Merge branch 'local-latest-esignet' of https://github.com/tf-govstack…

…/esignet into local-latest-esignet
tf-govstack · Oct 20, 2023 · 46a7a01 · 46a7a01
2 parents 7fb90e5 + b3689eb
commit 46a7a01
Show file tree

Hide file tree

Showing 2 changed files with 97 additions and 7 deletions.
diff --git a/.github/workflows/push-trigger.yml b/.github/workflows/push-trigger.yml
@@ -20,6 +20,7 @@ on:
       - develop
       - MOSIP*
       - release*
+      - local*
 
 jobs:
   build-maven-esignet:

diff --git a/esignet-service/src/main/resources/application.properties b/esignet-service/src/main/resources/application.properties
@@ -38,7 +38,7 @@ mosip.esignet.amr-acr-mapping-file-url=https://raw.githack.com/mosip/mosip-confi
 mosip.esignet.supported-id-regex=\\S*
 mosip.esignet.id-token-expire-seconds=3600
 mosip.esignet.access-token.expire.seconds=3600
-mosip.esignet.link-code-expire-in-secs=60
+mosip.esignet.link-code-expire-in-secs=600
 mosip.esignet.header-filter.paths-to-validate={'${server.servlet.path}/authorization/send-otp', \
   '${server.servlet.path}/authorization/authenticate', \
   '${server.servlet.path}/authorization/auth-code'}
@@ -173,18 +173,19 @@ mosip.esignet.cache.secure.individual-id=true
 mosip.esignet.cache.store.individual-id=true
 mosip.esignet.cache.security.secretkey.reference-id=TRANSACTION_CACHE
 mosip.esignet.cache.security.algorithm-name=AES/ECB/PKCS5Padding
-mosip.esignet.cache.names=clientdetails,preauth,authenticated,authcodegenerated,userinfo,linkcodegenerated,linked,linkedcode,linkedauth,consented
+mosip.esignet.cache.names=clientdetails,preauth,authenticated,authcodegenerated,userinfo,linkcodegenerated,linked,linkedcode,linkedauth,consented,authtokens,bindingtransaction,vcissuance
 #spring.cache.type=redis
 #spring.cache.cache-names=${mosip.esignet.cache.names}
 #spring.redis.host=localhost
 #spring.redis.port=6379
 spring.cache.type=simple
 mosip.esignet.cache.key.hash.algorithm=SHA3-256
 mosip.esignet.cache.size={'clientdetails' : 200, 'preauth': 200, 'authenticated': 200, 'authcodegenerated': 200, 'userinfo': 200, \
-   'linkcodegenerated' : 500, 'linked': 200 , 'linkedcode': 200, 'linkedauth' : 200 , 'consented' :200 }
-mosip.esignet.cache.expire-in-seconds={'clientdetails' : 86400, 'preauth': 180, 'authenticated': 120, 'authcodegenerated': 60, \
-  'userinfo': ${mosip.esignet.access-token.expire.seconds}, 'linkcodegenerated' : ${mosip.esignet.link-code-expire-in-secs}, \
-  'linked': 60 , 'linkedcode': ${mosip.esignet.link-code-expire-in-secs}, 'linkedauth' : 60, 'consented': 120 }
+   'linkcodegenerated' : 500, 'linked': 200 , 'linkedcode': 200, 'linkedauth' : 200 , 'consented' :200, 'authtokens': 2, 'bindingtransaction': 1500,'vcissuance' : 2000 }
+mosip.esignet.cache.expire-in-seconds={'clientdetails' : 86400, 'preauth': 1000, 'authenticated': ${mosip.esignet.authentication-expire-in-secs}, 'authcodegenerated': 600, \
+  'userinfo': ${mosip.esignet.access-token-expire-seconds}, 'linkcodegenerated' : ${mosip.esignet.link-code-expire-in-secs}, \
+  'linked': 600 , 'linkedcode': ${mosip.esignet.link-code-expire-in-secs}, 'linkedauth' : ${mosip.esignet.authentication-expire-in-secs}, 'consented': 600, \
