Bump send and express in /oidc-ui

.github/workflows/chart-lint-publish.yml

@@ -6,7 +6,7 @@ on:
   pull_request:
     types: [opened, reopened, synchronize]
     paths:
-      - 'charts/**'
+      - 'helm/**'
   workflow_dispatch:
     inputs:
       IGNORE_CHARTS:

.github/workflows/push-trigger.yml

@@ -44,7 +44,7 @@ jobs:
     secrets:
       OSSRH_USER: ${{ secrets.OSSRH_USER }}
       OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
-      OSSRH_URL: ${{ secrets.OSSRH_SNAPSHOT_URL }}
+      OSSRH_URL: ${{ secrets.RELEASE_URL }}
       OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
       GPG_SECRET: ${{ secrets.GPG_SECRET }}
       SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
@@ -103,3 +103,113 @@ jobs:
       ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
       RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
       SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  build-maven-apitest-esignet:
+    uses: mosip/kattu/.github/workflows/maven-build.yml@master
+    with:
+      SERVICE_LOCATION: ./apitest
+      BUILD_ARTIFACT: apitest-esignet
+    secrets:
+      OSSRH_USER: ${{ secrets.OSSRH_USER }}
+      OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
+      OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+      GPG_SECRET: ${{ secrets.GPG_SECRET }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  publish_to_nexus_apitest_esignet:
+    if: "${{ !contains(github.ref, 'master') && github.event_name != 'pull_request' && github.event_name != 'release' && github.event_name != 'prerelease' && github.event_name != 'publish' }}"
+    needs: build-maven-apitest-esignet
+    uses: mosip/kattu/.github/workflows/maven-publish-to-nexus.yml@master
+    with:
+      SERVICE_LOCATION: ./apitest
+    secrets:
+      OSSRH_USER: ${{ secrets.OSSRH_USER }}
+      OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
+      OSSRH_URL: ${{ secrets.RELEASE_URL }}
+      OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+      GPG_SECRET: ${{ secrets.GPG_SECRET }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  build-apitest-esignet-local:
+    needs: build-maven-apitest-esignet
+    runs-on: ubuntu-latest
+    env:
+      NAMESPACE: ${{ secrets.dev_namespace_docker_hub }}
+      SERVICE_NAME: apitest-esignet
+      SERVICE_LOCATION: apitest
+      BUILD_ARTIFACT: apitest-esignet-local
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          ref: ${{ github.ref }}
+          java-version: 11
+          server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
+          settings-path: ${{ github.workspace }} # location for the settings.xml file
+      - name: Setup the settings file for ossrh server
+        run: echo "<settings> <servers>  <server>  <id>ossrh</id>    <username>${{secrets.ossrh_user}}</username> <password>${{secrets.ossrh_secret}}</password> </server> </servers> <profiles> <profile>     <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation>  <properties> <gpg.executable>gpg2</gpg.executable> <gpg.passphrase>${{secrets.gpg_secret}}</gpg.passphrase> </properties> </profile> <profile> <id>allow-snapshots</id>       <activation><activeByDefault>true</activeByDefault></activation> <repositories> <repository>        <id>snapshots-repo</id> <url>https://oss.sonatype.org/content/repositories/snapshots</url> <releases><enabled>false</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository>  <repository>         <id>releases-repo</id>  <url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url>         <releases><enabled>true</enabled></releases>         <snapshots><enabled>false</enabled></snapshots> </repository> </repositories>  </profile> <profile> <id>sonar</id> <properties>  <sonar.sources>.</sonar.sources> <sonar.host.url>https://sonarcloud.io</sonar.host.url>  </properties> <activation> <activeByDefault>false</activeByDefault> </activation> </profile> </profiles> </settings>" > $GITHUB_WORKSPACE/settings.xml
+      - name: Build Automationtests with Maven
+        run: |
+          cd ${{ env.SERVICE_LOCATION}}
+          mvn clean package -s $GITHUB_WORKSPACE/settings.xml
+      - name: Copy configuration files to target directory.
+        run: |
+          cp -r ${{ env.SERVICE_LOCATION}}/target/classes/config ${{ env.SERVICE_LOCATION}}/target/config
+          cp -r ${{ env.SERVICE_LOCATION}}/testNgXmlFiles ${{ env.SERVICE_LOCATION}}/target/testNgXmlFiles
+      - name: Ready the springboot artifacts
+        if: ${{ !contains(github.ref, 'master') || !contains(github.ref, 'main') }}
+        run: |
+          ## FIND JARS & COPY ONLY EXECUTABLE JARs STORED UNDER TARGET DIRECTORY 
+          find ${{ env.SERVICE_LOCATION }} -path '*/target/*' -exec zip ${{ env.BUILD_ARTIFACT }}.zip {} +
+      - name: Upload the springboot jars
+        if: ${{ !contains(github.ref, 'master') || !contains(github.ref, 'main') }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ env.BUILD_ARTIFACT }}
+          path: ${{ env.BUILD_ARTIFACT }}.zip
+      - uses: 8398a7/action-slack@v3
+        with:
+          status: ${{ job.status }}
+          fields: repo,message,author,commit,workflow,job # selectable (default: repo,message)
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required
+        if: failure() # Pick up events even if the job fails or is canceled.
+
+  build-dockers_apitest_esignet:
+    needs: build-apitest-esignet-local
+    strategy:
+      matrix:
+        include:
+          - SERVICE_LOCATION: 'apitest'
+            SERVICE_NAME: 'apitest-esignet'
+            BUILD_ARTIFACT: 'apitest-esignet-local'
+            ONLY_DOCKER: true
+      fail-fast: false
+    name: ${{ matrix.SERVICE_NAME }}
+    uses: mosip/kattu/.github/workflows/docker-build.yml@master
+    with:
+      SERVICE_LOCATION: ${{ matrix.SERVICE_LOCATION }}
+      SERVICE_NAME: ${{ matrix.SERVICE_NAME }}
+      BUILD_ARTIFACT: ${{ matrix.BUILD_ARTIFACT }}
+      ONLY_DOCKER: ${{ matrix.ONLY_DOCKER }}
+    secrets:
+      DEV_NAMESPACE_DOCKER_HUB: ${{ secrets.DEV_NAMESPACE_DOCKER_HUB }}
+      ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
+      RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+  sonar_analysis_apitest_esignet:
+    needs: build-maven-apitest-esignet
+    if: "${{  github.event_name != 'pull_request' }}"
+    uses: mosip/kattu/.github/workflows/maven-sonar-analysis.yml@master
+    with:
+      SERVICE_LOCATION: ./apitest
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      ORG_KEY: ${{ secrets.ORG_KEY }}
+      OSSRH_USER: ${{ secrets.OSSRH_USER }}
+      OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
+      OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+      GPG_SECRET: ${{ secrets.GPG_SECRET }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

