Skip to content

Commit

Permalink
Merge branch 'main' into oidc
Browse files Browse the repository at this point in the history
  • Loading branch information
Pat Losoponkul committed Mar 14, 2024
2 parents 31e512b + 27a157f commit ef37646
Show file tree
Hide file tree
Showing 43 changed files with 647 additions and 246 deletions.
1 change: 1 addition & 0 deletions .mega-linter.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ DISABLE_LINTERS:
- C_CPPLINT # For pollux/lib/anoncreds/src/main/c
- CPP_CPPLINT # For pollux/lib/anoncreds/src/main/c
- JAVA_CHECKSTYLE # For pollux/lib/anoncreds/src/main/java
- GHERKIN_GHERKIN_LINT

DISABLE_ERRORS_LINTERS:
- KOTLIN_KTLINT
Expand Down
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,11 @@
## [1.30.1](https://github.com/hyperledger-labs/open-enterprise-agent/compare/prism-agent-v1.30.0...prism-agent-v1.30.1) (2024-03-06)


### Bug Fixes

* allow configurable path convention for vault secrets ([#918](https://github.com/hyperledger-labs/open-enterprise-agent/issues/918)) ([234a272](https://github.com/hyperledger-labs/open-enterprise-agent/commit/234a2725614b05466391894f248c7175fb62c5b6))
* integration test ([#915](https://github.com/hyperledger-labs/open-enterprise-agent/issues/915)) ([320ab6a](https://github.com/hyperledger-labs/open-enterprise-agent/commit/320ab6a876606eb68f48fe7d78983b4e044b5084))

# [1.30.0](https://github.com/hyperledger-labs/open-enterprise-agent/compare/prism-agent-v1.29.0...prism-agent-v1.30.0) (2024-03-01)


Expand Down
54 changes: 27 additions & 27 deletions DEPENDENCIES.md
Original file line number Diff line number Diff line change
Expand Up @@ -444,32 +444,32 @@ MIT | [The MIT License (MIT)](https://opensource.org/licenses/MIT) | [com.dimafe
MIT | [The MIT License (MIT)](https://opensource.org/licenses/MIT) | [com.dimafeng # testcontainers-scala-vault_3 # 0.41.0](https://github.com/testcontainers/testcontainers-scala) | <notextile></notextile>
Public Domain | [Public Domain, per Creative Commons CC0](http://creativecommons.org/publicdomain/zero/1.0/) | [org.hdrhistogram # HdrHistogram # 2.1.12](http://hdrhistogram.github.io/HdrHistogram/) | <notextile></notextile>
Public Domain | [Public Domain, per Creative Commons CC0](http://creativecommons.org/publicdomain/zero/1.0/) | [org.latencyutils # LatencyUtils # 2.0.3](http://latencyutils.github.io/LatencyUtils/) | <notextile></notextile>
none specified | []() | [io.iohk.atala # castor-core_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # connect-core_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # connect-sql-doobie_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # event-notification_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-agent-core_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-agent-didcommx_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-data-models_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-connection_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-coordinate-mediation_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-invitation_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-issue-credential_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-mailbox_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-outofband-login_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-present-proof_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-report-problem_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-routing-2-0_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-trust-ping_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-resolver_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-verifiable-credentials_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # pollux-anoncreds_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # pollux-core_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # pollux-sql-doobie_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # pollux-vc-jwt_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # prism-agent-wallet-api_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # prism-node-client_3 # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # shared # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # sharedtest # 1.29.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # castor-core_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # connect-core_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # connect-sql-doobie_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # event-notification_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-agent-core_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-agent-didcommx_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-data-models_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-connection_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-coordinate-mediation_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-invitation_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-issue-credential_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-mailbox_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-outofband-login_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-present-proof_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-report-problem_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-routing-2-0_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-protocol-trust-ping_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-resolver_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # mercury-verifiable-credentials_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # pollux-anoncreds_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # pollux-core_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # pollux-sql-doobie_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # pollux-vc-jwt_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # prism-agent-wallet-api_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # prism-node-client_3 # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # shared # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [io.iohk.atala # sharedtest # 1.30.0-SNAPSHOT](https://github.com/input-output-hk/atala-prism-building-blocks) | <notextile></notextile>
none specified | []() | [net.jcip # jcip-annotations # 1.0](http://jcip.net/) | <notextile></notextile>

Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
# Handle errors in background jobs by storing on state records and sending via webhooks

- Status: accepted
- Deciders: David Poltorak, Yurii Shynbuiev, Benjamin Voiturier, Fabio Pinheiro
- Date: 2024-03-07
- Tags: error handling, background jobs, DIDComm, messaging

## Context and Problem Statement

In our system, background jobs play a crucial role in handling tasks such as processing DIDComm messages for establishing connections between agents. Currently, if an error occurs in a background job, the original caller is not notified of this error, leading to potential issues in tracking and managing the state of operations. If a ZIO Failure is encountered, a serialised version of the error (string) is stored in the database along the background job record, however, this attribute is not available on the API when checking the status of an operation.

While the DIDComm Error Reporting protocol effectively handles errors in peer-to-peer communications between agents, our system lacks a robust mechanism for notifying clients of errors occurring in background jobs. This gap in error handling affects transparency and the ability to respond to issues promptly. How can we ensure clients are effectively notified of errors in background jobs, especially when such errors cannot be communicated via DIDComm Error Reporting?

