From 402aea95ffacb29e543804059b43381baebecf6a Mon Sep 17 00:00:00 2001 From: Paul Latzelsperger <43503240+paullatzelsperger@users.noreply.github.com> Date: Fri, 25 Oct 2024 16:02:33 +0200 Subject: [PATCH] feat: issuer DID is hosted on NGINX (#372) * add nginx tf deployment * update dids and credentials, remove exmaple resolver * update Issuer did * update readme [skip ci] * fix path --- README.md | 167 +++++++++++------- .../consumer/dataprocessor-credential.json | 6 +- .../k8s/consumer/dataprocessor_vc.json | 2 +- .../k8s/consumer/membership-credential.json | 6 +- .../k8s/consumer/membership_vc.json | 2 +- .../provider/dataprocessor-credential.json | 6 +- .../k8s/provider/dataprocessor_vc.json | 2 +- .../k8s/provider/membership-credential.json | 6 +- .../k8s/provider/membership_vc.json | 2 +- .../consumer/dataprocessor-credential.json | 6 +- .../local/consumer/membership-credential.json | 6 +- .../consumer/unsigned/dataprocessor_vc.json | 2 +- .../consumer/unsigned/membership_vc.json | 2 +- .../provider/dataprocessor-credential.json | 6 +- .../local/provider/membership-credential.json | 6 +- .../provider/unsigned/dataprocessor_vc.json | 2 +- .../provider/unsigned/membership_vc.json | 2 +- .../assets/issuer/did.docker.json | 8 +- deployment/assets/issuer/did.k8s.json | 1 + deployment/assets/issuer/nginx.conf | 9 + deployment/issuer.tf | 110 ++++++++++++ .../edc/demo/dcp/core/DcpPatchExtension.java | 3 +- .../core/DidExampleResolver.java | 74 -------- .../core/MockServiceExtension.java | 66 ------- ...rg.eclipse.edc.spi.system.ServiceExtension | 1 - .../org/eclipse/edc/demo/dcp/JwtSigner.java | 33 ++-- 26 files changed, 282 insertions(+), 254 deletions(-) rename extensions/did-example-resolver/src/main/resources/did_example_dataspace-issuer.json => deployment/assets/issuer/did.docker.json (66%) create mode 100644 deployment/assets/issuer/did.k8s.json create mode 100644 deployment/assets/issuer/nginx.conf create mode 100644 deployment/issuer.tf delete mode 100644 extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/DidExampleResolver.java delete mode 100644 extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/MockServiceExtension.java diff --git a/README.md b/README.md index 90895879f..e8e760e24 100644 --- a/README.md +++ b/README.md @@ -1,59 +1,57 @@ # Minimum Viable Dataspace Demo - * [Minimum Viable Dataspace Demo](#minimum-viable-dataspace-demo) - * [1. Introduction](#1-introduction) - * [2. Purpose of this Demo](#2-purpose-of-this-demo) - * [3. The Scenario](#3-the-scenario) - * [3.1 Participants](#31-participants) - * [3.2 Data setup](#32-data-setup) - * [3.3 Access control](#33-access-control) - * [3.4 DIDs, participant lists and VerifiableCredentials](#34-dids-participant-lists-and-verifiablecredentials) - * [4. Running the demo (inside IntelliJ)](#4-running-the-demo-inside-intellij) - * [4.1 Starting the runtimes](#41-starting-the-runtimes) - * [4.2 Seeding the dataspace](#42-seeding-the-dataspace) - * [4.3 Next steps](#43-next-steps) - * [5. Running the Demo (Kubernetes)](#5-running-the-demo-kubernetes) - * [5.1 Build the runtime images](#51-build-the-runtime-images) - * [5.2 Create the K8S cluster](#52-create-the-k8s-cluster) - * [5.3 Seed the dataspace](#53-seed-the-dataspace) - * [5.4 Debugging MVD in Kubernetes](#54-debugging-mvd-in-kubernetes) - * [6. Differences between Kubernetes and IntelliJ](#6-differences-between-kubernetes-and-intellij) - * [6.1 In-memory databases](#61-in-memory-databases) - * [6.2 Memory-based secret vaults](#62-memory-based-secret-vaults) - * [6.3 Embedded vs Remote STS](#63-embedded-vs-remote-sts) - * [7. Executing REST requests using Postman](#7-executing-rest-requests-using-postman) - * [7.1 Get the catalog](#71-get-the-catalog) - * [7.2 Initiate the contract negotiation](#72-initiate-the-contract-negotiation) - * [7.3 Query negotiation status](#73-query-negotiation-status) - * [7.4 Initiate data transfer](#74-initiate-data-transfer) - * [7.5 Query data transfers](#75-query-data-transfers) - * [7.6 Get EndpointDataReference](#76-get-endpointdatareference) - * [7.7 Get access token for EDR](#77-get-access-token-for-edr) - * [7.8 Fetch data](#78-fetch-data) - * [8. Custom extensions in MVD](#8-custom-extensions-in-mvd) - * [8.1 Catalog Node Resolver](#81-catalog-node-resolver) - * [8.2 Default scope mapping function](#82-default-scope-mapping-function) - * [8.3 Scope extractor for `DataProcessor` credentials](#83-scope-extractor-for-dataprocessor-credentials) - * [8.4 Policy evaluation functions](#84-policy-evaluation-functions) - * [8.4.1 Membership evaluation function](#841-membership-evaluation-function) - * [8.4.2 DataAccessLevel evaluation function](#842-dataaccesslevel-evaluation-function) - * [8.5 Scope-to-criterion transformer](#85-scope-to-criterion-transformer) - * [8.6 Super-user seeding](#86-super-user-seeding) - * [9. Advanced topics](#9-advanced-topics) - * [9.1 Regenerating issuer keys](#91-regenerating-issuer-keys) - * [9.2 Regenerating participant keys](#92-regenerating-participant-keys) - * [9.2.1 IntelliJ deployment:](#921-intellij-deployment) - * [9.2.2 Kubernetes deployment](#922-kubernetes-deployment) - * [10. Other caveats, shortcuts and workarounds](#10-other-caveats-shortcuts-and-workarounds) - * [10.1 In-memory stores in local deployment](#101-in-memory-stores-in-local-deployment) - * [10.2 DID resolution](#102-did-resolution) - * [10.2.1 `did:web` for participants](#1021-didweb-for-participants) - * [10.2.2 - `did:example` for the dataspace credential issuer](#1022-didexample-for-the-dataspace-credential-issuer) - * [10.3 No issuance (yet)](#103-no-issuance-yet) - + * [1. Introduction](#1-introduction) + * [2. Purpose of this Demo](#2-purpose-of-this-demo) + * [3. The Scenario](#3-the-scenario) + * [3.1 Participants](#31-participants) + * [3.2 Data setup](#32-data-setup) + * [3.3 Access control](#33-access-control) + * [3.4 DIDs, participant lists and VerifiableCredentials](#34-dids-participant-lists-and-verifiablecredentials) + * [4. Running the demo (inside IntelliJ)](#4-running-the-demo-inside-intellij) + * [4.1 Start NGINX](#41-start-nginx) + * [4.2 Starting the runtimes](#42-starting-the-runtimes) + * [4.3 Seeding the dataspace](#43-seeding-the-dataspace) + * [4.4 Next steps](#44-next-steps) + * [5. Running the Demo (Kubernetes)](#5-running-the-demo-kubernetes) + * [5.1 Build the runtime images](#51-build-the-runtime-images) + * [5.2 Create the K8S cluster](#52-create-the-k8s-cluster) + * [5.3 Seed the dataspace](#53-seed-the-dataspace) + * [5.4 Debugging MVD in