diff --git a/.dockerignore b/.dockerignore
index 9e26bea92..fd7a10b20 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -18,4 +18,4 @@
# ********************************************************************************/
**/.git
-build/test-results
+miw/build/test-results
diff --git a/.github/workflows/app-test-coverage-pr.yml b/.github/workflows/app-test-coverage-pr.yml
index f0e56fb9f..193358ebe 100644
--- a/.github/workflows/app-test-coverage-pr.yml
+++ b/.github/workflows/app-test-coverage-pr.yml
@@ -35,11 +35,14 @@ jobs:
fetch-depth: 0
- name: Set up Java 17
- uses: actions/setup-java@v3
+ uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
+ - name: Validate Gradle wrapper
+ uses: gradle/wrapper-validation-action@v2
+
- name: Test app
run: ./gradlew test
@@ -48,18 +51,18 @@ jobs:
run: ./gradlew jacocoTestReport
- name: Upload test results
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
if: always()
with:
name: test-results
- path: ${{ github.workspace }}/build/
+ path: ${{ github.workspace }}/miw/build/
- name: Publish code coverage report as PR comment
uses: madrapps/jacoco-report@v1.6.1
if: always()
with:
paths: |
- ${{ github.workspace }}/build/reports/xml/jacoco.xml
+ ${{ github.workspace }}/miw/build/reports/xml/jacoco.xml
token: ${{ secrets.GITHUB_TOKEN }}
min-coverage-overall: 80
min-coverage-changed-files: 80
diff --git a/.github/workflows/app-test-coverage-repo.yml b/.github/workflows/app-test-coverage-repo.yml
index c52a486f0..b9ea4a2d0 100644
--- a/.github/workflows/app-test-coverage-repo.yml
+++ b/.github/workflows/app-test-coverage-repo.yml
@@ -36,7 +36,7 @@ jobs:
steps:
- name: Download test results
- uses: actions/download-artifact@v3
+ uses: actions/download-artifact@v4
with:
name: test-results
path: ${{ github.workspace }}/
diff --git a/.github/workflows/chart-verification.yml b/.github/workflows/chart-verification.yml
index a75cec444..47bafb3ad 100644
--- a/.github/workflows/chart-verification.yml
+++ b/.github/workflows/chart-verification.yml
@@ -51,7 +51,7 @@ jobs:
fetch-depth: 0
- name: Set up Helm
- uses: azure/setup-helm@v3
+ uses: azure/setup-helm@v4.1.0
with:
version: v3.12.3
@@ -86,8 +86,8 @@ jobs:
uses: addnab/docker-run-action@v3
with:
image: jnorwood/helm-docs:v1.11.3
- options: -v ${{ github.workspace }}/charts:/helm-docs
- run: helm-docs -i managed-identity-wallet/.helmdocsignore
+ options: -v ${{ github.workspace }}/charts:/helm-docs -v ${{ github.workspace }}/.helmdocsignore:/helm-docs/.helmdocsignore
+ run: helm-docs
- name: Verify that no changes are required
run: |
@@ -108,14 +108,14 @@ jobs:
fetch-depth: 0
- name: Set up Helm
- uses: azure/setup-helm@v3
+ uses: azure/setup-helm@v4.1.0
with:
version: v3.12.3
- name: Set up Taskfile
uses: arduino/setup-task@v1
- - uses: actions/setup-java@v3
+ - uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
@@ -151,7 +151,7 @@ jobs:
version: v0.20.0
- name: Build image
- uses: docker/build-push-action@v4
+ uses: docker/build-push-action@v5
with:
context: .
push: true
diff --git a/.github/workflows/dast-scan.yaml b/.github/workflows/dast-scan.yaml
index d94c66d8b..243641724 100644
--- a/.github/workflows/dast-scan.yaml
+++ b/.github/workflows/dast-scan.yaml
@@ -38,14 +38,14 @@ jobs:
fetch-depth: 0
- name: Set up Helm
- uses: azure/setup-helm@v3
+ uses: azure/setup-helm@v4.1.0
with:
version: v3.12.3
- name: Set up Taskfile
uses: arduino/setup-task@v1
- - uses: actions/setup-java@v3
+ - uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
@@ -72,7 +72,7 @@ jobs:
version: v0.20.0
- name: Build image
- uses: docker/build-push-action@v4
+ uses: docker/build-push-action@v5
with:
context: .
push: true
@@ -120,15 +120,10 @@ jobs:
echo "... done."
- - name: Add Summary
- if: success() || failure()
- run: |
- echo "Publishing Job summary... "
- cat report_md.md >> $GITHUB_STEP_SUMMARY
-
- name: Upload HTML report
if: success() || failure()
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
with:
name: ZAP scan report
path: ./report_html.html
+ retention-days: 1
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 5e25c95c0..1751418f2 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -48,13 +48,14 @@ jobs:
- name: Checkout repository
uses: actions/checkout@v4
+ - name: Validate Gradle wrapper
+ uses: gradle/wrapper-validation-action@v2
+
- name: Setup Helm
- uses: azure/setup-helm@v3
- with:
- token: ${{ secrets.GITHUB_TOKEN }}
+ uses: azure/setup-helm@v4.1.0
- name: Setup JDK 17
- uses: actions/setup-java@v3
+ uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
@@ -94,15 +95,15 @@ jobs:
run: ./gradlew build
- name: Upload build artifact
- uses: actions/upload-artifact@v2
+ uses: actions/upload-artifact@v4
with:
name: build
- path: ./build
+ path: ./miw/build
if-no-files-found: error
retention-days: 1
- name: Upload Helm chart artifact
- uses: actions/upload-artifact@v2
+ uses: actions/upload-artifact@v4
with:
name: charts
path: ./charts
@@ -114,6 +115,15 @@ jobs:
echo "::notice::${{ env.next_release }}"
echo "::notice::${{ env.will_create_new_release }}"
+ - name: Upload jar to GitHub release
+ if: github.event_name != 'pull_request' && steps.semantic-release.outputs.will_create_new_release == 'true'
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ RELEASE_VERSION: ${{ steps.semantic-release.outputs.next_release }}
+ run: |
+ echo "::notice::Uploading jar to GitHub release"
+ gh release upload "v$RELEASE_VERSION" ./miw/build/libs/miw-latest.jar
+
docker:
name: Docker Release
needs: semantic_release
@@ -122,13 +132,13 @@ jobs:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download build artifact
- uses: actions/download-artifact@v2
+ uses: actions/download-artifact@v4
with:
name: build
- path: ./build
+ path: ./miw/build
- name: Download Helm chart artifact
- uses: actions/download-artifact@v2
+ uses: actions/download-artifact@v4
with:
name: charts
path: ./charts
@@ -136,7 +146,7 @@ jobs:
# Create SemVer or ref tags dependent of trigger event
- name: Docker meta
id: meta
- uses: docker/metadata-action@v4
+ uses: docker/metadata-action@v5
with:
images: |
${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
@@ -152,14 +162,14 @@ jobs:
- name: DockerHub login
if: github.event_name != 'pull_request'
- uses: docker/login-action@v2
+ uses: docker/login-action@v3
with:
# Use existing DockerHub credentials present as secrets
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Push image
- uses: docker/build-push-action@v2
+ uses: docker/build-push-action@v5
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
@@ -189,15 +199,13 @@ jobs:
uses: actions/checkout@v4
- name: Download Helm chart artifact
- uses: actions/download-artifact@v2
+ uses: actions/download-artifact@v4
with:
name: charts
path: ./charts
- name: Install Helm
- uses: azure/setup-helm@v3
- with:
- token: ${{ secrets.GITHUB_TOKEN }}
+ uses: azure/setup-helm@v4.1.0
- name: Add Helm dependency repositories
run: |
diff --git a/.github/workflows/veracode.yaml b/.github/workflows/veracode.yaml
index c6430dc0c..5194e52ef 100644
--- a/.github/workflows/veracode.yaml
+++ b/.github/workflows/veracode.yaml
@@ -35,6 +35,9 @@ jobs:
- name: Checkout repository
uses: actions/checkout@v3
+ - name: Validate Gradle wrapper
+ uses: gradle/wrapper-validation-action@v2
+
- uses: madhead/read-java-properties@latest
id: version
with:
@@ -48,20 +51,20 @@ jobs:
- name: Set outputs
id: vars
run: |
- echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
+ echo "{sha_short}=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- name: Show version
run: echo ${APP_VERSION}.${SHORT_SHA}
- name: Set up JDK 17
- uses: actions/setup-java@v3
+ uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
- name: Build with Gradle
- uses: gradle/gradle-build-action@v2
+ uses: gradle/gradle-build-action@2.4.2
with:
arguments: build
@@ -71,6 +74,6 @@ jobs:
with:
appname: 'project-managed-identity-wallet'
createprofile: false
- filepath: 'build/libs/miw-latest.jar' # add filepath for upload
+ filepath: 'miw/build/libs/miw-latest.jar' # add filepath for upload
vid: '${{ secrets.ORG_VERACODE_API_ID }}' # reference to API ID, which is set as github org. secret
vkey: '${{ secrets.ORG_VERACODE_API_KEY }}' #reference to API Key in github, which is set as github or. secret
diff --git a/charts/managed-identity-wallet/.helmdocsignore b/.helmdocsignore
similarity index 100%
rename from charts/managed-identity-wallet/.helmdocsignore
rename to .helmdocsignore
diff --git a/.releaserc b/.releaserc
index e2a2ce0f0..d1e82e0b8 100644
--- a/.releaserc
+++ b/.releaserc
@@ -41,7 +41,7 @@
[
"@semantic-release/exec",
{
- "prepareCmd": "cd charts/managed-identity-wallet && helm-docs -i .helmdocsignore ."
+ "prepareCmd": "cd charts/managed-identity-wallet && helm-docs ."
}
],
"@semantic-release/release-notes-generator",
@@ -56,7 +56,7 @@
{
"assets": [
"CHANGELOG.md",
- "DEPENDENCIES",
+ "miw/DEPENDENCIES",
"gradle.properties",
"./charts/managed-identity-wallet/Chart.yaml",
"./charts/managed-identity-wallet/README.md"
diff --git a/CHANGELOG.md b/CHANGELOG.md
index c0ea6c80d..4cd2c0d6c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,253 @@
+# [0.5.0-develop.20](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.19...v0.5.0-develop.20) (2024-06-13)
+
+
+### Bug Fixes
+
+* failing test cases ([bf71a1d](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/bf71a1dc9d89334bfbbe8c189b331d4841ee37d2))
+* formatting issue with api json file ([b10fa38](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b10fa38eeae221b48adc6ebdace8ffdf4781bb09))
+* test cases of get VC api ([1430881](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/14308815e8e8a5420d02bb73ffca2a5386e8eee6))
+* VP test cases ([847f123](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/847f123f0e3dc4679fd0a22ff287d774c894e8f8))
+* VP validation tests ([09d337f](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/09d337f85f70e1c6514dc111757264330dc2a3ac))
+
+# [0.5.0-develop.19](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.18...v0.5.0-develop.19) (2024-06-12)
+
+
+### Bug Fixes
+
+* .helmdocsignore is not at project root ([a6ceba4](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/a6ceba41ac9a456f6016ad16afbf423b17126c4a))
+* new build location for upload action ([b6a7656](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b6a76561af20ee675debe9564bf6e5e203fdb705))
+* update helm-docs test action ([99a1e91](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/99a1e91f05010b1dbd5d0b5c734ef703d8b1ef7f))
+
+
+### Features
+
+* move src/ to a dedicated sub-project ([45ddd7b](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/45ddd7b4a63120801eb638bd64e72821c309a336))
+* save dash.jar in the root project for easy re-use ([98747c8](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/98747c8357e769259c9ef44b80fe5c469a0d82d0))
+
+# [0.5.0-develop.18](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.17...v0.5.0-develop.18) (2024-06-03)
+
+
+### Bug Fixes
+
+* chart file ([8b16023](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/8b16023dd1f73a5e8f3f83117ff8b461cbbff4f5))
+* chart file ([099fabb](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/099fabbbfd0f14dfdd93307895440d4c0dd48abd))
+* direct access to WalletKeyService while signing VC removed ([e264c0f](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/e264c0f08de30fa5f3064f9a8d67c121419d75ad))
+* ficense header updated ([b2959e6](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b2959e69e26346ff94a8dcbb47d60d41dde1c72f))
+* javadoc, imports and throws ([af87ecb](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/af87ecb3a79fa49577af0aa0da31d22366e48791))
+* sonar issues ([a7fb417](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/a7fb417e694c6199618e1e51e62c53b33c173089))
+* test cases ([22e3bb8](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/22e3bb831e8cc83fd947a6aef6b687f438cc7e5e))
+
+# [0.5.0-develop.17](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.16...v0.5.0-develop.17) (2024-05-29)
+
+
+
+### Bug Fixes
+
+* api doc folder structure ([ebd691a](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/ebd691a8a5c05f26a6aa10b778d4c8be6189a4af))
+
+# [0.5.0-develop.16](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.15...v0.5.0-develop.16) (2024-05-28)
+
+
+### Bug Fixes
+
+* adjust api docs for 'api/token' endpoint ([7190ed1](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/7190ed17880dcd6aeba46a79211c5b6dba1eae08))
+* fix openapi_v001.json ([068462b](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/068462b992136aedeeaace966910bbcefc10aad3))
+* fix openapi_v001.json ([c30134e](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/c30134e10c4d2aa8ec91afc8ba2d1c1de9eca87b))
+* fix openapi_v001.json ([1910e88](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/1910e886dd5aace37e55d00858559c51d5ba7659))
+
+# [0.5.0-develop.15](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.14...v0.5.0-develop.15) (2024-05-28)
+
+
+### Bug Fixes
+
+* add asJwt as query param and fix exceptions ([8cbb756](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/8cbb756c48f07a90fcdd9e49244e04dae597d03a))
+* add asJwt as query param and fix exceptions ([ef961a5](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/ef961a54a24b30b4db18203532c4db8a3916c480))
+* add asJwt to controllers and services ([050358e](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/050358ef1aad0094edadcd678c18ad6a738e4010))
+* add asJwt to controllers and services ([b604f3d](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b604f3d6f6734ab89df43c1b21bb7221b5b09eb0))
+* add copyright to getCredentialsCommand ([2154b7f](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/2154b7fd6c61324e1895a26522eb3632686c6b28))
+* add exceptions and fix naming ([dba48e2](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/dba48e2c9cda6e86500d12be7511ec4d1a48b5ac))
+* add exceptions and fix naming ([531d3f7](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/531d3f79e046ad9ff04387299bf70c40b0396560))
+* add keyId to createPresentation ([069a7d3](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/069a7d3531f6220239d2a0b42870608a91e55f8d))
+* add test and validation ([b3db3e0](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b3db3e0ce58e028dd42cad9d2072d794dd735413))
+* add test and validation ([842e437](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/842e4375ac68567fddcfa648d75d1e98eaa0e0d4))
+* add wiremock ([4aec527](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/4aec527b0994be7af5acf6544f74776aa0d9bff7))
+* api docs ([8e7b796](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/8e7b7961faeabd274598adfe346fba62f53f98c2))
+* api docs ([760ee94](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/760ee94dbd79fa019a051c9c915fa0a7a8b0968c))
+* change context url ([fa9ee4b](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/fa9ee4bfd9f0aa43c5275fee177603765b67c38b))
+* copyright updated ([9ade90e](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/9ade90e21e2d705a5bedb1bb04a0c8f07169c7c9))
+* copyright updated ([956b6af](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/956b6afb56935e75940cd59d30c8b639c1ec2aa4))
+* current tests ([bb0b30c](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/bb0b30c672982cfc5aab5abb5389f4e40d1a6bca))
+* did resolver ([d0522f4](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/d0522f4dc7160a8617abad26ee47b6d60aeb7644))
+* exception names ([30a60d5](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/30a60d5b0b965b1d75586640d0c606ccab82795a))
+* exception names ([61832ed](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/61832ed39414d07a282f1d4c504cbeb262cb0e81))
+* exceptions ([fc6c077](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/fc6c07759d3f5adc4cd9c8be8684915a0a19f038))
+* exceptions ([1b260fa](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/1b260fa4732580d51416f667047fdf036090c07a))
+* formatting ([e00620d](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/e00620d3851853eb846d1578564ec72897b847b3))
+* formatting ([697ff85](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/697ff85f6cd682d5beac7a75288dce43525b5e50))
+* get vc as jwt with tests ([4216e0d](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/4216e0d48f409366bf7fe49111c3a3083e983130))
+* part of tests ([50ba388](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/50ba3883ca2e3f54b34ac0cfb7119e2f58f030f2))
+* part of tests ([7f01263](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/7f012635c338cb517231a87c8b91af563a035964))
+* remove new line ([31819c8](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/31819c861bcc40f9fa0aa32179ebf1b0dd12a2c1))
+* remove new line ([0c5f111](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/0c5f11197919b99c2935af074421fb84261c9f93))
+* remove try catch ([874e850](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/874e85064fd298b0ff6eaaca90f9a28706e894b0))
+* remove try catch ([b840c77](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b840c771a8f8a94dd83a4d03894d5c5b9d08b058))
+* revert IssueDismantlerCredentialReqeust.java ([bac5200](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/bac5200b5c60577dbeb60c2f359df50a279ec3b9))
+* revert IssueDismantlerCredentialReqeust.java ([14f6195](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/14f6195f980059dade91338e34b638cbdb656142))
+* test for jwt ([0a69f1c](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/0a69f1c6eccfd71ffb16893a4b6c1a91903888db))
+* test for jwt ([8b5180a](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/8b5180a1956e89dc64228b93ebe1d69ed718ab88))
+* update code with the new ssi lib main ([9497d3e](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/9497d3e27c218800c3bbb06118fe992651a6baf2))
+* update code with the new ssi lib main ([3da1eff](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/3da1effc24769751d908762d8edc7d1fa2947ef1))
+* update ssi agent lib version ([02b1f5a](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/02b1f5a9e4a1c027d54778272def5c167d1b40e6))
+
+# [0.5.0-develop.14](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.13...v0.5.0-develop.14) (2024-05-02)
+
+
+### Bug Fixes
+
+* STS Token API Response ([78b7dc3](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/78b7dc33d6ddf9fbe5d0aeccf6e540fc3110e1d5))
+* Test Cases ([8eda499](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/8eda499476604ee14001811df3c01297bd3e7f7a))
+
+# [0.5.0-develop.13](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.12...v0.5.0-develop.13) (2024-04-18)
+
+
+### Bug Fixes
+
+* fix object name ([59ccdb2](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/59ccdb2e1b15633d7de442691d851a6a7d134025))
+
+
+### Features
+
+* added body type to /token endpoint ([6a67c92](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/6a67c9266170d77d5161ea38f6e9a8fc76a213ba))
+
+# [0.5.0-develop.12](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.11...v0.5.0-develop.12) (2024-03-25)
+
+
+### Bug Fixes
+
+* fix did creation in did document ([c21f7af](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/c21f7af470a6db484a63e49df222a1b7132a0a1e))
+
+
+### Features
+
+* adapt request and wallet service ([c911d33](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/c911d332579f669f347dcec3399b430e685baaf0))
+
+# [0.5.0-develop.11](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.10...v0.5.0-develop.11) (2024-03-21)
+
+
+### Bug Fixes
+
+* add "y" parameter and remove unused imports ([72b592c](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/72b592c0e09d1baef25ffd607a449ce8a9ca6589))
+* add WalletKey for ES256K algorithm to DidDocument ([9eb3294](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/9eb3294a9016befe7bcc469552a9266829bcba4b))
+* fix ES256K signature ([b33f8a6](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b33f8a621e7c6429e1c89285b0eefa942e9e8828))
+* fix kid parameter ([97437b4](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/97437b4ef8c1ca07fd16fdf3321e61b1fcab2db0))
+
+
+### Features
+
+* add extra transaction ([b694d19](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b694d19b591df8b460ba45351e7936ef24b84331))
+* support new algorithm (WIP) ([9dd6f27](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/9dd6f27f33311fc4e4467a412a4ee77eff617e18))
+
+# [0.5.0-develop.10](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.9...v0.5.0-develop.10) (2024-03-08)
+
+
+### Features
+
+* upload miw jar to gh release ([a7d6aa6](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/a7d6aa66b3468e4975711c72f1cfdbf3055dcd20))
+
+# [0.5.0-develop.9](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.8...v0.5.0-develop.9) (2024-03-08)
+
+
+### Features
+
+* add logging of auth failures ([ec60117](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/ec60117e68e7e139afb1f1f24179237bae03762c))
+
+# [0.5.0-develop.8](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.7...v0.5.0-develop.8) (2024-03-08)
+
+
+### Bug Fixes
+
+* possible caching vulnerability in action ([eb2e38f](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/eb2e38f6c6650491fcc81b70d1cf6f6fc5a0886f))
+
+# [0.5.0-develop.7](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.6...v0.5.0-develop.7) (2024-03-07)
+
+
+### Bug Fixes
+
+* fix bug with token re-wrapping ([e047550](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/e04755016aecdf6d6ade0eebae065f36ce80d429))
+
+
+### Features
+
+* add logic regarding jti info store and check ([6809578](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/6809578d208bc0380fa8a34bf119227e12ea1ecd))
+
+# [0.5.0-develop.6](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.5...v0.5.0-develop.6) (2024-03-01)
+
+
+### Features
+
+* add api docs, option asJwt ([9dc628b](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/9dc628b3ff4812759e9762f984f0406073191e40))
+* add ignoring version ([1785080](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/1785080a7f3585ecf6fcb89cd94d91701c4906b9))
+* add service method, controller, config for scope matching ([4feebd4](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/4feebd40dabe45e94f73cafcec410c2e51016758))
+* improve filter, add exception handling ([579a5ec](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/579a5ec547d486f04fca4336545cd9f5bb0dc216))
+
+# [0.5.0-develop.5](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.4...v0.5.0-develop.5) (2024-02-27)
+
+
+### Bug Fixes
+
+* fix integration test ([d8084ee](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/d8084eee8a4b562ce1242af1689791963b277783))
+
+
+### Features
+
+* add JWT verification and extend tests ([d83ce91](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/d83ce91b2e04b131ef3a83983bbd79331be6cac9))
+* add JWT verification and extend tests ([5ae223d](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/5ae223d61f23e71bf426d36ea3255f508abd254b))
+* adding draft for integration test, refactoring ([ce75056](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/ce75056a475ce39970de998376a91dcdc95e4065))
+* create initial class ([061faa7](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/061faa72591550d3a7a93cd2e492aaf8ace82ec2))
+* create initial classes with validation ([fc5db81](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/fc5db81092991da9686aa7f7855d30ae4f4e2e83))
+* Merge PR [#255](https://github.com/eclipse-tractusx/managed-identity-wallet/issues/255) ([a0d9bdf](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/a0d9bdfd1246c684156795523d64210fd828925f))
+
+# [0.5.0-develop.4](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.3...v0.5.0-develop.4) (2024-02-23)
+
+
+### Bug Fixes
+
+* Add missing gradle validation PR [#257](https://github.com/eclipse-tractusx/managed-identity-wallet/issues/257) ([f9acf55](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/f9acf55fd7998895f463225eb6a8ed8a621d734b))
+
+# [0.5.0-develop.3](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.2...v0.5.0-develop.3) (2024-02-23)
+
+
+### Bug Fixes
+
+* DAST scan PR [#256](https://github.com/eclipse-tractusx/managed-identity-wallet/issues/256) ([1c1f1fb](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/1c1f1fb3eacf0e34887ec78acdc4f51464c3f4de))
+
+# [0.5.0-develop.2](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.5.0-develop.1...v0.5.0-develop.2) (2024-02-22)
+
+
+### Bug Fixes
+
+* add missing JSON properties ([5330f64](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/5330f64dd51669d4bfd337a656c6151512ad915a))
+
+
+### Features
+
+* add domain objects needed by sts infrastructure ([effb480](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/effb4801b8788c9221f6a64b4a71c990d05f3a64))
+* add dto objects for sts infrastructure ([103e7f2](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/103e7f2100b2613a5ab82038795c9d8f3bf06d02))
+* add exceptions for sts infrastructure ([b4bb9b7](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/b4bb9b78be41c721e968e1a350bd22920467b8fe))
+* add missing relationships to entities ([56a48eb](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/56a48eb6b4eb8a6a451512d772bf4298fce8f4f4))
+* add sts properties ([018d9c0](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/018d9c03430ecb15a73e753837a7a838eb7cca81))
+* add token endpoint happy-path test ([d6c30bf](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/d6c30bff5cec4f31498c512ecf06ed8237741d30))
+* extend 'miw.security' properties ([e982919](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/e9829195245780605a97e1cee5d22439c2f44c64))
+* implement token endpoint ([4227f3e](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/4227f3e2d147f71de84e4db6c0540e1e60849078))
+* use a spring validator for SecureTokenRequest ([accc0d2](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/accc0d20404852035876cb7cb4ce5ce7b5da6e64))
+
+# [0.5.0-develop.1](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.4.0...v0.5.0-develop.1) (2024-02-09)
+
+
+### Features
+
+* Merge PR [#252](https://github.com/eclipse-tractusx/managed-identity-wallet/issues/252) ([8cb132b](https://github.com/eclipse-tractusx/managed-identity-wallet/commit/8cb132b035a60e7137e536a3a451ce314253ff7b))
+
# [0.4.0](https://github.com/eclipse-tractusx/managed-identity-wallet/compare/v0.3.0...v0.4.0) (2024-02-09)
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 1915f50a3..9246e1b5e 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -8,7 +8,7 @@ The companies involved want to increase the automotive industry's
competitiveness, improve efficiency through industry-specific cooperation and
accelerate company processes through standardization and access to information
and data. A special focus is also on SMEs, whose active participation is of
-central importance for the network’s success. That is why Catena-X has been
+central importance for the network's success. That is why Catena-X has been
conceived from the outset as an open network with solutions ready for SMEs,
where these companies will be able to participate quickly and with little IT
infrastructure investment. Tractus-X is meant to be the PoC project of the
@@ -16,6 +16,19 @@ Catena-X alliance focusing on parts traceability.
* https://projects.eclipse.org/projects/automotive.tractusx
+## Project licenses
+
+The Tractus-X project uses the following licenses:
+
+* Apache-2.0 for code
+* CC-BY-4.0 for non-code
+
+## Terms of Use
+
+This repository is subject to the Terms of Use of the Eclipse Foundation
+
+* https://www.eclipse.org/legal/termsofuse.php
+
## Developer resources
Information regarding source code management, builds, coding standards, and
@@ -23,10 +36,87 @@ more.
* https://projects.eclipse.org/projects/automotive.tractusx/developer
+Getting started:
+
+* https://eclipse-tractusx.github.io/docs/developer
+
The project maintains the source code repositories in the following GitHub organization:
* https://github.com/eclipse-tractusx/
+### How to submit pull requests
+
+It is paramount to ensure that the git history of the project remains clean and
+consistent. This means that the usage of concise and expressive commits **MUST**
+be used. Other helpful tips are to always rebase your branch before submitting
+the pull request.
+
+First make sure you are working on your fork of the project, for example:
+
+```shell
+$ git remote show origin
+* remote origin
+Fetch URL: git@github.com:borisrizov-zf/managed-identity-wallet.git
+Push URL: git@github.com:borisrizov-zf/managed-identity-wallet.git
+```
+
+Make sure you setup a remote which points at the Tractus-X repository:
+
+```shell
+git remote add upstream git@github.com:eclipse-tractusx/managed-identity-wallet.git
+```
+
+Whenever you want to start working, pull all changes from your remotes:
+
+```shell
+git fetch --all
+```
+
+Then rebase your develop branch:
+
+```shell
+git checkout develop
+git rebase upstream/develop
+```
+
+At this point your branches are synced and you can create a new branch:
+
+```shell
+git checkout -b feature/add-some-feature
+```
+
+### For Eclipse Committers and Maintainers
+
+The project uses the tool `semantic-release` to automatically create releases
+and manage CHANGELOG.md entries. These files **SHOULD** never be manually edited
+nor present in any PR. If you see this file in a PR, it means the incoming branch
+is not at the tip of the project history - it will most likely mangle your project
+when merged.
+
+You'll find all important steps in the files `.github/release.yaml` and `.releaserc`.
+
+The development work is always done on branch `develop`, all pull requests are made
+against `develop`. When it is time to create an official release a PR from `develop`
+to `main` must be created. **IMPORTANT**: after merging, you **MUST** wait for the
+pipeline to complete, as it will create two new commits on `main`. After that you
+**MUST** create a PR, merging main back into develop, to obtain these two new commits,
+and to kick-off the new tag on `develop`. Failing to do so will result in a huge
+headache, spaghetti code, faulty commits and other "life-improving" moments. **DO NOT
+MESS THIS STEP UP**.
+
+It is possible to test how a release will work on your own fork, **BUT** you'll have
+to do some extra work to make it happen. `semantic-release` uses git notes to track
+the tags. You'll have to sync them manually (as most git configs do not include the settings
+to do so automatically):
+
+```shell
+git fetch upstream refs/notes/*:refs/notes/*
+git push origin --tags
+git push origin refs/notes/*:refs/notes/*
+```
+
+At this point your repository will behave exactly like upstream when doing a release.
+
## Eclipse Development Process
This Eclipse Foundation open project is governed by the Eclipse Foundation
diff --git a/Dockerfile b/Dockerfile
index 1dccce7af..59c6d84da 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,7 +27,7 @@ RUN apk add curl
USER miw
-COPY LICENSE NOTICE.md DEPENDENCIES SECURITY.md /build/libs/miw-latest.jar /app/
+COPY LICENSE NOTICE.md miw/DEPENDENCIES SECURITY.md miw/build/libs/miw-latest.jar /app/
WORKDIR /app
diff --git a/LICENSE_non-code b/LICENSE_non-code
new file mode 100644
index 000000000..8e4d8772c
--- /dev/null
+++ b/LICENSE_non-code
@@ -0,0 +1,395 @@
+Creative Commons Attribution 4.0 International
+
+=======================================================================
+
+Creative Commons Corporation ("Creative Commons") is not a law firm and
+does not provide legal services or legal advice. Distribution of
+Creative Commons public licenses does not create a lawyer-client or
+other relationship. Creative Commons makes its licenses and related
+information available on an "as-is" basis. Creative Commons gives no
+warranties regarding its licenses, any material licensed under their
+terms and conditions, or any related information. Creative Commons
+disclaims all liability for damages resulting from their use to the
+fullest extent possible.
