feat: disable the APIKEY authentication in the cloud-agent (#1479)

Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>

cloud-agent/service/server/src/main/resources/application.conf

@@ -112,12 +112,12 @@ agent {
             # enabled is used to enable/disable the api key authentication
             # if apikey authentication is disabled, the alternative authentication method is used
             # if the alternative authentication method is not configured, apikey authentication is disabled the default user is used
-            enabled = true
+            enabled = false
             enabled = ${?API_KEY_ENABLED}
 
             # authenticateAsDefaultUser is used to authenticate the api key as the default user
             # if authenticateAsDefaultUser is disabled, the api key is authenticated to the entity that owns the api key
-            authenticateAsDefaultUser = false
+            authenticateAsDefaultUser = true
             authenticateAsDefaultUser = ${?API_KEY_AUTHENTICATE_AS_DEFAULT_USER}
 
             # autoProvisioning is used to enable/disable the auto-provisioning logic

infrastructure/shared/docker-compose-combined.yml

@@ -161,8 +161,8 @@ services:
       WEBHOOK_PARALLELISM:
       ADMIN_TOKEN:
       API_KEY_SALT:
-      API_KEY_ENABLED:
-      API_KEY_AUTHENTICATE_AS_DEFAULT_USER:
+      API_KEY_ENABLED: true
+      API_KEY_AUTHENTICATE_AS_DEFAULT_USER: false
       API_KEY_AUTO_PROVISIONING:
     depends_on:
       issuer-db:

infrastructure/shared/docker-compose-demo.yml

@@ -46,7 +46,8 @@ services:
       DEFAULT_WALLET_SEED:
       DEFAULT_WALLET_WEBHOOK_URL:
       DEFAULT_WALLET_AUTH_API_KEY:
-      API_KEY_ENABLED:
+      API_KEY_ENABLED: true
+      API_KEY_AUTHENTICATE_AS_DEFAULT_USER: false
       API_KEY_AUTO_PROVISIONING:
     depends_on:
       db:

infrastructure/shared/docker-compose-mt-keycloak.yml

@@ -104,8 +104,8 @@ services:
       WEBHOOK_PARALLELISM:
       ADMIN_TOKEN:
       API_KEY_SALT:
-      API_KEY_ENABLED:
-      API_KEY_AUTHENTICATE_AS_DEFAULT_USER:
+      API_KEY_ENABLED: false
+      API_KEY_AUTHENTICATE_AS_DEFAULT_USER: false
       API_KEY_AUTO_PROVISIONING:
       KEYCLOAK_ENABLED: true
       KEYCLOAK_URL: http://keycloak:8080

infrastructure/shared/docker-compose-with-kafka.yml

@@ -107,8 +107,8 @@ services:
       WEBHOOK_PARALLELISM:
       ADMIN_TOKEN:
       API_KEY_SALT:
-      API_KEY_ENABLED:
-      API_KEY_AUTHENTICATE_AS_DEFAULT_USER:
+      API_KEY_ENABLED: true
+      API_KEY_AUTHENTICATE_AS_DEFAULT_USER: false
       API_KEY_AUTO_PROVISIONING:
     depends_on:
       db:

infrastructure/shared/docker-compose.yml

@@ -107,8 +107,8 @@ services:
       WEBHOOK_PARALLELISM:
       ADMIN_TOKEN:
       API_KEY_SALT:
-      API_KEY_ENABLED:
-      API_KEY_AUTHENTICATE_AS_DEFAULT_USER:
+      API_KEY_ENABLED: true
+      API_KEY_AUTHENTICATE_AS_DEFAULT_USER: false
       API_KEY_AUTO_PROVISIONING:
     depends_on:
       db:

tests/integration-tests/src/test/resources/containers/agent.yml

@@ -24,6 +24,8 @@ services:
   identus-cloud-agent:
     image: ghcr.io/hyperledger/identus-cloud-agent:${AGENT_VERSION}
     environment:
+      API_KEY_ENABLED: true
+      API_KEY_AUTHENTICATE_AS_DEFAULT_USER: false
       PRISM_NODE_HOST: host.docker.internal
       PRISM_NODE_PORT:
       CASTOR_DB_HOST: postgres
@@ -41,7 +43,6 @@ services:
       DIDCOMM_SERVICE_URL:
       REST_SERVICE_URL:
       POLLUX_STATUS_LIST_REGISTRY_PUBLIC_URL:
-      API_KEY_ENABLED:
       STATUS_LIST_SYNC_TRIGGER_RECURRENCE_DELAY: 5 seconds
       DID_STATE_SYNC_TRIGGER_RECURRENCE_DELAY: 5 seconds
       # Secret storage configuration