From 09ed4bf26434b39bca6594c848b17d69e9ae31e1 Mon Sep 17 00:00:00 2001 From: Vijay <94220135+vijay151096@users.noreply.github.com> Date: Mon, 28 Oct 2024 18:11:24 +0530 Subject: [PATCH 1/2] [INJIWEB-1025] : injiweb proxy to overcome the CORS issue while working locally Signed-off-by: Vijay <94220135+vijay151096@users.noreply.github.com> --- docker-compose/README.md | 54 ++++ docker-compose/certs/oidckeystore.p12 | Bin 0 -> 17816 bytes .../config/credential-template.html | 39 +++ .../config/mimoto-default.properties | 290 ++++++++++++++++++ .../config/mimoto-issuers-config.json | 129 ++++++++ .../config/mimoto-trusted-verifiers.json | 10 + docker-compose/docker-compose.yml | 55 ++++ docker-compose/nginx.conf | 12 + inji-web-proxy/.env | 2 + inji-web-proxy/.gitignore | 4 + inji-web-proxy/Dockerfile | 21 ++ inji-web-proxy/README.md | 20 ++ inji-web-proxy/package.json | 20 ++ inji-web-proxy/proxy_server.js | 53 ++++ inji-web/.env.production | 2 - inji-web/Dockerfile | 4 + inji-web/Dockerfile.local | 3 + inji-web/public/env.config.js | 3 +- inji-web/src/types/env.d.ts | 1 + inji-web/src/utils/api.ts | 5 +- 20 files changed, 722 insertions(+), 5 deletions(-) create mode 100644 docker-compose/README.md create mode 100644 docker-compose/certs/oidckeystore.p12 create mode 100644 docker-compose/config/credential-template.html create mode 100644 docker-compose/config/mimoto-default.properties create mode 100644 docker-compose/config/mimoto-issuers-config.json create mode 100644 docker-compose/config/mimoto-trusted-verifiers.json create mode 100644 docker-compose/docker-compose.yml create mode 100644 docker-compose/nginx.conf create mode 100644 inji-web-proxy/.env create mode 100644 inji-web-proxy/.gitignore create mode 100644 inji-web-proxy/Dockerfile create mode 100644 inji-web-proxy/README.md create mode 100644 inji-web-proxy/package.json create mode 100644 inji-web-proxy/proxy_server.js delete mode 100644 inji-web/.env.production diff --git a/docker-compose/README.md b/docker-compose/README.md new file mode 100644 index 00000000..f7802672 --- /dev/null +++ b/docker-compose/README.md @@ -0,0 +1,54 @@ +## Overview + +This is the docker-compose setup to run + +- **mimoto-service** which act as BFF for Inji mobile and backend for Inji web. +- **inji-web** and **inji-web-proxy** for frontend + +This is not for production use. + +## Building the inji-web-proxy image locally. + +> cd inji-web-proxy && docker build -t inji-web-proxy:local . + +## Building the inji-web image locally. + +> cd ../inji-web && docker build -f Dockerfile.local -t inji-web:local . + +## What is in the docker-compose folder? + +1. certs folder holds the p12 file which is being created as part of OIDC client onboarding. +2. "config" folder holds the mimoto system properties file, issuer configuration and credential template. +3. "docker-compose.yml" file with mimoto setup. + +## How to run this setup? + +1. Add Id providers as an issuer in mimoto-issuers-config.json + +2. Add verifiers clientId and redirect Uri in mimoto-trusted-verifiers.json for Online Sharing + +3. Start esignet services and update esignet host references in mimoto-default.properties and mimoto-issuers-config.json + +4. Start the data share services and update data share host references in mimoto-default.properties. data share service helm is available in the [Inji Web Helm](https://github.com/mosip/inji-web/tree/release-0.10.x/helm/inji-web) + +5. Create certs folder in the same directory and create OIDC client. Add key in oidckeystore.p12 and copy this file under certs folder. +Refer [here](https://docs.mosip.io/inji/inji-mobile-wallet/customization-overview/credential_providers) to create client +* Update client_id and client_alias as per onboarding in mimoto-issuers-config.json file. + +5. Start the docker-compose file + +> cd ../docker-compose && docker-compose up -d + +6. Stop the docker-compose file + +> cd ../docker-compose && docker-compose down + +7. Access Apis as + * http://localhost:8099/v1/mimoto/allProperties + * http://localhost:8099/v1/mimoto/issuers + * http://localhost:8099/v1/mimoto/issuers/Sunbird + * http://localhost:8099/v1/mimoto/issuers/Sunbird/well-known-proxy + + +Note: +- Replace mosipbox.public.url, mosip.api.public.url with your public accessible domain. For dev or local env [ngrok](https://ngrok.com/docs/getting-started/) is recommended. diff --git a/docker-compose/certs/oidckeystore.p12 b/docker-compose/certs/oidckeystore.p12 new file mode 100644 index 0000000000000000000000000000000000000000..99a07036fd006591d5b89c451d0c3a899f438310 GIT binary patch literal 17816 zcmbT-bCBoI*D(0DZF}1Iwr$&(wr$(CZQFKF+nBa(+r9I9clUYr-CEUFD!IwIxvBh- zRDE*J4Iof783Y&<5GcwA0Zkn$5&8lT3<;bcD9Qj9C`$7$OaTa_{QjT1C~v?5DKGwo zPXK{100`LsZ4?{~Fi3tNbORs|x(1;BUn9Wb0a5^}|2~8R;DJFs_%*eW9p-O=fItBO z;2@y>*Gqsvg98EZA)xg`C4fyp!GNj3kZ5D=AxL7v5f8`9{6c|30>A>H75s>T3Eewx z6j*_9Eq2`EzI<7{cmzr?-CP$=2929Ln15?Niw0*2U4Vj)>u@?7cFPS!bZ8fhS=9v; z2n71$OC7pMG|Meu@i`&Hhw>5QDnQ4Hgoe+Y94xA`54B;HmN4*z!Jj7)tlvH=GyIH% z@JBf$m52kOQs}P&na5BSEWM?(l06~FUo&V=GC=BJa=(wSC(Yz5;2R&!ta|L(*TTM3 zGz?-nRLqAq@2a%ajo2WQ2SbT=Qksri@&i2idrdx~m?T3MvSQw-GGOC%E$q&&adX5s z&kTdR`Lz8Ub4-gVI*S|$2@I)A2$QBuZrpu=3rJYoT4kQ$&|0Hq$_W8Ah4PG2^K|-StO7QH7goIS% z!zDEXi4urSO=wg%z?*&ZKEPeK((D@;vg?QNg0=riTkuQ}A*Yv-39q5E%0~frv{N&OV)$6h4`3tOn@Z%>@?Tj!39X zvjQKh#;}^m4)Mg&)?2BX_i)V2tE~_q7Qc(I8Vgo47c}a`RP~FW(W%~^HTCTQK?mPt zyhr0@kJvoONocKkPzEZpqt>gE4UcNM#s@dcPtP|pvGk7H5v0?E_f${K!cp;EoEQEt z6b%f;5l5bn^7n-wy5fw1V|MYxwMH-v;8BO^QMw&dJ$D`5B(>mdwCG$=J#-r#4yH}( z2}#Pyn!5V#t4;uM(P}KqNIfg@6rPEN8^<(Pr&ix z1fb$G%XQDm!KXykt)auAjq2}YBCov93&{h*)A2j3D#^yv_gu(9x{!-IPDBrO?xx8) zE}!9aFE!