Merge pull request #135 from mosip/inji-429-standardize-openid-config…

…uration refactor(inji-429): standardize the inji issuers configuration and is related endpoints
mosip · Oct 18, 2023 · 64fca54 · 64fca54
2 parents 520bd5c + 0dee4a1
commit 64fca54
Show file tree

Hide file tree

Showing 12 changed files with 213 additions and 68 deletions.
diff --git a/.github/workflows/push-trigger.yml b/.github/workflows/push-trigger.yml
@@ -118,4 +118,4 @@ jobs:
       DEV_NAMESPACE_DOCKER_HUB: ${{ secrets.DEV_NAMESPACE_DOCKER_HUB }}
       ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
       RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
-      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/.talismanrc b/.talismanrc
@@ -0,0 +1,70 @@
+fileignoreconfig:
+- filename: certs/oidckeystore.p12
+  checksum: d247acadb5fac098880011f0d0f8fa17223d78f67fa815525eff32616f5ff50c
+- filename: src/main/resources/keystore.p12
+  checksum: a4ff711aa52da2ca3ace8e660515991f71c3f76b5eee3598679f9282214013aa
+- filename: src/main/java/io/mosip/mimoto/exception/BaseCheckedException.java
+  checksum: d6c31dadb603a3daa320c41a63cf94b983662749664c593cfac330234333a50f
+- filename: src/main/java/io/mosip/mimoto/dto/ErrorDTO.java
+  checksum: f07ea78ad10b25b8c7ebb78be365cf87b03d7ee2681265de9617f1aa54a912e9
+- filename: src/main/java/io/mosip/mimoto/exception/BiometricException.java
+  checksum: e99050f4618224a32d378df776a177a1e0cf87089dfcc2ea542cb05c74c7d88b
+- filename: src/test/java/io/mosip/mimoto/controller/InjiControllerTest.java
+  checksum: 2ed11df9c90f52e7a6b9e9c31c462393e492f57493c6ec8f1492078fd16ce9ba
+- filename: src/test/java/io/mosip/mimoto/util/JoseUtilTest.java
+  checksum: 5c407e9011599fb6ff95820fff6a3a4b781c7b95875937c629893d1a8cb08fa0
+- filename: src/test/java/io/mosip/mimoto/service/CredentialShareServiceTest.java
+  checksum: ba02215bc13737afa162de5be9d9d76701259cf9764b61e8ee0d27a7c94ecb3d
+- filename: Credits.md
+  checksum: 785ea952bde3ffa1daac349e6bb0cfa1ae1c74fdc7ea33eb40eeca20b23f537f
+- filename: .github/workflows/sonarqube.yml
+  checksum: 06fea629c2f32b36e385b65d9ba5437920b06bdd7c379e4e487a10d0964e9ce4
+- filename: Dockerfile
+  checksum: 8245c8124920165b6d9f0696a17d7ae1e945bef0b0d79e8a325bfe3c8afac3f4
+- filename: docs/images/id_pass_logo.svg
+  checksum: 81b14da4f42f335cf6a3094489844962b92fc629c89691487558c71c3d44a915
+- filename: README.md
+  checksum: b01438ae6897d9a2d311ca6f68cc839cb4d8252b29d9fa7d41a0362aaecf0065
+- filename: .github/workflows/push-trigger.yml
+  checksum: 157f32aea860b6c1e1fbe4ec64588af662337fca3d815b62b6a75e1b60a59f37
+- filename: helm/mimoto/install.sh
+  checksum: d5f2e121664dc1b3d8769a36b481ddb44a4f41f410df8c55a5467f4fd53a8a99
+- filename: src/main/java/io/mosip/mimoto/controller/CredentialShareController.java
+  checksum: 666c22ca63adb8770de901e220f8efeb5ec1d3f63064a58dea33ba49b8e15872
+- filename: src/main/java/io/mosip/mimoto/controller/IssuersController.java
+  checksum: 856d860de2562fa019ac23bd724b84e1d67b834883b332c12415e6714de9bb05
+- filename: helm/mimoto/templates/deployment.yaml
