as a Service)" << EDC >> as EDCService
+rectangle "BDRS" << BDRS >> as BDRSService
+
+PortalBackend --> WalletStub : Setup DJM\nCreate Tech User
+IssuerComponent --> WalletStub : Create Credentials\nSign Credentials\nStore Credentials
+WalletStub --> EDCService : Query Presentation\nStatusList\nSTS
+EDCService --> WalletStub : Query\nStatusList
+EDCService --> BDRSService : Present VP
+EDCService --> EDCService : Catalog Request to other EDC
+@enduml
+ ```
+
+
+
+
+## **Business Context**
+
+1. Portal <> Wallet Stub:
+
+ 1. CX-Operator onboards business partner that will create a wallet for them. It automatically creates a tech user in
+ return.
+
+ 2. CX-Operator creates optionally (and additionally) technical user without creating a new wallet.
+
+ 3. CX-Operator (Frontend) can revoke a credential. A success post will return without changing the Status List VC (
+ static)
+
+2. Issuer Component <> Wallet Stub:
+
+ 1. CX-Operator creates a new credential template related to a business partner. It returns a credentialID.
+
+ 2. CX-Operator requests signature for a credentialID. Signed credential is returned.
+
+ 3. CX-Operator requests storage of the signed credential in the corresponding wallet.
+
+3. EDC <> Wallet Stub:
+
+ 1. EDC requests creation of an SI token with Scope to use it for itself, i.e., accessing BDRS with Membership VP.
+
+ 2. EDC (Data Provider) requests creation of an SI token without Scope using the access token from STS (Data
+ Consumer) to share with another EDC (Data Consumer), i.e., for catalog request.
+
+ 3. Any EDC requests creation of a VP using either SI token with or without Scope for the abovementioned usecases.
+
+ 4. EDC / BDRS requests VC Status List from the issuer wallet.
+
+## **Technical Context**
+
+| **Topic** | **Tech. stack** |
+|-----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Backend | Java version 17 with Sprint Boot 3.2.6 |
+| Storage | In-Memory |
+| Role Management | Token-based (JWT), attribute-based (BPN) |
+| DevOps | Docker, ArgoCD, Kubernetes |
+| Infra | SonarCloud, Trivy Scan |
+| Version Control | GitHub |
+| Other Lib | Swagger Open API, SSI Agent, Lombok, org.eclipse.edc:verifiable-credentials-api:0.7.0, org.eclipse.edc:identity-trust-sts-api, org.eclipse.edc:crypto-common-lib |
+
+# **Interfaces**
+
+Wallet stub service offers external interfaces for issuer component, portal, and EDC.
+
+
+
+**POST Token**
+
+Create OAuth token to access wallet APIs.
+
+Request Body:
+
+```shell
+curl --location 'http://localhost:8080/oauth/token' \
+--header 'accept: application/json' \
+--header 'Content-Type: application/x-www-form-urlencoded' \
+--data-urlencode 'client_id=BPNL000000000000' \
+--data-urlencode 'client_secret=BPNL000000000000' \
+--data-urlencode 'grant_type=string'
+```
+
+Response Body:
+
+```json
+{
+ "access_token": "JWT",
+ "token_type": "Bearer",
+ "expires_in": "int",
+ "refresh_expires_in": "int",
+ "not-before-policy": "int",
+ "scope": "string"
+}
+```
+
+### POST Setup Dim - Portal
+
+
+
+This API is used to create a wallet and DID document. It waits for 60 seconds before creating the tech user.
+Currently `externalId == BPN` but if the wallet stub is connected to a Keycloak, an `externalId` from Keycloak can be
+passed to order the BPN.
+
+Request Parameter:
+
+```
+"companyName": "string"
+"bpn": "string"
+"didDocumentLocation": "string"
+```
+
+Response Body:
+201 Success with no content
+
+After 60 second Stub app will call portal-backend `/api/administration/registration/dim/{bpn}`
+
+Request Parameter:
+
+```json
+{
+ "did": "did:web:localhost:BPNL000000000000",
+ "didDocument": {
+ "service": [
+ {
+ "id": "http://localhost#credential-service",
+ "type": "CredentialService",
+ "serviceEndpoint": "http://localhost/api"
+ }
+ ],
+ "verificationMethod": [
+ {
+ "id": "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41",
+ "type": "JsonWebKey2020",
+ "controller": "did:web:localhost:BPNL000000000000",
+ "publicKeyJwk": {
+ "kty": "EC",
+ "use": "sig",
+ "crv": "secp256k1",
+ "x": "NytYgtL_rte4EIXpb46e7pntJiPjH4l_pN1j1PVxkO8",
+ "y": "99JkYiCOkBfb8qCncv_YWdHy3eZGAQojWbmaEDFwSlU"
+ }
+ }
+ ],
+ "authentication": [
+ "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41"
+ ],
+ "id": "did:web:localhost:BPNL000000000000",
+ "@context": [
+ "https://www.w3.org/ns/did/v1"
+ ]
+ },
+ "authenticationDetails": {
+ "authenticationServiceUrl": "http://localhost/oauth/token",
+ "clientSecret": "BPNL000000000000",
+ "clientID": "BPNL000000000000"
+ }
+}
+````
+
+Response Body:
+200 Success with no content
+
+### POST Create Technical User - Portal
+
+
+
+This API creates a tech user for an existing BPN. It also can take `externalId` and `name` as request body to order the
+tech user for Keycloak.
+
+Request Parameter:
+
+```
+"bpn": "string"
+```
+
+Request Body:
+
+```json
+{
+ "externalId": "string",
+ "name": "string"
+}
+```
+
+Response Body:
+
+200 OK
+
+After 60 second Stub app will call
+portal-backend [callback url](/api/administration/serviceAccount/callback/{externalId})
+
+Request Parameter:
+
+```
+{
+ "authenticationServiceUrl": "stubHost/api/token",
+ "clientId": "string", //--> currently BPN
+ "clientSecret": "string" //--> currentlyBPN
+}
+```
+
+Response Body:
+200 Success with no content
+
+### POST Credentials - Issuer Component
+
+
+
+Can be used for creating a credential (without signing) and if it is a signed credential, it is used to store the
+credential in the corresponding wallet. The business logic depends on the request body.
+
+**Create New Credential**
+
+The following request body results in creating a credential and returns a `credentialID` as a response.
+
+Request Body:
+
+```json
+{
+ "application": "catena-x",
+ "payload": {
+ "issue": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#a1f8ae36-9919-4ed8-8546-535280acc5bf",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:14:45Z",
+ "expirationDate": "2023-09-30T18:30:00Z",
+ "credentialSubject": {
+ "bpn": "BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001",
+ "type": "BpnCredential"
+ }
+ }
+ }
+}
+```
+
+Response Body:
+
+200 Success
+
+```json
+{
+ "id": "string"
+}
+```
+
+**Store Credential for Holder**
+
+The following request body results in storing a signed Verifiable Credential for the holder of the VC. It returns
+a `credentialId` as a response.
+
+Request Body:
+
+```json
+{
+ "application": "catena-x-portal",
+ "payload": {
+ "derive": {
+ "verifiableCredential": "eyJraWQiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyI2tleS0xIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJkZWdyZWVTdWIiLCJhdWQiOiJkaWQ6d2ViOmJkcnMtY2xpZW50IiwibmJmIjoxNzE4MzQzOTAzLCJpc3MiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyIiwiZXhwIjoxNzE4MzQzOTYzLCJpYXQiOjE3MTgzNDM5MDMsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzL3YxLjAuMCJdLCJpZCI6IjFmMzZhZjU4LTBmYzAtNGIyNC05YjFjLWUzN2Q1OTY2ODA4OSIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6d2ViOmNvbS5leGFtcGxlLmlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjEtMDYtMTZUMTg6NTY6NTlaIiwiZXhwaXJhdGlvbkRhdGUiOiIyMDk5LTA2LTE2VDE4OjU2OjU5WiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpiZHJzLWNsaWVudCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE5MMDAwMDAwMDAxIn19LCJqdGkiOiJlZDlhNjhkMS0yZjFkLTQxZjgtYWUwOS1hNDBhMTA2OTUwMTUifQ.tdLmrcQpGH-SGBpRpRmFX4AXQJx99uUhDOwuGtSejWkkQ2N_yNtEsoP93xDuBod_AY7zVqY4P_Ofdz-H4zE6nw"
+ }
+ }
+}
+```
+
+Response Body:
+200 OK
+
+```json
+{
+ "id": "string"
+}
+```
+
+### PATCH Credentials - Issuer Component
+
+
+
+For signing and revoking (depending on the query parameter / request body)
+
+**Sign Credential**
+
+The following query parameter and request body results in signing a credential and making it a Verifiable Credential.
+
+Query Parameter:
+
+```
+"credentialId": "string"
+```
+
+Request Body:
+
+```json
+{
+ "sign": {
+ "proofMechanism": "external",
+ "proofType": "jwt"
+ }
+}
+```
+
+Response Body:
+
+200 OK
+
+```json
+{
+ "jwt": "string"
+}
+```
+
+**Revoke Credential**
+
+The following query parameter and request body results in revoking a VC
+
+Query Parameter:
+
+```
+"credentialId": "string"
+```
+
+Request Body:
+
+```json
+{
+ "payload": {
+ "revoke": true
+ }
+}
+```
+
+Response Body:
+
+200 OK
+
+### GET Credentials - Issuer Component
+
+
+
+This API results in getting a VC by `credentialId`.