+  'authtokens': 28800, 'bindingtransaction': 600, 'vcissuance': ${mosip.esignet.access-token-expire-seconds} }
 ## ------------------------------------------ Discovery openid-configuration -------------------------------------------
 mosip.esignet.discovery.issuer-id=${mosipbox.public.url}${server.servlet.path}
 mosip.esignet.discovery.key-values={'issuer': '${mosip.esignet.discovery.issuer-id}' ,\
@@ -283,4 +284,92 @@ crypto.PrependThumbprint.enable=true
 ## -------------------------------------------- IDP-UI config ----------------------------------------------------------
 mosip.esignet.ui.config.key-values={'sbi.env': 'Developer', 'sbi.timeout.DISC': 30, \
   'sbi.timeout.DINFO': 30, 'sbi.timeout.CAPTURE': 30, 'sbi.capture.count.face': 1, 'sbi.capture.count.finger': 2, \
-  'sbi.capture.count.iris': 1, 'sbi.capture.score.face': 70, 'sbi.capture.score.finger':70, 'sbi.capture.score.iris':70 }
+  'sbi.capture.count.iris': 1, 'sbi.capture.score.face': 70, 'sbi.capture.score.finger':70, 'sbi.capture.score.iris':70 }
+
+#New
+mosip.esignet.domain.url=http://10.2.1.14:3333/
+mosip.esignet.authentication-expire-in-secs=600
+mosip.esignet.access-token-expire-seconds=3600
+mosip.esignet.supported-pkce-methods={'S256'}
+mosip.esignet.ida.vci-exchange-id=mosip.identity.vciexchange
+mosip.esignet.ida.vci-exchange-version=1.0
+mosip.esignet.ida.vci-exchange-url=${mosip.esignet.mock.host}/v1/mock-identity-system/vci-exchange/delegated/${mosip.esignet.misp.license.key}/
+mosip.esignet.integration.vci-plugin=IdaVCIssuancePluginImpl
+mosip.esignet.mock.vciplugin.verification-method=${mosip.esignet.vci.authn.jwk-set-uri}
+mosip.esignet.supported.credential.scopes={'sample_vc_ldp','mosip_identity_vc_ldp'}
+mosip.esignet.credential.scope-resource-mapping={'sample_vc_ldp' : '${mosip.esignet.domain.url}${server.servlet.path}/vci/credential', 'mosip_identity_vc_ldp': '${mosip.esignet.domain.url}${server.servlet.path}/vci/credential' }
+mosip.esignet.ida.vci-user-info-cache=userinfo
+mosip.kernel.keymgr.hsm.health.check.enabled=true
+mosip.kernel.keymgr.hsm.health.key.app-id=OIDC_SERVICE
+mosip.kernel.keymgr.hsm.healthkey.ref-id=TRANSACTION_CACHE
+mosip.kernel.keymgr.hsm.health.check.encrypt=true
+mosip.esignet.ui.wallet.config={{'wallet.name': 'Inji Mobile App', 'wallet.logo-url': 'inji_logo.png', 'wallet.download-uri': '#', \
+ 'wallet.deep-link-uri': 'inji://landing-page-name?linkCode=LINK_CODE&linkExpireDateTime=LINK_EXPIRE_DT' }}
+##  ---------------------------------------------- VCI ------------------------------------------------------------------
+mosip.esignet.vci.identifier=${mosip.esignet.domain.url}${server.servlet.path}
+mosip.esignet.vci.authn.filter-urls={ '${server.servlet.path}/vci/credential' }
+mosip.esignet.vci.authn.issuer-uri=${mosip.esignet.domain.url}${server.servlet.path}
+mosip.esignet.vci.authn.jwk-set-uri=${mosip.esignet.domain.url}${server.servlet.path}/oauth/.well-known/jwks.json
+mosip.esignet.vci.authn.allowed-audiences={ '${mosip.esignet.domain.url}${server.servlet.path}/vci/credential' }
+mosip.esignet.vci.supported.jwt-proof-alg={'RS256'}
+mosip.esignet.vci.key-values={ 'credential_issuer': '${mosip.esignet.domain.url}',         \