+  checksum: 6eee9c084a39881370a82d249c5f0ae42c99f752db93b59507f4e83b68e7ac26
+- filename: helm/mimoto/values.yaml
+  checksum: 3a851cd6ca92a0ec97faac8e771b834b92b226dc607681d2a936b067e3874e16
+- filename: src/main/java/io/mosip/mimoto/constant/DocumentGeneratorExceptionCodeConstant.java
+  checksum: 329b8341fed7a8166fd1ba66af3d74810e4549b00b1d13e1216d097374c1ce52
+- filename: src/main/java/io/mosip/mimoto/dto/mimoto/AttestationStatement.java
+  checksum: 50a8c075791999d3ffc6f5df0a06b790a69d922688c4c7498d8a6d415c8f046d
+- filename: partner-onboarder/install.sh
+  checksum: 0551b30d8c6634466602d6e7234a6aa580a46bdd72ed02a737c7c095d5e32edf
+- filename: src/main/java/io/mosip/mimoto/exception/ExceptionUtils.java
+  checksum: 078d1e13d2c6787718f2bfd8320380e3aa4921c498cd05c9e445d78f08384c20
+- filename: src/main/java/io/mosip/mimoto/util/WebSubSubscriptionHelper.java
+  checksum: c25969b732f7dd0fd49262c68983d85611cb78800b8080d9f63f7ed9eeb0251b
+- filename: src/main/java/io/mosip/mimoto/util/Utilities.java
+  checksum: 71605c7209583dd3494e6778403ec89fb5f78f00db06c1b9b8512da20621390b
+- filename: src/main/resources/application-local.properties
+  checksum: 4fd09fe56696b8156663da5e06c9c072bddd2007f81a87fdc69ce8f3acdee08b
+- filename: src/test/java/io/mosip/mimoto/config/MimotoConfig.java
+  checksum: ba189011b924fe58a804281c88a190b9b969d21bc485e03206471f69be1a1b5d
+- filename: src/main/java/io/mosip/mimoto/util/JsonUtil.java
+  checksum: cc7a9e1be3ffd68e809dbf70e75f57f1420d117eba0ea7a720eca1a43fbe7f79
+- filename: src/main/java/io/mosip/mimoto/exception/PlatformErrorMessages.java
+  checksum: eddc1f3d44e8b8676c5c4ff6ed94ba9018f3a562d4e17908234704493ec6b35e
+- filename: src/main/java/io/mosip/mimoto/service/impl/CredentialShareServiceImpl.java
+  checksum: 4b17319b2ec9e41c943798700d7bf382281f1dd752246e635991f398a9bc9234
+- filename: src/main/java/io/mosip/mimoto/util/RestApiClient.java
+  checksum: 77b8afdefbb1f8ff56e140836e6713d150ac48f99c6778e43bc2854e5fcd4732
+- filename: src/main/java/io/mosip/mimoto/util/JoseUtil.java
+  checksum: 1a9b48b950b17c14c32c2ee0c8ad0448d63da887dfb7eb82f4f0bf0b71fdeafa
+- filename: src/main/java/io/mosip/mimoto/util/CryptoUtil.java
+  checksum: fc4b7bd41ca63b2060854e218eb50689f77162dc51c45e95f51ec0272bd3585a
+- filename: src/main/java/io/mosip/mimoto/util/CryptoCoreUtil.java
+  checksum: 0ecab2033342fbbc7828c3eae63247c8c33f4faea3001582338819669cd9b904
+version: ""
diff --git a/src/main/java/io/mosip/mimoto/dto/DisplayDTO.java b/src/main/java/io/mosip/mimoto/dto/DisplayDTO.java
@@ -0,0 +1,15 @@
+package io.mosip.mimoto.dto;
+
+import com.google.gson.annotations.Expose;
+import lombok.Data;
+
+@Data
+
+public class DisplayDTO {
+    @Expose
+    String name;
+    @Expose
+    LogoDTO logo;
+    @Expose
+    String language;
+}
diff --git a/src/main/java/io/mosip/mimoto/dto/IssuerDTO.java b/src/main/java/io/mosip/mimoto/dto/IssuerDTO.java
@@ -1,7 +1,9 @@
 package io.mosip.mimoto.dto;
 
 import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
 import com.google.gson.annotations.Expose;
+import com.google.gson.annotations.SerializedName;
 import lombok.Data;
 