+
+Using Creative Commons Public Licenses
+
+Creative Commons public licenses provide a standard set of terms and
+conditions that creators and other rights holders may use to share
+original works of authorship and other material subject to copyright
+and certain other rights specified in the public license below. The
+following considerations are for informational purposes only, are not
+exhaustive, and do not form part of our licenses.
+
+ Considerations for licensors: Our public licenses are
+ intended for use by those authorized to give the public
+ permission to use material in ways otherwise restricted by
+ copyright and certain other rights. Our licenses are
+ irrevocable. Licensors should read and understand the terms
+ and conditions of the license they choose before applying it.
+ Licensors should also secure all rights necessary before
+ applying our licenses so that the public can reuse the
+ material as expected. Licensors should clearly mark any
+ material not subject to the license. This includes other CC-
+ licensed material, or material used under an exception or
+ limitation to copyright. More considerations for licensors:
+ wiki.creativecommons.org/Considerations_for_licensors
+
+ Considerations for the public: By using one of our public
+ licenses, a licensor grants the public permission to use the
+ licensed material under specified terms and conditions. If
+ the licensor's permission is not necessary for any reason--for
+ example, because of any applicable exception or limitation to
+ copyright--then that use is not regulated by the license. Our
+ licenses grant only permissions under copyright and certain
+ other rights that a licensor has authority to grant. Use of
+ the licensed material may still be restricted for other
+ reasons, including because others have copyright or other
+ rights in the material. A licensor may make special requests,
+ such as asking that all changes be marked or described.
+ Although not required by our licenses, you are encouraged to
+ respect those requests where reasonable. More considerations
+ for the public:
+ wiki.creativecommons.org/Considerations_for_licensees
+
+=======================================================================
+
+Creative Commons Attribution 4.0 International Public License
+
+By exercising the Licensed Rights (defined below), You accept and agree
+to be bound by the terms and conditions of this Creative Commons
+Attribution 4.0 International Public License ("Public License"). To the
+extent this Public License may be interpreted as a contract, You are
+granted the Licensed Rights in consideration of Your acceptance of
+these terms and conditions, and the Licensor grants You such rights in
+consideration of benefits the Licensor receives from making the
+Licensed Material available under these terms and conditions.
+
+
+Section 1 -- Definitions.
+
+ a. Adapted Material means material subject to Copyright and Similar
+ Rights that is derived from or based upon the Licensed Material
+ and in which the Licensed Material is translated, altered,
+ arranged, transformed, or otherwise modified in a manner requiring
+ permission under the Copyright and Similar Rights held by the
+ Licensor. For purposes of this Public License, where the Licensed
+ Material is a musical work, performance, or sound recording,
+ Adapted Material is always produced where the Licensed Material is
+ synched in timed relation with a moving image.
+
+ b. Adapter's License means the license You apply to Your Copyright
+ and Similar Rights in Your contributions to Adapted Material in
+ accordance with the terms and conditions of this Public License.
+
+ c. Copyright and Similar Rights means copyright and/or similar rights
+ closely related to copyright including, without limitation,
+ performance, broadcast, sound recording, and Sui Generis Database
+ Rights, without regard to how the rights are labeled or
+ categorized. For purposes of this Public License, the rights
+ specified in Section 2(b)(1)-(2) are not Copyright and Similar
+ Rights.
+
+ d. Effective Technological Measures means those measures that, in the
+ absence of proper authority, may not be circumvented under laws
+ fulfilling obligations under Article 11 of the WIPO Copyright
+ Treaty adopted on December 20, 1996, and/or similar international
+ agreements.
+
+ e. Exceptions and Limitations means fair use, fair dealing, and/or
+ any other exception or limitation to Copyright and Similar Rights
+ that applies to Your use of the Licensed Material.
+
+ f. Licensed Material means the artistic or literary work, database,
+ or other material to which the Licensor applied this Public
+ License.
+
+ g. Licensed Rights means the rights granted to You subject to the
+ terms and conditions of this Public License, which are limited to
+ all Copyright and Similar Rights that apply to Your use of the
+ Licensed Material and that the Licensor has authority to license.
+
+ h. Licensor means the individual(s) or entity(ies) granting rights
+ under this Public License.
+
+ i. Share means to provide material to the public by any means or
+ process that requires permission under the Licensed Rights, such
+ as reproduction, public display, public performance, distribution,
+ dissemination, communication, or importation, and to make material
+ available to the public including in ways that members of the
+ public may access the material from a place and at a time
+ individually chosen by them.
+
+ j. Sui Generis Database Rights means rights other than copyright
+ resulting from Directive 96/9/EC of the European Parliament and of
+ the Council of 11 March 1996 on the legal protection of databases,
+ as amended and/or succeeded, as well as other essentially
+ equivalent rights anywhere in the world.
+
+ k. You means the individual or entity exercising the Licensed Rights
+ under this Public License. Your has a corresponding meaning.
+
+
+Section 2 -- Scope.
+
+ a. License grant.
+
+ 1. Subject to the terms and conditions of this Public License,
+ the Licensor hereby grants You a worldwide, royalty-free,
+ non-sublicensable, non-exclusive, irrevocable license to
+ exercise the Licensed Rights in the Licensed Material to:
+
+ a. reproduce and Share the Licensed Material, in whole or
+ in part; and
+
+ b. produce, reproduce, and Share Adapted Material.
+
+ 2. Exceptions and Limitations. For the avoidance of doubt, where
+ Exceptions and Limitations apply to Your use, this Public
+ License does not apply, and You do not need to comply with
+ its terms and conditions.
+
+ 3. Term. The term of this Public License is specified in Section
+ 6(a).
+
+ 4. Media and formats; technical modifications allowed. The
+ Licensor authorizes You to exercise the Licensed Rights in
+ all media and formats whether now known or hereafter created,
+ and to make technical modifications necessary to do so. The
+ Licensor waives and/or agrees not to assert any right or
+ authority to forbid You from making technical modifications
+ necessary to exercise the Licensed Rights, including
+ technical modifications necessary to circumvent Effective
+ Technological Measures. For purposes of this Public License,
+ simply making modifications authorized by this Section 2(a)
+ (4) never produces Adapted Material.
+
+ 5. Downstream recipients.
+
+ a. Offer from the Licensor -- Licensed Material. Every
+ recipient of the Licensed Material automatically
+ receives an offer from the Licensor to exercise the
+ Licensed Rights under the terms and conditions of this
+ Public License.
+
+ b. No downstream restrictions. You may not offer or impose
+ any additional or different terms or conditions on, or
+ apply any Effective Technological Measures to, the
+ Licensed Material if doing so restricts exercise of the
+ Licensed Rights by any recipient of the Licensed
+ Material.
+
+ 6. No endorsement. Nothing in this Public License constitutes or
+ may be construed as permission to assert or imply that You
+ are, or that Your use of the Licensed Material is, connected
+ with, or sponsored, endorsed, or granted official status by,
+ the Licensor or others designated to receive attribution as
+ provided in Section 3(a)(1)(A)(i).
+
+ b. Other rights.
+
+ 1. Moral rights, such as the right of integrity, are not
+ licensed under this Public License, nor are publicity,
+ privacy, and/or other similar personality rights; however, to
+ the extent possible, the Licensor waives and/or agrees not to
+ assert any such rights held by the Licensor to the limited
+ extent necessary to allow You to exercise the Licensed
+ Rights, but not otherwise.
+
+ 2. Patent and trademark rights are not licensed under this
+ Public License.
+
+ 3. To the extent possible, the Licensor waives any right to
+ collect royalties from You for the exercise of the Licensed
+ Rights, whether directly or through a collecting society
+ under any voluntary or waivable statutory or compulsory
+ licensing scheme. In all other cases the Licensor expressly
+ reserves any right to collect such royalties.
+
+
+Section 3 -- License Conditions.
+
+Your exercise of the Licensed Rights is expressly made subject to the
+following conditions.
+
+ a. Attribution.
+
+ 1. If You Share the Licensed Material (including in modified
+ form), You must:
+
+ a. retain the following if it is supplied by the Licensor
+ with the Licensed Material:
+
+ i. identification of the creator(s) of the Licensed
+ Material and any others designated to receive
+ attribution, in any reasonable manner requested by
+ the Licensor (including by pseudonym if
+ designated);
+
+ ii. a copyright notice;
+
+ iii. a notice that refers to this Public License;
+
+ iv. a notice that refers to the disclaimer of
+ warranties;
+
+ v. a URI or hyperlink to the Licensed Material to the
+ extent reasonably practicable;
+
+ b. indicate if You modified the Licensed Material and
+ retain an indication of any previous modifications; and
+
+ c. indicate the Licensed Material is licensed under this
+ Public License, and include the text of, or the URI or
+ hyperlink to, this Public License.
+
+ 2. You may satisfy the conditions in Section 3(a)(1) in any
+ reasonable manner based on the medium, means, and context in
+ which You Share the Licensed Material. For example, it may be
+ reasonable to satisfy the conditions by providing a URI or
+ hyperlink to a resource that includes the required
+ information.
+
+ 3. If requested by the Licensor, You must remove any of the
+ information required by Section 3(a)(1)(A) to the extent
+ reasonably practicable.
+
+ 4. If You Share Adapted Material You produce, the Adapter's
+ License You apply must not prevent recipients of the Adapted
+ Material from complying with this Public License.
+
+
+Section 4 -- Sui Generis Database Rights.
+
+Where the Licensed Rights include Sui Generis Database Rights that
+apply to Your use of the Licensed Material:
+
+ a. for the avoidance of doubt, Section 2(a)(1) grants You the right
+ to extract, reuse, reproduce, and Share all or a substantial
+ portion of the contents of the database;
+
+ b. if You include all or a substantial portion of the database
+ contents in a database in which You have Sui Generis Database
+ Rights, then the database in which You have Sui Generis Database
+ Rights (but not its individual contents) is Adapted Material; and
+
+ c. You must comply with the conditions in Section 3(a) if You Share
+ all or a substantial portion of the contents of the database.
+
+For the avoidance of doubt, this Section 4 supplements and does not
+replace Your obligations under this Public License where the Licensed
+Rights include other Copyright and Similar Rights.
+
+
+Section 5 -- Disclaimer of Warranties and Limitation of Liability.
+
+ a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE
+ EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS
+ AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF
+ ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS,
+ IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION,
+ WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR
+ PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS,
+ ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT
+ KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT
+ ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU.
+
+ b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE
+ TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION,
+ NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT,
+ INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES,
+ COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR
+ USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN
+ ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR
+ DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR
+ IN PART, THIS LIMITATION MAY NOT APPLY TO YOU.
+
+ c. The disclaimer of warranties and limitation of liability provided
+ above shall be interpreted in a manner that, to the extent
+ possible, most closely approximates an absolute disclaimer and
+ waiver of all liability.
+
+
+Section 6 -- Term and Termination.
+
+ a. This Public License applies for the term of the Copyright and
+ Similar Rights licensed here. However, if You fail to comply with
+ this Public License, then Your rights under this Public License
+ terminate automatically.
+
+ b. Where Your right to use the Licensed Material has terminated under
+ Section 6(a), it reinstates:
+
+ 1. automatically as of the date the violation is cured, provided
+ it is cured within 30 days of Your discovery of the
+ violation; or
+
+ 2. upon express reinstatement by the Licensor.
+
+ For the avoidance of doubt, this Section 6(b) does not affect any
+ right the Licensor may have to seek remedies for Your violations
+ of this Public License.
+
+ c. For the avoidance of doubt, the Licensor may also offer the
+ Licensed Material under separate terms or conditions or stop
+ distributing the Licensed Material at any time; however, doing so
+ will not terminate this Public License.
+
+ d. Sections 1, 5, 6, 7, and 8 survive termination of this Public
+ License.
+
+
+Section 7 -- Other Terms and Conditions.
+
+ a. The Licensor shall not be bound by any additional or different
+ terms or conditions communicated by You unless expressly agreed.
+
+ b. Any arrangements, understandings, or agreements regarding the
+ Licensed Material not stated herein are separate from and
+ independent of the terms and conditions of this Public License.
+
+
+Section 8 -- Interpretation.
+
+ a. For the avoidance of doubt, this Public License does not, and
+ shall not be interpreted to, reduce, limit, restrict, or impose
+ conditions on any use of the Licensed Material that could lawfully
+ be made without permission under this Public License.
+
+ b. To the extent possible, if any provision of this Public License is
+ deemed unenforceable, it shall be automatically reformed to the
+ minimum extent necessary to make it enforceable. If the provision
+ cannot be reformed, it shall be severed from this Public License
+ without affecting the enforceability of the remaining terms and
+ conditions.
+
+ c. No term or condition of this Public License will be waived and no
+ failure to comply consented to unless expressly agreed to by the
+ Licensor.
+
+ d. Nothing in this Public License constitutes or may be interpreted
+ as a limitation upon, or waiver of, any privileges and immunities
+ that apply to the Licensor or You, including from the legal
+ processes of any jurisdiction or authority.
+
+
+=======================================================================
+
+Creative Commons is not a party to its public
+licenses. Notwithstanding, Creative Commons may elect to apply one of
+its public licenses to material it publishes and in those instances
+will be considered the “Licensor.” The text of the Creative Commons
+public licenses is dedicated to the public domain under the CC0 Public
+Domain Dedication. Except for the limited purpose of indicating that
+material is shared under a Creative Commons public license or as
+otherwise permitted by the Creative Commons policies published at
+creativecommons.org/policies, Creative Commons does not authorize the
+use of the trademark "Creative Commons" or any other trademark or logo
+of Creative Commons without its prior written consent including,
+without limitation, in connection with any unauthorized modifications
+to any of its public licenses or any other arrangements,
+understandings, or agreements concerning use of licensed material. For
+the avoidance of doubt, this paragraph does not form part of the
+public licenses.
+
+Creative Commons may be contacted at creativecommons.org.
diff --git a/NOTICE.md b/NOTICE.md
index b589e03db..4b4baed6f 100644
--- a/NOTICE.md
+++ b/NOTICE.md
@@ -4,6 +4,8 @@ This content is produced and maintained by the Eclipse Tractus-X project.
* Project home: https://projects.eclipse.org/projects/automotive.tractusx
+See the AUTHORS file(s) distributed with this work for additional information regarding authorship.
+
## Trademarks
Eclipse Tractus-X is a trademark of the Eclipse Foundation.
@@ -16,12 +18,19 @@ source code repository logs.
## Declared Project Licenses
-This program and the accompanying materials are made available under the terms
-of the Apache License, Version 2.0 which is available at
-https://www.apache.org/licenses/LICENSE-2.0.
+The Tractus-X project uses the following licenses:
+
+- Apache-2.0 for code
+- CC-BY-4.0 for non-code
+Apache-2.0:
+This program and the accompanying materials are made available under the terms of the Apache License, Version 2.0 which is available at https://www.apache.org/licenses/LICENSE-2.0.
SPDX-License-Identifier: Apache-2.0
+CC-BY-4.0:
+The materials in this repository are made available under the terms of the Creative Commons Attribution 4.0 International License, which is available at https://spdx.org/licenses/CC-BY-4.0.html.
+SPDX-License-Identifier: CC-BY-4.0
+
## Source Code
The project maintains the following source code repositories
diff --git a/README.md b/README.md
index 396475d29..a4c2920d3 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,41 @@ The Managed Identity Wallets (MIW) service implements the Self-Sovereign-Identit
# Usage
-See [INSTALL.md](INSTALL.md)
+See [INSTALL.md](INSTALL.md)
+
+# Committer Documentation
+
+*(This section is also intentionally included in the CONTRIBUTING.md file)*
+
+The project uses the tool `semantic-release` to automatically create releases
+and manage CHANGELOG.md entries. These files **SHOULD** never be manually edited
+nor present in any PR. If you see this file in a PR, it means the incoming branch
+is not at the tip of the project history - it will most likely mangle your project
+when merged.
+
+You'll find all important steps in the files `.github/release.yaml` and `.releaserc`.
+
+The development work is always done on branch `develop`, all pull requests are made
+against `develop`. When it is time to create an official release a PR from `develop`
+to `main` must be created. **IMPORTANT**: after merging, you **MUST** wait for the
+pipeline to complete, as it will create two new commits on `main`. After that you
+**MUST** create a PR, merging main back into develop, to obtain these two new commits,
+and to kick-off the new tag on `develop`. Failing to do so will result in a huge
+headache, spaghetti code, faulty commits and other "life-improving" moments. **DO NOT
+MESS THIS STEP UP**.
+
+It is possible to test how a release will work on your own fork, **BUT** you'll have
+to do some extra work to make it happen. `semantic-release` uses git notes to track
+the tags. You'll have to sync them manually (as most git configs do not include the settings
+to do so automatically):
+
+```shell
+git fetch upstream refs/notes/*:refs/notes/*
+git push origin --tags
+git push origin refs/notes/*:refs/notes/*
+```
+
+At this point your repository will behave exactly like upstream when doing a release.
# Developer Documentation
@@ -113,9 +147,6 @@ Overview by Endpoint
| **Verfiable Credential - Validation** | Create | POST | /api/credentials/validation | **view_wallets** OR
**view_wallet** | |
| **Verfiable Credential - Issuer** | Read | GET | /api/credentials/issuer | **view_wallets** | |
| **Verfiable Credential - Issuer** | Create | POST | /api/credentials/issuer | **update_wallets** | |
-| **Verfiable Credential - Issuer** | Create | POST | /api/credentials/issuer/membership | **update_wallets** | |
-| **Verfiable Credential - Issuer** | Create | POST | /api/credentials/issuer/framework | **update_wallets** | |
-| **Verfiable Credential - Issuer** | Create | POST | /api/credentials/issuer/distmantler | **update_wallets** | |
| **DIDDocument** | Read | GET | /{bpn}/did.json | N/A | |
| **DIDDocument** | Read | GET | /api/didDocuments/{identifier} | N/A | |
@@ -139,6 +170,8 @@ Credentials* recreate the secret.
## Development Setup
+NOTE: The MIW requires access to the internet in order to validate the JSON-LD schema of DID documents.
+
### Prerequisites
To simplify the dev environment, [Taskfile](https://taskfile.dev) is used as a task executor. You have to install it
@@ -155,13 +188,13 @@ directory, but without ".dist" at the end.
Description of the env files:
-- **env.local**: Set up everything to get ready for flow "local". You need to fill in the passwords.
+- **env.local**: Set up everything to get ready for flow "local". You need to fill in the passwords.
- **env.docker**: Set up everything to get ready for flow "docker". You need to fill in the passwords.
> **IMPORTANT**: ssi-lib is resolving DID documents over the network. There are two endpoints that rely on this resolution:
> - Verifiable Credentials - Validation
> - Verifiable Presentations - Validation
->
+>
> The following parameters are set in env.local or env.docker file per default:
> ENFORCE_HTTPS_IN_DID_RESOLUTION=false
> MIW_HOST_NAME=localhost
@@ -208,10 +241,11 @@ When you just run `task` without parameters, you will see all tasks available.
### pgAdmin
-This local environment contains [pgAdmin](https://www.pgadmin.org/), which is also started (default: http://localhost:8888).
+This local environment contains [pgAdmin](https://www.pgadmin.org/), which is also started (
+default: http://localhost:8888).
The default login is:
-```
+```
user: pg@admin.com (you can change it in the env.* files)
password: the one you set for "POSTGRES_PASSWORD" in the env.* files
```
@@ -231,7 +265,7 @@ For example, You can save DB backups there, so you can access them on your local
See OpenAPI documentation, which is automatically created from the source and available on each deployment at
the `/docs/api-docs/docs` endpoint (e.g. locally at http://localhost:8087/docs/api-docs/docs). An export of the JSON
-document can be also found in [docs/openapi_v001.json](docs/openapi_v001.json).
+document can be also found in [docs/openapi_v001.json](docs/api/openapi_v001.json).
# Test Coverage
@@ -306,10 +340,10 @@ This process ensures that any issues with the database schema are resolved by re
| KEYCLOAK_REALM | Realm name of keycloak | miw_test |
| KEYCLOAK_CLIENT_ID | Keycloak private client id | |
| AUTH_SERVER_URL | Keycloak server url | |
-| SUPPORTED_FRAMEWORK_VC_TYPES | Supported framework VC, provide values ie type1=value1,type2=value2 | cx-behavior-twin=Behavior Twin,cx-pcf=PCF,cx-quality=Quality,cx-resiliency=Resiliency,cx-sustainability=Sustainability,cx-traceability=ID_3.0_Trace |
| ENFORCE_HTTPS_IN_DID_RESOLUTION | Enforce https during web did resolution | true |
-| CONTRACT_TEMPLATES_URL | Contract templates URL used in summary VC | https://public.catena-x.org/contracts/ |
| APP_LOG_LEVEL | Log level of application | INFO |
+| AUTHORITY_SIGNING_SERVICE_TYPE | Base wallet signing type, Currency only LOCAL is supported | Local |
+| LOCAL_SIGNING_KEY_STORAGE_TYPE | Key storage type, currently only DB is supported | DB |
| | | |
# Technical Debts and Known issue
diff --git a/charts/managed-identity-wallet/Chart.yaml b/charts/managed-identity-wallet/Chart.yaml
index 78e11d889..495ea6d8b 100644
--- a/charts/managed-identity-wallet/Chart.yaml
+++ b/charts/managed-identity-wallet/Chart.yaml
@@ -25,8 +25,8 @@ description: |
type: application
-version: 0.4.0
-appVersion: 0.4.0
+version: 0.5.0-develop.20
+appVersion: 0.5.0-develop.20
home: https://github.com/eclipse-tractusx/managed-identity-wallet
keywords:
diff --git a/charts/managed-identity-wallet/README.md b/charts/managed-identity-wallet/README.md
index da4f35823..d25fa1907 100644
--- a/charts/managed-identity-wallet/README.md
+++ b/charts/managed-identity-wallet/README.md
@@ -2,7 +2,7 @@
# managed-identity-wallet
-![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.4.0](https://img.shields.io/badge/AppVersion-0.4.0-informational?style=flat-square)
+![Version: 0.5.0-develop.20](https://img.shields.io/badge/Version-0.5.0--develop.20-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.0-develop.20](https://img.shields.io/badge/AppVersion-0.5.0--develop.20-informational?style=flat-square)
Managed Identity Wallet is supposed to supply a secure data source and data sink for Digital Identity Documents (DID), in order to enable Self-Sovereign Identity founding on those DIDs.
And at the same it shall support an uninterrupted tracking and tracing and documenting the usage of those DIDs, e.g. within logistical supply chains.