Kubernetes](#54-debugging-mvd-in-kubernetes) + * [6. Differences between Kubernetes and IntelliJ](#6-differences-between-kubernetes-and-intellij) + * [6.1 In-memory databases](#61-in-memory-databases) + * [6.2 Memory-based secret vaults](#62-memory-based-secret-vaults) + * [6.3 Embedded vs Remote STS](#63-embedded-vs-remote-sts) + * [7. Executing REST requests using Postman](#7-executing-rest-requests-using-postman) + * [7.1 Get the catalog](#71-get-the-catalog) + * [7.2 Initiate the contract negotiation](#72-initiate-the-contract-negotiation) + * [7.3 Query negotiation status](#73-query-negotiation-status) + * [7.4 Initiate data transfer](#74-initiate-data-transfer) + * [7.5 Query data transfers](#75-query-data-transfers) + * [7.6 Get EndpointDataReference](#76-get-endpointdatareference) + * [7.7 Get access token for EDR](#77-get-access-token-for-edr) + * [7.8 Fetch data](#78-fetch-data) + * [8. Custom extensions in MVD](#8-custom-extensions-in-mvd) + * [8.1 Catalog Node Resolver](#81-catalog-node-resolver) + * [8.2 Default scope mapping function](#82-default-scope-mapping-function) + * [8.3 Scope extractor for `DataProcessor` credentials](#83-scope-extractor-for-dataprocessor-credentials) + * [8.4 Policy evaluation functions](#84-policy-evaluation-functions) + * [8.4.1 Membership evaluation function](#841-membership-evaluation-function) + * [8.4.2 DataAccessLevel evaluation function](#842-dataaccesslevel-evaluation-function) + * [8.5 Scope-to-criterion transformer](#85-scope-to-criterion-transformer) + * [8.6 Super-user seeding](#86-super-user-seeding) + * [9. Advanced topics](#9-advanced-topics) + * [9.1 Regenerating issuer keys](#91-regenerating-issuer-keys) + * [9.2 Regenerating participant keys](#92-regenerating-participant-keys) + * [9.2.1 IntelliJ deployment:](#921-intellij-deployment) + * [9.2.2 Kubernetes deployment](#922-kubernetes-deployment) + * [10. Other caveats, shortcuts and workarounds](#10-other-caveats-shortcuts-and-workarounds) + * [10.1 In-memory stores in local deployment](#101-in-memory-stores-in-local-deployment) + * [10.2 DID resolution](#102-did-resolution) + * [10.2.1 `did:web` for participants](#1021-didweb-for-participants) + * [10.2.2 `did:web` for the dataspace issuer](#1022-didweb-for-the-dataspace-issuer) + * [10.3 No issuance (yet)](#103-no-issuance-yet) ## 1. Introduction @@ -211,7 +209,58 @@ There are several run configurations for IntelliJ in the `.run/` folder. One eac connectors runtimes and IdentityHub runtimes plus one for the provider catalog server, and one named "dataspace". The latter is a compound run config an brings up all other runtimes together. -### 4.1 Starting the runtimes +### 4.1 Start NGINX + +The issuer's DID document is hosted on NGINX, so the easiest way of running NGINX is with a docker container: + +```shell +docker run -d --name nginx -p 9876:80 --rm \ + -v ${PWD}/deployment/assets/issuer/nginx.conf:/etc/nginx/nginx.conf:ro \ + -v ${PWD}/deployment/assets/issuer/did.docker.json:/var/www/.well-known/did.json:ro \ + nginx +``` + +To verify that it worked, please execute `curl -X GET http://localhost:9876/.well-known/did.json` and see if it returns +a +DID document as JSON structure: + +```json +{ + "service": [], + "verificationMethod": [ + { + "id": "did:web:localhost%3A9876#key-1", + "type": "JsonWebKey2020", + "controller": "did:web:localhost%3A9876", + "publicKeyMultibase": null, + "publicKeyJwk": { + "kty": "OKP", + "crv": "Ed25519", + "x": "Hsq2QXPbbsU7j6JwXstbpxGSgliI04g_fU3z2nwkuVc" + } + } + ], + "authentication": [ + "key-1" + ], + "id": "did:web:localhost%3A9876", + "@context": [ + "https://www.w3.org/ns/did/v1", + { + "@base": "did:web:localhost%3A9876" + } + ] +} +``` + +The port mapping is **important**, because it influences the DID of the issuer: with a host port of +`9876` the issuer DID resolves to `did:web:localhost%3A9876`. Changing the port mapping changes the DID, soif you change +the port mapping, be sure to execute a search-and-replace! + +Naturally, you are free to install NGINX natively on your computer or use any other webserver altogether, but this won't +be supported by us. + +### 4.2 Starting the runtimes The connector runtimes contain both the controlplane and the dataplane. Note that in a real-world scenario those would likely be separate runtimes to be able to scale and deploy them individually. Note also, that the Kubernetes deployment @@ -222,7 +271,7 @@ makes this really easy), or to select whatever JDK you have available in each ru All run configs take their configuration from `*.env` files which are located in `deployment/assets/env`. -### 4.2 Seeding the dataspace +### 4.3 Seeding the dataspace DID documents are dynamically generated when "seeding" the data, specifically when creating the `ParticipantContext` objects in IdentityHub. This is automatically being done by a script `seed.sh`. @@ -231,7 +280,7 @@ After executing the `dataspace` run config in Intellij, be sure to **execute the have started**. Omitting to do so will leave the dataspace in an uninitialized state and cause all connector-to-connector communication to fail. -### 4.3 Next steps +### 4.4 Next steps All REST requests made from the script are available in the [Postman collection](./deployment/postman/MVD.postman_collection.json). With the [HTTP @@ -791,7 +840,7 @@ The Kubernetes deployment uses both persistent storage (PostgreSQL) and secure v #### 10.2.1 `did:web` for participants -Every participant hosts their DIDs in their IdentityHubs, which means, that the HTTP-URL that the DID maps to must be +Participants hosts their DIDs in their IdentityHubs, which means, that the HTTP-URL that the DID maps to must be accessible for all other participants. For example, every participant pod in the cluster must be able to resolve a DID from every other participant. For access to pods from outside the cluster we would be using an ingress controller, but then the other pods in the cluster cannot access it, due to missing DNS entries. That means, that the DID cannot use the @@ -799,12 +848,10 @@ _ingress URL_, but must use the _service's_ URL. A service in turn is not access are only resolvable from _inside_ the cluster. Unfortunately, there is no way around this, unless we put DIDs on a publicly resolvable CDN or webserver. -#### 10.2.2 `did:example` for the dataspace credential issuer +#### 10.2.2 `did:web` for the dataspace issuer The "dataspace issuer" does not exist as participant yet, so instead of deploying a fake IdentityHub, we opted for -introducing the (completely made up) `"did:example"` method, for which there is a [custom-built