diff --git a/docker-compose/README.md b/docker-compose/README.md new file mode 100644 index 00000000..f7802672 --- /dev/null +++ b/docker-compose/README.md @@ -0,0 +1,54 @@ +## Overview + +This is the docker-compose setup to run + +- **mimoto-service** which act as BFF for Inji mobile and backend for Inji web. +- **inji-web** and **inji-web-proxy** for frontend + +This is not for production use. + +## Building the inji-web-proxy image locally. + +> cd inji-web-proxy && docker build -t inji-web-proxy:local . + +## Building the inji-web image locally. + +> cd ../inji-web && docker build -f Dockerfile.local -t inji-web:local . + +## What is in the docker-compose folder? + +1. certs folder holds the p12 file which is being created as part of OIDC client onboarding. +2. "config" folder holds the mimoto system properties file, issuer configuration and credential template. +3. "docker-compose.yml" file with mimoto setup. + +## How to run this setup? + +1. Add Id providers as an issuer in mimoto-issuers-config.json + +2. Add verifiers clientId and redirect Uri in mimoto-trusted-verifiers.json for Online Sharing + +3. Start esignet services and update esignet host references in mimoto-default.properties and mimoto-issuers-config.json + +4. Start the data share services and update data share host references in mimoto-default.properties. data share service helm is available in the [Inji Web Helm](https://github.com/mosip/inji-web/tree/release-0.10.x/helm/inji-web) + +5. Create certs folder in the same directory and create OIDC client. Add key in oidckeystore.p12 and copy this file under certs folder. +Refer [here](https://docs.mosip.io/inji/inji-mobile-wallet/customization-overview/credential_providers) to create client +* Update client_id and client_alias as per onboarding in mimoto-issuers-config.json file. + +5. Start the docker-compose file + +> cd ../docker-compose && docker-compose up -d + +6. Stop the docker-compose file + +> cd ../docker-compose && docker-compose down + +7. Access Apis as + * http://localhost:8099/v1/mimoto/allProperties + * http://localhost:8099/v1/mimoto/issuers + * http://localhost:8099/v1/mimoto/issuers/Sunbird + * http://localhost:8099/v1/mimoto/issuers/Sunbird/well-known-proxy + + +Note: +- Replace mosipbox.public.url, mosip.api.public.url with your public accessible domain. For dev or local env [ngrok](https://ngrok.com/docs/getting-started/) is recommended. diff --git a/docker-compose/certs/oidckeystore.p12 b/docker-compose/certs/oidckeystore.p12 new file mode 100644 index 00000000..99a07036 Binary files /dev/null and b/docker-compose/certs/oidckeystore.p12 differ diff --git a/docker-compose/config/credential-template.html b/docker-compose/config/credential-template.html new file mode 100644 index 00000000..4607e5b0 --- /dev/null +++ b/docker-compose/config/credential-template.html @@ -0,0 +1,39 @@ + + + + + $titleName + + +
+
+ $titleName +
+
+
+ #if (!$face) +
+ Logo +
+ #else + Logo + #end +
+ Logo +
+
+
+ #foreach($entry in $rowProperties.entrySet()) + #if($entry.value) +
+
$entry.key
+
$entry.value
+
+ #end + #end +
+
+ QR Code +
+ + diff --git a/docker-compose/config/mimoto-default.properties b/docker-compose/config/mimoto-default.properties new file mode 100644 index 00000000..deffd6d6 --- /dev/null +++ b/docker-compose/config/mimoto-default.properties @@ -0,0 +1,290 @@ +server.port=8099 +server.servlet.context-path=/v1/mimoto +health.config.enabled=false +mosip.service.end-points=/**/* + +mosipbox.public.url=http://localhost:${server.port} +mosip.api.public.url=http://localhost:${server.port} +mosip.resident.url=https://api.collab.mosip.net/v1/resident +mosip.esignet.host=https://esignet.collab.mosip.net +keycloak.external.url=https://iam.collab.mosip.net/ +mosip.kernel.authmanager.url=http://authmanager.kernel/ +mosip.websub.url=http://websub.websub/ + +# START inji-default.properties + +mosip.inji.allowedAuthType=demo,otp,bio-Finger,bio-Iris,bio-Face +mosip.inji.allowedEkycAuthType=demo,otp,bio-Finger,bio-Iris,bio-Face +mosip.inji.allowedInternalAuthType=otp,bio-Finger,bio-Iris,bio-Face +mosip.inji.faceSdkModelUrl=https://api.collab.mosip.net/inji +# maximum number of retry for downloading vc +mosip.inji.vcDownloadMaxRetry=10 +# pool interval in milli seconds +mosip.inji.vcDownloadPoolInterval=6000 +# validate binding audience url to be sent in token +mosip.inji.audience=ida-binding +# issuer to be sent in token +mosip.inji.issuer=residentapp +# warning screen domain name +mosip.inji.warningDomainName=${mosip.api.public.url} +#timeout for vc download api via openid4vci flow in milliseconds +mosip.inji.openId4VCIDownloadVCTimeout=30000 +# inji documentation url +mosip.inji.aboutInjiUrl=https://docs.mosip.io/inji/inji-mobile-wallet/overview +# minimum storage space required for making audit entry in MB +mosip.inji.minStorageRequiredForAuditEntry=2 +# minimum storage space required for downloading / receiving vc in MB +mosip.inji.minStorageRequired=2 + +# END inji-default.properties + + +# START bootstrap.properties + +spring.cloud.config.uri=http://nginx/ +spring.cloud.config.name=mimoto,inji +spring.application.name=mimoto + +#config.server.file.storage.uri=https://raw.githubusercontent.com/mosip/mosip-config/collab1/ +config.server.file.storage.uri=http://nginx/ + +management.endpoint.health.show-details=always +management.endpoints.web.exposure.include=info,health,refresh + +openapi.info.title=${spring.application.name} +openapi.info.description=${spring.application.name} +openapi.info.version=1.0 +openapi.info.license.name=Mosip +openapi.info.license.url=https://docs.mosip.io/platform/license +openapi.service.servers[0].url=${mosip.api.public.url}${server.servlet.context-path} +openapi.service.servers[0].description=${spring.application.name} +openapi.group.name=${openapi.info.title} +openapi.group.paths[0]=/** +springdoc.swagger-ui.disable-swagger-default-url=true +springdoc.swagger-ui.tagsSorter=alpha +springdoc.swagger-ui.operationsSorter=alpha + +# END bootstrap.properties + +# MOSIP + +public.url=${mosip.api.public.url}/v1/mimoto +mosip.resident.base.url=${mosip.resident.url}/resident/v1 +idp.binding.base.url=https://${mosip.esignet.host}/v1/esignet/binding +mosip.iam.adapter.disable-self-token-rest-template=true + +RESIDENT_OTP=${mosip.resident.base.url}/req/otp +RESIDENT_CREDENTIAL_REQUEST=${mosip.resident.base.url}/req/credential +RESIDENT_CREDENTIAL_REQUEST_STATUS=${RESIDENT_CREDENTIAL_REQUEST}/status +RESIDENT_VID=${mosip.resident.base.url}/vid +RESIDENT_AUTH_LOCK=${mosip.resident.base.url}/req/auth-lock +RESIDENT_AUTH_UNLOCK=${mosip.resident.base.url}/req/auth-unlock +RESIDENT_INDIVIDUALID_OTP=${mosip.resident.base.url}/individualId/otp +RESIDENT_AID_GET_INDIVIDUALID=${mosip.resident.base.url}/aid/status +BINDING_OTP=${idp.binding.base.url}/binding-otp +WALLET_BINDING=${idp.binding.base.url}/wallet-binding + + +# Resident App +credential.template=template.json +credential.sample=sample_credential.json +credential.data.path=data +safetynet.api.key= +safetynet.api.url=https://www.googleapis.com/androidcheck/v1/attestations/verify?key=${safetynet.api.key} + +registration.processor.print.textfile=registration-processor-print-text-file.json + +# Websub +mosip.event.hubUrl=${mosip.websub.url}/hub/ +mosip.event.hub.subUrl=${mosip.event.hubUrl} +mosip.event.hub.pubUrl=${mosip.event.hubUrl} + + +# MOSIP partner +mosip.partner.id=mpartner-default-mobile +mosip.event.callBackUrl=${public.url}/credentialshare/callback/notify +mosip.event.topic=${mosip.partner.id}/CREDENTIAL_ISSUED +mosip.event.secret=Kslk30SNF2AChs2 + + +mosip.partner.crypto.p12.filename=keystore.p12 +mosip.partner.crypto.p12.password=1234cryptopwd +mosip.partner.crypto.p12.alias=partner +mosip.partner.encryption.key=${mosip.partner.crypto.p12.password} +mosip.partner.prependThumbprint=true + + +mosip.datashare.partner.id=mpartner-default-resident +mosip.datashare.policy.id=mpolicy-default-resident + + +csrf.disabled=true +# Delayed websub subscription. Default is 5 seconds in ms. +mosip.event.delay-millisecs=5000 +# Websub re-subscription workaround for losing subscribed topic when MOSIP websub update or restart. Default is 5 minutes in ms. +websub-resubscription-delay-millisecs=86400000 + +#-------------TOKEN GENERATION---------------- +#Token generation request id +token.request.id=io.mosip.registration.processor +#Token generation app id +token.request.appid=regproc +#Token generation username +token.request.username=registrationprocessor +#Token generation password +token.request.password=abc123 +#Token generation version +token.request.version=1.0 +#Token generation Client Id +token.request.clientId=mosip-regproc-client +#Token generation secret key +token.request.secretKey=abc123 +#Token generation issuer url +token.request.issuerUrl=${keycloak.internal.url}/auth/realms/mosip + +#Audit Service +AUDIT=${mosip.kernel.auditmanager.url}/v1/auditmanager/audits +AUDIT_URL=${mosip.kernel.auditmanager.url}/v1/auditmanager/audits +KEYBASEDTOKENAPI=${mosip.kernel.authmanager.url}/v1/authmanager/authenticate/clientidsecretkey + +#Master Data Services +# MASTER=http://kernel-masterdata-service/v1/masterdata +MASTER=${mosip.kernel.masterdata.url}/v1/masterdata +TEMPLATES=${MASTER}/templates + +#Packet receiver application version +mosip.print.application.version=1.0 +#Request Date Time format +mosip.print.datetime.pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' + + +#-------------Printing Service-------------------- +mosip.print.service.id=mosip.print + +#Audit request id +mosip.print.audit.id=mosip.applicanttype.getApplicantType +mosip.country.code=MOR + +#Kernel Crypto signature +registration.processor.signature.isEnabled=true + +# Language Supported By Platform - ISO +mosip.supported-languages=eng,ara,fra + +mosip.template-language=eng +mosip.optional-languages=fra,ara +mosip.mandatory-languages=eng + +# mosip.primary-language=eng +# mosip.secondary-language=ara + +#----------------------- CBEFF Util-------------------------------------------------- +# Cbeff URL where the files will be stored in git, change it accordingly in case of change of storage location. +# mosip.kernel.xsdstorage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ +mosip.kernel.xsdstorage-uri=https://raw.githubusercontent.com/mosip/mosip-config/develop/ +# Cbeff XSD file name in config server +mosip.kernel.xsdfile=mosip-cbeff.xsd + +#----------------------------- Applicant Type -------------------------------------------------- +mosip.kernel.applicant.type.age.limit = 5 + +#----------------------------- Static PIN -------------------------------------------------- +mosip.kernel.pin.length=6 + +#-----------------------------TOKEN-ID Properties--------------------------------- +#length of the token id +mosip.kernel.tokenid.length=36 + +# log level +logging.level.root=WARN +logging.level.io.mosip=INFO +# logging.level.io.mosip.kernel.auth.defaultadapter.filter=INFO +logging.level.io.mosip.kernel.auth.defaultadapter=DEBUG +logging.level.org.springframework.http.client=DEBUG +logging.level.io.mosip.residentapp=INFO +logging.level.reactor.netty.http.client=INFO +# tomcat access logs +server.tomcat.accesslog.enabled=true +server.tomcat.accesslog.directory=/dev +server.tomcat.accesslog.prefix=stdout +server.tomcat.accesslog.buffered=false +server.tomcat.accesslog.suffix= +server.tomcat.accesslog.file-date-format= +server.tomcat.accesslog.pattern={"@timestamp":"%{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'}t","level":"ACCESS","level_value":70000,"traceId":"%{X-B3-TraceId}i","statusCode":%s,"req.requestURI":"%U","bytesSent":%b,"timeTaken":%T,"appName":"${spring.application.name}"} +server.tomcat.accesslog.className=io.mosip.kernel.core.logger.config.SleuthValve +registration.processor.unMaskedUin.length=5 + +IDSchema.Version=1.0 +registration.processor.identityjson=identity-mapping.json +registration.processor.demographic.identity=identity +CREATEDATASHARE=${mosip.datashare.url}/v1/datashare/create +DECRYPTPINBASSED=${mosip.kernel.keymanager.url}/v1/keymanager/decryptWithPin + + +#Auth Adapter rest template authentication configs +mosip.iam.adapter.appid=partner +mosip.iam.adapter.clientid=mpartner-default-mobile +mosip.iam.adapter.clientsecret=1234secret +auth.server.admin.issuer.uri=${keycloak.external.url}/auth/realms/ + +mosip.iam.adapter.issuerURL=${keycloak.internal.url}/auth/realms/mosip +mosip.authmanager.base-url=${mosip.kernel.authmanager.url}/v1/authmanager +mosip.authmanager.client-token-endpoint=${mosip.authmanager.base-url}/authenticate/clientidsecretkey +auth.server.admin.validate.url=${mosip.kernel.authmanager.url}/v1/authmanager/authorize/admin/validateToken + + +# in minutes +mosip.iam.adapter.validate-expiry-check-rate=1440 + +# in minutes +mosip.iam.adapter.renewal-before-expiry-interval=1440 + +#this should be false if you don?t use this restTemplate true if you do + +mosip.iam.adapter.self-token-renewal-enable=true +mosip.auth.filter_disable=true +mosip.auth.adapter.impl.basepackage=io.mosip.kernel.auth.defaultadapter +mosip.kernel.auth.appids.realm.map={prereg:'mosip',ida:'mosip',registrationclient:'mosip',regproc:'mosip',partner:'mosip',resident:'mosip',admin:'mosip',crereq:'mosip',creser:'mosip',datsha:'mosip',idrepo:'mosip'} + +vercred.type.vid=VID +mosip.idp.partner.id=mpartner-default-mobile +mosip.idp.partner.encryption.key=Aci9jg28B8mO_LDfDXo3ZTp5_HKgEMun2tYyHCa1e8k +wallet.binding.partner.id=mpartner-default-mimotokeybinding +wallet.binding.partner.api.key=1234walletbindingkey + +#mosip notification otp channel config +mosip.notificationtype=SMS|EMAIL|PHONE + +# Configurations related to openid4vc +mosip.openid.issuers=mimoto-issuers-config.json +mosip.openid.htmlTemplate=credential-template.html +mosip.oidc.client.assertion.type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer +mosip.oidc.p12.filename=oidckeystore.p12 +mosip.oidc.p12.password=mosip123 +mosip.oidc.p12.path=certs/ + + +#OpenId4VP related Configuration START + +#File name for the mimoto trusted verifiers +mosip.openid.verifiers=mimoto-trusted-verifiers.json + +#Inji Web Config +mosip.inji.web.url=https://injiweb.collab.mosip.net +mosip.inji.web.redirect.url=https://injiweb.collab.mosip.net/authorize +mosip.inji.qr.data.size.limit=10000 +mosip.inji.qr.code.height=650 +mosip.inji.qr.code.width=650 + +#OVP Config +mosip.inji.ovp.qrdata.pattern=INJI_OVP://https://injiweb.collab.mosip.net/authorize?response_type=vp_token&resource=%s&presentation_definition=%s +mosip.inji.ovp.redirect.url.pattern=%s#vp_token=%s&presentation_submission=%s +mosip.inji.ovp.error.redirect.url.pattern=%s?error=%s&error_description=%s + +#DataShare Config +mosip.data.share.url=https://datashare-inji.collab.mosip.net +mosip.data.share.create.url=https://datashare-inji.collab.mosip.net/v1/datashare/create/static-policyid/static-subscriberid +mosip.data.share.create.retry.count=3 +mosip.data.share.get.url.pattern=https://datashare-inji.collab.mosip.net/v1/datashare/get/static-policyid/static-subscriberid/* + +#OpenId4VP related Configuration END diff --git a/docker-compose/config/mimoto-issuers-config.json b/docker-compose/config/mimoto-issuers-config.json new file mode 100644 index 00000000..98823006 --- /dev/null +++ b/docker-compose/config/mimoto-issuers-config.json @@ -0,0 +1,129 @@ +{ + "issuers": [ + { + "credential_issuer": "Mosip", + "protocol": "OpenId4VCI", + "display": [ + { + "name": "National Identity Department", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "mosip-logo" + }, + "title": "National Identity Department", + "description": "Download MOSIP National / Foundational Identity Credential", + "language": "en" + }, + { + "name": "دائرة الهوية الوطنية", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "شعار موسيب" + }, + "title": "دائرة الهوية الوطنية", + "description": "قم بتنزيل بيانات اعتماد الهوية الوطنية / التأسيسية MOSIP", + "language": "ar" + }, + { + "name": "राष्ट्रीय पहचान विभाग", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "मोसिप लोगो" + }, + "title": "राष्ट्रीय पहचान विभाग", + "description": "MOSIP नेशनल/फाउंडेशनल आइडेंटिटी क्रेडेंशियल डाउनलोड करेंं", + "language": "hi" + }, + { + "name": "ರಾಷ್ಟ್ರೀಯ ಗುರುತಿನ ಇಲಾಖೆ", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "mosip ಲೋಗೋ" + }, + "title": "ರಾಷ್ಟ್ರೀಯ ಗುರುತಿನ ಇಲಾಖೆ", + "description": "MOSIP ರಾಷ್ಟ್ರೀಯ / ಫೌಂಡೇಶನಲ್ ಐಡೆಂಟಿಟಿ ರುಜುವಾತು ಡೌನ್‌ಲೋಡ್ ಮಾಡಿ", + "language": "kn" + }, + { + "name": "தேசிய அடையாளத் துறை", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "mosip லோகோ" + }, + "title": "தேசிய அடையாளத் துறை", + "description": "MOSIP தேசிய / அடிப்படை அடையாளச் சான்றிதழைப் பதிவிறக்கவும்", + "language": "ta" + }, + { + "name": "National Identity Department", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "logo ng mosip" + }, + "title": "National Identity Department", + "description": "I-download ang MOSIP National / Foundational Identity Credential", + "language": "fil" + } + ], + "client_id": "XusU7P1y10lMr9NA1qnrny_fqynODwV4SCvWPP8cfdY", + "redirect_uri": "io.mosip.residentapp.inji://oauthredirect", + "token_endpoint": "https://api.collab.mosip.net/v1/mimoto/get-token/Mosip", + "authorization_audience": "https://esignet-insurance.collab.mosip.net/v1/esignet/oauth/v2/token", + "proxy_token_endpoint": "https://esignet-mosipid.collab.mosip.net/v1/esignet/oauth/v2/token", + "client_alias": "mpartner-default-test-mosipid", + "qr_code_type": "OnlineSharing", + "enabled": "true", + "wellknown_endpoint": "https://injicertify-mosipid.collab.mosip.net/v1/certify/issuance/.well-known/openid-credential-issuer" + }, + { + "credential_issuer": "StayProtected", + "protocol": "OpenId4VCI", + "display": [ + { + "name": "StayProtected Insurance", + "logo": { + "url": "https://raw.githubusercontent.com/tw-mosip/file-server/master/StayProtectedInsurance.png", + "alt_text": "a square logo of a Sunbird" + }, + "title": "Download StayProtected Insurance Credentials", + "description": "Download insurance credential", + "language": "en" + } + ], + "client_id": "esignet-sunbird-partner", + "redirect_uri": "io.mosip.residentapp.inji://oauthredirect", + "token_endpoint": "https://api.dev1.mosip.net/v1/mimoto/get-token/StayProtected", + "authorization_audience": "https://esignet-insurance.dev1.mosip.net/v1/esignet/oauth/v2/token", + "proxy_token_endpoint": "https://esignet-insurance.dev1.mosip.net/v1/esignet/oauth/v2/token", + "client_alias": "esignet-sunbird-partner", + "qr_code_type": "OnlineSharing", + "enabled": "true", + "wellknown_endpoint": "https://injicertify-insurance.dev1.mosip.net/v1/certify/issuance/.well-known/openid-credential-issuer" + }, + { + "credential_issuer": "Mock", + "protocol": "OpenId4VCI", + "display": [ + { + "name": "Mock Identity", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "mosip-logo" + }, + "title": "Mock Identity", + "description": "Download Mock Identity Credential", + "language": "en" + } + ], + "client_id": "mpartner-mock-testing", + "redirect_uri": "io.mosip.residentapp.inji://oauthredirect", + "token_endpoint": "https://api.collab.mosip.net/v1/mimoto/get-token/Mock", + "authorization_audience": "https://esignet-insurance.collab.mosip.net/v1/esignet/oauth/v2/token", + "proxy_token_endpoint": "https://esignet-mock.collab.mosip.net/v1/esignet/oauth/v2/token", + "client_alias": "mpartner-mock-testing", + "qr_code_type": "OnlineSharing", + "enabled": "true", + "wellknown_endpoint": "https://injicertify-mock.collab.mosip.net/v1/certify/issuance/.well-known/openid-credential-issuer" + } + ] +} diff --git a/docker-compose/config/mimoto-trusted-verifiers.json b/docker-compose/config/mimoto-trusted-verifiers.json new file mode 100644 index 00000000..0ae0f141 --- /dev/null +++ b/docker-compose/config/mimoto-trusted-verifiers.json @@ -0,0 +1,10 @@ +{ + "verifiers": [ + { + "client_id": "https://injiverify.collab.mosip.net", + "redirect_uri": [ + "https://injiverify.collab.mosip.net/redirect" + ] + } + ] +} diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml new file mode 100644 index 00000000..dee9bb79 --- /dev/null +++ b/docker-compose/docker-compose.yml @@ -0,0 +1,55 @@ +version: '3.8' + +services: + nginx: + container_name: nginx + image: nginx:alpine + ports: + - '80:80' + volumes: + - ./config/mimoto-issuers-config.json:/config/server/mimoto-issuers-config.json + - ./config/mimoto-trusted-verifiers.json:/config/server/mimoto-trusted-verifiers.json + - ./config/credential-template.html:/config/server/credential-template.html + - ./nginx.conf:/etc/nginx/nginx.conf + + mimoto-service: + container_name: 'mimoto-service' + image: 'mosipid/mimoto:0.14.0' + user: root + ports: + - '8099:8099' + environment: + - container_user=mosip + - active_profile_env=default + - SPRING_CONFIG_NAME=mimoto + - SPRING_CONFIG_LOCATION=/home/mosip/ + volumes: + - ./config/mimoto-default.properties:/home/mosip/mimoto-default.properties + - ./config/mimoto-issuers-config.json:/home/mosip/mimoto-issuers-config.json + - ./config/mimoto-trusted-verifiers.json:/home/mosip/mimoto-trusted-verifiers.json + - ./certs/oidckeystore.p12:/home/mosip/certs/oidckeystore.p12 + depends_on: + - nginx + + inji-web-proxy: + container_name: 'inji-web-proxy' + image: inji-web-proxy:local + ports: + - '3010:3010' + environment: + - MIMOTO_HOST=http://mimoto-service:8099/v1/mimoto + - PORT=3010 + depends_on: + - mimoto-service + + inji-web: + container_name: 'inji-web' + image: inji-web:local + ports: + - '3001:80' + environment: + - MIMOTO_HOST=http://localhost:3010 + depends_on: + - inji-web-proxy + + diff --git a/docker-compose/nginx.conf b/docker-compose/nginx.conf new file mode 100644 index 00000000..03a3e1d7 --- /dev/null +++ b/docker-compose/nginx.conf @@ -0,0 +1,12 @@ +events { } + +http { + server { + listen 80; + + location / { + root /config/server; + autoindex on; + } + } +} diff --git a/inji-web-proxy/.env b/inji-web-proxy/.env new file mode 100644 index 00000000..4602717b --- /dev/null +++ b/inji-web-proxy/.env @@ -0,0 +1,2 @@ +MIMOTO_HOST=https://api.dev1.mosip.net/v1/mimoto +PORT=3010 diff --git a/inji-web-proxy/.gitignore b/inji-web-proxy/.gitignore new file mode 100644 index 00000000..60f1aa34 --- /dev/null +++ b/inji-web-proxy/.gitignore @@ -0,0 +1,4 @@ +.project +.idea +package-*.json +node_modules diff --git a/inji-web-proxy/Dockerfile b/inji-web-proxy/Dockerfile new file mode 100644 index 00000000..eb84af5d --- /dev/null +++ b/inji-web-proxy/Dockerfile @@ -0,0 +1,21 @@ +# Dockerfile +# Use the official Node.js image +FROM node:16.9.1 + +# Create and set the working directory inside the container +WORKDIR /usr/src/app + +# Copy package.json and package-lock.json (if available) +COPY package*.json ./ + +# Install dependencies +RUN npm install + +# Copy the rest of the application code +COPY . . + +# Expose the port on which the app runs +EXPOSE 3010 + +# Run the application +CMD ["node", "proxy_server.js"] diff --git a/inji-web-proxy/README.md b/inji-web-proxy/README.md new file mode 100644 index 00000000..45e06778 --- /dev/null +++ b/inji-web-proxy/README.md @@ -0,0 +1,20 @@ +### Inji Web Proxy + +Inji Web Proxy is express js application which is build to connect Backend Service From Inji Web to Avoid CORS issue. + + +### Environment Variables : + +> MIMOTO_HOST : Update the host url of the Mimoto with **/v1/mimoto** suffix + +> PORT : port in which proxy will run + +### Installation Steps : + +> npm i && node proxy_server.js + +### Usage : + +- Goto InjiWeb [api.ts](../inji-web/src/utils/api.ts) +- In order to avoid CORS, update the **mimotoHost** of Inji Web from Mimoto service url to Inji Web Proxy server url, so that it proxies and bypasses the CORS + - ref : https://localhost:3010 diff --git a/inji-web-proxy/package.json b/inji-web-proxy/package.json new file mode 100644 index 00000000..833e8f96 --- /dev/null +++ b/inji-web-proxy/package.json @@ -0,0 +1,20 @@ +{ + "name": "proxy-server", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "axios": "^1.6.8", + "body-parser": "^1.20.2", + "cors": "^2.8.5", + "dotenv": "^16.4.5", + "express": "^4.19.2", + "fs": "^0.0.1-security", + "path": "^0.12.7" + } +} diff --git a/inji-web-proxy/proxy_server.js b/inji-web-proxy/proxy_server.js new file mode 100644 index 00000000..ab1db6ed --- /dev/null +++ b/inji-web-proxy/proxy_server.js @@ -0,0 +1,53 @@ +const express = require('express'); +const cors = require('cors'); +const axios = require('axios'); +const bodyParser = require('body-parser'); +require('dotenv').config() + +const app = express(); +const PORT = process.env.PORT; + +app.use(express.json()); +app.use(cors()); +app.use(bodyParser.json()); +app.use(bodyParser.urlencoded({ extended: true })); + +app.all('*', async (req, res) => { + delete req.headers.host + delete req.headers.referer + + const API_URL = process.env.MIMOTO_HOST; + const PATH = req.url + try { + + let response = await axios({ + method: req.method, + responseType: PATH.indexOf("/download") === -1 ? "json" : "arraybuffer", + url: `${API_URL + PATH}`, + data: new URLSearchParams(req.body), + headers: req.headers + }); + + if(PATH.indexOf("/download") === -1){ + res.status(response.status).json(response.data); + } else { + res.setHeader('Access-Control-Allow-Origin', '*'); // Change '*' to specific origin if needed + res.setHeader('Access-Control-Allow-Methods', 'GET,OPTIONS,POST'); // Allow GET requests + res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization'); // Allow specific headers + res.set("Content-Type", "application/pdf"); + res.status(response.status).send(response.data); + } + + } catch (error) { + console.error("Error occurred: ", error); + if (error.response) { + res.status(error.response.status).json(error.response.data); + } else { + res.status(500).json({ error: error.message }); + } + } +}); + +app.listen(PORT, () => { + console.log(`Proxy server listening on port ${PORT}`); +}); diff --git a/inji-web/.env.production