}n`(3|8{a8}DnoDt(5x*rH1bpOto)XA|#=dL!h=JqLIf4d#mfL=BoukE7 z?|?|-E^=x1+rayCy!$s0()&xlEkioxi<9yUUdbPo;hj4OF=yk#sL^nxr@@}_4pcNC z)7Nd;iql=6$;p$EG`vN4>4mWXK8y`%T(yl>p%Y4Ja4CM{T9o*S$*f6Gwq*meip zXm%kL+H=mr(^`47Y;n?6gI*7mx#OrNqtmj!V+q?Pgsnj*cs~He=JWzD;>KBjxx>&K zlCO0X!N}WqV@tSWL$2yzgjg6YevN&(2NRchu=I~{l86m)VLvLCL77FdD}p6GT@2_8 zqN`v>>VYjtY_zn0m4M8MM7wlImtyQN2xTRBY1o}%6l=NQ^e;OpjAC?|KgS|$h)&H3 ze8#Zp^in84{JV9Y9BHK&zs#s^4wCmfDKme(n8;G@l&3d&kOcfDmwETDaQmyD3ZHMHZza%srlQn(yNU7s6^Tk-dc_BXKBoy~0^9s?moR;5bkfb1~yORJ) z9PIHeVOY;KF~@f8>o1cZ%;irY!H{GJb#3sBQ}DTM0U046{(Uvfilk~ zqtYXtZ}o9WboFyd#;}53!N5kX1_gZgd0^d+9z#Q#bx1yl`;{wYEf!{+Ec`4HC~H$e z?XRBcjmf?(1eIF%HUiCY=Yi|qZR&KjV2MYWbxuOH1VOzt0;sYhJ_OE07cnz_?J-L~^b>*YUC@*s8vroE z@IhAwR5IU-<3^4S++uXjnm`>O5B`Va?of-!pX2(^9@Xz!<2_a!s7Pqwr0Ye#wDtle z-j7a`GlxsPC?-sp))REsQN|#wBxxcrSH{YKzh~2C26)2*_OD>vG$)kCre{U8spPgy z5qxQck|b-F6u@rUaE)7DoVvYVf`!?Uw?ruW7qv>r+L-%D#Uk1k_>60Ehm`({O)r+vb(6RWxr&qT+;q9WH0+8rXGhVj zL=F&nr1Ny><`@-5wJ)yn+FTsj0KrVzqYwajX(-h?$e#k)kr5Qc)K5@>w5O1@2u?&v z53`)+jW*gw~fgn5Hn)#Mbg%0U8~I@5x=Nq^XEjx}LB7IsA+dfH;536GeVH(Zk4{FAlKjq6%`-f$)1Z1snwN68+iJk;vcZm)=%?DzOao_$&*+3PJ$Ear>Vv&^YbL&X>OZD)1m&#fc1gd5=0qr7X~rwd z%xaN{+C--eq_K+pr3*9zXd_XeeW2sethc*a=vr(htYk{)ax;!~9ZU(!|HQT@Q-g`$ z&>C2;>r_*=vyejNA8`D(;E;yC14R`5#lJZ`lG-q!vV_YPE=Zb^97g*c*PXxFD~4nj zLKuncsY;y-d*Litu@L*ofJ>!v3yO2Fsw+oF3t@#W2;+WpQ@q!mlESbBei~PdG{4!&GxP9yS#!@iNX`_UfB$Lc z)Y~G8`yrZYC#9^?FwVyIhW}oHf=A-7Zj!8RPT;wL({h#=z*P*OgD^d|W&Oybl(2Dc z1#D$9mf=GAEQC_4cfS~S+si+ua3@xz4hH}7hNjuAI?* zOWkZx(raZT2fVTOBRZ22V)=HD0yz%B9jiA3NpNFxHnru3IZa_SdIwrILM113lHA9e z=1!d1Lbv%W!rs1yIbkx{p<<9B#p1|P~E_{JQC=Gfs6j!)q(tJzoH9`#w4 z-B%ZrN@!fHIBUl_xOM7|a(%7OLn3#H4(`m(mn0fgw5{n!La(z)iq?g`qSR(gsD-PN z)A~2(9uX>|_tTJ;`FWv@WgYkynPmn8FG04feHiK_su-Kq)^Y<50cJScq%DvRaig83 zbD&H>t9T=8Cnin%CR)T$r1kp5Xis=>1R5ZsiJDAMdBH(cF?%W3Ijy`gk{f!!$g7Oe&Y>__IQv)Hu0Qo)(=*J*r{cPWWqfuSP{_lHMo9gybN z105;EAS{ZSpoKyQKd1OGscP|ndD2$Zdoxv5qheT@XQ3*eOT38V86_av*%TE&ko~y;>E#DJ4$-Q-vpU0#G2dSSZKcm8K9a%o{UVsxck%8SwNy)AQz2G-7Dy$vET_k zqR<}OY}jhh8Xv9fM>^{IHNh5(0X`hPK;~ZM z=Nk_b<5vBs8%|*$Mjl`YheQRK?uI)- zuYQ|l@pB4aOUjs)XA(3SJwJ(volSs&erOOm3u|d%DjI(4I$mu?k+9gnTr)m2fFK;Xkv0?HgSRPJvWw72mq znI6*6QDA%@V_pfs;OT8V2GvEYF-V4&b?6n(dx{}fxtOzWxi<#NOj)~$j#2RA3p(p; z^{8C5G6lTFD|U+sl{(Ru+*jPE3mv5%2Wn+J#sdh;cX^jEtIk%Q4@*CFa&ed(yYNQN zRT^)xxhMe;7H;Jh7_8vFs?2Wz&Eg$wP1=ZnPEfJaf*McW&#QJSL0Nkb;;{SjGcEpk zK+S>j&GnXZ%lww#r04H923^ql$lPvoTA1J>_t*CfTan zQy+{2y}NE9OV%Ew`^M1QwZDYPp7@A}mnRvN?~9=3x`a)qtDH#svGm;kZTYT;s*KZr~7I@*AQA~nw3LMx4vL^5gS09=jEpG2?_0ACbb=Hoa zoxHdeMLJ?)<;V10T>#~qorvspp$VmH_tFJ%CvT^HyER+SYrUt;($u=KJEoF*IPjth za^iZ zxJ8PnOY$Y!2Oy7W@` znOA45Nzc(I8oh}Me*@8jD15&DS54#zOsfswC1V&!jSDSbAJ?gm?bKXTz zR^<))Du{rIW}m=Y@I>BNRj`diA9>)BQ7N90c_xj}xpwy&-3>F3_^TgpsMMR_3$w>1 z8Wtw(qk9Ywne^iP&vtWJJ)(M-D>p~(*vZ`+VB7-tY4_WN1U>xj!*Pt!5WxFiT>D2z z00I3!E;{{Vq1pccXjs(HYUeP*f~zOo$lS8JPeq zEKHm%9Gp!5;K=y@3ywIDwEAU3DzpS6oJWf=g}+LhBTxRnz;V%VlA1Mcp2=iVjo^`K z=J7vpgl&UqNqOOG;K$2Yk0w5@UE)Zp_#i@U)j}?Ff$KQ7=i2Gw?k#dJ@Lu2BX zx74X0Wnv~$vvR%+Aj>ST8Ceo0U{MqHkw>AYYlpaIApuwapzVR63QbdHLB_dBF9!<~ zC&@;2NTO5ZzyYP9&MYtJ(!KDpY>Mcar6*S6%9o)N=T=SMx%<8OM<|s7*F2B(je>a` zrMj)+3`QW)2K|ZoTPN$}8r*i#nSTexrG!Oel+1D!lAtJ(0pdrmsx5aU2G;2q)Z{{e z#AvWmGZA7&|2!D6>-RM>JA$y;zyWm%ZB)3Ikz2fa;r-7wG;O+ z$@QF^61#9Ixa59rHR2V*;ozztDB0*2(Kv-L8jJ$)`TddUTWC(>0|+%gCA{V7`W0JR zcO3nw;N2KBx;_`9g@l3GHgdOuj>xpZ0U8<-RKvm!>QOPK+>#_UeS(o^f?#Wz9Y_5Z z-F4HpenSGGRBGqh6sd;+EBPLq-W7*+@_Tt!AaI|+72)?{WEx<3)ti}_LWH_OS*AT! z3c|cY4`{T1iXSLqP>t|-5EZJ(%@?6WN~Q}G`o62UbbZQ(3R;A;@$XjjpcDEiSB3l2 zrU4!vM$WgZHk6I*pibO*qVHUL9GBQdDLeCFcI~=qfy(%q_Sthgrk+3uuN^yw?JWa}9euIa>m!%SD|=#fH)| zxEC;OWBWZmROU{)5aZ=D-nAcjU;ZHLlX(!Xx{0_yM!_JGJiU~##qkTSdoJ8FzX=q{ z7tNg=>n*!{-y)hDUfUa`5M zq{;Jce>Y0lO_lRfYx`%EQ^%2iWuV+#$xsf)Q;i;fy9{KOT9HniQd$BwXf!R?@a-Cm zU}hd`3)_+seYQJFkx#v)I_~lJ8CV-Qs(d6MK*JwS70Luob{P8?M13)M(-Hvq(k>8?_v zyyddMd5=$?|J-4n^F)I==J<i`yvZ~+Ee@CEb=l!xuhWA_eGGjuq4!<@S04P*2(XTADii*aiUlkMOnz=6WXTN%q zl1YT%{g7R`D;;U(uSrCe1ihAEZ4288yy~B8l zPry*j#bqvMSeRys1G&;OB2n@&F8!*q@S7FM@D}ki9)DwzGSR{do9zC6P|0JjdI=w> z9za{m(VlRDgHyQ<9E--j5oI9^auLDL+%C?N@#{P^h#vO>YCVT0!(9;`STYSJ9&PSl z`=s`SfEe#gAGD7`A}9M>be=nbyKyscdk>a*OpEXWkSGdl;-xK*QhUl@HFShj=x;kF zp1~4B(2?8=iZ6P-vIHGm-bpISc`04A?3(E^?S;*Co_eS+B3QV0=#fOZ+L^F&U>;}V z8O(>OvEs^-9f7hRxyz3Qv%r1E!??a!xEd8~cjo>`3E9zvotB*^QH)%a&<~Sn;rFIG zgxcWoJ}a>PTB6cf`%R%~^Y#JG&rDF9IEGKdk?5Qj)X^>skY_eD@QH^J^49mBRatFz zPic-3O6P5er!o8LF$nrL{QF1d8YOyCZG#bO?QbF>iqZNl*-1-{-SY6EbEC6u^8wcI z{tzXqU&$)Bz^>@k6_ao`BC*P3=1ERMc{!?3*nMm1$NI>HR4U!>1|Ael#aD;Xl0pxm z>cw?PPgh>vbI`H?i!Pgw&yH2FzXp_?DDI4_W*W|+%`Hcb^%z2AqE5MG^C4`LS=OjY zNgwVgBr6*7y_DZ)PMj#+6qh4A9xBG!Fz|_p9GAs>G@;ovL_Y{gwTM^o>)bwxP_w{F z*#N&@kSpix+5(mCj=m6&gi#}KzKU$lCKV1yK@*6QGJP?%nEKcKgriB(VY`qbd#6^&3B*luqYl>nr418*J?wntz4WdEzF zLK(=PIe8a+EZusWd}$r98d%?9&xq*nRTogBdc-QIbjAQOvK_EL?9#9&9r`g0OI{%G z;)dFdLvhq9x_0fS0nK@F++VcB}`gNEiFqt}dnq^ZgL=qw3bFuh{4Z8sv70pfq%oXRRBzjnN5T znddm$jstFQ82vmi^WHkrQA$HM_(~D&S(ZYM%5)kFpphdh zC$c;yTD3O=kI)Un3rCDl2JsBrubtQkSIMu5nW9;7U6dG_d;CwH(Fn-u9~zzi2P>WbA<`De?Ee;xoSd8hz`qUCf6yrS{|k)? zk_N1V2gV(o4U)#*A#1NryWzo4;}=IX$oP#EC1b%cQ}+#T{CG_nLeBrIM{9pK3# zw2(#YusnbVZJq6nXxGV^?ig8ENhT|D64x$jfFgt3Z@05?@KykQA~g{Bwe5MaEjFwe zGojof0xPDMJ7=%EAq(QFP?$|uasLr4U~+fe-%87zc{R0(a?=Tk!w|i|#@j^od7K5} zV6|};3-rqP3dKO8>!;`pkBSNM;Jvdh@H%IbUM(sXsO4DugkP5DlINSqS9|f=SU)a9;L++3la8Wtr&ACFshFUKN`@DXviJta`3X*)B-rLGP9(piQ=2k|Q z_%>f-&iwN4$>HSV>q@VJ7L%poFDNl+9G@XysVu|+Gx9G|Q;8ZCzM39M8OeEfCv`R& zpQ#H+;-<;1k@#S=0}hFQ5Bd4X?fmee0=wgkbgWWJ0_57JlTE3TVxA`56Oa|QKD$I@ zCI%IV#Je>5uq>20Z?Hj_MN%64V!UVK3;UpZH4K{odK97+%+W$7%3~5@Vk`+jeE6A5 zGLG}6!!dCyU>v%fjf2T8?S<+Bw`ALp2Y42GySa2Gt{zAKRG>Z1(*AKPwNnyX%ZO$7!2dK;k~UKTR?8ZA$AWL8+A+5k}}gyc)$aylH6WRKX@I*^Y~Fs)_;?-7(`R zF#f5@C)n(HYpk836mqN> z%3x15mcKm5S)hVp&vgJ`a#yT?u1p~Y%`}t#(P8{6EdM005uX)Te~7Q=N6DYQsMUNo z%=L;x{M(1GeWV&E1+M%oGWhKaiZ-Ip?