 import java.util.List;
@@ -13,23 +15,29 @@
 @Data
 public class IssuerDTO {
     @Expose
-    String id;
+    String credential_issuer;
     @Expose
-    String displayName;
+    List<DisplayDTO> display;
     @Expose
     String protocol;
     @Expose
-    String logoUrl;
-    @Expose
-    String clientId;
+    String client_id;
+    @SerializedName(".well-known")
+    @JsonProperty(".well-known")
     @Expose
     String wellKnownEndpoint;
     @JsonInclude(NON_NULL)
-    String redirectUrl;
+    String redirect_uri;
+    @JsonInclude(NON_NULL)
+    List<String> scopes_supported;
+    @JsonInclude(NON_NULL)
+    String authorization_endpoint;
+    @JsonInclude(NON_NULL)
+    String token_endpoint;
     @JsonInclude(NON_NULL)
-    List<String> scopes;
+    String credential_endpoint;
     @JsonInclude(NON_NULL)
-    ServiceConfiguration serviceConfiguration;
+    String credential_audience;
     @JsonInclude(NON_NULL)
-    Map<String, String> additionalHeaders;
+    Map<String, String> additional_headers;
 }
diff --git a/src/main/java/io/mosip/mimoto/dto/LogoDTO.java b/src/main/java/io/mosip/mimoto/dto/LogoDTO.java
@@ -0,0 +1,13 @@
+package io.mosip.mimoto.dto;
+
+
+import com.google.gson.annotations.Expose;
+import lombok.Data;
+
+@Data
+public class LogoDTO {
+    @Expose
+    String url;
+    @Expose
+    String alt_text;
+}
diff --git a/src/main/java/io/mosip/mimoto/service/impl/IssuersServiceImpl.java b/src/main/java/io/mosip/mimoto/service/impl/IssuersServiceImpl.java
@@ -41,10 +41,10 @@ public IssuerDTO getIssuerConfig(String issuerId) throws ApiNotAccessibleExcepti
         }
         IssuersDTO issuers = new Gson().fromJson(issuersConfigJsonValue, IssuersDTO.class);
         Optional<IssuerDTO> issuerConfigResp = issuers.getIssuers().stream()
-                .filter(issuer -> issuer.getId().equals(issuerId))
+                .filter(issuer -> issuer.getCredential_issuer().equals(issuerId))
                 .findFirst();
         if (issuerConfigResp.isPresent())
             issuerDTO = issuerConfigResp.get();
         return issuerDTO;
     }
-}
+}
diff --git a/src/main/java/io/mosip/mimoto/util/Utilities.java b/src/main/java/io/mosip/mimoto/util/Utilities.java
@@ -112,7 +112,7 @@ public class Utilities {
     private String issuersConfigJsonString = null;
 
 //    uncomment for running mimoto Locally to populate the issuers json
-//    public Utilities(@Value("classpath:openid-issuers-config.json") Resource resource) throws IOException {
+//    public Utilities(@Value("classpath:mimoto-issuers-config.json") Resource resource) throws IOException {
 //        issuersConfigJsonString = (Files.readString(resource.getFile().toPath()));
 //    }
 

diff --git a/src/main/resources/application-local.properties b/src/main/resources/application-local.properties
@@ -199,7 +199,7 @@ wallet.binding.partner.api.key=Aci9jg28B8mO_LDfDXo3ZTp5_HKgEMun2tYyHCa1e8k
 #wallet.binding.partner.api.key=14378
 
 # OpenID
-mosip.openid.issuers=openid-issuers-config.json
+mosip.openid.issuers=mimoto-issuers-config.json
 #configurations related to openid4vc
 mosip.oidc.esignet.token.endpoint=https://api-internal.dev1.mosip.net/v1/esignet/oauth/token
 mosip.oidc.esignet.aud=https://esignet.dev1.mosip.net/v1/esignet/oauth/token