diff --git a/dev-assets/env-files/env.docker.dist b/dev-assets/env-files/env.docker.dist
index d6c8204c8..e0ac25992 100644
--- a/dev-assets/env-files/env.docker.dist
+++ b/dev-assets/env-files/env.docker.dist
@@ -26,10 +26,11 @@ ENCRYPTION_KEY=
AUTHORITY_WALLET_BPN=BPNL000000000000
AUTHORITY_WALLET_DID=did:web:localhost:BPNL000000000000
AUTHORITY_WALLET_NAME=Catena-X
+AUTHORITY_SIGNING_SERVICE_TYPE=LOCAL
+LOCAL_SIGNING_KEY_STORAGE_TYPE=DB
KEYCLOAK_REALM=miw_test
VC_SCHEMA_LINK="https://www.w3.org/2018/credentials/v1, https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json"
VC_EXPIRY_DATE=01-01-2025
-SUPPORTED_FRAMEWORK_VC_TYPES="PcfCredential, SustainabilityCredential, QualityCredential, TraceabilityCredential, BehaviorTwinCredential, ResiliencyCredential"
MIW_HOST_NAME=localhost
ENFORCE_HTTPS_IN_DID_RESOLUTION=false
diff --git a/dev-assets/env-files/env.local.dist b/dev-assets/env-files/env.local.dist
index 68ffa0547..d7065338a 100644
--- a/dev-assets/env-files/env.local.dist
+++ b/dev-assets/env-files/env.local.dist
@@ -26,10 +26,11 @@ ENCRYPTION_KEY=
AUTHORITY_WALLET_BPN=BPNL000000000000
AUTHORITY_WALLET_DID=did:web:localhost:BPNL000000000000
AUTHORITY_WALLET_NAME=Catena-X
+AUTHORITY_SIGNING_SERVICE_TYPE=LOCAL
+LOCAL_SIGNING_KEY_STORAGE_TYPE=DB
KEYCLOAK_REALM=miw_test
VC_SCHEMA_LINK="https://www.w3.org/2018/credentials/v1, https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json"
VC_EXPIRY_DATE=01-01-2025
-SUPPORTED_FRAMEWORK_VC_TYPES="PcfCredential, SustainabilityCredential, QualityCredential, TraceabilityCredential, BehaviorTwinCredential, ResiliencyCredential"
MIW_HOST_NAME=localhost
ENFORCE_HTTPS_IN_DID_RESOLUTION=false
diff --git a/docs/api/openapi_v001.json b/docs/api/openapi_v001.json
new file mode 100644
index 000000000..d29890256
--- /dev/null
+++ b/docs/api/openapi_v001.json
@@ -0,0 +1,3121 @@
+{
+ "openapi": "3.0.1",
+ "info": {
+ "title": "Managed Identity Wallets API",
+ "description": "Managed Identity Wallets API",
+ "termsOfService": "https://www.eclipse.org/legal/termsofuse.php",
+ "contact": {
+ "name": "Eclipse Tractus-X",
+ "url": "https://projects.eclipse.org/projects/automotive.tractusx",
+ "email": "tractusx-dev@eclipse.org"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "https://github.com/eclipse-tractusx/managed-identity-wallets/blob/develop/LICENSE"
+ },
+ "version": "0.0.1"
+ },
+ "security": [
+ {"Authenticate using access_token": []},
+ {"sts_token": []}
+ ],
+ "servers": [],
+ "paths": {
+ "/api/wallets": {
+ "get": {
+ "tags": [
+ "Wallets"
+ ],
+ "summary": "List of wallets",
+ "description": "Permission: **view_wallets** \n\n Retrieve list of registered wallets",
+ "operationId": "getWallets",
+ "parameters": [
+ {
+ "name": "pageNumber",
+ "in": "query",
+ "description": "Page number, Page number start with zero",
+ "required": false,
+ "schema": {
+ "type": "integer",
+ "format": "int32",
+ "default": 0
+ }
+ },
+ {
+ "name": "size",
+ "in": "query",
+ "description": "Number of records per page",
+ "required": false,
+ "schema": {
+ "type": "integer",
+ "format": "int32",
+ "default": 2147483647
+ }
+ },
+ {
+ "name": "sortColumn",
+ "in": "query",
+ "description": "Sort column name",
+ "required": false,
+ "schema": {
+ "type": "string",
+ "default": "createdAt"
+ },
+ "examples": {
+ "Creation date": {
+ "description": "Creation date",
+ "value": "createdAt"
+ },
+ "Wallet BPN": {
+ "description": "Wallet BPN",
+ "value": "bpn"
+ },
+ "Wallet did": {
+ "description": "Wallet did",
+ "value": "did"
+ },
+ "Wallet name": {
+ "description": "Wallet name",
+ "value": "name"
+ }
+ }
+ },
+ {
+ "name": "sortTpe",
+ "in": "query",
+ "description": "Sort order",
+ "required": false,
+ "schema": {
+ "type": "string",
+ "default": "desc"
+ },
+ "examples": {
+ "Ascending order": {
+ "description": "Ascending order",
+ "value": "asc"
+ },
+ "Descending order": {
+ "description": "Descending order",
+ "value": "desc"
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Wallet list",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet list": {
+ "description": "Wallet list",
+ "value": {
+ "content": [
+ {
+ "name": "companyA",
+ "did": "did:web:localhost:BPNL000000000001",
+ "bpn": "BPNL000000000001",
+ "algorithm": "ED25519",
+ "didDocument": {
+ "@context": [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000001",
+ "verificationMethod": [
+ {
+ "controller": "did:web:localhost:BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001#",
+ "publicKeyJwk": {
+ "crv": "Ed25519",
+ "kty": "OKP",
+ "x": "mhph0ZSVk7cDVmazbaaC3jBDpphW4eNygAK9gHPlMow"
+ },
+ "type": "JsonWebKey2020"
+ }
+ ]
+ }
+ }
+ ],
+ "pageable": {
+ "sort": {
+ "empty": false,
+ "sorted": true,
+ "unsorted": false
+ },
+ "offset": 0,
+ "pageNumber": 0,
+ "pageSize": 1,
+ "paged": true,
+ "unpaged": false
+ },
+ "totalElements": 3,
+ "totalPages": 3,
+ "last": false,
+ "size": 1,
+ "number": 0,
+ "sort": {
+ "empty": false,
+ "sorted": true,
+ "unsorted": false
+ },
+ "first": true,
+ "numberOfElements": 1,
+ "empty": false
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "title",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {}
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ },
+ "post": {
+ "tags": [
+ "Wallets"
+ ],
+ "summary": "Create Wallet",
+ "description": "Permission: **add_wallets** (The BPN of the base wallet must equal BPN of caller)\n\n Create a wallet and store it",
+ "operationId": "createWallet",
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateWalletRequest"
+ },
+ "examples": {
+ "Create wallet with BPN": {
+ "description": "Create wallet with BPN",
+ "value": {
+ "businessPartnerNumber": "BPNL000000000001",
+ "companyName": "companyA",
+ "didUrl": "portal.com:BPNL000000000001"
+ }
+ }
+ }
+ }
+ },
+ "required": true
+ },
+ "responses": {
+ "201": {
+ "description": "Created",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Success response": {
+ "description": "Success response",
+ "value": {
+ "name": "companyA",
+ "did": "did:web:localhost:BPNL000000000001",
+ "bpn": "BPNL000000000501",
+ "algorithm": "ED25519",
+ "didDocument": {
+ "@context": [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000001",
+ "verificationMethod": [
+ {
+ "controller": "did:web:localhost:BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001#key-1",
+ "publicKeyJwk": {
+ "crv": "Ed25519",
+ "kty": "OKP",
+ "x": "0Ap6FsX5UuRBIoOzxWtcFA2ymnqXw0U08Ino_mIuYM4"
+ },
+ "type": "JsonWebKey2020"
+ },
+ {
+ "controller": "did:web:localhost:BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001#key-2",
+ "publicKeyJwk": {
+ "crv": "secp256k1",
+ "kty": "EC",
+ "x": "f9PkTOpsbcgKe_-s6bNCve3-aB1VZAFsCub8C5bhDn0",
+ "y": "xH1d7jCFavolGVZtaWcZZGP2nLuEsamDCotD56llxUk"
+ },
+ "type": "JsonWebKey2020"
+ }
+ ]
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "Invalid data provided",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {
+ "filed": "filed error message"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "409": {
+ "description": "The request could not be completed due to a conflict.",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet already exist": {
+ "description": "Wallet already exist",
+ "value": {
+ "type": "about:blank",
+ "title": "Wallet is already exists for bpn BPNL000000000001",
+ "status": 409,
+ "detail": "Wallet is already exists for bpn BPNL000000000001",
+ "instance": "/api/wallets",
+ "properties": {
+ "timestamp": 1689762639948
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/api/wallets/{identifier}/credentials": {
+ "post": {
+ "tags": [
+ "Wallets"
+ ],
+ "summary": "Store Verifiable Credential",
+ "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of wallet to extract credentials from must equal BPN of caller) \n\n Store a verifiable credential in the wallet of the given identifier",
+ "operationId": "storeCredential",
+ "parameters": [
+ {
+ "name": "identifier",
+ "in": "path",
+ "description": "Did or BPN",
+ "required": true,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "bpn": {
+ "description": "bpn",
+ "value": "BPNL000000000000"
+ },
+ "did": {
+ "description": "did",
+ "value": "did:web:localhost:BPNL000000000000"
+ }
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "object"
+ }
+ },
+ "example": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://registry.lab.gaia-x.eu/development/api/trusted-shape-registry/v1/shapes/jsonld/trustframework#"
+ ],
+ "id": "did:web:localhost.in#123456789",
+ "type": [
+ "VerifiableCredential",
+ "LegalParticipant"
+ ],
+ "issuer": "did:web:localhost.in",
+ "issuanceDate": "2023-05-04T07:36:03.633Z",
+ "credentialSubject": {
+ "id": "https://localhost/.well-known/participant.json",
+ "type": "gx:LegalParticipant",
+ "gx:legalName": "Sample Company",
+ "gx:legalRegistrationNumber": {
+ "gx:taxID": "113123123"
+ },
+ "gx:headquarterAddress": {
+ "gx:countrySubdivisionCode": "BE-BRU"
+ },
+ "gx:legalAddress": {
+ "gx:countrySubdivisionCode": "BE-BRU"
+ },
+ "gx-terms-and-conditions:gaiaxTermsAndConditions": "70c1d713215f95191a11d38fe2341faed27d19e083917bc8732ca4fea4976700"
+ },
+ "proof": {
+ "type": "JsonWebSignature2020",
+ "created": "2023-05-04T07:36:04.079Z",
+ "proofPurpose": "assertionMethod",
+ "verificationMethod": "did:web:localhost",
+ "jws": "eyJhbGciOiJQUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..iHki8WC3nPfcSRkC_AV4tXh0ikfT7BLPTGc_0ecI8zontTmJLqwcpPfAt0PFsoo3SkZgc6j636z55jj5tagBc-OKoiDu7diWryNAnL9ASsmWJyrPhOKVARs6x6PxVaTFBuyCfAHZeipxmkcYfNB_jooIXO2HuRcL2odhsQHELkGc5IDD-aBMWyNpfVAaYQ-cCzvDflZQlsowziUKfMkBfwpwgMdXFIgKWYdDIRvzA-U-XiC11-6QV7tPeKsMguEU0F5bh8cCEm2rooqXtENcsM_7cqFdQoOyblJyM-agoz2LUTj9QIdn9_gnNkGN-2U7_qBJWmHkK1Hm_mHqcNeeQw"
+ }
+ }
+ }
+ },
+ "required": true
+ },
+ "responses": {
+ "201": {
+ "description": "Success Response",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Success Response": {
+ "description": "Success Response",
+ "value": {
+ "message": "Credential with id did:web:localhost#123456789 has been successfully stored"
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "title",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {}
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "404": {
+ "description": "Wallet not found with provided identifier",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet not found with provided identifier": {
+ "description": "Wallet not found with provided identifier",
+ "value": {
+ "type": "about:blank",
+ "title": "Wallet not found for identifier did:web:localhost:BPNL000000044001",
+ "status": 404,
+ "detail": "Wallet not found for identifier did:web:localhost:BPNL000000044001",
+ "instance": "/api/wallets/did%3Aweb%3Alocalhost%3ABPNL0000000/credentials",
+ "properties": {
+ "timestamp": 1689765541959
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/api/token": {
+ "post": {
+ "tags": [
+ "STS"
+ ],
+ "summary": "Create and Sign Access Tokens",
+ "description": "The endpoint for creating and signing access tokens which are to be used during a verifiable presentation flow.",
+ "operationId": "token_1",
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SecureTokenRequest"
+ },
+ "examples": {
+ "Request Secure Token using Scopes": {
+ "description": "Request Secure Token using Scopes",
+ "value": {
+ "audience": "BPNL000000000009",
+ "client_id": "your_client_id",
+ "client_secret": "your_client_secret",
+ "grant_type": "client_credentials",
+ "bearer_access_scope": "org.eclipse.tractusx.vc.type:ValidCredentialType:read"
+ }
+ },
+ "Request Secure Token using Access Token": {
+ "description": "Request Secure Token using Access Token",
+ "value": {
+ "audience": "BPNL000000000009",
+ "client_id": "your_client_id",
+ "client_secret": "your_client_secret",
+ "grant_type": "client_credentials",
+ "access_token": "a_jwt_token"
+ }
+ }
+ }
+ }
+ },
+ "required": true
+ },
+ "responses": {
+ "201": {
+ "description": "Created",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Success response": {
+ "description": "Success response",
+ "value": {
+ "token": "a_jwt_token",
+ "expiresAt": 1706888709315
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Bad Request",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Unknown BPN": {
+ "description": "Unknown BPN",
+ "value": {
+ "error": "UnknownBusinessPartnerNumber",
+ "errorDescription": "The provided BPN 'BPNL000000000001' is unknown"
+ }
+ },
+ "Wrong Grant Type": {
+ "description": "Wrong Grant Type",
+ "value": {
+ "error": "UnsupportedGrantTypeException",
+ "errorDescription": "The provided 'grant_type' is not valid. Use 'client_credentials'."
+ }
+ },
+ "Invalid idp Token Response": {
+ "description": "Invalid idp Token Response",
+ "value": {
+ "error": "InvalidIdpTokenResponse",
+ "errorDescription": "The idp response cannot be null. Possible causes for this are: the 'clientId' is invalid, or the 'client' is not enabled."
+ }
+ },
+ "Invalid Secure Token Request": {
+ "description": "Invalid Secure Token Request",
+ "value": {
+ "error": "InvalidSecureTokenRequest",
+ "errorDescription": "The provided data could not be used to create and sign a token."
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "/api/presentations": {
+ "post": {
+ "tags": [
+ "Verifiable Presentations - Generation"
+ ],
+ "summary": "Create Verifiable Presentation",
+ "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Presentation must equal to BPN of caller) \n\n Create a verifiable presentation from a list of verifiable credentials, signed by the holder",
+ "operationId": "createPresentation",
+ "parameters": [
+ {
+ "name": "audience",
+ "in": "query",
+ "required": false,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "asJwt",
+ "in": "query",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "object"
+ }
+ },
+ "example": {
+ "verifiableCredentials": [
+ {
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ]
+ }
+ }
+ },
+ "required": true
+ },
+ "responses": {
+ "200": {
+ "description": "Verifiable Presentation",
+ "content": {
+ "application/json": {
+ "examples": {
+ "VP as Json-LD": {
+ "description": "VP as Json-LD",
+ "value": {
+ "vp": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#b2e69e47-95f3-48ff-af30-eaaab36431d5",
+ "type": [
+ "VerifiablePresentation"
+ ],
+ "verifiableCredential": [
+ {
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ]
+ }
+ }
+ },
+ "VP as JWT": {
+ "description": "VP as JWT",
+ "value": {
+ "vp": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiYXVkIjoic21hcnQiLCJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidnAiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIzM4ZTU2ZTg1LTNkODQtNGEyNS1iZjg1LWFiMjRlYzY4MmMwOSIsInR5cGUiOlsiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJdLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY2F0ZW5heC1uZy5naXRodWIuaW8vcHJvZHVjdC1jb3JlLXNjaGVtYXMvYnVzaW5lc3NQYXJ0bmVyRGF0YS5qc29uIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIkJwbkNyZWRlbnRpYWwiXSwiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwI2Y3M2UzNjMxLWJhODctNGEwMy1iZWEzLWIyODcwMDA1Njg3OSIsImlzc3VlciI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA3LTE5VDA5OjExOjM0WiIsImV4cGlyYXRpb25EYXRlIjoiMjAyNC0xMi0zMVQxODozMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwidHlwZSI6IkJwbkNyZWRlbnRpYWwifSwicHJvb2YiOnsicHJvb2ZQdXJwb3NlIjoicHJvb2ZQdXJwb3NlIiwidHlwZSI6Ikpzb25XZWJTaWduYXR1cmUyMDIwIiwidmVyaWZpY2F0aW9uTWV0aG9kIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCMiLCJjcmVhdGVkIjoiMjAyMy0wNy0xOVQwOToxMTozOVoiLCJqd3MiOiJleUpoYkdjaU9pSkZaRVJUUVNKOS4uZmRuMnFVODVhdU9sdGRIRExkSEk3c0pWVjFaUGRmdHBpWGRfbmRYTjBkRmdTRFdpSXJTY2REMDN3dHZLTHFfSC1zaFFXZmgyUlllTW1ybEV6QWhmRHcifX19LCJleHAiOjE2ODk4MzQ4MDUsImp0aSI6ImIwODYzOWZiLWQ5MWEtNGUwZS1iNmY4LTYzYjdhMzQ1ZTRhZiJ9.80x0AB-OauefdeZfx1cwhitdVKRvCRFeFzYwU73DL7y4w34vu6BdfHWLBGjkwELxkQEoFfiTPOqtuyqhtsyDBg"
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "404": {
+ "description": "Wallet not found with provided identifier",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet not found with provided identifier": {
+ "description": "Wallet not found with provided identifier",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 404,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/api/presentations/validation": {
+ "post": {
+ "tags": [
+ "Verifiable Presentations - Validation"
+ ],
+ "summary": "Validate Verifiable Presentation",
+ "description": "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Presentation with all included credentials",
+ "operationId": "validatePresentation",
+ "parameters": [
+ {
+ "name": "audience",
+ "in": "query",
+ "description": "Audience to validate in VP (Only supported in case of JWT formatted VP)",
+ "required": false,
+ "schema": {
+ "type": "string"
+ }
+ },
+ {
+ "name": "asJwt",
+ "in": "query",
+ "description": "Pass true in case of VP is in JWT format",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
+ {
+ "name": "withCredentialExpiryDate",
+ "in": "query",
+ "description": "Check expiry of VC(Only supported in case of JWT formatted VP)",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "object"
+ }
+ },
+ "examples": {
+ "VP as JWT": {
+ "description": "VP as JWT",
+ "value": {
+ "vp": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiYXVkIjoic21hcnQiLCJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidnAiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIzZmZWRmYWRmLWYxNTItNGNjZS05MWQ1LWNjMjhhNzhlMTExMyIsInR5cGUiOlsiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJdLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY2F0ZW5heC1uZy5naXRodWIuaW8vcHJvZHVjdC1jb3JlLXNjaGVtYXMvYnVzaW5lc3NQYXJ0bmVyRGF0YS5qc29uIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIkJwbkNyZWRlbnRpYWwiXSwiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwI2Y3M2UzNjMxLWJhODctNGEwMy1iZWEzLWIyODcwMDA1Njg3OSIsImlzc3VlciI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA3LTE5VDA5OjExOjM0WiIsImV4cGlyYXRpb25EYXRlIjoiMjAyNC0xMi0zMVQxODozMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwidHlwZSI6IkJwbkNyZWRlbnRpYWwifSwicHJvb2YiOnsicHJvb2ZQdXJwb3NlIjoicHJvb2ZQdXJwb3NlIiwidHlwZSI6Ikpzb25XZWJTaWduYXR1cmUyMDIwIiwidmVyaWZpY2F0aW9uTWV0aG9kIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCMiLCJjcmVhdGVkIjoiMjAyMy0wNy0xOVQwOToxMTozOVoiLCJqd3MiOiJleUpoYkdjaU9pSkZaRVJUUVNKOS4uZmRuMnFVODVhdU9sdGRIRExkSEk3c0pWVjFaUGRmdHBpWGRfbmRYTjBkRmdTRFdpSXJTY2REMDN3dHZLTHFfSC1zaFFXZmgyUlllTW1ybEV6QWhmRHcifX19LCJleHAiOjE2ODk3NTg1NDQsImp0aSI6IjdlNWE4MzQ4LTgwZjUtNGIzMS1iMDNlLTBiOTJmNzc4ZTVjZiJ9.c7FS-CLwm3vxfO9847M5sqcVxv3QbwwSmSsFWcGif7MOesjt1pdnARlQ4pvHzgsFj1UqBEvHwZQvyYyPCQg_Cw"
+ }
+ },
+ "VP as json-ld": {
+ "description": "VP as json-ld",
+ "value": {
+ "vp": {
+ "id": "b9d97cef-758d-4a7c-843d-86f17632b08a",
+ "type": [
+ "VerifiablePresentation"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1"
+ ],
+ "verifiableCredential": [
+ {
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ }
+ },
+ "required": true
+ },
+ "responses": {
+ "200": {
+ "description": "Verifiable presentation validate",
+ "content": {
+ "application/json": {
+ "examples": {
+ "VP as JWT": {
+ "description": "VP as JWT",
+ "value": {
+ "valid": true,
+ "validateJWTExpiryDate": true,
+ "validateAudience": true,
+ "vp": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiYXVkIjoic21hcnQiLCJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidnAiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIzM4ZTU2ZTg1LTNkODQtNGEyNS1iZjg1LWFiMjRlYzY4MmMwOSIsInR5cGUiOlsiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJdLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY2F0ZW5heC1uZy5naXRodWIuaW8vcHJvZHVjdC1jb3JlLXNjaGVtYXMvYnVzaW5lc3NQYXJ0bmVyRGF0YS5qc29uIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIkJwbkNyZWRlbnRpYWwiXSwiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwI2Y3M2UzNjMxLWJhODctNGEwMy1iZWEzLWIyODcwMDA1Njg3OSIsImlzc3VlciI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA3LTE5VDA5OjExOjM0WiIsImV4cGlyYXRpb25EYXRlIjoiMjAyNC0xMi0zMVQxODozMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwidHlwZSI6IkJwbkNyZWRlbnRpYWwifSwicHJvb2YiOnsicHJvb2ZQdXJwb3NlIjoicHJvb2ZQdXJwb3NlIiwidHlwZSI6Ikpzb25XZWJTaWduYXR1cmUyMDIwIiwidmVyaWZpY2F0aW9uTWV0aG9kIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCMiLCJjcmVhdGVkIjoiMjAyMy0wNy0xOVQwOToxMTozOVoiLCJqd3MiOiJleUpoYkdjaU9pSkZaRVJUUVNKOS4uZmRuMnFVODVhdU9sdGRIRExkSEk3c0pWVjFaUGRmdHBpWGRfbmRYTjBkRmdTRFdpSXJTY2REMDN3dHZLTHFfSC1zaFFXZmgyUlllTW1ybEV6QWhmRHcifX19LCJleHAiOjE2ODk4MzQ4MDUsImp0aSI6ImIwODYzOWZiLWQ5MWEtNGUwZS1iNmY4LTYzYjdhMzQ1ZTRhZiJ9.80x0AB-OauefdeZfx1cwhitdVKRvCRFeFzYwU73DL7y4w34vu6BdfHWLBGjkwELxkQEoFfiTPOqtuyqhtsyDBg",
+ "validateExpiryDate": true
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Validation of VP in form of JSON-LD is not supported": {
+ "description": "Validation of VP in form of JSON-LD is not supported",
+ "value": {
+ "type": "about:blank",
+ "title": "Validation of VP in form of JSON-LD is not supported",
+ "status": 400,
+ "detail": "Validation of VP in form of JSON-LD is not supported",
+ "instance": "/api/presentations/validation",
+ "properties": {
+ "timestamp": 1689835085703
+ }
+ }
+ },
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "Invalid data provided",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {
+ "filed": "filed error message"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/api/credentials": {
+ "get": {
+ "tags": [
+ "Verifiable Credential - Holder"
+ ],
+ "summary": "Query Verifiable Credentials",
+ "description": "Permission: **view_wallets** OR **view_wallet** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria",
+ "operationId": "getCredentials",
+ "parameters": [
+ {
+ "name": "credentialId",
+ "in": "query",
+ "description": "Credential Id",
+ "required": false,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "Credential Id": {
+ "description": "Credential Id",
+ "value": "did:web:localhost:BPNL000000000000#12528899-160a-48bd-ba15-f396c3959ae9"
+ }
+ }
+ },
+ {
+ "name": "issuerIdentifier",
+ "in": "query",
+ "description": "Issuer identifier(did of BPN)",
+ "required": false,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "bpn": {
+ "description": "bpn",
+ "value": "BPNL000000000000"
+ },
+ "did": {
+ "description": "did",
+ "value": "did:web:localhost:BPNL000000000000"
+ }
+ }
+ },
+ {
+ "name": "type",
+ "in": "query",
+ "description": "Type of VC",
+ "required": false,
+ "schema": {
+ "type": "array",
+ "maxItems": 100,
+ "items": {
+ "type": "string"
+ }
+ },
+ "examples": {
+ "SummaryCredential": {
+ "description": "SummaryCredential",
+ "value": "SummaryCredential"
+ },
+ "BpnCredential": {
+ "description": "BpnCredential",
+ "value": "BpnCredential"
+ }
+ }
+ },
+ {
+ "name": "sortColumn",
+ "in": "query",
+ "description": "Sort column name",
+ "required": false,
+ "schema": {
+ "type": "string",
+ "default": "createdAt"
+ },
+ "examples": {
+ "creation date": {
+ "description": "creation date",
+ "value": "createdAt"
+ },
+ "Self issued credential": {
+ "description": "Self issued credential",
+ "value": "selfIssued"
+ },
+ "Stored credential": {
+ "description": "Stored credential",
+ "value": "stored"
+ },
+ "Issuer did": {
+ "description": "Issuer did",
+ "value": "issuerDid"
+ },
+ "Credential type": {
+ "description": "Credential type",
+ "value": "type"
+ },
+ "Credential id": {
+ "description": "Credential id",
+ "value": "credentialId"
+ }
+ }
+ },
+ {
+ "name": "sortTpe",
+ "in": "query",
+ "description": "Sort order",
+ "required": false,
+ "schema": {
+ "type": "string",
+ "default": "desc"
+ },
+ "examples": {
+ "Ascending order": {
+ "description": "Ascending order",
+ "value": "asc"
+ },
+ "Descending order": {
+ "description": "Descending order",
+ "value": "desc"
+ }
+ }
+ },
+ {
+ "name": "pageNumber",
+ "in": "query",
+ "description": "Page number, Page number start with zero",
+ "required": false,
+ "schema": {
+ "maximum": 2147483647,
+ "minimum": 0,
+ "type": "integer",
+ "format": "int32",
+ "default": 0
+ }
+ },
+ {
+ "name": "size",
+ "in": "query",
+ "description": "Number of records per page",
+ "required": false,
+ "schema": {
+ "maximum": 2147483647,
+ "minimum": 0,
+ "type": "integer",
+ "format": "int32",
+ "default": 2147483647
+ }
+ },
+ {
+ "name": "asJwt",
+ "in": "query",
+ "description": "Specifies whether the VC (Verifiable Credential) should be created as a JWT (JSON Web Token). If set to true, the VC will be generated in JWT formatSetting this parameter to false will result in the VC being created as JSON-LD Defaults to false if not specified.",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ },
+ "examples": {
+ "Create VC as JWT": {
+ "description": "Create VC as JWT",
+ "value": true
+ },
+ "Do not create VC as JWT": {
+ "description": "Do not create VC as JWT",
+ "value": false
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential list",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Credential list": {
+ "description": "Credential list",
+ "value": {
+ "content": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/SummaryVC.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#954d43de-ebed-481d-9e35-e3bbb311b8f5",
+ "type": [
+ "VerifiableCredential",
+ "SummaryCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-14T11:05:48Z",
+ "expirationDate": "2023-09-30T18:30:00Z",
+ "credentialSubject": [
+ {
+ "contractTemplate": "https://public.catena-x.org/contracts/",
+ "holderIdentifier": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "items": [
+ "BpnCredential"
+ ],
+ "type": "SummaryCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-14T11:05:50Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..4xwFUCtP0xXVEo5_lXd90Vv-TWO2FijZut-HZ5cozAQseexj8EpTkK1erhFbf2Ua1kb8pi_H5At5HiPkTxSIAQ",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ],
+ "pageable": {
+ "sort": {
+ "empty": false,
+ "sorted": true,
+ "unsorted": false
+ },
+ "offset": 0,
+ "pageNumber": 0,
+ "pageSize": 2147483647,
+ "paged": true,
+ "unpaged": false
+ },
+ "totalElements": 1,
+ "totalPages": 1,
+ "last": true,
+ "size": 2147483647,
+ "number": 0,
+ "sort": {
+ "empty": false,
+ "sorted": true,
+ "unsorted": false
+ },
+ "first": true,
+ "numberOfElements": 1,
+ "empty": false
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "title",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {}
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "404": {
+ "description": "Wallet not found with caller BPN",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet not found with caller BPN": {
+ "description": "Wallet not found with caller BPN",
+ "value": {
+ "type": "about:blank",
+ "title": "Wallet not found for identifier did:web:localhost:BPNL0000000",
+ "status": 404,
+ "detail": "Wallet not found for identifier did:web:localhost:BPNL0000000",
+ "instance": "/api/wallets/did%3Aweb%3Alocalhost%3ABPNL0000000/credentials",
+ "properties": {
+ "timestamp": 1689765541959
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ },
+ "post": {
+ "tags": [
+ "Verifiable Credential - Holder"
+ ],
+ "summary": "Issue Verifiable Credential",
+ "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Credential must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID",
+ "operationId": "issueCredential",
+ "parameters": [
+ {
+ "name": "asJwt",
+ "in": "query",
+ "description": "Specifies whether the VC (Verifiable Credential) should be created as a JWT (JSON Web Token). If set to true, the VC will be generated in JWT formatSetting this parameter to false will result in the VC being created as JSON-LD Defaults to false if not specified.",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ },
+ "examples": {
+ "Create VC as JWT": {
+ "description": "Create VC as JWT",
+ "value": true
+ },
+ "Do not create VC as JWT": {
+ "description": "Do not create VC as JWT",
+ "value": false
+ }
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "object"
+ }
+ },
+ "example": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type": [
+ "VerifiableCredential",
+ "BankDetails"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BankDetails",
+ "accountNumber": "123456789",
+ "bankName": "Dummy Bank"
+ }
+ ]
+ }
+ }
+ },
+ "required": true
+ },
+ "responses": {
+ "201": {
+ "description": "Success Response",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Success Response": {
+ "description": "Success Response",
+ "value": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#319a2641-9407-4c39-bf51-a4a109b59604",
+ "type": [
+ "VerifiableCredential",
+ "BankDetails"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T13:41:52Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "bankName": "Dummy Bank",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BankDetails",
+ "accountNumber": "123456789"
+ }
+ ],
+ "proof": {
+ "proofPurpose": "proofPurpose",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#",
+ "type": "JsonWebSignature2020",
+ "created": "2023-07-19T13:41:54Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdqaAsPhQ5xZhQiRvWliDVXX-R9NzCvFXGUAOyQ8yE1hmf_4cvxS7JFuEojjsi3V-n66iiRCUFEXsnv56XPgDA"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "Invalid data provided",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {
+ "filed": "filed error message"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "404": {
+ "description": "Wallet not found with caller BPN",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet not found with caller BPN": {
+ "description": "Wallet not found with caller BPN",
+ "value": {
+ "type": "about:blank",
+ "title": "Wallet not found for identifier did:web:localhost:BPNL0000000501",
+ "status": 404,
+ "detail": "Wallet not found for identifier did:web:localhost:BPNL0000000501",
+ "instance": "/api/wallets/did%3Aweb%3Alocalhost%3ABPNL0000000501",
+ "properties": {
+ "timestamp": 1689764377224
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/api/credentials/validation": {
+ "post": {
+ "tags": [
+ "Verifiable Credential - Validation"
+ ],
+ "summary": "Validate Verifiable Credentials",
+ "description": "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Credentials",
+ "operationId": "credentialsValidation",
+ "parameters": [
+ {
+ "name": "withCredentialExpiryDate",
+ "in": "query",
+ "description": "Check expiry of VC",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CredentialVerificationRequest"
+ },
+ "examples": {
+ "Validate credential in JSON-LD format": {
+ "description": "Validate credential in JSON-LD format",
+ "value": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ },
+ "Validate credential in JWT format": {
+ "description": "Validate credential in JWT format",
+ "value": {
+ "jwt": "eyJraWQiOiJkaWQ6d2ViOmFmODgtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjOGYyZWU5ZDItYTM2Yy00MTM4LWJlMWYtYjZmZWZiNmY4MDI0IiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6d2ViOmFmODgtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJzdWIiOiJkaWQ6d2ViOmFmODgtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMTEiLCJleHAiOjE3MzU2Njk4MDAsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly9jb2Zpbml0eS14LmdpdGh1Yi5pby9zY2hlbWEtcmVnaXN0cnkvdjEuMS9Vc2VDYXNlVkMuanNvbiIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIl0sImlkIjoiZGlkOndlYjphZjg4LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwI2Q4Y2ZjZDBiLWY0NGQtNDVkMC05OGEzLTA4ZDZkNmU5Y2E5NSIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJVc2VDYXNlRnJhbWV3b3JrQ29uZGl0aW9uIl0sImlzc3VlciI6ImRpZDp3ZWI6YWY4OC0yMDMtMTI5LTIxMy0xMDcubmdyb2stZnJlZS5hcHA6QlBOTDAwMDAwMDAwMDAwMCIsImNyZWRlbnRpYWxTdWJqZWN0IjpbeyJob2xkZXJJZGVudGlmaWVyIjoiQlBOTDAwMDAwMDAwMDAxMSIsImlkIjoiZGlkOndlYjphZjg4LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDExIiwidHlwZSI6IkJlaGF2aW9yVHdpbkNyZWRlbnRpYWwiLCJjb250cmFjdFRlbXBsYXRlIjoiaHR0cHM6Ly9wdWJsaWMuY2F0ZW5hLXgub3JnL2NvbnRyYWN0cy90cmFjZWFiaWx0eS52MS5wZGYiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCJ9XSwiY3JlZGVudGlhbFN0YXR1cyI6bnVsbCwiaXNzdWFuY2VEYXRlIjoiMjAyNC0wMi0wOFQxNDowMjo1M1oiLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjQtMTItMzFUMTg6MzA6MDBaIn0sImp0aSI6IjliYWFhMjIzLTAxMjctNDEyZS05NjZhLTA3ZTJmZGU4NGNlNCJ9.X3rkj8Gv4OD5nEaeFG5pSA-dogbcYA91YEPmHiKT4FhAiIr7QAdSEULGXHYOn8-eK0jSDHNdAxNYIK1UwYRsCA"
+ }
+ }
+ }
+ }
+ },
+ "required": true
+ },
+ "responses": {
+ "200": {
+ "description": "Validate Verifiable Credentials",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Verifiable Credentials without check expiry": {
+ "description": "Verifiable Credentials without check expiry",
+ "value": {
+ "valid": true,
+ "vc": {
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ },
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z"
+ }
+ }
+ },
+ "Verifiable Credentials with check expiry": {
+ "description": "Verifiable Credentials with check expiry",
+ "value": {
+ "valid": true,
+ "validateExpiryDate": true,
+ "vc": {
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ },
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z"
+ }
+ }
+ },
+ "Verifiable expired credentials with check expiry ": {
+ "description": "Verifiable expired credentials with check expiry ",
+ "value": {
+ "valid": false,
+ "validateExpiryDate": false,
+ "vc": {
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ },
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2022-12-31T18:30:00Z"
+ }
+ }
+ },
+ "Revocable Verifiable credentials with check expiry ": {
+ "description": "Revocable Verifiable credentials with check expiry ",
+ "value": {
+ "credentialStatus": "active",
+ "valid": true,
+ "validateExpiryDate": true,
+ "vc": {
+ "credentialSubject": [
+ {
+ "holderIdentifier": "BPNL000000000001",
+ "allowedVehicleBrands": [
+ "Audi",
+ "Abarth",
+ "Alfa Romeo",
+ "Chrysler"
+ ],
+ "id": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000001",
+ "activityType": "vehicleDismantle",
+ "type": "DismantlerCredential"
+ }
+ ],
+ "issuanceDate": "2024-01-05T05:42:53Z",
+ "id": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000#8507aa50-b2a4-4532-8e45-f50e7654b23b",