+
+Query Parameter:
+
+```
+"externalCredentialId": "string"
+```
+
+Response Body:
+
+200 OK
+
+```json
+{
+ "verifiableCredential": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwI2MzOTMyZmY1LThkYTQtM2RlOS1hOTQyLTYyMTI1ZjM5NGU0MSIsInR5cCI6IkpXVCIsImFsZyI6IkVTMjU2SyJ9.eyJhdWQiOlsiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCIsImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDEiXSwiYnBuIjoiQlBOTDAwMDAwMDAwMDAwMSIsInN1YiI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiZXhwIjoxNzE5ODA5NTQ1LCJpYXQiOjE3MTk4MDkyNDUsInZjIjp7Imlzc3VhbmNlRGF0ZSI6IjIwMjMtMDctMTlUMDk6MTQ6NDVaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYnBuIjoiQlBOTDAwMDAwMDAwMDAwMSIsImlkIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMSIsInR5cGUiOiJCcG5DcmVkZW50aWFsIn0sImlkIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCMxOWNiNjU2Mi1iYWM3LTNkYzMtYWFmNi00NjEyZTM0OWEwMTEiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiQnBuQ3JlZGVudGlhbCJdLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY2F0ZW5heC1uZy5naXRodWIuaW8vcHJvZHVjdC1jb3JlLXNjaGVtYXMvYnVzaW5lc3NQYXJ0bmVyRGF0YS5qc29uIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwiaXNzdWVyIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCIsImV4cGlyYXRpb25EYXRlIjoiMjAyMy0wOS0zMFQxODozMDowMFoifSwianRpIjoiYjcyMWY0NjMtMzM3Yi00MzBhLTkzMDktNjZlNzBjMjNkNTZiIn0._mGVXN4ublBx0-r0lG7_2tSGzwIlhjTWtx-ZFcQMmg4Q9pvF-RnbSDZ0vJLfvWv9egVtFSPE9oqbChCLXVg21g",
+ "credential": {
+ "issuanceDate": "2023-07-19T09:14:45Z",
+ "credentialSubject": {
+ "bpn": "BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001",
+ "type": "BpnCredential"
+ },
+ "id": "did:web:localhost:BPNL000000000000#19cb6562-bac7-3dc3-aaf6-4612e349a011",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2023-09-30T18:30:00Z"
+ },
+ "revocationStatus": "false",
+ "signing_key_id": "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41"
+}
+```
+
+**Note**: `credentialID == externalCredentialId`
+
+### POST STS - EDC
+
+
+
+Depending on the request body, this API either creates an STS for self-usage (with Scope) or for the the provider EDC to
+create SI token for querying presentation (without scope).
+
+**Create Token with Scope**
+
+Is used by Data Consumer for VPP or when accessing services that require VPs such as BDRS. In case of VPP `providerDid`
+is the DID of the data provider. If it is used for accessing services such as BDRS, `providerDid` and `consumerDid` are
+the same.
+
+Request Body:
+
+```json
+{
+ "grantAccess": {
+ "scope": "read",
+ "credentialTypes": [
+ "MembershipCredential"
+ ],
+ "consumerDid": "did:web:localhost:BPNL000000000000",
+ "providerDid": "did:web:localhost:BPNL000000000000"
+ }
+}
+```
+
+Response Body:
+
+200 OK
+
+```json
+{
+ "jwt": "string"
+}
+```
+
+**Create Token without Scope**
+
+Is used by data provider after getting the SI token that contains the access token with scopes from the data provider.
+The provider EDC extracts the access token and wraps it into a new SI token.
+
+Request Body:
+
+```json
+{
+ "signToken": {
+ "audience": "DID Data Consumer",
+ "subject": "DID Data Provider",
+ "issuer": "DID Data Provider",
+ "token": "Access Token Data Consumer"
+ }
+}
+```
+
+Response Body:
+
+200 OK
+
+```json
+{
+ "jwt": "string"
+}
+```
+
+### POST Query Presentations - EDC
+
+
+
+This API is responsible for creating Verifiable Presentations based on the scope and tokens being passed. For the scope
+of the stub service, only `type:MembershipCredential` and `type:BpnCredential` are supported.
+
+Request Body:
+
+```json
+{
+ "scope": [
+ "org.eclipse.tractusx.vc.type:MembershipCredential:read"
+ ],
+ "@context": [
+ "https://identity.foundation/presentation-exchange/submission/v1",
+ "https://w3id.org/tractusx-trust/v0.8"
+ ],
+ "@type": "PresentationQueryMessage"
+}
+```
+
+Response Body:
+
+200 OK
+
+```json
+{
+ "presentation": [
+ "ey..."
+ ],
+ "@context": [
+ "https://w3id.org/tractusx-trust/v0.8"
+ ],
+ "@type": "PresentationResponseMessage"
+}
+```
+
+### GET Status List - General
+
+
+
+This API returns the VC Status List related to a BPN. For stub purposes, the VC Status List is static and its state
+cannot be changed. The statusListVcId is set in the `application.yaml` file in ssi-issuer-component app
+
+Request Parameter:
+
+```
+"bpn": "string"
+"vcId": "string"
+```
+
+Response Body:
+
+```json
+{
+ "credentialSubject": {
+ "statusPurpose": "revocation",
+ "type": "StatusList2021Credential",
+ "encodedList": "H4sIAAAAAAAA/+3BAQ0AAADCoErvn87NHEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3AD/hHvP//8BAA=="
+ },
+ "issuanceDate": "2024-07-01T05:03:16Z",
+ "id": "did:web:localhost:BPNL000000000000#8a6c7486-1e1f-4555-bdd2-1a178182651e",
+ "type": [
+ "VerifiableCredential",
+ "StatusList2021Credential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/catenax/credentials/v1.0.0"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2025-07-01T05:03:16Z"
+}
+```
+
+### GET DID Document - General
+
+
+
+This API returns the DID document related to a BPNL.
+
+Request Parameter:
+
+```
+"bpn": "string"
+````
+
+Response Body:
+
+```json
+{
+ "service": [
+ {
+ "id": "https://localhost#credential-service",
+ "type": "CredentialService",
+ "serviceEndpoint": "https://localhost/api"
+ }
+ ],
+ "verificationMethod": [
+ {
+ "id": "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41",
+ "type": "JsonWebKey2020",
+ "controller": "did:web:localhost:BPNL000000000000",
+ "publicKeyJwk": {
+ "kty": "EC",
+ "use": "sig",
+ "crv": "secp256k1",
+ "x": "NytYgtL_rte4EIXpb46e7pntJiPjH4l_pN1j1PVxkO8",
+ "y": "99JkYiCOkBfb8qCncv_YWdHy3eZGAQojWbmaEDFwSlU"
+ }
+ }
+ ],
+ "authentication": [
+ "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41"
+ ],
+ "id": "did:web:localhost:BPNL000000000000",
+ "@context": [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1",
+ "https://w3id.org/did-resolution/v1"
+ ]
+}
+```
+
+# **Architecture Decisions**
+
+## Memory Storage
+
+All the data generated during the interaction with Wallet Stub is only used in runtime. The data is kept in memory
+during the lifetime of the application.
+
+### **Runtime Scenarios**
+
+* During initialization of Wallet Stub, a wallet is automatic created by calling the RestAPI api/dim/setup-dim. All the
+ initial setup can be done via configuration file.
+
+* The VCs are signed at runtime for test purposes
+
+i.e:
+
+```
+#application.yaml
+stub:
+env: ${STUB_ENV:local}
+baseWalletBPN: ${BASE_WALLET_BPN:BPNL000000000000}
+clientId: ${CLIENT_ID:clientId}
+clientSecret: ${CLIENT_SECRET:secret}
+stubHost: ${STUB_HOST:localhost}
+stubUrl: ${STUB_URL:https://localhost}
+portalWaitTime: ${PORTAL_WAIT_TIME:1000}
+statusListVcId: ${STATUS_LIST_VC_ID:8a6c7486-1e1f-4555-bdd2-1a178182651e}
+```
+
+* To refresh the memory storage the Wallet Stub service must be restarted.
+
+### **Development Process**
+
+Creation of a new repository for Wallet Stub service.
+
+**Testing:**
+
+1. Unit/integration test using Spring boot test framework with more than 80% code coverage
+
+2. New test cases/modifications in existing test cases in the Wallet stub service
+
+**API testing:**
+
+* API integration testing will be done using Swagger OpenAPI or Postman
+
+## High-level Sequence Diagrams
+
+The following sequence diagrams depicts the interactions between services with wallet dependencies and the wallet stub.
+The blue arrows represent wallet endpoints. The red arrows represent the wallet app will call API to another service.