README.md

@@ -1,8 +1,10 @@
-[![Maven Package upon a push](https://github.com/mosip/esignet/actions/workflows/push_trigger.yml/badge.svg?branch=develop)](https://github.com/mosip/esignet/actions/workflows/push_trigger.yml)
+[![Maven Package upon a push](https://github.com/mosip/esignet/actions/workflows/push-trigger.yml/badge.svg?branch=master)](https://github.com/mosip/esignet/actions/workflows/push-trigger.yml)
 [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=mosip_esignet&id=mosip_esignet&metric=alert_status)](https://sonarcloud.io/dashboard?id=mosip_esignet)
 # e-Signet Project
 ## Overview
-This repository contains the implementation of Authorization Code flow of OAuth 2.0. Supports all the mandatory features of OIDC (Open ID Connect) specification.
+This repository contains the implementation of 
+* Authorization Code flow of OAuth 2.0. Supports all the mandatory features of OIDC (Open ID Connect) specification.
+* VC Issuance Flow, supports only [wallet initiated flow](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-12.html#name-authorization-code-flow)
 
 e-Signet repository contains following:
 
@@ -16,79 +18,25 @@ e-Signet repository contains following:
 8. vci-service-impl - Credential issuance service implementation classes.
 9. db_scripts - Contains all the db scripts required to setup or upgrade the DB for esignet module.
 
-
 ## Databases
 Refer to [SQL scripts](db_scripts).
 
-## Build & run (for developers)
+## Build (for developers)
 The project requires JDK 11.
-1. Build and install:
+1. Build:
     ```
     $ mvn clean install -Dgpg.skip=true
     ```
-1. Build Docker for a service:
-    ```
-    $ docker build -f Dockerfile
-    ```
-
-## Installing in k8s cluster using helm
-### Pre-requisites
-1. Set the kube config file of the Mosip cluster having dependent services is set correctly in PC.
-1. Make sure [DB setup](db_scripts/README.md#install-in-existing-mosip-k8-cluster) is done.
-1. Add / merge below mentioned properties files into existing config branch:
-    * [esignet-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/esignet-default.properties) 
-    * [application-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/application-default.properties)
-1. Below are the dependent services required for esignet service integrated with MOSIP IDA:
-   | Chart | Chart version |
-   |---|---|
-   |[Keycloak](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/iam) | 7.1.18 |
-   |[Keycloak-init](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/iam) | 12.0.1-B3 |
-   |[Postgres](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/postgres) | 10.16.2 |
-   |[Postgres Init](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/postgres) | 12.0.1-B3 |
-   |[Minio](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/object-store) | 10.1.6 |
-   |[Kafka](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/kafka) | 0.4.2 |
-   |[Config-server](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/config-server) | 12.0.1-B3 |
-   |[Websub](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/websub) | 12.0.1-B2 |
-   |[Artifactory server](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/artifactory) | 12.0.1-B3 |
-   |[Keymanager service](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/keymanager) | 12.0.1-B2 |
-   |[Kernel services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/kernel) | 12.0.1-B2 |
-   |[Biosdk service](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/biosdk) | 12.0.1-B3 |
-   |[Idrepo services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/idrepo) | 12.0.1-B2 |
-   |[Pms services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/pms) | 12.0.1-B3 |
-   |[IDA services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/ida) | 12.0.1-B3 |
-
-### Install
-* Install `kubectl` and `helm` utilities.
-* Run `install-all.sh` to deploy esignet services.
-  ```
-  cd helm
-  ./install-all.sh
-  ```
-* During the execution of the `install-all.sh` script, a prompt appears requesting information regarding the presence of a public domain and a valid SSL certificate on the server.
-* If the server lacks a public domain and a valid SSL certificate, it is advisable to select the `n` option. Opting it will enable the `init-container` with an `emptyDir` volume and include it in the deployment process.
-* The init-container will proceed to download the server's self-signed SSL certificate and mount it to the specified location within the container's Java keystore (i.e., `cacerts`) file.
-* This particular functionality caters to scenarios where the script needs to be employed on a server utilizing self-signed SSL certificates.
 