+ "proof": {
+ "proofPurpose": "assertionMethod",
+ "verificationMethod": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000#a39d8ccf-2a66-488d-bfec-916768082e91",
+ "type": "JsonWebSignature2020",
+ "created": "2024-01-05T05:42:53Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..15NdxA8L_Iw7Igxevm7YGMAQA-Kt6PMOpix6p0jaYHCtfQnTy3q61SDvsnsltGT6fzM90JOubOuig2WFy-GPDg"
+ },
+ "type": [
+ "VerifiableCredential",
+ "DismantlerCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://cofinity-x.github.io/schema-registry/v1.1/DismantlerVC.json",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://w3id.org/vc/status-list/2021/v1"
+ ],
+ "issuer": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000",
+ "credentialStatus": {
+ "id": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000#0",
+ "statusPurpose": "revocation",
+ "statusListIndex": "0",
+ "statusListCredential": "https://ae96-203-129-213-107.ngrok-free.app/api/v1/revocations/credentials?issuerId=did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000",
+ "type": "StatusList2021Entry"
+ },
+ "expirationDate": "2024-12-31T18:30:00Z"
+ }
+ }
+ },
+ "Verifiable Credentials with invalid signature": {
+ "description": "Verifiable Credentials with invalid signature",
+ "value": {
+ "valid": false,
+ "vc": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhf",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/api/credentials/issuer": {
+ "get": {
+ "tags": [
+ "Verifiable Credential - Issuer"
+ ],
+ "summary": "Query Verifiable Credentials",
+ "description": "Permission: **view_wallets** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria",
+ "operationId": "getCredentials_1",
+ "parameters": [
+ {
+ "name": "credentialId",
+ "in": "query",
+ "description": "Credential Id",
+ "required": false,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "Credential Id": {
+ "description": "Credential Id",
+ "value": "did:web:localhost:BPNL000000000000#12528899-160a-48bd-ba15-f396c3959ae9"
+ }
+ }
+ },
+ {
+ "name": "holderIdentifier",
+ "in": "query",
+ "description": "Holder identifier(did of BPN)",
+ "required": false,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "bpn": {
+ "description": "bpn",
+ "value": "BPNL000000000001"
+ },
+ "did": {
+ "description": "did",
+ "value": "did:web:localhost:BPNL000000000001"
+ }
+ }
+ },
+ {
+ "name": "type",
+ "in": "query",
+ "description": "Type of VC",
+ "required": false,
+ "schema": {
+ "type": "array",
+ "maxItems": 100,
+ "items": {
+ "type": "string"
+ }
+ },
+ "examples": {
+ "SummaryCredential": {
+ "description": "SummaryCredential",
+ "value": "SummaryCredential"
+ },
+ "BpnCredential": {
+ "description": "BpnCredential",
+ "value": "BpnCredential"
+ }
+ }
+ },
+ {
+ "name": "pageNumber",
+ "in": "query",
+ "description": "Page number, Page number start with zero",
+ "required": false,
+ "schema": {
+ "maximum": 2147483647,
+ "minimum": 0,
+ "type": "integer",
+ "format": "int32",
+ "default": 0
+ }
+ },
+ {
+ "name": "size",
+ "in": "query",
+ "description": "Number of records per page",
+ "required": false,
+ "schema": {
+ "maximum": 2147483647,
+ "minimum": 0,
+ "type": "integer",
+ "format": "int32",
+ "default": 2147483647
+ }
+ },
+ {
+ "name": "sortColumn",
+ "in": "query",
+ "description": "Sort column name",
+ "required": false,
+ "schema": {
+ "type": "string",
+ "default": "createdAt"
+ },
+ "examples": {
+ "creation date": {
+ "description": "creation date",
+ "value": "createdAt"
+ },
+ "Holder did": {
+ "description": "Holder did",
+ "value": "holderDid"
+ },
+ "Credential type": {
+ "description": "Credential type",
+ "value": "type"
+ },
+ "Credential id": {
+ "description": "Credential id",
+ "value": "credentialId"
+ }
+ }
+ },
+ {
+ "name": "sortTpe",
+ "in": "query",
+ "description": "Sort order",
+ "required": false,
+ "schema": {
+ "type": "string",
+ "default": "desc"
+ },
+ "examples": {
+ "Ascending order": {
+ "description": "Ascending order",
+ "value": "asc"
+ },
+ "Descending order": {
+ "description": "Descending order",
+ "value": "desc"
+ }
+ }
+ },
+ {
+ "name": "asJwt",
+ "in": "query",
+ "description": "Specifies whether the VC (Verifiable Credential) should be created as a JWT (JSON Web Token). If set to true, the VC will be generated in JWT formatSetting this parameter to false will result in the VC being created as JSON-LD Defaults to false if not specified.",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ },
+ "examples": {
+ "Create VC as JWT": {
+ "description": "Create VC as JWT",
+ "value": true
+ },
+ "Do not create VC as JWT": {
+ "description": "Do not create VC as JWT",
+ "value": false
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Issuer credential list",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Issuer credential list": {
+ "description": "Issuer credential list",
+ "value": {
+ "content": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#ae364f71-f054-4d91-b579-f001bcb3e59e",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:27:42Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:27:44Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..evDHQfW4EzJUt2HnS_WlmO8FFtywTGnwyywtCE7WP41my4Iscpqr4tbuVOqnZg85b4U8L3_ut8_pEONIhbExCQ",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ },
+ {
+ "type": [
+ "VerifiableCredential",
+ "SummaryCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/SummaryVC.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:11:39Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "contractTemplate": "https://public.catena-x.org/contracts/",
+ "holderIdentifier": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "items": [
+ "BpnCredential"
+ ],
+ "type": "SummaryCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:41Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..YvoFhDip3TQAfZUIu0yc843oA4uGTg049dMFt_GoaMmPjiNB_B1EFOL-gDpwjIxTYNlGOO_CLp9qStbzlDTNBg",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ],
+ "pageable": {
+ "sort": {
+ "empty": false,
+ "unsorted": false,
+ "sorted": true
+ },
+ "offset": 0,
+ "pageNumber": 0,
+ "pageSize": 2147483647,
+ "paged": true,
+ "unpaged": false
+ },
+ "last": true,
+ "totalPages": 1,
+ "totalElements": 3,
+ "first": true,
+ "size": 2147483647,
+ "number": 0,
+ "sort": {
+ "empty": false,
+ "unsorted": false,
+ "sorted": true
+ },
+ "numberOfElements": 3,
+ "empty": false
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "title",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {}
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ },
+ "post": {
+ "tags": [
+ "Verifiable Credential - Issuer"
+ ],
+ "summary": "Issue Verifiable Credential",
+ "description": "Permission: **update_wallets** (The BPN of the base wallet must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID",
+ "operationId": "issueCredentialUsingBaseWallet",
+ "parameters": [
+ {
+ "name": "holderDid",
+ "in": "query",
+ "description": "Holder DID",
+ "required": true,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "did": {
+ "description": "did",
+ "value": "did:web:localhost:BPNL000000000000"
+ }
+ }
+ },
+ {
+ "name": "asJwt",
+ "in": "query",
+ "description": "Specifies whether the VC (Verifiable Credential) should be created as a JWT (JSON Web Token). If set to true, the VC will be generated in JWT formatSetting this parameter to false will result in the VC being created as JSON-LD Defaults to false if not specified.",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ },
+ "examples": {
+ "Create VC as JWT": {
+ "description": "Create VC as JWT",
+ "value": true
+ },
+ "Do not create VC as JWT": {
+ "description": "Do not create VC as JWT",
+ "value": false
+ }
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "object"
+ }
+ },
+ "example": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ]
+ }
+ }
+ },
+ "required": true
+ },
+ "responses": {
+ "201": {
+ "description": "Issuer credential",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Issuer credential": {
+ "description": "Issuer credential",
+ "value": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#ff084e7a-1b46-4a2f-a78d-3d701a0bd6e4",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T12:18:30Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#",
+ "created": "2023-07-19T12:18:34Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..0Ua1vcTQAYwQY3PPuHr4RQxqW6iIngrHQQx1oPgk2uzqUpcbfY2YUxXAnbNA333-lSuvNhiV_1NLfBnCEcI2DQ"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "Invalid data provided",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {
+ "filed": "filed error message"
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "404": {
+ "description": "Wallet not found with provided identifier",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet not found with provided identifier": {
+ "description": "Wallet not found with provided identifier",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 404,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/{bpn}/did.json": {
+ "get": {
+ "tags": [
+ "DIDDocument"
+ ],
+ "summary": "Resolve DID Document",
+ "description": "Resolve the DID document for a given BPN",
+ "operationId": "getDidResolve",
+ "parameters": [
+ {
+ "name": "bpn",
+ "in": "path",
+ "description": "BPN",
+ "required": true,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "bpn": {
+ "description": "bpn",
+ "value": "BPNL000000000000"
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "DID document",
+ "content": {
+ "application/json": {
+ "examples": {
+ " DID document": {
+ "description": " DID document",
+ "value": {
+ "@context": [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000",
+ "verificationMethod": [
+ {
+ "controller": "did:web:localhost:BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "publicKeyJwk": {
+ "crv": "Ed25519",
+ "kty": "OKP",
+ "x": "wAOQvr92L1m7RwrpeOrgWByVYvWmhRr4fJbiMwHEIdY"
+ },
+ "type": "JsonWebKey2020"
+ }
+ ]
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Wallet not found with provided bpn",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet not found with provided bpn": {
+ "description": "Wallet not found with provided bpn",
+ "value": {
+ "type": "about:blank",
+ "title": "Wallet not found for identifier BPNL00000000000",
+ "status": 404,
+ "detail": "Wallet not found for identifier BPNL00000000000",
+ "instance": "/BPNL00000000000/did.json",
+ "properties": {
+ "timestamp": 1689767698010
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/api/wallets/{identifier}": {
+ "get": {
+ "tags": [
+ "Wallets"
+ ],
+ "summary": "Retrieve wallet by BPN",
+ "description": "Permission: **view_wallets** OR **view_wallet** (The BPN of Wallet to retrieve must equal the BPN of caller or Base wallet, authority wallet can see all wallets) \n\n Retrieve single wallet by identifier, with or without its credentials",
+ "operationId": "getWalletByIdentifier",
+ "parameters": [
+ {
+ "name": "identifier",
+ "in": "path",
+ "description": "Did or BPN",
+ "required": true,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "bpn": {
+ "description": "bpn",
+ "value": "BPNL000000000000"
+ },
+ "did": {
+ "description": "did",
+ "value": "did:web:localhost:BPNL000000000000"
+ }
+ }
+ },
+ {
+ "name": "withCredentials",
+ "in": "query",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Wallet Details",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet details without with credentials false": {
+ "description": "Wallet details without with credentials false",
+ "value": {
+ "name": "companyA",
+ "did": "did:web:localhost:BPNL000000000001",
+ "bpn": "BPNL000000000001",
+ "algorithm": "ED25519",
+ "didDocument": {
+ "@context": [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000001",
+ "verificationMethod": [
+ {
+ "controller": "did:web:localhost:BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001#",
+ "publicKeyJwk": {
+ "crv": "Ed25519",
+ "kty": "OKP",
+ "x": "mhph0ZSVk7cDVmazbaaC3jBDpphW4eNygAK9gHPlMow"
+ },
+ "type": "JsonWebKey2020"
+ }
+ ]
+ }
+ }
+ },
+ "Wallet details without with credentials true": {
+ "description": "Wallet details without with credentials true",
+ "value": {
+ "name": "companyA",
+ "did": "did:web:localhost:BPNL000000000001",
+ "bpn": "BPNL000000000001",
+ "algorithm": "ED25519",
+ "didDocument": {
+ "@context": [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000001",
+ "verificationMethod": [
+ {
+ "controller": "did:web:localhost:BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001#",
+ "publicKeyJwk": {
+ "crv": "Ed25519",
+ "kty": "OKP",
+ "x": "mhph0ZSVk7cDVmazbaaC3jBDpphW4eNygAK9gHPlMow"
+ },
+ "type": "JsonWebKey2020"
+ }
+ ]
+ },
+ "verifiableCredentials": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#a1f8ae36-9919-4ed8-8546-535280acc5bf",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:14:45Z",
+ "expirationDate": "2023-09-30T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:14:47Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..O69dLGMDVgZQJ7chFx3aUbkJFvibH8WWunw634rIDC77_pdiUHvQpQ0hq15_7OgFMy3dp-9H-pNgxTZ-i4UXCw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The input does not comply to the syntax requirements",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Response in case of invalid data provided": {
+ "description": "Response in case of invalid data provided",
+ "value": {
+ "type": "about:blank",
+ "title": "title",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689760833962,
+ "errors": {}
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden access"
+ },
+ "404": {
+ "description": "Wallet not found with provided identifier",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet not found with provided identifier": {
+ "description": "Wallet not found with provided identifier",
+ "value": {
+ "type": "about:blank",
+ "title": "Wallet not found for identifier did:web:localhost:BPNL0000000501",
+ "status": 404,
+ "detail": "Wallet not found for identifier did:web:localhost:BPNL0000000501",
+ "instance": "/api/wallets/did%3Aweb%3Alocalhost%3ABPNL0000000501",
+ "properties": {
+ "timestamp": 1689764377224
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ },
+ "/api/presentations/iatp": {
+ "get": {
+ "tags": [
+ "Verifiable Presentations - Generation"
+ ],
+ "summary": "Create Verifiable Presentation",
+ "description": "Create a verifiable presentation for the verifiable credential types listed in STS token",
+ "operationId": "createPresentation_1",
+ "parameters": [
+ {
+ "name": "asJwt",
+ "in": "query",
+ "required": false,
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Verifiable Presentation",
+ "content": {
+ "application/json": {
+ "examples": {
+ "VP as Json-LD": {
+ "description": "VP as Json-LD",
+ "value": {
+ "vp": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#b2e69e47-95f3-48ff-af30-eaaab36431d5",
+ "type": [
+ "VerifiablePresentation"
+ ],
+ "verifiableCredential": [
+ {
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ]
+ }
+ }
+ },
+ "VP as JWT": {
+ "description": "VP as JWT",
+ "value": {
+ "vp": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiYXVkIjoic21hcnQiLCJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidnAiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIzM4ZTU2ZTg1LTNkODQtNGEyNS1iZjg1LWFiMjRlYzY4MmMwOSIsInR5cGUiOlsiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJdLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY2F0ZW5heC1uZy5naXRodWIuaW8vcHJvZHVjdC1jb3JlLXNjaGVtYXMvYnVzaW5lc3NQYXJ0bmVyRGF0YS5qc29uIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIkJwbkNyZWRlbnRpYWwiXSwiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwI2Y3M2UzNjMxLWJhODctNGEwMy1iZWEzLWIyODcwMDA1Njg3OSIsImlzc3VlciI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA3LTE5VDA5OjExOjM0WiIsImV4cGlyYXRpb25EYXRlIjoiMjAyNC0xMi0zMVQxODozMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwidHlwZSI6IkJwbkNyZWRlbnRpYWwifSwicHJvb2YiOnsicHJvb2ZQdXJwb3NlIjoicHJvb2ZQdXJwb3NlIiwidHlwZSI6Ikpzb25XZWJTaWduYXR1cmUyMDIwIiwidmVyaWZpY2F0aW9uTWV0aG9kIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCMiLCJjcmVhdGVkIjoiMjAyMy0wNy0xOVQwOToxMTozOVoiLCJqd3MiOiJleUpoYkdjaU9pSkZaRVJUUVNKOS4uZmRuMnFVODVhdU9sdGRIRExkSEk3c0pWVjFaUGRmdHBpWGRfbmRYTjBkRmdTRFdpSXJTY2REMDN3dHZLTHFfSC1zaFFXZmgyUlllTW1ybEV6QWhmRHcifX19LCJleHAiOjE2ODk4MzQ4MDUsImp0aSI6ImIwODYzOWZiLWQ5MWEtNGUwZS1iNmY4LTYzYjdhMzQ1ZTRhZiJ9.80x0AB-OauefdeZfx1cwhitdVKRvCRFeFzYwU73DL7y4w34vu6BdfHWLBGjkwELxkQEoFfiTPOqtuyqhtsyDBg"
+ }
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "The request could not be completed due to a failed authorization."
+ },
+ "403": {
+ "description": "The request could not be completed due to a forbidden scope value"
+ },
+ "404": {
+ "description": "One or more of the requested verifiable credential types were not found",
+ "content": {
+ "application/json": {
+ "examples": {
+ "One or more of the requested verifiable credential types were not found": {
+ "description": "One or more of the requested verifiable credential types were not found",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 404,
+ "detail": "Verifiable credential types that were not found",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "sts_token": []
+ }
+ ]
+ }
+ },
+ "/api/didDocuments/{identifier}": {
+ "get": {
+ "tags": [
+ "DIDDocument"
+ ],
+ "summary": "Resolve DID Document",
+ "description": "Resolve the DID document for a given DID or BPN",
+ "operationId": "getDidDocument",
+ "parameters": [
+ {
+ "name": "identifier",
+ "in": "path",
+ "description": "Did or BPN",
+ "required": true,
+ "schema": {
+ "type": "string"
+ },
+ "examples": {
+ "bpn": {
+ "description": "bpn",
+ "value": "BPNL000000000000"
+ },
+ "did": {
+ "description": "did",
+ "value": "did:web:localhost:BPNL000000000000"
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "DID document",
+ "content": {
+ "application/json": {
+ "examples": {
+ " DID document": {
+ "description": " DID document",
+ "value": {
+ "@context": [
+ "https://www.w3.org/ns/did/v1",
+ "https://w3c.github.io/vc-jws-2020/contexts/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000",
+ "verificationMethod": [
+ {
+ "controller": "did:web:localhost:BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "publicKeyJwk": {
+ "crv": "Ed25519",
+ "kty": "OKP",
+ "x": "wAOQvr92L1m7RwrpeOrgWByVYvWmhRr4fJbiMwHEIdY"
+ },
+ "type": "JsonWebKey2020"
+ }
+ ]
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Wallet not found with provided bpn",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Wallet not found with provided bpn": {
+ "description": "Wallet not found with provided bpn",
+ "value": {
+ "type": "about:blank",
+ "title": "Wallet not found for identifier BPNL00000000000",
+ "status": 404,
+ "detail": "Wallet not found for identifier BPNL00000000000",
+ "instance": "/BPNL00000000000/did.json",
+ "properties": {
+ "timestamp": 1689767698010
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Any other internal server error",
+ "content": {
+ "application/json": {
+ "examples": {
+ "Internal server error": {
+ "description": "Internal server error",
+ "value": {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "security": [
+ {
+ "Authenticate using access_token": []
+ }
+ ]
+ }
+ }
+ },
+ "components": {
+ "schemas": {
+ "CreateWalletRequest": {
+ "required": [
+ "businessPartnerNumber",
+ "companyName",
+ "didUrl"
+ ],
+ "type": "object",
+ "properties": {
+ "businessPartnerNumber": {
+ "pattern": "^(BPN)(L|S|A)[0-9A-Z]{12}",
+ "type": "string"
+ },
+ "companyName": {
+ "maxLength": 255,
+ "minLength": 1,
+ "type": "string"
+ },
+ "didUrl": {
+ "maxLength": 2000,
+ "minLength": 1,
+ "type": "string"
+ }
+ }
+ },
+ "SecureTokenRequest": {
+ "type": "object",
+ "properties": {
+ "audience": {
+ "type": "string"
+ },
+ "client_id": {
+ "type": "string"
+ },
+ "client_secret": {
+ "type": "string"
+ },
+ "grant_type": {
+ "type": "string"
+ },
+ "access_token": {
+ "type": "string"
+ },
+ "bearer_access_alias": {
+ "type": "string"
+ },
+ "bearer_access_scope": {
+ "type": "string"
+ }
+ }
+ },
+ "CredentialVerificationRequest": {
+ "type": "object",
+ "properties": {
+ "jwt": {
+ "type": "string",
+ "writeOnly": true
+ },
+ "vc": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "object"
+ },
+ "writeOnly": true
+ },
+ "empty": {
+ "type": "boolean"
+ }
+ },
+ "additionalProperties": {
+ "type": "object"
+ }
+ }
+ },
+ "securitySchemes": {
+ "Authenticate using access_token": {
+ "type": "apiKey",
+ "description": "**Bearer (apiKey)**\nJWT Authorization header using the Bearer scheme.\nEnter **Bearer** [space] and then your token in the text input below:\nExample: Bearer 12345abcdef\n",
+ "name": "Authorization",
+ "in": "header"
+ },
+ "sts_token": {
+ "type": "apiKey",
+ "description": "**STS token**\nJWT Authorization header.\nEnter your token in the text input below:\nExample: 12345abcdef\n",
+ "name": "Authorization",
+ "in": "header"
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/docs/arc42/main.md b/docs/arc42/main.md
index a56720345..ba5f7fe2f 100644
--- a/docs/arc42/main.md
+++ b/docs/arc42/main.md
@@ -165,167 +165,18 @@ end box
group "Create Wallet"
box "Create Wallet"
user -> MIW: "/api/wallet" with BPN and Name
- group "Wallet Creation"
+ group "Wallet Creation"
MIW -> MIW: Create Database entry
MIW -> MIW: Create Private and Public Key
MIW -> MIW: Store Private Key AES encrypted in DB
MIW -> MIW: Create DID:web Document
MIW -> MIW: Store DID-Document
end group
- group "BPN Credential"
- MIW -> MIW: Create BPN Credential
- MIW -> MIW: Sign JSON-LD BPN Credential with issuer private key (Private Key of Issuer Wallet)
- MIW -> MIW: Store BPN Credential
- end group
- group "Summary Credential"
- MIW -> MIW: Access User Wallet
- MIW -> MIW: Check if Summary Credential is already Created
- MIW -> MIW: Check BPN Credential is not already in Summary Credential
- MIW -> MIW: Create Summary Credential with BPN
- MIW -> MIW: Store Summary Credential in Issuer Wallet
- MIW -> MIW: Store Summary Credential in Holder Wallet
- end group
MIW --> user: Return Wallet
end box
end group
```
-### Issue Membership Credential
-
-```plantuml
-title Issue Membership Credential
-
-actor User as User
-
-participant PortalIDP as keycloak
-participant ManagedIdentityWallet as MIW
-
-box "Get Accesstoken"
- User -> keycloak: Get AccessToken
- keycloak --> User: AccessToken
-end box
-
-group "Issue Membership"
- User -> MIW: "/api/credentials/issuer/membership" with BPN
- group "Create Membership Credential"
- MIW -> MIW: Create Use Case Credential
- MIW -> MIW: Sign JSON-LD Use Case Credential with issuer private key (Private Key of Issuer Wallet)
- MIW -> MIW: Store Credential in Issuer Wallet
- MIW -> MIW: Store Credential in Holder Wallet
- end group
- group "Summary Credential"
- MIW -> MIW: Access User Wallet
- MIW -> MIW: Check if Summary Credential is already Created
- MIW -> MIW: Check Membership Credential is not already in Summary Credential
- MIW -> MIW: Delete Summary Credential in User Wallet
- MIW -> MIW: Create Summary Credential with specific Use Case
- MIW -> MIW: Store Summary Credential in Issuer Wallet
- MIW -> MIW: Store Summary Credential in Holder Wallet
- end group
- MIW --> User: Return signed Membership Credential
-end group
-```
-
-### Issue Usecase Credential
-
-```plantuml
-title Issue UseCaseFrameworkCredential
-
-actor User as User
-
-participant PortalIDP as keycloak
-participant ManagedIdentityWallet as MIW
-
-box "Get Accesstoken"
- User -> keycloak: Get AccessToken
- keycloak --> User: AccessToken
-end box
-
-group "Issue UseCaseCredential"
- User -> MIW: "/api/credentials/issuer/framework" with (BPN, Type, ContractVersion, ContractTemplate)
- group "Use Case Credential"
- MIW -> MIW: Create Use Case Credential
- MIW -> MIW: Sign JSON-LD Use Case Credential with issuer private key (Private Key of Issuer Wallet)
- MIW -> MIW: Store Credential in Issuer Wallet
- end group
- group "Summary Credential"
- MIW -> MIW: Access User Wallet
- MIW -> MIW: Check if Summary Credential is already Created
- MIW -> MIW: Check Use Case Credential is not already in Summary Credential
- MIW -> MIW: If not delete Summary Credential in User Wallet
- MIW -> MIW: Create Summary Credential with specific Use Case
- MIW -> MIW: Store Summary Credential in Issuer Wallet
- MIW -> MIW: Store Summary Credential in Holder Wallet
- end group
- MIW --> User: Return signed Use Case Credential
-end group
-```
-
-### Issue Dismantler Credential
-
-```plantuml
-title Issue Dismantler Credential
-
-actor User as User
-
-participant PortalIDP as keycloak
-participant ManagedIdentityWallet as MIW
-
-box "Get Accesstoken"
- User -> keycloak: Get AccessToken
- keycloak --> User: AccessToken
-end box
-
-group "Issue Dismantler Credential"
- User -> MIW: "/api/credentials/issuer/dismantler" with bpn, activityType, allowedVehicleBrands
- group "Create Dismantler Credential"
- MIW -> MIW: Create Dismantler Credential
- MIW -> MIW: Sign JSON-LD Dismantler Credential with issuer private key (Private Key of Issuer Wallet)
- MIW -> MIW: Store Credential in Issuer Wallet
- MIW -> MIW: Store Credential in Holder Wallet
- end group
- group "Summary Credential"
- MIW -> MIW: Access User Wallet
- MIW -> MIW: Check if Summary Credential is already Created
- MIW -> MIW: Check Dismantler Credential is not already in Summary Credential
- MIW -> MIW: Delete Summary Credential in User Wallet
- MIW -> MIW: Create Summary Credential with Dismantler added
- MIW -> MIW: Store Summary Credential in Issuer Wallet
- MIW -> MIW: Store Summary Credential in Holder Wallet
- end group
- MIW --> User: Return signed Dismantler Credential
-end group
-```
-
-### Fetch Summary Verifiable Presentation
-
-```plantuml
-title Fetch SummaryVP
-
-actor User as User
-
-participant PortalIDP as keycloak
-participant ManagedIdentityWallet as MIW
-
-box "Get Accesstoken"
- User -> keycloak: Get AccessToken
- keycloak --> User: AccessToken
-end box
-
-group "Get Summary VP"
- group "Get Summary Credential"
- User -> MIW: "/api/credentials?type=['SummaryCredential']"
- MIW -> MIW: Lookup Credential in Wallet with Type
- MIW --> User: Return Credential(s) with Type
- end group
- group "Create Summary Presentation"
- User -> MIW: "/api/presentations?withAudience=['Audience1','Audience2']+asJwt=true"
- MIW -> MIW: Issue VP with Audience as JWT
- MIW --> User: Return signed Presentation
- end group
-end group
-```
-
### Validate Verifiable Presentation
```plantuml
@@ -343,7 +194,7 @@ end box
group "Verify/Validate Verifiable Presentation"
User -> MIW: "/api/presentations/validation?withDateValidation=true" with VP
- group "Presentation Validation"
+ group "Presentation Validation"
MIW -> MIW: Validate Presentation JsonLD
MIW -> MIW: Verify Presentation Signature
end group
@@ -420,354 +271,6 @@ examples:
- `[uuid]` is a UUIDv4 type of UUID, e.g. `f01d7219-d1aa-48c6-beaa-9e433e80ac79`
- `[IRI]` is a URL-type of ID, but with extended characters, e.g. `"https://example.com/credentials/123"
-#### BPN Credential
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/businessPartnerData"
- ],
- "id": "[uuid]",
- "type": [
- "VerifiableCredential",
- "BpnCredential"
- ],
- "issuer": "[did]",
- "issuanceDate": "[iso8601-timestamp]",
- "credentialSubject": {
- "id": "[did]"
- "type": "BpnCredential",
- "bpn": "[bpn]"
- }
-}
-
-
-#### Behavior Twin Use Case Credential
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/UseCaseVC"
- ],
- "id": "[IRI]",
- "issuer": "[did]",
- "type": [
- "VerifiableCredential",
- "UseCaseFrameworkCondition"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]",
- "credentialSubject": {
- "id": "[did]",
- "holderIdentifier": "[bpn]",
- "usecase-agreement": {
- "value": "Behavior Twin",
- "type": "cx-behavior-twin",
- "contract-template": "https://public.catena-x.org/contracts/behavior_twin.v1.pdf",
- "contract-version": "1.0.0"
- }
- },
- "proof": {
- "type": "JsonWebSignature2020",
- "created": "[iso8601-timestamp]",
- "jws": "[jws]",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "[did#key-id]"
- }
-}
-
-
-#### Membership Credential
-
-Attestation of membership, currently used for Catena-X membership
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/businessPartnerData"
- ],
- "id": "[uuid]",
- "type": [
- "VerifiableCredential",
- "MembershipCredential"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]",
- "issuer": "[did]",
- "credentialSubject": {
- "id": "[did]"
- "type": "MembershipCredential",
- "holderIdentifier": "[bpn]",
- "memberOf": "Catena-X",
- "status": "Active",
- "startTime": "[iso8601-timestamp]",
- }
-}
-
-
-#### Dismantler Credential
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/businessPartnerData"
- ],
- "id": "[uuid]",
- "issuer": "[did]",
- "type": [
- "VerifiableCredential",
- "DismantlerCredential"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]",
- "credentialSubject": {
- "id": "[did]",
- "holderIdentifier": "[bpn]",
- "allowedVehicleBrands": [
- "[brand 1]",
- "[brand 2]",
- "[brand 3]"
- ]
- },
- "proof": {
- "type": "JsonWebSignature2020",
- "created": "[iso8601-timestamp]",
- "jws": "[jws]",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "[did#key-id]"
- }
-}
-
-
-#### PCF Use Case Credential
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/UseCaseVC"
- ],
- "id": "[uuid]",
- "issuer": "[did]",
- "type": [
- "VerifiableCredential",
- "UseCaseFrameworkCondition"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]", //Optional field
- "credentialSubject": {
- "id": "[did]",
- "holderIdentifier": "[bpn]",
- "usecaseAgreement": {
- "value": "PCF",
- "type": "cx-pcf",
- "contract-template": "https://public.catena-x.org/contracts/pcf.v1.pdf",
- "contract-version": "1.0.0"
- }
- },
- "proof": {
- "type": "JsonWebSignature2020",
- "created": "[iso8601-timestamp]",
- "jws": "[jws]",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "[did#key-id]"
- }
-}
-
-
-#### Quality Use Case Credential
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/UseCaseVC"
- ],
- "id": "[uuid]",
- "issuer": "[did]",
- "type": [
- "VerifiableCredential",
- "UseCaseFrameworkCondition"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]",
- "credentialSubject": {
- "id": "[did]",
- "holderIdentifier": "[bpn]",
- "usecase-agreement": {
- "value": "Quality",
- "type": "cx-quality",
- "contract-template": "https://public.catena-x.org/contracts/quality.v1.pdf",
- "contract-version": "1.0.0"
- }
- },
- "proof": {
- "type": "JsonWebSignature2020",
- "created": "[iso8601-timestamp]",
- "jws": "[jws]",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "[did#key-id]"
- }
-}
-
-
-#### Resiliency Use Case Credential
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/UseCaseVC"
- ],
- "id": "[uuid]",
- "issuer": "[did]",
- "type": [
- "VerifiableCredential",
- "UseCaseFrameworkCondition"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]",
- "credentialSubject": {
- "id": "[did]",
- "holderIdentifier": "[bpn]",
- "usecase-agreement": {
- "value": "Resiliency",
- "type": "cx-resiliency",
- "contract-template": "https://public.catena-x.org/contracts/resiliency.v1.pdf",
- "contract-version": "1.0.0"
- }
- },
- "proof": {
- "type": "JsonWebSignature2020",
- "created": "[iso8601-timestamp]",
- "jws": "[jws]",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "[did#key-id]"
- }
-}
-
-
-#### Sustainability Use Case Credential
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/UseCaseVC"
- ],
- "id": "[uuid]",
- "issuer": "[did]",
- "type": [
- "VerifiableCredential",
- "UseCaseFrameworkCondition"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]",
- "credentialSubject": {
- "id": "[did]",
- "holderIdentifier": "[bpn]",
- "usecase-agreement": {
- "value": "Sustainability",
- "type": "cx-sustainability",
- "contract-template": "https://public.catena-x.org/contracts/sustainability.v1.pdf",
- "contract-version": "1.0.0"
- }
- },
- "proof": {
- "type": "JsonWebSignature2020",
- "created": "[iso8601-timestamp]",
- "jws": "[jws]",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "[did#key-id]"
- }
-}
-
-
-#### Trace Use Case Credential
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/UseCaseVC"
- ],
- "id": "[uuid]",
- "issuer": "[did]",
- "type": [
- "VerifiableCredential",
- "UseCaseFrameworkCondition"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]", //Optional field
- "credentialSubject": {
- "id": "[did]",
- "holderIdentifier": "[bpn]",
- "usecaseAgreement": {
- "value": "ID_3.0_Trace",
- "type": "cx-traceability",
- "contract-template": "https://public.catena-x.org/contracts/traceabilty.v1.pdf",
- "contract-version": "1.0.0",
- }
- },
- "proof": {
- "type": "JsonWebSignature2020",
- "created": "[iso8601-timestamp]",
- "jws": "[jws]",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "[did#key-id]"
- }
-}
-
-
-#### Summary Credential (scheduled for deprecation)
-
-The flow of creating a summary credential
-
-```plantuml
-```
-
-
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/UseCaseVC"
- ],
- "id": "[uuid]",
- "issuer": "[did]",
- "type": [
- "VerifiableCredential",
- "SummaryCredential"
- ],
- "issuanceDate": "[iso8601-timestamp]",
- "expirationDate": "[iso8601-timestamp]", //Optional field
- "credentialSubject": {
- "id": "[did]",
- "holderIdentifier": "[bpn]",
- },
- "proof": {
- "type": "JsonWebSignature2020",
- "created": "[iso8601-timestamp]",
- "jws": "[jws]",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "[did#key-id]"
- }
-}
-
-
# Deployment
@@ -848,7 +351,7 @@ requirements where relevant and applicable:
- Security & Compliance: Container Scan
- Security & Compliance: Infrastructure as Code
-# Technical Debts
+# Technical Debts
## DID Technical Debts
@@ -859,14 +362,7 @@ requirements where relevant and applicable:
- No real tenant system
- Private Keys are AES encrypted and stored in the MIW Postgres database
- No revocation service available
-- Summary Credential used as a token.