+
+### Portal / Issuer Component / BDRS / Wallet Interactions
+
+
+
+
+ Plant UML
+
+ ```plantuml
+@startuml
+participant PortalBackend
+participant Issuer as "Issuer component"
+participant DIM as "Issuer Wallet DIM"
+participant BDRS
+participant HW as "Holder Wallet DIM"
+
+PortalBackend -[#blue]> DIM: Create a Wallet(/api/dim/setup-dim)
+PortalBackend <-- DIM: 201 created
+DIM -[#red]> PortalBackend: Send a DID (api/administration/registration/dim/{bpn})
+DIM <-- PortalBackend: 204 no content
+
+PortalBackend -> PortalBackend: Validate DID Document via universalResolver
+
+PortalBackend -> Issuer: Create Bpnl/Membership Credential(/api/issuer/(bpn oe membership)) with holder client details
+PortalBackend <-- Issuer: 200 success
+
+Issuer -[#blue]> DIM: Create a new credential (/api/v2.0.0/credentials)
+Issuer <-- DIM: credentialId with 200 success
+
+Issuer -[#blue]> DIM: Sign a credential (/api/v2.0.0/credentials/{credentialId})
+Issuer <-- DIM: credential as jwt with 200 success
+Issuer -> Issuer: save jwt vc in db
+
+Issuer -[#blue]> DIM: Get credential (/api/v2.0.0/credentials/{externalCredentialId})
+Issuer <-- DIM: credential as json-ld with 200 success
+Issuer -> Issuer: save credential as json-ld in db
+
+Issuer -[#blue]> HW: Create Credential For Holder (/api/v2.0.0/credentials)
+Issuer <-- HW: credential id with 200 success
+
+Issuer -> PortalBackend: Callback (/api/administration/registration/issuer/(bpncredential or membershipcredential))
+Issuer <-- PortalBackend: 200 success
+
+PortalBackend -> BDRS: Add bpn and did map (api/management/bpn-directory)
+PortalBackend <-- BDRS: 204 no content
+
+Issuer -[#blue]> DIM: Revoke credential (/api/v2.0.0/credentials/{externalCredentialId})
+Issuer <-- DIM: 200 success
+
+PortalBackend -[#blue]> DIM: Create Technical User(/api/dim/technical-user/{bpn})
+PortalBackend <-- DIM: 201 created
+DIM -[#red]> PortalBackend: Send DIM Technical user details (/api/administration/serviceAccount/callback/{externalId})
+DIM <-- PortalBackend: 204 no content
+
+@enduml
+
+```
+
+
+
+### EDC / BDRS / Wallet Interactions
+
+
+
+
+
+
+ Plant UML
+
+```plantuml
+@startuml
+participant ConsumerEDC
+participant Auth as "IDP DIM"
+participant STS as "Secure Token Service DIM"
+participant ProviderEDC
+participant BDRS
+participant HW as "Consumer Wallet DIM"
+
+ConsumerEDC -[#blue]> Auth: Create auth token with technical user detail
+ConsumerEDC <-- Auth: return auth token
+
+alt Resolve provider did using BDRS
+ConsumerEDC -[#blue]> STS: Create si token with scope(grantAccess, consumberDid and providerDid are same) with auth token
+ConsumerEDC <-- STS: return si token (incl. access token)
+
+ConsumerEDC -[#blue]> HW: Request VP to holder wallet (/presentations/query) with consumer si token
+HW -> HW: Validate si token
+ConsumerEDC <-- HW: return vp
+
+ConsumerEDC -> BDRS: call directory API with VP
+ConsumerEDC <-- BDRS: return all bpn and did mapping
+ConsumerEDC -> ConsumerEDC: get provider DID from bpn
+
+end
+
+ConsumerEDC -[#blue]> STS: Create si token (consumer) with scope(grantAccess, consumerDid and providerDid are different) with auth token
+ConsumerEDC <-- STS: return si token (consumer, incl. access token)
+
+ConsumerEDC -> ProviderEDC: DSP request with si token
+
+ProviderEDC -[#blue]> Auth: Create auth token with technical user detail
+ProviderEDC <-- Auth: return auth token
+ProviderEDC -[#blue]> STS: Create si token (provider) without scope(signToken: get access token from si token (consumer)) with auth token
+ProviderEDC <-- STS: return si token (provider)
+
+ProviderEDC -[#blue]> HW: Request Membership VP (/presentations/query) with si token (provider)
+HW -> HW: Validate si token (provider)
+ProviderEDC <-- HW: return vp
+
+ProviderEDC -> ProviderEDC: validate vp
+alt VP validated successfully
+ConsumerEDC <-- ProviderEDC: DSP response
+else
+ConsumerEDC <-- ProviderEDC: throw error
+end
+@enduml
+```
+
+
+
+# **Sequence Diagram**
+
+This API is present in the Wallet Stub
+
+**Endpoint: /api/dim/**
+
+## Portal
+
+
+
+ Plant UML
+
+```plantuml
+@startuml
+actor Client as client
+control PortalController as portalController
+participant PortalStubService as portalStubService
+control DIDController as didController
+participant DidDocumentService as didDocumentService
+collections MemoryStorage as memoryStorage
+
+client --> didController: GET[{bpn}/did.json]
+didController --> memoryStorage: getDIDDocument()
+didController <-- memoryStorage: DIDDocument
+client <-- didController: DIDDocument(http 200)
+
+client --> portalController: POST[/dim/setup-dim]
+portalController --> portalStubService: setupDim()
+portalStubService --> portalStubService: create\Key Pair
+portalStubService --> portalStubService: create\nDIDDocument
+portalStubService --> portalStubService: create Tech User
+portalStubService --> portalStubService: wait 60 secs
+portalStubService --> client: send DID and Tech User\nto portal
+portalController <-- portalStubService: (void)
+client <-- portalStubService: POST [/api/administration/registration/dim/{bpn}]
+client <-- portalController: created(http 201)
+client --> portalController: POST[/dim/technical-user/{bpn}]
+portalController --> portalStubService: createTechUser()
+portalStubService --> portalStubService: request tech user\n to portal
+portalController <-- portalStubService: (void)
+client <-- portalController: OK(http 200)
+@enduml
+```
+
+
+
+## Credential Issuer
+
+
+
+ Plant UML
+
+```plantuml
+@startuml
+actor Client as client
+participant PortalStubService as portalStubService
+control IssuerController as issuerController
+participant IssuerCredentialService as issuerService
+participant DidDocumentService as didDocumentService
+collections MemoryStorage as memoryStorage
+
+client --> issuerController: POST\[/credential\]
+issuerController --> issuerService: issueCredential()
+issuerService --> issuerService: get key pair\\nfrom wallet settings
+issuerService --> didDocumentService: getDidDocument()
+issuerService <-- didDocumentService: issuerDIDDocument
+issuerService --> didDocumentService: getDidDocument()
+issuerService <-- didDocumentService: holderDIDDocument
+issuerService --> issuerService: create VC Jwt
+issuerService --> issuerService: sign VC
+issuerService --> memoryStorage: save credentials
+issuerService <-- memoryStorage:(void)
+issuerService --> issuerService: create VC as JsonLd
+issuerService --> issuerService: sign VC
+issuerService --> memoryStorage: saveCredential()
+issuerController <-- issuerService: VC-ID
+client <-- issuerController: IssueCredential(http 201)
+
+client --> issuerController: PATCH\[/credentials/{credentialId}\]
+issuerController --> issuerService: signCredential()
+issuerService --> didDocumentService: getDidDocument()
+issuerService <-- didDocumentService: issuerDIDDocument
+issuerService --> memoryStorage: getCredentialAsJwt()
+issuerService <-- memoryStorage: jwt
+issuerController <-- issuerService: jwt
+client <-- issuerController: jwtVC(http 200)
+
+client --> issuerController: GET\[/credentials/{externalCredentialId}\]
+issuerController --> issuerService: getCredential()
+issuerService --> didDocumentService: getDidDocument()
+issuerService <-- didDocumentService: issuerDIDDocument
+issuerService --> memoryStorage: getCredentialAsJSonLd()
+issuerService <-- memoryStorage: JSonLd
+issuerController <-- issuerService: credential
+client <-- issuerController: credential(http 200)
+@enduml
+```
+
+
+
+## EDC - STS
+
+
+
+ Plant UML
+
+```plantuml
+@startuml
+actor Client as client
+
+control EDCStubController as edcController
+participant EDCStubService as edcService
+participant KeyService as keyService
+participant DIDDocumentService as didDocument
+
+client --> edcController: POST\[/api/sts\]
+edcController --> edcService: createTokenWithScope()
+edcService --> keyService: getKeyPair()
+edcService <-- keyService: KeyPair
+edcService --> didDocument: getDidDocument()
+edcService <-- didDocument: SelfDidDocument
+edcService --> edcService: search BPN partner
+edcService --> edcService: find scope
+edcService --> didDocument: getDidDocument()
+edcService <-- didDocument: PartnerDidDocument
+edcService --> edcService: create Jws Header
+edcService --> edcService: create Jwt Claims
+edcService --> edcService: sign Jwt
+edcController <-- edcService: signed Jwt
+client <-- edcController: Jwt(http 200)
+
+@enduml
+```
+
+
+
+## EDC - Query Presentations
+
+
+
+ Plant UML
+
+```plantuml
+@startuml
+actor Client as client
+
+control EDCStubController as edcController
+participant EDCStubService as edcService
+participant KeyService as keyService
+participant DIDDocumentService as didDocument
+participant TokenService as tokenService
+participant MemoryStorage as memoryStorage
+
+client --> edcController: GET\[/api/presentations/query\]
+edcController --> edcService: queryPresentations()
+edcService --> tokenService: verifyTokenAndGetClaims()
+edcService <-- tokenService: Jwt Claims
+edcService --> keyService: get IssuerKeyPair\\nand BaseWalletKeyPair
+edcService <-- keyService: IssuerKeyPair/BaseWalletKeyPair
+
+edcService --> didDocument: get IssuerDidDocument\\nand BaseWalletDidDocument
+edcService <-- didDocument: IssuerDidDocument/BaseWalletDidDocument
+
+edcService --> edcService: create membership VC as JWt
+edcService --> memoryStorage: saveCredentialAsJwt
+edcService <-- memoryStorage: (void)
+edcService --> edcService: create VP as JSonLd
+edcController <-- edcService: list of presentations
+
+client <-- edcController: list of presentations(http 200)
+@enduml
+```
+
+
+
+## Token Generation
+
+
+
+ Plant UML
+
+```plantuml
+@startuml
+actor Client as client
+
+control TokenController as tokenController
+participant TokenService as tokenService
+participant DidDocumentService as didDocumentService
+
+client --> tokenController: POST\[/oauth/token\]
+tokenController --> tokenService: createAccessTokenResponse()
+tokenService --> tokenService: get key pair\\nfrom wallet settings
+tokenService --> didDocumentService: getDidDocument()
+tokenService <-- didDocumentService: DIDDocument
+tokenService --> tokenService: signToken()
+tokenController <-- tokenService: Token
+client <-- tokenController: Token(http 200)
+@enduml
+```
+
+
+
+## Status List
+
+
+
+ Plant UML
+
+```plantuml
+@startuml
+actor Client as client
+
+control StatusListController as statusListController
+collections MemoryStorage as memoryStorage
+
+client --> statusListController: GET\[api/dm/status-list/{bpn}/{vcId}\]
+statusListController --> memoryStorage: getVerifiableCredentials()
+statusListController <-- memoryStorage: VerifiableCredential
+client <-- statusListController: VerifiableCredential(http 200)
+@enduml
+```
+
+
+
+## **Risks and Technical Debts**
+
+### Risks:
+
+* Data loss in case the wallet stub service is restarted
+
+* The usage of the wallet stub resources does not guarantee that clients are 100% compatible to a real world wallet
+ implementation
+
+* During integration with wallet stub service, not all test case scenarios are possible to simulate
+
+### Technical Debts and Limitations
+
+* **Lack of Realistic Behavior / Missing Functionalities:** The wallet stub service provides happy case responses to the
+ services with dependencies. Furthermore, stub service comes with a static StatusListVC, meaning no credential can be
+ truly revoked.
+
+* **Maintenance Overhead:** As the real services evolve (i.e., SAP DIM but also services with wallet dependency) the
+ stub service needs to be updated to reflect these changes.
+
+* **Incomplete Test Coverage:** The wallet stub service does not cover the unhappy cases and error scenarios that the
+ real wallet would encounter. This leaves gaps in test coverage, allowing potential bugs to go unnoticed until later
+ stages.
+
+* **Integration Issues:** We do not have in-depth knowledge of the SAP DIM wallet or any other wallet that will be the
+ real wallet service. Dependencies on wallet stub can mask integration issues that only become apparent when the actual
+ wallet service is there.
+
+* **AuthN / AuthZ:** Currently wallet stub service relies on attribute-based JWT for authentication and authorization.
+ The clientID and clientSecret are BPN, potentially causing security vulnerabilities.
+
+* **Delayed Real Service Integration:** Over-reliance on wallet stub service can delay the integration with the real
+ wallet service. The longer the delay, the higher the risk of integration problems and greater potential for technical
+ debt accumulation.
+
+# Glossary/Definitions
+
+| **Term** | **definition** |
+|----------|-----------------------------------|
+| EDC | Eclipse Dataspace Components |
+| VC | Verifiable Credential |
+| VP | Verifiable Presentation |
+| UC | User Case |
+| BPN | Business Partner Number |
+| DID | Decentralized identification |
+| E2E | End to End |
+| DIM | Decentralized Identity Management |
+
+
+
+## NOTICE
+
+This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).