-### Delete
-* Run `delete-all.sh` to remove esignet services.
-  ```
-  cd helm
-  ./delete-all.sh
-  ```
-
-### Restart
-* Run `restart-all.sh` to restart esignet services.
-  ```
-  cd helm
-  ./restart-all.sh
-  ```
-
-## Onboard esignet
-* Run onboarder's [install.sh](partner-onboarder) script to exchange jwk certificates.
+## Run eSignet (for developers)
+To simplify running eSignet in local for developers we have added [Docker Compose Setup](docker-compose/README.md). 
+This docker-compose includes eSignet service and UI along with mock-identity-system to test the local deployment. 
 
-
 ## APIs
-API documentation is available [here](https://mosip.stoplight.io/docs/identity-provider/branches/main/6f1syzijynu40-identity-provider).
+API documentation is available [here](docs/esignet-openapi.yaml).
+
+## Documentation
+eSignet documentation is available [here](https://docs.esignet.io/).
 
 ## License
 This project is licensed under the terms of [Mozilla Public License 2.0](LICENSE).

apitest/.gitignore

@@ -0,0 +1,40 @@
+*.class
+.mtj.tmp/
+*.war
+*.ear
+hs_err_pid*
+#ignored files
+
+.springBeans
+.metadata
+.factorypath
+.classpath
+.project
+.settings/
+bin/
+tmp/
+
+logs/
+*.tmp
+*.bak
+*.swp
+*~.nib
+local.properties
+.loadpath
+.DS_Store
+test.txt
+.idea/
+.settings/
+.sonarlint/
+.recommenders/
+/.recommenders/
+
+**/*.iml
+*.log
+src/logs/mosip-api-test.log
+/target/
+target/
+test-output/
+testng-report/
+/reg
+./reg

apitest/Dockerfile

@@ -0,0 +1,63 @@
+FROM openjdk:11
+
+ARG SOURCE
+ARG COMMIT_HASH
+ARG COMMIT_ID
+ARG BUILD_TIME
+LABEL source=${SOURCE}
+LABEL commit_hash=${COMMIT_HASH}
+LABEL commit_id=${COMMIT_ID}
+LABEL build_time=${BUILD_TIME}
+
+# can be passed during Docker build as build time environment for github branch to pickup configuration from.
+ARG container_user=mosip
+
+# can be passed during Docker build as build time environment for github branch to pickup configuration from.
+ARG container_user_group=mosip
+
+# can be passed during Docker build as build time environment for github branch to pickup configuration from.
+ARG container_user_uid=1001
+
+# can be passed during Docker build as build time environment for github branch to pickup configuration from.
+ARG container_user_gid=1001
+
+ARG KUBECTL_VERSION=1.22.9
+
+# install packages and create user
+RUN apt-get -y update \
+&& apt-get install -y unzip jq \
+&& groupadd -g ${container_user_gid} ${container_user_group} \
+&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \
+&& curl -LO "https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl" \
+&& chmod +x kubectl \
+&& mv kubectl /usr/local/bin/
+
+# set working directory for the user
+WORKDIR /home/${container_user}
+
+ENV work_dir=/home/${container_user}
+
+ADD ./apitest/target/ $work_dir
+
+ADD entrypoint.sh $work_dir/entrypoint.sh
+
+RUN chmod +x $work_dir/entrypoint.sh
+
+#ADD ./testNgXmlFiles/ $work_dir/testNgXmlFiles/
+
+# change permissions of file inside working dir
+RUN chown -R ${container_user}:${container_user} /home/${container_user} /usr/local/openjdk-11/lib/security/cacerts
+
+RUN chmod 644 /usr/local/openjdk-11/lib/security/cacerts
+
+# select container user for all tasks
+USER ${container_user_uid}:${container_user_gid}
+
+EXPOSE 8083
+
+ENV MODULES=
+ENV ENV_USER=
+ENV ENV_ENDPOINT=
+ENV ENV_TESTLEVEL=smokeAndRegression
+
+ENTRYPOINT ["./entrypoint.sh"]

apitest/README.md

@@ -0,0 +1,3 @@
+# Automation test
+
+All automation test code. 

apitest/entrypoint.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+## Run automationtests
+java -jar -Dmodules="$MODULES" -Denv.user="$ENV_USER" -Denv.endpoint="$ENV_ENDPOINT" -Denv.testLevel="$ENV_TESTLEVEL" apitest-esignet-*-jar-with-dependencies.jar;