-- Only 1 verifiable credential (VC) in a verifiable presentation (VP) possible
-- Summary VC (S-VC) created with the private key of the auhtority
- DID documents are stored in the MIW
-- Summary VC always get deleted when new CX-Credential is added to the
- MIW
-- The creation of CX-Credential is located in the MIW, should be a dedicated
- service outside of the wallet service
- Only managed wallet available. No self-mangaged wallet
- No Issuer Registry. Only one trusted issuer available
- Download of VC to own wallet not possible
@@ -874,11 +370,6 @@ requirements where relevant and applicable:
- No key rotation
- No update possibility for credentials, they need to be deleted and new ones generated
-## Verifiable Credential
-
-- CX-Credentials are not consistent
-- Only Summary Credential will be used because of the http header limition of 8KB
-
## Verifiable Presentation Protocol (VVP)
The *Verifiable Presentation Protocol (VPP)* is designed to address the problem of resolving Verifiable Presentations
@@ -909,7 +400,7 @@ Declaring file:
[VVP Flow Declaration](images/VVP-Flow.puml)
## SSI Library
-
+
- No validation for JsonWebSignature2020 with RSA key
- No Security valdition only Sercurity Assessment done, no attack vectors are tested
diff --git a/docs/openapi_v001.json b/docs/openapi_v001.json
deleted file mode 100644
index 857db03b7..000000000
--- a/docs/openapi_v001.json
+++ /dev/null
@@ -1,2536 +0,0 @@
-{
- "openapi": "3.0.3",
- "info": {
- "title": "Managed Identity Wallets API",
- "version": "0.0.1",
- "description": "Managed Identity Wallets API",
- "termsOfService": "https://www.eclipse.org/legal/termsofuse.php",
- "contact": {
- "name": "Eclipse Tractus-X",
- "url": "https://projects.eclipse.org/projects/automotive.tractusx",
- "email": "tractusx-dev@eclipse.org"
- },
- "license": {
- "name": "Apache 2.0",
- "url": "https://github.com/eclipse-tractusx/managed-identity-wallets/blob/develop/LICENSE"
- }
- },
- "servers": [],
- "paths": {
- "/api/wallets": {
- "get": {
- "tags": [
- "Wallets"
- ],
- "summary": "List of wallets",
- "description": "Permission: **view_wallets**\n\nRetrieve list of registered wallets",
- "parameters": [],
- "responses": {
- "200": {
- "description": "List of wallets",
- "content": {
- "application/json": {
- "schema": {
- "items": {
- "$ref": "#/components/schemas/WalletDto"
- },
- "type": "array",
- "maxItems": 100
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/wallet": {
- "post": {
- "tags": [
- "Wallets"
- ],
- "summary": "Create wallet",
- "description": "Permission: **add_wallets**\n\nCreate a wallet and store it ",
- "parameters": [],
- "requestBody": {
- "description": "wallet to create",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/WalletCreateDto"
- },
- "examples": {
- "demo": {
- "value": {
- "bpn": "name",
- "name": "bpn"
- }
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "201": {
- "description": "Wallet was successfully created",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/WalletDto"
- },
- "examples": {
- "demo": {
- "value": {
- "name": "name",
- "bpn": "bpn",
- "did": "did",
- "createdAt": "2023-02-13T15:06:06.539270",
- "vcs": []
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "The input does not comply to the syntax requirements",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "409": {
- "description": "The request could not be completed due to a conflict.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/wallet/{identifier}": {
- "get": {
- "tags": [
- "Wallets"
- ],
- "summary": "Retrieve wallet by identifier",
- "description": "Permission: **view_wallets** OR **view_wallet** (The BPN of Wallet to retrieve must equal the BPN of caller)\n\nRetrieve single wallet by identifier, with or without its credentials",
- "parameters": [
- {
- "name": "identifier",
- "in": "path",
- "schema": {
- "type": "string"
- },
- "required": true,
- "deprecated": false,
- "examples": {
- "did": {
- "value": "did:example:0123"
- },
- "bpn": {
- "value": "bpn123"
- }
- }
- },
- {
- "name": "withCredentials",
- "in": "query",
- "schema": {
- "type": "boolean"
- },
- "required": true,
- "deprecated": false,
- "examples": {
- "withCredentials": {
- "value": "false"
- }
- }
- }
- ],
- "responses": {
- "200": {
- "description": "The wallet",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/WalletDto"
- },
- "examples": {
- "demo": {
- "value": {
- "name": "name",
- "bpn": "bpn",
- "did": "did",
- "createdAt": "2023-02-13T15:06:06.539342",
- "vcs": []
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "The input does not comply to the syntax requirements",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "404": {
- "description": "The required entity does not exists",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/wallet/{identifier}/credentials": {
- "post": {
- "tags": [
- "Wallets"
- ],
- "summary": "Store Verifiable Credential",
- "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of wallet to extract credentials from must equal BPN of caller)\n\nStore a verifiable credential in the wallet of the given identifier",
- "parameters": [
- {
- "name": "identifier",
- "in": "path",
- "schema": {
- "type": "string"
- },
- "required": true,
- "deprecated": false,
- "examples": {
- "did": {
- "value": "did:exp:123"
- },
- "bpn": {
- "value": "BPN123"
- }
- }
- }
- ],
- "requestBody": {
- "description": "The verifiable credential to be stored",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/IssuedVerifiableCredentialRequestDto"
- },
- "examples": {
- "demo": {
- "value": {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "credentialStatus": {
- "id": "http://example.edu/api/credentials/status/test#3",
- "type": "StatusList2021Entry",
- "statusPurpose": "revocation",
- "statusListIndex": "3",
- "statusListCredential": "http://example.edu/api/credentials/status/test"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "201": {
- "description": "Success message",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/SuccessResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "Credential with id http://example.edu/credentials/3732has been successfully stored"
- }
- }
- }
- }
- }
- },
- "422": {
- "description": "The input can not be processed due to semantic mismatches",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "404": {
- "description": "The required entity does not exists",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/didDocuments/{identifier}": {
- "get": {
- "tags": [
- "DIDDocument"
- ],
- "summary": "Resolve DID Document",
- "description": "Resolve the DID document for a given DID or BPN",
- "parameters": [
- {
- "name": "identifier",
- "in": "path",
- "schema": {
- "type": "string"
- },
- "required": true,
- "deprecated": false,
- "examples": {
- "did": {
- "value": "did:exp:123"
- },
- "bpn": {
- "value": "BPN123"
- }
- }
- }
- ],
- "responses": {
- "200": {
- "description": "The resolved DID Document",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/DidDocumentDto"
- },
- "examples": {
- "demo": {
- "value": {
- "id": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "@context": [
- "https://www.w3.org/ns/did/v1"
- ],
- "controller": [
- "123",
- "1231"
- ],
- "verificationMethod": [
- {
- "id": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "type": "Ed25519VerificationKey2018",
- "controller": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "publicKeyBase58": "FyfKP2HvTKqDZQzvyL38yXH7bExmwofxHf2NR5BrcGf1"
- }
- ],
- "service": [
- {
- "id": "did:example:123#edv",
- "type": "ServiceEndpointProxyService",
- "serviceEndpoint": "https://myservice.com/myendpoint"
- }
- ]
- }
- }
- }
- }
- }
- },
- "404": {
- "description": "The required entity does not exists",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "The input does not comply to the syntax requirements",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/credentials": {
- "get": {
- "tags": [
- "VerifiableCredentials"
- ],
- "summary": "Query Verifiable Credentials",
- "description": "Permission: **view_wallets** OR **view_wallet** (The BPN of holderIdentifier must equal BPN of caller)\n\nSearch verifiable credentials with filter criteria",
- "parameters": [
- {
- "name": "holderIdentifier",
- "in": "query",
- "schema": {
- "type": "string"
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "holderIdentifierDid": {
- "value": "did:example:4567"
- },
- "holderIdentifierBPN": {
- "value": "BPN4567"
- }
- }
- },
- {
- "name": "credentialId",
- "in": "query",
- "schema": {
- "type": "string"
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "id": {
- "value": "http://example.edu/credentials/3732"
- }
- }
- },
- {
- "name": "issuerIdentifier",
- "in": "query",
- "schema": {
- "type": "string"
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "issuerIdentifierDid": {
- "value": "did:example:0123"
- },
- "issuerIdentifierBPN": {
- "value": "BPN0123"
- }
- }
- },
- {
- "name": "type",
- "in": "query",
- "schema": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "type": {
- "value": "['University-Degree-Credential']"
- }
- }
- }
- ],
- "responses": {
- "200": {
- "description": "The list of verifiable credentials matching the query, empty if no match found",
- "content": {
- "application/json": {
- "schema": {
- "items": {
- "$ref": "#/components/schemas/VerifiableCredentialDto"
- },
- "type": "array",
- "maxItems": 100
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- },
- "post": {
- "tags": [
- "VerifiableCredentials"
- ],
- "summary": "Issue Verifiable Credential",
- "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Credential must equal BPN of caller)\n\nIssue a verifiable credential with a given issuer DID",
- "parameters": [],
- "requestBody": {
- "description": "The verifiable credential input data",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiableCredentialRequestDto"
- },
- "examples": {
- "demo": {
- "value": {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuerIdentifier": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "holderIdentifier": "did:example:492edf208",
- "isRevocable": true
- }
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "201": {
- "description": "The created Verifiable Credential",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiableCredentialDto"
- },
- "examples": {
- "demo": {
- "value": {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "credentialStatus": {
- "id": "https://example.com/credentials/status/3#94567",
- "type": "StatusList2021Entry",
- "statusPurpose": "revocation",
- "statusListIndex": "94567",
- "statusListCredential": "https://example.com/credentials/status/3"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- }
- },
- "422": {
- "description": "The input can not be processed due to semantic mismatches",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "The input does not comply to the syntax requirements",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/credentials/issuer": {
- "post": {
- "tags": [
- "VerifiableCredentials"
- ],
- "summary": "Issue a Verifiable Credential with base wallet issuer",
- "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of base wallet must equal BPN of caller)\n\nIssue a verifiable credential by base wallet",
- "parameters": [],
- "requestBody": {
- "description": "The verifiable credential input",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiableCredentialRequestWithoutIssuerDto"
- },
- "examples": {
- "demo": {
- "value": {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "holderIdentifier": "did:example:492edf208"
- }
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "201": {
- "description": "The created Verifiable Credential",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiableCredentialDto"
- },
- "examples": {
- "demo": {
- "value": {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "credentialStatus": {
- "id": "https://example.com/credentials/status/3#94567",
- "type": "StatusList2021Entry",
- "statusPurpose": "revocation",
- "statusListIndex": "94567",
- "statusListCredential": "https://example.com/credentials/status/3"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- }
- },
- "422": {
- "description": "The input can not be processed due to semantic mismatches",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "The input does not comply to the syntax requirements",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/credentials/issuer/membership": {
- "post": {
- "tags": [
- "VerifiableCredentials"
- ],
- "summary": "Issue a Membership Verifiable Credential with base wallet issuer",
- "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of base wallet must equal BPN of caller)\n\nIssue a verifiable credential by base wallet",
- "parameters": [],
- "requestBody": {
- "description": "The bpn of the holders wallet",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/CreateMembershipVCDto"
- },
- "examples": {
- "demo": {
- "value": {
- "bpn": "bpn"
- }
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "201": {
- "description": "The created Verifiable Credential",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiableCredentialDto"
- },
- "examples": {
- "demo": {
- "value": {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "MembershipCredential, VerifiableCredential"
- ],
- "issuer": "did:web:miw.de/bpn0000000000",
- "issuanceDate": "2021-06-16T18:56:59Z",
- "credentialSubject": {
- "type": "MembershipCredential",
- "memberOf": "Catena-X",
- "status": "Active",
- "startTime": "2021-06-16T18:56:59Z"
- },
- "holderIdentifier": "bpn",
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:web:miw.de/bpn0000000000#key-0",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- }
- },
- "422": {
- "description": "The input can not be processed due to semantic mismatches",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "The input does not comply to the syntax requirements",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/credentials/validation": {
- "post": {
- "tags": [
- "VerifiableCredentials"
- ],
- "summary": "Validate Verifiable Credential",
- "description": "Permission: **view_wallets** OR **view_wallet**\n\nValidate Verifiable Credentials",
- "parameters": [
- {
- "name": "withDateValidation",
- "in": "query",
- "schema": {
- "type": "boolean",
- "default": false,
- "nullable": true
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "withDateValidation": {
- "value": "false"
- }
- }
- },
- {
- "name": "withRevocationValidation",
- "in": "query",
- "schema": {
- "type": "boolean",
- "default": true
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "withRevocationValidation": {
- "value": "false"
- }
- }
- }
- ],
- "requestBody": {
- "description": "The verifiable credential to validate",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiableCredentialDto"
- },
- "examples": {
- "demo": {
- "value": {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- }
- },
- "responses": {
- "200": {
- "description": "The verification value",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifyResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "valid": true,
- "vp": {
- "@context": [
- "https://www.w3.org/2018/credentials/v1"
- ],
- "type": [
- "VerifiablePresentation"
- ],
- "holder": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "verifiableCredential": [
- {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- ],
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- }
- }
- },
- "422": {
- "description": "The input can not be processed due to semantic mismatches",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "The input does not comply to the syntax requirements",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/presentations": {
- "post": {
- "tags": [
- "VerifiablePresentations"
- ],
- "summary": "Create Verifiable Presentation",
- "description": "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Presentation must equal to BPN of caller)\n\nCreate a verifiable presentation from a list of verifiable credentials, signed by the holder",
- "parameters": [
- {
- "name": "asJwt",
- "in": "query",
- "schema": {
- "type": "boolean",
- "default": true
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "asJwt": {
- "value": "false"
- }
- }
- },
- {
- "name": "withCredentialsDateValidation",
- "in": "query",
- "schema": {
- "type": "boolean",
- "default": true
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "withCredentialsDateValidation": {
- "value": "false"
- }
- }
- },
- {
- "name": "withCredentialsValidation",
- "in": "query",
- "schema": {
- "type": "boolean",
- "default": true
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "withCredentialsValidation": {
- "value": "false"
- }
- }
- },
- {
- "name": "withRevocationValidation",
- "in": "query",
- "schema": {
- "type": "boolean",
- "default": true
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "withRevocationValidation": {
- "value": "false"
- }
- }
- }
- ],
- "requestBody": {
- "description": "The verifiable presentation input data",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiablePresentationRequestDto"
- },
- "examples": {
- "demo": {
- "value": {
- "holderIdentifier": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "verifiableCredentials": [
- {
- "id": "http://example.edu/credentials/333",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#keys-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- ]
- }
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "201": {
- "description": "The created verifiable presentation",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiablePresentationDto"
- },
- "examples": {
- "demo": {
- "value": {
- "@context": [
- "https://www.w3.org/2018/credentials/v1"
- ],
- "type": [
- "VerifiablePresentation"
- ],
- "holder": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "verifiableCredential": [
- {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- ],
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- }
- },
- "422": {
- "description": "The input can not be processed due to semantic mismatches",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- },
- "/api/presentations/validation": {
- "post": {
- "tags": [
- "VerifiablePresentations"
- ],
- "summary": "Validate Verifiable Presentation",
- "description": "Permission: **view_wallets** OR **view_wallet**\n\nValidate Verifiable Presentation with all included credentials",
- "parameters": [
- {
- "name": "withDateValidation",
- "in": "query",
- "schema": {
- "type": "boolean",
- "default": false,
- "nullable": true
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "withDateValidation": {
- "value": "false"
- }
- }
- },
- {
- "name": "withRevocationValidation",
- "in": "query",
- "schema": {
- "type": "boolean",
- "default": true
- },
- "required": false,
- "deprecated": false,
- "examples": {
- "withRevocationValidation": {
- "value": "false"
- }
- }
- }
- ],
- "requestBody": {
- "description": "The verifiable presentation to validate",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifiablePresentationDto"
- },
- "examples": {
- "demo": {
- "value": {
- "@context": [
- "https://www.w3.org/2018/credentials/v1"
- ],
- "type": [
- "VerifiablePresentation"
- ],
- "holder": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "verifiableCredential": [
- {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- ],
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- },
- "required": true
- },
- "responses": {
- "200": {
- "description": "The verification value",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/VerifyResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "valid": true,
- "vp": {
- "@context": [
- "https://www.w3.org/2018/credentials/v1"
- ],
- "type": [
- "VerifiablePresentation"
- ],
- "holder": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "verifiableCredential": [
- {
- "id": "http://example.edu/credentials/3732",
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "type": [
- "University-Degree-Credential, VerifiableCredential"
- ],
- "issuer": "did:example:76e12ec712ebc6f1c221ebfeb1f",
- "issuanceDate": "2019-06-16T18:56:59Z",
- "expirationDate": "2019-06-17T18:56:59Z",
- "credentialSubject": {
- "college": "Test-University"
- },
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- ],
- "proof": {
- "type": "Ed25519Signature2018",
- "created": "2021-11-17T22:20:27Z",
- "proofPurpose": "assertionMethod",
- "verificationMethod": "did:example:76e12ec712ebc6f1c221ebfeb1f#key-1",
- "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..JNerzfrK46Mq4XxYZEnY9xOK80xsEaWCLAHuZsFie1-NTJD17wWWENn_DAlA_OwxGF5dhxUJ05P6Dm8lcmF5Cg"
- }
- }
- }
- }
- }
- }
- }
- },
- "422": {
- "description": "The input can not be processed due to semantic mismatches",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "The input does not comply to the syntax requirements",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "403": {
- "description": "The request could not be completed due to a forbidden access.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- },
- "401": {
- "description": "The request could not be completed due to a failed authorization.",
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/ExceptionResponse"
- },
- "examples": {
- "demo": {
- "value": {
- "message": "reason",
- "error": true
- }
- }
- }
- }
- }
- }
- },
- "deprecated": false
- }
- }
- },
- "components": {
- "schemas": {
- "WalletDto": {
- "properties": {
- "bpn": {
- "type": "string"
- },
- "createdAt": {
- "$ref": "#/components/schemas/LocalDateTime"
- },
- "did": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "vcs": {
- "items": {
- "$ref": "#/components/schemas/VerifiableCredentialDto"
- },
- "type": "array",
- "maxItems": 100
- }
- },
- "required": [
- "name",
- "bpn",
- "did",
- "createdAt",
- "vcs"
- ],
- "type": "object"
- },
- "LocalDateTime": {
- "properties": {
- "date": {
- "$ref": "#/components/schemas/LocalDate"
- },
- "time": {
- "$ref": "#/components/schemas/LocalTime"
- }
- },
- "type": "object"
- },
- "LocalDate": {
- "properties": {
- "year": {
- "format": "int32",
- "type": "integer"
- },
- "month": {
- "$ref": "#/components/schemas/Short"
- },
- "day": {
- "$ref": "#/components/schemas/Short"
- }
- },
- "type": "object"
- },
- "Short": {
- "properties": {},
- "type": "object"
- },
- "LocalTime": {
- "properties": {
- "hour": {
- "$ref": "#/components/schemas/Short"
- },
- "minute": {
- "$ref": "#/components/schemas/Short"
- },
- "second": {
- "$ref": "#/components/schemas/Short"
- },
- "nano": {
- "format": "int32",
- "type": "integer"
- }
- },
- "type": "object"
- },
- "Byte": {
- "properties": {},
- "type": "object"
- },
- "VerifiableCredentialDto": {
- "properties": {
- "@context": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- },
- "credentialStatus": {},
- "credentialSubject": {
- "additionalProperties": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "object"
- },
- "expirationDate": {
- "type": "string",
- "nullable": true
- },
- "id": {
- "type": "string",
- "nullable": true
- },
- "issuanceDate": {
- "type": "string"
- },
- "issuer": {
- "type": "string"
- },
- "proof": {
- "$ref": "#/components/schemas/LdProofDto"
- },
- "provenanceProof": {
- "items": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "array",
- "maxItems": 100
- },
- "type": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- }
- },
- "required": [
- "@context",
- "type",
- "issuer",
- "issuanceDate",
- "credentialSubject"
- ],
- "type": "object"
- },
- "Any": {
- "properties": {},
- "type": "object"
- },
- "LdProofDto": {
- "properties": {
- "challenge": {
- "type": "string",
- "nullable": true
- },
- "created": {
- "type": "string"
- },
- "creator": {
- "type": "string",
- "nullable": true
- },
- "domain": {
- "type": "string",
- "nullable": true
- },
- "jws": {
- "type": "string",
- "nullable": true
- },
- "nonce": {
- "type": "string",
- "nullable": true
- },
- "proofPurpose": {
- "type": "string"
- },
- "proofValue": {
- "type": "string",
- "nullable": true
- },
- "type": {
- "type": "string"
- },
- "verificationMethod": {
- "type": "string"
- }
- },
- "required": [
- "type",
- "created",
- "proofPurpose",
- "verificationMethod"
- ],
- "type": "object"
- },
- "ExceptionResponse": {
- "properties": {
- "error": {
- "type": "boolean"
- },
- "message": {
- "type": "string"
- }
- },
- "required": [
- "message"
- ],
- "type": "object"
- },
- "WalletCreateDto": {
- "properties": {
- "bpn": {
- "type": "string"
- },
- "name": {
- "type": "string"
- }
- },
- "required": [
- "bpn",
- "name"
- ],
- "type": "object"
- },
- "CreateMembershipVCDto": {
- "properties": {
- "bpn": {
- "type": "string"
- }
- },
- "required": [
- "bpn"
- ],
- "type": "object"
- },
- "SuccessResponse": {
- "properties": {
- "message": {
- "type": "string"
- }
- },
- "required": [
- "message"
- ],
- "type": "object"
- },
- "IssuedVerifiableCredentialRequestDto": {
- "properties": {
- "@context": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- },
- "CredentialStatus": {},
- "credentialSubject": {
- "additionalProperties": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "object"
- },
- "expirationDate": {
- "type": "string",
- "nullable": true
- },
- "id": {
- "type": "string",
- "nullable": true
- },
- "issuanceDate": {
- "type": "string"
- },
- "issuer": {
- "type": "string"
- },
- "proof": {
- "$ref": "#/components/schemas/LdProofDto"
- },
- "type": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- }
- },
- "required": [
- "@context",
- "type",
- "issuer",
- "issuanceDate",
- "credentialSubject",
- "proof"
- ],
- "type": "object"
- },
- "DidDocumentDto": {
- "properties": {
- "alsoKnownAs": {
- "type": "string",
- "nullable": true
- },
- "assertionMethodVerificationMethods": {
- "items": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "array",
- "maxItems": 100
- },
- "authenticationVerificationMethods": {
- "items": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "array",
- "maxItems": 100
- },
- "capabilityDelegationVerificationMethods": {
- "items": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "array",
- "maxItems": 100
- },
- "capabilityInvocationVerificationMethods": {
- "items": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "array",
- "maxItems": 100
- },
- "context": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- },
- "controller": {
- "$ref": "#/components/schemas/Short"
- },
- "id": {
- "type": "string"
- },
- "keyAgreementVerificationMethods": {
- "items": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "array",
- "maxItems": 100
- },
- "services": {
- "items": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "array",
- "maxItems": 100
- },
- "verificationMethods": {
- "items": {
- "$ref": "#/components/schemas/DidVerificationMethodDto"
- },
- "type": "array",
- "maxItems": 100
- }
- },
- "required": [
- "id",
- "context"
- ],
- "type": "object"
- },
- "DidVerificationMethodDto": {
- "properties": {
- "controller": {
- "type": "string"
- },
- "id": {
- "type": "string"
- },
- "publicKeyBase58": {
- "type": "string",
- "nullable": true
- },
- "publicKeyBase64": {
- "type": "string",
- "nullable": true
- },
- "publicKeyHex": {
- "type": "string",
- "nullable": true
- },
- "publicKeyJwk": {
- "$ref": "#/components/schemas/PublicKeyJwkDto"
- },
- "publicKeyMultibase": {
- "type": "string",
- "nullable": true
- },
- "publicKeyPem": {
- "type": "string",
- "nullable": true
- },
- "type": {
- "type": "string"
- }
- },
- "required": [
- "id",
- "type",
- "controller"
- ],
- "type": "object"
- },
- "PublicKeyJwkDto": {
- "properties": {
- "additionalAttributes": {
- "additionalProperties": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "object"
- },
- "alg": {
- "type": "string",
- "nullable": true
- },
- "crv": {
- "type": "string",
- "nullable": true
- },
- "keyOps": {
- "items": {
- "type": "string",
- "nullable": true
- },
- "type": "array",
- "maxItems": 100
- },
- "kid": {
- "type": "string",
- "nullable": true
- },
- "kty": {
- "type": "string"
- },
- "use": {
- "type": "string",
- "nullable": true
- },
- "x": {
- "type": "string",
- "nullable": true
- },
- "y": {
- "type": "string",
- "nullable": true
- }
- },
- "required": [
- "kty"
- ],
- "type": "object"
- },
- "VerifiableCredentialRequestDto": {
- "properties": {
- "@context": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- },
- "credentialSubject": {
- "additionalProperties": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "object"
- },
- "expirationDate": {
- "type": "string",
- "nullable": true
- },
- "holderIdentifier": {
- "type": "string",
- "nullable": true
- },
- "id": {
- "type": "string",
- "nullable": true
- },
- "isRevocable": {
- "type": "boolean"
- },
- "issuanceDate": {
- "type": "string",
- "nullable": true
- },
- "issuerIdentifier": {
- "type": "string"
- },
- "type": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- }
- },
- "required": [
- "@context",
- "type",
- "issuerIdentifier",
- "issuanceDate",
- "credentialSubject"
- ],
- "type": "object"
- },
- "VerifiableCredentialRequestWithoutIssuerDto": {
- "properties": {
- "@context": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- },
- "credentialSubject": {
- "additionalProperties": {
- "$ref": "#/components/schemas/Any"
- },
- "type": "object"
- },
- "expirationDate": {