+
+- SPDX-License-Identifier: Apache-2.0
+- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation
+- Source URL: https://github.com/eclipse-tractusx/ssi-dim-wallet-stub
diff --git a/gradle.properties b/gradle.properties
new file mode 100644
index 0000000..6fcf6fb
--- /dev/null
+++ b/gradle.properties
@@ -0,0 +1,29 @@
+#
+# /********************************************************************************
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+#
+group=org.eclipse.tractusx.wallet.stub
+version=0.0.1
+springBootVersion=3.3.2
+springDependencyVersion=1.1.0
+openApiVersion=2.4.0
+org.gradle.daemon=false
+org.gradle.jvmargs=-Xmx1024m
+jacocoVersion=0.8.11
+edcLibVersion=0.8.1
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
new file mode 100644
index 0000000..d64cd49
Binary files /dev/null and b/gradle/wrapper/gradle-wrapper.jar differ
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
new file mode 100644
index 0000000..89f449a
--- /dev/null
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,27 @@
+#
+# /********************************************************************************
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+#
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists
diff --git a/gradlew b/gradlew
new file mode 100755
index 0000000..1aa94a4
--- /dev/null
+++ b/gradlew
@@ -0,0 +1,249 @@
+#!/bin/sh
+
+#
+# Copyright Š 2015-2021 the original authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+##############################################################################
+#
+# Gradle start up script for POSIX generated by Gradle.
+#
+# Important for running:
+#
+# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
+# noncompliant, but you have some other compliant shell such as ksh or
+# bash, then to run this script, type that shell name before the whole
+# command line, like:
+#
+# ksh Gradle
+#
+# Busybox and similar reduced shells will NOT work, because this script
+# requires all of these POSIX shell features:
+# * functions;
+# * expansions ÂĢ$varÂģ, ÂĢ${var}Âģ, ÂĢ${var:-default}Âģ, ÂĢ${var+SET}Âģ,
+# ÂĢ${var#prefix}Âģ, ÂĢ${var%suffix}Âģ, and ÂĢ$( cmd )Âģ;
+# * compound commands having a testable exit status, especially ÂĢcaseÂģ;
+# * various built-in commands including ÂĢcommandÂģ, ÂĢsetÂģ, and ÂĢulimitÂģ.
+#
+# Important for patching:
+#
+# (2) This script targets any POSIX shell, so it avoids extensions provided
+# by Bash, Ksh, etc; in particular arrays are avoided.
+#
+# The "traditional" practice of packing multiple parameters into a
+# space-separated string is a well documented source of bugs and security
+# problems, so this is (mostly) avoided, by progressively accumulating
+# options in "$@", and eventually passing that to Java.
+#
+# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
+# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
+# see the in-line comments for details.
+#
+# There are tweaks for specific operating systems such as AIX, CygWin,
+# Darwin, MinGW, and NonStop.
+#
+# (3) This script is generated from the Groovy template
+# https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+# within the Gradle project.
+#
+# You can find Gradle at https://github.com/gradle/gradle/.
+#
+##############################################################################
+
+# Attempt to set APP_HOME
+
+# Resolve links: $0 may be a link
+app_path=$0
+
+# Need this for daisy-chained symlinks.
+while
+ APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
+ [ -h "$app_path" ]
+do
+ ls=$( ls -ld "$app_path" )
+ link=${ls#*' -> '}
+ case $link in #(
+ /*) app_path=$link ;; #(
+ *) app_path=$APP_HOME$link ;;
+ esac
+done
+
+# This is normally unused
+# shellcheck disable=SC2034
+APP_BASE_NAME=${0##*/}
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD=maximum
+
+warn () {
+ echo "$*"
+} >&2
+
+die () {
+ echo
+ echo "$*"
+ echo
+ exit 1
+} >&2
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+nonstop=false
+case "$( uname )" in #(
+ CYGWIN* ) cygwin=true ;; #(
+ Darwin* ) darwin=true ;; #(
+ MSYS* | MINGW* ) msys=true ;; #(
+ NONSTOP* ) nonstop=true ;;
+esac
+
+CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
+
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+ if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+ # IBM's JDK on AIX uses strange locations for the executables
+ JAVACMD=$JAVA_HOME/jre/sh/java
+ else
+ JAVACMD=$JAVA_HOME/bin/java
+ fi
+ if [ ! -x "$JAVACMD" ] ; then
+ die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+ fi
+else
+ JAVACMD=java
+ if ! command -v java >/dev/null 2>&1
+ then
+ die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+ fi
+fi
+
+# Increase the maximum file descriptors if we can.
+if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
+ case $MAX_FD in #(
+ max*)
+ # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+ # shellcheck disable=SC2039,SC3045
+ MAX_FD=$( ulimit -H -n ) ||
+ warn "Could not query maximum file descriptor limit"
+ esac
+ case $MAX_FD in #(
+ '' | soft) :;; #(
+ *)
+ # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+ # shellcheck disable=SC2039,SC3045
+ ulimit -n "$MAX_FD" ||
+ warn "Could not set maximum file descriptor limit to $MAX_FD"
+ esac
+fi
+
+# Collect all arguments for the java command, stacking in reverse order:
+# * args from the command line
+# * the main class name
+# * -classpath
+# * -D...appname settings
+# * --module-path (only if needed)
+# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
+
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if "$cygwin" || "$msys" ; then
+ APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
+ CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
+
+ JAVACMD=$( cygpath --unix "$JAVACMD" )
+
+ # Now convert the arguments - kludge to limit ourselves to /bin/sh
+ for arg do
+ if
+ case $arg in #(
+ -*) false ;; # don't mess with options #(
+ /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
+ [ -e "$t" ] ;; #(
+ *) false ;;
+ esac
+ then
+ arg=$( cygpath --path --ignore --mixed "$arg" )
+ fi
+ # Roll the args list around exactly as many times as the number of
+ # args, so each arg winds up back in the position where it started, but
+ # possibly modified.
+ #
+ # NB: a `for` loop captures its iteration list before it begins, so
+ # changing the positional parameters here affects neither the number of
+ # iterations, nor the values presented in `arg`.
+ shift # remove old arg
+ set -- "$@" "$arg" # push replacement arg
+ done
+fi
+
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+# and any embedded shellness will be escaped.
+# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+# treated as '${Hostname}' itself on the command line.
+
+set -- \
+ "-Dorg.gradle.appname=$APP_BASE_NAME" \
+ -classpath "$CLASSPATH" \
+ org.gradle.wrapper.GradleWrapperMain \
+ "$@"
+
+# Stop when "xargs" is not available.
+if ! command -v xargs >/dev/null 2>&1
+then
+ die "xargs is not available"
+fi
+
+# Use "xargs" to parse quoted args.
+#
+# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
+#
+# In Bash we could simply go:
+#
+# readarray ARGS < <( xargs -n1 <<<"$var" ) &&
+# set -- "${ARGS[@]}" "$@"
+#
+# but POSIX shell has neither arrays nor command substitution, so instead we
+# post-process each arg (as a line of input to sed) to backslash-escape any
+# character that might be a shell metacharacter, then use eval to reverse
+# that process (while maintaining the separation between arguments), and wrap
+# the whole thing up as a single "set" statement.
+#
+# This will of course break if any of these variables contains a newline or
+# an unmatched quote.
+#
+
+eval "set -- $(
+ printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
+ xargs -n1 |
+ sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
+ tr '\n' ' '
+ )" '"$@"'
+
+exec "$JAVACMD" "$@"
diff --git a/gradlew.bat b/gradlew.bat
new file mode 100644
index 0000000..6689b85
--- /dev/null
+++ b/gradlew.bat
@@ -0,0 +1,92 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
+@if "%DEBUG%"=="" @echo off
+@rem ##########################################################################
+@rem
+@rem Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if %ERRORLEVEL% equ 0 goto execute
+
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if %ERRORLEVEL% equ 0 goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+set EXIT_CODE=%ERRORLEVEL%
+if %EXIT_CODE% equ 0 set EXIT_CODE=1
+if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
+exit /b %EXIT_CODE%
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega
diff --git a/settings.gradle b/settings.gradle
new file mode 100644
index 0000000..65057a5
--- /dev/null
+++ b/settings.gradle
@@ -0,0 +1,22 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+rootProject.name = 'wallet-stub'
diff --git a/src/lombok.config b/src/lombok.config
new file mode 100644
index 0000000..747fcd1
--- /dev/null
+++ b/src/lombok.config
@@ -0,0 +1,28 @@
+#
+# /********************************************************************************
+# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+#
+
+# This tells lombok this directory is the root,
+# no need to look somewhere else for java code.
+config.stopBubbling = true
+# This will add the @lombok.Generated annotation
+# to all the code generated by Lombok,
+# so it can be excluded from coverage by jacoco.
+lombok.addLombokGeneratedAnnotation = true
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/WalletStubApplication.java b/src/main/java/org/eclipse/tractusx/wallet/stub/WalletStubApplication.java
new file mode 100644
index 0000000..1245563
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/WalletStubApplication.java
@@ -0,0 +1,50 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Cofinity-X
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ *
+ */
+
+package org.eclipse.tractusx.wallet.stub;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.ConfigurationPropertiesScan;
+import org.springframework.cloud.openfeign.EnableFeignClients;
+import org.springframework.scheduling.annotation.EnableAsync;
+
+/**
+ * The type Wallet demo application.
+ */
+@SpringBootApplication
+@ConfigurationPropertiesScan
+@EnableAsync
+@EnableFeignClients
+public class WalletStubApplication {
+
+ /**
+ * The entry point of application.
+ *
+ * @param args the input arguments
+ */
+ public static void main(String[] args) {
+ SpringApplication.run(WalletStubApplication.class, args);
+ }
+
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/CredentialsApiDoc.java b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/CredentialsApiDoc.java
new file mode 100644
index 0000000..2ef6fe3
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/CredentialsApiDoc.java
@@ -0,0 +1,203 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.apidoc;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.parameters.RequestBody;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * This class contains API documentations for various methods related to credentials.
+ */
+public class CredentialsApiDoc {
+
+
+ /**
+ * The interface Create store credential.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = """
+ New credential sign with issuer wallet and saved in in-memory db and send VC id in the response. | Store credential will give only static response with id.
