diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 9c245eb595..b4fb5ea65d 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -7,11 +7,11 @@ # Pollux: /pollux/ @patlo-iog @CryptoKnightIOG @mineme0110 -# PRISM Agent: -/prism-agent/ @bvoiturier @yshyn-iohk @patlo-iog +# Cloud Agent: +/cloud-agent/ @bvoiturier @yshyn-iohk @patlo-iog # CI pipelines: -/.github/ @mineme0110 +/.github/ @mineme0110 @patlo-iog # PRISM Node: /prism-node/ @shotexa diff --git a/.github/labeler.yml b/.github/labeler.yml index 4dfe0b1404..81f7628e17 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -15,10 +15,10 @@ pollux: - changed-files: - any-glob-to-any-file: - pollux/**/* -prism-agent: +cloud-agent: - changed-files: - any-glob-to-any-file: - - prism-agent/**/* + - cloud-agent/**/* prism-node: - changed-files: - any-glob-to-any-file: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 61f1a3e05d..e1e6eead0b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -3,7 +3,6 @@ name: MegaLinter on: pull_request: - workflow_dispatch: env: # Comment env block if you don't want to apply fixes # Apply linter fixes configuration @@ -66,6 +65,8 @@ jobs: uses: peter-evans/create-pull-request@v6 with: token: ${{ secrets.GITHUB_TOKEN }} + base: ${{ github.head_ref }} + branch-suffix: short-commit-hash commit-message: "style: apply linters automatic fixes" title: "style: apply linters automatic fixes" signoff: true diff --git a/cloud-agent/service/README.md b/cloud-agent/service/README.md index 0e2d371e15..e26bd473ee 100644 --- a/cloud-agent/service/README.md +++ b/cloud-agent/service/README.md @@ -1,8 +1,8 @@ -# PrismAgent service +# CloudAgent service ## Quickstart -### Running PrismAgent service locally +### Running CloudAgent service locally see `./infrastucture/local/README.md` for instruction @@ -10,7 +10,7 @@ see `./infrastucture/local/README.md` for instruction ## DID key management -`prism-agent` is a cloud agent that represents the digital identity (is a DID controller) +`cloud-agent` is a cloud agent that represents the digital identity (is a DID controller) of the Issuing / Verification organization. As a DID controller, it needs to perform the operation with private and public keys through the Wallet API abstraction level. The interface for key-mangement is heavily inspired by @@ -31,7 +31,7 @@ Basic documentation on how to execute the Connect flow from command line can be Basic documentation on how to execute the Issue flow from the command line can be found [here](./issue.md). --- -## Presnt Proof flow +## Present Proof flow Basic documentation on how to execute the Present Proof flow from the command line can be found [here](./present-proof.md). diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/PrismAgentApp.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/CloudAgentApp.scala similarity index 99% rename from cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/PrismAgentApp.scala rename to cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/CloudAgentApp.scala index 05ab85af79..3f56690b5e 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/PrismAgentApp.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/CloudAgentApp.scala @@ -37,7 +37,7 @@ import org.hyperledger.identus.verification.controller.VcVerificationServerEndpo import zio.* import zio.metrics.* -object PrismAgentApp { +object CloudAgentApp { def run = for { _ <- AgentInitialization.run diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala index 2be4ed58c1..0fa8a06f24 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala @@ -134,7 +134,7 @@ object MainApp extends ZIOAppDefault { _ <- preMigrations _ <- migrations - app <- PrismAgentApp.run + app <- CloudAgentApp.run .provide( DidCommX.liveLayer, // infra diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/agent/server/config/AppConfigSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/agent/server/config/AppConfigSpec.scala index e967551ed5..1b93104664 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/agent/server/config/AppConfigSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/agent/server/config/AppConfigSpec.scala @@ -7,7 +7,6 @@ import zio.test.* import zio.test.Assertion.