diff --git a/src/main/resources/mimoto-issuers-config.json b/src/main/resources/mimoto-issuers-config.json
@@ -0,0 +1,42 @@
+{
+  "issuers": [
+    {
+      "credential_issuer": "Mosip",
+      "display": [
+        {
+          "name": "UIN, VID, AID",
+          "logo": {
+            "url": "https://api.dev1.mosip.net/inji/digit-icon.png",
+            "alt_text": "digits-logo"
+          },
+          "language": "en"
+        }
+      ],
+      "protocol": "OTP"
+    },
+    {
+      "credential_issuer": "ESignet",
+      "display": [
+        {
+          "name": "e-Signet",
+          "logo": {
+            "url": "https://esignet.dev1.mosip.net/logo.png",
+            "alt_text": "esignet-logo"
+          },
+          "language": "en"
+        }
+      ],
+      "protocol": "OpenId4VCI",
+      "client_id": "7-*****************IWRDAg1x-M",
+      "scopes_supported": ["mosip_identity_vc_ldp"],
+      "additional_headers": { "Accept": "application/json" },
+      ".well-known": null,
+      "redirect_uri": "io.mosip.residentapp.inji://oauthredirect",
+      "authorization_endpoint": "https://esignet.dev1.mosip.net/authorize",
+      "token_endpoint": "https://api.dev1.mosip.net/residentmobileapp/get-token",
+      "credential_endpoint": "https://api-internal.dev1.mosip.net/v1/esignet/vci/credential",
+      "credential_audience": "https://esignet.dev1.mosip.net/v1/esignet"
+    }
+
+  ]
+}
diff --git a/src/main/resources/openid-issuers-config.json b/src/main/resources/openid-issuers-config.json
diff --git a/src/test/java/io/mosip/mimoto/controller/InjiControllerTest.java b/src/test/java/io/mosip/mimoto/controller/InjiControllerTest.java
@@ -8,8 +8,10 @@
 import io.mosip.kernel.websub.api.model.SubscriptionChangeResponse;
 import io.mosip.mimoto.TestBootApplication;
 import io.mosip.mimoto.core.http.ResponseWrapper;
+import io.mosip.mimoto.dto.DisplayDTO;
 import io.mosip.mimoto.dto.IssuerDTO;
 import io.mosip.mimoto.dto.IssuersDTO;
+import io.mosip.mimoto.dto.LogoDTO;
 import io.mosip.mimoto.dto.mimoto.*;
 import io.mosip.mimoto.dto.resident.*;
 import io.mosip.mimoto.exception.ApiNotAccessibleException;
@@ -124,17 +126,24 @@ public void getAllPropertiesTest() throws Exception {
     }
 
     static IssuerDTO getIssuerDTO(String issuerName) {
+        LogoDTO logo = new LogoDTO();
+        logo.setUrl("/logo");
+        logo.setAlt_text("logo-url");
+        DisplayDTO display = new DisplayDTO();
+        display.setName(issuerName);
+        display.setLanguage("en");
+        display.setLogo(logo);
         IssuerDTO issuer = new IssuerDTO();
-        issuer.setId(issuerName + "id");
-        issuer.setDisplayName(issuerName);
-        issuer.setLogoUrl("/logo");
-        issuer.setClientId("123");
+        issuer.setCredential_issuer(issuerName + "id");
+        issuer.setDisplay(Collections.singletonList(display));
+        issuer.setClient_id("123");
         if (issuerName.equals("Issuer1")) issuer.setWellKnownEndpoint("/.well-known");
         else {
-            issuer.setRedirectUrl(null);
-            issuer.setServiceConfiguration(null);
-            issuer.setAdditionalHeaders(null);
-            issuer.setScopes(null);
+            issuer.setRedirect_uri(null);
+            issuer.setAuthorization_endpoint(null);
+            issuer.setCredential_endpoint(null);
+            issuer.setToken_endpoint(null);
+            issuer.setScopes_supported(null);
         }
         return issuer;
     }
@@ -151,15 +160,17 @@ public void getAllIssuersTest() throws Exception {
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.response.issuers", Matchers.everyItem(
                         Matchers.allOf(
-                                Matchers.hasKey("id"),
-                                Matchers.hasKey("displayName"),
-                                Matchers.hasKey("logoUrl"),
-                                Matchers.hasKey("clientId"),
-                                Matchers.hasKey("wellKnownEndpoint"),
-                                Matchers.not(Matchers.hasKey("redirectUrl")),
-                                Matchers.not(Matchers.hasKey("serviceConfiguration")),
-                                Matchers.not(Matchers.hasKey("additionalHeaders")),
-                                Matchers.not(Matchers.hasKey("scopes"))
+                                Matchers.hasKey("credential_issuer"),
+                                Matchers.hasKey("display"),
+                                Matchers.hasKey("client_id"),
+                                Matchers.hasKey(".well-known"),
+                                Matchers.not(Matchers.hasKey("redirect_url")),
+                                Matchers.not(Matchers.hasKey("authorization_endpoint")),
+                                Matchers.not(Matchers.hasKey("token_endpoint")),
+                                Matchers.not(Matchers.hasKey("credential_endpoint")),
+                                Matchers.not(Matchers.hasKey("credential_audience")),
+                                Matchers.not(Matchers.hasKey("additional_headers")),
+                                Matchers.not(Matchers.hasKey("scopes_supported"))
                         )
                 )));
 