+ """, summary = "Create a new credential | Store credential for a holder")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "JWT presentation", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Create a new credential", value = """
+ {
+ "id": "1f36af58-0fc0-4b24-9b1c-e37d59668089"
+ }
+ """),
+ @ExampleObject(name = "Store credential for a holder", value = """
+ {
+ "id": "1f36af58-0fc0-4b24-9b1c-e37d59668089"
+ }
+ """)
+ })
+ })
+ })
+ @RequestBody(content = {
+ @Content(examples = {
+ @ExampleObject(value = """
+ {
+ "application": "catena-x",
+ "payload": {
+ "issue": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#a1f8ae36-9919-4ed8-8546-535280acc5bf",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:14:45Z",
+ "expirationDate": "2023-09-30T18:30:00Z",
+ "credentialSubject": {
+ "bpn": "BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001",
+ "type": "BpnCredential"
+ }
+ }
+ }
+ }
+ """, description = "Create a new credential", name = "Create a new credential"),
+ @ExampleObject(value = """
+ {
+ "application": "catena-x-portal",
+ "payload": {
+ "derive": {
+ "verifiableCredential": "eyJraWQiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyI2tleS0xIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJkZWdyZWVTdWIiLCJhdWQiOiJkaWQ6d2ViOmJkcnMtY2xpZW50IiwibmJmIjoxNzE4MzQzOTAzLCJpc3MiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyIiwiZXhwIjoxNzE4MzQzOTYzLCJpYXQiOjE3MTgzNDM5MDMsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzL3YxLjAuMCJdLCJpZCI6IjFmMzZhZjU4LTBmYzAtNGIyNC05YjFjLWUzN2Q1OTY2ODA4OSIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6d2ViOmNvbS5leGFtcGxlLmlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjEtMDYtMTZUMTg6NTY6NTlaIiwiZXhwaXJhdGlvbkRhdGUiOiIyMDk5LTA2LTE2VDE4OjU2OjU5WiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpiZHJzLWNsaWVudCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE5MMDAwMDAwMDAxIn19LCJqdGkiOiJlZDlhNjhkMS0yZjFkLTQxZjgtYWUwOS1hNDBhMTA2OTUwMTUifQ.tdLmrcQpGH-SGBpRpRmFX4AXQJx99uUhDOwuGtSejWkkQ2N_yNtEsoP93xDuBod_AY7zVqY4P_Ofdz-H4zE6nw"
+ }
+ }
+ }
+ """, description = "Store credential for a holder", name = "Store credential for a holder")
+
+ })
+ })
+ public @interface CreateStoreCredential {
+
+ }
+
+ /**
+ * The interface Sign revoke credential.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = """
+ Credential already signed now it will send vc in response. | Revoke a credential will give static response.
+ """, summary = "Sign a credential / Revoke a credential")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "JWT presentation", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Sign credential", value = """
+ {
+ "jwt": "eyJraWQiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyI2tleS0xIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJkZWdyZWVTdWIiLCJhdWQiOiJkaWQ6d2ViOmJkcnMtY2xpZW50IiwibmJmIjoxNzE4MzQzOTAzLCJpc3MiOiJkaWQ6d2ViOnNvbWUtaXNzdWVyIiwiZXhwIjoxNzE4MzQzOTYzLCJpYXQiOjE3MTgzNDM5MDMsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzL3YxLjAuMCJdLCJpZCI6IjFmMzZhZjU4LTBmYzAtNGIyNC05YjFjLWUzN2Q1OTY2ODA4OSIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6d2ViOmNvbS5leGFtcGxlLmlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjEtMDYtMTZUMTg6NTY6NTlaIiwiZXhwaXJhdGlvbkRhdGUiOiIyMDk5LTA2LTE2VDE4OjU2OjU5WiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpiZHJzLWNsaWVudCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE5MMDAwMDAwMDAxIn19LCJqdGkiOiJlZDlhNjhkMS0yZjFkLTQxZjgtYWUwOS1hNDBhMTA2OTUwMTUifQ.tdLmrcQpGH-SGBpRpRmFX4AXQJx99uUhDOwuGtSejWkkQ2N_yNtEsoP93xDuBod_AY7zVqY4P_Ofdz-H4zE6nw"
+ }
+ """),
+ @ExampleObject(name = "Revoke credential ", value = """
+ {
+ }
+ """)
+ })
+ })
+ })
+ @RequestBody(content = {
+ @Content(examples = {
+ @ExampleObject(value = """
+ {
+ "sign": {
+ "proofMechanism": "external",
+ "proofType": "jwt"
+ }
+ }
+ """, description = "Sign credential", name = "Sign credential"),
+ @ExampleObject(value = """
+ {
+ "payload": {
+ "revoke": true
+ }
+ }
+ """, description = "Revoke credential", name = "Revoke credential")
+
+ })
+ })
+ public @interface SignRevokeCredential {
+
+ }
+
+ /**
+ * The interface Get credentials.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = """
+ Get a credential by external ID. It will work if vc is present in in-memory db.
+ """, summary = "Get a credential by external ID")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "Get credential", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Get credential", value = """
+ {
+ "verifiableCredential": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwI2MzOTMyZmY1LThkYTQtM2RlOS1hOTQyLTYyMTI1ZjM5NGU0MSIsInR5cCI6IkpXVCIsImFsZyI6IkVTMjU2SyJ9.eyJhdWQiOlsiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCIsImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDEiXSwiYnBuIjoiQlBOTDAwMDAwMDAwMDAwMSIsInN1YiI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiZXhwIjoxNzE5ODA5NTQ1LCJpYXQiOjE3MTk4MDkyNDUsInZjIjp7Imlzc3VhbmNlRGF0ZSI6IjIwMjMtMDctMTlUMDk6MTQ6NDVaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYnBuIjoiQlBOTDAwMDAwMDAwMDAwMSIsImlkIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMSIsInR5cGUiOiJCcG5DcmVkZW50aWFsIn0sImlkIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCMxOWNiNjU2Mi1iYWM3LTNkYzMtYWFmNi00NjEyZTM0OWEwMTEiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiQnBuQ3JlZGVudGlhbCJdLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY2F0ZW5heC1uZy5naXRodWIuaW8vcHJvZHVjdC1jb3JlLXNjaGVtYXMvYnVzaW5lc3NQYXJ0bmVyRGF0YS5qc29uIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwiaXNzdWVyIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCIsImV4cGlyYXRpb25EYXRlIjoiMjAyMy0wOS0zMFQxODozMDowMFoifSwianRpIjoiYjcyMWY0NjMtMzM3Yi00MzBhLTkzMDktNjZlNzBjMjNkNTZiIn0._mGVXN4ublBx0-r0lG7_2tSGzwIlhjTWtx-ZFcQMmg4Q9pvF-RnbSDZ0vJLfvWv9egVtFSPE9oqbChCLXVg21g",
+ "credential": {
+ "issuanceDate": "2023-07-19T09:14:45Z",
+ "credentialSubject": {
+ "bpn": "BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001",
+ "type": "BpnCredential"
+ },
+ "id": "did:web:localhost:BPNL000000000000#19cb6562-bac7-3dc3-aaf6-4612e349a011",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2023-09-30T18:30:00Z"
+ },
+ "revocationStatus": "false",
+ "signing_key_id": "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41"
+ }
+ """)
+ })
+ })
+ })
+ public @interface GetCredentials {
+
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/DidApiDoc.java b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/DidApiDoc.java
new file mode 100644
index 0000000..aff9091
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/DidApiDoc.java
@@ -0,0 +1,94 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.apidoc;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+
+/**
+ * The type Did api doc.
+ */
+public class DidApiDoc {
+
+
+ /**
+ * The interface Did document.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = """
+ Resolve the DID document for a given BPN
+
+ """, summary = "Resolve the DID document for a given BPN")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "DID document", content = {
+ @Content(examples = {
+ @ExampleObject(name = "DID document", value = """
+ {
+ "service": [
+ {
+ "id": "https://localhost#credential-service",
+ "type": "CredentialService",
+ "serviceEndpoint": "https://localhost/api"
+ }
+ ],
+ "verificationMethod": [
+ {
+ "id": "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41",
+ "type": "JsonWebKey2020",
+ "controller": "did:web:localhost:BPNL000000000000",
+ "publicKeyJwk": {
+ "kty": "EC",
+ "use": "sig",
+ "crv": "secp256k1",
+ "x": "NytYgtL_rte4EIXpb46e7pntJiPjH4l_pN1j1PVxkO8",
+ "y": "99JkYiCOkBfb8qCncv_YWdHy3eZGAQojWbmaEDFwSlU"
+ }
+ }
+ ],
+ "authentication": [
+ "did:web:localhost:BPNL000000000000#c3932ff5-8da4-3de9-a942-62125f394e41"
+ ],
+ "id": "did:web:localhost:BPNL000000000000",
+ "@context": [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1",
+ "https://w3id.org/did-resolution/v1"
+ ]
+ }
+ """)
+ })
+ })
+ })
+ public @interface DidDocument {
+
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/EDCStubApiDoc.java b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/EDCStubApiDoc.java
new file mode 100644
index 0000000..d7630f0
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/EDCStubApiDoc.java
@@ -0,0 +1,139 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.apidoc;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.parameters.RequestBody;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * The type Edc stub api doc.
