Skip to content

Commit

Permalink
chore: rename oid4vci for keycloak
Browse files Browse the repository at this point in the history
Signed-off-by: Pat Losoponkul <[email protected]>
  • Loading branch information
Pat Losoponkul committed May 8, 2024
1 parent d6051e2 commit d99d038
Show file tree
Hide file tree
Showing 33 changed files with 77 additions and 69 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ import org.hyperledger.identus.pollux.credentialschema.controller.{
CredentialSchemaControllerImpl,
VerificationPolicyControllerImpl
}
import org.hyperledger.identus.pollux.sql.repository.JdbcOIDC4VCIssuerMetadataRepository
import org.hyperledger.identus.pollux.sql.repository.JdbcOID4VCIIssuerMetadataRepository
import org.hyperledger.identus.pollux.sql.repository.{
JdbcCredentialDefinitionRepository,
JdbcCredentialRepository,
Expand Down Expand Up @@ -200,7 +200,7 @@ object MainApp extends ZIOAppDefault {
RepoModule.polluxContextAwareTransactorLayer ++ RepoModule.polluxTransactorLayer >>> JdbcCredentialSchemaRepository.layer,
RepoModule.polluxContextAwareTransactorLayer ++ RepoModule.polluxTransactorLayer >>> JdbcCredentialDefinitionRepository.layer,
RepoModule.polluxContextAwareTransactorLayer ++ RepoModule.polluxTransactorLayer >>> JdbcPresentationRepository.layer,
RepoModule.polluxContextAwareTransactorLayer ++ RepoModule.polluxTransactorLayer >>> JdbcOIDC4VCIssuerMetadataRepository.layer,
RepoModule.polluxContextAwareTransactorLayer ++ RepoModule.polluxTransactorLayer >>> JdbcOID4VCIIssuerMetadataRepository.layer,
RepoModule.polluxContextAwareTransactorLayer >>> JdbcVerificationPolicyRepository.layer,
// oidc
CredentialIssuerControllerImpl.layer,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import java.util.UUID

object CredentialIssuerEndpoints {

private val tagName = "OpenID for Verifiable Credential"
private val tagName = "OpenID for Verifiable Credential Issuance"
private val tagDescription =
s"""
|The __${tagName}__ is a service that issues credentials to users by implementing the [OIDC for Credential Issuance](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html) specification.
Expand All @@ -32,7 +32,7 @@ object CredentialIssuerEndpoints {
type ExtendedErrorResponse = Either[ErrorResponse, CredentialErrorResponse]

private val issuerIdPathSegment = path[UUID]("issuerId")
.description("An issuer identifier in the oidc4vc protocol")
.description("An issuer identifier in the oid4vci protocol")
.example(UUID.fromString("f47ac10b-58cc-4372-a567-0e02b2c3d479"))

private val credentialConfigIdSegment = path[String]("credentialConfigId")
Expand Down Expand Up @@ -203,7 +203,7 @@ object CredentialIssuerEndpoints {
.description(
"""Create a new credential configuration for the issuer.
|It represents the configuration of the credential that can be issued by the issuer.
|This credential configuration object will be displayed in the OIDC4VC credential issuer metadata.""".stripMargin
|This credential configuration object will be displayed in the credential issuer metadata.""".stripMargin
)

val getCredentialConfigurationEndpoint: Endpoint[
Expand Down Expand Up @@ -251,6 +251,6 @@ object CredentialIssuerEndpoints {
.out(jsonBody[IssuerMetadata])
.errorOut(EndpointOutputs.basicFailuresAndNotFound)
.name("getIssuerMetadata")
.summary("Get oidc4vc credential issuer metadata")
.summary("Get the credential issuer metadata")

}
3 changes: 2 additions & 1 deletion examples/.nickel/agent.ncl
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,8 @@ let AgentServiceArgs = {
}
in
{
makeAgentService | AgentServiceArgs -> _ = fun args =>
makeAgentService | AgentServiceArgs -> _
= fun args =>
{
image = "ghcr.io/hyperledger/identus-cloud-agent:%{args.version}",
restart = "always",
Expand Down
3 changes: 2 additions & 1 deletion examples/.nickel/bootstrap.ncl
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ let HurlBootstrapServiceArgs = {
}
in
{
makeHurlBootstrapService | HurlBootstrapServiceArgs -> _ = fun args =>
makeHurlBootstrapService | HurlBootstrapServiceArgs -> _
= fun args =>
{
image = "ghcr.io/orange-opensource/hurl:%{args.version}",
volumes = ["%{args.hurlDir}:/hurl"],
Expand Down
2 changes: 1 addition & 1 deletion examples/.nickel/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ find . -name "*.ncl" | xargs -I _ nickel format _
nickel export ./root.ncl -f yaml --field st > ../st/compose.yaml
nickel export ./root.ncl -f yaml --field st-vault > ../st-vault/compose.yaml
nickel export ./root.ncl -f yaml --field st-multi > ../st-multi/compose.yaml
nickel export ./root.ncl -f yaml --field st-oidc4vc > ../st-oidc4vc/compose.yaml
nickel export ./root.ncl -f yaml --field st-oid4vci > ../st-oid4vci/compose.yaml