diff --git a/src/test/java/io/mosip/mimoto/service/IssuersServiceTest.java b/src/test/java/io/mosip/mimoto/service/IssuersServiceTest.java
@@ -3,7 +3,8 @@
 import com.google.gson.Gson;
 import io.mosip.mimoto.dto.IssuerDTO;
 import io.mosip.mimoto.dto.IssuersDTO;
-import io.mosip.mimoto.dto.ServiceConfiguration;
+import io.mosip.mimoto.dto.DisplayDTO;
+import io.mosip.mimoto.dto.LogoDTO;
 import io.mosip.mimoto.exception.ApiNotAccessibleException;
 import io.mosip.mimoto.service.impl.IssuersServiceImpl;
 import io.mosip.mimoto.util.Utilities;
@@ -35,27 +36,33 @@ public class IssuersServiceTest {
     @Mock
     Utilities utilities;
 
-    List<String> issuerConfigRelatedFields = List.of("additionalHeaders", "serviceConfiguration", "redirectionUri");
+    List<String> issuerConfigRelatedFields = List.of("additional_headers", "authorization_endpoint", "token_endpoint", "credential_endpoint", "credential_audience", "redirect_uri");
 
 
     static IssuerDTO getIssuerDTO(String issuerName, List<String> nullFields) {
+        LogoDTO logo = new LogoDTO();
+        logo.setUrl("/logo");
+        logo.setAlt_text("logo-url");
+        DisplayDTO display = new DisplayDTO();
+        display.setName(issuerName);
+        display.setLanguage("en");
+        display.setLogo(logo);
         IssuerDTO issuer = new IssuerDTO();
-        issuer.setId(issuerName + "id");
-        issuer.setDisplayName(issuerName);
-        issuer.setLogoUrl("/logo");
-        issuer.setClientId("123");
+        issuer.setCredential_issuer(issuerName + "id");
+        issuer.setDisplay(Collections.singletonList(display));
+        issuer.setClient_id("123");
         if (issuerName.equals("Issuer1")) issuer.setWellKnownEndpoint("/.well-known");
         else {
-            if (!nullFields.contains("redirectionUri"))
-                issuer.setRedirectUrl("/redirection");
-            if (!nullFields.contains("serviceConfiguration")) {
-                ServiceConfiguration serviceConfiguration = new ServiceConfiguration();
-                serviceConfiguration.setAuthorizationEndpoint("/authorization");
-                serviceConfiguration.setTokenEndpoint("/token");
-                issuer.setServiceConfiguration(serviceConfiguration);
-            }
-            if (!nullFields.contains("additionalHeaders"))
-                issuer.setAdditionalHeaders(Map.of("Content-Type", "application/json"));
+            if (!nullFields.contains("redirect_uri"))
+                issuer.setRedirect_uri("/redirection");
+            if (!nullFields.contains("authorization_endpoint"))
+                issuer.setAuthorization_endpoint("/authorization_endpoint");
+            if (!nullFields.contains("token_endpoint"))
+                issuer.setAuthorization_endpoint("/token_endpoint");
+            if (!nullFields.contains("credential_endpoint"))
+                issuer.setAuthorization_endpoint("/credential_endpoint");
+            if (!nullFields.contains("additional_headers"))
+                issuer.setAdditional_headers(Map.of("Content-Type", "application/json"));
         }
         return issuer;
     }