- "type": "string",
- "nullable": true
- },
- "holderIdentifier": {
- "type": "string"
- },
- "id": {
- "type": "string",
- "nullable": true
- },
- "isRevocable": {
- "type": "boolean"
- },
- "issuanceDate": {
- "type": "string",
- "nullable": true
- },
- "type": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- }
- },
- "required": [
- "@context",
- "type",
- "issuanceDate",
- "credentialSubject",
- "holderIdentifier"
- ],
- "type": "object"
- },
- "VerifiablePresentationRequestDto": {
- "properties": {
- "holderIdentifier": {
- "type": "string"
- },
- "verifiableCredentials": {
- "items": {
- "$ref": "#/components/schemas/VerifiableCredentialDto"
- },
- "type": "array",
- "maxItems": 100
- }
- },
- "required": [
- "holderIdentifier",
- "verifiableCredentials"
- ],
- "type": "object"
- },
- "VerifiablePresentationDto": {
- "properties": {
- "@context": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- },
- "holder": {
- "type": "string",
- "nullable": true
- },
- "id": {
- "type": "string",
- "nullable": true
- },
- "proof": {
- "$ref": "#/components/schemas/LdProofDto"
- },
- "type": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "maxItems": 100
- },
- "verifiableCredential": {
- "items": {
- "$ref": "#/components/schemas/VerifiableCredentialDto"
- },
- "type": "array",
- "maxItems": 100
- }
- },
- "required": [
- "@context",
- "type"
- ],
- "type": "object"
- },
- "VerifyResponse": {
- "properties": {
- "error": {
- "type": "string",
- "nullable": true
- },
- "valid": {
- "type": "boolean"
- },
- "vp": {
- "$ref": "#/components/schemas/VerifiablePresentationDto"
- }
- },
- "required": [
- "valid"
- ],
- "type": "object"
- }
- },
- "securitySchemes": {
- "auth-token": {
- "bearerFormat": "JWT",
- "type": "http",
- "scheme": "bearer"
- }
- }
- },
- "security": {
- "auth-token": {}
- },
- "tags": []
-}
\ No newline at end of file
diff --git a/gradle.properties b/gradle.properties
index efaa4e5ae..927e22fbd 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -4,5 +4,5 @@ jacocoVersion=0.8.9
springBootVersion=3.1.6
springDependencyVersion=1.1.0
groupName=org.eclipse.tractusx
-applicationVersion=0.4.0
+applicationVersion=0.5.0-develop.20
openApiVersion=2.1.0
diff --git a/DEPENDENCIES b/miw/DEPENDENCIES
similarity index 94%
rename from DEPENDENCIES
rename to miw/DEPENDENCIES
index b1ca06d1b..de8b8b697 100644
--- a/DEPENDENCIES
+++ b/miw/DEPENDENCIES
@@ -1,6 +1,5 @@
maven/mavencentral/ch.qos.logback/logback-classic/1.4.12, EPL-1.0 OR LGPL-2.1-only, approved, #3435
maven/mavencentral/ch.qos.logback/logback-core/1.4.12, EPL-1.0 OR LGPL-2.1-only, approved, #3373
-maven/mavencentral/com.apicatalog/titanium-json-ld-jre8/1.3.1, Apache-2.0, approved, #10237
maven/mavencentral/com.apicatalog/titanium-json-ld/1.3.3, Apache-2.0, approved, #8912
maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.15.3, Apache-2.0, approved, #7947
maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.15.3, MIT AND Apache-2.0, approved, #7932
@@ -39,9 +38,6 @@ maven/mavencentral/com.jayway.jsonpath/json-path/2.8.0, Apache-2.0, approved, cl
maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.37.1, Apache-2.0, approved, #11701
maven/mavencentral/com.opencsv/opencsv/5.7.1, Apache-2.0, approved, clearlydefined
maven/mavencentral/com.smartsensesolutions/commons-dao/0.0.5, Apache-2.0, approved, #9176
-maven/mavencentral/com.squareup.okhttp3/okhttp/4.10.0, Apache-2.0 AND MPL-2.0, approved, #3057
-maven/mavencentral/com.squareup.okio/okio-jvm/3.0.0, Apache-2.0, approved, clearlydefined
-maven/mavencentral/com.squareup.okio/okio/3.0.0, Apache-2.0, approved, clearlydefined
maven/mavencentral/com.sun.activation/jakarta.activation/1.2.1, EPL-2.0 OR BSD-3-Clause OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jaf
maven/mavencentral/com.sun.istack/istack-commons-runtime/4.1.2, BSD-3-Clause, approved, #2590
maven/mavencentral/com.sun.mail/jakarta.mail/1.6.5, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, ee4j.mail
@@ -78,10 +74,10 @@ maven/mavencentral/io.swagger.core.v3/swagger-core-jakarta/2.2.9, Apache-2.0, ap
maven/mavencentral/io.swagger.core.v3/swagger-models-jakarta/2.2.9, Apache-2.0, approved, #5919
maven/mavencentral/jakarta.activation/jakarta.activation-api/2.1.2, EPL-2.0 OR BSD-3-Clause OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jaf
maven/mavencentral/jakarta.annotation/jakarta.annotation-api/2.1.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.ca
-maven/mavencentral/jakarta.inject/jakarta.inject-api/2.0.1, Apache-2.0, approved, clearlydefined
-maven/mavencentral/jakarta.json/jakarta.json-api/2.1.3, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, #7907
-maven/mavencentral/jakarta.persistence/jakarta.persistence-api/3.1.0, EPL-2.0 OR BSD-3-Clause AND (EPL-2.0 OR BSD-3-Clause AND BSD-3-Clause), approved, #7696
-maven/mavencentral/jakarta.transaction/jakarta.transaction-api/2.0.1, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, #7697
+maven/mavencentral/jakarta.inject/jakarta.inject-api/2.0.1, Apache-2.0, approved, ee4j.cdi
+maven/mavencentral/jakarta.json/jakarta.json-api/2.1.3, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jsonp
+maven/mavencentral/jakarta.persistence/jakarta.persistence-api/3.1.0, EPL-2.0 OR BSD-3-Clause, approved, ee4j.jpa
+maven/mavencentral/jakarta.transaction/jakarta.transaction-api/2.0.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jta
maven/mavencentral/jakarta.validation/jakarta.validation-api/3.0.2, Apache-2.0, approved, ee4j.validation
maven/mavencentral/jakarta.xml.bind/jakarta.xml.bind-api/4.0.1, BSD-3-Clause, approved, ee4j.jaxb
maven/mavencentral/javax.activation/javax.activation-api/1.2.0, (CDDL-1.1 OR GPL-2.0 WITH Classpath-exception-2.0) AND Apache-2.0, approved, CQ18740
@@ -120,10 +116,10 @@ maven/mavencentral/org.codehaus.woodstox/stax2-api/4.2.1, BSD-2-Clause, approved
maven/mavencentral/org.eclipse.angus/angus-activation/2.0.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.angus
maven/mavencentral/org.eclipse.microprofile.config/microprofile-config-api/2.0, Apache-2.0, approved, technology.microprofile
maven/mavencentral/org.eclipse.parsson/parsson/1.1.5, EPL-2.0, approved, ee4j.parsson
-maven/mavencentral/org.eclipse.tractusx.ssi/cx-ssi-lib/0.0.18, Apache-2.0, approved, automotive.tractusx
-maven/mavencentral/org.glassfish.jaxb/jaxb-core/4.0.4, BSD-3-Clause, approved, ee4j.jaxb
-maven/mavencentral/org.glassfish.jaxb/jaxb-runtime/4.0.4, BSD-3-Clause, approved, ee4j.jaxb
-maven/mavencentral/org.glassfish.jaxb/txw2/4.0.4, BSD-3-Clause, approved, ee4j.jaxb
+maven/mavencentral/org.eclipse.tractusx.ssi/cx-ssi-lib/0.0.19, Apache-2.0, approved, automotive.tractusx
+maven/mavencentral/org.glassfish.jaxb/jaxb-core/4.0.4, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish.jaxb/jaxb-runtime/4.0.4, BSD-3-Clause, approved, ee4j.jaxb-impl
+maven/mavencentral/org.glassfish.jaxb/txw2/4.0.4, BSD-3-Clause, approved, ee4j.jaxb-impl
maven/mavencentral/org.hamcrest/hamcrest-core/2.2, BSD-3-Clause, approved, clearlydefined
maven/mavencentral/org.hamcrest/hamcrest/2.2, BSD-3-Clause, approved, clearlydefined
maven/mavencentral/org.hdrhistogram/HdrHistogram/2.1.12, BSD-2-Clause OR LicenseRef-Public-Domain, approved, CQ13192
@@ -148,11 +144,6 @@ maven/mavencentral/org.jboss.shrinkwrap/shrinkwrap-spi/1.2.6, Apache-2.0, approv
maven/mavencentral/org.jboss.spec.javax.annotation/jboss-annotations-api_1.3_spec/2.0.1.Final, EPL-2.0 or GPL-2.0-only WITH Classpath-exception-2.0, approved, #1805
maven/mavencentral/org.jboss.spec.javax.ws.rs/jboss-jaxrs-api_2.1_spec/2.0.1.Final, Apache-2.0 AND (EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0), approved, #2124
maven/mavencentral/org.jboss.spec.javax.xml.bind/jboss-jaxb-api_2.3_spec/2.0.0.Final, BSD-3-Clause, approved, #2122
-maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-common/1.8.22, Apache-2.0, approved, #8910
-maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk7/1.8.22, Apache-2.0, approved, #8807
-maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk8/1.8.22, Apache-2.0, approved, #8875
-maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib/1.8.22, Apache-2.0, approved, #8865
-maven/mavencentral/org.jetbrains/annotations/13.0, Apache-2.0, approved, clearlydefined
maven/mavencentral/org.jetbrains/annotations/17.0.0, Apache-2.0, approved, clearlydefined
maven/mavencentral/org.json/json/20230227, LicenseRef-Public-domain, approved, #9174
maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.9.3, EPL-2.0, approved, #3133
@@ -234,8 +225,12 @@ maven/mavencentral/org.springframework/spring-test/6.0.14, Apache-2.0, approved,
maven/mavencentral/org.springframework/spring-tx/6.0.14, Apache-2.0, approved, #5926
maven/mavencentral/org.springframework/spring-web/6.0.14, Apache-2.0, approved, #5942
maven/mavencentral/org.springframework/spring-webmvc/6.0.14, Apache-2.0, approved, #5944
+maven/mavencentral/org.testcontainers/database-commons/1.19.3, Apache-2.0, approved, #10345
+maven/mavencentral/org.testcontainers/jdbc/1.19.3, Apache-2.0, approved, #10348
maven/mavencentral/org.testcontainers/junit-jupiter/1.19.3, MIT, approved, #10344
+maven/mavencentral/org.testcontainers/postgresql/1.19.3, MIT, approved, #10350
maven/mavencentral/org.testcontainers/testcontainers/1.19.3, Apache-2.0 AND MIT, approved, #10347
maven/mavencentral/org.webjars/swagger-ui/4.18.2, Apache-2.0, approved, #7850
+maven/mavencentral/org.wiremock/wiremock-standalone/3.4.2, MIT AND Apache-2.0, approved, #14889
maven/mavencentral/org.xmlunit/xmlunit-core/2.9.1, Apache-2.0, approved, #6272
maven/mavencentral/org.yaml/snakeyaml/2.0, Apache-2.0 AND (Apache-2.0 OR BSD-3-Clause OR EPL-1.0 OR GPL-2.0-or-later OR LGPL-2.1-or-later), approved, #7275
diff --git a/build.gradle b/miw/build.gradle
similarity index 89%
rename from build.gradle
rename to miw/build.gradle
index 68734b53b..9312d3728 100644
--- a/build.gradle
+++ b/miw/build.gradle
@@ -1,3 +1,22 @@
+/********************************************************************************
+ * Copyright (c) 2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ ********************************************************************************/
+
plugins {
id 'java'
id 'org.springframework.boot' version "${springBootVersion}"
@@ -77,7 +96,7 @@ dependencies {
implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${openApiVersion}"
implementation group: 'com.smartsensesolutions', name: 'commons-dao', version: '0.0.5'
implementation 'org.liquibase:liquibase-core'
- implementation 'org.eclipse.tractusx.ssi:cx-ssi-lib:0.0.18'
+ implementation 'org.eclipse.tractusx.ssi:cx-ssi-lib:0.0.19'
//Added explicitly to mitigate CVE 2022-1471
implementation group: 'org.yaml', name: 'snakeyaml', version: '2.0'
@@ -92,12 +111,14 @@ dependencies {
developmentOnly 'org.springframework.boot:spring-boot-devtools'
annotationProcessor 'org.projectlombok:lombok'
testAnnotationProcessor 'org.projectlombok:lombok'
+ testImplementation 'org.wiremock:wiremock-standalone:3.4.2'
testImplementation 'org.projectlombok:lombok:1.18.28'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
testImplementation "org.testcontainers:testcontainers"
testImplementation 'com.h2database:h2:2.2.220'
testImplementation "org.testcontainers:junit-jupiter"
testImplementation group: 'com.github.dasniko', name: 'testcontainers-keycloak', version: '2.5.0'
+ testImplementation 'org.testcontainers:postgresql'
testImplementation group: 'org.mockito', name: 'mockito-inline', version: '5.2.0'
testImplementation group: 'org.json', name: 'json', version: '20230227'
testImplementation group: 'com.github.curious-odd-man', name: 'rgxgen', version: '1.4'
@@ -110,7 +131,7 @@ tasks.register('dashDownload', Download) {
description = 'Download the Dash License Tool standalone jar'
group = 'License'
src 'https://repo.eclipse.org/service/local/artifact/maven/redirect?r=dash-licenses&g=org.eclipse.dash&a=org.eclipse.dash.licenses&v=LATEST'
- dest layout.projectDirectory.file('dash.jar')
+ dest rootProject.file('dash.jar')
// will not replace an existing file. If you know you need a new version
// then manually delete the file yourself, or run `dashClean`
overwrite false
@@ -121,7 +142,7 @@ tasks.register('dashClean') {
description = "Clean all files used by the 'License' group"
group = 'License'
logger.lifecycle("Removing 'dash.jar'")
- file('dash.jar').delete()
+ rootProject.file('dash.jar').delete()
logger.lifecycle("Removing 'deps.txt'")
file('deps.txt').delete()
}
@@ -162,7 +183,7 @@ tasks.register('dashLicenseCheck', JavaExec) { dashLicenseCheck ->
dashLicenseCheck.dependsOn('dashDownload')
dashLicenseCheck.dependsOn('dashDependencies')
doFirst {
- classpath = files('dash.jar')
+ classpath = rootProject.files('dash.jar')
// docs: https://eclipse-tractusx.github.io/docs/release/trg-7/trg-7-04
args('-project', 'automotive.tractusx', '-summary', 'DEPENDENCIES', 'deps.txt')
}
@@ -194,9 +215,9 @@ build {
bootJar {
metaInf {
from 'DEPENDENCIES'
- from 'SECURITY.md'
- from 'NOTICE.md'
- from 'LICENSE'
+ from '../SECURITY.md'
+ from '../NOTICE.md'
+ from '../LICENSE'
}
}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/ManagedIdentityWalletsApplication.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/ManagedIdentityWalletsApplication.java
similarity index 100%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/ManagedIdentityWalletsApplication.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/ManagedIdentityWalletsApplication.java
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/DidDocumentControllerApiDocs.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/DidDocumentControllerApiDocs.java
similarity index 96%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/DidDocumentControllerApiDocs.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/DidDocumentControllerApiDocs.java
index 1a53d27de..385f61541 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/DidDocumentControllerApiDocs.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/DidDocumentControllerApiDocs.java
@@ -11,6 +11,7 @@
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
public class DidDocumentControllerApiDocs {
@@ -72,7 +73,7 @@ public class DidDocumentControllerApiDocs {
""")
})
}) })
- @Operation(description = "Resolve the DID document for a given DID or BPN", summary = "Resolve DID Document")
+ @Operation(description = "Resolve the DID document for a given DID or BPN", summary = "Resolve DID Document", security = { @SecurityRequirement(name = "Authenticate using access_token") })
public @interface GetDidDocumentApiDocs {
}
@@ -135,7 +136,7 @@ public class DidDocumentControllerApiDocs {
})
})
})
- @Operation(description = "Resolve the DID document for a given BPN", summary = "Resolve DID Document")
+ @Operation(description = "Resolve the DID document for a given BPN", summary = "Resolve DID Document", security = { @SecurityRequirement(name = "Authenticate using access_token") })
public @interface GetDidResolveApiDocs {
}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/HoldersCredentialControllerApiDocs.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/HoldersCredentialControllerApiDocs.java
similarity index 92%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/HoldersCredentialControllerApiDocs.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/HoldersCredentialControllerApiDocs.java
index ef5c2ead5..45cb2c9de 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/HoldersCredentialControllerApiDocs.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/HoldersCredentialControllerApiDocs.java
@@ -1,9 +1,25 @@
-package org.eclipse.tractusx.managedidentitywallets.apidocs;
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
+package org.eclipse.tractusx.managedidentitywallets.apidocs;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content;
@@ -11,6 +27,12 @@
import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
public class HoldersCredentialControllerApiDocs {
@@ -81,7 +103,7 @@ public class HoldersCredentialControllerApiDocs {
"@context":
[
"https://www.w3.org/2018/credentials/v1",
- "https://catenax-ng.github.io/product-core-schemas/SummaryVC.json",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
"https://w3id.org/security/suites/jws-2020/v1"
],
"id": "did:web:localhost:BPNL000000000000#954d43de-ebed-481d-9e35-e3bbb311b8f5",
@@ -148,7 +170,7 @@ public class HoldersCredentialControllerApiDocs {
""")
})
}) })
- @Operation(description = "Permission: **view_wallets** OR **view_wallet** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria", summary = "Query Verifiable Credentials")
+ @Operation(description = "Permission: **view_wallets** OR **view_wallet** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria", summary = "Query Verifiable Credentials", security = { @SecurityRequirement(name = "Authenticate using access_token") })
public @interface GetCredentialsApiDocs {
}
@@ -161,7 +183,7 @@ public class HoldersCredentialControllerApiDocs {
"@context":
[
"https://www.w3.org/2018/credentials/v1",
- "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
"https://w3id.org/security/suites/jws-2020/v1"
],
"id": "did:web:localhost:BPNL000000000000#319a2641-9407-4c39-bf51-a4a109b59604",
@@ -255,7 +277,7 @@ public class HoldersCredentialControllerApiDocs {
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
- "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
"https://w3id.org/security/suites/jws-2020/v1"
],
"id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
@@ -278,7 +300,7 @@ public class HoldersCredentialControllerApiDocs {
}
"""))
})
- @Operation(summary = "Issue Verifiable Credential", description = "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Credential must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID")
+ @Operation(summary = "Issue Verifiable Credential", description = "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Credential must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID", security = { @SecurityRequirement(name = "Authenticate using access_token") })
public @interface IssueCredentialApiDoc {
}
diff --git a/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/IssuersCredentialControllerApiDocs.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/IssuersCredentialControllerApiDocs.java
new file mode 100644
index 000000000..6f8571efe
--- /dev/null
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/IssuersCredentialControllerApiDocs.java
@@ -0,0 +1,625 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.managedidentitywallets.apidocs;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.parameters.RequestBody;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.tags.Tag;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+public class IssuersCredentialControllerApiDocs {
+ /**
+ * The constant API_TAG_VERIFIABLE_CREDENTIAL_ISSUER.
+ */
+ public static final String API_TAG_VERIFIABLE_CREDENTIAL_ISSUER = "Verifiable Credential - Issuer";
+ /**
+ * The constant API_TAG_VERIFIABLE_CREDENTIAL_VALIDATION.
+ */
+ public static final String API_TAG_VERIFIABLE_CREDENTIAL_VALIDATION = "Verifiable Credential - Validation";
+
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Tag(name = API_TAG_VERIFIABLE_CREDENTIAL_ISSUER)
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "401", description = "The request could not be completed due to a failed authorization.", content = {
+ @Content(examples = {}) }),
+ @ApiResponse(responseCode = "403", description = "The request could not be completed due to a forbidden access", content = {
+ @Content(examples = {}) }),
+ @ApiResponse(responseCode = "500", description = "Any other internal server error", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Internal server error", value = """
+ {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ """)
+ }) }),
+ @ApiResponse(responseCode = "400", description = "The input does not comply to the syntax requirements", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Response in case of invalid data provided", value = """
+ {
+ "type": "about:blank",
+ "title": "title",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties":
+ {
+ "timestamp": 1689760833962,
+ "errors":
+ {
+ }
+ }
+ }
+ """)
+ })
+ }),
+ @ApiResponse(responseCode = "200", description = "Issuer credential list", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Issuer credential list", value = """
+ {
+ "content": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#ae364f71-f054-4d91-b579-f001bcb3e59e",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:27:42Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:27:44Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..evDHQfW4EzJUt2HnS_WlmO8FFtywTGnwyywtCE7WP41my4Iscpqr4tbuVOqnZg85b4U8L3_ut8_pEONIhbExCQ",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ },
+ {
+ "type": [
+ "VerifiableCredential",
+ "SummaryCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:11:39Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "contractTemplate": "https://public.catena-x.org/contracts/",
+ "holderIdentifier": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "items": [
+ "BpnCredential"
+ ],
+ "type": "SummaryCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:41Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..YvoFhDip3TQAfZUIu0yc843oA4uGTg049dMFt_GoaMmPjiNB_B1EFOL-gDpwjIxTYNlGOO_CLp9qStbzlDTNBg",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ],
+ "pageable": {
+ "sort": {
+ "empty": false,
+ "unsorted": false,
+ "sorted": true
+ },
+ "offset": 0,
+ "pageNumber": 0,
+ "pageSize": 2147483647,
+ "paged": true,
+ "unpaged": false
+ },
+ "last": true,
+ "totalPages": 1,
+ "totalElements": 3,
+ "first": true,
+ "size": 2147483647,
+ "number": 0,
+ "sort": {
+ "empty": false,
+ "unsorted": false,
+ "sorted": true
+ },
+ "numberOfElements": 3,
+ "empty": false
+ }
+ """)
+ })
+ }),
+ })
+ @Operation(description = "Permission: **view_wallets** (The BPN of holderIdentifier must equal BPN of caller)\n\n Search verifiable credentials with filter criteria", summary = "Query Verifiable Credentials", security = { @SecurityRequirement(name = "Authenticate using access_token") })
+ public @interface GetCredentialsApiDocs {
+ }
+
+
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Tag(name = API_TAG_VERIFIABLE_CREDENTIAL_VALIDATION)
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "401", description = "The request could not be completed due to a failed authorization.", content = {
+ @Content(examples = {}) }),
+ @ApiResponse(responseCode = "403", description = "The request could not be completed due to a forbidden access", content = {
+ @Content(examples = {}) }),
+ @ApiResponse(responseCode = "500", description = "Any other internal server error", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Internal server error", value = """
+ {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ """)
+ }) }),
+ @ApiResponse(responseCode = "200", description = "Validate Verifiable Credentials", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Verifiable Credentials without check expiry", value = """
+ {
+ "valid": true,
+ "vc": {
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ },
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z"
+ }
+ }
+ """),
+ @ExampleObject(name = "Verifiable Credentials with check expiry", value = """
+ {
+ "valid": true,
+ "validateExpiryDate": true,
+ "vc": {
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ },
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z"
+ }
+ }
+ """),
+ @ExampleObject(name = "Verifiable expired credentials with check expiry ", value = """
+ {
+ "valid": false,
+ "validateExpiryDate": false,
+ "vc": {
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ },
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2022-12-31T18:30:00Z"
+ }
+ }
+ """),
+ @ExampleObject(name = "Revocable Verifiable credentials with check expiry ", value = """
+ {
+ "credentialStatus": "active",
+ "valid": true,
+ "validateExpiryDate": true,
+ "vc": {
+ "credentialSubject": [
+ {
+ "holderIdentifier": "BPNL000000000001",
+ "allowedVehicleBrands": [
+ "Audi",
+ "Abarth",
+ "Alfa Romeo",
+ "Chrysler"
+ ],
+ "id": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000001",
+ "activityType": "vehicleDismantle",
+ "type": "DismantlerCredential"
+ }
+ ],
+ "issuanceDate": "2024-01-05T05:42:53Z",
+ "id": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000#8507aa50-b2a4-4532-8e45-f50e7654b23b",
+ "proof": {
+ "proofPurpose": "assertionMethod",
+ "verificationMethod": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000#a39d8ccf-2a66-488d-bfec-916768082e91",
+ "type": "JsonWebSignature2020",
+ "created": "2024-01-05T05:42:53Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..15NdxA8L_Iw7Igxevm7YGMAQA-Kt6PMOpix6p0jaYHCtfQnTy3q61SDvsnsltGT6fzM90JOubOuig2WFy-GPDg"
+ },
+ "type": [
+ "VerifiableCredential",
+ "DismantlerCredential"
+ ],
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://w3id.org/vc/status-list/2021/v1"
+ ],
+ "issuer": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000",
+ "credentialStatus": {
+ "id": "did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000#0",
+ "statusPurpose": "revocation",
+ "statusListIndex": "0",
+ "statusListCredential": "https://ae96-203-129-213-107.ngrok-free.app/api/v1/revocations/credentials?issuerId=did:web:6e3e-203-129-213-107.ngrok-free.app:BPNL000000000000",
+ "type": "StatusList2021Entry"
+ },
+ "expirationDate": "2024-12-31T18:30:00Z"
+ }
+ }
+ """),
+ @ExampleObject(name = "Verifiable Credentials with invalid signature", value = """
+ {
+ "valid": false,
+ "vc":
+ {
+ "@context":
+ [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type":
+ [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject":
+ [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof":
+ {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhf",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ }
+ """)
+ })
+ }) })
+ @Operation(summary = "Validate Verifiable Credentials", description = "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Credentials", security = { @SecurityRequirement(name = "Authenticate using access_token") })
+ @RequestBody(content = {
+ @Content(examples = { @ExampleObject(name = "Validate credential in JSON-LD format", value = """
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ """),
+ @ExampleObject(name = "Validate credential in JWT format", value = """
+ {
+ "jwt": "eyJraWQiOiJkaWQ6d2ViOmFmODgtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAjOGYyZWU5ZDItYTM2Yy00MTM4LWJlMWYtYjZmZWZiNmY4MDI0IiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6d2ViOmFmODgtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMDAiLCJzdWIiOiJkaWQ6d2ViOmFmODgtMjAzLTEyOS0yMTMtMTA3Lm5ncm9rLWZyZWUuYXBwOkJQTkwwMDAwMDAwMDAwMTEiLCJleHAiOjE3MzU2Njk4MDAsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly9jb2Zpbml0eS14LmdpdGh1Yi5pby9zY2hlbWEtcmVnaXN0cnkvdjEuMS9Vc2VDYXNlVkMuanNvbiIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIl0sImlkIjoiZGlkOndlYjphZjg4LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDAwI2Q4Y2ZjZDBiLWY0NGQtNDVkMC05OGEzLTA4ZDZkNmU5Y2E5NSIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJVc2VDYXNlRnJhbWV3b3JrQ29uZGl0aW9uIl0sImlzc3VlciI6ImRpZDp3ZWI6YWY4OC0yMDMtMTI5LTIxMy0xMDcubmdyb2stZnJlZS5hcHA6QlBOTDAwMDAwMDAwMDAwMCIsImNyZWRlbnRpYWxTdWJqZWN0IjpbeyJob2xkZXJJZGVudGlmaWVyIjoiQlBOTDAwMDAwMDAwMDAxMSIsImlkIjoiZGlkOndlYjphZjg4LTIwMy0xMjktMjEzLTEwNy5uZ3Jvay1mcmVlLmFwcDpCUE5MMDAwMDAwMDAwMDExIiwidHlwZSI6IkJlaGF2aW9yVHdpbkNyZWRlbnRpYWwiLCJjb250cmFjdFRlbXBsYXRlIjoiaHR0cHM6Ly9wdWJsaWMuY2F0ZW5hLXgub3JnL2NvbnRyYWN0cy90cmFjZWFiaWx0eS52MS5wZGYiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCJ9XSwiY3JlZGVudGlhbFN0YXR1cyI6bnVsbCwiaXNzdWFuY2VEYXRlIjoiMjAyNC0wMi0wOFQxNDowMjo1M1oiLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjQtMTItMzFUMTg6MzA6MDBaIn0sImp0aSI6IjliYWFhMjIzLTAxMjctNDEyZS05NjZhLTA3ZTJmZGU4NGNlNCJ9.X3rkj8Gv4OD5nEaeFG5pSA-dogbcYA91YEPmHiKT4FhAiIr7QAdSEULGXHYOn8-eK0jSDHNdAxNYIK1UwYRsCA"
+ }
+ """)
+ }
+ )
+ })
+ public @interface ValidateVerifiableCredentialApiDocs {
+ }
+
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Tag(name = API_TAG_VERIFIABLE_CREDENTIAL_ISSUER)
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "401", description = "The request could not be completed due to a failed authorization.", content = {
+ @Content(examples = {}) }),
+ @ApiResponse(responseCode = "403", description = "The request could not be completed due to a forbidden access", content = {
+ @Content(examples = {}) }),
+ @ApiResponse(responseCode = "500", description = "Any other internal server error", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Internal server error", value = """
+ {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ """)
+ }) }),
+ @ApiResponse(responseCode = "404", description = "Wallet not found with provided identifier", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Wallet not found with provided identifier", value = """
+ {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 404,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ """)
+ }) }),
+ @ApiResponse(responseCode = "400", description = "The input does not comply to the syntax requirements", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Response in case of invalid data provided", value = """