+ */
+public class EDCStubApiDoc {
+
+
+ /**
+ * The interface Get sts.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = "Create token with scope or with access token \n this API will be used by EDCs while data transfer", summary = "Create token with scope or with access token")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "JWT token created", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Created jwt token", value = """
+ {
+ "jwt":"token"
+ }
+ """)
+ })
+ })
+ })
+ @RequestBody(content = {
+ @Content(examples = {
+ @ExampleObject(value = """
+ {
+ "grantAccess":
+ {
+ "scope": "read",
+ "credentialTypes":
+ [
+ "MembershipCredential"
+ ],
+ "consumerDid": "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000000",
+ "providerDid": "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000000"
+ }
+ }
+ """, description = "Create token With scope", name = "Create token with scope"),
+ @ExampleObject(value = """
+ {
+ "signToken":
+ {
+ "audience": "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000000",
+ "subject": "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000001",
+ "issuer": "did:web:c464-203-129-213-107.ngrok-free.app:BPNL000000000001",
+ "token": "yJraWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjYzM5MzJmZjUtOGRhNC0zZGU5LWE5NDItNjIxMjVmMzk0ZTQxIiwidHlwIjoiSldUIiwiYWxnIjoiRVMyNTZLIn0.eyJhdWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwic3ViIjoiZGlkOndlYjpjNDY0LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwIiwibmJmIjoxNzE5NDc5NTcwLCJpc3MiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJleHAiOjE3MTk0Nzk4NzAsImlhdCI6MTcxOTQ3OTU3MCwianRpIjoiZThlNWZkNzYtMDA0OC00Y2E1LTgyMjgtOTNlZDA1MmFhYzMzIn0.Gmd7u0sOjVXde9nZeQlVbXo65xB1tZ2VBy6a1gZG-z9IrhdM0cZuXIaS2IUY3bydvQiWfYFU0ihkOYshnOGVeA"
+ }
+ }
+ """, description = "Create token With access token", name = "Create token with access token")
+
+ })
+ })
+ public @interface GetSts {
+
+ }
+
+
+ /**
+ * The interface Query presentation.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = "Query presentation", summary = "Query presentation ")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "JWT presentation", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Created jwt token", value = """
+ {
+ "presentation": [
+ "eyJraWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjYzM5MzJmZjUtOGRhNC0zZGU5LWE5NDItNjIxMjVmMzk0ZTQxIiwidHlwIjoiSldUIiwiYWxnIjoiRVMyNTZLIn0.eyJhdWQiOlsiZGlkOndlYjpjNDY0LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwIiwiZGlkOndlYjpjNDY0LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwIl0sImJwbiI6IkJQTkwwMDAwMDAwMDAwMDAiLCJzdWIiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJpc3MiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJ2cCI6eyJpZCI6ImRpZDp3ZWI6YzQ2NC0yMDMtMTI5LTIxMy0xMDcubmdyb2stZnJlZS5hcHA6QlBOTDAwMDAwMDAwMDAwMCNjNDAyYmRhOC0zMTEwLTQ5MGYtOWRkOS1lZjI3ZjFmNDEwM2UiLCJwcm9vZiI6eyJwcm9vZlB1cnBvc2UiOiJhc3NlcnRpb25NZXRob2QiLCJ0eXBlIjoiSnNvbldlYlNpZ25hdHVyZTIwMjAiLCJ2ZXJpZmljYXRpb25NZXRob2QiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjYzM5MzJmZjUtOGRhNC0zZGU5LWE5NDItNjIxMjVmMzk0ZTQxIiwiY3JlYXRlZCI6IjIwMjQtMDYtMjdUMDk6NTM6NDlaIiwiandzIjoiZXlKaGJHY2lPaUpGVXpJMU5rc2lmUS4ub0lmYWNXbU5kSDBpMVo0UzQ3MlBkczBTYkpBSGxSek90U2pGMTV1QWM3NHFaWVhkemZRRnZhcHFKT2xSMTFrblVDYkRjbFI3RDJJaUVBTjB0VUFTN2cifSwidHlwZSI6WyJWZXJpZmlhYmxlUHJlc2VudGF0aW9uIl0sIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlsiZXlKcmFXUWlPaUprYVdRNmQyVmlPbU0wTmpRdE1qQXpMVEV5T1MweU1UTXRNVEEzTG01bmNtOXJMV1p5WldVdVlYQndPa0pRVGt3d01EQXdNREF3TURBd01EQWpZek01TXpKbVpqVXRPR1JoTkMwelpHVTVMV0U1TkRJdE5qSXhNalZtTXprMFpUUXhJaXdpZEhsd0lqb2lTbGRVSWl3aVlXeG5Jam9pUlZNeU5UWkxJbjAuZXlKaGRXUWlPbHNpWkdsa09uZGxZanBqTkRZMExUSXdNeTB4TWprdE1qRXpMVEV3Tnk1dVozSnZheTFtY21WbExtRndjRHBDVUU1TU1EQXdNREF3TURBd01EQXdJaXdpWkdsa09uZGxZanBqTkRZMExUSXdNeTB4TWprdE1qRXpMVEV3Tnk1dVozSnZheTFtY21WbExtRndjRHBDVUU1TU1EQXdNREF3TURBd01EQXdJbDBzSW1Kd2JpSTZJa0pRVGt3d01EQXdNREF3TURBd01EQWlMQ0p6ZFdJaU9pSmthV1E2ZDJWaU9tTTBOalF0TWpBekxURXlPUzB5TVRNdE1UQTNMbTVuY205ckxXWnlaV1V1WVhCd09rSlFUa3d3TURBd01EQXdNREF3TURBaUxDSnBjM01pT2lKa2FXUTZkMlZpT21NME5qUXRNakF6TFRFeU9TMHlNVE10TVRBM0xtNW5jbTlyTFdaeVpXVXVZWEJ3T2tKUVRrd3dNREF3TURBd01EQXdNREFpTENKbGVIQWlPakUzTVRrME9ESXpNamtzSW1saGRDSTZNVGN4T1RRNE1qQXlPU3dpZG1NaU9uc2lRR052Ym5SbGVIUWlPbHNpYUhSMGNITTZMeTkzZDNjdWR6TXViM0puTHpJd01UZ3ZZM0psWkdWdWRHbGhiSE12ZGpFaUxDSm9kSFJ3Y3pvdkwzY3phV1F1YjNKbkwyTmhkR1Z1WVhndlkzSmxaR1Z1ZEdsaGJITXZkakV1TUM0d0lsMHNJbWxrSWpvaVpHbGtPbmRsWWpwak5EWTBMVEl3TXkweE1qa3RNakV6TFRFd055NXVaM0p2YXkxbWNtVmxMbUZ3Y0RwQ1VFNU1NREF3TURBd01EQXdNREF3SXpreVpHSXlOamRoTFRZM056SXRNMkZrTUMwNE16ZGhMVEprWVdFM1ptVmtPR013TnlJc0luUjVjR1VpT2xzaVZtVnlhV1pwWVdKc1pVTnlaV1JsYm5ScFlXd2lMQ0pOWlcxaVpYSnphR2x3UTNKbFpHVnVkR2xoYkNKZExDSnBjM04xWlhJaU9pSmthV1E2ZDJWaU9tTTBOalF0TWpBekxURXlPUzB5TVRNdE1UQTNMbTVuY205ckxXWnlaV1V1WVhCd09rSlFUa3d3TURBd01EQXdNREF3TURBaUxDSmpjbVZrWlc1MGFXRnNVM1ZpYW1WamRDSTZXM3NpYUc5c1pHVnlTV1JsYm5ScFptbGxjaUk2SWtKUVRrd3dNREF3TURBd01EQXdNREFpTENKcFpDSTZJbVJwWkRwM1pXSTZZelEyTkMweU1ETXRNVEk1TFRJeE15MHhNRGN1Ym1keWIyc3RabkpsWlM1aGNIQTZRbEJPVERBd01EQXdNREF3TURBd01DSjlYU3dpWTNKbFpHVnVkR2xoYkZOMFlYUjFjeUk2Ym5Wc2JDd2lhWE56ZFdGdVkyVkVZWFJsSWpvaU1qQXlOQzB3TmkweU4xUXdPVG8xTXpvME4xb2lMQ0psZUhCcGNtRjBhVzl1UkdGMFpTSTZJakl3TWpVdE1EWXRNamRVTURrNk5UTTZORGRhSWl3aWNISnZiMllpT25zaWNISnZiMlpRZFhKd2IzTmxJam9pWVhOelpYSjBhVzl1VFdWMGFHOWtJaXdpZEhsd1pTSTZJa3B6YjI1WFpXSlRhV2R1WVhSMWNtVXlNREl3SWl3aWRtVnlhV1pwWTJGMGFXOXVUV1YwYUc5a0lqb2laR2xrT25kbFlqcGpORFkwTFRJd015MHhNamt0TWpFekxURXdOeTV1WjNKdmF5MW1jbVZsTG1Gd2NEcENVRTVNTURBd01EQXdNREF3TURBd0kyTXpPVE15Wm1ZMUxUaGtZVFF0TTJSbE9TMWhPVFF5TFRZeU1USTFaak01TkdVME1TSXNJbU55WldGMFpXUWlPaUl5TURJMExUQTJMVEkzVkRBNU9qVXpPalEzV2lJc0ltcDNjeUk2SW1WNVNtaGlSMk5wVDJsS1JsVjZTVEZPYTNOcFpsRXVMbkI0V2xKQ2NYRkNjWGh5VVU1d1JtUk5Ua2RPVjJGRVZFSkZia3BLTTBaQ2MzcFlYMWhzVUdzMVJIaEllRjlhVTJka01sSXhUbXRIWW5kUGRXaG1TM0J6YXpoNVlVcGZOVzFJWlhoNFFuUmZWVWcyWlc1UkluMTlMQ0pxZEdraU9pSXhNV0ptWTJJM1pDMDJZV016TFRSbVptTXRZV1JsTXkwd00yWTNaR0V3T0daak1XSWlmUS5ud0pWNFlNYnlnLW1DUVRsaTd5cE1CaVZlRFRuUmE2bElzTlY1alluZXhLbzV2RGk2TEdsLXllR3ZiOF9pWkRqOHdvVlU5aGgwRF9tX1U3OXRtVVlwUSJdfSwiZXhwIjoxNzE5NDgyMzI5LCJpYXQiOjE3MTk0ODIwMjksImp0aSI6IjI1MjcyYjgxLWYxNDktNGNjZS05M2IwLWU5Mzg2MWIxNGY0MSJ9.ZGFfP1jhlRAmDxGcuyqpGq8j80-HhUgPcsyvavZzyFrSj7Zjwvssm7eMc6Poo7voUEHFfv2YG1K8hc_9XBm3Cg"
+ ],
+ "@context": [
+ "https://w3id.org/tractusx-trust/v0.8"
+ ],
+ "@type": "PresentationResponseMessage"
+ }
+ """)
+ })
+ })
+ })
+ @RequestBody(content = {
+ @Content(examples = {
+ @ExampleObject(value = """
+ {
+ "scope":
+ [
+ "org.eclipse.tractusx.vc.type:MembershipCredential:read"
+ ],
+ "@context":
+ [
+ "https://identity.foundation/presentation-exchange/submission/v1",
+ "https://w3id.org/tractusx-trust/v0.8"
+ ],
+ "@type": "PresentationQueryMessage"
+ }
+ """, description = "Create VP access token for membership VC", name = "Create VP access token for membership VC")
+
+ })
+ })
+ public @interface QueryPresentation {
+
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/PortalApiDoc.java b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/PortalApiDoc.java
new file mode 100644
index 0000000..64f5cfe
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/PortalApiDoc.java
@@ -0,0 +1,68 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.apidoc;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * The type Portal api doc.
+ */
+public class PortalApiDoc {
+
+
+ /**
+ * The interface Create new wallet.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = """
+ Create a new wallet with BPN and send the Did document back to portal backend. Everytime same wallet generated with bpn so same did document will be generated for a wallet.
+ """, summary = "Create a new wallet")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "201", description = "Created")
+ })
+ public @interface CreateNewWallet {
+
+ }
+
+ /**
+ * The interface Create new tech user.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = """
+ Send clientId as BPN, clientSecret and OAuth back to portal backend.
