From a429b11bbe7b8660474eeaf062a85b24ea3c8ba5 Mon Sep 17 00:00:00 2001 From: Paul Latzelsperger <paul.latzelsperger@beardyinc.com> Date: Fri, 19 Jul 2024 10:04:45 +0200 Subject: [PATCH 1/4] let the JwtSigner test update all credentials --- .../k8s/consumer/membership-credential.json | 41 ++++++++++ .../k8s/consumer/pcf-credential.json | 41 ++++++++++ ...ential.json => membership-credential.json} | 2 +- ...cf-credential.json => pcf-credential.json} | 2 +- .../consumer/alice-membership-credential.json | 41 ---------- .../local/consumer/alice-pcf-credential.json | 41 ---------- .../local/consumer/membership-credential.json | 41 ++++++++++ .../local/consumer/pcf-credential.json | 41 ++++++++++ .../provider/bob-membership-credential.json | 43 ----------- .../local/provider/bob-pcf-credential.json | 41 ---------- .../provider/membership-credential.json} | 20 ++--- .../provider/pcf-credential.json} | 14 ++-- .../org/eclipse/edc/demo/dcp/JwtSigner.java | 76 +++++++++++++++++-- 13 files changed, 252 insertions(+), 192 deletions(-) create mode 100644 deployment/assets/credentials/k8s/consumer/membership-credential.json create mode 100644 deployment/assets/credentials/k8s/consumer/pcf-credential.json rename deployment/assets/credentials/k8s/provider/{provider-membership-credential.json => membership-credential.json} (95%) rename deployment/assets/credentials/k8s/provider/{provider-pcf-credential.json => pcf-credential.json} (95%) delete mode 100644 deployment/assets/credentials/local/consumer/alice-membership-credential.json delete mode 100644 deployment/assets/credentials/local/consumer/alice-pcf-credential.json create mode 100644 deployment/assets/credentials/local/consumer/membership-credential.json create mode 100644 deployment/assets/credentials/local/consumer/pcf-credential.json delete mode 100644 deployment/assets/credentials/local/provider/bob-membership-credential.json delete mode 100644 deployment/assets/credentials/local/provider/bob-pcf-credential.json rename deployment/assets/credentials/{k8s/consumer/consumer-membership-credential.json => local/provider/membership-credential.json} (67%) rename deployment/assets/credentials/{k8s/consumer/consumer-pcf-credential.json => local/provider/pcf-credential.json} (72%) diff --git a/deployment/assets/credentials/k8s/consumer/membership-credential.json b/deployment/assets/credentials/k8s/consumer/membership-credential.json new file mode 100644 index 00000000..9d520036 --- /dev/null +++ b/deployment/assets/credentials/k8s/consumer/membership-credential.json @@ -0,0 +1,41 @@ +{ + "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", + "participantId": "did:web:consumer-identityhub%3A7083:consumer", + "timestamp": 1700659822500, + "issuerId": "did:example:dataspace-issuer", + "holderId": "BPN0000001", + "state": 500, + "issuancePolicy": null, + "reissuancePolicy": null, + "verifiableCredential": { + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7ImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJjeC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6ImN4LWNyZWRlbnRpYWxzOmNvbnRhY3QiLCJzaW5jZSI6ImN4LWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpjb25zdW1lci1pZGVudGl0eWh1YiUzQTcwODM6Y29uc3VtZXIiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM3NjI2OX0.1E7XUNXvEMT0qSgLum-Q_C5fcz3JapF6PoFhbp2ivEeBKZPNHo_LJR50e7yKksVS7o5aHXS-Ut7BtQBzMzfuBw", + "format": "JWT", + "credential": { + "credentialSubject": [ + { + "claims": { + "membershipType": "FullMember", + "website": "www.some-other-website.com", + "contact": "bar.baz@company.com", + "since": "2023-01-01T00:00:00Z" + }, + "id": "did:web:consumer-identityhub%3A7083:consumer" + } + ], + "id": "http://org.yourdataspace.com/credentials/2347", + "type": [ + "VerifiableCredential", + "MembershipCredential" + ], + "issuer": { + "id": "did:example:dataspace-issuer", + "additionalProperties": {} + }, + "issuanceDate": 1702339200.000000000, + "expirationDate": null, + "credentialStatus": null, + "description": null, + "name": null + } + } +} diff --git a/deployment/assets/credentials/k8s/consumer/pcf-credential.json b/deployment/assets/credentials/k8s/consumer/pcf-credential.json new file mode 100644 index 00000000..1de51a28 --- /dev/null +++ b/deployment/assets/credentials/k8s/consumer/pcf-credential.json @@ -0,0 +1,41 @@ +{ + "id": "40e24588-b510-41ca-966c-c1e0f57d1b15", + "participantId": "did:web:consumer-identityhub%3A7083:consumer", + "timestamp": 1700659822500, + "issuerId": "did:example:dataspace-issuer", + "holderId": "BPN0000001", + "state": 500, + "issuancePolicy": null, + "reissuancePolicy": null, + "verifiableCredential": { + "format": "JWT", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7ImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VGVtcGxhdGUiOiJjeC1jcmVkZW50aWFsczpjb250cmFjdFRlbXBsYXRlIiwiY29udHJhY3RWZXJzaW9uIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwiaG9sZGVySWRlbnRpZmllciI6ImN4LWNyZWRlbnRpYWxzOmhvbGRlcklkZW50aWZpZXIifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jUGNmQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwiY29udHJhY3RUZW1wbGF0ZSI6Imh0dHBzOi8vcHVibGljLmNhdGVuYS14Lm9yZy9jb250cmFjdHMvcGNmLnYxLnBkZiIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwiaG9sZGVySWRlbnRpZmllciI6IkJQTjAwMDAwMFhZWiJ9fSwiaWF0IjoxNzIxMzc2MjY5fQ.QefZlw6HD7nsYoUTvgAZzHGmDOF3tQfTri0OmsohA1US8SnruaGRt_YLfP5s_VKXcpPIEA8MbIl0ojpjwE2gAg", + "credential": { + "credentialSubject": [ + { + "claims": { + "id": "did:web:consumer-identityhub%3A7083:consumer", + "holderIdentifier": "BPN0000001", + "useCaseType": "PcfCredential", + "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", + "contractVersion": "1.0.0" + } + } + ], + "id": "http://org.yourdataspace.com/credentials/1235", + "type": [ + "VerifiableCredential", + "PcfCredential" + ], + "issuer": { + "id": "did:example:dataspace-issuer", + "additionalProperties": {} + }, + "issuanceDate": 1702339200.000000000, + "expirationDate": null, + "credentialStatus": null, + "description": null, + "name": null + } + } +} diff --git a/deployment/assets/credentials/k8s/provider/provider-membership-credential.json b/deployment/assets/credentials/k8s/provider/membership-credential.json similarity index 95% rename from deployment/assets/credentials/k8s/provider/provider-membership-credential.json rename to deployment/assets/credentials/k8s/provider/membership-credential.json index 993e151a..7e34ad68 100644 --- a/deployment/assets/credentials/k8s/provider/provider-membership-credential.json +++ b/deployment/assets/credentials/k8s/provider/membership-credential.json @@ -8,7 +8,7 @@ "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoiY3gtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJjeC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJjeC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6cHJvdmlkZXItaWRlbnRpdHlodWIlM0E3MDgzOnByb3ZpZGVyIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IkZ1bGxNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSIsImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjAwOTc2ODJ9.2v-cOMvfNDieH0mLuv3kikTarjqOxuU_AG6zKe1_W_cmhweOLU6Reg1Gft37Tk5Fgun11Lppw298JzSl65a_Cw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoiY3gtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJjeC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJjeC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6cHJvdmlkZXItaWRlbnRpdHlodWIlM0E3MDgzOnByb3ZpZGVyIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IkZ1bGxNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSIsImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzNzYyNjh9._zzAQkh9PCdl3YQlRmW4pknXd_IpznVyHFF3iSPdwfMuT1obT2C0llgAyqjX9Ti8-B9dPo5pZiztRezIiFz3CA", "format": "JSON_LD", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/k8s/provider/provider-pcf-credential.json b/deployment/assets/credentials/k8s/provider/pcf-credential.json similarity index 95% rename from deployment/assets/credentials/k8s/provider/provider-pcf-credential.json rename to deployment/assets/credentials/k8s/provider/pcf-credential.json index 46c5132c..db5f41ec 100644 --- a/deployment/assets/credentials/k8s/provider/provider-pcf-credential.json +++ b/deployment/assets/credentials/k8s/provider/pcf-credential.json @@ -9,7 +9,7 @@ "reissuancePolicy": null, "verifiableCredential": { "format": "JSON_LD", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJjb250cmFjdFRlbXBsYXRlIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RUZW1wbGF0ZSIsImNvbnRyYWN0VmVyc2lvbiI6ImN4LWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImhvbGRlcklkZW50aWZpZXIiOiJjeC1jcmVkZW50aWFsczpob2xkZXJJZGVudGlmaWVyIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI1BjZkNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsImNvbnRyYWN0VGVtcGxhdGUiOiJodHRwczovL3B1YmxpYy5jYXRlbmEteC5vcmcvY29udHJhY3RzL3BjZi52MS5wZGYiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE4wMDAwMDBYWVoifX0sImlhdCI6MTcyMDA5NzcyNH0.jA5_cpC4h7T-Cspq5tyM5CiVnqCFRG1GBmnsnjcl8QjV3jpwdjd6Qu0-sYkEQzBZjyi0o79no8H8mnRWkN8HAw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJjb250cmFjdFRlbXBsYXRlIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RUZW1wbGF0ZSIsImNvbnRyYWN0VmVyc2lvbiI6ImN4LWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImhvbGRlcklkZW50aWZpZXIiOiJjeC1jcmVkZW50aWFsczpob2xkZXJJZGVudGlmaWVyIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI1BjZkNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsImNvbnRyYWN0VGVtcGxhdGUiOiJodHRwczovL3B1YmxpYy5jYXRlbmEteC5vcmcvY29udHJhY3RzL3BjZi52MS5wZGYiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE4wMDAwMDBYWVoifX0sImlhdCI6MTcyMTM3NjI2OX0.qCj-QF-A319Gy7CH4gi768_lyjvsLPZN-VtJ4WHMGH1l0IJjEVGklbtUucF2ATUNoK-5_Q8cXrRtF_iWDbLnBg", "credential": { "credentialSubject": [ { diff --git a/deployment/assets/credentials/local/consumer/alice-membership-credential.json b/deployment/assets/credentials/local/consumer/alice-membership-credential.json deleted file mode 100644 index 98ac6121..00000000 --- a/deployment/assets/credentials/local/consumer/alice-membership-credential.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", - "participantId": "did:web:localhost%3A7083", - "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", - "state": 500, - "issuancePolicy": null, - "reissuancePolicy": null, - "verifiableCredential": { - "rawVc": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIja2V5LTEifQ.eyJhdWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJpYXQiOjE3MTMzODY1MTksImlzcyI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjb250YWN0IjoiY3gtY3JlZGVudGlhbHM6Y29udGFjdCIsImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsInNpbmNlIjoiY3gtY3JlZGVudGlhbHM6c2luY2UiLCJ3ZWJzaXRlIjoiY3gtY3JlZGVudGlhbHM6d2Vic2l0ZSJ9XSwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJtZW1iZXJzaGlwIjp7ImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsIm1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSJ9fSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdfX0.XpG9YWpzta8YhQxmyW9Df0Fhb8sX1mAY65d7Yxj91DtrtG1DPwYauhnRMwnoLSszJDWXFXyfWmnltWYxPs6GAA", - "format": "JWT", - "credential": { - "credentialSubject": [ - { - "claims": { - "membershipType": "FullMember", - "website": "www.some-other-website.com", - "contact": "bar.baz@company.com", - "since": "2023-01-01T00:00:00Z" - }, - "id": "did:web:localhost%3A7083" - } - ], - "id": "http://org.yourdataspace.com/credentials/2347", - "type": [ - "VerifiableCredential", - "MembershipCredential" - ], - "issuer": { - "id": "did:example:dataspace-issuer", - "additionalProperties": {} - }, - "issuanceDate": 1702339200.000000000, - "expirationDate": null, - "credentialStatus": null, - "description": null, - "name": null - } - } -} diff --git a/deployment/assets/credentials/local/consumer/alice-pcf-credential.json b/deployment/assets/credentials/local/consumer/alice-pcf-credential.json deleted file mode 100644 index a3ceb114..00000000 --- a/deployment/assets/credentials/local/consumer/alice-pcf-credential.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "id": "40e24588-b510-41ca-966c-c1e0f57d1b15", - "participantId": "did:web:localhost%3A7083", - "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", - "state": 500, - "issuancePolicy": null, - "reissuancePolicy": null, - "verifiableCredential": { - "format": "JWT", - "rawVc": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIja2V5LTEifQ.eyJhdWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJpYXQiOjE3MTMzODY1MTksImlzcyI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjb250cmFjdFRlbXBsYXRlIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RUZW1wbGF0ZSIsImNvbnRyYWN0VmVyc2lvbiI6ImN4LWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsImhvbGRlcklkZW50aWZpZXIiOiJjeC1jcmVkZW50aWFsczpob2xkZXJJZGVudGlmaWVyIn1dLCJjcmVkZW50aWFsU3ViamVjdCI6eyJjb250cmFjdFRlbXBsYXRlIjoiaHR0cHM6Ly9wdWJsaWMuY2F0ZW5hLXgub3JnL2NvbnRyYWN0cy9wY2YudjEucGRmIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAiLCJob2xkZXJJZGVudGlmaWVyIjoiQlBOMDAwMDAwWFlaIiwiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMifSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNQY2ZDcmVkZW50aWFsIl19fQ.AVBzmjJAPNZtHXDAHBuBA6W6mTuqKUNYSz4rgXXzrMAhE9hvyY1R2MKVYeTUFP1tZUlke3okwH-tIlnPaCwyAw", - "credential": { - "credentialSubject": [ - { - "claims": { - "id": "did:web:localhost%3A7083", - "holderIdentifier": "BPN0000001", - "useCaseType": "PcfCredential", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", - "contractVersion": "1.0.0" - } - } - ], - "id": "http://org.yourdataspace.com/credentials/1235", - "type": [ - "VerifiableCredential", - "PcfCredential" - ], - "issuer": { - "id": "did:example:dataspace-issuer", - "additionalProperties": {} - }, - "issuanceDate": 1702339200.000000000, - "expirationDate": null, - "credentialStatus": null, - "description": null, - "name": null - } - } -} diff --git a/deployment/assets/credentials/local/consumer/membership-credential.json b/deployment/assets/credentials/local/consumer/membership-credential.json new file mode 100644 index 00000000..6bbc97db --- /dev/null +++ b/deployment/assets/credentials/local/consumer/membership-credential.json @@ -0,0 +1,41 @@ +{ + "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", + "participantId": "did:web:localhost%3A7083", + "timestamp": 1700659822500, + "issuerId": "did:example:dataspace-issuer", + "holderId": "BPN0000001", + "state": 500, + "issuancePolicy": null, + "reissuancePolicy": null, + "verifiableCredential": { + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7ImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJjeC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6ImN4LWNyZWRlbnRpYWxzOmNvbnRhY3QiLCJzaW5jZSI6ImN4LWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDgzIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IkZ1bGxNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSIsImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzNzYyNjl9._DAcy8jcL880AW5MIxezOv4lxzoibWAgSo9WdrwARmendNFeGruaIkL7cN7EPxo_ooCl-8XZxEA1PCCXqRozCw", + "format": "JWT", + "credential": { + "credentialSubject": [ + { + "claims": { + "membershipType": "FullMember", + "website": "www.some-other-website.com", + "contact": "bar.baz@company.com", + "since": "2023-01-01T00:00:00Z" + }, + "id": "did:web:localhost%3A7083" + } + ], + "id": "http://org.yourdataspace.com/credentials/2347", + "type": [ + "VerifiableCredential", + "MembershipCredential" + ], + "issuer": { + "id": "did:example:dataspace-issuer", + "additionalProperties": {} + }, + "issuanceDate": 1702339200.000000000, + "expirationDate": null, + "credentialStatus": null, + "description": null, + "name": null + } + } +} diff --git a/deployment/assets/credentials/local/consumer/pcf-credential.json b/deployment/assets/credentials/local/consumer/pcf-credential.json new file mode 100644 index 00000000..42ad37c8 --- /dev/null +++ b/deployment/assets/credentials/local/consumer/pcf-credential.json @@ -0,0 +1,41 @@ +{ + "id": "40e24588-b510-41ca-966c-c1e0f57d1b15", + "participantId": "did:web:localhost%3A7083", + "timestamp": 1700659822500, + "issuerId": "did:example:dataspace-issuer", + "holderId": "BPN0000001", + "state": 500, + "issuancePolicy": null, + "reissuancePolicy": null, + "verifiableCredential": { + "format": "JWT", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7ImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VGVtcGxhdGUiOiJjeC1jcmVkZW50aWFsczpjb250cmFjdFRlbXBsYXRlIiwiY29udHJhY3RWZXJzaW9uIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwiaG9sZGVySWRlbnRpZmllciI6ImN4LWNyZWRlbnRpYWxzOmhvbGRlcklkZW50aWZpZXIifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jUGNmQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA4MyIsImNvbnRyYWN0VGVtcGxhdGUiOiJodHRwczovL3B1YmxpYy5jYXRlbmEteC5vcmcvY29udHJhY3RzL3BjZi52MS5wZGYiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE4wMDAwMDBYWVoifX0sImlhdCI6MTcyMTM3NjI2OX0.KWUDSwtqrnnzqixmW0Fd1gYGrWMyu3DXd8vvz_Gm7LAMPubcyfY1Do34YAJLvLXy0Qn1E81xsicYMhlDfOi6AA", + "credential": { + "credentialSubject": [ + { + "claims": { + "id": "did:web:localhost%3A7083", + "holderIdentifier": "BPN0000001", + "useCaseType": "PcfCredential", + "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", + "contractVersion": "1.0.0" + } + } + ], + "id": "http://org.yourdataspace.com/credentials/1235", + "type": [ + "VerifiableCredential", + "PcfCredential" + ], + "issuer": { + "id": "did:example:dataspace-issuer", + "additionalProperties": {} + }, + "issuanceDate": 1702339200.000000000, + "expirationDate": null, + "credentialStatus": null, + "description": null, + "name": null + } + } +} diff --git a/deployment/assets/credentials/local/provider/bob-membership-credential.json b/deployment/assets/credentials/local/provider/bob-membership-credential.json deleted file mode 100644 index 996cd2f2..00000000 --- a/deployment/assets/credentials/local/provider/bob-membership-credential.