+ {
+ "type": "about:blank",
+ "title": "Invalid data provided",
+ "status": 400,
+ "detail": "details",
+ "instance": "API endpoint",
+ "properties":
+ {
+ "timestamp": 1689760833962,
+ "errors":
+ {
+ "filed": "filed error message"
+ }
+ }
+ }
+ """)
+ })
+ }),
+ @ApiResponse(responseCode = "201", description = "Issuer credential", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Issuer credential", value = """
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#ff084e7a-1b46-4a2f-a78d-3d701a0bd6e4",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T12:18:30Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#",
+ "created": "2023-07-19T12:18:34Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..0Ua1vcTQAYwQY3PPuHr4RQxqW6iIngrHQQx1oPgk2uzqUpcbfY2YUxXAnbNA333-lSuvNhiV_1NLfBnCEcI2DQ"
+ }
+ }
+ """)
+ })
+ }) })
+ @Operation(summary = "Issue Verifiable Credential", description = "Permission: **update_wallets** (The BPN of the base wallet must equal BPN of caller)\nIssue a verifiable credential with a given issuer DID", security = { @SecurityRequirement(name = "Authenticate using access_token") })
+ @RequestBody(content = {
+ @Content(examples = @ExampleObject("""
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ]
+ }
+ """))
+ })
+ public @interface IssueVerifiableCredentialUsingBaseWalletApiDocs {
+ }
+
+ @Parameter(description = "Specifies whether the VC (Verifiable Credential) should be created as a JWT (JSON Web Token). "
+ +
+ "If set to true, the VC will be generated in JWT format"
+ +
+ "Setting this parameter to false will result in the VC being created as JSON-LD " +
+ "Defaults to false if not specified.", examples = {
+ @ExampleObject(name = "Create VC as JWT", value = "true"),
+ @ExampleObject(name = "Do not create VC as JWT", value = "false")
+ })
+ @Target(ElementType.PARAMETER)
+ @Retention(RetentionPolicy.RUNTIME)
+ public @interface AsJwtParam {
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/PresentationControllerApiDocs.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/PresentationControllerApiDocs.java
similarity index 70%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/PresentationControllerApiDocs.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/PresentationControllerApiDocs.java
index 06a072e3a..a2fec8430 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/PresentationControllerApiDocs.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/PresentationControllerApiDocs.java
@@ -1,9 +1,25 @@
-package org.eclipse.tractusx.managedidentitywallets.apidocs;
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
+package org.eclipse.tractusx.managedidentitywallets.apidocs;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content;
@@ -11,8 +27,14 @@
import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import io.swagger.v3.oas.annotations.tags.Tag;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
public class PresentationControllerApiDocs {
public static final String API_TAG_VERIFIABLE_PRESENTATIONS_GENERATION = "Verifiable Presentations - Generation";
public static final String API_TAG_VERIFIABLE_PRESENTATIONS_VALIDATION = "Verifiable Presentations - Validation";
@@ -20,7 +42,7 @@ public class PresentationControllerApiDocs {
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Tag(name = API_TAG_VERIFIABLE_PRESENTATIONS_GENERATION)
- @Operation(summary = "Create Verifiable Presentation", description = "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Presentation must equal to BPN of caller) \n\n Create a verifiable presentation from a list of verifiable credentials, signed by the holder")
+ @Operation(summary = "Create Verifiable Presentation", description = "Permission: **update_wallets** OR **update_wallet** (The BPN of the issuer of the Verifiable Presentation must equal to BPN of caller) \n\n Create a verifiable presentation from a list of verifiable credentials, signed by the holder", security = { @SecurityRequirement(name = "Authenticate using access_token") })
@ApiResponses(value = {
@ApiResponse(responseCode = "401", description = "The request could not be completed due to a failed authorization.", content = {
@@ -74,7 +96,7 @@ public class PresentationControllerApiDocs {
"id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
"@context": [
"https://www.w3.org/2018/credentials/v1",
- "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
"https://w3id.org/security/suites/jws-2020/v1"
],
"type": [
@@ -120,7 +142,7 @@ public class PresentationControllerApiDocs {
"id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
"@context": [
"https://www.w3.org/2018/credentials/v1",
- "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
"https://w3id.org/security/suites/jws-2020/v1"
],
"type": [
@@ -155,7 +177,7 @@ public class PresentationControllerApiDocs {
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Tag(name = API_TAG_VERIFIABLE_PRESENTATIONS_VALIDATION)
- @Operation(summary = "Validate Verifiable Presentation", description = "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Presentation with all included credentials")
+ @Operation(summary = "Validate Verifiable Presentation", description = "Permission: **view_wallets** OR **view_wallet** \n\n Validate Verifiable Presentation with all included credentials", security = { @SecurityRequirement(name = "Authenticate using access_token") })
@ApiResponses(value = {
@ApiResponse(responseCode = "401", description = "The request could not be completed due to a failed authorization.", content = {
@Content(examples = {}) }),
@@ -251,7 +273,7 @@ public class PresentationControllerApiDocs {
"id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
"@context": [
"https://www.w3.org/2018/credentials/v1",
- "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
"https://w3id.org/security/suites/jws-2020/v1"
],
"type": [
@@ -286,4 +308,100 @@ public class PresentationControllerApiDocs {
public @interface PostVerifiablePresentationValidationApiDocs {
}
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @Tag(name = API_TAG_VERIFIABLE_PRESENTATIONS_GENERATION)
+ @Operation(summary = "Create Verifiable Presentation", description = "Create a verifiable presentation for the verifiable credential types listed in STS token", security = { @SecurityRequirement(name = "sts_token") })
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "401", description = "The request could not be completed due to a failed authorization.", content = {
+ @Content(examples = {}) }),
+ @ApiResponse(responseCode = "403", description = "The request could not be completed due to a forbidden scope value", content = {
+ @Content(examples = {}) }),
+ @ApiResponse(responseCode = "500", description = "Any other internal server error", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Internal server error", value = """
+ {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ """)
+ }) }),
+ @ApiResponse(responseCode = "404", description = "One or more of the requested verifiable credential types were not found", content = {
+ @Content(examples = {
+ @ExampleObject(name = "One or more of the requested verifiable credential types were not found", value = """
+ {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 404,
+ "detail": "Verifiable credential types that were not found",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ """)
+ }) }),
+ @ApiResponse(responseCode = "200", description = "Verifiable Presentation", content = {
+ @Content(examples = {
+ @ExampleObject(name = "VP as Json-LD", value = """
+ {
+ "vp": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1"
+ ],
+ "id": "did:web:localhost:BPNL000000000000#b2e69e47-95f3-48ff-af30-eaaab36431d5",
+ "type": [
+ "VerifiablePresentation"
+ ],
+ "verifiableCredential": [
+ {
+ "id": "did:web:localhost:BPNL000000000000#f73e3631-ba87-4a03-bea3-b28700056879",
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
+ "https://w3id.org/security/suites/jws-2020/v1"
+ ],
+ "type": [
+ "VerifiableCredential",
+ "BpnCredential"
+ ],
+ "issuer": "did:web:localhost:BPNL000000000000",
+ "expirationDate": "2024-12-31T18:30:00Z",
+ "issuanceDate": "2023-07-19T09:11:34Z",
+ "credentialSubject": [
+ {
+ "bpn": "BPNL000000000000",
+ "id": "did:web:localhost:BPNL000000000000",
+ "type": "BpnCredential"
+ }
+ ],
+ "proof": {
+ "created": "2023-07-19T09:11:39Z",
+ "jws": "eyJhbGciOiJFZERTQSJ9..fdn2qU85auOltdHDLdHI7sJVV1ZPdftpiXd_ndXN0dFgSDWiIrScdD03wtvKLq_H-shQWfh2RYeMmrlEzAhfDw",
+ "proofPurpose": "proofPurpose",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:localhost:BPNL000000000000#"
+ }
+ }
+ ]
+ }
+ }
+ """),
+ @ExampleObject(name = "VP as JWT", value = """
+ {
+ "vp": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwiYXVkIjoic21hcnQiLCJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIiwidnAiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwIzM4ZTU2ZTg1LTNkODQtNGEyNS1iZjg1LWFiMjRlYzY4MmMwOSIsInR5cGUiOlsiVmVyaWZpYWJsZVByZXNlbnRhdGlvbiJdLCJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ2ZXJpZmlhYmxlQ3JlZGVudGlhbCI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY2F0ZW5heC1uZy5naXRodWIuaW8vcHJvZHVjdC1jb3JlLXNjaGVtYXMvYnVzaW5lc3NQYXJ0bmVyRGF0YS5qc29uIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiXSwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIkJwbkNyZWRlbnRpYWwiXSwiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdDpCUE5MMDAwMDAwMDAwMDAwI2Y3M2UzNjMxLWJhODctNGEwMy1iZWEzLWIyODcwMDA1Njg3OSIsImlzc3VlciI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA3LTE5VDA5OjExOjM0WiIsImV4cGlyYXRpb25EYXRlIjoiMjAyNC0xMi0zMVQxODozMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0OkJQTkwwMDAwMDAwMDAwMDAiLCJicG4iOiJCUE5MMDAwMDAwMDAwMDAwIiwidHlwZSI6IkJwbkNyZWRlbnRpYWwifSwicHJvb2YiOnsicHJvb2ZQdXJwb3NlIjoicHJvb2ZQdXJwb3NlIiwidHlwZSI6Ikpzb25XZWJTaWduYXR1cmUyMDIwIiwidmVyaWZpY2F0aW9uTWV0aG9kIjoiZGlkOndlYjpsb2NhbGhvc3Q6QlBOTDAwMDAwMDAwMDAwMCMiLCJjcmVhdGVkIjoiMjAyMy0wNy0xOVQwOToxMTozOVoiLCJqd3MiOiJleUpoYkdjaU9pSkZaRVJUUVNKOS4uZmRuMnFVODVhdU9sdGRIRExkSEk3c0pWVjFaUGRmdHBpWGRfbmRYTjBkRmdTRFdpSXJTY2REMDN3dHZLTHFfSC1zaFFXZmgyUlllTW1ybEV6QWhmRHcifX19LCJleHAiOjE2ODk4MzQ4MDUsImp0aSI6ImIwODYzOWZiLWQ5MWEtNGUwZS1iNmY4LTYzYjdhMzQ1ZTRhZiJ9.80x0AB-OauefdeZfx1cwhitdVKRvCRFeFzYwU73DL7y4w34vu6BdfHWLBGjkwELxkQEoFfiTPOqtuyqhtsyDBg"
+ }
+ """)
+ })
+ })
+ })
+ public @interface GetVerifiablePresentationIATPApiDocs {
+ }
+
}
diff --git a/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/SecureTokenControllerApiDoc.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/SecureTokenControllerApiDoc.java
new file mode 100644
index 000000000..6219ce535
--- /dev/null
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/SecureTokenControllerApiDoc.java
@@ -0,0 +1,140 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.managedidentitywallets.apidocs;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.parameters.RequestBody;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.security.SecurityRequirements;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+public class SecureTokenControllerApiDoc {
+
+ @Target(ElementType.METHOD)
+ @Retention(RetentionPolicy.RUNTIME)
+ @SecurityRequirements
+ @RequestBody(content = {
+ @Content(examples = {
+ @ExampleObject(name = "Request Secure Token using Scopes", value = """
+ {
+ "audience": "BPNL000000000009",
+ "client_id": "your_client_id",
+ "client_secret": "your_client_secret",
+ "grant_type": "client_credentials",
+ "bearer_access_scope": "org.eclipse.tractusx.vc.type:ValidCredentialType:read"
+ }
+ """
+ ),
+ @ExampleObject(name = "Request Secure Token using Access Token", value = """
+ {
+ "audience": "BPNL000000000009",
+ "client_id": "your_client_id",
+ "client_secret": "your_client_secret",
+ "grant_type": "client_credentials",
+ "access_token": "a_jwt_token"
+ }
+ """
+ )
+ })
+ })
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "201", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Success response", value = """
+ {
+ "token": "a_jwt_token",
+ "expiresAt": 1706888709315
+ }
+ """
+ )
+ })
+ }),
+
+ @ApiResponse(responseCode = "400", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Unknown BPN", value = """
+ {
+ "error": "UnknownBusinessPartnerNumber",
+ "errorDescription": "The provided BPN 'BPNL000000000001' is unknown"
+ }
+ """
+ ),
+
+ @ExampleObject(name = "Wrong Grant Type", value = """
+ {
+ "error": "UnsupportedGrantTypeException",
+ "errorDescription": "The provided 'grant_type' is not valid. Use 'client_credentials'."
+ }
+ """
+ ),
+
+ @ExampleObject(name = "Invalid idp Token Response", value = """
+ {
+ "error": "InvalidIdpTokenResponse",
+ "errorDescription": "The idp response cannot be null. Possible causes for this are: the 'clientId' is invalid, or the 'client' is not enabled."
+ }
+ """
+ ),
+
+ @ExampleObject(name = "Invalid Secure Token Request", value = """
+ {
+ "error": "InvalidSecureTokenRequest",
+ "errorDescription": "The provided data could not be used to create and sign a token."
+ }
+ """
+ )
+ })
+ }),
+
+ @ApiResponse(responseCode = "500", description = "Any other internal server error", content = {
+ @Content(examples = {
+ @ExampleObject(name = "Internal server error", value = """
+ {
+ "type": "about:blank",
+ "title": "Error Title",
+ "status": 500,
+ "detail": "Error Details",
+ "instance": "API endpoint",
+ "properties": {
+ "timestamp": 1689762476720
+ }
+ }
+ """
+ )
+ })
+ })
+ })
+ @Operation(summary = "Create and Sign Access Tokens", description = "The endpoint for creating and signing access tokens which are to be used during a verifiable presentation flow.", method = "tokenJson")
+ public @interface PostSecureTokenDocJson {
+ }
+
+ @Operation(summary = "Create and Sign Access Tokens", description = "The endpoint for creating and signing access tokens which are to be used during a verifiable presentation flow.", method = "tokenFormUrlencoded")
+ public @interface PostSecureTokenDocFormUrlencoded {
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/WalletControllerApiDocs.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/WalletControllerApiDocs.java
similarity index 91%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/WalletControllerApiDocs.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/WalletControllerApiDocs.java
index e681a14bb..f7ac51627 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/WalletControllerApiDocs.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/apidocs/WalletControllerApiDocs.java
@@ -1,9 +1,25 @@
-package org.eclipse.tractusx.managedidentitywallets.apidocs;
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
+package org.eclipse.tractusx.managedidentitywallets.apidocs;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
@@ -12,6 +28,12 @@
import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
public class WalletControllerApiDocs {
@@ -22,8 +44,9 @@ public class WalletControllerApiDocs {
@ExampleObject(name = "Create wallet with BPN", value = """
{
- "bpn": "BPNL000000000001",
- "name": "companyA"
+ "businessPartnerNumber": "BPNL000000000001",
+ "companyName": "companyA",
+ "didUrl": "portal.com:BPNL000000000001"
}
""")
})
@@ -104,7 +127,7 @@ public class WalletControllerApiDocs {
[
{
"controller": "did:web:localhost:BPNL000000000001",
- "id": "did:web:localhost:BPNL000000000001#",
+ "id": "did:web:localhost:BPNL000000000001#key-1",
"publicKeyJwk":
{
"crv": "Ed25519",
@@ -112,6 +135,18 @@ public class WalletControllerApiDocs {
"x": "0Ap6FsX5UuRBIoOzxWtcFA2ymnqXw0U08Ino_mIuYM4"
},
"type": "JsonWebKey2020"
+ },
+ {
+ "controller": "did:web:localhost:BPNL000000000001",
+ "id": "did:web:localhost:BPNL000000000001#key-2",
+ "publicKeyJwk":
+ {
+ "crv": "secp256k1",
+ "kty": "EC",
+ "x": "f9PkTOpsbcgKe_-s6bNCve3-aB1VZAFsCub8C5bhDn0",
+ "y": "xH1d7jCFavolGVZtaWcZZGP2nLuEsamDCotD56llxUk"
+ },
+ "type": "JsonWebKey2020"
}
]
}
@@ -120,13 +155,13 @@ public class WalletControllerApiDocs {
})
})
})
- @Operation(summary = "Create Wallet", description = "Permission: **add_wallets** (The BPN of the base wallet must equal BPN of caller)\n\n Create a wallet and store it")
+ @Operation(summary = "Create Wallet", description = "Permission: **add_wallets** (The BPN of the base wallet must equal BPN of caller)\n\n Create a wallet and store it", security = { @SecurityRequirement(name = "Authenticate using access_token") })
public @interface CreateWalletApiDoc {
}
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
- @Operation(summary = "Store Verifiable Credential", description = "Permission: **update_wallets** OR **update_wallet** (The BPN of wallet to extract credentials from must equal BPN of caller) \n\n Store a verifiable credential in the wallet of the given identifier")
+ @Operation(summary = "Store Verifiable Credential", description = "Permission: **update_wallets** OR **update_wallet** (The BPN of wallet to extract credentials from must equal BPN of caller) \n\n Store a verifiable credential in the wallet of the given identifier", security = { @SecurityRequirement(name = "Authenticate using access_token") })
@RequestBody(content = {
@Content(examples = @ExampleObject("""
{
@@ -363,7 +398,7 @@ public class WalletControllerApiDocs {
"@context":
[
"https://www.w3.org/2018/credentials/v1",
- "https://catenax-ng.github.io/product-core-schemas/businessPartnerData.json",
+ "https://eclipse-tractusx.github.io/tractusx-profiles/cx/context/credentials.context.json",
"https://w3id.org/security/suites/jws-2020/v1"
],
"id": "did:web:localhost:BPNL000000000000#a1f8ae36-9919-4ed8-8546-535280acc5bf",
@@ -396,7 +431,7 @@ public class WalletControllerApiDocs {
}
""")
}) }) })
- @Operation(summary = "Retrieve wallet by BPN", description = "Permission: **view_wallets** OR **view_wallet** (The BPN of Wallet to retrieve must equal the BPN of caller or Base wallet, authority wallet can see all wallets) \n\n Retrieve single wallet by identifier, with or without its credentials")
+ @Operation(summary = "Retrieve wallet by BPN", description = "Permission: **view_wallets** OR **view_wallet** (The BPN of Wallet to retrieve must equal the BPN of caller or Base wallet, authority wallet can see all wallets) \n\n Retrieve single wallet by identifier, with or without its credentials", security = { @SecurityRequirement(name = "Authenticate using access_token") })
public @interface RetrieveWalletApiDoc {
}
@@ -503,7 +538,7 @@ public class WalletControllerApiDocs {
})
})
})
- @Operation(summary = "List of wallets", description = "Permission: **view_wallets** \n\n Retrieve list of registered wallets")
+ @Operation(summary = "List of wallets", description = "Permission: **view_wallets** \n\n Retrieve list of registered wallets", security = { @SecurityRequirement(name = "Authenticate using access_token") })
public @interface RetrieveWalletsApiDoc {
}
diff --git a/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/command/GetCredentialsCommand.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/command/GetCredentialsCommand.java
new file mode 100644
index 000000000..c9d563008
--- /dev/null
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/command/GetCredentialsCommand.java
@@ -0,0 +1,43 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.managedidentitywallets.command;
+
+import lombok.Builder;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.util.List;
+
+@Builder
+@Getter
+@Setter
+public class GetCredentialsCommand {
+ private String credentialId;
+ private String identifier;
+ private List type;
+ private String sortColumn;
+ private String sortType;
+ private int pageNumber;
+ private int size;
+ private boolean asJwt;
+ private String callerBPN;
+}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ApplicationConfig.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ApplicationConfig.java
similarity index 72%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ApplicationConfig.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ApplicationConfig.java
index a8cb28daf..9cefda803 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ApplicationConfig.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ApplicationConfig.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -28,6 +28,10 @@
import com.smartsensesolutions.java.commons.specification.SpecificationUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.text.StringEscapeUtils;
+import org.eclipse.tractusx.managedidentitywallets.domain.SigningServiceType;
+import org.eclipse.tractusx.managedidentitywallets.signing.KeyProvider;
+import org.eclipse.tractusx.managedidentitywallets.signing.LocalSigningService;
+import org.eclipse.tractusx.managedidentitywallets.signing.SigningService;
import org.springdoc.core.properties.SwaggerUiConfigProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
@@ -40,6 +44,9 @@
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.nio.charset.StandardCharsets;
+import java.util.EnumMap;
+import java.util.List;
+import java.util.Map;
/**
* The type Application config.
@@ -50,11 +57,13 @@ public class ApplicationConfig implements WebMvcConfigurer {
private final SwaggerUiConfigProperties properties;
private final String resourceBundlePath;
+ private final MIWSettings miwSettings;
@Autowired
- public ApplicationConfig(@Value("${resource.bundle.path:classpath:i18n/language}") String resourceBundlePath, SwaggerUiConfigProperties properties) {
+ public ApplicationConfig(@Value("${resource.bundle.path:classpath:i18n/language}") String resourceBundlePath, SwaggerUiConfigProperties properties, MIWSettings miwSettings) {
this.resourceBundlePath = resourceBundlePath;
this.properties = properties;
+ this.miwSettings = miwSettings;
}
/**
@@ -98,4 +107,23 @@ public LocalValidatorFactoryBean validator() {
beanValidatorFactory.setValidationMessageSource(messageSource());
return beanValidatorFactory;
}
+
+ @Bean
+ public Map availableKeyStorages(List storages, List keyProviders) {
+ KeyProvider localSigningKeyProvider = keyProviders.stream().filter(s -> s.getKeyStorageType().equals(miwSettings.localSigningKeyStorageType()))
+ .findFirst()
+ .orElseThrow(() -> new IllegalStateException("no key provider with type %s found".formatted(miwSettings.localSigningKeyStorageType())));
+
+ Map available = new EnumMap<>(SigningServiceType.class);
+ storages.forEach(
+ s -> {
+ if(s instanceof LocalSigningService local){
+ local.setKeyProvider(localSigningKeyProvider);
+ }
+ available.put(s.getSupportedServiceType(), s);
+ }
+ );
+
+ return available;
+ }
}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ExceptionHandling.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ExceptionHandling.java
similarity index 86%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ExceptionHandling.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ExceptionHandling.java
index 408633976..95b00550c 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ExceptionHandling.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/ExceptionHandling.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -26,8 +26,14 @@
import jakarta.validation.ConstraintViolationException;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.exception.ExceptionUtils;
-import org.eclipse.tractusx.managedidentitywallets.exception.*;
-import org.eclipse.tractusx.ssi.lib.exception.NoVerificationKeyFoundExcpetion;
+import org.eclipse.tractusx.managedidentitywallets.exception.BadDataException;
+import org.eclipse.tractusx.managedidentitywallets.exception.CredentialNotFoundProblem;
+import org.eclipse.tractusx.managedidentitywallets.exception.DuplicateWalletProblem;
+import org.eclipse.tractusx.managedidentitywallets.exception.ForbiddenException;
+import org.eclipse.tractusx.managedidentitywallets.exception.MissingVcTypesException;
+import org.eclipse.tractusx.managedidentitywallets.exception.PermissionViolationException;
+import org.eclipse.tractusx.managedidentitywallets.exception.WalletNotFoundProblem;
+import org.eclipse.tractusx.ssi.lib.exception.proof.NoVerificationKeyFoundException;
import org.springframework.data.mapping.PropertyReferenceException;
import org.springframework.http.HttpStatus;
import org.springframework.http.ProblemDetail;
@@ -141,19 +147,6 @@ ProblemDetail handleValidation(ConstraintViolationException exception) {
return problemDetail;
}
- /**
- * Handle duplicate credential problem problem detail.
- *
- * @param e the e
- * @return the problem detail
- */
- @ExceptionHandler({DuplicateCredentialProblem.class, DuplicateSummaryCredentialProblem.class})
- ProblemDetail handleDuplicateCredentialProblem(RuntimeException e) {
- ProblemDetail problemDetail = ProblemDetail.forStatusAndDetail(HttpStatus.CONFLICT, e.getMessage());
- problemDetail.setTitle(e.getMessage());
- problemDetail.setProperty(TIMESTAMP, System.currentTimeMillis());
- return problemDetail;
- }
/**
* Handle not found credential problem detail.
@@ -205,8 +198,8 @@ ProblemDetail handleMethodArgumentTypeMismatchException(MethodArgumentTypeMismat
* @param exception the exception
* @return the problem detail
*/
- @ExceptionHandler(NoVerificationKeyFoundExcpetion.class)
- ProblemDetail handleNoVerificationKeyFoundException(NoVerificationKeyFoundExcpetion exception) {
+ @ExceptionHandler(NoVerificationKeyFoundException.class)
+ ProblemDetail handleNoVerificationKeyFoundException(NoVerificationKeyFoundException exception) {
ProblemDetail problemDetail = ProblemDetail.forStatusAndDetail(HttpStatus.BAD_REQUEST, ExceptionUtils.getMessage(exception));
problemDetail.setTitle(ExceptionUtils.getMessage(exception));
problemDetail.setProperty(TIMESTAMP, System.currentTimeMillis());
@@ -244,6 +237,21 @@ ProblemDetail handleJsonLdError(JsonLdError exception) {
return problemDetail;
}
+ @ExceptionHandler(MissingVcTypesException.class)
+ ProblemDetail handleMissingVcTypesException(MissingVcTypesException exception) {
+ ProblemDetail problemDetail = ProblemDetail.forStatusAndDetail(HttpStatus.NOT_FOUND, ExceptionUtils.getMessage(exception));
+ problemDetail.setTitle(ExceptionUtils.getMessage(exception));
+ problemDetail.setProperty(TIMESTAMP, System.currentTimeMillis());
+ return problemDetail;
+ }
+
+ @ExceptionHandler(PermissionViolationException.class)
+ ProblemDetail handlePermissionViolationException(PermissionViolationException exception) {
+ ProblemDetail problemDetail = ProblemDetail.forStatusAndDetail(HttpStatus.FORBIDDEN, ExceptionUtils.getMessage(exception));
+ problemDetail.setTitle(ExceptionUtils.getMessage(exception));
+ problemDetail.setProperty(TIMESTAMP, System.currentTimeMillis());
+ return problemDetail;
+ }
/**
* Handle exception problem detail.
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/MIWSettings.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/MIWSettings.java
similarity index 73%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/config/MIWSettings.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/MIWSettings.java
index 95c3bb747..7465f6517 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/MIWSettings.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/MIWSettings.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -21,13 +21,14 @@
package org.eclipse.tractusx.managedidentitywallets.config;
+import org.eclipse.tractusx.managedidentitywallets.domain.KeyStorageType;
+import org.eclipse.tractusx.managedidentitywallets.domain.SigningServiceType;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.format.annotation.DateTimeFormat;
import java.net.URI;
import java.util.Date;
import java.util.List;
-import java.util.Set;
/**
* The type Miw settings.
@@ -35,9 +36,11 @@
@ConfigurationProperties(prefix = "miw")
public record MIWSettings(String host, String encryptionKey, String authorityWalletBpn, String authorityWalletDid,
String authorityWalletName,
- List vcContexts, List summaryVcContexts,
+ List vcContexts,
@DateTimeFormat(pattern = "dd-MM-yyyy") Date vcExpiryDate,
- Set supportedFrameworkVCTypes,
- boolean enforceHttps, String contractTemplatesUrl,
- List didDocumentContextUrls) {
-}
\ No newline at end of file
+ boolean enforceHttps,
+ List didDocumentContextUrls,
+ KeyStorageType localSigningKeyStorageType,
+ SigningServiceType authoritySigningServiceType) {
+}
+
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java
similarity index 77%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java
index 76dd3f645..957aad231 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/openapi/OpenApiConfig.java
@@ -99,15 +99,30 @@ private OpenAPI enableSecurity(OpenAPI openAPI) {
String accessTokenAuth = "Authenticate using access_token";
components.addSecuritySchemes(accessTokenAuth,
new SecurityScheme().name(accessTokenAuth)
- .description("**Bearer (apiKey)** \n" +
- "JWT Authorization header using the Bearer scheme.\n" +
- "\n" +
- "Enter **Bearer** [space] and then your token in the text input below.\n" +
- "\n" +
- "Example: Bearer 12345abcdef")
+ .description("""
+ **Bearer (apiKey)**
+ JWT Authorization header using the Bearer scheme.
+ Enter **Bearer** [space] and then your token in the text input below:
+ Example: Bearer 12345abcdef
+ """)
.type(SecurityScheme.Type.APIKEY).in(SecurityScheme.In.HEADER).name(HttpHeaders.AUTHORIZATION));
+
+ //Auth using sts_token
+ String stsTokenAuth = "sts_token";
+ components.addSecuritySchemes(stsTokenAuth,
+ new SecurityScheme().name(stsTokenAuth)
+ .description("""
+ **STS token**
+ JWT Authorization header.