DID -resolver](extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/DidExampleResolver.java) -in the code. +simply hosting the dataspace issuer's DID as static file with NGINX. ### 10.3 No issuance (yet) diff --git a/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json b/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json index a73ec2cdd..e6d13871f 100644 --- a/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json +++ b/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json @@ -2,14 +2,14 @@ "id": "40e24588-b510-41ca-966c-c1e0f57d1b15", "participantId": "did:web:consumer-identityhub%3A7083:consumer", "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", + "issuerId": "did:web:dataspace-issuer", "holderId": "did:web:consumer-identityhub%3A7083:consumer", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpjb25zdW1lci1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAiLCJsZXZlbCI6InByb2Nlc3NpbmcifX0sImlhdCI6MTcyOTgzNjU1OX0.Bxr2R-b-2OjDjgL-NkngIdLamddtc1wm5wpGKDBuNj00F3FXUpq97DEsOO-qmkLycm4tWhTl25QPI4yni9hmAw", + "rawVc": "eyJraWQiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIja2V5LTEiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIiLCJhdWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInN1YiI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmFsaWNlIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsibXZkLWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9tdmQvY3JlZGVudGlhbHMvIiwiY29udHJhY3RWZXJzaW9uIjoibXZkLWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImxldmVsIjoibXZkLWNyZWRlbnRpYWxzOmxldmVsIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI0RhdGFQcm9jZXNzb3JDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDp3ZWI6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4Mzpjb25zdW1lciIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwibGV2ZWwiOiJwcm9jZXNzaW5nIn19LCJpYXQiOjE3Mjk4NDY1ODR9.ga1mBwFg2K_vtf7sDUebGnsQs8SLNxdY2-GYdZ9QEiuH7OEkfr32KYbF3h-Mtzn3OP6amFkIQ1HU742aLSvWCw", "credential": { "credentialSubject": [ { @@ -26,7 +26,7 @@ "DataProcessorCredential" ], "issuer": { - "id": "did:example:dataspace-issuer", + "id": "did:web:dataspace-issuer", "additionalProperties": {} }, "issuanceDate": 1702339200.000000000, diff --git a/deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json b/deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json index 3684a42ea..5e2f4094b 100644 --- a/deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json +++ b/deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json @@ -14,7 +14,7 @@ "VerifiableCredential", "http://org.yourdataspace.com#DataProcessorCredential" ], - "issuer": "did:example:dataspace-issuer", + "issuer": "did:web:dataspace-issuer", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:consumer-identityhub%3A7083:consumer", diff --git a/deployment/assets/credentials/k8s/consumer/membership-credential.json b/deployment/assets/credentials/k8s/consumer/membership-credential.json index 35510c277..165e9ba23 100644 --- a/deployment/assets/credentials/k8s/consumer/membership-credential.json +++ b/deployment/assets/credentials/k8s/consumer/membership-credential.json @@ -2,13 +2,13 @@ "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", "participantId": "did:web:consumer-identityhub%3A7083:consumer", "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", + "issuerId": "did:web:dataspace-issuer", "holderId": "did:web:consumer-identityhub%3A7083:consumer", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpjb25zdW1lci1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6Im12ZC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6Im12ZC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJtdmQtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4Mzpjb25zdW1lciIsIm1lbWJlcnNoaXAiOnsibWVtYmVyc2hpcFR5cGUiOiJGdWxsTWVtYmVyIiwid2Vic2l0ZSI6Ind3dy53aGF0ZXZlci5jb20iLCJjb250YWN0IjoiZml6ei5idXp6QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3Mjk4MzY1NTl9.mTigFc6TKFP_gKeKBrekJcsZML0IGEhEDl8hf2dXnylxpd8q7luEojHGV6Ph6pIYP390wCeZwT5RS8zYXM5PCQ", + "rawVc": "eyJraWQiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIja2V5LTEiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIiLCJhdWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInN1YiI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmFsaWNlIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsibXZkLWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9tdmQvY3JlZGVudGlhbHMvIiwibWVtYmVyc2hpcCI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoibXZkLWNyZWRlbnRpYWxzOndlYnNpdGUiLCJjb250YWN0IjoibXZkLWNyZWRlbnRpYWxzOmNvbnRhY3QiLCJzaW5jZSI6Im12ZC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpjb25zdW1lci1pZGVudGl0eWh1YiUzQTcwODM6Y29uc3VtZXIiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6ImZpenouYnV6ekB3aGF0ZXZlci5jb20iLCJzaW5jZSI6IjIwMjMtMDEtMDFUMDA6MDA6MDBaIn19fSwiaWF0IjoxNzI5ODQ2NTg0fQ.L6lr3PJ6Qkmt8k2Yfen3A8Y7_Dtk0z3KtdOJB6Q0x_33mGP76G5rEaMDPgFk5uuxj4KcZggaIAc2k7hcvA98Ag", "format": "JWT", "credential": { "credentialSubject": [ @@ -28,7 +28,7 @@ "MembershipCredential" ], "issuer": { - "id": "did:example:dataspace-issuer", + "id": "did:web:dataspace-issuer", "additionalProperties": {} }, "issuanceDate": 1702339200.000000000, diff --git a/deployment/assets/credentials/k8s/consumer/membership_vc.json b/deployment/assets/credentials/k8s/consumer/membership_vc.json index 6aba3b617..9cf55dfe4 100644 --- a/deployment/assets/credentials/k8s/consumer/membership_vc.json +++ b/deployment/assets/credentials/k8s/consumer/membership_vc.json @@ -17,7 +17,7 @@ "VerifiableCredential", "http://org.yourdataspace.com#MembershipCredential" ], - "issuer": "did:example:dataspace-issuer", + "issuer": "did:web:dataspace-issuer", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:consumer-identityhub%3A7083:consumer", diff --git a/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json b/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json index e9e759850..725618eeb 100644 --- a/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json +++ b/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json @@ -2,14 +2,14 @@ "id": "40e24588-b510-41ca-966c-c1e0f57d1ca7", "participantId": "did:web:provider-identityhub%3A7083:provider", "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", + "issuerId": "did:web:dataspace-issuer", "holderId": "did:web:provider-identityhub%3A7083:provider", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { "format": "JSON_LD", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6Ym9iIiwic3ViIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6Ym9iIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsibXZkLWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9tdmQvY3JlZGVudGlhbHMvIiwiY29udHJhY3RWZXJzaW9uIjoibXZkLWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImxldmVsIjoibXZkLWNyZWRlbnRpYWxzOmxldmVsIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI0RhdGFQcm9jZXNzb3JDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6cHJvdmlkZXIiLCJsZXZlbCI6InByb2Nlc3NpbmciLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCJ9fSwiaWF0IjoxNzI5ODM2NTU5fQ.JO8xIR2jYeLD9LNPJJ2ut0-yw-IGG1Rmgh6fLiu7CAAWn-oJ8DGyA6NwlkpUXOa-A91M7ezkbGV3FQmEdmGXDA", + "rawVc": "eyJraWQiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIja2V5LTEiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIiLCJhdWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJzdWIiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJjb250cmFjdFZlcnNpb24iOiJtdmQtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwibGV2ZWwiOiJtdmQtY3JlZGVudGlhbHM6bGV2ZWwifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOndlYjpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6cHJvdmlkZXItaWRlbnRpdHlodWIlM0E3MDgzOnByb3ZpZGVyIiwibGV2ZWwiOiJwcm9jZXNzaW5nIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAifX0sImlhdCI6MTcyOTg0NjU4NH0.9Qlsk_SuLPDIrz8v2EytZO4jxtfIaZwwP1Rmnk_VRXWLhez_QtDo03T-KvPL9UAPJmNXnbgTi2WpXzfTK0riDw", "credential": { "credentialSubject": [ { @@ -26,7 +26,7 @@ "DataProcessorCredential" ], "issuer": { - "id": "did:example:dataspace-issuer", + "id": "did:web:dataspace-issuer", "additionalProperties": {} }, "issuanceDate": 1702339200.000000000, diff --git a/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json b/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json index a696ca16b..e399c6a93 100644 --- a/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json +++ b/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json @@ -14,7 +14,7 @@ "VerifiableCredential", "http://org.yourdataspace.com#DataProcessorCredential" ], - "issuer": "did:example:dataspace-issuer", + "issuer": "did:web:dataspace-issuer", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:provider-identityhub%3A7083:provider", diff --git a/deployment/assets/credentials/k8s/provider/membership-credential.json b/deployment/assets/credentials/k8s/provider/membership-credential.json index c134ce90a..502cc09e6 100644 --- a/deployment/assets/credentials/k8s/provider/membership-credential.json +++ b/deployment/assets/credentials/k8s/provider/membership-credential.json @@ -2,13 +2,13 @@ "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", "participantId": "did:web:provider-identityhub%3A7083:provider", "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", + "issuerId": "did:web:dataspace-issuer", "holderId": "did:web:provider-identityhub%3A7083:provider", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6Ym9iIiwic3ViIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6Ym9iIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsibXZkLWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9tdmQvY3JlZGVudGlhbHMvIiwibWVtYmVyc2hpcCI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoibXZkLWNyZWRlbnRpYWxzOndlYnNpdGUiLCJjb250YWN0IjoibXZkLWNyZWRlbnRpYWxzOmNvbnRhY3QiLCJzaW5jZSI6Im12ZC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6cHJvdmlkZXItaWRlbnRpdHlodWIlM0E3MDgzOnByb3ZpZGVyIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IkZ1bGxNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSIsImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3Mjk4MzY1NTh9.ggkCYhvPM2NRrwRWMWj-y9TJfz4yN06kYENtZ0PfyDk2k43qqujW-g7qGdiwiGzqwjQ1NeXwk_GvrBSxSd6zAg", + "rawVc": "eyJraWQiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIja2V5LTEiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6d2ViOmRhdGFzcGFjZS1pc3N1ZXIiLCJhdWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJzdWIiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJtdmQtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJtdmQtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoibXZkLWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDp3ZWI6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsIm1lbWJlcnNoaXAiOnsibWVtYmVyc2hpcFR5cGUiOiJGdWxsTWVtYmVyIiwid2Vic2l0ZSI6Ind3dy53aGF0ZXZlci5jb20iLCJjb250YWN0IjoibWl4Lm1heEB3aGF0ZXZlci5jb20iLCJzaW5jZSI6IjIwMjMtMDEtMDFUMDA6MDA6MDBaIn19fSwiaWF0IjoxNzI5ODQ2NTgzfQ.ADsm6DnrOirqrn9s8oRnXKr4huW5-y2fTMHL2LS4zvcBolIpnlGn_mml-l_KJzexN_K08ZaJnsQOL5tylznYCA", "format": "JSON_LD", "credential": { "credentialSubject": [ @@ -30,7 +30,7 @@ "MembershipCredential" ], "issuer": { - "id": "did:example:dataspace-issuer", + "id": "did:web:dataspace-issuer", "additionalProperties": {} }, "issuanceDate": 1702339200.000000000, diff --git a/deployment/assets/credentials/k8s/provider/membership_vc.json b/deployment/assets/credentials/k8s/provider/membership_vc.json index 934fe3970..9cfaf782f 100644 --- a/deployment/assets/credentials/k8s/provider/membership_vc.json +++ b/deployment/assets/credentials/k8s/provider/membership_vc.json @@ -17,7 +17,7 @@ "VerifiableCredential", "http://org.yourdataspace.com#MembershipCredential" ], - "issuer": "did:example:dataspace-issuer", + "issuer": "did:web:dataspace-issuer", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:provider-identityhub%3A7083:provider", diff --git a/deployment/assets/credentials/local/consumer/dataprocessor-credential.json b/deployment/assets/credentials/local/consumer/dataprocessor-credential.json index 262408fc4..337f287c9 100644 --- a/deployment/assets/credentials/local/consumer/dataprocessor-credential.json +++ b/deployment/assets/credentials/local/consumer/dataprocessor-credential.json @@ -2,14 +2,14 @@ "id": "40e24588-b510-41ca-966c-c1e0f57d1b15", "participantId": "did:web:localhost%3A7083", "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", + "issuerId": "did:web:localhost%3A9876", "holderId": "did:web:localhost%3A7093", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpjb25zdW1lci1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA4MyIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwibGV2ZWwiOiJwcm9jZXNzaW5nIn19LCJpYXQiOjE3Mjk4MzY1NTl9.ojH0Tb3fJd-jkipg7yOEfEeUM_rOSmOLXYvUkJ_Ng_YPVqCxozxaa_C3fYkG66G9BLcxwfP03MK_8OnkjKwaCQ", + "rawVc": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYja2V5LTEiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYiLCJhdWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInN1YiI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmFsaWNlIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsibXZkLWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9tdmQvY3JlZGVudGlhbHMvIiwiY29udHJhY3RWZXJzaW9uIjoibXZkLWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImxldmVsIjoibXZkLWNyZWRlbnRpYWxzOmxldmVsIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI0RhdGFQcm9jZXNzb3JDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBOTg3NiIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImxldmVsIjoicHJvY2Vzc2luZyJ9fSwiaWF0IjoxNzI5ODQ2NTg0fQ.j1poj6mac4Eu8VMmtpeDVIhaZPRcojZ0AUSLihJ1R3xN0QR41D9pw_nPSgdUiCbKDsLiUmlzlBW6C13BzAeiAA", "credential": { "credentialSubject": [ { @@ -26,7 +26,7 @@ "DataProcessorCredential" ], "issuer": { - "id": "did:example:dataspace-issuer", + "id": "did:web:localhost%3A9876", "additionalProperties": {} }, "issuanceDate": 1702339200.000000000, diff --git a/deployment/assets/credentials/local/consumer/membership-credential.json b/deployment/assets/credentials/local/consumer/membership-credential.json index b06845f1d..3c1ea14df 100644 --- a/deployment/assets/credentials/local/consumer/membership-credential.json +++ b/deployment/assets/credentials/local/consumer/membership-credential.json @@ -2,13 +2,13 @@ "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", "participantId": "did:web:localhost%3A7083", "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", + "issuerId": "did:web:localhost%3A9876", "holderId": "did:web:localhost%3A7083", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpjb25zdW1lci1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6Im12ZC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6Im12ZC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJtdmQtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyOTgzNjU1OX0.2thO4SFErK_uW0XwkCGEP0o-Rje5ZoZgx2u8DkpVZddj7OT3QmA4INU0W7CEmSp-D6CFzV4kYZYNO0yEjgSyBQ", + "rawVc": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYja2V5LTEiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYiLCJhdWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInN1YiI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmFsaWNlIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsibXZkLWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9tdmQvY3JlZGVudGlhbHMvIiwibWVtYmVyc2hpcCI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoibXZkLWNyZWRlbnRpYWxzOndlYnNpdGUiLCJjb250YWN0IjoibXZkLWNyZWRlbnRpYWxzOmNvbnRhY3QiLCJzaW5jZSI6Im12ZC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDgzIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IkZ1bGxNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSIsImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3Mjk4NDY1ODR9.EL2MfqJIO5wEKLCBs0AWwZWugwdYhmbPbw9I6DHbhXo2xa_B__dnFkLMkdVFmUrerFUBfBxzdRq9tQf7BChOBA", "format": "JWT", "credential": { "credentialSubject": [ @@ -28,7 +28,7 @@ "MembershipCredential" ], "issuer": { - "id": "did:example:dataspace-issuer", + "id": "did:web:localhost%3A9876", "additionalProperties": {} }, "issuanceDate": 1702339200.000000000, diff --git a/deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json b/deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json index e5780fe95..887e7a5ba 100644 --- a/deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json +++ b/deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json @@ -14,7 +14,7 @@ "VerifiableCredential", "http://org.yourdataspace.com#DataProcessorCredential" ], - "issuer": "did:example:dataspace-issuer", + "issuer": "did:web:localhost%3A9876", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:localhost%3A7083", diff --git a/deployment/assets/credentials/local/consumer/unsigned/membership_vc.json b/deployment/assets/credentials/local/consumer/unsigned/membership_vc.json index f5cef4917..414fba8d4 100644 --- a/deployment/assets/credentials/local/consumer/unsigned/membership_vc.json +++ b/deployment/assets/credentials/local/consumer/unsigned/membership_vc.json @@ -17,7 +17,7 @@ "VerifiableCredential", "http://org.yourdataspace.com#MembershipCredential" ], - "issuer": "did:example:dataspace-issuer", + "issuer": "did:web:localhost%3A9876", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:localhost%3A7083", diff --git a/deployment/assets/credentials/local/provider/dataprocessor-credential.json b/deployment/assets/credentials/local/provider/dataprocessor-credential.json index 830d925f1..809288d6f 100644 --- a/deployment/assets/credentials/local/provider/dataprocessor-credential.json +++ b/deployment/assets/credentials/local/provider/dataprocessor-credential.json @@ -2,14 +2,14 @@ "id": "40e24588-b510-41ca-966c-c1e0f57d1ca7", "participantId": "did:web:localhost%3A7093", "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", + "issuerId": "did:web:localhost%3A9876", "holderId": "did:web:localhost%3A7093", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6Ym9iIiwic3ViIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6Ym9iIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsibXZkLWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9tdmQvY3JlZGVudGlhbHMvIiwiY29udHJhY3RWZXJzaW9uIjoibXZkLWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImxldmVsIjoibXZkLWNyZWRlbnRpYWxzOmxldmVsIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI0RhdGFQcm9jZXNzb3JDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwibGV2ZWwiOiJwcm9jZXNzaW5nIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAifX0sImlhdCI6MTcyOTgzNjU1OX0.Eui2yD_fPnWv5dXnP1XUZF5lkTcDW_n82QNedrDteGPCx1sWH7ifjyNwOFZyt_WieBTMsvVZ9GGVHuO6n5AiCA", + "rawVc": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYja2V5LTEiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYiLCJhdWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJzdWIiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJjb250cmFjdFZlcnNpb24iOiJtdmQtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwibGV2ZWwiOiJtdmQtY3JlZGVudGlhbHM6bGV2ZWwifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E5ODc2IiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA5MyIsImxldmVsIjoicHJvY2Vzc2luZyIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIn19LCJpYXQiOjE3Mjk4NDY1ODR9.xw0ZhPG8lVeWQEYtV5tXjNQUr_lBbGqG282B7Gri70lb6Kcjot7GYyphU2e4DKdyMsmDSIbSGfiULfmfi-KFAQ", "credential": { "credentialSubject": [ { @@ -26,7 +26,7 @@ "DataProcessorCredential" ], "issuer": { - "id": "did:example:dataspace-issuer", + "id": "did:web:localhost%3A9876", "additionalProperties": {} }, "issuanceDate": 1702339200.000000000, diff --git a/deployment/assets/credentials/local/provider/membership-credential.json b/deployment/assets/credentials/local/provider/membership-credential.json index ab434d2a4..1fe0d7866 100644 --- a/deployment/assets/credentials/local/provider/membership-credential.json +++ b/deployment/assets/credentials/local/provider/membership-credential.json @@ -2,13 +2,13 @@ "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", "participantId": "did:web:localhost%3A7093", "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", + "issuerId": "did:web:localhost%3A9876", "holderId": "did:web:localhost%3A7093", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6Ym9iIiwic3ViIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6Ym9iIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsibXZkLWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9tdmQvY3JlZGVudGlhbHMvIiwibWVtYmVyc2hpcCI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoibXZkLWNyZWRlbnRpYWxzOndlYnNpdGUiLCJjb250YWN0IjoibXZkLWNyZWRlbnRpYWxzOmNvbnRhY3QiLCJzaW5jZSI6Im12ZC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzEyMzQiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA5MyIsIm1lbWJlcnNoaXAiOnsibWVtYmVyc2hpcFR5cGUiOiJQcm9zcGVjdE1lbWJlciIsIndlYnNpdGUiOiJ3d3cucXVpenpxdWF6ei5jb20iLCJjb250YWN0IjoiZm9vLmJhckBxdWl6enF1YXp6LmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3Mjk4MzY1NTl9.jVc9KqCzkgQPfO46XL-l3vpPKmVUcqhNOOyDTWuK4bMFlen9khkHpIqYpSOsyLTP82uVLvgAHnn_4XtrJSF6BA", + "rawVc": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYja2V5LTEiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTk4NzYiLCJhdWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJzdWIiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJtdmQtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJtdmQtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoibXZkLWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMTIzNCIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBOTg3NiIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiUHJvc3BlY3RNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LnF1aXp6cXVhenouY29tIiwiY29udGFjdCI6ImZvby5iYXJAcXVpenpxdWF6ei5jb20iLCJzaW5jZSI6IjIwMjMtMDEtMDFUMDA6MDA6MDBaIn19fSwiaWF0IjoxNzI5ODQ2NTg0fQ.bAET0U_6aN-h1OnOysmWOv17uNGyru5-pw3ysLoVrDWC63vl_lgwbVpTOa5k5d0p0CrTz8m-RaUW6aBbriTfBQ", "format": "JWT", "credential": { "credentialSubject": [ @@ -30,7 +30,7 @@ "MembershipCredential" ], "issuer": { - "id": "did:example:dataspace-issuer", + "id": "did:web:localhost%3A9876", "additionalProperties": {} }, "issuanceDate": 1702339200.000000000, diff --git a/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json b/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json index 8095b0bc6..459880ce5 100644 --- a/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json +++ b/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json @@ -14,7 +14,7 @@ "VerifiableCredential", "http://org.yourdataspace.com#DataProcessorCredential" ], - "issuer": "did:example:dataspace-issuer", + "issuer": "did:web:localhost%3A9876", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:localhost%3A7093", diff --git a/deployment/assets/credentials/local/provider/unsigned/membership_vc.json b/deployment/assets/credentials/local/provider/unsigned/membership_vc.json index 62abcdee7..9fd4d2f94 100644 --- a/deployment/assets/credentials/local/provider/unsigned/membership_vc.json +++ b/deployment/assets/credentials/local/provider/unsigned/membership_vc.json @@ -17,7 +17,7 @@ "VerifiableCredential", "http://org.yourdataspace.com#MembershipCredential" ], - "issuer": "did:example:dataspace-issuer", + "issuer": "did:web:localhost%3A9876", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:localhost%3A7093", diff --git a/extensions/did-example-resolver/src/main/resources/did_example_dataspace-issuer.json b/deployment/assets/issuer/did.docker.json similarity index 66% rename from extensions/did-example-resolver/src/main/resources/did_example_dataspace-issuer.json rename to deployment/assets/issuer/did.docker.json index 721fd34b4..1c819d142 100644 --- a/extensions/did-example-resolver/src/main/resources/did_example_dataspace-issuer.json +++ b/deployment/assets/issuer/did.docker.json @@ -2,9 +2,9 @@ "service": [], "verificationMethod": [ { - "id": "did:example:dataspace-issuer#key-1", + "id": "did:web:localhost%3A9876#key-1", "type": "JsonWebKey2020", - "controller": "did:example:dataspace-issuer", + "controller": "did:web:localhost%3A9876", "publicKeyMultibase": null, "publicKeyJwk": { "kty": "OKP", @@ -16,11 +16,11 @@ "authentication": [ "key-1" ], - "id": "did:example:dataspace-issuer", + "id": "did:web:localhost%3A9876", "@context": [ "https://www.w3.org/ns/did/v1", { - "@base": "did:example:dataspace-issuer" + "@base": "did:web:localhost%3A9876" } ] } \ No newline at end of file diff --git a/deployment/assets/issuer/did.k8s.json b/deployment/assets/issuer/did.k8s.json new file mode 100644 index 000000000..87759dcbf --- /dev/null +++ b/deployment/assets/issuer/did.k8s.json @@ -0,0 +1 @@ +{"service":[],"verificationMethod":[{"id":"did:web:dataspace-issuer#key-1","type":"JsonWebKey2020","controller":"did:web:dataspace-issuer","publicKeyMultibase":null,"publicKeyJwk":{"kty":"OKP","crv":"Ed25519","x":"Hsq2QXPbbsU7j6JwXstbpxGSgliI04g_fU3z2nwkuVc"}}],"authentication":["key-1"],"id":"did:web:dataspace-issuer","@context":["https://www.w3.org/ns/did/v1",{"@base":"did:web:dataspace-issuer"}]} \ No newline at end of file diff --git a/deployment/assets/issuer/nginx.conf b/deployment/assets/issuer/nginx.conf new file mode 100644 index 000000000..fa45fbed2 --- /dev/null +++ b/deployment/assets/issuer/nginx.conf @@ -0,0 +1,9 @@ +events { worker_connections 1024; } + +http { + server { + listen 80; + root /var/www/; + index index.html; + } + } \ No newline at end of file diff --git a/deployment/issuer.tf b/deployment/issuer.tf new file mode 100644 index 000000000..3d6070a69 --- /dev/null +++ b/deployment/issuer.tf @@ -0,0 +1,110 @@ +# +# Copyright (c) 2024 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# + + +resource "kubernetes_deployment" "dataspace-issuer-did-server" { + metadata { + name = "dataspace-issuer-server" + namespace = kubernetes_namespace.ns.metadata.0.name + labels = { + App = "dataspace-issuer-server" + } + } + + spec { + replicas = 1 + selector { + match_labels = { + App = "dataspace-issuer-server" + } + } + + template { + metadata { + labels = { + App = "dataspace-issuer-server" + } + } + + spec { + + container { + image_pull_policy = "IfNotPresent" + image = "nginx:latest" + name = "nginx" + + port { + container_port = "80" + name = "web" + } + # maps the nginx.conf file + volume_mount { + mount_path = "/etc/nginx/nginx.conf" + sub_path = "nginx.conf" + name = "nginx-config" + } + + # this maps the did.json file such that it becomes available at htp:///dataspace-issuer/did.json + volume_mount { + mount_path = "/var/www/.well-known/did.json" + sub_path = "did.json" + name = "nginx-config" + } + } + + volume { + name = "nginx-config" + config_map { + name = "nginx-conf" + } + } + } + } + } +} + +resource "kubernetes_service" "dataspace-issuer-did-server-service" { + metadata { + name = "dataspace-issuer" # this must correlate with the Issuer's DID: did:web:dataspace-issuer -> http://dataspace-issuer/.well-known/did.json + namespace = kubernetes_namespace.ns.metadata.0.name + } + spec { + type = "NodePort" + selector = { + App = kubernetes_deployment.dataspace-issuer-did-server.spec.0.template.0.metadata[0].labels.App + } + # we need a stable IP, otherwise there will be a cycle with the issuer + port { + name = "web" + port = 80 + } + } +} + +resource "kubernetes_config_map" "nginx-map" { + metadata { + name = "nginx-conf" + namespace = kubernetes_namespace.ns.metadata.0.name + } + + data = { + "nginx.conf" = file("${path.root}/assets/issuer/nginx.conf") + "did.json" = file("${path.root}/assets/issuer/did.k8s.json") + } +} \ No newline at end of file diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DcpPatchExtension.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DcpPatchExtension.java index 078364978..7b5e9ebf1 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DcpPatchExtension.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DcpPatchExtension.java @@ -63,7 +63,8 @@ public void initialize(ServiceExtensionContext context) { signatureSuiteRegistry.register(VcConstants.JWS_2020_SIGNATURE_SUITE, suite); // register dataspace issuer - trustedIssuerRegistry.register(new Issuer("did:example:dataspace-issuer", Map.of()), WILDCARD); + trustedIssuerRegistry.register(new Issuer("did:web:dataspace-issuer", Map.of()), WILDCARD); + trustedIssuerRegistry.register(new Issuer("did:web:localhost%3A9876", Map.of()), WILDCARD); // register a default scope provider var contextMappingFunction = new DefaultScopeMappingFunction(Set.of("org.eclipse.edc.vc.type:MembershipCredential:read")); diff --git a/extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/DidExampleResolver.java b/extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/DidExampleResolver.java deleted file mode 100644 index 4c8ab7933..000000000 --- a/extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/DidExampleResolver.java +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 2024 Metaform Systems, Inc. - * - * This program and the accompanying materials are made available under the - * terms of the Apache License, Version 2.0 which is available at - * https://www.apache.org/licenses/LICENSE-2.0 - * - * SPDX-License-Identifier: Apache-2.0 - * - * Contributors: - * Metaform Systems, Inc. - initial API and implementation - * - */ - -package org.eclipse.edc.iam.identitytrust.core; - -import com.fasterxml.jackson.databind.ObjectMapper; -import org.eclipse.edc.iam.did.spi.document.DidDocument; -import org.eclipse.edc.iam.did.spi.resolution.DidResolver; -import org.eclipse.edc.spi.monitor.Monitor; -import org.eclipse.edc.spi.result.Result; -import org.jetbrains.annotations.NotNull; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; -import java.util.Scanner; - -public class DidExampleResolver implements DidResolver { - - private final Map cache = new HashMap<>(); - private final ObjectMapper objectMapper; - private final Monitor monitor; - - public DidExampleResolver(ObjectMapper objectMapper, Monitor monitor) { - this.objectMapper = objectMapper; - this.monitor = monitor; - } - - @Override - public @NotNull String getMethod() { - return "example"; - } - - @Override - public @NotNull Result resolve(String did) { - - // chop off fragment - var ix = did.indexOf("#"); - if (ix > 0) { - did = did.substring(0, ix); - } - - var resourceName = cache.get(did); - if (resourceName == null) { - return Result.failure("DID '%s' found found".formatted(did)); - } - try (var stream = getClass().getClassLoader().getResourceAsStream(resourceName)) { - - var scanner = new Scanner(stream).useDelimiter("\\A"); - var content = scanner.hasNext() ? scanner.next() : ""; - - var doc = objectMapper.readValue(content, DidDocument.class); - return Result.success(doc); - } catch (IOException e) { - monitor.warning("Error converting did", e); - return Result.failure("Error converting did"); - } - } - - public void addCached(String did, String url) { - cache.put(did, url); - } -} diff --git a/extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/MockServiceExtension.java b/extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/MockServiceExtension.java deleted file mode 100644 index 1621ef775..000000000 --- a/extensions/did-example-resolver/src/main/java/org/eclipse/edc/iam/identitytrust/core/MockServiceExtension.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG) - * - * This program and the accompanying materials are made available under the - * terms of the Apache License, Version 2.0 which is available at - * https://www.apache.org/licenses/LICENSE-2.0 - * - * SPDX-License-Identifier: Apache-2.0 - * - * Contributors: - * Bayerische Motoren Werke Aktiengesellschaft (BMW AG) - initial API and implementation - * - */ - -package org.eclipse.edc.iam.identitytrust.core; - -import org.eclipse.edc.iam.did.spi.resolution.DidResolverRegistry; -import org.eclipse.edc.identithub.spi.did.DidWebParser; -import org.eclipse.edc.runtime.metamodel.annotation.Inject; -import org.eclipse.edc.runtime.metamodel.annotation.Provider; -import org.eclipse.edc.spi.monitor.Monitor; -import org.eclipse.edc.spi.system.ServiceExtension; -import org.eclipse.edc.spi.system.ServiceExtensionContext; -import org.eclipse.edc.spi.types.TypeManager; - -import java.net.URI; -import java.nio.charset.Charset; - -public class MockServiceExtension implements ServiceExtension { - - @Inject - private DidResolverRegistry resolverRegistry; - - @Inject - private TypeManager typeManager; - - @Override - public void initialize(ServiceExtensionContext context) { - var didResolver = new DidExampleResolver(typeManager.getMapper(), context.getMonitor()); - - didResolver.addCached("did:example:dataspace-issuer", "did_example_dataspace-issuer.json"); - resolverRegistry.register(didResolver); - } - - @Provider - public DidWebParser createCustomDidWebParser(ServiceExtensionContext context) { - return new DidWebParserLogInterceptor(context.getMonitor()); - } - - private static class DidWebParserLogInterceptor extends DidWebParser { - private final Monitor monitor; - - private DidWebParserLogInterceptor(Monitor monitor) { - this.monitor = monitor; - } - - @Override - public String parse(URI url, Charset