$qv@2qPc}ofF6wt>pG{_s{!qNu3*UAaEw&%O$Q_SVTGe_$B zYD!dZE>i=@&UE^A?wB&6A_{GSc~`k>^hCiqt_TWcj0FfsOwaXp@wg!o?l{=5JCCu< zeGC)>(6sBy(ciF4=adW(DLjm>+Kdf81}keVd2Q28U(3wg0`IT}hk9_-r02OjloviD zm$RtqsA;ry7ZTK0SqV1-$H=jnuKC&qvru1G6SMi1!V$iiE!5&>B!6_D-qECl%TK+e z2-g~H230&@do-vQ!U^U5iY27)1BN=^NDeiYcfLB-nTP@r?8ubTao;cLoG-k2{GqVY zYUYHyp>KxBfAEdo-aywVR%R2kF=u>QIFAXdyKA%Gcli|J6xbw(z!7|?#Z6U9&=Ac9 z$GjP~v|NW35RmL3Mus@Z<2lKnR#>nTM(#D{pyO|xL}-J4o;*E@7GgM*c08BKvKivy z^J_X9JWs1{4o%^&q<1#?)1-m7mb<3!Zt<(_#LMi5&q($#R)-Ng{yUBxmg+#QY@Ha`(^K85s1%-inXjRhNU)5WW=0F8OzYm*}Jnk z?~WMV+}HJKSC)f%^3kRFnNsT)JSK1^y)0%Nz&6I0XvZj8JXkdmLzR`cM9~ zg9uaj^z{Z+CDel2j<~{?PAcH*)#!WrXe%cE)6fSRj?4f%lc3}dw)mIho@#-!dazaR z!oWxc$Bi<`Rp?DKzV&w|b}cuC4t}r_b}sm6u8(jt=tKB(nE~d5>}?uk(8C6QX5Y36 zvdb+$K@++^LS@7p5TfXBlU23BqStA3B58xx^+5q2N9B}pg3B?bHVrZNFDdG)F7Tuy z)sP|zU%ctVz-VTTi&b!j{D_`%q3kC}PD-<%5}W=)>IFS<4L=>IwaX=cjJ_{I(9~*Y z(a4T^)q~>FGAv1n>93`75Vmr{Wp+&472VMZ7WyxuUwZNlHEu-{Ls)pJy%cvPS?;+e z41n#0qzs(!`G^#~!_$46b6?06tqkvSIu-A%7F zgG4!bqAVU3^Z~O{6f79xZh0k!9mQO5K8h30jGe;#Cp*rZ=>@HreSTC#vW&J5YGk9! zwv-aWkGPD|?py9xvSo;O7pJO`M}48yG2&(AT8*F5L|E>L5qP8Gg={tve}g%qP-z@>B#HL?%%sFwn2)cEL{B;nJ%W39=wR3*ni%$UQ7sxCFV2RDhI!? zLta`U1(W4TqdT{nv06u4W#-Gzibx*;s9e}ww$k7)dzq2q>!~j=)%MwYIAB^T>hXdO zduVY8AZE}Hi#$u7E`N>HX^W8U59b=yxcYHFRSUj>*Hbx_kGjM(m4C((t+*w*PpOb> zaPf-;B7fQ8yrJI2aQLf^)9I7V4W0V&Qr#UuNPBhhbKL_4KemP`C#IiqM%8Ta4M!S6U!Z- z8MAEa3fT5<_BEkJVu@$~* z++?y_gu2lV5bA^=F`~ebDy(|2987wK%>%vZ)3XX~U9sE8F^{o3?OMMi{eRA=1}OCk z>hmT3VpW29(qV8V>y-l1mS|CSdT{k$hLlLhCGhl_gm8CNgPy>E-N$&1TP9;fmtBM* z1q}o_;!DP{kyxKrovf9hYG%2!-WH!hwTz@gzZVP?A3SBvXxrNDL0k8`tNDN%ttm#t z6{e=V@K#9N6lz~bT@T?4+RnkwSal~ltq3n1wwxUQ#(Ne!C^`kT;j;>XULt{pbs`{x zI&$^IUG5}u=1577k8x~d`8o{*iUI!qQe;}Z5DzjarMh(V<=i^=om@D#zRDL)hpx}X zo47*rh*QlQN#b?JyZ%lOqKjJGgPajAAy2q^e2e!Lqla~4n1WE?Q?Evk?;eW}xL(W7 zlPFJOS18}*ac#bC`OQ9&7xIzsDSLP52k09(MW%JQ?{BG#X1FJfC*a1ee-`JN`<>(| zoZZqx^tkZl{qp;Ux2J{R13Z}K-BxGn;Q0?VKP??4f>8x=_J@Cpj<~(i);{-q$)rFe z4L@}H{z+a;bD9Kg5$4gDx*^4!@GXWrI2yKWKFk%keDiI@G#Ov0&hziyaDu-+&8N*y zsLGl+MyVcjULb684sU>{A?(*H9SY3pc|!9G0W6)jlh;FwUnw4!o*Y9+qX)&+soVU) zzC*)x7y(1Ui-fitk^SP5A0VM%Cbi$={UiF)d#iY!Xm8AcM%A_d4kkyqZ639kOgF)UPim^H&S7B`XD$rgD~E=|*a zq{?VEadc9fK5{ zD{_4`YONQIn)|G<9dA_h=JPaWl3{DNi1nUH`fy<71TRua1;n;$4ui~hjLdY7}vV2ZoV>Y@kcXfMdeweY6vthCQ&UNdthIS zRdH|vQOs7vv#i|UQL)*!ZY7eGbW;@c+-;T1w@y-1s4=KtR4;-Pu-YfKmORIrE+qcQ z@OQA|7*!!GE)EvZ%gCl8)Mea@=E|C0vSyBTa$eOBgjW#ILem>mmb6+A$#3O!ra}?P zu9rk9lgVn6Y9r2#mHzOMeQ6fRD}0@Af%^v(OhD_1T|+_fWX(pO)tVb^;gT(XSS= zRRfhv0fRcMJsVjM{?SIr;LV_ z`vNc}7hBnF_l*+Jt(5E+5a=6wXm)hSf{J_;c+=O$#7BiEl5zJtq<>1nQ5Ze@l zD?~lF)e#z&6GsTE_Hplqb#3#)^+LzAB<$Qe8t$eN{L^}6xL)7*zBKPA&Mzu3akJiVwskHliL|MR* zUdS|2j2%C;PS=GGReqaKtn+3n7&e=r(X7*3V?(1A9K4LT_f7}zAsG=UMda$WHT_Ls zMLn>Ee`IrL<2|<6z<7pX)=sw)Ig?hf;C1wBO*@x$6N%Wp2+Z%pq5q~@YCL~*v{D3H z_%t8zWX~P(Z=QRfH`N)NnUkKaFT6X&J3V`Mh`XouutV1QT|t*2u#zvPVELF&6&z=; zdtLjO$t@RIRYbqmmV+8kp_8cb#iPURL1N!WZq!s`<@C&YI8< zg43q#eIJRq6)_vOKSx!DIlwrM%JkMluG>1$U=ONZ6+^2KCmJx#1{=HGyi9@-YjSxh z(iRdEC<;tpSb{A-DU==TrStG0t8D9quxX63*c@nnpB1e+k1O;3&N?kNs`M(8#XKuW z*&}1F63F0gd@nC?LUm&^FCm!u3cD#yMJhF$716r$Z?0QAgk@ZC^OT1FR-VDkjRW%v zKTbO>BIBW!g&Z%uhj<#P*;Wd|&2z09V?nA?`TCPxM_S|RYY<6EoTgX~B;{+Gi5<>( zsWx9z^R-V@?j+_}!=paYOnaf|cW^i6p!K&iQdXD?6Zu&tfhgBU?1ND$EZecOo^UEg-QU zXK$HCw~H^Io;GRvj-6CPdW`seys8AgOHNhU-1ez|6XsbPw=scsRQU)A?gePE;`A}I zN`-?|p2V&FHZFg>SX}paVIu8;Ce?&{ex>|jh zvF5;PX%n=&dcXiL@~S3ra{hJfWn?hmRw^XEte4|Zq;J0GJnkXx_G1k5KHCN zVw7}N;xuq~06)~T;CvA%T<;kb?tUo^#q$tIN1S zZ=4o!nv`Wb>V*E|ron@5QL=|do7tVx?<>Gk8!~a?Ptz-IzaqN-gA!>b83J~fD~ABX z#J~c2!wZ%CtEEIL$fqzTQNwsXmVOO*8+sZ+6Jyq{@~kq$eelo8R?HhUl$GImVA5_V z9}S+aE^Fh^Itq@6Fp{gKPhE@MZ*`AIn={z<(VU(PVF9Y83&TmL;DoXaZaS0D5%08%=>n)bY*n|uqU#}yRSf5_4qp+L_-#pB;B~WIp*wLpD1T~ut zr8`c12>IGEYnr3FFX}S|cMKLsrsa(7FdF=@^hN9=HaL1#Gn=RJWC*vAE~a{Q7&iz~ zcw&;PK_rF|Bww2k#C9H?%(L;1vao5HoY;yZ=;lWcD(VF^$R)kw-HZ%dg~}YyWRdVhcG26|*VPiqw`m|( z#drOM_0euV$S|Q26Oy`%&7STIH$1Yc)%lQU292K27BQI6Ka{5BuxfLVAp(er*aLAh z>S*c&IL)OyawfW+e`4ryRoyyK;+hM7q;V^733)DCQTL>NEz)3ldib2h?;V>f6+~LW z%Lkv9un33KR84UaTIyw}^J{`77z{2x1Jy3)q}X8<*#`$pszEpF@sQSrhvpr;mriwI zV(p?`+S$2r8B@f5yd_P?-y|@59F>pob$zLmwEXP*vqm$vZBL${4})JD6fKo>Um55_ zHF__ZoEBOqATjwlz0`?o!9{4m7Q=!45yTMGr%4Tx!}I}fowF3z=MVs1E13RU_wPRi zGgyHS>$V>?&&K4#b1ihr;zoEJ$8kY8@*SI}qpOghdsA=Ejijf8cDM+6_1?kZflGq5FmH6HQVpHzb zM6+RXQ7Q8LbZ|s|HU4<|uI$SA1l&H@75wt+v5A_-m5KK}Y8=s*_W-qeWl|-ZLD%$u zZ=i@*OjQ{Lh&(K%jWLvUO8e_FVVN-kIO>UNXkZWWQ- zg?NT;d|cBI^ue9;U`L@n!RlsBJC+wt?O-qJN@Z;^&^ji4vW7+dOW65K-z1tT^Km|o zyTfJUP4$g71%Ej!c)O?fM#SGob*8rHmb2cPkkU|bYTr)4bq)v>LSmfS33S!MnXPu3 zrBvNqGC#cmq4^3pKf;R*^g??M3pF`*$f(|jZ~qw_c;^wakMu3c51d3Q>R{bd*NDAT z!r-Npy8D=NI#A|?0*Y+W!$97*1Fj|LZy#i|+k(Z2{!$JLS zkwDcc;vN|yq(`Sfs|1b2QI}JC;oHUeR1uEb(UZV*&BH82SYBpqH|+vr(##16bXisY z4s5%PI_>!F%k%Sjd$ELu6iSJct`ZT_e%nK%5rKCs7o$BXL%g7gU+Lm4f-t zrtuaWI%hHAB@mdaOe28eSFpB_^w;Ao#!q?vZGi=w16czWKO;goke>s~M7^T*UvkC!!81 zoXeyv`1>^0< zTFC)!#q#hSN)bW*PY&zF@*b0>Q%f}jS|`WMDM7Xq=@2Rek$S4Etrl_3etPoAQVfJL zNv9;He2N6|byCW)RRm1=nUMH&{F(9@u-bsL(#`L^Ji3RZB9w@4^aP*|!`-1Rd zAl>Sj6;7QII)+z$N>F$XMhA_l>QE`F_{oe);$#CJ*1yTyk#m=NO+;9dHmTIFDYKe& zZf|FN6P>Y}Ub^OA9*VpJKj~20iw)NNQSj-^x{|}uoyoif!H*EbuAE>IBMQyPD9QDB z-rGa~)@`H_l{vS)*irg~_$hQK^=Omybp64q76pK?cn_;>jbs}&w*-W3yB<>3Kz%5rgK<(iu!(G^x0m=XHQ>Q3>kEl2tV*qcfXoU0bgK@5$Xmr!{;5bziaSWj<;ZQ;go|PQ?iE)pe5s@2 zN6sQ=RJ@hB%x*3)ymjGrv|4l>`t!3o1){*+RVO@3p!0qU= zW%LVLm%1#2)-My9t)ozv$zDRgTY*IaCC{WNkUdWqbuLcnaR=@$)mlyhIi5z|WCb0R= zG$NiCJsVcA^vUlEYSWBpzL(sciR@A&896PV!~K$#99^4~V!dVNaQ~rwJfd*#wB_VN z6b^%-84#8-26P}a=jV5(yh0rd)QetB4IEs;!0N)U>ECrwztEN@z@FL~XPq+YPpdQ% zCpCmX9_=ZWscV2ra|RLHIvN1m_4RMA+rwO+)?7^!eQxMjdz$INBrya|QKXOr=@uqZ zip^#!N}d&cUgK)YSS6}eoGtdhULllVNVLZqkV{k3Dl0B5Q?EBzwEAB&hO7ONTpO)I zoC(xDySiBMJRYi&9_m$g`dVDGM-?(mVE2U)a$0EK$unXeu8~2nUro+8*cerXc0k>* zT_mo5SqmFuB0ZO+{VxF%1MK|B*ns_J&N4!cl(r*R6SYvd!5EkA;JzRC^T0{27hMOe zY6wwZ2zO)t3FKmSPt?|*%|n^G>uN1f+n-bpG{QO#=9=l8O-sW9LYBUpL951;Rfzjk zzJbY~Ix09yyQ`5PRLqN*LSFRe4sSKR3=+nE(-R1Yg1(W(*;G%n$2P<6Y*WkZ*|ti| z$YEJ;(XV^26}M%y-GLJAd7jeL5bE$gSSL6F3;CR&wQM;^sXYUe~$w%p&L^F9{z+rQV>9{tD9XK<@>LEtBVB z3nN_<4_yg>)m;_QufyV$np_|rZ-0hiFBO)j76+_049Ye>J*Z^xYeI-~FJN_#Mxk(9 zuDpqdYr& + + + + $titleName + + +