+ Enter your token in the text input below:
+ Example: 12345abcdef
+ """)
+ .type(SecurityScheme.Type.APIKEY).in(SecurityScheme.In.HEADER).name(HttpHeaders.AUTHORIZATION));
+
return openAPI.components(components)
.addSecurityItem(new SecurityRequirement()
- .addList(accessTokenAuth, Collections.emptyList()));
+ .addList(accessTokenAuth, Collections.emptyList()))
+ .addSecurityItem(new SecurityRequirement()
+ .addList(stsTokenAuth, Collections.emptyList()));
}
-}
\ No newline at end of file
+}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/CustomAuthenticationConverter.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/CustomAuthenticationConverter.java
similarity index 100%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/CustomAuthenticationConverter.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/CustomAuthenticationConverter.java
diff --git a/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/PresentationIatpFilter.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/PresentationIatpFilter.java
new file mode 100644
index 000000000..61ca5acd0
--- /dev/null
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/PresentationIatpFilter.java
@@ -0,0 +1,82 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.managedidentitywallets.config.security;
+
+import io.micrometer.common.util.StringUtils;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.eclipse.tractusx.managedidentitywallets.constant.RestURI;
+import org.eclipse.tractusx.managedidentitywallets.dto.ValidationResult;
+import org.eclipse.tractusx.managedidentitywallets.service.STSTokenValidationService;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.util.matcher.RequestMatcher;
+import org.springframework.web.filter.GenericFilterBean;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.eclipse.tractusx.managedidentitywallets.constant.StringPool.COMA_SEPARATOR;
+
+public class PresentationIatpFilter extends GenericFilterBean {
+
+ RequestMatcher customFilterUrl = new AntPathRequestMatcher(RestURI.API_PRESENTATIONS_IATP);
+
+ STSTokenValidationService validationService;
+
+ public PresentationIatpFilter(STSTokenValidationService validationService) {
+ this.validationService = validationService;
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+
+ HttpServletRequest httpServletRequest = (HttpServletRequest) request;
+ HttpServletResponse httpServletResponse = (HttpServletResponse) response;
+
+ if (customFilterUrl.matches(httpServletRequest)) {
+ String authHeader = httpServletRequest.getHeader("Authorization");
+ if (StringUtils.isEmpty(authHeader)) {
+ httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ } else {
+ ValidationResult result = validationService.validateToken(authHeader);
+ if (!result.isValid()) {
+ List errorValues = new ArrayList<>();
+ result.getErrors().forEach(c -> errorValues.add(c.name()));
+ String content = String.join(COMA_SEPARATOR, errorValues);
+
+ httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ httpServletResponse.setContentLength(content.length());
+ httpServletResponse.getWriter().write(content);
+ } else {
+ chain.doFilter(request, response);
+ }
+ }
+ } else {
+ chain.doFilter(request, response);
+ }
+ }
+}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfig.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfig.java
similarity index 85%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfig.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfig.java
index aa3eafe0c..59bce9fad 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfig.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfig.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -25,9 +25,13 @@
import lombok.extern.slf4j.Slf4j;
import org.eclipse.tractusx.managedidentitywallets.constant.ApplicationRole;
import org.eclipse.tractusx.managedidentitywallets.constant.RestURI;
+import org.eclipse.tractusx.managedidentitywallets.service.STSTokenValidationService;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationEventPublisher;
+import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -36,6 +40,7 @@
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import static org.springframework.http.HttpMethod.GET;
@@ -51,6 +56,8 @@
@AllArgsConstructor
public class SecurityConfig {
+ private final STSTokenValidationService validationService;
+
private final SecurityConfigProperties securityConfigProperties;
/**
@@ -65,12 +72,16 @@ public class SecurityConfig {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.cors(Customizer.withDefaults())
.csrf(AbstractHttpConfigurer::disable)
- .headers(httpSecurityHeadersConfigurer -> httpSecurityHeadersConfigurer.xssProtection(Customizer.withDefaults()).contentSecurityPolicy(contentSecurityPolicyConfig -> contentSecurityPolicyConfig.policyDirectives("script-src 'self'")))
+ .headers(httpSecurityHeadersConfigurer -> httpSecurityHeadersConfigurer
+ .xssProtection(Customizer.withDefaults())
+ .contentSecurityPolicy(contentSecurityPolicyConfig -> contentSecurityPolicyConfig.policyDirectives("script-src 'self'")))
.sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(authorizeHttpRequests -> authorizeHttpRequests.requestMatchers(new AntPathRequestMatcher("/")).permitAll() // forwards to swagger
.requestMatchers(new AntPathRequestMatcher("/docs/api-docs/**")).permitAll()
.requestMatchers(new AntPathRequestMatcher("/ui/swagger-ui/**")).permitAll()
.requestMatchers(new AntPathRequestMatcher("/actuator/health/**")).permitAll()
+ .requestMatchers(new AntPathRequestMatcher("/api/token", POST.name())).permitAll()
+ .requestMatchers(new AntPathRequestMatcher("/api/presentations/iatp", GET.name())).permitAll()
.requestMatchers(new AntPathRequestMatcher("/actuator/loggers/**")).hasRole(ApplicationRole.ROLE_MANAGE_APP)
//did document resolve APIs
@@ -99,14 +110,13 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
//VC - Issuer
.requestMatchers(new AntPathRequestMatcher(RestURI.ISSUERS_CREDENTIALS, GET.name())).hasAnyRole(ApplicationRole.ROLE_UPDATE_WALLETS) //Lis of issuer VC
.requestMatchers(new AntPathRequestMatcher(RestURI.ISSUERS_CREDENTIALS, POST.name())).hasAnyRole(ApplicationRole.ROLE_UPDATE_WALLETS) //Issue VC
- .requestMatchers(new AntPathRequestMatcher(RestURI.CREDENTIALS_ISSUER_MEMBERSHIP, POST.name())).hasAnyRole(ApplicationRole.ROLE_UPDATE_WALLETS) //issue Membership Credential
- .requestMatchers(new AntPathRequestMatcher(RestURI.CREDENTIALS_ISSUER_DISMANTLER, POST.name())).hasAnyRole(ApplicationRole.ROLE_UPDATE_WALLETS) //issue dismantler Credential
- .requestMatchers(new AntPathRequestMatcher(RestURI.API_CREDENTIALS_ISSUER_FRAMEWORK, POST.name())).hasAnyRole(ApplicationRole.ROLE_UPDATE_WALLETS) //issue dismantler Credential
//error
.requestMatchers(new AntPathRequestMatcher("/error")).permitAll()
).oauth2ResourceServer(resourceServer -> resourceServer.jwt(jwt ->
- jwt.jwtAuthenticationConverter(new CustomAuthenticationConverter(securityConfigProperties.clientId()))));
+ jwt.jwtAuthenticationConverter(new CustomAuthenticationConverter(securityConfigProperties.clientId()))))
+ .addFilterAfter(new PresentationIatpFilter(validationService), BasicAuthenticationFilter.class);
+
return http.build();
}
@@ -121,4 +131,13 @@ public WebSecurityCustomizer securityCustomizer() {
log.warn("Disable security : This is not recommended to use in production environments.");
return web -> web.ignoring().requestMatchers(new AntPathRequestMatcher("**"));
}
+
+ /**
+ * Needed to enable an event-listener for failed login attempts.
+ */
+ @Bean
+ public AuthenticationEventPublisher authenticationEventPublisher
+ (ApplicationEventPublisher applicationEventPublisher) {
+ return new DefaultAuthenticationEventPublisher(applicationEventPublisher);
+ }
}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfigProperties.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfigProperties.java
similarity index 92%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfigProperties.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfigProperties.java
index 12156833f..c8c0c87f5 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfigProperties.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityConfigProperties.java
@@ -29,7 +29,9 @@
@ConfigurationProperties("miw.security")
public record SecurityConfigProperties(Boolean enabled,
String clientId,
+ String realm,
+ String authServerUrl,
String authUrl,
String tokenUrl,
String refreshTokenUrl) {
-}
\ No newline at end of file
+}
diff --git a/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityEvents.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityEvents.java
new file mode 100644
index 000000000..841bd3fdf
--- /dev/null
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/config/security/SecurityEvents.java
@@ -0,0 +1,44 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.managedidentitywallets.config.security;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.event.EventListener;
+import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
+import org.springframework.security.authorization.event.AuthorizationDeniedEvent;
+import org.springframework.stereotype.Component;
+
+@Component
+@Slf4j
+public class SecurityEvents {
+ @EventListener
+ public void onFailure(AbstractAuthenticationFailureEvent failures) {
+ String excMessage = failures.getException().getMessage();
+ log.warn("Failed Authentication: Invalid 'Bearer' token. {}", excMessage);
+ }
+
+ @EventListener
+ public void onFailure(AuthorizationDeniedEvent failure) {
+ log.warn("Failed Authorization: Missing 'Authorization' header.");
+ }
+}
+
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/ApplicationRole.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/ApplicationRole.java
similarity index 100%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/ApplicationRole.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/ApplicationRole.java
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/RestURI.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/RestURI.java
similarity index 80%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/RestURI.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/RestURI.java
index a52149feb..764a0af4d 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/RestURI.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/RestURI.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -39,6 +39,9 @@ private RestURI() {
* The constant DID_DOCUMENTS.
*/
public static final String DID_DOCUMENTS = "/api/didDocuments/{identifier}";
+ /**
+ * The constant DID_RESOLVE.
+ */
public static final String DID_RESOLVE = "/{bpn}/did.json";
/**
* The constant WALLETS_BY_BPN.
@@ -54,28 +57,27 @@ private RestURI() {
*/
public static final String CREDENTIALS = "/api/credentials";
-
- public static final String CREDENTIALS_VALIDATION = "/api/credentials/validation";
-
-
- public static final String ISSUERS_CREDENTIALS = "/api/credentials/issuer";
-
/**
- * The constant CREDENTIALS_ISSUER_MEMBERSHIP.
+ * The constant CREDENTIALS_VALIDATION.
*/
- public static final String CREDENTIALS_ISSUER_MEMBERSHIP = "/api/credentials/issuer/membership";
+ public static final String CREDENTIALS_VALIDATION = "/api/credentials/validation";
/**
- * The constant CREDENTIALS_ISSUER_DISMANTLER.
+ * The constant ISSUERS_CREDENTIALS.
*/
- public static final String CREDENTIALS_ISSUER_DISMANTLER = "/api/credentials/issuer/dismantler";
+ public static final String ISSUERS_CREDENTIALS = "/api/credentials/issuer";
/**
- * The constant API_CREDENTIALS_ISSUER_FRAMEWORK.
+ * The constant API_PRESENTATIONS.
*/
- public static final String API_CREDENTIALS_ISSUER_FRAMEWORK = "/api/credentials/issuer/framework";
-
public static final String API_PRESENTATIONS = "/api/presentations";
+ /**
+ * The constant API_PRESENTATIONS_VALIDATION.
+ */
public static final String API_PRESENTATIONS_VALIDATION = "/api/presentations/validation";
+ /**
+ * The constant API_PRESENTATIONS_IATP.
+ */
+ public static final String API_PRESENTATIONS_IATP = "/api/presentations/iatp";
}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/StringPool.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/StringPool.java
similarity index 74%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/StringPool.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/StringPool.java
index 1d05be7d2..dc137b8b8 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/StringPool.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/StringPool.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -27,19 +27,15 @@
public class StringPool {
public static final String CREDENTIAL_ID = "credentialId";
- public static final String VALUE = "value";
- public static final String CONTRACT_VERSION = "contractVersion";
- public static final String ACTIVITY_TYPE = "activityType";
- public static final String ALLOWED_VEHICLE_BRANDS = "allowedVehicleBrands";
+
public static final String VERIFIABLE_CREDENTIALS = "verifiableCredentials";
public static final String VP = "vp";
+ public static final String VC = "vc";
public static final String VALID = "valid";
public static final String VALIDATE_AUDIENCE = "validateAudience";
public static final String VALIDATE_EXPIRY_DATE = "validateExpiryDate";
public static final String VALIDATE_JWT_EXPIRY_DATE = "validateJWTExpiryDate";
public static final String DID_DOCUMENT = "didDocument";
- public static final String VEHICLE_DISMANTLE = "vehicleDismantle";
- public static final String CREATED_AT = "createdAt";
private StringPool() {
throw new IllegalStateException("Constant class");
@@ -48,13 +44,7 @@ private StringPool() {
public static final String ISSUER_DID = "issuerDid";
public static final String HOLDER_DID = "holderDid";
public static final String HOLDER_IDENTIFIER = "holderIdentifier";
- public static final String NAME = "name";
- public static final String CONTRACT_TEMPLATE = "contractTemplate";
public static final String TYPE = "type";
- public static final String MEMBER_OF = "memberOf";
- public static final String STATUS = "status";
- public static final String START_TIME = "startTime";
-
public static final String ED_25519 = "ED25519";
@@ -68,13 +58,8 @@ private StringPool() {
*/
public static final String BPN = "bpn";
- public static final String BPN_UPPER_CASE = "BPN";
-
public static final String ID = "id";
- public static final String ITEMS = "items";
-
-
public static final String CLIENT_ID = "miw_private_client";
public static final String CLIENT_SECRET = "miw_private_client_secret";
@@ -91,4 +76,22 @@ private StringPool() {
public static final String BEARER_SPACE = "Bearer ";
public static final String BPN_NUMBER_REGEX = "^(BPN)(L|S|A)[0-9A-Z]{12}";
+
+ public static final String W3_ID_JWS_2020_V1_CONTEXT_URL = "https://w3id.org/security/suites/jws-2020/v1";
+
+ public static final String COMA_SEPARATOR = ", ";
+ public static final String BLANK_SEPARATOR = " ";
+ public static final String COLON_SEPARATOR = ":";
+ public static final String UNDERSCORE = "_";
+
+ public static final String REFERENCE_KEY = "dummy ref key, removed once vault setup is ready";
+ public static final String VAULT_ACCESS_TOKEN = "dummy vault access token, removed once vault setup is ready";
+
+ public static final String PRIVATE_KEY = "PRIVATE KEY";
+ public static final String PUBLIC_KEY = "PUBLIC KEY";
+ public static final String VC_JWT_KEY = "jwt";
+
+ public static final String AS_JWT = "asJwt";
+
+ public static final String BPN_CREDENTIAL = "BpnCredential";
}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/MIWVerifiableCredentialType.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/SupportedAlgorithms.java
similarity index 58%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/MIWVerifiableCredentialType.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/SupportedAlgorithms.java
index a8c49e3f1..227fa1347 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/MIWVerifiableCredentialType.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/SupportedAlgorithms.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -21,23 +21,19 @@
package org.eclipse.tractusx.managedidentitywallets.constant;
-import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredentialType;
+public enum SupportedAlgorithms {
-/**
- * The type Miw verifiable credential type.
- */
-public class MIWVerifiableCredentialType extends VerifiableCredentialType {
-
- public static final String DISMANTLER_CREDENTIAL = "DismantlerCredential";
-
- /**
- * The constant USE_CASE_FRAMEWORK_CONDITION_CX.
- */
- public static final String USE_CASE_FRAMEWORK_CONDITION = "UseCaseFrameworkCondition";
-
- public static final String BPN_CREDENTIAL = "BpnCredential";
+ ED25519("ED25519"),
+ ES256K("ES256K");
- public static final String SUMMARY_CREDENTIAL = "SummaryCredential";
+ private String value;
+ SupportedAlgorithms(String value){
+ this.value = value;
+ }
+ @Override
+ public String toString() {
+ return value;
+ }
}
diff --git a/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/TokenValidationErrors.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/TokenValidationErrors.java
new file mode 100644
index 000000000..e90b784cf
--- /dev/null
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/TokenValidationErrors.java
@@ -0,0 +1,42 @@
+/*
+ * *******************************************************************************
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Apache License, Version 2.0 which is available at
+ * https://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ******************************************************************************
+ */
+
+package org.eclipse.tractusx.managedidentitywallets.constant;
+
+
+public enum TokenValidationErrors {
+
+ ACCESS_TOKEN_MISSING,
+ ISS_AND_SUB_NOT_EQUAL,
+ SUB_NOT_MATCH_ANY_DID,
+ SUB_NOT_DID,
+ EXP_MISSING,
+ TOKEN_ALREADY_EXPIRED,
+ IAT_AFTER_EXPIRATION,
+ CURRENT_TIME_BEFORE_IAT,
+ AUD_MISSING,
+ AUD_NOT_DID,
+ AUD_CLAIMS_NOT_EQUAL,
+ NONCE_MISSING,
+ NONCE_CLAIMS_NOT_EQUAL,
+ SIGNATURE_NOT_VERIFIED,
+ IAT_MISSING
+}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/BaseController.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/BaseController.java
similarity index 100%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/BaseController.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/BaseController.java
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/DidDocumentController.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/DidDocumentController.java
similarity index 100%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/DidDocumentController.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/DidDocumentController.java
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java
similarity index 76%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java
index d2d17a20b..9d55124df 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/HoldersCredentialController.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -22,23 +22,30 @@
package org.eclipse.tractusx.managedidentitywallets.controller;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.eclipse.tractusx.managedidentitywallets.apidocs.HoldersCredentialControllerApiDocs.GetCredentialsApiDocs;
import org.eclipse.tractusx.managedidentitywallets.apidocs.HoldersCredentialControllerApiDocs.IssueCredentialApiDoc;
+import org.eclipse.tractusx.managedidentitywallets.apidocs.IssuersCredentialControllerApiDocs.AsJwtParam;
+import org.eclipse.tractusx.managedidentitywallets.command.GetCredentialsCommand;
import org.eclipse.tractusx.managedidentitywallets.constant.RestURI;
+import org.eclipse.tractusx.managedidentitywallets.constant.StringPool;
+import org.eclipse.tractusx.managedidentitywallets.dto.CredentialsResponse;
import org.eclipse.tractusx.managedidentitywallets.service.HoldersCredentialService;
-import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredential;
import org.springframework.data.domain.PageImpl;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.*;
-import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.media.ExampleObject;
-import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
import java.security.Principal;
import java.util.List;
@@ -69,7 +76,7 @@ public class HoldersCredentialController extends BaseController {
*/
@GetCredentialsApiDocs
@GetMapping(path = RestURI.CREDENTIALS, produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity> getCredentials(@Parameter(name = "credentialId", description = "Credential Id", examples = {@ExampleObject(name = "Credential Id", value = "did:web:localhost:BPNL000000000000#12528899-160a-48bd-ba15-f396c3959ae9")}) @RequestParam(required = false) String credentialId,
+ public ResponseEntity> getCredentials(@Parameter(name = "credentialId", description = "Credential Id", examples = {@ExampleObject(name = "Credential Id", value = "did:web:localhost:BPNL000000000000#12528899-160a-48bd-ba15-f396c3959ae9")}) @RequestParam(required = false) String credentialId,
@Parameter(name = "issuerIdentifier", description = "Issuer identifier(did of BPN)", examples = {@ExampleObject(name = "bpn", value = "BPNL000000000000", description = "bpn"), @ExampleObject(description = "did", name = "did", value = "did:web:localhost:BPNL000000000000")}) @RequestParam(required = false) String issuerIdentifier,
@Parameter(name = "type", description = "Type of VC", examples = {@ExampleObject(name = "SummaryCredential", value = "SummaryCredential", description = "SummaryCredential"), @ExampleObject(description = "BpnCredential", name = "BpnCredential", value = "BpnCredential")}) @RequestParam(required = false) List type,
@Parameter(name = "sortColumn", description = "Sort column name",
@@ -85,9 +92,23 @@ public ResponseEntity> getCredentials(@Parameter(
@Parameter(name = "sortTpe", description = "Sort order", examples = {@ExampleObject(value = "desc", name = "Descending order"), @ExampleObject(value = "asc", name = "Ascending order")}) @RequestParam(required = false, defaultValue = "desc") String sortTpe,
@Min(0) @Max(Integer.MAX_VALUE) @Parameter(description = "Page number, Page number start with zero") @RequestParam(required = false, defaultValue = "0") int pageNumber,
@Min(0) @Max(Integer.MAX_VALUE) @Parameter(description = "Number of records per page") @RequestParam(required = false, defaultValue = Integer.MAX_VALUE + "") int size,
+ @AsJwtParam @RequestParam(name = StringPool.AS_JWT, defaultValue = "false") boolean asJwt,
+
Principal principal) {
log.debug("Received request to get credentials. BPN: {}", getBPNFromToken(principal));
- return ResponseEntity.status(HttpStatus.OK).body(holdersCredentialService.getCredentials(credentialId, issuerIdentifier, type, sortColumn, sortTpe, pageNumber, size, getBPNFromToken(principal)));
+ final GetCredentialsCommand command;
+ command = GetCredentialsCommand.builder()
+ .credentialId(credentialId)
+ .identifier(issuerIdentifier)
+ .type(type)
+ .sortColumn(sortColumn)
+ .sortType(sortTpe)
+ .pageNumber(pageNumber)
+ .size(size)
+ .asJwt(asJwt)
+ .callerBPN(getBPNFromToken(principal))
+ .build();
+ return ResponseEntity.status(HttpStatus.OK).body(holdersCredentialService.getCredentials(command));
}
@@ -98,11 +119,13 @@ public ResponseEntity> getCredentials(@Parameter(
* @param principal the principal
* @return the response entity
*/
-
+
@IssueCredentialApiDoc
@PostMapping(path = RestURI.CREDENTIALS, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity issueCredential(@RequestBody Map data, Principal principal) {
+ public ResponseEntity issueCredential(@RequestBody Map data, Principal principal,
+ @AsJwtParam @RequestParam(name = "asJwt", defaultValue = "false") boolean asJwt
+ ) {
log.debug("Received request to issue credential. BPN: {}", getBPNFromToken(principal));
- return ResponseEntity.status(HttpStatus.CREATED).body(holdersCredentialService.issueCredential(data, getBPNFromToken(principal)));
+ return ResponseEntity.status(HttpStatus.CREATED).body(holdersCredentialService.issueCredential(data, getBPNFromToken(principal), asJwt));
}
}
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java
similarity index 61%
rename from src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java
rename to miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java
index 90ff993e3..5d3ca437f 100644
--- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java
+++ b/miw/src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/IssuersCredentialController.java
@@ -1,6 +1,6 @@
/*
* *******************************************************************************
- * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
@@ -23,29 +23,29 @@
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.ExampleObject;
-import jakarta.validation.Valid;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
-
+import org.eclipse.tractusx.managedidentitywallets.apidocs.IssuersCredentialControllerApiDocs.AsJwtParam;
import org.eclipse.tractusx.managedidentitywallets.apidocs.IssuersCredentialControllerApiDocs.GetCredentialsApiDocs;
-import org.eclipse.tractusx.managedidentitywallets.apidocs.IssuersCredentialControllerApiDocs.IssueDismantlerCredentialApiDoc;
-import org.eclipse.tractusx.managedidentitywallets.apidocs.IssuersCredentialControllerApiDocs.IssueMembershipCredentialApiDoc;
-import org.eclipse.tractusx.managedidentitywallets.apidocs.IssuersCredentialControllerApiDocs.IssueFrameworkCredentialApiDocs;
import org.eclipse.tractusx.managedidentitywallets.apidocs.IssuersCredentialControllerApiDocs.IssueVerifiableCredentialUsingBaseWalletApiDocs;
import org.eclipse.tractusx.managedidentitywallets.apidocs.IssuersCredentialControllerApiDocs.ValidateVerifiableCredentialApiDocs;
+import org.eclipse.tractusx.managedidentitywallets.command.GetCredentialsCommand;
import org.eclipse.tractusx.managedidentitywallets.constant.RestURI;
-import org.eclipse.tractusx.managedidentitywallets.dto.IssueDismantlerCredentialRequest;
-import org.eclipse.tractusx.managedidentitywallets.dto.IssueFrameworkCredentialRequest;
-import org.eclipse.tractusx.managedidentitywallets.dto.IssueMembershipCredentialRequest;
+import org.eclipse.tractusx.managedidentitywallets.constant.StringPool;
+import org.eclipse.tractusx.managedidentitywallets.dto.CredentialVerificationRequest;
+import org.eclipse.tractusx.managedidentitywallets.dto.CredentialsResponse;
import org.eclipse.tractusx.managedidentitywallets.service.IssuersCredentialService;
-import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredential;
import org.springframework.data.domain.PageImpl;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
import java.security.Principal;
import java.util.List;
@@ -86,7 +86,7 @@ public class IssuersCredentialController extends BaseController {
*/
@GetCredentialsApiDocs
@GetMapping(path = RestURI.ISSUERS_CREDENTIALS, produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity> getCredentials(@Parameter(name = "credentialId", description = "Credential Id", examples = {@ExampleObject(name = "Credential Id", value = "did:web:localhost:BPNL000000000000#12528899-160a-48bd-ba15-f396c3959ae9")}) @RequestParam(required = false) String credentialId,
+ public ResponseEntity> getCredentials(@Parameter(name = "credentialId", description = "Credential Id", examples = {@ExampleObject(name = "Credential Id", value = "did:web:localhost:BPNL000000000000#12528899-160a-48bd-ba15-f396c3959ae9")}) @RequestParam(required = false) String credentialId,
@Parameter(name = "holderIdentifier", description = "Holder identifier(did of BPN)", examples = {@ExampleObject(name = "bpn", value = "BPNL000000000001", description = "bpn"), @ExampleObject(description = "did", name = "did", value = "did:web:localhost:BPNL000000000001")}) @RequestParam(required = false) String holderIdentifier,
@Parameter(name = "type", description = "Type of VC", examples = {@ExampleObject(name = "SummaryCredential", value = "SummaryCredential", description = "SummaryCredential"), @ExampleObject(description = "BpnCredential", name = "BpnCredential", value = "BpnCredential")}) @RequestParam(required = false) List type,
@Min(0) @Max(Integer.MAX_VALUE) @Parameter(description = "Page number, Page number start with zero") @RequestParam(required = false, defaultValue = "0") int pageNumber,
@@ -99,66 +99,39 @@ public ResponseEntity> getCredentials(@Parameter(
@ExampleObject(value = "credentialId", name = "Credential id")
}
) @RequestParam(required = false, defaultValue = "createdAt") String sortColumn,
- @Parameter(name = "sortTpe", description = "Sort order", examples = {@ExampleObject(value = "desc", name = "Descending order"), @ExampleObject(value = "asc", name = "Ascending order")}) @RequestParam(required = false, defaultValue = "desc") String sortTpe, Principal principal) {
+ @Parameter(name = "sortTpe", description = "Sort order", examples = { @ExampleObject(value = "desc", name = "Descending order"), @ExampleObject(value = "asc", name = "Ascending order") }) @RequestParam(required = false, defaultValue = "desc") String sortTpe,
+ @AsJwtParam @RequestParam(name = StringPool.AS_JWT, defaultValue = "false") boolean asJwt,
+ Principal principal) {
log.debug("Received request to get credentials. BPN: {}", getBPNFromToken(principal));
- return ResponseEntity.status(HttpStatus.OK).body(issuersCredentialService.getCredentials(credentialId, holderIdentifier, type, sortColumn, sortTpe, pageNumber, size, getBPNFromToken(principal)));
- }
-
- /**
- * Issue membership credential response entity.
- *
- * @param issueMembershipCredentialRequest the issue membership credential request
- * @param principal the principal
- * @return the response entity
- */
- @IssueMembershipCredentialApiDoc
- @PostMapping(path = RestURI.CREDENTIALS_ISSUER_MEMBERSHIP, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity issueMembershipCredential(@Valid @RequestBody IssueMembershipCredentialRequest issueMembershipCredentialRequest, Principal principal) {
- log.debug("Received request to issue membership credential. BPN: {}", getBPNFromToken(principal));
- return ResponseEntity.status(HttpStatus.CREATED).body(issuersCredentialService.issueMembershipCredential(issueMembershipCredentialRequest, getBPNFromToken(principal)));
+ final GetCredentialsCommand command;
+ command = GetCredentialsCommand.builder()
+ .credentialId(credentialId)
+ .identifier(holderIdentifier)
+ .type(type)
+ .sortColumn(sortColumn)
+ .sortType(sortTpe)
+ .pageNumber(pageNumber)
+ .size(size)
+ .asJwt(asJwt)
+ .callerBPN(getBPNFromToken(principal))
+ .build();
+ return ResponseEntity.status(HttpStatus.OK).body(issuersCredentialService.getCredentials(command));
}
- /**
- * Issue dismantler credential response entity.
- *
- * @param request the request
- * @param principal the principal
- * @return the response entity
- */
- @IssueDismantlerCredentialApiDoc
- @PostMapping(path = RestURI.CREDENTIALS_ISSUER_DISMANTLER, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity issueDismantlerCredential(@Valid @RequestBody IssueDismantlerCredentialRequest request, Principal principal) {
- log.debug("Received request to issue dismantler credential. BPN: {}", getBPNFromToken(principal));
- return ResponseEntity.status(HttpStatus.CREATED).body(issuersCredentialService.issueDismantlerCredential(request, getBPNFromToken(principal)));
- }
-
- /**
- * Issue framework credential response entity.
- *
- * @param request the request
- * @param principal the principal
- * @return the response entity
- */
- @IssueFrameworkCredentialApiDocs
- @PostMapping(path = RestURI.API_CREDENTIALS_ISSUER_FRAMEWORK, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity issueFrameworkCredential(@Valid @RequestBody IssueFrameworkCredentialRequest request, Principal principal) {
- log.debug("Received request to issue framework credential. BPN: {}", getBPNFromToken(principal));
- return ResponseEntity.status(HttpStatus.CREATED).body(issuersCredentialService.issueFrameworkCredential(request, getBPNFromToken(principal)));
- }
/**
* Credentials validation response entity.
*
- * @param data the data
+ * @param credentialVerificationRequest the request
* @param withCredentialExpiryDate the with credential expiry date
* @return the response entity
*/
@PostMapping(path = RestURI.CREDENTIALS_VALIDATION, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
@ValidateVerifiableCredentialApiDocs
- public ResponseEntity