nickel export ./root.ncl -f yaml --field mt > ../mt/compose.yaml
nickel export ./root.ncl -f yaml --field mt-keycloak > ../mt-keycloak/compose.yaml
Expand Down
6 changes: 4 additions & 2 deletions examples/.nickel/caddy.ncl
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ let CaddyServiceArgs = {
}
in
{
makeCaddyConfig | CaddyServiceArgs -> _ = fun args =>
makeCaddyConfig | CaddyServiceArgs -> _
= fun args =>
{
"caddyfile_%{args.name}" = {
content = m%"
Expand All @@ -37,7 +38,8 @@ in
"%
}
},
makeCaddyService | CaddyServiceArgs -> _ = fun args =>
makeCaddyService | CaddyServiceArgs -> _
= fun args =>
{
image = "caddy:%{args.version}",
restart = "always",
Expand Down
3 changes: 2 additions & 1 deletion examples/.nickel/db.ncl
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ let DbServiceArgs = {
}
in
{
makeDbService | DbServiceArgs -> _ = fun args =>
makeDbService | DbServiceArgs -> _
= fun args =>
{
image = "postgres:%{args.version}",
restart = "always",
Expand Down
3 changes: 2 additions & 1 deletion examples/.nickel/node.ncl
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,8 @@ let NodeServiceArgs = {
}
in
{
makeNodeService | NodeServiceArgs -> _ = fun args =>
makeNodeService | NodeServiceArgs -> _
= fun args =>
{
image = "ghcr.io/input-output-hk/prism-node:%{args.version}",
restart = "always",
Expand Down
4 changes: 2 additions & 2 deletions examples/.nickel/root.ncl
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ in
& (stack.makeAgentStack { name = "holder", port = 8081 })
& (stack.makeAgentStack { name = "verifier", port = 8082 }),

st-oidc4vc =
st-oid4vci =
(stack.makeAgentStack { name = "issuer", port = 8080 })
& (stack.makeMockServerStack { port = 7777 })
& (
Expand All @@ -21,7 +21,7 @@ in
name = "issuer",
port = 9980,
realm = "students",
build = "../../extensions/keycloak-oidc4vc",
build = "../../extensions/keycloak-oid4vci",
extraEnvs = { IDENTUS_URL = "http://caddy-issuer:8080/prism-agent" }
}
),
Expand Down
9 changes: 6 additions & 3 deletions examples/.nickel/stack.ncl
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,8 @@ let AgentStackConfig = {
}
in
{
makeMockServerStack | { port | Number } -> _ = fun args =>
makeMockServerStack | { port | Number } -> _
= fun args =>
{
services = {
mockserver = {
Expand All @@ -35,7 +36,8 @@ in
}
}
},
makeIssuerKeycloakStack | ExternalKeycloakStackConfig -> _ = fun args =>
makeIssuerKeycloakStack | ExternalKeycloakStackConfig -> _
= fun args =>
{
services = {
"external-keycloak-%{args.name}" =
Expand Down Expand Up @@ -70,7 +72,8 @@ in
},
}
},
makeAgentStack | AgentStackConfig -> _ = fun args =>
makeAgentStack | AgentStackConfig -> _
= fun args =>
let pgDockerVolumeName = "pg_data_%{args.name}" in
let hosts = {
caddy = "caddy-%{args.name}",
Expand Down
3 changes: 2 additions & 1 deletion examples/.nickel/vault.ncl
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,8 @@ let VaultServiceArgs = {
}
in
{
makeVaultService | VaultServiceArgs -> _ = fun args =>
makeVaultService | VaultServiceArgs -> _
= fun args =>
{
image = "hashicorp/vault:%{args.version}",
ports = ["%{std.to_string args.hostPort}:8200"],
Expand Down
6 changes: 3 additions & 3 deletions examples/st-oid4vci/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@