b/inji-web/.env.production deleted file mode 100644 index de74fa6a..00000000 --- a/inji-web/.env.production +++ /dev/null @@ -1,2 +0,0 @@ -#REACT_APP_ESIGNET_UI_URL= -#REACT_APP_MIMOTO_URL=/v1/mimoto \ No newline at end of file diff --git a/inji-web/Dockerfile b/inji-web/Dockerfile index 470b7fd1..4d85f197 100644 --- a/inji-web/Dockerfile +++ b/inji-web/Dockerfile @@ -9,11 +9,14 @@ ARG defaultTheme ARG defaultLang ARG defaultFavicon ARG defaultTitle +ARG MIMOTO_HOST ENV DEFAULT_THEME=$defaultTheme ENV DEFAULT_LANG=$defaultLang ENV DEFAULT_FAVICON=$defaultFavicon ENV DEFAULT_TITLE=$defaultTitle +ENV MIMOTO_HOST=$MIMOTO_HOST + # Copy package.json and package-lock.json to the working directory COPY package*.json ./ @@ -81,6 +84,7 @@ RUN chmod +x configure_start.sh RUN echo "DEFAULT_THEME=$DEFAULT_THEME" >> ${work_dir}/env.env \ && echo "DEFAULT_LANG=$DEFAULT_LANG" >> ${work_dir}/env.env \ + && echo "MIMOTO_HOST=$MIMOTO_HOST" >> ${work_dir}/env.env \ && echo "DEFAULT_FAVICON=$DEFAULT_FEVICON" >> ${work_dir}/env.env \ && echo "DEFAULT_TITLE=$DEFAULT_TITLE" >> ${work_dir}/env.env diff --git a/inji-web/Dockerfile.local b/inji-web/Dockerfile.local index f66f67c1..aeacd574 100644 --- a/inji-web/Dockerfile.local +++ b/inji-web/Dockerfile.local @@ -9,11 +9,13 @@ ARG defaultTheme ARG defaultLang ARG defaultFavicon ARG defaultTitle +ARG MIMOTO_HOST ENV DEFAULT_THEME=$defaultTheme ENV DEFAULT_LANG=$defaultLang ENV DEFAULT_FAVICON=$defaultFavicon ENV DEFAULT_TITLE=$defaultTitle +ENV MIMOTO_HOST=$MIMOTO_HOST # Copy package.json and package-lock.json to the working directory COPY package*.json ./ @@ -51,6 +53,7 @@ RUN echo "Generating env-config file" \ && echo "window._env_ = {" > ${work_dir}/env.config.js \ && echo "DEFAULT_THEME=\"$DEFAULT_THEME\"," >> ${work_dir}/env.config.js \ && echo "DEFAULT_LANG=\"$DEFAULT_LANG\"," >> ${work_dir}/env.config.js \ + && echo "MIMOTO_HOST=$MIMOTO_HOST" >> ${work_dir}/env.env \ && echo "DEFAULT_FAVICON=\"$DEFAULT_FAVICON\"," >> ${work_dir}/env.config.js \ && echo "DEFAULT_TITLE=\"$DEFAULT_TITLE\"" >> ${work_dir}/env.config.js \ && echo "}" >> ${work_dir}/env.config.js \ diff --git a/inji-web/public/env.config.js b/inji-web/public/env.config.js index 5df07653..72e92e39 100644 --- a/inji-web/public/env.config.js +++ b/inji-web/public/env.config.js @@ -3,5 +3,6 @@ window._env_ = { DEFAULT_THEME: "", DEFAULT_FAVICON: "favicon.ico", DEFAULT_TITLE: "Inji Web", - DEFAULT_FONT_URL: "https://fonts.googleapis.com/css?family=Inter" + DEFAULT_FONT_URL: "https://fonts.googleapis.com/css?family=Inter", + MIMOTO_HOST: "http://localhost:3010" }; diff --git a/inji-web/src/types/env.d.ts b/inji-web/src/types/env.d.ts index 326d3249..837aea9b 100644 --- a/inji-web/src/types/env.d.ts +++ b/inji-web/src/types/env.d.ts @@ -8,6 +8,7 @@ declare global { DEFAULT_FAVICON: string; DEFAULT_TITLE: string; DEFAULT_FONT_URL: string; + MIMOTO_HOST: string; } } } diff --git a/inji-web/src/utils/api.ts b/inji-web/src/utils/api.ts index 5de4b73f..b8dcd43b 100644 --- a/inji-web/src/utils/api.ts +++ b/inji-web/src/utils/api.ts @@ -14,7 +14,8 @@ export enum MethodType { export class api { // static mimotoHost = "http://localhost:3010"; - static mimotoHost = window.location.origin + "/v1/mimoto"; + // static mimotoHost = window.location.origin + "/v1/mimoto"; + static mimotoHost = window._env_.MIMOTO_HOST; static authorizationRedirectionUrl = window.location.origin + "/redirect"; @@ -50,7 +51,7 @@ export class api { methodType: MethodType.POST, headers: () => { return { - 'accept': 'application/json', + 'accept': 'application/pdf', 'Content-Type': 'application/x-www-form-urlencoded', 'Cache-Control': 'no-cache, no-store, must-revalidate' }