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", - "participantId": "did:web:localhost%3A7093", - "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000002", - "state": 500, - "issuancePolicy": null, - "reissuancePolicy": null, - "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwic3ViIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsiY3gtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL2NhdGVuYXgvY3JlZGVudGlhbHMvIiwibWVtYmVyc2hpcCI6ImN4LWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6ImN4LWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6ImN4LWNyZWRlbnRpYWxzOndlYnNpdGUiLCJjb250YWN0IjoiY3gtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoiY3gtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8xMjM0IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiUHJvc3BlY3RNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LnF1aXp6cXVhenouY29tIiwiY29udGFjdCI6ImZvby5iYXJAcXVpenpxdWF6ei5jb20iLCJzaW5jZSI6IjIwMjMtMDEtMDFUMDA6MDA6MDBaIn19fSwiaWF0IjoxNzE4NDQ2Njg3fQ.u2aVR5QOZfQ0dWZ0tUWSV395so1DFcnBdzjtn4sQ5_1Yx6kILbNYMhyrsmjPwNcaS_zu0yzw3kemKVp7TvHZBw", - "format": "JWT", - "credential": { - "credentialSubject": [ - { - "claims": { - "membership": { - "contact": "fizz.buzz@quizzquazz.com", - "membershipType": "PartialMember", - "since": "2023-01-01T00:00:00Z", - "website": "www.quizzquazz.com" - } - }, - "id": "did:web:localhost%3A7093" - } - ], - "id": "http://org.yourdataspace.com/credentials/1234", - "type": [ - "VerifiableCredential", - "MembershipCredential" - ], - "issuer": { - "id": "did:example:dataspace-issuer", - "additionalProperties": {} - }, - "issuanceDate": 1702339200.000000000, - "expirationDate": null, - "credentialStatus": null, - "description": null, - "name": null - } - } -} diff --git a/deployment/assets/credentials/local/provider/bob-pcf-credential.json b/deployment/assets/credentials/local/provider/bob-pcf-credential.json deleted file mode 100644 index ad585d6b..00000000 --- a/deployment/assets/credentials/local/provider/bob-pcf-credential.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "id": "40e24588-b510-41ca-966c-c1e0f57d1ca7", - "participantId": "did:web:localhost%3A7093", - "timestamp": 1700659822500, - "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", - "state": 500, - "issuancePolicy": null, - "reissuancePolicy": null, - "verifiableCredential": { - "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwic3ViIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSIsImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLHsiY3gtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL2NhdGVuYXgvY3JlZGVudGlhbHMvIiwiY29udHJhY3RUZW1wbGF0ZSI6ImN4LWNyZWRlbnRpYWxzOmNvbnRyYWN0VGVtcGxhdGUiLCJjb250cmFjdFZlcnNpb24iOiJjeC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJob2xkZXJJZGVudGlmaWVyIjoiY3gtY3JlZGVudGlhbHM6aG9sZGVySWRlbnRpZmllciJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNQY2ZDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwiY29udHJhY3RUZW1wbGF0ZSI6Imh0dHBzOi8vcHVibGljLmNhdGVuYS14Lm9yZy9jb250cmFjdHMvcGNmLnYxLnBkZiIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwiaG9sZGVySWRlbnRpZmllciI6IkJQTjAwMDAwMFhZWiJ9fSwiaWF0IjoxNzE4NTIxMjQ3fQ.OvyW42QXWrcVoiFOT4NMAxOvuDlR9A61CTTH8sCRBtMo9I_YLCVGMcA2Fs9fAAo41E8ioKP5ayFdCVKibpUrCw", - "credential": { - "credentialSubject": [ - { - "claims": { - "id": "did:web:localhost%3A7093", - "holderIdentifier": "BPN0000002", - "useCaseType": "PcfCredential", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", - "contractVersion": "1.0.0" - } - } - ], - "id": "http://org.yourdataspace.com/credentials/1265", - "type": [ - "VerifiableCredential", - "UseCaseFrameworkCondition" - ], - "issuer": { - "id": "did:example:dataspace-issuer", - "additionalProperties": {} - }, - "issuanceDate": 1702339200.000000000, - "expirationDate": null, - "credentialStatus": null, - "description": null, - "name": null - } - } -} diff --git a/deployment/assets/credentials/k8s/consumer/consumer-membership-credential.json b/deployment/assets/credentials/local/provider/membership-credential.json similarity index 67% rename from deployment/assets/credentials/k8s/consumer/consumer-membership-credential.json rename to deployment/assets/credentials/local/provider/membership-credential.json index af9ed75e..922bbaec 100644 --- a/deployment/assets/credentials/k8s/consumer/consumer-membership-credential.json +++ b/deployment/assets/credentials/local/provider/membership-credential.json @@ -1,28 +1,30 @@ { "id": "40e24588-b510-41ca-966c-c1e0f57d1b14", - "participantId": "did:web:consumer-identityhub%3A7083:consumer", + "participantId": "did:web:localhost%3A7093", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", + "holderId": "BPN0000002", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoiY3gtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJjeC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJjeC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IkZ1bGxNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSIsImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjAwOTc3NzV9.xzZEDuPiWbkZNb0piHgjBBbW6o9JOYHEjQyCEaY2TaBpmHyOXU2QYGDOGIWRbOigNOgVsa7IZwjencpywuR2BQ", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoiY3gtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJjeC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJjeC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzEyMzQiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA5MyIsIm1lbWJlcnNoaXAiOnsibWVtYmVyc2hpcFR5cGUiOiJQcm9zcGVjdE1lbWJlciIsIndlYnNpdGUiOiJ3d3cucXVpenpxdWF6ei5jb20iLCJjb250YWN0IjoiZm9vLmJhckBxdWl6enF1YXp6LmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzNzYyNjl9.sx6mPNq14LnifS5i0NhI2mzp5lmpxyC1Iu_yHw3uzucnK7i1tr0gZ5NOHAV48dKRTxX0XZBYlw450tyFeDs_Cg", "format": "JWT", "credential": { "credentialSubject": [ { "claims": { - "membershipType": "FullMember", - "website": "www.some-other-website.com", - "contact": "bar.baz@company.com", - "since": "2023-01-01T00:00:00Z" + "membership": { + "contact": "fizz.buzz@quizzquazz.com", + "membershipType": "PartialMember", + "since": "2023-01-01T00:00:00Z", + "website": "www.quizzquazz.com" + } }, - "id": "did:web:consumer-identityhub%3A7083:consumer" + "id": "did:web:localhost%3A7093" } ], - "id": "http://org.yourdataspace.com/credentials/2347", + "id": "http://org.yourdataspace.com/credentials/1234", "type": [ "VerifiableCredential", "MembershipCredential" diff --git a/deployment/assets/credentials/k8s/consumer/consumer-pcf-credential.json b/deployment/assets/credentials/local/provider/pcf-credential.json similarity index 72% rename from deployment/assets/credentials/k8s/consumer/consumer-pcf-credential.json rename to deployment/assets/credentials/local/provider/pcf-credential.json index 0a1a0f0c..d49e2741 100644 --- a/deployment/assets/credentials/k8s/consumer/consumer-pcf-credential.json +++ b/deployment/assets/credentials/local/provider/pcf-credential.json @@ -1,6 +1,6 @@ { - "id": "40e24588-b510-41ca-966c-c1e0f57d1b15", - "participantId": "did:web:consumer-identityhub%3A7083:consumer", + "id": "40e24588-b510-41ca-966c-c1e0f57d1ca7", + "participantId": "did:web:localhost%3A7093", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", "holderId": "BPN0000001", @@ -9,23 +9,23 @@ "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJjb250cmFjdFRlbXBsYXRlIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RUZW1wbGF0ZSIsImNvbnRyYWN0VmVyc2lvbiI6ImN4LWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImhvbGRlcklkZW50aWZpZXIiOiJjeC1jcmVkZW50aWFsczpob2xkZXJJZGVudGlmaWVyIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI1BjZkNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4Mzpjb25zdW1lciIsImNvbnRyYWN0VGVtcGxhdGUiOiJodHRwczovL3B1YmxpYy5jYXRlbmEteC5vcmcvY29udHJhY3RzL3BjZi52MS5wZGYiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE4wMDAwMDBYWVoifX0sImlhdCI6MTcyMDA5Nzc1Nn0.KUwa7yvMV3Ty0RxE7WseGJXlgJpVMw_r3u6XwTOng4c7c4lSqehnwy0WhQoXd3WtkKL502R0HV8XuxvKDytnCw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJjb250cmFjdFRlbXBsYXRlIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RUZW1wbGF0ZSIsImNvbnRyYWN0VmVyc2lvbiI6ImN4LWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImhvbGRlcklkZW50aWZpZXIiOiJjeC1jcmVkZW50aWFsczpob2xkZXJJZGVudGlmaWVyIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI1BjZkNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJjb250cmFjdFRlbXBsYXRlIjoiaHR0cHM6Ly9wdWJsaWMuY2F0ZW5hLXgub3JnL2NvbnRyYWN0cy9wY2YudjEucGRmIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAiLCJob2xkZXJJZGVudGlmaWVyIjoiQlBOMDAwMDAwWFlaIn19LCJpYXQiOjE3MjEzNzYyNjl9.Jtgtl4LrZWoVf6JK8jDGpp6sNfrf5iwgaUYc9R23TntZtLYbtZ82BARmn-nfUC-YYZst3C5Wf9ewYz1eu4v2AQ", "credential": { "credentialSubject": [ { "claims": { - "id": "did:web:consumer-identityhub%3A7083:consumer", - "holderIdentifier": "BPN0000001", + "id": "did:web:localhost%3A7093", + "holderIdentifier": "BPN0000002", "useCaseType": "PcfCredential", "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", "contractVersion": "1.0.0" } } ], - "id": "http://org.yourdataspace.com/credentials/1235", + "id": "http://org.yourdataspace.com/credentials/1265", "type": [ "VerifiableCredential", - "PcfCredential" + "UseCaseFrameworkCondition" ], "issuer": { "id": "did:example:dataspace-issuer", diff --git a/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java b/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java index 22b1719c..be0e553c 100644 --- a/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java +++ b/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java @@ -14,6 +14,7 @@ package org.eclipse.edc.demo.dcp; +import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.ObjectMapper; import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JOSEObjectType; @@ -21,18 +22,25 @@ import com.nimbusds.jose.JWSHeader; import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; +import org.eclipse.edc.identityhub.spi.verifiablecredentials.model.VerifiableCredentialResource; import org.eclipse.edc.keys.keyparsers.PemParser; import org.eclipse.edc.security.token.jwt.CryptoConverter; -import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtensionContext; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.ArgumentsProvider; +import org.junit.jupiter.params.provider.ArgumentsSource; import java.io.File; import java.io.IOException; import java.nio.file.Files; +import java.nio.file.Path; import java.nio.file.Paths; import java.security.PrivateKey; import java.time.Instant; import java.util.Date; import java.util.Map; +import java.util.stream.Stream; import static org.mockito.Mockito.mock; @@ -46,9 +54,13 @@ public class JwtSigner { private final ObjectMapper mapper = new ObjectMapper(); + private static final TypeReference<Map<String, Object>> MAP_TYPE = new TypeReference<>() { + }; - @Test - void generateJwt() throws JOSEException, IOException { + @SuppressWarnings("unchecked") + @ParameterizedTest + @ArgumentsSource(InputOutputProvider.class) + void generateJwt(String rawCredentialFilePAth, File vcResource, String did) throws JOSEException, IOException { var header = new JWSHeader.Builder(JWSAlgorithm.EdDSA) .keyID("did:example:dataspace-issuer#key-1") @@ -57,12 +69,12 @@ void generateJwt() throws JOSEException, IOException { //todo: change this to whatever credential JSON you want to sign - var credential = mapper.readValue(new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/membership_vc.json"), Map.class); + var credential = mapper.readValue(new File(rawCredentialFilePAth), Map.class); //todo: change the claims to suit your needs - JWTClaimsSet claims = new JWTClaimsSet.Builder() - .audience("did:web:bob-identityhub%3A7083:bob") - .subject("did:web:bob-identityhub%3A7083:bob") + var claims = new JWTClaimsSet.Builder() + .audience(did) + .subject(did) .issuer("did:example:dataspace-issuer") .claim("vc", credential) .issueTime(Date.from(Instant.now())) @@ -74,7 +86,12 @@ void generateJwt() throws JOSEException, IOException { var jwt = new SignedJWT(header, claims); jwt.sign(CryptoConverter.createSignerFor(privateKey)); - System.out.println(jwt.serialize()); + // replace the "rawVc" field in the output file + + var content = Files.readString(vcResource.toPath()); + var updatedContent = content.replaceFirst("\"rawVc\":.*,", "\"rawVc\": \"%s\",".formatted(jwt.serialize())); +// mapper.writeValue(vcResource, updatedContent); + Files.write(vcResource.toPath(), updatedContent.getBytes()); } private String readFile(String path) { @@ -84,4 +101,47 @@ private String readFile(String path) { throw new RuntimeException(e); } } + + private static class InputOutputProvider implements ArgumentsProvider { + @Override + public Stream<? extends Arguments> provideArguments(ExtensionContext extensionContext) throws Exception { + return Stream.of( + + // PROVIDER credentials, K8S and local + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/membership_vc.json", + new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/membership-credential.json"), + "did:web:bob-identityhub%3A7083:bob"), + + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/pcf_vc.json", + new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/pcf-credential.json"), + "did:web:bob-identityhub%3A7083:bob"), + + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/unsigned/membership_vc.json", + new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/membership-credential.json"), + "did:web:bob-identityhub%3A7083:bob"), + + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/unsigned/pcf_vc.json", + new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/pcf-credential.json"), + "did:web:bob-identityhub%3A7083:bob"), + + // CONSUMER credentials, K8S and local + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/membership_vc.json", + new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/membership-credential.json"), + "did:web:alice-identityhub%3A7083:alice"), + + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/pcf_vc.json", + new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/pcf-credential.json"), + "did:web:alice-identityhub%3A7083:alice"), + + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/unsigned/membership_vc.json", + new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/membership-credential.json"), + "did:web:alice-identityhub%3A7083:alice"), + + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/unsigned/pcf_vc.json", + new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/pcf-credential.json"), + "did:web:alice-identityhub%3A7083:alice") + + ); + } + } } From 61924abbca8920e541dcc8472fd51d87f72661bf Mon Sep 17 00:00:00 2001 From: Paul Latzelsperger <paul.latzelsperger@beardyinc.com> Date: Fri, 19 Jul 2024 12:33:32 +0200 Subject: [PATCH 2/4] change credentials --- README.md | 43 ++++++++++--------- ...ial.json => dataprocessor-credential.json} | 12 +++--- .../{pcf_vc.json => dataprocessor_vc.json} | 12 +++--- .../k8s/consumer/membership-credential.json | 4 +- .../k8s/consumer/membership_vc.json | 14 +++--- ...ial.json => dataprocessor-credential.json} | 10 ++--- .../{pcf_vc.json => dataprocessor_vc.json} | 13 +++--- .../k8s/provider/membership-credential.json | 4 +- .../k8s/provider/membership_vc.json | 12 +++--- ...ial.json => dataprocessor-credential.json} | 12 +++--- .../local/consumer/membership-credential.json | 4 +- .../{pcf_vc.json => dataprocessor_vc.json} | 12 +++--- .../consumer/unsigned/membership_vc.json | 12 +++--- ...ial.json => dataprocessor-credential.json} | 10 ++--- .../local/provider/membership-credential.json | 4 +- .../{pcf_vc.json => dataprocessor_vc.json} | 12 +++--- .../provider/unsigned/membership_vc.json | 12 +++--- .../postman/MVD.postman_collection.json | 31 +++++++------ ...> DataAccessCredentialScopeExtractor.java} | 18 +++----- .../edc/demo/dcp/core/DcpPatchExtension.java | 2 +- ...tion.java => DataAccessLevelFunction.java} | 21 +++++---- ...embershipCredentialEvaluationFunction.java | 4 +- .../dcp/policy/PolicyEvaluationExtension.java | 26 ++++++----- .../edc/demo/dcp/ih/IdentityHubExtension.java | 2 +- .../edc/demo/dcp/ih/MvdScopeTransformer.java | 4 +- .../org/eclipse/edc/demo/dcp/JwtSigner.java | 31 ++++++------- 26 files changed, 160 insertions(+), 181 deletions(-) rename deployment/assets/credentials/k8s/consumer/{pcf-credential.json => dataprocessor-credential.json} (51%) rename deployment/assets/credentials/k8s/consumer/{pcf_vc.json => dataprocessor_vc.json} (53%) rename deployment/assets/credentials/k8s/provider/{pcf-credential.json => dataprocessor-credential.json} (53%) rename deployment/assets/credentials/k8s/provider/{pcf_vc.json => dataprocessor_vc.json} (50%) rename deployment/assets/credentials/local/consumer/{pcf-credential.json => dataprocessor-credential.json} (51%) rename deployment/assets/credentials/local/consumer/unsigned/{pcf_vc.json => dataprocessor_vc.json} (52%) rename deployment/assets/credentials/local/provider/{pcf-credential.json => dataprocessor-credential.json} (52%) rename deployment/assets/credentials/local/provider/unsigned/{pcf_vc.json => dataprocessor_vc.json} (52%) rename extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/{FrameworkCredentialScopeExtractor.java => DataAccessCredentialScopeExtractor.java} (63%) rename extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/{UseCaseFunction.java => DataAccessLevelFunction.java} (70%) diff --git a/README.md b/README.md index 5f22c859..572a64fe 100644 --- a/README.md +++ b/README.md @@ -14,12 +14,12 @@ - [1. Build the runtime images](#1-build-the-runtime-images) - [Executing REST requests using Postman](#executing-rest-requests-using-postman) - [Other caveats, shortcuts and workarounds](#other-caveats-shortcuts-and-workarounds) - - [1. In-memory stores in local deployment](#1-in-memory-stores-in-local-deployment) - - [2. Policy Extractor](#2-policy-extractor) - - [3. Scope-to-criterion transformer](#3-scope-to-criterion-transformer) - - [4. DID resolution](#4-did-resolution) - - [4.1 `did:web` for participants](#41-didweb-for-participants) - - [4.2 `did:example` for the dataspace credential issuer](#42-didexample-for-the-dataspace-credential-issuer) \* [5. No issuance (yet)](#5-no-issuance-yet) + - [1. In-memory stores in local deployment](#1-in-memory-stores-in-local-deployment) + - [2. Policy Extractor](#2-policy-extractor) + - [3. Scope-to-criterion transformer](#3-scope-to-criterion-transformer) + - [4. DID resolution](#4-did-resolution) + - [4.1 `did:web` for participants](#41-didweb-for-participants) + - [4.2 `did:example` for the dataspace credential issuer](#42-didexample-for-the-dataspace-credential-issuer) \* [5. No issuance (yet)](#5-no-issuance-yet) <!