+
+ $titleName +
+
+
+ #if (!$face) +
+ Logo +
+ #else + Logo + #end +
+ Logo +
+
+
+ #foreach($entry in $rowProperties.entrySet()) + #if($entry.value) +
+
$entry.key
+
$entry.value
+
+ #end + #end +
+
+ QR Code +
+ + diff --git a/docker-compose/config/mimoto-default.properties b/docker-compose/config/mimoto-default.properties new file mode 100644 index 00000000..deffd6d6 --- /dev/null +++ b/docker-compose/config/mimoto-default.properties @@ -0,0 +1,290 @@ +server.port=8099 +server.servlet.context-path=/v1/mimoto +health.config.enabled=false +mosip.service.end-points=/**/* + +mosipbox.public.url=http://localhost:${server.port} +mosip.api.public.url=http://localhost:${server.port} +mosip.resident.url=https://api.collab.mosip.net/v1/resident +mosip.esignet.host=https://esignet.collab.mosip.net +keycloak.external.url=https://iam.collab.mosip.net/ +mosip.kernel.authmanager.url=http://authmanager.kernel/ +mosip.websub.url=http://websub.websub/ + +# START inji-default.properties + +mosip.inji.allowedAuthType=demo,otp,bio-Finger,bio-Iris,bio-Face +mosip.inji.allowedEkycAuthType=demo,otp,bio-Finger,bio-Iris,bio-Face +mosip.inji.allowedInternalAuthType=otp,bio-Finger,bio-Iris,bio-Face +mosip.inji.faceSdkModelUrl=https://api.collab.mosip.net/inji +# maximum number of retry for downloading vc +mosip.inji.vcDownloadMaxRetry=10 +# pool interval in milli seconds +mosip.inji.vcDownloadPoolInterval=6000 +# validate binding audience url to be sent in token +mosip.inji.audience=ida-binding +# issuer to be sent in token +mosip.inji.issuer=residentapp +# warning screen domain name +mosip.inji.warningDomainName=${mosip.api.public.url} +#timeout for vc download api via openid4vci flow in milliseconds +mosip.inji.openId4VCIDownloadVCTimeout=30000 +# inji documentation url +mosip.inji.aboutInjiUrl=https://docs.mosip.io/inji/inji-mobile-wallet/overview +# minimum storage space required for making audit entry in MB +mosip.inji.minStorageRequiredForAuditEntry=2 +# minimum storage space required for downloading / receiving vc in MB +mosip.inji.minStorageRequired=2 + +# END inji-default.properties + + +# START bootstrap.properties + +spring.cloud.config.uri=http://nginx/ +spring.cloud.config.name=mimoto,inji +spring.application.name=mimoto + +#config.server.file.storage.uri=https://raw.githubusercontent.com/mosip/mosip-config/collab1/ +config.server.file.storage.uri=http://nginx/ + +management.endpoint.health.show-details=always +management.endpoints.web.exposure.include=info,health,refresh + +openapi.info.title=${spring.application.name} +openapi.info.description=${spring.application.name} +openapi.info.version=1.0 +openapi.info.license.name=Mosip +openapi.info.license.url=https://docs.mosip.io/platform/license +openapi.service.servers[0].url=${mosip.api.public.url}${server.servlet.context-path} +openapi.service.servers[0].description=${spring.application.name} +openapi.group.name=${openapi.info.title} +openapi.group.paths[0]=/** +springdoc.swagger-ui.disable-swagger-default-url=true +springdoc.swagger-ui.tagsSorter=alpha +springdoc.swagger-ui.operationsSorter=alpha + +# END bootstrap.properties + +# MOSIP + +public.url=${mosip.api.public.url}/v1/mimoto +mosip.resident.base.url=${mosip.resident.url}/resident/v1 +idp.binding.base.url=https://${mosip.esignet.host}/v1/esignet/binding +mosip.iam.adapter.disable-self-token-rest-template=true + +RESIDENT_OTP=${mosip.resident.base.url}/req/otp +RESIDENT_CREDENTIAL_REQUEST=${mosip.resident.base.url}/req/credential +RESIDENT_CREDENTIAL_REQUEST_STATUS=${RESIDENT_CREDENTIAL_REQUEST}/status +RESIDENT_VID=${mosip.resident.base.url}/vid +RESIDENT_AUTH_LOCK=${mosip.resident.base.url}/req/auth-lock +RESIDENT_AUTH_UNLOCK=${mosip.resident.base.url}/req/auth-unlock +RESIDENT_INDIVIDUALID_OTP=${mosip.resident.base.url}/individualId/otp +RESIDENT_AID_GET_INDIVIDUALID=${mosip.resident.base.url}/aid/status +BINDING_OTP=${idp.binding.base.url}/binding-otp +WALLET_BINDING=${idp.binding.base.url}/wallet-binding + + +# Resident App +credential.template=template.json +credential.sample=sample_credential.json +credential.data.path=data +safetynet.api.key= +safetynet.api.url=https://www.googleapis.com/androidcheck/v1/attestations/verify?key=${safetynet.api.key} + +registration.processor.print.textfile=registration-processor-print-text-file.json + +# Websub +mosip.event.hubUrl=${mosip.websub.url}/hub/ +mosip.event.hub.subUrl=${mosip.event.hubUrl} +mosip.event.hub.pubUrl=${mosip.event.hubUrl} + + +# MOSIP partner +mosip.partner.id=mpartner-default-mobile +mosip.event.callBackUrl=${public.url}/credentialshare/callback/notify +mosip.event.topic=${mosip.partner.id}/CREDENTIAL_ISSUED +mosip.event.secret=Kslk30SNF2AChs2 + + +mosip.partner.crypto.p12.filename=keystore.p12 +mosip.partner.crypto.p12.password=1234cryptopwd +mosip.partner.crypto.p12.alias=partner +mosip.partner.encryption.key=${mosip.partner.crypto.p12.password} +mosip.partner.prependThumbprint=true + + +mosip.datashare.partner.id=mpartner-default-resident +mosip.datashare.policy.id=mpolicy-default-resident + + +csrf.disabled=true +# Delayed websub subscription. Default is 5 seconds in ms. +mosip.event.delay-millisecs=5000 +# Websub re-subscription workaround for losing subscribed topic when