* import zio.test.ZIOSpecDefault -/** prismAgentServer/testOnly io.iohk.atala.agent.server.config.AppConfigSpec */ object AppConfigSpec extends ZIOSpecDefault { private val baseVaultConfig = VaultConfig( diff --git a/docs/decisions/20230926-use-keycloak-authorisation-service-for-managing-wallet-permissions.md b/docs/decisions/20230926-use-keycloak-authorisation-service-for-managing-wallet-permissions.md index 0958b0c91c..fc17a378eb 100644 --- a/docs/decisions/20230926-use-keycloak-authorisation-service-for-managing-wallet-permissions.md +++ b/docs/decisions/20230926-use-keycloak-authorisation-service-for-managing-wallet-permissions.md @@ -73,13 +73,13 @@ sequenceDiagram actor Admin actor User participant Client - participant PrismAgent + participant CloudAgent participant Keycloak autonumber - Admin ->> PrismAgent: Create a new wallet - PrismAgent ->> Keycloak: Register a new resource + Admin ->> CloudAgent: Create a new wallet + CloudAgent ->> Keycloak: Register a new resource Admin ->> Keycloak: Create a new user Admin ->> Keycloak: Create a new user-credential Admin ->> Keycloak: Create a new permission @@ -93,7 +93,7 @@ sequenceDiagram actor Admin actor User participant Client - participant PrismAgent + participant CloudAgent participant Keycloak autonumber @@ -103,17 +103,17 @@ sequenceDiagram Client ->> Keycloak: Login with preconfigured flow Keycloak ->> Client: JWT AccessToken User ->> Client: Check my VC - Client ->> PrismAgent: Get CredentialRecord + Client ->> CloudAgent: Get CredentialRecord opt Bearer token is not RPT - PrismAgent ->> Keycloak: Get permissions - Keycloak ->> PrismAgent: Permitted resource(s) + CloudAgent ->> Keycloak: Get permissions + Keycloak ->> CloudAgent: Permitted resource(s) end alt is permitted - PrismAgent ->> Client: CredentialRecord + CloudAgent ->> Client: CredentialRecord else is not permitted - PrismAgent ->> Client: 403 Forbidden + CloudAgent ->> Client: 403 Forbidden end ``` diff --git a/docs/docusaurus/connections/connection.md b/docs/docusaurus/connections/connection.md index 8c4b5c0b91..f33368bb89 100644 --- a/docs/docusaurus/connections/connection.md +++ b/docs/docusaurus/connections/connection.md @@ -9,19 +9,19 @@ allowing them to exchange information and interact. The connection protocol has two roles: -1. [Inviter](/docs/concepts/glossary#inviter): A subject that initiates a connection request by sending a [connection invitation](/docs/concepts/glossary#connection-invitation). -2. [Invitee](/docs/concepts/glossary#invitee): A subject that receives a connection invitation and accepts it by sending a [connection request](/docs/concepts/glossary#connection-request). +1. [Inviter](/docs/concepts/glossary#inviter): A subject that initiates a connection request by sending a [connection invitation](/docs/concepts/glossary#connection-invitation). +2. [Invitee](/docs/concepts/glossary#invitee): A subject that receives a connection invitation and accepts it by sending a [connection request](/docs/concepts/glossary#connection-request). ## Prerequisites 1. Inviter and Invitee Cloud Agents up and running -## Identus Cloud Agent endpoints overview +## Cloud Agent endpoints overview The protocol uses the following REST API endpoints: 1. [`/connections`](/agent-api/#tag/Connections-Management): - - [`POST`](/agent-api/#tag/Connections-Management/operation/createConnection): Creates a new connection and returns an invitation + - [`POST`](/agent-api/#tag/Connections-Management/operation/createConnection): Creates a new connection and returns an invitation - [`GET`](/agent-api/#tag/Connections-Management/operation/getConnections): Returns a list of connections 2. [`GET /connections/{connectionId}`](/agent-api/#tag/Connections-Management/operation/getConnection): Returns an existing connection record by id 3. [`POST /connection-invitations`](/agent-api/#tag/Connections-Management/operation/acceptConnectionInvitation): Accepts an externally received invitation @@ -32,10 +32,10 @@ Please check the full [Cloud Agent API](/agent-api) specification for more detai ## Inviter Flow -1. Generate and share a new Out-of-Band (OOB) invitation (connection gets created in `InvitationGenerated` state) -2. Receive a connection request from the Invitee (connection moves to `ConnectionRequestReceived` state) -3. Accept the connection request (connection moves to `ConnectionResponsePending` state) -4. Send the connection response via the DIDComm Agent (connection achieves `ConnectionResponseSent` state) +1. Generate and share a new Out-of-Band (OOB) invitation (connection gets created in `InvitationGenerated` state) +2. Receive a connection request from the Invitee (connection moves to `ConnectionRequestReceived` state) +3. Accept the connection request (connection moves to `ConnectionResponsePending` state) +4. Send the connection response via the DIDComm Agent (connection achieves `ConnectionResponseSent` state) The following diagram represents the Inviter's Connection state transitions: ```mermaid @@ -53,10 +53,10 @@ ConnectionResponseSent --> [*] ## Invitee Flow -1. Receive the OOB invitation (`InvitationReceived` state) -2. Accept the invitation (connection is created in `ConnectionRequestPending` state) -3. Send the connection request via [DIDComm](/docs/concepts/glossary#didcomm) (connection achieves `ConnectionRequestSent` state) -4. Receive the connection response (connection achieves `ConnectionResponseReceived` state) +1. Receive the OOB invitation (`InvitationReceived` state) +2. Accept the invitation (connection is created in `ConnectionRequestPending` state) +3. Send the connection request via [DIDComm](/docs/concepts/glossary#didcomm) (connection achieves `ConnectionRequestSent` state) +4. Receive the connection response (connection achieves `ConnectionResponseReceived` state) The following diagram represents the Invitee's Connection state transitions: ```mermaid @@ -85,10 +85,10 @@ The following example demonstrates how you could use two Cloud Agent APIs to set ```shell curl -X 'POST' \ - 'http://localhost:8080/prism-agent/connections' \ - -H 'Content-Type: application/json' \ - -H "apikey: $API_KEY" \ - -d '{ "label": "Connect with Alice" }' | jq + 'http://localhost:8080/prism-agent/connections' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{ "label": "Connect with Alice" }' | jq ``` Example response: @@ -114,10 +114,10 @@ Example response: Replace `{RAW_INVITATION}` with the value of the '_oob' query string parameter from the invitation URL above ```shell curl -X 'POST' \ - 'http://localhost:8090/prism-agent/connection-invitations' \ - -H 'Content-Type: application/json' \ - -H "apikey: $API_KEY" \ - -d '{ "invitation": "{RAW_INVITATION}" }' | jq + 'http://localhost:8090/prism-agent/connection-invitations' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{ "invitation": "{RAW_INVITATION}" }' | jq ``` Example response: diff --git a/docs/docusaurus/credentialdefinition/create.md b/docs/docusaurus/credentialdefinition/create.md index 6e9cd01667..f2a39bcb25 100644 --- a/docs/docusaurus/credentialdefinition/create.md +++ b/docs/docusaurus/credentialdefinition/create.md @@ -1,6 +1,6 @@ # Create the Credential Definition -The Identus Cloud Agent exposes REST API for creation, fetching, and searching the [credential definition](/docs/concepts/glossary#credential-definition) records. +The Cloud Agent exposes REST API for creation, fetching, and searching the [credential definition](/docs/concepts/glossary#credential-definition) records. The OpenAPI specification and ReDoc documentation describe the endpoint. @@ -131,7 +131,7 @@ You should receive a response containing the JSON object representing the creden } ``` -Remember, in the Identus Cloud Agent, the combination of author, id, and version uniquely identifies each credential definition. Thus, using the same agent DID as the author, you cannot establish another credential definition with identical id and version values. +Remember, in the Cloud Agent, the combination of author, id, and version uniquely identifies each credential definition. Thus, using the same agent DID as the author, you cannot establish another credential definition with identical id and version values. ### 4. Update the Credential Definition diff --git a/docs/docusaurus/multitenancy/tenant-migration.md b/docs/docusaurus/multitenancy/tenant-migration.md index d779148555..2f0cfd94f0 100644 --- a/docs/docusaurus/multitenancy/tenant-migration.md +++ b/docs/docusaurus/multitenancy/tenant-migration.md @@ -14,7 +14,7 @@ In the migration process from `apikey` to `JWT`, there is only one role: 1. Keycloak up and running 2. Keycloak