+ """, summary = "Creates a technical user for the wallet of the given bpn.")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "Ok")
+ })
+ public @interface CreateNewTechUser {
+
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/StatusListApiDoc.java b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/StatusListApiDoc.java
new file mode 100644
index 0000000..87afe10
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/StatusListApiDoc.java
@@ -0,0 +1,79 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.apidoc;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * The type Status list api doc.
+ */
+public class StatusListApiDoc {
+
+
+ /**
+ * The interface Get status list.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = """
+ Gets the status list for the given company
+ """, summary = "it works for only issuer")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "Status List VC document", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Status List VC", value = """
+ {
+ "credentialSubject": {
+ "statusPurpose": "revocation",
+ "type": "StatusList2021Credential",
+ "encodedList": "H4sIAAAAAAAA/+3BAQ0AAADCoErvn87NHEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3AD/hHvP//8BAA=="
+ },
+ "issuanceDate": "2024-07-01T05:03:16Z",
+ "id": "did:web:localhost:BPNL000000000000#8a6c7486-1e1f-4555-bdd2-1a178182651e",
+ "type": [
+ "VerifiableCredential",
+ "StatusList2021Credential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/catenax/credentials/v1.0.0"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2025-07-01T05:03:16Z"
+ }
+ """)
+ })
+ })
+ })
+ public @interface GetStatusList {
+
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/TokenApiDoc.java b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/TokenApiDoc.java
new file mode 100644
index 0000000..2c2e905
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/apidoc/TokenApiDoc.java
@@ -0,0 +1,68 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.apidoc;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * The type Token api doc.
+ */
+public class TokenApiDoc {
+
+
+ /**
+ * The interface Create idp token.
+ */
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Operation(description = """
+ Create OAuth token to access wallet APIs
+ """, summary = "Create OAuth token")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "JWT presentation", content = {
+ @Content(examples = {
+ @ExampleObject(name = "IDP token to access wallet API", value = """
+ {
+ "access_token": "eyJraWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjYzM5MzJmZjUtOGRhNC0zZGU5LWE5NDItNjIxMjVmMzk0ZTQxIiwidHlwIjoiSldUIiwiYWxnIjoiRVMyNTZLIn0.eyJhdWQiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwic3ViIjoiZGlkOndlYjpjNDY0LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwIiwibmJmIjoxNzE5NDgxNjYxLCJpc3MiOiJkaWQ6d2ViOmM0NjQtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJleHAiOjE3MTk0ODE5NjEsImlhdCI6MTcxOTQ4MTY2MSwianRpIjoiOWUxOTYzOGUtZDVmZi00NWMyLWI5MTktZDJmMGE1YTg0ODRlIn0.Ap96JWRJga-CEIE6p85TKy6u3X1b21z87rXJRhD5K2lNgADjxyJk967vvW5jf6_avQEyg8sEPN37rtarT4ayTw",
+ "token_type": "Bearer",
+ "expires_in": 300,
+ "refresh_expires_in": 0,
+ "not-before-policy": 0,
+ "scope": "email profile"
+ }
+ """)
+ })
+ })
+ })
+ public @interface CreateIdpToken {
+
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/config/ApplicationConfig.java b/src/main/java/org/eclipse/tractusx/wallet/stub/config/ApplicationConfig.java
new file mode 100644
index 0000000..511fea6
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/config/ApplicationConfig.java
@@ -0,0 +1,81 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.config;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
+import lombok.extern.slf4j.Slf4j;
+import org.springdoc.core.properties.SwaggerUiConfigProperties;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+import java.util.Objects;
+
+/**
+ * The type Application config.
+ */
+@Configuration
+@Slf4j
+public class ApplicationConfig implements WebMvcConfigurer {
+
+ private final SwaggerUiConfigProperties properties;
+
+ public ApplicationConfig() {
+ this.properties = null;
+ }
+
+ @Autowired(required = false)
+ public ApplicationConfig(SwaggerUiConfigProperties properties) {
+ this.properties = properties;
+ }
+
+
+ @Override
+ public void addViewControllers(ViewControllerRegistry registry) {
+ if (!Objects.isNull(properties)) {
+ String redirectUri = properties.getPath();
+ registry.addRedirectViewController("/", redirectUri);
+ }
+ }
+
+ /**
+ * Object mapper object mapper.
+ *
+ * @return ObjectMapper object mapper
+ */
+ @Bean
+ public ObjectMapper objectMapper() {
+ ObjectMapper objectMapper = new ObjectMapper();
+ objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false)
+ .configure(SerializationFeature.FAIL_ON_EMPTY_BEANS, false)
+ .configure(DeserializationFeature.ACCEPT_EMPTY_ARRAY_AS_NULL_OBJECT, false)
+ .registerModule(new JavaTimeModule())
+ .setSerializationInclusion(JsonInclude.Include.NON_NULL);
+ return objectMapper;
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/config/InitialSetupConfig.java b/src/main/java/org/eclipse/tractusx/wallet/stub/config/InitialSetupConfig.java
new file mode 100644
index 0000000..9215978
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/config/InitialSetupConfig.java
@@ -0,0 +1,72 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.config;
+
+import lombok.RequiredArgsConstructor;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.tractusx.wallet.stub.portal.PortalStubService;
+import org.eclipse.tractusx.wallet.stub.portal.dto.SetupDimRequest;
+import org.eclipse.tractusx.wallet.stub.statuslist.StatusListCredentialService;
+import org.springframework.boot.context.event.ApplicationReadyEvent;
+import org.springframework.context.event.EventListener;
+import org.springframework.stereotype.Component;
+
+/**
+ * The type Initial setup config class. It will create an Operator(base wallet) once the application is ready
+ */
+@Component
+@RequiredArgsConstructor
+@Slf4j
+public class InitialSetupConfig {
+
+
+ private final PortalStubService portalStubService;
+
+ private final WalletStubSettings walletStubSettings;
+
+ private final StatusListCredentialService statusListCredentialService;
+
+
+ /**
+ * Sets up the base wallet by creating a DIM for a company and generating a status list Verifiable Credential.
+ *
+ *
This method is annotated with {@link EventListener} and listens for the {@link ApplicationReadyEvent}
+ * to trigger the setup process.
+ */
+ @SneakyThrows
+ @EventListener(ApplicationReadyEvent.class)
+ public void setupBaseWallet() {
+ SetupDimRequest request = new SetupDimRequest();
+ request.setBpn(walletStubSettings.baseWalletBPN());
+ request.setCompanyName("Eclipse Tractus-x Operating Company");
+ request.setDidDocumentLocation(walletStubSettings.didHost());
+
+ //create did a document and lry pair
+ portalStubService.setupDim(request);
+
+ //create status list VC
+ statusListCredentialService.getStatusListCredential(walletStubSettings.baseWalletBPN(), walletStubSettings.statusListVcId());
+
+ log.debug("Base wallet with bpn is {} created and status list VC is also created", walletStubSettings.baseWalletBPN());
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/config/OpenApiConfig.java b/src/main/java/org/eclipse/tractusx/wallet/stub/config/OpenApiConfig.java
new file mode 100644
index 0000000..058bf24
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/config/OpenApiConfig.java
@@ -0,0 +1,101 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.config;
+
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Contact;
+import io.swagger.v3.oas.models.info.Info;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+import org.springdoc.core.models.GroupedOpenApi;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
+
+import java.util.Collections;
+
+/**
+ * OpenApiConfig is used for managing the swagger with basic security setup if security is enabled.
+ */
+@Configuration
+public class OpenApiConfig {
+
+
+ /**
+ * Open api open api.
+ *
+ * @return the open api
+ */
+ @Bean
+ public OpenAPI openAPI() {
+ Info info = new Info();
+ info.setTitle("SSI DIM Wallet Stub API");
+ info.setDescription("SSI DIM Wallet Stub API");
+ info.termsOfService("https://www.eclipse.org/legal/termsofuse.php");
+ info.setVersion("0.0.1");
+
+ Contact contact = new Contact();
+ contact.name("Eclipse Tractus-X");
+ contact.email("tractusx-dev@eclipse.org");
+ contact.url("https://projects.eclipse.org/projects/automotive.tractusx");
+ info.contact(contact);
+
+ OpenAPI openAPI = new OpenAPI();
+ openAPI = enableSecurity(openAPI);
+ return openAPI.info(info);
+ }
+
+ /**
+ * Open api definition grouped open api.
+ *
+ * @return the grouped open api
+ */
+ @Bean
+ public GroupedOpenApi openApiDefinition() {
+ return GroupedOpenApi.builder()
+ .group("docs")
+ .pathsToMatch("/**")
+ .displayName("Docs")
+ .build();
+ }
+
+
+ private OpenAPI enableSecurity(OpenAPI openAPI) {
+ Components components = new Components();
+
+ //Auth using access_token
+ String accessTokenAuth = "Authenticate using access_token";
+ components.addSecuritySchemes(accessTokenAuth,
+ new SecurityScheme().name(accessTokenAuth)
+ .description("""
+ **Bearer (apiKey)**
+ JWT Authorization header using the Bearer scheme.
+ Enter **Bearer** [space] and then your token in the text input below.
+ Example: Bearer access_token
+ """)
+ .type(SecurityScheme.Type.APIKEY).in(SecurityScheme.In.HEADER).name(HttpHeaders.AUTHORIZATION));
+ return openAPI.components(components)
+ .addSecurityItem(new SecurityRequirement()
+ .addList(accessTokenAuth, Collections.emptyList()));
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/config/WalletStubSettings.java b/src/main/java/org/eclipse/tractusx/wallet/stub/config/WalletStubSettings.java
new file mode 100644
index 0000000..0739209
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/config/WalletStubSettings.java
@@ -0,0 +1,35 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.config;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+
+/**
+ * This class represents the configuration settings for the Wallet Stub application.
+ * The settings are defined using Spring Boot's {@code @ConfigurationProperties} annotation,
+ * allowing them to be configured via application properties files.