## Decision Drivers

- Transparency and traceability of errors
- System reliability and robust error handling, reliability of background job processing
- Minimising the impact of errors on user experience
- Complementing the DIDComm Error Reporting protocol
- Future scalability is not hampered by the solution we put in place

## Considered Options

1. Storing error information in database records
- Storing in RFC 9457 Problem Details for HTTP APIs format
- Storing in proprietary format
- Storing as ZIO.Failure string (as is)
- Enhancing the API to return this attribute of the record when checking the status of an operation
2. Creating a central registry of errors
3. Using existing webhook system to send errors to clients
4. Implementing event-driven error notifications

## Decision Outcome

Chosen Option: Combined 1 and 3

We have opted for enhanced error handling by storing error details on background job records in the RFC 9457 Problem Details for HTTP APIs format and leveraging webhooks for error notifications. This approach is selected because it aligns with our objectives of enhancing system reliability and error handling for background jobs. It provides a transparent mechanism for users to be informed about errors and leverages the existing webhook system, thereby avoiding the introduction of unnecessary complexity through event-driven architecture or a central registry.

### Implementation Strategy

- Storing Error Information on Job Records: We will serialise error details into a JSON object that adheres to the RFC 9457 structure and store this information in a dedicated field within the background job records. This method is intended to enhance the visibility of errors and assist in the debugging process.
- Include error attribute in API responses: We will ensure that the error object is returned on any object which represents the state of a background job (Connection, Issuance or Present Proof)
- Webhook Notifications: Our strategy includes making use of the existing webhook system to notify clients of errors in real-time. This utilisation ensures that clients are promptly informed of any issues, enhancing the overall user experience and system responsiveness to error conditions.

### Positive Consequences

- Clients receive immediate, standardised notifications of errors, improving transparency.
- Error details are systematically logged, enhancing system monitoring and debugging capabilities.
- The approach scales well with system growth and can adapt to future requirements for error handling.
- **Error messages logged on records will be secured by the active WalletContext**

### Negative Consequences

- No central place to access error instances as per RFC 9457 specification.
- Clients will need to manage potential unknown failures of webhook calls to their system (from agent to client) as webhook events are not persisted.
- Error information will need to be made available when retrieving background job processing records through the operation API that generated them.

### Storing error information in database records

- Good, because it provides a persistent record of errors.
- Good, RFC 9457 Problem Details for HTTP APIs format, as it provides a standardised way to represent errors.
- Bad, proprietary format, as it requires converting to RFC 9457 to be sent to the user.
- Bad, because it requires manual checking and doesn't proactively notify interested parties.

### Creating a central registry of errors

- Good, because it centralises error management.
- Bad, because it can become a bottleneck and still lacks proactive notification.
- Bad, because it carries a lot of complexity that may not get used as data can be made available on other RESTFul APIs in a more cohesive way (such as retrieving a connection record can include the errors about creating that connection).

### Using existing webhook system to send errors to clients

- Good, because it leverages existing implementation and communication channels to send events.
- Bad, because it is limited by the existing system (events not persisted).

### Implementing event-driven error notifications

- Good, because it provides real-time, scalable notifications.
- Bad, because it requires the setup and management of an event-driven system.

## Links

- [DIDComm Messaging Specification](https://identity.foundation/didcomm-messaging/spec/)
36 changes: 33 additions & 3 deletions docs/docusaurus/secrets/operation.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,15 +27,18 @@ Secret storage supports various backends like the Vault service or Postgres data
By default, the backend chosen for secret storage is Vault, which is suitable for production environments.
There are multiple supported backend implementations, each catering to specific use cases.

__HashiCorp Vault__
### HashiCorp Vault

When operating in a production environment, the agent has the option to utilize Vault
as a secure secret storage backend. This choice is deemed suitable for production because
all data is encrypted and it also offers additional security-related capabilities.
By default, the agent uses this backend but the option is configurable.
To utilize this backend, set the `SECRET_STORAGE_BACKEND` variable to `vault`.

__Authentication and Authorization__

The agent expects to read and write secrets to the path `/secret/*`,
to ensure the provisioned permissions.
so ensure the appropriate permissions are provisioned.

Example Vault policy

Expand All @@ -53,7 +56,34 @@ The agent prefers token authentication if provided with multiple authentication
Another method is [AppRole authentication](https://developer.hashicorp.com/vault/docs/auth/approle) which is suitable for automatic workflows.
To use AppRole authentication, set the environment variable `VAULT_APPROLE_ROLE_ID` and `VAULT_APPROLE_SECRET_ID`.

__Postgres__
__Storage Backend__

HashiCorp Vault supports multiple backends for storage, such as filesystem, Etcd, PostgreSQL, or Integrated Storage (Raft).
Each backend has different properties, which have implications for how secrets can be stored.
The agent logically stores secrets in the following hierarchies.

```
# Wallet seed
/secret/<wallet-id>/seed
# Peer DID keys
/secret/<wallet-id>/dids/peer/<peer-did>/keys/<key-id>
# Generic secrets
/secret/<wallet-id>/generic-secrets/<specific-path>
```

Each storage backend has certain limitations, such as size, number of sub-paths, or path length.
Some backends can support path lengths of up to 32,768 characters, while others only allow a few hundred characters.
In some cases, the storage backends might not support the above logical convention due to excessively long paths.

To address this issue, the agent supports path shortening.
This feature can be toggled by setting the environment variable `VAULT_USE_SEMANTIC_PATH=false`.
When it is disabled, the unbounded portion of the path will be replaced by a SHA-256 digest of the original relative path.
Additionally, the original path will be stored in the secret metadata.


### Postgres

Postgres is an alternative backend option for secret storage.
However, this option must be explicitly chosen and will replace Vault.
Expand Down
Loading

0 comments on commit ef37646

Please sign in to comment.