is configured the same as in [Tenant Onboarding Self-Service](./tenant-onboarding-self-service.md) -3. The Cloud Agent up and running +3. The Cloud Agent is up and running 4. The Cloud Agent is configured the same as in [Tenant Onboarding Self-Service](./tenant-onboarding-self-service.md) 5. The user has access to the wallet using `apikey`. (See [Tenant Onboarding](./tenant-onboarding.md)) 6. The user has an account registered on Keycloak diff --git a/docs/docusaurus/multitenancy/tenant-onboarding-ext-iam.md b/docs/docusaurus/multitenancy/tenant-onboarding-ext-iam.md index 52493a26e8..ce0c7d8e49 100644 --- a/docs/docusaurus/multitenancy/tenant-onboarding-ext-iam.md +++ b/docs/docusaurus/multitenancy/tenant-onboarding-ext-iam.md @@ -21,7 +21,7 @@ In tenant management with external IAM, there are 2 roles: 1. A realm called `my-realm` is created 2. A client called `prism-agent` under `my-realm` with __authorization__ feature is created. (See [create client instruction](https://www.keycloak.org/docs/latest/authorization_services/index.html#_resource_server_create_client)) 3. Make sure the `prism-agent` client has __direct access grants__ enabled to simplify the login process for this tutorial -3. the Cloud Agent up and running +3. the Cloud Agent is up and running 4. the Cloud Agent is configured with the following environment variables: 1. `ADMIN_TOKEN=my-admin-token` 2. `DEFAULT_WALLET_ENABLED=false` @@ -125,7 +125,7 @@ Response Example: There are multiple ways to complete this step. The goal is to ensure the user has registered on Keycloak. -Keycloak offers great flexibility, allowing users to self-register, +Keycloak offers great flexibility, allowing users to self-register, For this tutorial, we will generate the user manually using Keycloak admin API for simplicity. The first step is to get an admin token from Keycloak using the username and password. diff --git a/docs/docusaurus/multitenancy/tenant-onboarding-self-service.md b/docs/docusaurus/multitenancy/tenant-onboarding-self-service.md index d23cce57ad..d6b8fe91e7 100644 --- a/docs/docusaurus/multitenancy/tenant-onboarding-self-service.md +++ b/docs/docusaurus/multitenancy/tenant-onboarding-self-service.md @@ -25,7 +25,7 @@ In self-service tenant management with external IAM, there is only one role: 2. A client called `prism-agent` under `my-realm` with __authorization__ feature is created. (See [create client instruction](https://www.keycloak.org/docs/latest/authorization_services/index.html#_resource_server_create_client)) 3. Make sure the `prism-agent` client has __direct access grants__ enabled to simplify the login process for this tutorial. 4. Make sure to [allow user self-registration](https://www.keycloak.org/docs/latest/server_admin/index.html#con-user-registration_server_administration_guide). -3. The Cloud Agent up and running +3. The Cloud Agent is up and running 4. The Cloud Agent is configured with the following environment variables: 1. `ADMIN_TOKEN=my-admin-token` 2. `DEFAULT_WALLET_ENABLED=false` diff --git a/docs/docusaurus/multitenancy/tenant-onboarding.md b/docs/docusaurus/multitenancy/tenant-onboarding.md index 19219cfa71..55fc98c41a 100644 --- a/docs/docusaurus/multitenancy/tenant-onboarding.md +++ b/docs/docusaurus/multitenancy/tenant-onboarding.md @@ -130,8 +130,7 @@ Response Example: With the new tenant now equipped with both a wallet and an entity, the final step involves setting up the entity's authentication method. -Once this step is completed, the administrator should provide the tenant with an `apikey`, granting them access to -utilize the Agent. +Once this step is completed, the administrator should provide the tenant with an `apikey`, granting them access to utilize the Agent. ```bash curl -X 'POST' \ diff --git a/docs/general/key-derivation-benchmark.md b/docs/general/key-derivation-benchmark.md index b7cdc677b7..fa2d96e618 100644 --- a/docs/general/key-derivation-benchmark.md +++ b/docs/general/key-derivation-benchmark.md @@ -23,7 +23,7 @@ The tests are being ignored to avoid running them on CI. When running locally, the ignore aspect should be removed and the test can be run by ```bash -sbt prismAgentWalletAPI/'testOnly -- -tag benchmark' +sbt agentWalletAPI/'testOnly -- -tag benchmark' ``` ## Scenario