+ */
+@ConfigurationProperties(prefix = "stub")
+public record WalletStubSettings(String env, String didHost, String stubUrl,
+ String baseWalletBPN, String statusListVcId) {
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/credential/CredentialService.java b/src/main/java/org/eclipse/tractusx/wallet/stub/credential/CredentialService.java
new file mode 100644
index 0000000..5f8761f
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/credential/CredentialService.java
@@ -0,0 +1,195 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.credential;
+
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+import lombok.RequiredArgsConstructor;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.time.DateUtils;
+import org.eclipse.tractusx.wallet.stub.config.WalletStubSettings;
+import org.eclipse.tractusx.wallet.stub.did.DidDocument;
+import org.eclipse.tractusx.wallet.stub.did.DidDocumentService;
+import org.eclipse.tractusx.wallet.stub.key.KeyService;
+import org.eclipse.tractusx.wallet.stub.storage.MemoryStorage;
+import org.eclipse.tractusx.wallet.stub.token.TokenSettings;
+import org.eclipse.tractusx.wallet.stub.utils.CommonUtils;
+import org.eclipse.tractusx.wallet.stub.utils.CustomCredential;
+import org.eclipse.tractusx.wallet.stub.utils.StringPool;
+import org.springframework.stereotype.Service;
+
+import java.net.URI;
+import java.security.KeyPair;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.UUID;
+
+@Service
+@RequiredArgsConstructor
+@Slf4j
+public class CredentialService {
+
+
+ private final MemoryStorage memoryStorage;
+
+ private final KeyService keyService;
+
+ private final DidDocumentService didDocumentService;
+
+
+ private final WalletStubSettings walletStubSettings;
+
+ private final TokenSettings tokenSettings;
+
+
+ /**
+ * Retrieves a verifiable credential in JWT format for the specified holder's BPN and type.
+ * If the credential already exists in memory, it is returned directly.
+ * If not, a new verifiable credential is issued, signed with the issuer's key pair, and returned as a JWT.
+ *
+ * @param holderBpn The BPN of the holder for whom the credential is issued.
+ * @param type The type of the credential.
+ * @return The verifiable credential in JWT format for the specified holder's BPN and type.
+ */
+ @SneakyThrows
+ public String getVerifiableCredentialByHolderBpnAndTypeAsJwt(String holderBpn, String type) {
+
+ Optional optionalVC = memoryStorage.getCredentialsAsJwtByHolderBpnAndType(holderBpn, type);
+ if (optionalVC.isPresent()) {
+ return optionalVC.get();
+ }
+
+ CustomCredential verifiableCredential = getVerifiableCredentialByHolderBpnAndType(holderBpn, type);
+ KeyPair issuerKeyPair = keyService.getKeyPair(walletStubSettings.baseWalletBPN());
+ DidDocument issuerDocument = didDocumentService.getDidDocument(walletStubSettings.baseWalletBPN());
+ DidDocument holderDocument = didDocumentService.getDidDocument(holderBpn);
+
+ //time config
+ Date time = new Date();
+ Date expiryTime = DateUtils.addMinutes(time, tokenSettings.tokenExpiryTime());
+
+ //claims
+ JWTClaimsSet membershipTokenBody = new JWTClaimsSet.Builder()
+ .issueTime(time)
+ .jwtID(UUID.randomUUID().toString())
+ .audience(List.of(issuerDocument.getId(), holderDocument.getId()))
+ .expirationTime(expiryTime)
+ .claim(StringPool.BPN, holderBpn)
+ .claim(StringPool.VC, verifiableCredential)
+ .issuer(issuerDocument.getId())
+ .subject(issuerDocument.getId())
+ .build();
+
+ SignedJWT vcJWT = CommonUtils.signedJWT(membershipTokenBody, issuerKeyPair, issuerDocument.getVerificationMethod().getFirst().getId());
+
+ String membershipVcAsJwt = vcJWT.serialize();
+ memoryStorage.saveCredentialAsJwt(verifiableCredential.get(StringPool.ID).toString(), membershipVcAsJwt, holderBpn, StringPool.MEMBERSHIP_CREDENTIAL);
+ return membershipVcAsJwt;
+ }
+
+ /**
+ * Retrieves a verifiable credential based on the specified holder's BPN and type.
+ * If the credential already exists in memory, it is returned directly.
+ * If not, a new verifiable credential is issued and returned.
+ *
+ * @param holderBpn The BPN of the holder for whom the credential is issued.
+ * @param type The type of the credential.
+ * @return The verifiable credential for the specified holder's BPN and type.
+ */
+ @SneakyThrows
+ public CustomCredential getVerifiableCredentialByHolderBpnAndType(String holderBpn, String type) {
+ Optional verifiableCredentialOptional = memoryStorage.getCredentialsByHolderBpnAndType(holderBpn, type);
+ if (verifiableCredentialOptional.isPresent()) {
+ return verifiableCredentialOptional.get();
+ } else {
+ //issue new VC of that type of
+ DidDocument issuerDocument = didDocumentService.getDidDocument(walletStubSettings.baseWalletBPN());
+ DidDocument holderDocument = didDocumentService.getDidDocument(holderBpn);
+ //build VC without a proof
+ String vcId = CommonUtils.getUuid(holderBpn, type);
+ URI vcIdUri = URI.create(issuerDocument.getId() + StringPool.HASH_SEPARATOR + vcId);
+
+ if (type.equals(StringPool.MEMBERSHIP_CREDENTIAL)) {
+ return issueMembershipCredential(holderBpn, issuerDocument, holderDocument, vcIdUri, vcId);
+ } else if (type.equals(StringPool.BPN_CREDENTIAL)) {
+ return issueBpnCredential(holderBpn, issuerDocument, holderDocument, vcIdUri, vcId);
+ } else {
+ throw new IllegalArgumentException("vc type -> " + type + " is not supported");
+ }
+ }
+ }
+
+
+ /**
+ * Issues a status list credential for the specified holder's BPN and VC ID.
+ * The status list credential is a type of verifiable credential used for revocation.
+ *
+ * @param holderBpn The BPN of the holder for whom the status list credential is issued.
+ * @param vcId The unique identifier for the status list credential.
+ * @return The issued status list credential.
+ */
+ public CustomCredential issueStatusListCredential(String holderBpn, String vcId) {
+ DidDocument issuerDocument = didDocumentService.getDidDocument(walletStubSettings.baseWalletBPN());
+
+ URI vcIdUri = URI.create(issuerDocument.getId() + StringPool.HASH_SEPARATOR + vcId);
+
+ Map subject = new HashMap<>();
+ subject.put(StringPool.TYPE, StringPool.STATUS_LIST_2021_CREDENTIAL);
+ subject.put(StringPool.ENCODED_LIST, CommonUtils.getEncodedList());
+ subject.put(StringPool.STATUS_PURPOSE, StringPool.REVOCATION);
+
+ CustomCredential credentialWithoutProof = CommonUtils.createCredential(issuerDocument.getId(),
+ vcIdUri.toString(), StringPool.STATUS_LIST_2021_CREDENTIAL, DateUtils.addYears(new Date(), 1), subject);
+
+
+ memoryStorage.saveCredentials(vcIdUri.toString(), credentialWithoutProof, holderBpn, StringPool.STATUS_LIST_2021_CREDENTIAL);
+ return credentialWithoutProof;
+ }
+
+ private CustomCredential issueMembershipCredential(String holderBpn, DidDocument issuerDocument, DidDocument holderDocument, URI vcIdUri, String vcId) {
+ Map subject = new HashMap<>();
+ subject.put(StringPool.ID, holderDocument.getId());
+ subject.put(StringPool.HOLDER_IDENTIFIER, holderBpn);
+ subject.put(StringPool.TYPE, StringPool.MEMBERSHIP_CREDENTIAL);
+ CustomCredential credentialWithoutProof = CommonUtils.createCredential(issuerDocument.getId(),
+ vcIdUri.toString(), StringPool.MEMBERSHIP_CREDENTIAL, DateUtils.addYears(new Date(), 1), subject);
+ memoryStorage.saveCredentials(vcId, credentialWithoutProof, holderBpn, StringPool.MEMBERSHIP_CREDENTIAL);
+ return credentialWithoutProof;
+ }
+
+ private CustomCredential issueBpnCredential(String holderBpn, DidDocument issuerDocument, DidDocument holderDocument, URI vcIdUri, String vcId) {
+ Map subject = new HashMap<>();
+ subject.put(StringPool.ID, holderDocument.getId());
+ subject.put(StringPool.HOLDER_IDENTIFIER, holderBpn);
+ subject.put(StringPool.TYPE, StringPool.BPN_CREDENTIAL);
+ subject.put(StringPool.BPN, holderBpn);
+ CustomCredential credentialWithoutProof = CommonUtils.createCredential(issuerDocument.getId(),
+ vcIdUri.toString(), StringPool.BPN_CREDENTIAL, DateUtils.addYears(new Date(), 1), subject);
+
+ memoryStorage.saveCredentials(vcId, credentialWithoutProof, holderBpn, StringPool.BPN_CREDENTIAL);
+ return credentialWithoutProof;
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/did/DidController.java b/src/main/java/org/eclipse/tractusx/wallet/stub/did/DidController.java
new file mode 100644
index 0000000..8fecfb8
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/did/DidController.java
@@ -0,0 +1,63 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.did;
+
+
+import io.swagger.v3.oas.annotations.tags.Tag;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.tractusx.wallet.stub.apidoc.DidApiDoc;
+import org.eclipse.tractusx.wallet.stub.storage.MemoryStorage;
+import org.eclipse.tractusx.wallet.stub.utils.StringPool;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Optional;
+
+@RestController
+@RequiredArgsConstructor
+@Slf4j
+@Tag(name = "Resolve DID Document")
+public class DidController {
+
+
+ private final DidDocumentService didDocumentService;
+
+ private final MemoryStorage memoryStorage;
+
+ /**
+ * Retrieves the Decentralized Identifier (DID) document associated with the provided business partner number (bpn) from the memory store.
+ *
+ * @param bpn The business partner number (bpn) for which to retrieve the DID document
+ * @return The ResponseEntity containing the DID document associated with the provided bpn
+ */
+ @DidApiDoc.DidDocument
+ @GetMapping(path = "{bpn}/did.json", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity getDocument(@PathVariable(name = StringPool.BPN) String bpn) {
+ log.debug("Did document requested for bpn ->{}", bpn);
+ Optional didDocument = memoryStorage.getDidDocument(bpn);
+ return didDocument.map(ResponseEntity::ok).orElseGet(() -> ResponseEntity.ok(didDocumentService.getDidDocument(bpn)));
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/wallet/stub/did/DidDocument.java b/src/main/java/org/eclipse/tractusx/wallet/stub/did/DidDocument.java
new file mode 100644
index 0000000..520241e
--- /dev/null
+++ b/src/main/java/org/eclipse/tractusx/wallet/stub/did/DidDocument.java
@@ -0,0 +1,98 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.wallet.stub.did;
+
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonPOJOBuilder;
+import lombok.Getter;
+import org.eclipse.edc.iam.did.spi.document.Service;
+import org.eclipse.edc.iam.did.spi.document.VerificationMethod;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * When a DID URL gets resolved from ION, this object represents the JSON that is returned.
+ */
+@JsonDeserialize(builder = DidDocument.Builder.class)
+@Getter
+public class DidDocument {
+
+ private final List service = new ArrayList<>();
+ @JsonProperty("@context")
+ private final List