MOSIP websub update or restart. Default is 5 minutes in ms. +websub-resubscription-delay-millisecs=86400000 + +#-------------TOKEN GENERATION---------------- +#Token generation request id +token.request.id=io.mosip.registration.processor +#Token generation app id +token.request.appid=regproc +#Token generation username +token.request.username=registrationprocessor +#Token generation password +token.request.password=abc123 +#Token generation version +token.request.version=1.0 +#Token generation Client Id +token.request.clientId=mosip-regproc-client +#Token generation secret key +token.request.secretKey=abc123 +#Token generation issuer url +token.request.issuerUrl=${keycloak.internal.url}/auth/realms/mosip + +#Audit Service +AUDIT=${mosip.kernel.auditmanager.url}/v1/auditmanager/audits +AUDIT_URL=${mosip.kernel.auditmanager.url}/v1/auditmanager/audits +KEYBASEDTOKENAPI=${mosip.kernel.authmanager.url}/v1/authmanager/authenticate/clientidsecretkey + +#Master Data Services +# MASTER=http://kernel-masterdata-service/v1/masterdata +MASTER=${mosip.kernel.masterdata.url}/v1/masterdata +TEMPLATES=${MASTER}/templates + +#Packet receiver application version +mosip.print.application.version=1.0 +#Request Date Time format +mosip.print.datetime.pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' + + +#-------------Printing Service-------------------- +mosip.print.service.id=mosip.print + +#Audit request id +mosip.print.audit.id=mosip.applicanttype.getApplicantType +mosip.country.code=MOR + +#Kernel Crypto signature +registration.processor.signature.isEnabled=true + +# Language Supported By Platform - ISO +mosip.supported-languages=eng,ara,fra + +mosip.template-language=eng +mosip.optional-languages=fra,ara +mosip.mandatory-languages=eng + +# mosip.primary-language=eng +# mosip.secondary-language=ara + +#----------------------- CBEFF Util-------------------------------------------------- +# Cbeff URL where the files will be stored in git, change it accordingly in case of change of storage location. +# mosip.kernel.xsdstorage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ +mosip.kernel.xsdstorage-uri=https://raw.githubusercontent.com/mosip/mosip-config/develop/ +# Cbeff XSD file name in config server +mosip.kernel.xsdfile=mosip-cbeff.xsd + +#----------------------------- Applicant Type -------------------------------------------------- +mosip.kernel.applicant.type.age.limit = 5 + +#----------------------------- Static PIN -------------------------------------------------- +mosip.kernel.pin.length=6 + +#-----------------------------TOKEN-ID Properties--------------------------------- +#length of the token id +mosip.kernel.tokenid.length=36 + +# log level +logging.level.root=WARN +logging.level.io.mosip=INFO +# logging.level.io.mosip.kernel.auth.defaultadapter.filter=INFO +logging.level.io.mosip.kernel.auth.defaultadapter=DEBUG +logging.level.org.springframework.http.client=DEBUG +logging.level.io.mosip.residentapp=INFO +logging.level.reactor.netty.http.client=INFO +# tomcat access logs +server.tomcat.accesslog.enabled=true +server.tomcat.accesslog.directory=/dev +server.tomcat.accesslog.prefix=stdout +server.tomcat.accesslog.buffered=false +server.tomcat.accesslog.suffix= +server.tomcat.accesslog.file-date-format= +server.tomcat.accesslog.pattern={"@timestamp":"%{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'}t","level":"ACCESS","level_value":70000,"traceId":"%{X-B3-TraceId}i","statusCode":%s,"req.requestURI":"%U","bytesSent":%b,"timeTaken":%T,"appName":"${spring.application.name}"} +server.tomcat.accesslog.className=io.mosip.kernel.core.logger.config.SleuthValve +registration.processor.unMaskedUin.length=5 + +IDSchema.Version=1.0 +registration.processor.identityjson=identity-mapping.json +registration.processor.demographic.identity=identity +CREATEDATASHARE=${mosip.datashare.url}/v1/datashare/create +DECRYPTPINBASSED=${mosip.kernel.keymanager.url}/v1/keymanager/decryptWithPin + + +#Auth Adapter rest template authentication configs +mosip.iam.adapter.appid=partner +mosip.iam.adapter.clientid=mpartner-default-mobile +mosip.iam.adapter.clientsecret=1234secret +auth.server.admin.issuer.uri=${keycloak.external.url}/auth/realms/ + +mosip.iam.adapter.issuerURL=${keycloak.internal.url}/auth/realms/mosip +mosip.authmanager.base-url=${mosip.kernel.authmanager.url}/v1/authmanager +mosip.authmanager.client-token-endpoint=${mosip.authmanager.base-url}/authenticate/clientidsecretkey +auth.server.admin.validate.url=${mosip.kernel.authmanager.url}/v1/authmanager/authorize/admin/validateToken + + +# in minutes +mosip.iam.adapter.validate-expiry-check-rate=1440 + +# in minutes +mosip.iam.adapter.renewal-before-expiry-interval=1440 + +#this should be false if you don?t use this restTemplate true if you do + +mosip.iam.adapter.self-token-renewal-enable=true +mosip.auth.filter_disable=true +mosip.auth.adapter.impl.basepackage=io.mosip.kernel.auth.defaultadapter +mosip.kernel.auth.appids.realm.map={prereg:'mosip',ida:'mosip',registrationclient:'mosip',regproc:'mosip',partner:'mosip',resident:'mosip',admin:'mosip',crereq:'mosip',creser:'mosip',datsha:'mosip',idrepo:'mosip'} + +vercred.type.vid=VID +mosip.idp.partner.id=mpartner-default-mobile +mosip.idp.partner.encryption.key=Aci9jg28B8mO_LDfDXo3ZTp5_HKgEMun2tYyHCa1e8k +wallet.binding.partner.id=mpartner-default-mimotokeybinding +wallet.binding.partner.api.key=1234walletbindingkey + +#mosip notification otp channel config +mosip.notificationtype=SMS|EMAIL|PHONE + +# Configurations related to openid4vc +mosip.openid.issuers=mimoto-issuers-config.json +mosip.openid.htmlTemplate=credential-template.html +mosip.oidc.client.assertion.type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer +mosip.oidc.p12.filename=oidckeystore.p12 +mosip.oidc.p12.password=mosip123 +mosip.oidc.p12.path=certs/ + + +#OpenId4VP related Configuration START + +#File name for the mimoto trusted verifiers +mosip.openid.verifiers=mimoto-trusted-verifiers.json + +#Inji Web Config +mosip.inji.web.url=https://injiweb.collab.mosip.net +mosip.inji.web.redirect.url=https://injiweb.collab.mosip.net/authorize +mosip.inji.qr.data.size.limit=10000 +mosip.inji.qr.code.height=650 +mosip.inji.qr.code.width=650 + +#OVP Config +mosip.inji.ovp.qrdata.pattern=INJI_OVP://https://injiweb.collab.mosip.net/authorize?response_type=vp_token&resource=%s&presentation_definition=%s +mosip.inji.ovp.redirect.url.pattern=%s#vp_token=%s&presentation_submission=%s +mosip.inji.ovp.error.redirect.url.pattern=%s?error=%s&error_description=%s + +#DataShare Config +mosip.data.share.url=https://datashare-inji.collab.mosip.net +mosip.data.share.create.url=https://datashare-inji.collab.mosip.net/v1/datashare/create/static-policyid/static-subscriberid +mosip.data.share.create.retry.count=3 +mosip.data.share.get.url.pattern=https://datashare-inji.collab.mosip.net/v1/datashare/get/static-policyid/static-subscriberid/* + +#OpenId4VP related Configuration END diff --git a/docker-compose/config/mimoto-issuers-config.json b/docker-compose/config/mimoto-issuers-config.json new file mode 100644 index 00000000..98823006 --- /dev/null +++ b/docker-compose/config/mimoto-issuers-config.json @@ -0,0 +1,129 @@ +{ + "issuers": [ + { + "credential_issuer": "Mosip", + "protocol": "OpenId4VCI", + "display": [ + { + "name": "National Identity Department", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "mosip-logo" + }, + "title": "National Identity Department", + "description": "Download MOSIP National / Foundational Identity Credential", + "language": "en" + }, + { + "name": "دائرة الهوية الوطنية", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "شعار موسيب" + }, + "title": "دائرة الهوية الوطنية", + "description": "قم بتنزيل بيانات اعتماد الهوية الوطنية / التأسيسية MOSIP", + "language": "ar" + }, + { + "name": "राष्ट्रीय पहचान विभाग", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "मोसिप लोगो" + }, + "title": "राष्ट्रीय पहचान विभाग", + "description": "MOSIP नेशनल/फाउंडेशनल आइडेंटिटी क्रेडेंशियल डाउनलोड करेंं", + "language": "hi" + }, + { + "name": "ರಾಷ್ಟ್ರೀಯ ಗುರುತಿನ ಇಲಾಖೆ", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "mosip ಲೋಗೋ" + }, + "title": "ರಾಷ್ಟ್ರೀಯ ಗುರುತಿನ ಇಲಾಖೆ", + "description": "MOSIP ರಾಷ್ಟ್ರೀಯ / ಫೌಂಡೇಶನಲ್ ಐಡೆಂಟಿಟಿ ರುಜುವಾತು ಡೌನ್‌ಲೋಡ್ ಮಾಡಿ", + "language": "kn" + }, + { + "name": "தேசிய அடையாளத் துறை", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "mosip லோகோ" + }, + "title": "தேசிய அடையாளத் துறை", + "description": "MOSIP தேசிய / அடிப்படை அடையாளச் சான்றிதழைப் பதிவிறக்கவும்", + "language": "ta" + }, + { + "name": "National Identity Department", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "logo ng mosip" + }, + "title": "National Identity Department", + "description": "I-download ang MOSIP National / Foundational Identity Credential", + "language": "fil" + } + ], + "client_id": "XusU7P1y10lMr9NA1qnrny_fqynODwV4SCvWPP8cfdY", + "redirect_uri": "io.mosip.residentapp.inji://oauthredirect", + "token_endpoint": "https://api.collab.mosip.net/v1/mimoto/get-token/Mosip", + "authorization_audience": "https://esignet-insurance.collab.mosip.net/v1/esignet/oauth/v2/token", + "proxy_token_endpoint": "https://esignet-mosipid.collab.mosip.net/v1/esignet/oauth/v2/token", + "client_alias": "mpartner-default-test-mosipid", + "qr_code_type": "OnlineSharing", + "enabled": "true", + "wellknown_endpoint": "https://injicertify-mosipid.collab.mosip.net/v1/certify/issuance/.well-known/openid-credential-issuer" + }, + { + "credential_issuer": "StayProtected", + "protocol": "OpenId4VCI", + "display": [ + { + "name": "StayProtected Insurance", + "logo": { + "url": "https://raw.githubusercontent.com/tw-mosip/file-server/master/StayProtectedInsurance.png", + "alt_text": "a square logo of a Sunbird" + }, + "title": "Download StayProtected Insurance Credentials", + "description": "Download insurance credential", + "language": "en" + } + ], + "client_id": "esignet-sunbird-partner", + "redirect_uri": "io.mosip.residentapp.inji://oauthredirect", + "token_endpoint": "https://api.dev1.mosip.net/v1/mimoto/get-token/StayProtected", + "authorization_audience": "https://esignet-insurance.dev1.mosip.net/v1/esignet/oauth/v2/token", + "proxy_token_endpoint": "https://esignet-insurance.dev1.mosip.net/v1/esignet/oauth/v2/token", + "client_alias": "esignet-sunbird-partner", + "qr_code_type": "OnlineSharing", + "enabled": "true", + "wellknown_endpoint": "https://injicertify-insurance.dev1.mosip.net/v1/certify/issuance/.well-known/openid-credential-issuer" + }, + { + "credential_issuer": "Mock", + "protocol": "OpenId4VCI", + "display": [ + { + "name": "Mock Identity", + "logo": { + "url": "https://api.collab.mosip.net/inji/mosip-logo.png", + "alt_text": "mosip-logo" + }, + "title": "Mock Identity", + "description": "Download Mock Identity Credential", + "language": "en" + } + ], + "client_id": "mpartner-mock-testing", + "redirect_uri": "io.mosip.residentapp.inji://oauthredirect", + "token_endpoint": "https://api.collab.mosip.net/v1/mimoto/get-token/Mock", + "authorization_audience": "https://esignet-insurance.collab.mosip.net/v1/esignet/oauth/v2/token", + "proxy_token_endpoint": "https://esignet-mock.collab.mosip.net/v1/esignet/oauth/v2/token", + "client_alias": "mpartner-mock-testing", + "qr_code_type": "OnlineSharing", + "enabled": "true", + "wellknown_endpoint": "https://injicertify-mock.collab.mosip.net/v1/certify/issuance/.well-known/openid-credential-issuer" + } + ] +} diff --git a/docker-compose/config/mimoto-trusted-verifiers.json b/docker-compose/config/mimoto-trusted-verifiers.json new file mode 100644 index 00000000..0ae0f141 --- /dev/null +++ b/docker-compose/config/mimoto-trusted-verifiers.json @@ -0,0 +1,10 @@ +{ + "verifiers": [ + { + "client_id": "https://injiverify.collab.mosip.net", + "redirect_uri": [ + "https://injiverify.collab.mosip.net/redirect" + ] + } + ] +} diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml new file mode 100644 index 00000000..dee9bb79 --- /dev/null +++ b/docker-compose/docker-compose.yml @@ -0,0 +1,55 @@ +version: '3.8' + +services: + nginx: + container_name: nginx + image: nginx:alpine + ports: + - '80:80' + volumes: + - ./config/mimoto-issuers-config.json:/config/server/mimoto-issuers-config.json + - ./config/mimoto-trusted-verifiers.json:/config/server/mimoto-trusted-verifiers.json + - ./config/credential-template.html:/config/server/credential-template.html + - ./nginx.conf:/etc/nginx/nginx.conf + + mimoto-service: + container_name: 'mimoto-service' + image: 'mosipid/mimoto:0.14.0' + user: root + ports: + - '8099:8099' + environment: + - container_user=mosip + - active_profile_env=default + - SPRING_CONFIG_NAME=mimoto + - SPRING_CONFIG_LOCATION=/home/mosip/ + volumes: + - ./config/mimoto-default.properties:/home/mosip/mimoto-default.properties + - ./config/mimoto-issuers-config.json:/home/mosip/mimoto-issuers-config.json + - ./config/mimoto-trusted-verifiers.json:/home/mosip/mimoto-trusted-verifiers.json + - ./certs/oidckeystore.p12:/home/mosip/certs/oidckeystore.p12 + depends_on: + - nginx + + inji-web-proxy: + container_name: 'inji-web-proxy' + image: inji-web-proxy:local + ports: + - '3010:3010' + environment: + - MIMOTO_HOST=http://mimoto-service:8099/v1/mimoto + - PORT=3010 + depends_on: + - mimoto-service + + inji-web: + container_name: 'inji-web' + image: inji-web:local + ports: + - '3001:80' + environment: + - MIMOTO_HOST=http://localhost:3010 + depends_on: + - inji-web-proxy + + diff --git a/docker-compose/nginx.conf b/docker-compose/nginx.conf new file mode 100644 index 00000000..03a3e1d7 --- /dev/null +++ b/docker-compose/nginx.conf @@ -0,0 +1,12 @@ +events { } + +http { + server { + listen 80; + + location / { + root /config/server; + autoindex on; + } + } +} diff --git a/inji-web-proxy/.env b/inji-web-proxy/.env new file mode 100644 index 00000000..4602717b --- /dev/null +++ b/inji-web-proxy/.env @@ -0,0 +1,2 @@ +MIMOTO_HOST=https://api.dev1.mosip.net/v1/mimoto +PORT=3010 diff --git a/inji-web-proxy/.gitignore b/inji-web-proxy/.gitignore new file mode 100644 index 00000000..60f1aa34 --- /dev/null +++ b/inji-web-proxy/.gitignore @@ -0,0 +1,4 @@ +.project +.idea +package-*.json +node_modules diff --git a/inji-web-proxy/Dockerfile b/inji-web-proxy/Dockerfile new file mode 100644 index 00000000..eb84af5d --- /dev/null +++ b/inji-web-proxy/Dockerfile @@ -0,0 +1,21 @@ +# Dockerfile +# Use the official Node.js image +FROM node:16.9.1 + +# Create and set the working directory inside the container +WORKDIR /usr/src/app + +# Copy package.json and package-lock.json (if available) +COPY package*.json ./ + +# Install dependencies +RUN npm install + +# Copy the rest of the application code +COPY . . + +# Expose the port on which the app runs +EXPOSE 3010 + +# Run the application +CMD ["node", "proxy_server.js"] diff --git a/inji-web-proxy/README.md b/inji-web-proxy/README.md new file mode 100644 index 00000000..45e06778 --- /dev/null +++ b/inji-web-proxy/README.md @@ -0,0 +1,20 @@ +### Inji Web Proxy + +Inji Web Proxy is express js application which is build to connect Backend Service From Inji Web to Avoid CORS issue. + + +### Environment Variables : + +> MIMOTO_HOST : Update the host url of the Mimoto with **/v1/mimoto** suffix + +> PORT : port in which proxy will run + +### Installation Steps : + +> npm i && node proxy_server.js + +### Usage : + +- Goto InjiWeb [api.ts](../inji-web/src/utils/api.ts) +- In order to avoid CORS, update the **mimotoHost** of Inji Web from Mimoto service url to Inji Web Proxy server url, so that it proxies and bypasses the CORS + - ref : https://localhost:3010 diff --git a/inji-web-proxy/package.json b/inji-web-proxy/package.json new file mode 100644 index 00000000..833e8f96 --- /dev/null +++ b/inji-web-proxy/package.json @@ -0,0 +1,20 @@ +{ + "name": "proxy-server", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "axios": "^1.6.8", + "body-parser": "^1.20.2", + "cors": "^2.8.5", + "dotenv": "^16.4.5", + "express": "^4.19.2", + "fs": "^0.0.1-security", + "path": "^0.12.7" + } +} diff --git a/inji-web-proxy/proxy_server.js b/inji-web-proxy/proxy_server.js new file mode 100644 index 00000000..30612b02 --- /dev/null +++ b/inji-web-proxy/proxy_server.js @@ -0,0 +1,53 @@ +const express = require('express'); +const cors = require('cors'); +const axios = require('axios'); +const bodyParser = require('body-parser'); +require('dotenv').config() + +const app = express(); +const PORT = process.env.PORT; + +app.use(express.json()); +app.use(cors()); +app.use(bodyParser.json()); +app.use(bodyParser.urlencoded({ extended: true })); + +app.all('*', async (req, res) => { + delete req.headers.host + delete req.headers.referer + + const API_URL = process.env.MIMOTO_HOST; + const PATH = req.url + try { + + let response = await axios({ + method: req.method, + responseType: PATH.indexOf("/download") !== -1 ? "arraybuffer" : "json", + url: `${API_URL + PATH}`, + data: new URLSearchParams(req.body), + headers: req.headers + }); + + if(PATH.indexOf("/download") !