+  'credential_endpoint': '${mosip.esignet.domain.url}${server.servlet.path}/vci/credential', \
+  'credentials_supported': {{\
+  'format': 'ldp_vc',\
+  'id': 'SampleVerifiableCredential_ldp', \
+  'scope' : 'sample_vc_ldp',\
+  'cryptographic_binding_methods_supported': {'did:jwk'},\
+  'cryptographic_suites_supported': {'RsaSignature2018'},\
+  'proof_types_supported': {'jwt'},\
+  'credential_definition': {\
+  'type': {'VerifiableCredential'},\
+  'credentialSubject': {\
+  'name': { 'display': {{'name': 'Given Name', 'locale': 'en' }}}, \
+  'age': { 'display': {{ 'name': 'Age', 'locale': 'en'}}}\
+   }},\
+  'display': {{'name': 'Sample Verifiable Credential by e-Signet', \
+                'locale': 'en', \
+                'logo': {'url': '${mosip.esignet.domain.url}/logo.png',\
+                'alt_text': 'a square logo of a MOSIP'},\
+                'background_color': '#12107c',\
+                'text_color': '#FFFFFF'}}\
+     \ },{\
+  'format': 'ldp_vc',\
+  'id': 'MOSIPVerifiableCredential', \
+  'scope' : 'mosip_identity_vc_ldp',\
+  'cryptographic_binding_methods_supported': {'did:jwk'},\
+  'cryptographic_suites_supported': {'RsaSignature2018'},\
+  'proof_types_supported': {'jwt'},\
+  'credential_definition': {\
+  'type': {'VerifiableCredential'},\
+  'credentialSubject': {\
+  'fullName': { 'display': {{'name': 'Full Name', 'locale': 'en' }}},\
+  'phone': { 'display': {{'name': 'Phone Number', 'locale': 'en' }}},\
+  'dateOfBirth': { 'display': {{'name': 'DOB', 'locale': 'en' }}},\
+  'gender': { 'display': {{'name': 'Gender', 'locale': 'en' }}},\
+  'residenceStatus': { 'display': {{'name': 'Residence Status', 'locale': 'en' }}},\
+  'email': { 'display': {{'name': 'Email Id', 'locale': 'en' }}},\
+  'region': { 'display': {{'name': 'Region', 'locale': 'en' }}},\
+  'province': { 'display': {{'name': 'Province', 'locale': 'en' }}},\
+  'city': { 'display': {{'name': 'City', 'locale': 'en' }}},\
+  'postalCode': { 'display': {{'name': 'Postal Code', 'locale': 'en' }}}\
+   }},\
+  'display': {{'name': 'MOSIP Identity Verifiable Credential', \
+                'locale': 'en', \
+                'logo': {'url': '${mosip.esignet.domain.url}/logo.png',\
+                'alt_text': 'a square logo of a MOSIP'},\
+                'background_color': '#12107c',\
+                'text_color': '#FFFFFF'}}\
+  \ }},\
+  'display': {{'name': 'MOSIP', 'locale': 'en'}}\
+  }
+mosip.esignet.oauth.key-values={'issuer': '${mosip.esignet.domain.url}' ,\
+  \ 'authorization_endpoint': '${mosip.esignet.domain.url}${server.servlet.path}/authorize' , \
+  \ 'token_endpoint': '${mosip.esignet.domain.url}${server.servlet.path}/oauth/token' , \
+  \ 'jwks_uri' : '${mosip.esignet.domain.url}${server.servlet.path}/oauth/jwks.json' , \
+  \ 'token_endpoint_auth_methods_supported' : ${mosip.esignet.supported.client.auth.methods}, \
+  \ 'token_endpoint_auth_signing_alg_values_supported' : {'RS256'},\
+  \ 'scopes_supported' : ${mosip.esignet.supported.openid.scopes}, \
+  \ 'response_modes_supported' : { 'query' }, \
+  \ 'grant_types_supported' : ${mosip.esignet.supported.grant.types},\
+  \ 'response_types_supported' : ${mosip.esignet.supported.response.types}}