charset) { - var did = super.parse(url, charset); - monitor.debug("DEMO: inbound lookup URL: %s".formatted(url)); - monitor.debug("DEMO: resulting DID: '%s'".formatted(did)); - - return did; - } - } -} diff --git a/extensions/did-example-resolver/src/main/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension b/extensions/did-example-resolver/src/main/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension index 3c0ed6664..e8aee0b40 100644 --- a/extensions/did-example-resolver/src/main/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension +++ b/extensions/did-example-resolver/src/main/resources/META-INF/services/org.eclipse.edc.spi.system.ServiceExtension @@ -12,5 +12,4 @@ # # -org.eclipse.edc.iam.identitytrust.core.MockServiceExtension org.eclipse.edc.iam.identitytrust.core.SecretsExtension \ No newline at end of file diff --git a/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java b/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java index e8ccc8363..3b2b976af 100644 --- a/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java +++ b/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java @@ -33,7 +33,6 @@ import java.io.File; import java.io.IOException; import java.nio.file.Files; -import java.nio.file.Path; import java.nio.file.Paths; import java.security.KeyPair; import java.security.PrivateKey; @@ -57,15 +56,18 @@ public class JwtSigner { public static final String ISSUER_PRIVATE_KEY_FILE_PATH = System.getProperty("user.dir") + "/../../deployment/assets/issuer_private.pem"; public static final String ISSUER_PUBLIC_KEY_FILE_PATH = System.getProperty("user.dir") + "/../../deployment/assets/issuer_public.pem"; - public static final String ISSUER_DID_DOCUMENT_FILE_PATH = System.getProperty("user.dir") + "/../../extensions/did-example-resolver/src/main/resources/did_example_dataspace-issuer.json"; + public static final File ISSUER_DID_DOCUMENT_LOCAL = new File(System.getProperty("user.dir") + "/../../deployment/assets/issuer/did.docker.json"); + public static final File ISSUER_DID_DOCUMENT_K8S = new File(System.getProperty("user.dir") + "/../../deployment/assets/issuer/did.k8s.json"); + public static final String DATASPACE_ISSUER_DID_LOCAL = "did:web:localhost%3A9876"; + public static final String DATASPACE_ISSUER_DID_K8S = "did:web:dataspace-issuer"; private final ObjectMapper mapper = new ObjectMapper(); @ParameterizedTest @ArgumentsSource(InputOutputProvider.class) - void generateJwt(String rawCredentialFilePath, File vcResource, String did) throws JOSEException, IOException { + void generateJwt(String rawCredentialFilePath, File vcResource, String did, String issuerDid, File issuerDidDocument) throws JOSEException, IOException { var header = new JWSHeader.Builder(JWSAlgorithm.EdDSA) - .keyID("did:example:dataspace-issuer#key-1") + .keyID(issuerDid + "#key-1") .type(JOSEObjectType.JWT) .build(); @@ -75,7 +77,7 @@ void generateJwt(String rawCredentialFilePath, File vcResource, String did) thro var claims = new JWTClaimsSet.Builder() .audience(did) .subject(did) - .issuer("did:example:dataspace-issuer") + .issuer(issuerDid) .claim("vc", credential) .issueTime(Date.from(Instant.now())) .build(); @@ -94,14 +96,13 @@ void generateJwt(String rawCredentialFilePath, File vcResource, String did) thro Files.write(vcResource.toPath(), updatedContent.getBytes()); // update issuer DID document with new public key - var didDocFile = ISSUER_DID_DOCUMENT_FILE_PATH; var issuerJwk = CryptoConverter.createJwk(new KeyPair(publicKey, null)); - var didDoc = mapper.readValue(new File(didDocFile), DidDocument.class); + var didDoc = mapper.readValue(issuerDidDocument, DidDocument.class); var issuerPk = didDoc.getVerificationMethod().get(0).getPublicKeyJwk(); issuerPk.clear(); issuerPk.putAll(issuerJwk.toPublicJWK().toJSONObject()); - Files.write(Path.of(didDocFile), mapper.writeValueAsBytes(didDoc)); + Files.write(issuerDidDocument.toPath(), mapper.writeValueAsBytes(didDoc)); } private String readFile(String path) { @@ -120,36 +121,36 @@ public Stream provideArguments(ExtensionContext extensionCo // PROVIDER credentials, K8S and local Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/membership_vc.json", new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/membership-credential.json"), - "did:web:provider-identityhub%3A7083:bob"), + "did:web:provider-identityhub%3A7083:bob", DATASPACE_ISSUER_DID_K8S, ISSUER_DID_DOCUMENT_K8S), Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/dataprocessor_vc.json", new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/dataprocessor-credential.json"), - "did:web:provider-identityhub%3A7083:bob"), + "did:web:provider-identityhub%3A7083:bob", DATASPACE_ISSUER_DID_K8S, ISSUER_DID_DOCUMENT_K8S), Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/unsigned/membership_vc.json", new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/membership-credential.json"), - "did:web:provider-identityhub%3A7083:bob"), + "did:web:provider-identityhub%3A7083:bob", DATASPACE_ISSUER_DID_LOCAL, ISSUER_DID_DOCUMENT_LOCAL), Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json", new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/dataprocessor-credential.json"), - "did:web:provider-identityhub%3A7083:bob"), + "did:web:provider-identityhub%3A7083:bob", DATASPACE_ISSUER_DID_LOCAL, ISSUER_DID_DOCUMENT_LOCAL), // CONSUMER credentials, K8S and local Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/membership_vc.json", new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/membership-credential.json"), - "did:web:consumer-identityhub%3A7083:alice"), + "did:web:consumer-identityhub%3A7083:alice", DATASPACE_ISSUER_DID_K8S, ISSUER_DID_DOCUMENT_K8S), Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json", new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json"), - "did:web:consumer-identityhub%3A7083:alice"), + "did:web:consumer-identityhub%3A7083:alice", DATASPACE_ISSUER_DID_K8S, ISSUER_DID_DOCUMENT_K8S), Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/unsigned/membership_vc.json", new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/membership-credential.json"), - "did:web:consumer-identityhub%3A7083:alice"), + "did:web:consumer-identityhub%3A7083:alice", DATASPACE_ISSUER_DID_LOCAL, ISSUER_DID_DOCUMENT_LOCAL), Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json", new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/dataprocessor-credential.json"), - "did:web:consumer-identityhub%3A7083:alice") + "did:web:consumer-identityhub%3A7083:alice", DATASPACE_ISSUER_DID_LOCAL, ISSUER_DID_DOCUMENT_LOCAL) ); }