Example of the script to install the required packages in a virtual environment:
```shell
python -m venv {path-to-the-project-dir}/open-enterprise-agent/examples/st-oidc4vc/python-env
source {path-to-the-project-dir}/open-enterprise-agent/examples/st-oidc4vc/python-env/bin/activate
python -m venv {path-to-the-project-dir}/open-enterprise-agent/examples/st-oid4vci/python-env
source {path-to-the-project-dir}/open-enterprise-agent/examples/st-oid4vci/python-env/bin/activate
pip install requests pyjwt cryptography
```

Expand All @@ -28,7 +28,7 @@ sbt docker:publishLocal
docker-compose up --build
```

This builds a custom Keycloak image with OIDC4VC plugin.
This builds a custom Keycloak image with OID4VCI plugin.
The Keycloak UI is available at `http://localhost:9980` and the admin username is `admin` with password `admin`.

### 2. Run the issuance demo script
Expand Down
2 changes: 1 addition & 1 deletion examples/st-oid4vci/compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ services:
volumes:
- ./bootstrap:/hurl
external-keycloak-issuer:
build: ../../extensions/keycloak-oidc4vc
build: ../../extensions/keycloak-oid4vci
command:
- start-dev
- --features=preview
Expand Down
2 changes: 1 addition & 1 deletion examples/st-oid4vci/demo.py
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ def prepare_issuer():

global CREDENTIAL_ISSUER
canonical_did = issuer_did["did"]
CREDENTIAL_ISSUER = f"{AGENT_URL}/oid4vci/{canonical_did}"
CREDENTIAL_ISSUER = f"{AGENT_URL}/oid4vci/issuers/{canonical_did}"
print(f"CREDENTIAL_ISSUER: {CREDENTIAL_ISSUER}")


Expand Down
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ public static CloseableHttpClient newCloseableHttpClient() {

public NonceResponse syncTokenDetails(String issuerState) {
try (CloseableHttpClient client = httpClient.get()) {
HttpPost post = new HttpPost(identusUrl + "/oidc4vc/did:prism:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/nonces");
HttpPost post = new HttpPost(identusUrl + "/oid4vci/issuers/08877304-a111-4fe4-a84c-8666610b1665/nonces"); // TODO: use real issuer URL
post.setEntity(new StringEntity(JsonSerialization.writeValueAsString(new NonceRequest(issuerState)), ContentType.APPLICATION_JSON));
return NonceResponse.fromResponse(client.execute(post));
} catch (IOException e) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,20 @@
import org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint;
import org.keycloak.sessions.AuthenticationSessionModel;

public class OIDC4VCAuthorizationEndpoint extends AuthorizationEndpoint {
private static final Logger logger = Logger.getLogger(OIDC4VCTokenEndpoint.class);
public class OID4VCIAuthorizationEndpoint extends AuthorizationEndpoint {
private static final Logger logger = Logger.getLogger(OID4VCITokenEndpoint.class);

private final String issuerState;

public OIDC4VCAuthorizationEndpoint(KeycloakSession session, EventBuilder event) {
public OID4VCIAuthorizationEndpoint(KeycloakSession session, EventBuilder event) {
super(session, event);
this.issuerState = session.getContext().getUri().getQueryParameters().getFirst(OIDC4VCConstants.ISSUER_STATE);
this.issuerState = session.getContext().getUri().getQueryParameters().getFirst(OID4VCIConstants.ISSUER_STATE);
}

@Override
protected AuthenticationSessionModel createAuthenticationSession(ClientModel client, String requestState) {
AuthenticationSessionModel authSession = super.createAuthenticationSession(client, requestState);
authSession.setClientNote(OIDC4VCConstants.ISSUER_STATE, issuerState);
authSession.setClientNote(OID4VCIConstants.ISSUER_STATE, issuerState);
return super.createAuthenticationSession(client, requestState);
}
}
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package io.iohk.atala.keycloak;

public class OIDC4VCConstants {
public class OID4VCIConstants {
public static final String ISSUER_STATE = "issuer_state";
public static final String C_NONCE = "c_nonce";
public static final String C_NONCE_EXPIRE = "c_nonce_expires_in";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
import org.keycloak.protocol.oidc.OIDCLoginProtocolFactory;
import org.keycloak.protocol.oidc.OIDCProviderConfig;

public class OIDC4VCLoginProtocolFactory extends OIDCLoginProtocolFactory {
private static final Logger logger = Logger.getLogger(OIDC4VCLoginProtocolFactory.class);
public class OID4VCILoginProtocolFactory extends OIDCLoginProtocolFactory {