== -1){ + res.status(response.status).json(response.data); + } else { + res.setHeader('Access-Control-Allow-Origin', '*'); // Change '*' to specific origin if needed + res.setHeader('Access-Control-Allow-Methods', 'GET,OPTIONS,POST'); // Allow GET requests + res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization'); // Allow specific headers + res.set("Content-Type", "application/pdf"); + res.status(response.status).send(response.data); + } + + } catch (error) { + console.error("Error occurred: ", error); + if (error.response) { + res.status(error.response.status).json(error.response.data); + } else { + res.status(500).json({ error: error.message }); + } + } +}); + +app.listen(PORT, () => { + console.log(`Proxy server listening on port ${PORT}`); +}); diff --git a/inji-web/.env.production b/inji-web/.env.production deleted file mode 100644 index de74fa6a..00000000 --- a/inji-web/.env.production +++ /dev/null @@ -1,2 +0,0 @@ -#REACT_APP_ESIGNET_UI_URL= -#REACT_APP_MIMOTO_URL=/v1/mimoto \ No newline at end of file diff --git a/inji-web/Dockerfile b/inji-web/Dockerfile index 470b7fd1..4d85f197 100644 --- a/inji-web/Dockerfile +++ b/inji-web/Dockerfile @@ -9,11 +9,14 @@ ARG defaultTheme ARG defaultLang ARG defaultFavicon ARG defaultTitle +ARG MIMOTO_HOST ENV DEFAULT_THEME=$defaultTheme ENV DEFAULT_LANG=$defaultLang ENV DEFAULT_FAVICON=$defaultFavicon ENV DEFAULT_TITLE=$defaultTitle +ENV MIMOTO_HOST=$MIMOTO_HOST + # Copy package.json and package-lock.json to the working directory COPY package*.json ./ @@ -81,6 +84,7 @@ RUN chmod +x configure_start.sh RUN echo "DEFAULT_THEME=$DEFAULT_THEME" >> ${work_dir}/env.env \ && echo "DEFAULT_LANG=$DEFAULT_LANG" >> ${work_dir}/env.env \ + && echo "MIMOTO_HOST=$MIMOTO_HOST" >> ${work_dir}/env.env \ && echo "DEFAULT_FAVICON=$DEFAULT_FEVICON" >> ${work_dir}/env.env \ && echo "DEFAULT_TITLE=$DEFAULT_TITLE" >> ${work_dir}/env.env diff --git a/inji-web/Dockerfile.local b/inji-web/Dockerfile.local index f66f67c1..aeacd574 100644 --- a/inji-web/Dockerfile.local +++ b/inji-web/Dockerfile.local @@ -9,11 +9,13 @@ ARG defaultTheme ARG defaultLang ARG defaultFavicon ARG defaultTitle +ARG MIMOTO_HOST ENV DEFAULT_THEME=$defaultTheme ENV DEFAULT_LANG=$defaultLang ENV DEFAULT_FAVICON=$defaultFavicon ENV DEFAULT_TITLE=$defaultTitle +ENV MIMOTO_HOST=$MIMOTO_HOST # Copy package.json and package-lock.json to the working directory COPY package*.json ./ @@ -51,6 +53,7 @@ RUN echo "Generating env-config file" \ && echo "window._env_ = {" > ${work_dir}/env.config.js \ && echo "DEFAULT_THEME=\"$DEFAULT_THEME\"," >> ${work_dir}/env.config.js \ && echo "DEFAULT_LANG=\"$DEFAULT_LANG\"," >> ${work_dir}/env.config.js \ + && echo "MIMOTO_HOST=$MIMOTO_HOST" >> ${work_dir}/env.env \ && echo "DEFAULT_FAVICON=\"$DEFAULT_FAVICON\"," >> ${work_dir}/env.config.js \ && echo "DEFAULT_TITLE=\"$DEFAULT_TITLE\"" >> ${work_dir}/env.config.js \ && echo "}" >> ${work_dir}/env.config.js \ diff --git a/inji-web/public/env.config.js b/inji-web/public/env.config.js index 5df07653..72e92e39 100644 --- a/inji-web/public/env.config.js +++ b/inji-web/public/env.config.js @@ -3,5 +3,6 @@ window._env_ = { DEFAULT_THEME: "", DEFAULT_FAVICON: "favicon.ico", DEFAULT_TITLE: "Inji Web", - DEFAULT_FONT_URL: "https://fonts.googleapis.com/css?family=Inter" + DEFAULT_FONT_URL: "https://fonts.googleapis.com/css?family=Inter", + MIMOTO_HOST: "http://localhost:3010" }; diff --git a/inji-web/src/types/env.d.ts b/inji-web/src/types/env.d.ts index 326d3249..837aea9b 100644 --- a/inji-web/src/types/env.d.ts +++ b/inji-web/src/types/env.d.ts @@ -8,6 +8,7 @@ declare global { DEFAULT_FAVICON: string; DEFAULT_TITLE: string; DEFAULT_FONT_URL: string; + MIMOTO_HOST: string; } } } diff --git a/inji-web/src/utils/api.ts b/inji-web/src/utils/api.ts index 5de4b73f..b8dcd43b 100644 --- a/inji-web/src/utils/api.ts +++ b/inji-web/src/utils/api.ts @@ -14,7 +14,8 @@ export enum MethodType { export class api { // static mimotoHost = "http://localhost:3010"; - static mimotoHost = window.location.origin + "/v1/mimoto"; + // static mimotoHost = window.location.origin + "/v1/mimoto"; + static mimotoHost = window._env_.MIMOTO_HOST; static authorizationRedirectionUrl = window.location.origin + "/redirect"; @@ -50,7 +51,7 @@ export class api { methodType: MethodType.POST, headers: () => { return { - 'accept': 'application/json', + 'accept': 'application/pdf', 'Content-Type': 'application/x-www-form-urlencoded', 'Cache-Control': 'no-cache, no-store, must-revalidate' } From 4c1b5ba12d116fb932d0e11a027355a6be36bf4d Mon Sep 17 00:00:00 2001 From: Vijay <94220135+vijay151096@users.noreply.github.com> Date: Tue, 29 Oct 2024 21:12:19 +0530 Subject: [PATCH 2/2] [INJIWEB-1025] : update proxy_server for download failure. Signed-off-by: Vijay <94220135+vijay151096@users.noreply.github.com> --- inji-web-proxy/proxy_server.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/inji-web-proxy/proxy_server.js b/inji-web-proxy/proxy_server.js index 30612b02..ab1db6ed 100644 --- a/inji-web-proxy/proxy_server.js +++ b/inji-web-proxy/proxy_server.js @@ -22,13 +22,13 @@ app.all('*', async (req, res) => { let response = await axios({ method: req.method, - responseType: PATH.indexOf("/download") !== -1 ? "arraybuffer" : "json", + responseType: PATH.indexOf("/download") === -1 ? "json" : "arraybuffer", url: `${API_URL + PATH}`, data: new URLSearchParams(req.body), headers: req.headers }); - if(PATH.indexOf("/download") !== -1){ + if(PATH.indexOf("/download") === -1){ res.status(response.status).json(response.data); } else { res.setHeader('Access-Control-Allow-Origin', '*'); // Change '*' to specific origin if needed