-- TOC --> ## Introduction @@ -70,35 +70,38 @@ Consumer Corp has a connector plus its own IdentityHub. ### Data setup "provider-qna" and "provider-manufacturing" both have two data assets each, named `"asset-1"` and `"asset-2"` but -neither -"provider-qna" nor "provider-manufacturing" expose their -catalog endpoint directly to the internet. Instead, the catalog server (provider company) provides -a catalog that contains special assets (think: pointers) to both "provider-qna"'s and "provider-manufacturing"'s -connectors. We call this a "root catalog", and the pointers are called "catalog assets". This means, that by resolving -the root catalog, and by following the links in it, "Consumer Corp" can resolve the actual asset from "provider-qna" and -"provider-manufacturing". +neither "provider-qna" nor "provider-manufacturing" expose their catalog endpoint directly to the internet. Instead, the +catalog server (provider company) provides a catalog that contains special assets (think: pointers) to both " +provider-qna"'s and "provider-manufacturing"'s connectors. We call this a "root catalog", and the pointers are called " +catalog assets". This means, that by resolving the root catalog, and by following the links in it, "Consumer Corp" can +resolve the actual asset from "provider-qna" and "provider-manufacturing". ### Access control Both assets of "provider-qna" and "provider-manufacturing" have some access restrictions on them: -- `asset-1`: requires a membership credential to view and a PCF Use Case credential to negotiate a contract -- `asset-2`: requires a membership credential to view and a Sustainability Use Case credential to negotiate a contract +- `asset-1`: requires a membership credential to view and a Data Processor credential to negotiate a contract and + transfer data +- `asset-2`: requires a membership credential to view and a Sensitive Data credential to negotiate a contract These requirements are formulated as EDC policies. In addition, it is a dataspace rule that -the `MembershipCredential` must be presented in _every_ request. +the `MembershipCredential` must be presented in _every_ request. This credential attests that the holder is a member of +the dataspace. -Furthermore, all connectors are in possession of the `MembershipCredential` as well as a `PcfCredential`. _Neither has -the `SustainabilityCredential`_! That means that no contract for `asset-2` can be negotiated! +In this fictitious dataspace, the DataProcessorCredential attests to the "ability of the holder to process data", and +the SensitiveDataCredential attests to the "ability of the holder to handle sensitive data". + +All participants of the dataspace are in possession of the `MembershipCredential` as well as a `DataProcessorCredential`. +_None possess the `SensitiveDataCredential`_. That means that no contract for `asset-2` can be negotiated! For the purposes of this demo the VerifiableCredentials are pre-created and are seeded to the participants' credential -storage (no issuance). +storage ([no issuance](#5-no-issuance-yet)). If the consumer wants to view the consolidated catalog (containing assets from the provider's Q&A and manufacturing departments), then negotiate a contract for an asset, and then transfer the asset, she needs to present several credentials: - catalog request: present `MembershipCredential` -- contract negotiation: `MembershipCredential` and `PcfCredential` or `SustainabilityCredential`, respectively +- contract negotiation: `MembershipCredential` and `DataProcessorCredential` or `SensitiveDataCredential`, respectively - transfer process: `MembershipCredential` ## Running the demo (inside IntelliJ) diff --git a/deployment/assets/credentials/k8s/consumer/pcf-credential.json b/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json similarity index 51% rename from deployment/assets/credentials/k8s/consumer/pcf-credential.json rename to deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json index 1de51a28..ea34cf64 100644 --- a/deployment/assets/credentials/k8s/consumer/pcf-credential.json +++ b/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json @@ -3,29 +3,27 @@ "participantId": "did:web:consumer-identityhub%3A7083:consumer", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", + "holderId": "did:web:consumer-identityhub%3A7083:consumer", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7ImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VGVtcGxhdGUiOiJjeC1jcmVkZW50aWFsczpjb250cmFjdFRlbXBsYXRlIiwiY29udHJhY3RWZXJzaW9uIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwiaG9sZGVySWRlbnRpZmllciI6ImN4LWNyZWRlbnRpYWxzOmhvbGRlcklkZW50aWZpZXIifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jUGNmQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwiY29udHJhY3RUZW1wbGF0ZSI6Imh0dHBzOi8vcHVibGljLmNhdGVuYS14Lm9yZy9jb250cmFjdHMvcGNmLnYxLnBkZiIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwiaG9sZGVySWRlbnRpZmllciI6IkJQTjAwMDAwMFhZWiJ9fSwiaWF0IjoxNzIxMzc2MjY5fQ.QefZlw6HD7nsYoUTvgAZzHGmDOF3tQfTri0OmsohA1US8SnruaGRt_YLfP5s_VKXcpPIEA8MbIl0ojpjwE2gAg", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAiLCJsZXZlbCI6InByb2Nlc3NpbmcifX0sImlhdCI6MTcyMTM4NDg3Mn0.y8vY5eF3VMyt0jGPrfsNn5oQMBDsNgMFGf0aw1zMR4NFuOw7OqaUc-zI2UjMRR00hUz9bykWKqCRK_KwG1pCAw", "credential": { "credentialSubject": [ { "claims": { "id": "did:web:consumer-identityhub%3A7083:consumer", - "holderIdentifier": "BPN0000001", - "useCaseType": "PcfCredential", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", - "contractVersion": "1.0.0" + "contractVersion": "1.0.0", + "level": "processing" } } ], "id": "http://org.yourdataspace.com/credentials/1235", "type": [ "VerifiableCredential", - "PcfCredential" + "DataProcessorCredential" ], "issuer": { "id": "did:example:dataspace-issuer", diff --git a/deployment/assets/credentials/k8s/consumer/pcf_vc.json b/deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json similarity index 53% rename from deployment/assets/credentials/k8s/consumer/pcf_vc.json rename to deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json index be2bc9cb..3684a42e 100644 --- a/deployment/assets/credentials/k8s/consumer/pcf_vc.json +++ b/deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json @@ -4,23 +4,21 @@ "https://w3id.org/security/suites/jws-2020/v1", "https://www.w3.org/ns/did/v1", { - "cx-credentials": "https://w3id.org/catenax/credentials/", - "contractTemplate": "cx-credentials:contractTemplate", - "contractVersion": "cx-credentials:contractVersion", - "holderIdentifier": "cx-credentials:holderIdentifier" + "mvd-credentials": "https://w3id.org/mvd/credentials/", + "contractVersion": "mvd-credentials:contractVersion", + "level": "mvd-credentials:level" } ], "id": "http://org.yourdataspace.com/credentials/2347", "type": [ "VerifiableCredential", - "http://org.yourdataspace.com#PcfCredential" + "http://org.yourdataspace.com#DataProcessorCredential" ], "issuer": "did:example:dataspace-issuer", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:consumer-identityhub%3A7083:consumer", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", "contractVersion": "1.0.0", - "holderIdentifier": "BPN000000XYZ" + "level": "processing" } } \ No newline at end of file diff --git a/deployment/assets/credentials/k8s/consumer/membership-credential.json b/deployment/assets/credentials/k8s/consumer/membership-credential.json index 9d520036..dc54c118 100644 --- a/deployment/assets/credentials/k8s/consumer/membership-credential.json +++ b/deployment/assets/credentials/k8s/consumer/membership-credential.json @@ -3,12 +3,12 @@ "participantId": "did:web:consumer-identityhub%3A7083:consumer", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", + "holderId": "did:web:consumer-identityhub%3A7083:consumer", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7ImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJjeC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6ImN4LWNyZWRlbnRpYWxzOmNvbnRhY3QiLCJzaW5jZSI6ImN4LWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpjb25zdW1lci1pZGVudGl0eWh1YiUzQTcwODM6Y29uc3VtZXIiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM3NjI2OX0.1E7XUNXvEMT0qSgLum-Q_C5fcz3JapF6PoFhbp2ivEeBKZPNHo_LJR50e7yKksVS7o5aHXS-Ut7BtQBzMzfuBw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6Im12ZC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6Im12ZC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJtdmQtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4Mzpjb25zdW1lciIsIm1lbWJlcnNoaXAiOnsibWVtYmVyc2hpcFR5cGUiOiJGdWxsTWVtYmVyIiwid2Vic2l0ZSI6Ind3dy53aGF0ZXZlci5jb20iLCJjb250YWN0IjoiZml6ei5idXp6QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzODQ4NzJ9.fmcOHOKLERAta_gMx98fPLvyxiFOYEnZIMGFgr9fiydNGbEGOPrcxuFoh7wqtS2HiKWhjm0zZqld4iAr-c2WBg", "format": "JWT", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/k8s/consumer/membership_vc.json b/deployment/assets/credentials/k8s/consumer/membership_vc.json index 26e213e0..6aba3b61 100644 --- a/deployment/assets/credentials/k8s/consumer/membership_vc.json +++ b/deployment/assets/credentials/k8s/consumer/membership_vc.json @@ -4,12 +4,12 @@ "https://w3id.org/security/suites/jws-2020/v1", "https://www.w3.org/ns/did/v1", { - "cx-credentials": "https://w3id.org/catenax/credentials/", - "membership": "cx-credentials:membership", - "membershipType": "cx-credentials:membershipType", - "website": "cx-credentials:website", - "contact": "cx-credentials:contact", - "since": "cx-credentials:since" + "mvd-credentials": "https://w3id.org/mvd/credentials/", + "membership": "mvd-credentials:membership", + "membershipType": "mvd-credentials:membershipType", + "website": "mvd-credentials:website", + "contact": "mvd-credentials:contact", + "since": "mvd-credentials:since" } ], "id": "http://org.yourdataspace.com/credentials/2347", @@ -24,7 +24,7 @@ "membership": { "membershipType": "FullMember", "website": "www.whatever.com", - "contact": "mix.max@whatever.com", + "contact": "fizz.buzz@whatever.com", "since": "2023-01-01T00:00:00Z" } } diff --git a/deployment/assets/credentials/k8s/provider/pcf-credential.json b/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json similarity index 53% rename from deployment/assets/credentials/k8s/provider/pcf-credential.json rename to deployment/assets/credentials/k8s/provider/dataprocessor-credential.json index db5f41ec..da4e84e9 100644 --- a/deployment/assets/credentials/k8s/provider/pcf-credential.json +++ b/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json @@ -3,22 +3,20 @@ "participantId": "did:web:provider-identityhub%3A7083:provider", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", + "holderId": "did:web:provider-identityhub%3A7083:provider", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { "format": "JSON_LD", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJjb250cmFjdFRlbXBsYXRlIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RUZW1wbGF0ZSIsImNvbnRyYWN0VmVyc2lvbiI6ImN4LWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImhvbGRlcklkZW50aWZpZXIiOiJjeC1jcmVkZW50aWFsczpob2xkZXJJZGVudGlmaWVyIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI1BjZkNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsImNvbnRyYWN0VGVtcGxhdGUiOiJodHRwczovL3B1YmxpYy5jYXRlbmEteC5vcmcvY29udHJhY3RzL3BjZi52MS5wZGYiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE4wMDAwMDBYWVoifX0sImlhdCI6MTcyMTM3NjI2OX0.qCj-QF-A319Gy7CH4gi768_lyjvsLPZN-VtJ4WHMGH1l0IJjEVGklbtUucF2ATUNoK-5_Q8cXrRtF_iWDbLnBg", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJjb250cmFjdFZlcnNpb24iOiJtdmQtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwibGV2ZWwiOiJtdmQtY3JlZGVudGlhbHM6bGV2ZWwifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsImxldmVsIjoicHJvY2Vzc2luZyJ9fSwiaWF0IjoxNzIxMzg0ODcyfQ.nmUHyL1zIjwzSnt_0uQddAT3ULkofNrUYZTSnVBH3uOPmBDO5RdUvfVXrczOPZMi6Psg288vge7J6glEae0fBA", "credential": { "credentialSubject": [ { "claims": { "id": "did:web:provider-identityhub%3A7083:provider", - "holderIdentifier": "BPN0000002", - "useCaseType": "PcfCredential", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", - "contractVersion": "1.0.0" + "contractVersion": "1.0.0", + "level": "processing" } } ], diff --git a/deployment/assets/credentials/k8s/provider/pcf_vc.json b/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json similarity index 50% rename from deployment/assets/credentials/k8s/provider/pcf_vc.json rename to deployment/assets/credentials/k8s/provider/dataprocessor_vc.json index 96ad1e12..34b441c4 100644 --- a/deployment/assets/credentials/k8s/provider/pcf_vc.json +++ b/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json @@ -4,23 +4,20 @@ "https://w3id.org/security/suites/jws-2020/v1", "https://www.w3.org/ns/did/v1", { - "cx-credentials": "https://w3id.org/catenax/credentials/", - "contractTemplate": "cx-credentials:contractTemplate", - "contractVersion": "cx-credentials:contractVersion", - "holderIdentifier": "cx-credentials:holderIdentifier" + "mvd-credentials": "https://w3id.org/mvd/credentials/", + "contractVersion": "mvd-credentials:contractVersion", + "level": "mvd-credentials:level" } ], "id": "http://org.yourdataspace.com/credentials/2347", "type": [ "VerifiableCredential", - "http://org.yourdataspace.com#PcfCredential" + "http://org.yourdataspace.com#DataProcessorCredential" ], "issuer": "did:example:dataspace-issuer", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:provider-identityhub%3A7083:provider", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", - "contractVersion": "1.0.0", - "holderIdentifier": "BPN000000XYZ" + "level": "processing" } } \ No newline at end of file diff --git a/deployment/assets/credentials/k8s/provider/membership-credential.json b/deployment/assets/credentials/k8s/provider/membership-credential.json index 7e34ad68..1daa6819 100644 --- a/deployment/assets/credentials/k8s/provider/membership-credential.json +++ b/deployment/assets/credentials/k8s/provider/membership-credential.json @@ -3,12 +3,12 @@ "participantId": "did:web:provider-identityhub%3A7083:provider", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000002", + "holderId": "did:web:provider-identityhub%3A7083:provider", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoiY3gtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJjeC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJjeC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6cHJvdmlkZXItaWRlbnRpdHlodWIlM0E3MDgzOnByb3ZpZGVyIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IkZ1bGxNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSIsImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzNzYyNjh9._zzAQkh9PCdl3YQlRmW4pknXd_IpznVyHFF3iSPdwfMuT1obT2C0llgAyqjX9Ti8-B9dPo5pZiztRezIiFz3CA", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJtdmQtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJtdmQtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoibXZkLWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6cHJvdmlkZXIiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NDg3Mn0.lpiYgm4TA-3Zx-mGagXQ7HfCgCPlPuh5oX8rItwsG721mt2_xACmlUCBFs8W0_GRDyI5GTDl73jegpTI-LnICw", "format": "JSON_LD", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/k8s/provider/membership_vc.json b/deployment/assets/credentials/k8s/provider/membership_vc.json index 7ebb3bfe..934fe397 100644 --- a/deployment/assets/credentials/k8s/provider/membership_vc.json +++ b/deployment/assets/credentials/k8s/provider/membership_vc.json @@ -4,12 +4,12 @@ "https://w3id.org/security/suites/jws-2020/v1", "https://www.w3.org/ns/did/v1", { - "cx-credentials": "https://w3id.org/catenax/credentials/", - "membership": "cx-credentials:membership", - "membershipType": "cx-credentials:membershipType", - "website": "cx-credentials:website", - "contact": "cx-credentials:contact", - "since": "cx-credentials:since" + "mvd-credentials": "https://w3id.org/mvd/credentials/", + "membership": "mvd-credentials:membership", + "membershipType": "mvd-credentials:membershipType", + "website": "mvd-credentials:website", + "contact": "mvd-credentials:contact", + "since": "mvd-credentials:since" } ], "id": "http://org.yourdataspace.com/credentials/2347", diff --git a/deployment/assets/credentials/local/consumer/pcf-credential.json b/deployment/assets/credentials/local/consumer/dataprocessor-credential.json similarity index 51% rename from deployment/assets/credentials/local/consumer/pcf-credential.json rename to deployment/assets/credentials/local/consumer/dataprocessor-credential.json index 42ad37c8..cb6444d0 100644 --- a/deployment/assets/credentials/local/consumer/pcf-credential.json +++ b/deployment/assets/credentials/local/consumer/dataprocessor-credential.json @@ -3,29 +3,27 @@ "participantId": "did:web:localhost%3A7083", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", + "holderId": "did:web:localhost%3A7093", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7ImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VGVtcGxhdGUiOiJjeC1jcmVkZW50aWFsczpjb250cmFjdFRlbXBsYXRlIiwiY29udHJhY3RWZXJzaW9uIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwiaG9sZGVySWRlbnRpZmllciI6ImN4LWNyZWRlbnRpYWxzOmhvbGRlcklkZW50aWZpZXIifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jUGNmQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA4MyIsImNvbnRyYWN0VGVtcGxhdGUiOiJodHRwczovL3B1YmxpYy5jYXRlbmEteC5vcmcvY29udHJhY3RzL3BjZi52MS5wZGYiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImhvbGRlcklkZW50aWZpZXIiOiJCUE4wMDAwMDBYWVoifX0sImlhdCI6MTcyMTM3NjI2OX0.KWUDSwtqrnnzqixmW0Fd1gYGrWMyu3DXd8vvz_Gm7LAMPubcyfY1Do34YAJLvLXy0Qn1E81xsicYMhlDfOi6AA", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA4MyIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwibGV2ZWwiOiJwcm9jZXNzaW5nIn19LCJpYXQiOjE3MjEzODQ4NzJ9.rPSA0yvZuiGXnNqXqde-QAYBYXyJ1wDB2-1q2IAiigttX2LbE9paCEvJOXC_hf6Vi1nI-5gzvvIRAESKim2dBw", "credential": { "credentialSubject": [ { "claims": { "id": "did:web:localhost%3A7083", - "holderIdentifier": "BPN0000001", - "useCaseType": "PcfCredential", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", - "contractVersion": "1.0.0" + "contractVersion": "1.0.0", + "level": "processing" } } ], "id": "http://org.yourdataspace.com/credentials/1235", "type": [ "VerifiableCredential", - "PcfCredential" + "DataProcessorCredential" ], "issuer": { "id": "did:example:dataspace-issuer", diff --git a/deployment/assets/credentials/local/consumer/membership-credential.json b/deployment/assets/credentials/local/consumer/membership-credential.json index 6bbc97db..f67c17bc 100644 --- a/deployment/assets/credentials/local/consumer/membership-credential.json +++ b/deployment/assets/credentials/local/consumer/membership-credential.json @@ -3,12 +3,12 @@ "participantId": "did:web:localhost%3A7083", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", + "holderId": "did:web:localhost%3A7083", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7ImN4LWNyZWRlbnRpYWxzIjoiaHR0cHM6Ly93M2lkLm9yZy9jYXRlbmF4L2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwIiwibWVtYmVyc2hpcFR5cGUiOiJjeC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJjeC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6ImN4LWNyZWRlbnRpYWxzOmNvbnRhY3QiLCJzaW5jZSI6ImN4LWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDgzIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IkZ1bGxNZW1iZXIiLCJ3ZWJzaXRlIjoid3d3LndoYXRldmVyLmNvbSIsImNvbnRhY3QiOiJtaXgubWF4QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzNzYyNjl9._DAcy8jcL880AW5MIxezOv4lxzoibWAgSo9WdrwARmendNFeGruaIkL7cN7EPxo_ooCl-8XZxEA1PCCXqRozCw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6Im12ZC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6Im12ZC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJtdmQtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NDg3Mn0.Hle3iommEl5rgeFCY3i6GpvSa5JDEp6bDL9A7GhmJiG_KOa7rMw5EqlDTg3c3ZxFkIwSzQNElPkFcrPA7Sd-Dw", "format": "JWT", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/local/consumer/unsigned/pcf_vc.json b/deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json similarity index 52% rename from deployment/assets/credentials/local/consumer/unsigned/pcf_vc.json rename to deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json index 4d3ad471..e5780fe9 100644 --- a/deployment/assets/credentials/local/consumer/unsigned/pcf_vc.json +++ b/deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json @@ -4,23 +4,21 @@ "https://w3id.org/security/suites/jws-2020/v1", "https://www.w3.org/ns/did/v1", { - "cx-credentials": "https://w3id.org/catenax/credentials/", - "contractTemplate": "cx-credentials:contractTemplate", - "contractVersion": "cx-credentials:contractVersion", - "holderIdentifier": "cx-credentials:holderIdentifier" + "mvd-credentials": "https://w3id.org/mvd/credentials/", + "contractVersion": "mvd-credentials:contractVersion", + "level": "mvd-credentials:level" } ], "id": "http://org.yourdataspace.com/credentials/2347", "type": [ "VerifiableCredential", - "http://org.yourdataspace.com#PcfCredential" + "http://org.yourdataspace.com#DataProcessorCredential" ], "issuer": "did:example:dataspace-issuer", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:localhost%3A7083", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", "contractVersion": "1.0.0", - "holderIdentifier": "BPN000000XYZ" + "level": "processing" } } \ No newline at end of file diff --git a/deployment/assets/credentials/local/consumer/unsigned/membership_vc.json b/deployment/assets/credentials/local/consumer/unsigned/membership_vc.json index e1e5bdb9..f5cef491 100644 --- a/deployment/assets/credentials/local/consumer/unsigned/membership_vc.json +++ b/deployment/assets/credentials/local/consumer/unsigned/membership_vc.json @@ -4,12 +4,12 @@ "https://w3id.org/security/suites/jws-2020/v1", "https://www.w3.org/ns/did/v1", { - "cx-credentials": "https://w3id.org/catenax/credentials/", - "membership": "cx-credentials:membership", - "membershipType": "cx-credentials:membershipType", - "website": "cx-credentials:website", - "contact": "cx-credentials:contact", - "since": "cx-credentials:since" + "mvd-credentials": "https://w3id.org/mvd/credentials/", + "membership": "mvd-credentials:membership", + "membershipType": "mvd-credentials:membershipType", + "website": "mvd-credentials:website", + "contact": "mvd-credentials:contact", + "since": "mvd-credentials:since" } ], "id": "http://org.yourdataspace.com/credentials/2347", diff --git a/deployment/assets/credentials/local/provider/pcf-credential.json b/deployment/assets/credentials/local/provider/dataprocessor-credential.json similarity index 52% rename from deployment/assets/credentials/local/provider/pcf-credential.json rename to deployment/assets/credentials/local/provider/dataprocessor-credential.json index d49e2741..fd772b2f 100644 --- a/deployment/assets/credentials/local/provider/pcf-credential.json +++ b/deployment/assets/credentials/local/provider/dataprocessor-credential.json @@ -3,22 +3,20 @@ "participantId": "did:web:localhost%3A7093", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000001", + "holderId": "did:web:localhost%3A7093", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJjb250cmFjdFRlbXBsYXRlIjoiY3gtY3JlZGVudGlhbHM6Y29udHJhY3RUZW1wbGF0ZSIsImNvbnRyYWN0VmVyc2lvbiI6ImN4LWNyZWRlbnRpYWxzOmNvbnRyYWN0VmVyc2lvbiIsImhvbGRlcklkZW50aWZpZXIiOiJjeC1jcmVkZW50aWFsczpob2xkZXJJZGVudGlmaWVyIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI1BjZkNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJjb250cmFjdFRlbXBsYXRlIjoiaHR0cHM6Ly9wdWJsaWMuY2F0ZW5hLXgub3JnL2NvbnRyYWN0cy9wY2YudjEucGRmIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAiLCJob2xkZXJJZGVudGlmaWVyIjoiQlBOMDAwMDAwWFlaIn19LCJpYXQiOjE3MjEzNzYyNjl9.Jtgtl4LrZWoVf6JK8jDGpp6sNfrf5iwgaUYc9R23TntZtLYbtZ82BARmn-nfUC-YYZst3C5Wf9ewYz1eu4v2AQ", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJjb250cmFjdFZlcnNpb24iOiJtdmQtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwibGV2ZWwiOiJtdmQtY3JlZGVudGlhbHM6bGV2ZWwifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImxldmVsIjoicHJvY2Vzc2luZyJ9fSwiaWF0IjoxNzIxMzg0ODcyfQ.beXpdPKlqEpDIBl1DoVtA2PQDQcF_Pl9hHjC2Bbz7T5AOm-o77YevEahUugh831QqjFvOKoYR8Ct1M7PWPE_Dg", "credential": { "credentialSubject": [ { "claims": { "id": "did:web:localhost%3A7093", - "holderIdentifier": "BPN0000002", - "useCaseType": "PcfCredential", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", - "contractVersion": "1.0.0" + "contractVersion": "1.0.0", + "level": "processing" } } ], diff --git a/deployment/assets/credentials/local/provider/membership-credential.json b/deployment/assets/credentials/local/provider/membership-credential.json index 922bbaec..37c6470d 100644 --- a/deployment/assets/credentials/local/provider/membership-credential.json +++ b/deployment/assets/credentials/local/provider/membership-credential.json @@ -3,12 +3,12 @@ "participantId": "did:web:localhost%3A7093", "timestamp": 1700659822500, "issuerId": "did:example:dataspace-issuer", - "holderId": "BPN0000002", + "holderId": "did:web:localhost%3A7093", "state": 500, "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJjeC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvY2F0ZW5heC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoiY3gtY3JlZGVudGlhbHM6bWVtYmVyc2hpcFR5cGUiLCJ3ZWJzaXRlIjoiY3gtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJjeC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJjeC1jcmVkZW50aWFsczpzaW5jZSJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzEyMzQiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNNZW1iZXJzaGlwQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA5MyIsIm1lbWJlcnNoaXAiOnsibWVtYmVyc2hpcFR5cGUiOiJQcm9zcGVjdE1lbWJlciIsIndlYnNpdGUiOiJ3d3cucXVpenpxdWF6ei5jb20iLCJjb250YWN0IjoiZm9vLmJhckBxdWl6enF1YXp6LmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzNzYyNjl9.sx6mPNq14LnifS5i0NhI2mzp5lmpxyC1Iu_yHw3uzucnK7i1tr0gZ5NOHAV48dKRTxX0XZBYlw450tyFeDs_Cg", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJtdmQtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJtdmQtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoibXZkLWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMTIzNCIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IlByb3NwZWN0TWVtYmVyIiwid2Vic2l0ZSI6Ind3dy5xdWl6enF1YXp6LmNvbSIsImNvbnRhY3QiOiJmb28uYmFyQHF1aXp6cXVhenouY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NDg3Mn0.LhjWOy5yoxkwxvbDJnTKxmgLJjyJuNlaO970oqaQjXdomOtsvatzzO2_7Ir5JRynSHnEhtyr7tp95du_zriYCg", "format": "JWT", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/local/provider/unsigned/pcf_vc.json b/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json similarity index 52% rename from deployment/assets/credentials/local/provider/unsigned/pcf_vc.json rename to deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json index a197f2af..2a07e091 100644 --- a/deployment/assets/credentials/local/provider/unsigned/pcf_vc.json +++ b/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json @@ -4,23 +4,21 @@ "https://w3id.org/security/suites/jws-2020/v1", "https://www.w3.org/ns/did/v1", { - "cx-credentials": "https://w3id.org/catenax/credentials/", - "contractTemplate": "cx-credentials:contractTemplate", - "contractVersion": "cx-credentials:contractVersion", - "holderIdentifier": "cx-credentials:holderIdentifier" + "mvd-credentials": "https://w3id.org/mvd/credentials/", + "contractVersion": "mvd-credentials:contractVersion", + "level": "mvd-credentials:level" } ], "id": "http://org.yourdataspace.com/credentials/2347", "type": [ "VerifiableCredential", - "http://org.yourdataspace.com#PcfCredential" + "http://org.yourdataspace.com#DataProcessorCredential" ], "issuer": "did:example:dataspace-issuer", "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:localhost%3A7093", - "contractTemplate": "https://public.catena-x.org/contracts/pcf.v1.pdf", "contractVersion": "1.0.0", - "holderIdentifier": "BPN000000XYZ" + "level": "processing" } } \ No newline at end of file diff --git a/deployment/assets/credentials/local/provider/unsigned/membership_vc.json b/deployment/assets/credentials/local/provider/unsigned/membership_vc.json index 2a1553b8..62abcdee 100644 --- a/deployment/assets/credentials/local/provider/unsigned/membership_vc.json +++ b/deployment/assets/credentials/local/provider/unsigned/membership_vc.json @@ -4,12 +4,12 @@ "https://w3id.org/security/suites/jws-2020/v1", "https://www.w3.org/ns/did/v1", { - "cx-credentials": "https://w3id.org/catenax/credentials/", - "membership": "cx-credentials:membership", - "membershipType": "cx-credentials:membershipType", - "website": "cx-credentials:website", - "contact": "cx-credentials:contact", - "since": "cx-credentials:since" + "mvd-credentials": "https://w3id.org/mvd/credentials/", + "membership": "mvd-credentials:membership", + "membershipType": "mvd-credentials:membershipType", + "website": "mvd-credentials:website", + "contact": "mvd-credentials:contact", + "since": "mvd-credentials:since" } ], "id": "http://org.yourdataspace.com/credentials/1234", diff --git a/deployment/postman/MVD.postman_collection.json b/deployment/postman/MVD.postman_collection.json index 502b2ad8..01bf99bb 100644 --- a/deployment/postman/MVD.postman_collection.json +++ b/deployment/postman/MVD.postman_collection.json @@ -58,7 +58,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {},\n \"@id\": \"asset-2\",\n \"@type\": \"Asset\",\n \"properties\": {\n \"description\": \"This asset requires Membership to view and Sustainability to negotiate.\"\n },\n \"dataAddress\": {\n \"@type\": \"DataAddress\",\n \"type\": \"HttpData\",\n \"baseUrl\": \"https://jsonplaceholder.typicode.com/todos\",\n \"proxyPath\": \"true\",\n \"proxyQueryParams\": \"true\"\n }\n }" + "raw": "{\n \"@context\": {},\n \"@id\": \"asset-2\",\n \"@type\": \"Asset\",\n \"properties\": {\n \"description\": \"This asset requires Membership to view and SensitiveData credential to negotiate.\"\n },\n \"dataAddress\": {\n \"@type\": \"DataAddress\",\n \"type\": \"HttpData\",\n \"baseUrl\": \"https://jsonplaceholder.typicode.com/todos\",\n \"proxyPath\": \"true\",\n \"proxyQueryParams\": \"true\"\n }\n }" }, "url": { "raw": "{{HOST}}/api/management/v3/assets", @@ -109,7 +109,7 @@ "response": [] }, { - "name": "Create PCF Use case policy", + "name": "Create DataProcessor policy", "request": { "method": "POST", "header": [ @@ -124,7 +124,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-pcf\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"use\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"FrameworkCredential.pcf\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"active\"\n }\n }\n ]\n }\n}" + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-dataprocessor\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"use\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"DataAccess.level\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n }\n ]\n }\n}" }, "url": { "raw": "{{HOST}}/api/management/v3/policydefinitions", @@ -142,7 +142,7 @@ "response": [] }, { - "name": "Create Sustainability Use case policy", + "name": "Create Sensitive Data Processor policy", "request": { "method": "POST", "header": [ @@ -157,7 +157,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-sustainability\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"USE\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"FrameworkCredential.sustainability\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"active\"\n }\n }\n ]\n }\n}" + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-sensitive\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"USE\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"DataAccess.level\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"sensitive\"\n }\n }\n ]\n }\n}" }, "url": { "raw": "{{HOST}}/api/management/v3/policydefinitions", @@ -175,7 +175,7 @@ "response": [] }, { - "name": "Create \"member-and-pcf-cred\" definition", + "name": "Create \"member-and-data-cred\" definition", "request": { "method": "POST", "header": [ @@ -190,7 +190,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {},\n \"@id\": \"member-and-pcf-def\",\n \"@type\": \"ContractDefinition\",\n \"accessPolicyId\": \"require-membership\",\n \"contractPolicyId\": \"require-pcf\",\n \"assetsSelector\" : {\n \"@type\" : \"CriterionDto\",\n \"operandLeft\": \"https://w3id.org/edc/v0.0.1/ns/id\",\n \"operator\": \"=\",\n \"operandRight\": \"asset-1\"\n }\n }" + "raw": "{\n \"@context\": {},\n \"@id\": \"member-and-dataprocessor-def\",\n \"@type\": \"ContractDefinition\",\n \"accessPolicyId\": \"require-membership\",\n \"contractPolicyId\": \"require-dataprocessor\",\n \"assetsSelector\" : {\n \"@type\" : \"CriterionDto\",\n \"operandLeft\": \"https://w3id.org/edc/v0.0.1/ns/id\",\n \"operator\": \"=\",\n \"operandRight\": \"asset-1\"\n }\n }" }, "url": { "raw": "{{HOST}}/api/management/v3/contractdefinitions", @@ -208,7 +208,7 @@ "response": [] }, { - "name": "Create \"require sustainability\" definition", + "name": "Create \"require sensitive\" definition", "request": { "method": "POST", "header": [ @@ -223,7 +223,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {},\n \"@id\": \"sustainability-only-def\",\n \"@type\": \"ContractDefinition\",\n \"accessPolicyId\": \"require-membership\",\n \"contractPolicyId\": \"require-sustainability\",\n \"assetsSelector\" : {\n \"@type\" : \"CriterionDto\",\n \"operandLeft\": \"https://w3id.org/edc/v0.0.1/ns/id\",\n \"operator\": \"=\",\n \"operandRight\": \"asset-2\"\n }\n }" + "raw": "{\n \"@context\": {},\n \"@id\": \"sensitive-only-def\",\n \"@type\": \"ContractDefinition\",\n \"accessPolicyId\": \"require-membership\",\n \"contractPolicyId\": \"require-sensitive\",\n \"assetsSelector\": {\n \"@type\": \"CriterionDto\",\n \"operandLeft\": \"https://w3id.org/edc/v0.0.1/ns/id\",\n \"operator\": \"=\",\n \"operandRight\": \"asset-2\"\n }\n}" }, "url": { "raw": "{{HOST}}/api/management/v3/contractdefinitions", @@ -570,7 +570,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"@vocab\": \"https://w3id.org/edc/v0.0.1/ns/\"\n },\n \"@type\": \"https://w3id.org/edc/v0.0.1/ns/ContractRequest\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"counterPartyId\": \"{{PROVIDER_ID}}\",\n \"protocol\": \"dataspace-protocol-http\",\n \"policy\": {\n \"@context\": \"http://www.w3.org/ns/odrl.jsonld\",\n \"@type\": \"http://www.w3.org/ns/odrl/2/Offer\",\n \"@id\": \"bWVtYmVyLWFuZC1wY2YtZGVm:YXNzZXQtMQ==:MDIxM2MzZDQtMzE3NS00MzFmLWIzM2UtNDFkY2I2Y2RhZjU1\",\n \"assigner\": \"{{PROVIDER_ID}}\",\n \"permission\": [],\n \"prohibition\": [],\n \"odrl:obligation\": {\n \"odrl:action\": {\n \"@id\": \"use\"\n },\n \"odrl:constraint\": {\n \"odrl:leftOperand\": {\n \"@id\": \"FrameworkCredential.pcf\"\n },\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"active\"\n }\n },\n \"target\": \"asset-1\"\n },\n \"callbackAddresses\": []\n}", + "raw": "{\n \"@context\": {\n \"@vocab\": \"https://w3id.org/edc/v0.0.1/ns/\"\n },\n \"@type\": \"https://w3id.org/edc/v0.0.1/ns/ContractRequest\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"counterPartyId\": \"{{PROVIDER_ID}}\",\n \"protocol\": \"dataspace-protocol-http\",\n \"policy\": {\n \"@context\": \"http://www.w3.org/ns/odrl.jsonld\",\n \"@type\": \"http://www.w3.org/ns/odrl/2/Offer\",\n \"@id\": \"bWVtYmVyLWFuZC1kYXRhcHJvY2Vzc29yLWRlZg==:YXNzZXQtMQ==:MjcyMzMyZjgtZWM2ZS00MTQ0LWIyYjgtM2ExMzIzMDFjZmQ1\",\n \"assigner\": \"{{PROVIDER_ID}}\",\n \"permission\": [],\n \"prohibition\": [],\n \"odrl:obligation\": {\n \"odrl:action\": {\n \"@id\": \"use\"\n },\n \"odrl:constraint\": {\n \"odrl:leftOperand\": {\n \"@id\": \"DataAccess.level\"\n },\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n },\n \"target\": \"asset-1\"\n },\n \"callbackAddresses\": []\n}", "options": { "raw": { "language": "json" @@ -633,7 +633,7 @@ "header": [], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"assetId\": \"asset-1\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"connectorId\": \"{{PROVIDER_ID}}\",\n \"contractId\": \"76ee7bc5-73b0-44c8-8e03-032726616996\",\n \"dataDestination\": {\n \"type\": \"HttpProxy\"\n },\n \"protocol\": \"dataspace-protocol-http\",\n \"transferType\": \"HttpData-PULL\"\n}", + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"assetId\": \"asset-1\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"connectorId\": \"{{PROVIDER_ID}}\",\n \"contractId\": \"5613c232-d12e-41de-b0d6-befc290e5309\",\n \"dataDestination\": {\n \"type\": \"HttpProxy\"\n },\n \"protocol\": \"dataspace-protocol-http\",\n \"transferType\": \"HttpData-PULL\"\n}", "options": { "raw": { "language": "json" @@ -734,7 +734,7 @@ } ], "url": { - "raw": "{{HOST}}/api/management/v3/edrs/392d1767-e546-4b54-ab6e-6fb20a3dc12a/dataaddress", + "raw": "{{HOST}}/api/management/v3/edrs/cb60556e-5544-4d37-a5ca-6412b293fc98/dataaddress", "host": [ "{{HOST}}" ], @@ -743,7 +743,7 @@ "management", "v3", "edrs", - "392d1767-e546-4b54-ab6e-6fb20a3dc12a", + "cb60556e-5544-4d37-a5ca-6412b293fc98", "dataaddress" ] } @@ -753,6 +753,9 @@ { "name": "Download Data from Public API", "request": { + "auth": { + "type": "noauth" + }, "method": "GET", "header": [ { @@ -761,7 +764,7 @@ }, { "key": "Authorization", - "value": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMja2V5LTEiLCJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJhdWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJpYXQiOjE3MjA3Nzk3MjMwMjAsImp0aSI6ImJhZjUwM2ZmLTQ0YTEtNGEzNS1hNDJjLTgwNGM1ODNhYTIxZiJ9.JX6nLTgAJZ6lAEv68ZqVawjMQep2gkWS4Xoco2elm_7TyoWQcxHnxPbrYYFxNg-ATdeARfqr5EiyO3l8A6vAyQ", + "value": "eyJraWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciNrZXktMSIsImFsZyI6IkVTMjU2In0.eyJpc3MiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsImF1ZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwic3ViIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6cHJvdmlkZXIiLCJpYXQiOjE3MjExMjUwMTY4NTUsImp0aSI6ImMzODM0YWJmLWE3YjYtNDNmNC05ZWU3LTBjYjIzNzI2NGIzZiJ9.Ok7g_ekPgOuevytQEf3gDaixyUEphTbZa496lUqKYoyS0QIsKsxtYfkbD0tCitUtCkZIgGOIBsq5-A8ia_7UHg", "type": "text" } ], diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/FrameworkCredentialScopeExtractor.