private static final Logger logger = Logger.getLogger(OID4VCILoginProtocolFactory.class);
private OIDCProviderConfig providerConfig;

@Override
Expand All @@ -24,6 +24,6 @@ public void init(Config.Scope config) {

@Override
public Object createProtocolEndpoint(KeycloakSession session, EventBuilder event) {
return new OIDC4VCLoginProtocolService(session, event, providerConfig);
return new OID4VCILoginProtocolService(session, event, providerConfig);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -8,27 +8,26 @@
import org.keycloak.protocol.oidc.OIDCProviderConfig;
import org.keycloak.protocol.oidc.TokenManager;

public class OIDC4VCLoginProtocolService extends OIDCLoginProtocolService {
private static final Logger logger = Logger.getLogger(OIDC4VCLoginProtocolService.class);
public class OID4VCILoginProtocolService extends OIDCLoginProtocolService {
private static final Logger logger = Logger.getLogger(OID4VCILoginProtocolService.class);
private final TokenManager tokenManager;
private final KeycloakSession session;
private final EventBuilder event;

public OIDC4VCLoginProtocolService(KeycloakSession session, EventBuilder event, OIDCProviderConfig providerConfig) {
public OID4VCILoginProtocolService(KeycloakSession session, EventBuilder event, OIDCProviderConfig providerConfig) {
super(session, event, providerConfig);
this.tokenManager = new TokenManager();
this.session = session;
this.event = event;
logger.warn("OIDC4VCLoginProtocolService is created !!!!");
}

@Path("auth")
public Object auth() {
return new OIDC4VCAuthorizationEndpoint(session, event);
return new OID4VCIAuthorizationEndpoint(session, event);
}

@Path("token")
public Object token() {
return new OIDC4VCTokenEndpoint(session, tokenManager, event);
return new OID4VCITokenEndpoint(session, tokenManager, event);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -16,20 +16,20 @@

import java.util.function.Function;

public class OIDC4VCTokenEndpoint extends TokenEndpoint {
private static final Logger logger = Logger.getLogger(OIDC4VCTokenEndpoint.class);
public class OID4VCITokenEndpoint extends TokenEndpoint {
private static final Logger logger = Logger.getLogger(OID4VCITokenEndpoint.class);

private final IdentusClient identusClient;

public OIDC4VCTokenEndpoint(KeycloakSession session, TokenManager tokenManager, EventBuilder event) {
public OID4VCITokenEndpoint(KeycloakSession session, TokenManager tokenManager, EventBuilder event) {
super(session, tokenManager, event);
this.identusClient = new IdentusClient();
}

@Override
public Response createTokenResponse(UserModel user, UserSessionModel userSession, ClientSessionContext clientSessionCtx,
String scopeParam, boolean code, Function<TokenManager.AccessTokenResponseBuilder, ClientPolicyContext> clientPolicyContextGenerator) {
String noteKey = AuthorizationEndpoint.LOGIN_SESSION_NOTE_ADDITIONAL_REQ_PARAMS_PREFIX + OIDC4VCConstants.ISSUER_STATE;
String noteKey = AuthorizationEndpoint.LOGIN_SESSION_NOTE_ADDITIONAL_REQ_PARAMS_PREFIX + OID4VCIConstants.ISSUER_STATE;
String issuerState = clientSessionCtx.getClientSession().getNote(noteKey);

if (code && issuerState != null) {
Expand All @@ -40,8 +40,8 @@ public Response createTokenResponse(UserModel user, UserSessionModel userSession

NonceResponse nonceResponse = identusClient.syncTokenDetails(issuerState);
AccessTokenResponse responseEntity = (AccessTokenResponse) originalResponse.getEntity();
responseEntity.setOtherClaims(OIDC4VCConstants.C_NONCE, nonceResponse.getNonce());
responseEntity.setOtherClaims(OIDC4VCConstants.C_NONCE_EXPIRE, nonceResponse.getNonceExpiresIn());
responseEntity.setOtherClaims(OID4VCIConstants.C_NONCE, nonceResponse.getNonce());
responseEntity.setOtherClaims(OID4VCIConstants.C_NONCE_EXPIRE, nonceResponse.getNonceExpiresIn());
return Response.fromResponse(originalResponse)
.entity(responseEntity)
.build();
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
io.iohk.atala.keycloak.OID4VCILoginProtocolFactory
File renamed without changes.

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import zio.*
import java.net.URL
import java.util.UUID

trait OIDC4VCIssuerMetadataRepository {
trait OID4VCIIssuerMetadataRepository {
def findIssuerById(issuerId: UUID): UIO[Option[CredentialIssuer]]
def createIssuer(issuer: CredentialIssuer): URIO[WalletAccessContext, Unit]
def findWalletIssuers: URIO[WalletAccessContext, Seq[CredentialIssuer]]
Expand Down
Loading

0 comments on commit d99d038

Please sign in to comment.