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DataAccessCredentialScopeExtractor.java similarity index 63% rename from extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/FrameworkCredentialScopeExtractor.java rename to extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DataAccessCredentialScopeExtractor.java index 5ab4906d..b29a503f 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/FrameworkCredentialScopeExtractor.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DataAccessCredentialScopeExtractor.java @@ -20,27 +20,19 @@ import java.util.Set; -class FrameworkCredentialScopeExtractor implements ScopeExtractor { - private static final String FRAMEWORK_CREDENTIAL_PREFIX = "FrameworkCredential."; +class DataAccessCredentialScopeExtractor implements ScopeExtractor { + private static final String DATA_ACCESS_CONSTRAINT_PREFIX = "DataAccess."; private static final String CREDENTIAL_TYPE_NAMESPACE = "org.eclipse.edc.vc.type"; - - FrameworkCredentialScopeExtractor() { - } + public static final String DATA_PROCESSOR_CREDENTIAL_TYPE = "DataProcessorCredential"; @Override public Set<String> extractScopes(Object leftValue, Operator operator, Object rightValue, PolicyContext context) { Set<String> scopes = Set.of(); if (leftValue instanceof String leftOperand) { - if (leftOperand.startsWith(FRAMEWORK_CREDENTIAL_PREFIX)) { - var credentialType = leftOperand.replace(FRAMEWORK_CREDENTIAL_PREFIX, ""); - credentialType = "%sCredential".formatted(capitalize(credentialType)); - scopes = Set.of("%s:%s:read".formatted(CREDENTIAL_TYPE_NAMESPACE, credentialType)); + if (leftOperand.startsWith(DATA_ACCESS_CONSTRAINT_PREFIX)) { + scopes = Set.of("%s:%s:read".formatted(CREDENTIAL_TYPE_NAMESPACE, DATA_PROCESSOR_CREDENTIAL_TYPE)); } } return scopes; } - - private String capitalize(String input) { - return input.substring(0, 1).toUpperCase() + input.substring(1).toLowerCase(); - } } diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DcpPatchExtension.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DcpPatchExtension.java index a77608cc..39b7cc09 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DcpPatchExtension.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/core/DcpPatchExtension.java @@ -71,7 +71,7 @@ public void initialize(ServiceExtensionContext context) { //register scope extractor - scopeExtractorRegistry.registerScopeExtractor(new FrameworkCredentialScopeExtractor()); + scopeExtractorRegistry.registerScopeExtractor(new DataAccessCredentialScopeExtractor()); typeTransformerRegistry.register(new JsonValueToGenericTypeTransformer(typeManager.getMapper(JSON_LD))); diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/UseCaseFunction.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/DataAccessLevelFunction.java similarity index 70% rename from extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/UseCaseFunction.java rename to extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/DataAccessLevelFunction.java index a2c244b2..b4ab48b1 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/UseCaseFunction.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/DataAccessLevelFunction.java @@ -21,13 +21,14 @@ import org.eclipse.edc.spi.agent.ParticipantAgent; import java.util.Map; +import java.util.Objects; -public class UseCaseFunction implements AtomicConstraintFunction<Duty> { +public class DataAccessLevelFunction implements AtomicConstraintFunction<Duty> { - private final String usecase; + private final String level; - public UseCaseFunction(String usecase) { - this.usecase = usecase; + public DataAccessLevelFunction(String level) { + this.level = level; } @Override @@ -36,8 +37,8 @@ public boolean evaluate(Operator operator, Object rightOperand, Duty duty, Polic policyContext.reportProblem("Cannot evaluate operator %s, only %s is supported".formatted(operator, Operator.EQ)); return false; } - if (!"active".equalsIgnoreCase(rightOperand.toString())) { - policyContext.reportProblem("Use case credentials only support right operand 'active', but found '%s'".formatted(operator.toString())); + if (!"level".equalsIgnoreCase(rightOperand.toString())) { + policyContext.reportProblem("Data access credentials only support right operand 'level', but found '%s'".formatted(operator.toString())); return false; } var pa = policyContext.getContextData(ParticipantAgent.class); @@ -49,15 +50,13 @@ public boolean evaluate(Operator operator, Object rightOperand, Duty duty, Polic var claims = pa.getClaims(); String version = getClaim("contractVersion", claims); - String holderIdentifier = getClaim("holderIdentifier", claims); - String contractTemplate = getClaim("contractTemplate", claims); + String level = getClaim("level", claims); - return version != null && holderIdentifier != null && contractTemplate != null && - contractTemplate.contains(usecase); + return version != null && Objects.equals(level, rightOperand); } public String key() { - return "FrameworkCredential.%s".formatted(usecase); + return "DataAccess.level"; } @SuppressWarnings("unchecked") diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java index 83c18894..f27a7ea4 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java @@ -28,8 +28,8 @@ public class MembershipCredentialEvaluationFunction implements AtomicConstraintFunction<Permission> { public static final String MEMBERSHIP_CONSTRAINT_KEY = "MembershipCredential"; - private static final String MEMBERSHIP_CLAIM = "https://w3id.org/catenax/credentials/membership"; - private static final String MEMBERSHIP_SINCE_CLAIM = "https://w3id.org/catenax/credentials/since"; + private static final String MEMBERSHIP_CLAIM = "https://w3id.org/mvd/credentials/membership"; + private static final String MEMBERSHIP_SINCE_CLAIM = "https://w3id.org/mvd/credentials/since"; @SuppressWarnings("unchecked") @Override diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java index 904c5084..6de506c3 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java @@ -24,8 +24,11 @@ import org.eclipse.edc.spi.system.ServiceExtensionContext; import static org.eclipse.edc.demo.dcp.policy.MembershipCredentialEvaluationFunction.MEMBERSHIP_CONSTRAINT_KEY; +import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.CATALOG_REQUEST_SCOPE; import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.CATALOG_SCOPE; +import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.NEGOTIATION_REQUEST_SCOPE; import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.NEGOTIATION_SCOPE; +import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.TRANSFER_PROCESS_REQUEST_SCOPE; import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.TRANSFER_PROCESS_SCOPE; import static org.eclipse.edc.policy.model.OdrlNamespace.ODRL_SCHEMA; @@ -44,21 +47,22 @@ public void initialize(ServiceExtensionContext context) { this.bindPermissionFunction(fct, NEGOTIATION_SCOPE, MEMBERSHIP_CONSTRAINT_KEY); this.bindPermissionFunction(fct, CATALOG_SCOPE, MEMBERSHIP_CONSTRAINT_KEY); - registerUseCase("pcf"); - registerUseCase("traceability"); - registerUseCase("sustainability"); - registerUseCase("quality"); - registerUseCase("resiliency"); + registerDataAccessLevelFunction("processing"); + registerDataAccessLevelFunction("sensitive"); } - private void registerUseCase(String useCaseName) { - var frameworkFunction = new UseCaseFunction(useCaseName); - var usecase = frameworkFunction.key(); + private void registerDataAccessLevelFunction(String accessLevel) { + var function = new DataAccessLevelFunction(accessLevel); + var accessLevelKey = function.key(); - bindDutyFunction(frameworkFunction, TRANSFER_PROCESS_SCOPE, usecase); - bindDutyFunction(frameworkFunction, NEGOTIATION_SCOPE, usecase); - bindDutyFunction(frameworkFunction, CATALOG_SCOPE, usecase); + bindDutyFunction(function, TRANSFER_PROCESS_SCOPE, accessLevelKey); + bindDutyFunction(function, NEGOTIATION_SCOPE, accessLevelKey); + bindDutyFunction(function, CATALOG_SCOPE, accessLevelKey); + + bindDutyFunction(function, TRANSFER_PROCESS_REQUEST_SCOPE, accessLevelKey); + bindDutyFunction(function, NEGOTIATION_REQUEST_SCOPE, accessLevelKey); + bindDutyFunction(function, CATALOG_REQUEST_SCOPE, accessLevelKey); } private void bindPermissionFunction(AtomicConstraintFunction<Permission> function, String scope, String constraintType) { diff --git a/launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/IdentityHubExtension.java b/launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/IdentityHubExtension.java index 016c82cd..48e2a5cc 100644 --- a/launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/IdentityHubExtension.java +++ b/launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/IdentityHubExtension.java @@ -62,7 +62,7 @@ public void start() { @Provider public ScopeToCriterionTransformer createScopeTransformer() { - return new MvdScopeTransformer(List.of("MembershipCredential", "DismantlerCredential", "BpnCredential")); + return new MvdScopeTransformer(List.of("MembershipCredential", "DataProcessorCredential")); } private void seedCredentials(String credentialsSourceDirectory, Monitor monitor) throws IOException { diff --git a/launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/MvdScopeTransformer.java b/launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/MvdScopeTransformer.java index 274a95de..5f4fb54f 100644 --- a/launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/MvdScopeTransformer.java +++ b/launchers/identity-hub/src/main/java/org/eclipse/edc/demo/dcp/ih/MvdScopeTransformer.java @@ -40,9 +40,9 @@ public Result<Criterion> transform(String scope) { var credentialType = tokens.getContent()[1]; if (!knownCredentialTypes.contains(credentialType)) { - //select based on the credentialSubject.useCaseType property + //select based on the credentialSubject.level property // even though "claims" is a Map, we need to access it using the dot notation. See ReflectionUtil.java - return success(new Criterion("verifiableCredential.credential.credentialSubject.claims.useCaseType", "=", credentialType)); + return success(new Criterion("verifiableCredential.credential.credentialSubject.claims.level", "=", credentialType)); } else { return success(new Criterion(TYPE_OPERAND, CONTAINS_OPERATOR, credentialType)); } diff --git a/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java b/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java index be0e553c..916c38b1 100644 --- a/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java +++ b/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java @@ -14,7 +14,6 @@ package org.eclipse.edc.demo.dcp; -import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.ObjectMapper; import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JOSEObjectType; @@ -22,7 +21,6 @@ import com.nimbusds.jose.JWSHeader; import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; -import org.eclipse.edc.identityhub.spi.verifiablecredentials.model.VerifiableCredentialResource; import org.eclipse.edc.keys.keyparsers.PemParser; import org.eclipse.edc.security.token.jwt.CryptoConverter; import org.junit.jupiter.api.extension.ExtensionContext; @@ -34,7 +32,6 @@ import java.io.File; import java.io.IOException; import java.nio.file.Files; -import java.nio.file.Path; import java.nio.file.Paths; import java.security.PrivateKey; import java.time.Instant; @@ -54,8 +51,6 @@ public class JwtSigner { private final ObjectMapper mapper = new ObjectMapper(); - private static final TypeReference<Map<String, Object>> MAP_TYPE = new TypeReference<>() { - }; @SuppressWarnings("unchecked") @ParameterizedTest @@ -104,41 +99,41 @@ private String readFile(String path) { private static class InputOutputProvider implements ArgumentsProvider { @Override - public Stream<? extends Arguments> provideArguments(ExtensionContext extensionContext) throws Exception { + public Stream<? extends Arguments> provideArguments(ExtensionContext extensionContext) { return Stream.of( // PROVIDER credentials, K8S and local Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/membership_vc.json", - new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/membership-credential.json"), + new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/membership-credential.json"), "did:web:bob-identityhub%3A7083:bob"), - Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/pcf_vc.json", - new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/pcf-credential.json"), + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/dataprocessor_vc.json", + new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/provider/dataprocessor-credential.json"), "did:web:bob-identityhub%3A7083:bob"), Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/unsigned/membership_vc.json", - new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/membership-credential.json"), + new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/membership-credential.json"), "did:web:bob-identityhub%3A7083:bob"), - Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/unsigned/pcf_vc.json", - new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/pcf-credential.json"), + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json", + new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/provider/dataprocessor-credential.json"), "did:web:bob-identityhub%3A7083:bob"), // CONSUMER credentials, K8S and local Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/membership_vc.json", - new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/membership-credential.json"), + new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/membership-credential.json"), "did:web:alice-identityhub%3A7083:alice"), - Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/pcf_vc.json", - new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/pcf-credential.json"), + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/dataprocessor_vc.json", + new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json"), "did:web:alice-identityhub%3A7083:alice"), Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/unsigned/membership_vc.json", - new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/membership-credential.json"), + new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/membership-credential.json"), "did:web:alice-identityhub%3A7083:alice"), - Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/unsigned/pcf_vc.json", - new File( System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/pcf-credential.json"), + Arguments.of(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/unsigned/dataprocessor_vc.json", + new File(System.getProperty("user.dir") + "/../../deployment/assets/credentials/local/consumer/dataprocessor-credential.json"), "did:web:alice-identityhub%3A7083:alice") ); From e4efc33c49dbe7d674d5867161f46e2cf7574fa9 Mon Sep 17 00:00:00 2001 From: Paul Latzelsperger <paul.latzelsperger@beardyinc.com> Date: Fri, 19 Jul 2024 15:07:24 +0200 Subject: [PATCH 3/4] update credentials, tests and export postman environments --- README.md | 33 ++++--- .../consumer/dataprocessor-credential.json | 2 +- .../k8s/consumer/membership-credential.json | 2 +- .../provider/dataprocessor-credential.json | 4 +- .../k8s/provider/dataprocessor_vc.json | 3 +- .../k8s/provider/membership-credential.json | 2 +- .../consumer/dataprocessor-credential.json | 2 +- .../local/consumer/membership-credential.json | 2 +- .../provider/dataprocessor-credential.json | 4 +- .../local/provider/membership-credential.json | 2 +- .../provider/unsigned/dataprocessor_vc.json | 4 +- .../modules/catalog-server/variables.tf | 4 +- deployment/modules/identity-hub/variables.tf | 4 +- .../postman/MVD K8S.postman_environment.json | 51 +++++++++++ ...Local Development.postman_environment.json | 51 +++++++++++ .../postman/MVD.postman_collection.json | 6 +- .../AbstractCredentialEvaluationFunction.java | 42 +++++++++ .../dcp/policy/DataAccessLevelFunction.java | 32 ++++--- ...embershipCredentialEvaluationFunction.java | 39 +++++--- .../dcp/policy/PolicyEvaluationExtension.java | 18 ++-- .../tests/transfer/TransferEndToEndTest.java | 91 ++++++++++++++++++- .../test/resources/negotiation-request.json | 6 +- 22 files changed, 328 insertions(+), 76 deletions(-) create mode 100644 deployment/postman/MVD K8S.postman_environment.json create mode 100644 deployment/postman/MVD Local Development.postman_environment.json create mode 100644 extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/AbstractCredentialEvaluationFunction.java diff --git a/README.md b/README.md index 572a64fe..9b60004a 100644 --- a/README.md +++ b/README.md @@ -80,28 +80,38 @@ resolve the actual asset from "provider-qna" and "provider-manufacturing". Both assets of "provider-qna" and "provider-manufacturing" have some access restrictions on them: -- `asset-1`: requires a membership credential to view and a Data Processor credential to negotiate a contract and - transfer data -- `asset-2`: requires a membership credential to view and a Sensitive Data credential to negotiate a contract +- `asset-1`: requires a membership credential to view and a Data Processor credential with `"level": "processing"` to + negotiate a contract and transfer data +- `asset-2`: requires a membership credential to view and a Data Processor credential with a `"level": "sensitive"` to + negotiate a contract These requirements are formulated as EDC policies. In addition, it is a dataspace rule that the `MembershipCredential` must be presented in _every_ request. This credential attests that the holder is a member of the dataspace. -In this fictitious dataspace, the DataProcessorCredential attests to the "ability of the holder to process data", and -the SensitiveDataCredential attests to the "ability of the holder to handle sensitive data". +In this fictitious dataspace, the DataProcessorCredential attests to the "ability of the holder to process data at a +certain level". The following levels exist: -All participants of the dataspace are in possession of the `MembershipCredential` as well as a `DataProcessorCredential`. -_None possess the `SensitiveDataCredential`_. That means that no contract for `asset-2` can be negotiated! -For the purposes of this demo the VerifiableCredentials are pre-created and are seeded to the participants' credential -storage ([no issuance](#5-no-issuance-yet)). +- `"processing"`: means, the holder can process non-sensitive data +- `"sensitive"`: means, the holder has undergone "some very highly secure vetting process" and can process sensitive + data + +The information about the level of data a holder can process is stored in the `credentialSubject` of the +DataProcessorCredential. + +All participants of the dataspace are in possession of the `MembershipCredential` as well as +a `DataProcessorCredential` with level `"processing"`. +_None possess the `DataProcessorCredential` with level="sensitive"_. That means that no contract for `asset-2` can be +negotiated. For the purposes of this demo the VerifiableCredentials are pre-created and are seeded to the participants' +credential storage ([no issuance](#5-no-issuance-yet)). If the consumer wants to view the consolidated catalog (containing assets from the provider's Q&A and manufacturing departments), then negotiate a contract for an asset, and then transfer the asset, she needs to present several credentials: - catalog request: present `MembershipCredential` -- contract negotiation: `MembershipCredential` and `DataProcessorCredential` or `SensitiveDataCredential`, respectively +- contract negotiation: `MembershipCredential` and `DataProcessorCredential(level=processing)` + or `DataProcessorCredential(level=sensitive)`, respectively - transfer process: `MembershipCredential` ## Running the demo (inside IntelliJ) @@ -442,8 +452,7 @@ schema of the credentials' subjects is not yet implemented. This is similar to the [policy extractor](#5-policy-extractor), as it deals with the reverse mapping from a scope string onto a `Criterion`. On the IdentityHub, when the VP request is received, we need to be able to query the database based -on the scope string that was received. This is currently a very Catena-X-specific solution, as it needs to distinguish -between "normal" credentials, and "use case" credentials. +on the scope string that was received. ### 4. DID resolution diff --git a/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json b/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json index ea34cf64..62395359 100644 --- a/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json +++ b/deployment/assets/credentials/k8s/consumer/dataprocessor-credential.json @@ -9,7 +9,7 @@ "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAiLCJsZXZlbCI6InByb2Nlc3NpbmcifX0sImlhdCI6MTcyMTM4NDg3Mn0.y8vY5eF3VMyt0jGPrfsNn5oQMBDsNgMFGf0aw1zMR4NFuOw7OqaUc-zI2UjMRR00hUz9bykWKqCRK_KwG1pCAw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwiY29udHJhY3RWZXJzaW9uIjoiMS4wLjAiLCJsZXZlbCI6InByb2Nlc3NpbmcifX0sImlhdCI6MTcyMTM4NTQ3N30.4GxNoNT9to7tlKfddUk5_fjAyetNH7FBkKNJui3Q_672IorxR43ztuRTOqgyoF_hNzN-fMkTYrwrLZaLhRYSDg", "credential": { "credentialSubject": [ { diff --git a/deployment/assets/credentials/k8s/consumer/membership-credential.json b/deployment/assets/credentials/k8s/consumer/membership-credential.json index dc54c118..436d353e 100644 --- a/deployment/assets/credentials/k8s/consumer/membership-credential.json +++ b/deployment/assets/credentials/k8s/consumer/membership-credential.json @@ -8,7 +8,7 @@ "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6Im12ZC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6Im12ZC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJtdmQtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4Mzpjb25zdW1lciIsIm1lbWJlcnNoaXAiOnsibWVtYmVyc2hpcFR5cGUiOiJGdWxsTWVtYmVyIiwid2Vic2l0ZSI6Ind3dy53aGF0ZXZlci5jb20iLCJjb250YWN0IjoiZml6ei5idXp6QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzODQ4NzJ9.fmcOHOKLERAta_gMx98fPLvyxiFOYEnZIMGFgr9fiydNGbEGOPrcxuFoh7wqtS2HiKWhjm0zZqld4iAr-c2WBg", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6Im12ZC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6Im12ZC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJtdmQtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmNvbnN1bWVyLWlkZW50aXR5aHViJTNBNzA4Mzpjb25zdW1lciIsIm1lbWJlcnNoaXAiOnsibWVtYmVyc2hpcFR5cGUiOiJGdWxsTWVtYmVyIiwid2Vic2l0ZSI6Ind3dy53aGF0ZXZlci5jb20iLCJjb250YWN0IjoiZml6ei5idXp6QHdoYXRldmVyLmNvbSIsInNpbmNlIjoiMjAyMy0wMS0wMVQwMDowMDowMFoifX19LCJpYXQiOjE3MjEzODU0Nzd9.xJMVUqBGBu8idgFLWeRkPsCLRxihPC6ZEQT35lDB2U8O0NeU5VG2Ivd1fLlrsfZYC8kyE6IY1KnmCqvxQ-3ZDw", "format": "JWT", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json b/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json index da4e84e9..fdae4060 100644 --- a/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json +++ b/deployment/assets/credentials/k8s/provider/dataprocessor-credential.json @@ -9,7 +9,7 @@ "reissuancePolicy": null, "verifiableCredential": { "format": "JSON_LD", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJjb250cmFjdFZlcnNpb24iOiJtdmQtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwibGV2ZWwiOiJtdmQtY3JlZGVudGlhbHM6bGV2ZWwifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsImxldmVsIjoicHJvY2Vzc2luZyJ9fSwiaWF0IjoxNzIxMzg0ODcyfQ.nmUHyL1zIjwzSnt_0uQddAT3ULkofNrUYZTSnVBH3uOPmBDO5RdUvfVXrczOPZMi6Psg288vge7J6glEae0fBA", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJjb250cmFjdFZlcnNpb24iOiJtdmQtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwibGV2ZWwiOiJtdmQtY3JlZGVudGlhbHM6bGV2ZWwifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsImxldmVsIjoicHJvY2Vzc2luZyJ9fSwiaWF0IjoxNzIxMzg1NDc3fQ.YrLF1TqSbkulxWA4PZr5YcLwdiKaZES7-AEdB1gIK2tO6S757Sz6Z7AMQopmW0mydWOE72utRwpFJhph9tdzCQ", "credential": { "credentialSubject": [ { @@ -23,7 +23,7 @@ "id": "http://org.yourdataspace.com/credentials/1265", "type": [ "VerifiableCredential", - "UseCaseFrameworkCondition" + "DataProcessorCredential" ], "issuer": { "id": "did:example:dataspace-issuer", diff --git a/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json b/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json index 34b441c4..a696ca16 100644 --- a/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json +++ b/deployment/assets/credentials/k8s/provider/dataprocessor_vc.json @@ -18,6 +18,7 @@ "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:provider-identityhub%3A7083:provider", - "level": "processing" + "level": "processing", + "contractVersion": "1.0.0" } } \ No newline at end of file diff --git a/deployment/assets/credentials/k8s/provider/membership-credential.json b/deployment/assets/credentials/k8s/provider/membership-credential.json index 1daa6819..3fa53f10 100644 --- a/deployment/assets/credentials/k8s/provider/membership-credential.json +++ b/deployment/assets/credentials/k8s/provider/membership-credential.json @@ -8,7 +8,7 @@ "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJtdmQtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJtdmQtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoibXZkLWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6cHJvdmlkZXIiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NDg3Mn0.lpiYgm4TA-3Zx-mGagXQ7HfCgCPlPuh5oX8rItwsG721mt2_xACmlUCBFs8W0_GRDyI5GTDl73jegpTI-LnICw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJtdmQtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJtdmQtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoibXZkLWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMjM0NyIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6cHJvdmlkZXIiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NTQ3Nn0.f41m3GDzxy4KcnuBsOTPOP3sp7rm4xERn-HzfetJd5w1yYXH0V6RnRd63otYgZt-96V9xNSM3TbTbuHhFhtkBQ", "format": "JSON_LD", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/local/consumer/dataprocessor-credential.json b/deployment/assets/credentials/local/consumer/dataprocessor-credential.json index cb6444d0..04883adb 100644 --- a/deployment/assets/credentials/local/consumer/dataprocessor-credential.json +++ b/deployment/assets/credentials/local/consumer/dataprocessor-credential.json @@ -9,7 +9,7 @@ "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA4MyIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwibGV2ZWwiOiJwcm9jZXNzaW5nIn19LCJpYXQiOjE3MjEzODQ4NzJ9.rPSA0yvZuiGXnNqXqde-QAYBYXyJ1wDB2-1q2IAiigttX2LbE9paCEvJOXC_hf6Vi1nI-5gzvvIRAESKim2dBw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsImNvbnRyYWN0VmVyc2lvbiI6Im12ZC1jcmVkZW50aWFsczpjb250cmFjdFZlcnNpb24iLCJsZXZlbCI6Im12ZC1jcmVkZW50aWFsczpsZXZlbCJ9XSwiaWQiOiJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tL2NyZWRlbnRpYWxzLzIzNDciLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbSNEYXRhUHJvY2Vzc29yQ3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wOC0xOFQwMDowMDowMFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDp3ZWI6bG9jYWxob3N0JTNBNzA4MyIsImNvbnRyYWN0VmVyc2lvbiI6IjEuMC4wIiwibGV2ZWwiOiJwcm9jZXNzaW5nIn19LCJpYXQiOjE3MjEzODU0Nzd9.vmumM-nRghKDASiwXZoRumnGAq_aRRw7UNO6PaIZZGu-Swl4GQzL5-4aXhEw0FrRMBRchmK9_FUcWenzbcBaDw", "credential": { "credentialSubject": [ { diff --git a/deployment/assets/credentials/local/consumer/membership-credential.json b/deployment/assets/credentials/local/consumer/membership-credential.json index f67c17bc..a97b92c6 100644 --- a/deployment/assets/credentials/local/consumer/membership-credential.json +++ b/deployment/assets/credentials/local/consumer/membership-credential.json @@ -8,7 +8,7 @@ "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6Im12ZC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6Im12ZC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJtdmQtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NDg3Mn0.Hle3iommEl5rgeFCY3i6GpvSa5JDEp6bDL9A7GhmJiG_KOa7rMw5EqlDTg3c3ZxFkIwSzQNElPkFcrPA7Sd-Dw", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjphbGljZS1pZGVudGl0eWh1YiUzQTcwODM6YWxpY2UiLCJzdWIiOiJkaWQ6d2ViOmFsaWNlLWlkZW50aXR5aHViJTNBNzA4MzphbGljZSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIiwiaHR0cHM6Ly93M2lkLm9yZy9zZWN1cml0eS9zdWl0ZXMvandzLTIwMjAvdjEiLCJodHRwczovL3d3dy53My5vcmcvbnMvZGlkL3YxIix7Im12ZC1jcmVkZW50aWFscyI6Imh0dHBzOi8vdzNpZC5vcmcvbXZkL2NyZWRlbnRpYWxzLyIsIm1lbWJlcnNoaXAiOiJtdmQtY3JlZGVudGlhbHM6bWVtYmVyc2hpcCIsIm1lbWJlcnNoaXBUeXBlIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXBUeXBlIiwid2Vic2l0ZSI6Im12ZC1jcmVkZW50aWFsczp3ZWJzaXRlIiwiY29udGFjdCI6Im12ZC1jcmVkZW50aWFsczpjb250YWN0Iiwic2luY2UiOiJtdmQtY3JlZGVudGlhbHM6c2luY2UifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jTWVtYmVyc2hpcENyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJtZW1iZXJzaGlwIjp7Im1lbWJlcnNoaXBUeXBlIjoiRnVsbE1lbWJlciIsIndlYnNpdGUiOiJ3d3cud2hhdGV2ZXIuY29tIiwiY29udGFjdCI6Im1peC5tYXhAd2hhdGV2ZXIuY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NTQ3N30.hpaXIX61B0yAXVDbXkpjVXEJyShYCJa-A0HJNUvWcpn_dpDgHoS9ocSPHUEfS3eNnJWodsQ0AFDSnyndjOymCA", "format": "JWT", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/local/provider/dataprocessor-credential.json b/deployment/assets/credentials/local/provider/dataprocessor-credential.json index fd772b2f..f2bab6bd 100644 --- a/deployment/assets/credentials/local/provider/dataprocessor-credential.json +++ b/deployment/assets/credentials/local/provider/dataprocessor-credential.json @@ -9,7 +9,7 @@ "reissuancePolicy": null, "verifiableCredential": { "format": "JWT", - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJjb250cmFjdFZlcnNpb24iOiJtdmQtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwibGV2ZWwiOiJtdmQtY3JlZGVudGlhbHM6bGV2ZWwifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImxldmVsIjoicHJvY2Vzc2luZyJ9fSwiaWF0IjoxNzIxMzg0ODcyfQ.beXpdPKlqEpDIBl1DoVtA2PQDQcF_Pl9hHjC2Bbz7T5AOm-o77YevEahUugh831QqjFvOKoYR8Ct1M7PWPE_Dg", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJjb250cmFjdFZlcnNpb24iOiJtdmQtY3JlZGVudGlhbHM6Y29udHJhY3RWZXJzaW9uIiwibGV2ZWwiOiJtdmQtY3JlZGVudGlhbHM6bGV2ZWwifV0sImlkIjoiaHR0cDovL29yZy55b3VyZGF0YXNwYWNlLmNvbS9jcmVkZW50aWFscy8yMzQ3IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsImh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20jRGF0YVByb2Nlc3NvckNyZWRlbnRpYWwiXSwiaXNzdWVyIjoiZGlkOmV4YW1wbGU6ZGF0YXNwYWNlLWlzc3VlciIsImlzc3VhbmNlRGF0ZSI6IjIwMjMtMDgtMThUMDA6MDA6MDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJjb250cmFjdFZlcnNpb24iOiIxLjAuMCIsImxldmVsIjoicHJvY2Vzc2luZyJ9fSwiaWF0IjoxNzIxMzg1NDc3fQ._i_hg7MgTYZOb_ZsDvQpZrKZQkiN7VDs8sHyBng7cSTAaQoGgCOt8br4yhMw38Qs1EYYHT87S4Fs_yTmp8niDw", "credential": { "credentialSubject": [ { @@ -23,7 +23,7 @@ "id": "http://org.yourdataspace.com/credentials/1265", "type": [ "VerifiableCredential", - "UseCaseFrameworkCondition" + "DataProcessorCredential" ], "issuer": { "id": "did:example:dataspace-issuer", diff --git a/deployment/assets/credentials/local/provider/membership-credential.json b/deployment/assets/credentials/local/provider/membership-credential.json index 37c6470d..4f25dfad 100644 --- a/deployment/assets/credentials/local/provider/membership-credential.json +++ b/deployment/assets/credentials/local/provider/membership-credential.json @@ -8,7 +8,7 @@ "issuancePolicy": null, "reissuancePolicy": null, "verifiableCredential": { - "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJtdmQtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJtdmQtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoibXZkLWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMTIzNCIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IlByb3NwZWN0TWVtYmVyIiwid2Vic2l0ZSI6Ind3dy5xdWl6enF1YXp6LmNvbSIsImNvbnRhY3QiOiJmb28uYmFyQHF1aXp6cXVhenouY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NDg3Mn0.LhjWOy5yoxkwxvbDJnTKxmgLJjyJuNlaO970oqaQjXdomOtsvatzzO2_7Ir5JRynSHnEhtyr7tp95du_zriYCg", + "rawVc": "eyJraWQiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyI2tleS0xIiwidHlwIjoiSldUIiwiYWxnIjoiRWREU0EifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpkYXRhc3BhY2UtaXNzdWVyIiwiYXVkIjoiZGlkOndlYjpib2ItaWRlbnRpdHlodWIlM0E3MDgzOmJvYiIsInN1YiI6ImRpZDp3ZWI6Ym9iLWlkZW50aXR5aHViJTNBNzA4Mzpib2IiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vdzNpZC5vcmcvc2VjdXJpdHkvc3VpdGVzL2p3cy0yMDIwL3YxIiwiaHR0cHM6Ly93d3cudzMub3JnL25zL2RpZC92MSIseyJtdmQtY3JlZGVudGlhbHMiOiJodHRwczovL3czaWQub3JnL212ZC9jcmVkZW50aWFscy8iLCJtZW1iZXJzaGlwIjoibXZkLWNyZWRlbnRpYWxzOm1lbWJlcnNoaXAiLCJtZW1iZXJzaGlwVHlwZSI6Im12ZC1jcmVkZW50aWFsczptZW1iZXJzaGlwVHlwZSIsIndlYnNpdGUiOiJtdmQtY3JlZGVudGlhbHM6d2Vic2l0ZSIsImNvbnRhY3QiOiJtdmQtY3JlZGVudGlhbHM6Y29udGFjdCIsInNpbmNlIjoibXZkLWNyZWRlbnRpYWxzOnNpbmNlIn1dLCJpZCI6Imh0dHA6Ly9vcmcueW91cmRhdGFzcGFjZS5jb20vY3JlZGVudGlhbHMvMTIzNCIsInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwOi8vb3JnLnlvdXJkYXRhc3BhY2UuY29tI01lbWJlcnNoaXBDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOmRhdGFzcGFjZS1pc3N1ZXIiLCJpc3N1YW5jZURhdGUiOiIyMDIzLTA4LTE4VDAwOjAwOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOndlYjpsb2NhbGhvc3QlM0E3MDkzIiwibWVtYmVyc2hpcCI6eyJtZW1iZXJzaGlwVHlwZSI6IlByb3NwZWN0TWVtYmVyIiwid2Vic2l0ZSI6Ind3dy5xdWl6enF1YXp6LmNvbSIsImNvbnRhY3QiOiJmb28uYmFyQHF1aXp6cXVhenouY29tIiwic2luY2UiOiIyMDIzLTAxLTAxVDAwOjAwOjAwWiJ9fX0sImlhdCI6MTcyMTM4NTQ3N30.2-ZplCofXyq-Uj9rVmY1tt9rLcXxIw6HVByq-v338mx7qiQSQqt1cv_0RNZ5doMQqR5n1L2MycA5EQtRZGlqCg", "format": "JWT", "credential": { "credentialSubject": [ diff --git a/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json b/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json index 2a07e091..8095b0bc 100644 --- a/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json +++ b/deployment/assets/credentials/local/provider/unsigned/dataprocessor_vc.json @@ -18,7 +18,7 @@ "issuanceDate": "2023-08-18T00:00:00Z", "credentialSubject": { "id": "did:web:localhost%3A7093", - "contractVersion": "1.0.0", - "level": "processing" + "level": "processing", + "contractVersion": "1.0.0" } } \ No newline at end of file diff --git a/deployment/modules/catalog-server/variables.tf b/deployment/modules/catalog-server/variables.tf index 7eaf52ef..4655ff1b 100644 --- a/deployment/modules/catalog-server/variables.tf +++ b/deployment/modules/catalog-server/variables.tf @@ -29,12 +29,12 @@ variable "image-pull-policy" { variable "humanReadableName" { type = string - description = "Human readable name of the connector, NOT the BPN!!. Required." + description = "Human readable name of the connector, NOT the ID!!. Required." } variable "participantId" { type = string - description = "Participant ID of the connector. In Catena-X, this MUST be the BPN" + description = "Participant ID of the connector. Usually a DID" } variable "participant-did" { diff --git a/deployment/modules/identity-hub/variables.tf b/deployment/modules/identity-hub/variables.tf index 5ad82961..1cbf1a84 100644 --- a/deployment/modules/identity-hub/variables.tf +++ b/deployment/modules/identity-hub/variables.tf @@ -23,12 +23,12 @@ variable "humanReadableName" { type = string - description = "Human readable name of the connector, NOT the BPN!!. Required." + description = "Human readable name of the connector, NOT the ID!!. Required." } variable "participantId" { type = string - description = "Participant ID of the connector. In Catena-X, this MUST be the BPN" + description = "Participant ID of the connector. Usually a DID" } variable "namespace" { diff --git a/deployment/postman/MVD K8S.postman_environment.json b/deployment/postman/MVD K8S.postman_environment.json new file mode 100644 index 00000000..040e1f4a --- /dev/null +++ b/deployment/postman/MVD K8S.postman_environment.json @@ -0,0 +1,51 @@ +{ + "id": "9432baf7-0849-46e4-a1a7-dece247a41be", + "name": "MVD K8S", + "values": [ + { + "key": "HOST", + "value": "http://localhost/consumer/cp", + "type": "default", + "enabled": true + }, + { + "key": "CS_URL", + "value": "http://localhost/consumer/cs/", + "type": "default", + "enabled": true + }, + { + "key": "PROVIDER_ID", + "value": "did:web:provider-identityhub%3A7083:provider", + "type": "default", + "enabled": true + }, + { + "key": "CATALOG_SERVER_DSP_URL", + "value": "http://provider-catalog-server-controlplane:8082", + "type": "default", + "enabled": true + }, + { + "key": "CONSUMER_CATALOG_QUERY_URL", + "value": "http://localhost/consumer/fc", + "type": "default", + "enabled": true + }, + { + "key": "PROVIDER_DSP_URL", + "value": "http://provider-qna-controlplane:8082", + "type": "default", + "enabled": true + }, + { + "key": "PROVIDER_PUBLIC_API", + "value": "http://localhost/provider-qna/public", + "type": "default", + "enabled": true + } + ], + "_postman_variable_scope": "environment", + "_postman_exported_at": "2024-07-19T12:19:41.675Z", + "_postman_exported_using": "Postman/11.4.0" +} \ No newline at end of file diff --git a/deployment/postman/MVD Local Development.postman_environment.json b/deployment/postman/MVD Local Development.postman_environment.json new file mode 100644 index 00000000..8f8a436a --- /dev/null +++ b/deployment/postman/MVD Local Development.postman_environment.json @@ -0,0 +1,51 @@ +{ + "id": "35c096d9-84c2-499f-8ed0-8bcf3275370b", + "name": "MVD Local Development", + "values": [ + { + "key": "HOST", + "value": "http://localhost:8081", + "type": "default", + "enabled": true + }, + { + "key": "CS_URL", + "value": "http://localhost:7082", + "type": "default", + "enabled": true + }, + { + "key": "PROVIDER_ID", + "value": "did:web:localhost%3A7093", + "type": "default", + "enabled": true + }, + { + "key": "CATALOG_SERVER_DSP_URL", + "value": "http://localhost:8092", + "type": "default", + "enabled": true + }, + { + "key": "CONSUMER_CATALOG_QUERY_URL", + "value": "http://localhost:8084", + "type": "default", + "enabled": true + }, + { + "key": "PROVIDER_DSP_URL", + "value": "http://localhost:8192", + "type": "default", + "enabled": true + }, + { + "key": "PROVIDER_PUBLIC_API", + "value": "http://localhost:12001", + "type": "default", + "enabled": true + } + ], + "_postman_variable_scope": "environment", + "_postman_exported_at": "2024-07-19T12:19:50.250Z", + "_postman_exported_using": "Postman/11.4.0" +} \ No newline at end of file diff --git a/deployment/postman/MVD.postman_collection.json b/deployment/postman/MVD.postman_collection.json index 01bf99bb..fa29ce5f 100644 --- a/deployment/postman/MVD.postman_collection.json +++ b/deployment/postman/MVD.postman_collection.json @@ -91,7 +91,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-membership\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:permission\": [\n {\n \"odrl:action\": \"use\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"MembershipCredential\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"active\"\n }\n }\n ]\n }\n}" + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-membership\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:permission\": [\n {\n \"odrl:action\": \"USE\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"MembershipCredential\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"active\"\n }\n }\n ]\n }\n}" }, "url": { "raw": "{{HOST}}/api/management/v3/policydefinitions", @@ -124,7 +124,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-dataprocessor\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"use\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"DataAccess.level\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n }\n ]\n }\n}" + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-dataprocessor\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"USE\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"DataAccess.level\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n }\n ]\n }\n}" }, "url": { "raw": "{{HOST}}/api/management/v3/policydefinitions", @@ -570,7 +570,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"@vocab\": \"https://w3id.org/edc/v0.0.1/ns/\"\n },\n \"@type\": \"https://w3id.org/edc/v0.0.1/ns/ContractRequest\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"counterPartyId\": \"{{PROVIDER_ID}}\",\n \"protocol\": \"dataspace-protocol-http\",\n \"policy\": {\n \"@context\": \"http://www.w3.org/ns/odrl.jsonld\",\n \"@type\": \"http://www.w3.org/ns/odrl/2/Offer\",\n \"@id\": \"bWVtYmVyLWFuZC1kYXRhcHJvY2Vzc29yLWRlZg==:YXNzZXQtMQ==:MjcyMzMyZjgtZWM2ZS00MTQ0LWIyYjgtM2ExMzIzMDFjZmQ1\",\n \"assigner\": \"{{PROVIDER_ID}}\",\n \"permission\": [],\n \"prohibition\": [],\n \"odrl:obligation\": {\n \"odrl:action\": {\n \"@id\": \"use\"\n },\n \"odrl:constraint\": {\n \"odrl:leftOperand\": {\n \"@id\": \"DataAccess.level\"\n },\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n },\n \"target\": \"asset-1\"\n },\n \"callbackAddresses\": []\n}", + "raw": "{\n \"@context\": {\n \"@vocab\": \"https://w3id.org/edc/v0.0.1/ns/\"\n },\n \"@type\": \"https://w3id.org/edc/v0.0.1/ns/ContractRequest\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"counterPartyId\": \"{{PROVIDER_ID}}\",\n \"protocol\": \"dataspace-protocol-http\",\n \"policy\": {\n \"@context\": \"http://www.w3.org/ns/odrl.jsonld\",\n \"@type\": \"http://www.w3.org/ns/odrl/2/Offer\",\n \"@id\": \"bWVtYmVyLWFuZC1kYXRhcHJvY2Vzc29yLWRlZg==:YXNzZXQtMQ==:NDFiMWQzZDUtOTA0OS00ZGRmLTk5MDEtNTYxOTVhYmQzNjNj\",\n \"assigner\": \"{{PROVIDER_ID}}\",\n \"permission\": [],\n \"prohibition\": [],\n \"odrl:obligation\": {\n \"odrl:action\": {\n \"@id\": \"USE\"\n },\n \"odrl:constraint\": {\n \"odrl:leftOperand\": {\n \"@id\": \"DataAccess.level\"\n },\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n },\n \"target\": \"asset-1\"\n },\n \"callbackAddresses\": []\n}", "options": { "raw": { "language": "json" diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/AbstractCredentialEvaluationFunction.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/AbstractCredentialEvaluationFunction.java new file mode 100644 index 00000000..f1564868 --- /dev/null +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/AbstractCredentialEvaluationFunction.java @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2024 Metaform Systems, Inc. + * + * This program and the accompanying materials are made available under the + * terms of the Apache License, Version 2.0 which is available at + * https://www.apache.org/licenses/LICENSE-2.0 + * + * SPDX-License-Identifier: Apache-2.0 + * + * Contributors: + * Metaform Systems, Inc. - initial API and implementation + * + */ + +package org.eclipse.edc.demo.dcp.policy; + +import org.eclipse.edc.iam.verifiablecredentials.spi.model.VerifiableCredential; +import org.eclipse.edc.spi.agent.ParticipantAgent; +import org.eclipse.edc.spi.result.Result; + +import java.util.List; + +public class AbstractCredentialEvaluationFunction { + private static final String VC_CLAIM = "vc"; + protected static final String MVD_NAMESPACE = "https://w3id.org/mvd/credentials/"; + + protected Result<List<VerifiableCredential>> getCredentialList(ParticipantAgent agent) { + var vcListClaim = agent.getClaims().get(VC_CLAIM); + + if (vcListClaim == null) { + return Result.failure("ParticipantAgent did not contain a '%s' claim.".formatted(VC_CLAIM)); + } + if (!(vcListClaim instanceof List)) { + return Result.failure("ParticipantAgent contains a '%s' claim, but the type is incorrect. Expected %s, received %s.".formatted(VC_CLAIM, List.class.getName(), vcListClaim.getClass().getName())); + } + var vcList = (List<VerifiableCredential>) vcListClaim; + if (vcList.isEmpty()) { + return Result.failure("ParticipantAgent contains a '%s' claim but it did not contain any VerifiableCredentials.".formatted(VC_CLAIM)); + } + return Result.success(vcList); + } +} diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/DataAccessLevelFunction.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/DataAccessLevelFunction.java index b4ab48b1..86cbf899 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/DataAccessLevelFunction.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/DataAccessLevelFunction.java @@ -23,13 +23,9 @@ import java.util.Map; import java.util.Objects; -public class DataAccessLevelFunction implements AtomicConstraintFunction<Duty> { +public class DataAccessLevelFunction extends AbstractCredentialEvaluationFunction implements AtomicConstraintFunction<Duty> { - private final String level; - - public DataAccessLevelFunction(String level) { - this.level = level; - } + private static final String DATAPROCESSOR_CRED_TYPE = "DataProcessorCredential"; @Override public boolean evaluate(Operator operator, Object rightOperand, Duty duty, PolicyContext policyContext) { @@ -37,22 +33,30 @@ public boolean evaluate(Operator operator, Object rightOperand, Duty duty, Polic policyContext.reportProblem("Cannot evaluate operator %s, only %s is supported".formatted(operator, Operator.EQ)); return false; } - if (!"level".equalsIgnoreCase(rightOperand.toString())) { - policyContext.reportProblem("Data access credentials only support right operand 'level', but found '%s'".formatted(operator.toString())); - return false; - } var pa = policyContext.getContextData(ParticipantAgent.class); if (pa == null) { policyContext.reportProblem("ParticipantAgent not found on PolicyContext"); return false; } - var claims = pa.getClaims(); + var credentialResult = getCredentialList(pa); + if (credentialResult.failed()) { + policyContext.reportProblem(credentialResult.getFailureDetail()); + return false; + } + + return credentialResult.getContent() + .stream() + .filter(vc -> vc.getType().stream().anyMatch(t -> t.endsWith(DATAPROCESSOR_CRED_TYPE))) + .flatMap(credential -> credential.getCredentialSubject().stream()) + .anyMatch(credentialSubject -> { + var version = credentialSubject.getClaim(MVD_NAMESPACE, "contractVersion"); + var level = credentialSubject.getClaim(MVD_NAMESPACE, "level"); - String version = getClaim("contractVersion", claims); - String level = getClaim("level", claims); + return version != null && Objects.equals(level, rightOperand); + }); - return version != null && Objects.equals(level, rightOperand); + } public String key() { diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java index f27a7ea4..5b8142a1 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java @@ -14,22 +14,25 @@ package org.eclipse.edc.demo.dcp.policy; +import org.eclipse.edc.iam.verifiablecredentials.spi.model.VerifiableCredential; import org.eclipse.edc.jsonld.spi.JsonLdKeywords; import org.eclipse.edc.policy.engine.spi.AtomicConstraintFunction; import org.eclipse.edc.policy.engine.spi.PolicyContext; import org.eclipse.edc.policy.model.Operator; import org.eclipse.edc.policy.model.Permission; import org.eclipse.edc.spi.agent.ParticipantAgent; +import org.eclipse.edc.spi.result.Result; import java.time.Instant; import java.util.List; import java.util.Map; -public class MembershipCredentialEvaluationFunction implements AtomicConstraintFunction<Permission> { +public class MembershipCredentialEvaluationFunction extends AbstractCredentialEvaluationFunction implements AtomicConstraintFunction<Permission> { public static final String MEMBERSHIP_CONSTRAINT_KEY = "MembershipCredential"; - private static final String MEMBERSHIP_CLAIM = "https://w3id.org/mvd/credentials/membership"; - private static final String MEMBERSHIP_SINCE_CLAIM = "https://w3id.org/mvd/credentials/since"; + private static final String MEMBERSHIP_CLAIM = "membership"; + private static final String SINCE_CLAIM = "since"; + private static final String ACTIVE = "active"; @SuppressWarnings("unchecked") @Override @@ -38,24 +41,30 @@ public boolean evaluate(Operator operator, Object rightOperand, Permission permi policyContext.reportProblem("Invalid operator '%s', only accepts '%s'".formatted(operator, Operator.EQ)); return false; } + if (!ACTIVE.equals(rightOperand)) { + policyContext.reportProblem("Right-operand must be equal to '%s', but was '%s'".formatted(ACTIVE, rightOperand)); + return false; + } + var pa = policyContext.getContextData(ParticipantAgent.class); if (pa == null) { policyContext.reportProblem("No ParticipantAgent found on context."); return false; } - var claims = pa.getClaims(); - Map<String, List<?>> membership = (Map<String, List<?>>) claims.get(MEMBERSHIP_CLAIM); - if ("active".equalsIgnoreCase(rightOperand.toString())) { - String since = getArrayValue(membership.get(MEMBERSHIP_SINCE_CLAIM)); - var membershipStartDate = Instant.parse(since); - - return membershipStartDate.isBefore(Instant.now()); + var credentialResult = getCredentialList(pa); + if (credentialResult.failed()) { + policyContext.reportProblem(credentialResult.getFailureDetail()); + return false; } - return false; - } - private <T> T getArrayValue(List entry) { - return (T) ((Map) entry.get(0)).get(JsonLdKeywords.VALUE); + return credentialResult.getContent() + .stream() + .filter(vc -> vc.getType().stream().anyMatch(t -> t.endsWith(MEMBERSHIP_CONSTRAINT_KEY))) + .flatMap(vc -> vc.getCredentialSubject().stream().filter(cs -> cs.getClaims().containsKey(MEMBERSHIP_CLAIM))) + .anyMatch(credential -> { + var membershipClaim = (Map<String, ?>) credential.getClaim(MVD_NAMESPACE, MEMBERSHIP_CLAIM); + var membershipStartDate = Instant.parse(membershipClaim.get(SINCE_CLAIM).toString()); + return membershipStartDate.isBefore(Instant.now()); + }); } - } diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java index 6de506c3..e9f3e0d2 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java @@ -43,26 +43,22 @@ public class PolicyEvaluationExtension implements ServiceExtension { @Override public void initialize(ServiceExtensionContext context) { var fct = new MembershipCredentialEvaluationFunction(); - this.bindPermissionFunction(fct, TRANSFER_PROCESS_SCOPE, MEMBERSHIP_CONSTRAINT_KEY); - this.bindPermissionFunction(fct, NEGOTIATION_SCOPE, MEMBERSHIP_CONSTRAINT_KEY); - this.bindPermissionFunction(fct, CATALOG_SCOPE, MEMBERSHIP_CONSTRAINT_KEY); - registerDataAccessLevelFunction("processing"); - registerDataAccessLevelFunction("sensitive"); + bindPermissionFunction(fct, TRANSFER_PROCESS_SCOPE, MEMBERSHIP_CONSTRAINT_KEY); + bindPermissionFunction(fct, NEGOTIATION_SCOPE, MEMBERSHIP_CONSTRAINT_KEY); + bindPermissionFunction(fct, CATALOG_SCOPE, MEMBERSHIP_CONSTRAINT_KEY); + + registerDataAccessLevelFunction(); } - private void registerDataAccessLevelFunction(String accessLevel) { - var function = new DataAccessLevelFunction(accessLevel); + private void registerDataAccessLevelFunction() { + var function = new DataAccessLevelFunction(); var accessLevelKey = function.key(); bindDutyFunction(function, TRANSFER_PROCESS_SCOPE, accessLevelKey); bindDutyFunction(function, NEGOTIATION_SCOPE, accessLevelKey); bindDutyFunction(function, CATALOG_SCOPE, accessLevelKey); - - bindDutyFunction(function, TRANSFER_PROCESS_REQUEST_SCOPE, accessLevelKey); - bindDutyFunction(function, NEGOTIATION_REQUEST_SCOPE, accessLevelKey); - bindDutyFunction(function, CATALOG_REQUEST_SCOPE, accessLevelKey); } private void bindPermissionFunction(AtomicConstraintFunction<Permission> function, String scope, String constraintType) { diff --git a/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java b/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java index 9caa308a..43ff9edf 100644 --- a/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java +++ b/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java @@ -62,6 +62,8 @@ public class TransferEndToEndTest { // public API endpoint of the provider-qna connector, goes through the ingress controller private static final String PROVIDER_PUBLIC_URL = "http://127.0.0.1/provider-qna/public"; private static final String PROVIDER_MANAGEMENT_URL = "http://127.0.0.1/provider-qna/cp"; + + private static final Duration TEST_TIMEOUT_DURATION = Duration.ofSeconds(120); private static final Duration TEST_POLL_DELAY = Duration.ofSeconds(2); @@ -96,7 +98,7 @@ public String fromIri(String s) { } @Test - void transferData() { + void transferData_hasPermission_shouldTransferData() { System.out.println("Waiting for Provider dataplane to come online"); // wait until provider's dataplane is available await().atMost(TEST_TIMEOUT_DURATION) @@ -247,4 +249,91 @@ void transferData() { assertThat(response).isNotEmpty(); } + + @Test + void transferData_doesNotHavePermission_shouldTerminate() { + System.out.println("Waiting for Provider dataplane to come online"); + // wait until provider's dataplane is available + await().atMost(TEST_TIMEOUT_DURATION) + .pollDelay(TEST_POLL_DELAY) + .untilAsserted(() -> { + var jp = baseRequest() + .get(PROVIDER_MANAGEMENT_URL + "/api/management/v3/dataplanes") + .then() + .statusCode(200) + .log().ifValidationFails() + .extract().body().jsonPath(); + + var state = jp.getString("state"); + assertThat(state).isEqualTo("[AVAILABLE]"); + }); + + System.out.println("Provider dataplane is online, fetching catalog"); + + var emptyQueryBody = Json.createObjectBuilder() + .add("@context", Json.createObjectBuilder().add("edc", "https://w3id.org/edc/v0.0.1/ns/")) + .add("@type", "QuerySpec") + .build(); + var offerId = new AtomicReference<String>(); + // get catalog, extract offer ID + await().atMost(TEST_TIMEOUT_DURATION) + .pollDelay(TEST_POLL_DELAY) + .untilAsserted(() -> { + var jo = baseRequest() + .body(emptyQueryBody) + .post(CONSUMER_CATALOG_URL + "/api/catalog/v1alpha/catalog/query") + .then() + .log().ifError() + .statusCode(200) + .extract().body().as(JsonArray.class); + + var offerIdsFiltered = jo.stream().map(jv -> { + + var expanded = jsonLd.expand(jv.asJsonObject()).orElseThrow(f -> new AssertionError(f.getFailureDetail())); + var cat = transformerRegistry.transform(expanded, Catalog.class).orElseThrow(f -> new AssertionError(f.getFailureDetail())); + return cat.getDatasets().stream().filter(ds -> ds instanceof Catalog) // filter for CatalogAssets + .map(ds -> (Catalog) ds) + .filter(sc -> sc.getDataServices().stream().anyMatch(dataService -> dataService.getEndpointUrl().contains("provider-qna"))) // filter for assets from the Q&A Provider + .flatMap(c -> c.getDatasets().stream()) + .filter(dataset -> dataset.getId().equals("asset-2")) // we should not be allowed to negotiation for this asset! + .map(Dataset::getOffers) + .map(offers -> offers.keySet().iterator().next()) + .findFirst() + .orElse(null); + }).toList(); + assertThat(offerIdsFiltered).hasSize(1); + var oid = offerIdsFiltered.get(0); + assertThat(oid).isNotNull(); + offerId.set(oid); + }); + + System.out.println("Initiate contract negotiation"); + + // initiate negotiation + var negotiationRequest = TestUtils.getResourceFileContentAsString("negotiation-request.json") + .replace("{{PROVIDER_ID}}", PROVIDER_ID) + .replace("{{PROVIDER_DSP_URL}}", PROVIDER_DSP_URL) + .replace("{{OFFER_ID}}", offerId.get()); + var negotiationId = baseRequest() + .body(negotiationRequest) + .post(CONSUMER_MANAGEMENT_URL + "/api/management/v3/contractnegotiations") + .then() + .log().ifError() + .statusCode(200) + .extract().body().jsonPath().getString("@id"); + assertThat(negotiationId).isNotNull(); + + //wait until negotiation is TERMINATED + await().atMost(TEST_TIMEOUT_DURATION) + .pollDelay(TEST_POLL_DELAY) + .untilAsserted(() -> { + var jp = baseRequest() + .get(CONSUMER_MANAGEMENT_URL + "/api/management/v3/contractnegotiations/" + negotiationId) + .then() + .statusCode(200) + .extract().body().jsonPath(); + var state = jp.getString("state"); + assertThat(state).isEqualTo("TERMINATED"); + }); + } } diff --git a/tests/end2end/src/test/resources/negotiation-request.json b/tests/end2end/src/test/resources/negotiation-request.json index 97218afc..b8a4c6c1 100644 --- a/tests/end2end/src/test/resources/negotiation-request.json +++ b/tests/end2end/src/test/resources/negotiation-request.json @@ -15,16 +15,16 @@ "prohibition": [], "odrl:obligation": { "odrl:action": { - "@id": "use" + "@id": "USE" }, "odrl:constraint": { "odrl:leftOperand": { - "@id": "FrameworkCredential.pcf" + "@id": "DataAccess.level" }, "odrl:operator": { "@id": "odrl:eq" }, - "odrl:rightOperand": "active" + "odrl:rightOperand": "processing" } }, "target": "asset-1" From 089519d5997059a54d12dd29da06a47462762ee2 Mon Sep 17 00:00:00 2001 From: Paul Latzelsperger <paul.latzelsperger@beardyinc.com> Date: Fri, 19 Jul 2024 16:51:54 +0200 Subject: [PATCH 4/4] pr remarks, checkstyle --- deployment/postman/MVD.postman_collection.json | 16 ++++++++-------- .../MembershipCredentialEvaluationFunction.java | 4 ---- .../dcp/policy/PolicyEvaluationExtension.java | 7 ++----- .../java/org/eclipse/edc/demo/dcp/JwtSigner.java | 7 ++----- .../tests/transfer/TransferEndToEndTest.java | 6 +++++- .../src/test/resources/negotiation-request.json | 2 +- 6 files changed, 18 insertions(+), 24 deletions(-) diff --git a/deployment/postman/MVD.postman_collection.json b/deployment/postman/MVD.postman_collection.json index fa29ce5f..f665f08b 100644 --- a/deployment/postman/MVD.postman_collection.json +++ b/deployment/postman/MVD.postman_collection.json @@ -91,7 +91,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-membership\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:permission\": [\n {\n \"odrl:action\": \"USE\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"MembershipCredential\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"active\"\n }\n }\n ]\n }\n}" + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-membership\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:permission\": [\n {\n \"odrl:action\": \"use\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"MembershipCredential\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"active\"\n }\n }\n ]\n }\n}" }, "url": { "raw": "{{HOST}}/api/management/v3/policydefinitions", @@ -124,7 +124,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-dataprocessor\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"USE\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"DataAccess.level\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n }\n ]\n }\n}" + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-dataprocessor\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"use\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"DataAccess.level\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n }\n ]\n }\n}" }, "url": { "raw": "{{HOST}}/api/management/v3/policydefinitions", @@ -157,7 +157,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-sensitive\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"USE\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"DataAccess.level\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"sensitive\"\n }\n }\n ]\n }\n}" + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"@type\": \"PolicyDefinitionRequestDto\",\n \"@id\": \"require-sensitive\",\n \"policy\": {\n \"@type\": \"http://www.w3.org/ns/odrl/2/Set\",\n \"odrl:obligation\": [\n {\n \"odrl:action\": \"use\",\n \"odrl:constraint\": {\n \"@type\": \"LogicalConstraint\",\n \"odrl:leftOperand\": \"DataAccess.level\",\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"sensitive\"\n }\n }\n ]\n }\n}" }, "url": { "raw": "{{HOST}}/api/management/v3/policydefinitions", @@ -570,7 +570,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"@vocab\": \"https://w3id.org/edc/v0.0.1/ns/\"\n },\n \"@type\": \"https://w3id.org/edc/v0.0.1/ns/ContractRequest\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"counterPartyId\": \"{{PROVIDER_ID}}\",\n \"protocol\": \"dataspace-protocol-http\",\n \"policy\": {\n \"@context\": \"http://www.w3.org/ns/odrl.jsonld\",\n \"@type\": \"http://www.w3.org/ns/odrl/2/Offer\",\n \"@id\": \"bWVtYmVyLWFuZC1kYXRhcHJvY2Vzc29yLWRlZg==:YXNzZXQtMQ==:NDFiMWQzZDUtOTA0OS00ZGRmLTk5MDEtNTYxOTVhYmQzNjNj\",\n \"assigner\": \"{{PROVIDER_ID}}\",\n \"permission\": [],\n \"prohibition\": [],\n \"odrl:obligation\": {\n \"odrl:action\": {\n \"@id\": \"USE\"\n },\n \"odrl:constraint\": {\n \"odrl:leftOperand\": {\n \"@id\": \"DataAccess.level\"\n },\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n },\n \"target\": \"asset-1\"\n },\n \"callbackAddresses\": []\n}", + "raw": "{\n \"@context\": {\n \"@vocab\": \"https://w3id.org/edc/v0.0.1/ns/\"\n },\n \"@type\": \"https://w3id.org/edc/v0.0.1/ns/ContractRequest\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"counterPartyId\": \"{{PROVIDER_ID}}\",\n \"protocol\": \"dataspace-protocol-http\",\n \"policy\": {\n \"@context\": \"http://www.w3.org/ns/odrl.jsonld\",\n \"@type\": \"http://www.w3.org/ns/odrl/2/Offer\",\n \"@id\": \"bWVtYmVyLWFuZC1kYXRhcHJvY2Vzc29yLWRlZg==:YXNzZXQtMQ==:MmQ0ZWZjZTYtYzJjNy00NTM5LTk5ODAtZDAwOTlkZDNkOWQy\",\n \"assigner\": \"{{PROVIDER_ID}}\",\n \"permission\": [],\n \"prohibition\": [],\n \"odrl:obligation\": {\n \"odrl:action\": {\n \"@id\": \"use\"\n },\n \"odrl:constraint\": {\n \"odrl:leftOperand\": {\n \"@id\": \"DataAccess.level\"\n },\n \"odrl:operator\": {\n \"@id\": \"odrl:eq\"\n },\n \"odrl:rightOperand\": \"processing\"\n }\n },\n \"target\": \"asset-1\"\n },\n \"callbackAddresses\": []\n}", "options": { "raw": { "language": "json" @@ -633,7 +633,7 @@ "header": [], "body": { "mode": "raw", - "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"assetId\": \"asset-1\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"connectorId\": \"{{PROVIDER_ID}}\",\n \"contractId\": \"5613c232-d12e-41de-b0d6-befc290e5309\",\n \"dataDestination\": {\n \"type\": \"HttpProxy\"\n },\n \"protocol\": \"dataspace-protocol-http\",\n \"transferType\": \"HttpData-PULL\"\n}", + "raw": "{\n \"@context\": {\n \"odrl\": \"http://www.w3.org/ns/odrl/2/\"\n },\n \"assetId\": \"asset-1\",\n \"counterPartyAddress\": \"{{PROVIDER_DSP_URL}}/api/dsp\",\n \"connectorId\": \"{{PROVIDER_ID}}\",\n \"contractId\": \"47e43627-d9b0-4e35-b534-cef450d7de88\",\n \"dataDestination\": {\n \"type\": \"HttpProxy\"\n },\n \"protocol\": \"dataspace-protocol-http\",\n \"transferType\": \"HttpData-PULL\"\n}", "options": { "raw": { "language": "json" @@ -734,7 +734,7 @@ } ], "url": { - "raw": "{{HOST}}/api/management/v3/edrs/cb60556e-5544-4d37-a5ca-6412b293fc98/dataaddress", + "raw": "{{HOST}}/api/management/v3/edrs/713dfab7-c70a-4c7b-9756-d372647276b5/dataaddress", "host": [ "{{HOST}}" ], @@ -743,7 +743,7 @@ "management", "v3", "edrs", - "cb60556e-5544-4d37-a5ca-6412b293fc98", + "713dfab7-c70a-4c7b-9756-d372647276b5", "dataaddress" ] } @@ -764,7 +764,7 @@ }, { "key": "Authorization", - "value": "eyJraWQiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciNrZXktMSIsImFsZyI6IkVTMjU2In0.eyJpc3MiOiJkaWQ6d2ViOnByb3ZpZGVyLWlkZW50aXR5aHViJTNBNzA4Mzpwcm92aWRlciIsImF1ZCI6ImRpZDp3ZWI6Y29uc3VtZXItaWRlbnRpdHlodWIlM0E3MDgzOmNvbnN1bWVyIiwic3ViIjoiZGlkOndlYjpwcm92aWRlci1pZGVudGl0eWh1YiUzQTcwODM6cHJvdmlkZXIiLCJpYXQiOjE3MjExMjUwMTY4NTUsImp0aSI6ImMzODM0YWJmLWE3YjYtNDNmNC05ZWU3LTBjYjIzNzI2NGIzZiJ9.Ok7g_ekPgOuevytQEf3gDaixyUEphTbZa496lUqKYoyS0QIsKsxtYfkbD0tCitUtCkZIgGOIBsq5-A8ia_7UHg", + "value": "eyJraWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMja2V5LTEiLCJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJhdWQiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwODMiLCJzdWIiOiJkaWQ6d2ViOmxvY2FsaG9zdCUzQTcwOTMiLCJpYXQiOjE3MjEzOTMxNjU5ODgsImp0aSI6ImFmOWI2YWIyLTMwNjYtNDNlNi1hNjg1LWIyMDVjNTFkZmJhMyJ9.ute0sLuMgc0bzG_ZUGG9G3pliFfANf9pWDxReiRrWjGudgUa4YmR9ftB5LeZTOvKCBJshRpbZX-hnQxR8fXMWA", "type": "text" } ], diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java index 5b8142a1..ebdb3fa2 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/MembershipCredentialEvaluationFunction.java @@ -14,17 +14,13 @@ package org.eclipse.edc.demo.dcp.policy; -import org.eclipse.edc.iam.verifiablecredentials.spi.model.VerifiableCredential; -import org.eclipse.edc.jsonld.spi.JsonLdKeywords; import org.eclipse.edc.policy.engine.spi.AtomicConstraintFunction; import org.eclipse.edc.policy.engine.spi.PolicyContext; import org.eclipse.edc.policy.model.Operator; import org.eclipse.edc.policy.model.Permission; import org.eclipse.edc.spi.agent.ParticipantAgent; -import org.eclipse.edc.spi.result.Result; import java.time.Instant; -import java.util.List; import java.util.Map; public class MembershipCredentialEvaluationFunction extends AbstractCredentialEvaluationFunction implements AtomicConstraintFunction<Permission> { diff --git a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java index e9f3e0d2..e22db2f0 100644 --- a/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java +++ b/extensions/dcp-impl/src/main/java/org/eclipse/edc/demo/dcp/policy/PolicyEvaluationExtension.java @@ -24,11 +24,8 @@ import org.eclipse.edc.spi.system.ServiceExtensionContext; import static org.eclipse.edc.demo.dcp.policy.MembershipCredentialEvaluationFunction.MEMBERSHIP_CONSTRAINT_KEY; -import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.CATALOG_REQUEST_SCOPE; import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.CATALOG_SCOPE; -import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.NEGOTIATION_REQUEST_SCOPE; import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.NEGOTIATION_SCOPE; -import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.TRANSFER_PROCESS_REQUEST_SCOPE; import static org.eclipse.edc.demo.dcp.policy.PolicyScopes.TRANSFER_PROCESS_SCOPE; import static org.eclipse.edc.policy.model.OdrlNamespace.ODRL_SCHEMA; @@ -62,7 +59,7 @@ private void registerDataAccessLevelFunction() { } private void bindPermissionFunction(AtomicConstraintFunction<Permission> function, String scope, String constraintType) { - ruleBindingRegistry.bind("USE", scope); + ruleBindingRegistry.bind("use", scope); ruleBindingRegistry.bind(ODRL_SCHEMA + "use", scope); ruleBindingRegistry.bind(constraintType, scope); @@ -70,7 +67,7 @@ private void bindPermissionFunction(AtomicConstraintFunction<Permission> functio } private void bindDutyFunction(AtomicConstraintFunction<Duty> function, String scope, String constraintType) { - ruleBindingRegistry.bind("USE", scope); + ruleBindingRegistry.bind("use", scope); ruleBindingRegistry.bind(ODRL_SCHEMA + "use", scope); ruleBindingRegistry.bind(constraintType, scope); diff --git a/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java b/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java index 916c38b1..9eec6ed5 100644 --- a/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java +++ b/launchers/identity-hub/src/test/java/org/eclipse/edc/demo/dcp/JwtSigner.java @@ -55,7 +55,7 @@ public class JwtSigner { @SuppressWarnings("unchecked") @ParameterizedTest @ArgumentsSource(InputOutputProvider.class) - void generateJwt(String rawCredentialFilePAth, File vcResource, String did) throws JOSEException, IOException { + void generateJwt(String rawCredentialFilePath, File vcResource, String did) throws JOSEException, IOException { var header = new JWSHeader.Builder(JWSAlgorithm.EdDSA) .keyID("did:example:dataspace-issuer#key-1") @@ -63,10 +63,8 @@ void generateJwt(String rawCredentialFilePAth, File vcResource, String did) thro .build(); - //todo: change this to whatever credential JSON you want to sign - var credential = mapper.readValue(new File(rawCredentialFilePAth), Map.class); + var credential = mapper.readValue(new File(rawCredentialFilePath), Map.class); - //todo: change the claims to suit your needs var claims = new JWTClaimsSet.Builder() .audience(did) .subject(did) @@ -85,7 +83,6 @@ void generateJwt(String rawCredentialFilePAth, File vcResource, String did) thro var content = Files.readString(vcResource.toPath()); var updatedContent = content.replaceFirst("\"rawVc\":.*,", "\"rawVc\": \"%s\",".formatted(jwt.serialize())); -// mapper.writeValue(vcResource, updatedContent); Files.write(vcResource.toPath(), updatedContent.getBytes()); } diff --git a/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java b/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java index 43ff9edf..e683f70c 100644 --- a/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java +++ b/tests/end2end/src/test/java/org/eclipse/edc/demo/tests/transfer/TransferEndToEndTest.java @@ -35,6 +35,7 @@ import org.eclipse.edc.transform.spi.TypeTransformerRegistry; import org.eclipse.edc.transform.transformer.edc.to.JsonValueToGenericTypeTransformer; import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.Test; import java.time.Duration; @@ -97,6 +98,7 @@ public String fromIri(String s) { }).forEach(transformerRegistry::register); } + @DisplayName("Tests a successful End-to-End contract negotiation and data transfer") @Test void transferData_hasPermission_shouldTransferData() { System.out.println("Waiting for Provider dataplane to come online"); @@ -250,6 +252,7 @@ void transferData_hasPermission_shouldTransferData() { assertThat(response).isNotEmpty(); } + @DisplayName("Tests a failing End-to-End contract negotiation because of an unfulfilled policy") @Test void transferData_doesNotHavePermission_shouldTerminate() { System.out.println("Waiting for Provider dataplane to come online"); @@ -313,7 +316,8 @@ void transferData_doesNotHavePermission_shouldTerminate() { var negotiationRequest = TestUtils.getResourceFileContentAsString("negotiation-request.json") .replace("{{PROVIDER_ID}}", PROVIDER_ID) .replace("{{PROVIDER_DSP_URL}}", PROVIDER_DSP_URL) - .replace("{{OFFER_ID}}", offerId.get()); + .replace("{{OFFER_ID}}", offerId.get()) + .replaceFirst("\"odrl:rightOperand\": \"processing\"", " \"odrl:rightOperand\": \"sensitive\""); var negotiationId = baseRequest() .body(negotiationRequest) .post(CONSUMER_MANAGEMENT_URL + "/api/management/v3/contractnegotiations") diff --git a/tests/end2end/src/test/resources/negotiation-request.json b/tests/end2end/src/test/resources/negotiation-request.json index b8a4c6c1..79c1ae4e 100644 --- a/tests/end2end/src/test/resources/negotiation-request.json +++ b/tests/end2end/src/test/resources/negotiation-request.json @@ -15,7 +15,7 @@ "prohibition": [], "odrl:obligation": { "odrl:action": { - "@id": "USE" + "@id": "use" }, "odrl:constraint": { "odrl:leftOperand": {