Merge branch 'main' into feature/prismagent-with-castor-new-protobuf

infrastructure/local/docker-compose.yml

@@ -12,8 +12,6 @@ services:
       POSTGRES_DB: castor
       POSTGRES_USER: postgres
       POSTGRES_PASSWORD: postgres
-    ports:
-      - 5432:5432
     volumes:
       - pg_data_castor_db:/var/lib/postgresql/data
 
@@ -36,8 +34,6 @@ services:
       POSTGRES_DB: pollux
       POSTGRES_USER: postgres
       POSTGRES_PASSWORD: postgres
-    ports:
-      - 5433:5432
     volumes:
       - pg_data_pollux_db:/var/lib/postgresql/data
 
@@ -49,6 +45,28 @@ services:
       db_pollux:
         condition: service_started
 
+  ##########################
+  # Connect Database
+  ##########################
+
+  db_connect:
+    image: postgres:13
+    restart: always
+    environment:
+      POSTGRES_DB: connect
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+    volumes:
+      - pg_data_connect_db:/var/lib/postgresql/data
+
+  # delay to ensure DB is up before applying migrations
+  db_connect_init_delay:
+    image: alpine:3
+    command: sleep 5
+    depends_on:
+      db_connect:
+        condition: service_started
+
   ##########################
   # Iris Database
   ##########################
@@ -60,8 +78,6 @@ services:
       POSTGRES_DB: iris
       POSTGRES_USER: postgres
       POSTGRES_PASSWORD: postgres
-    ports:
-      - 5434:5432
     volumes:
       - pg_data_iris_db:/var/lib/postgresql/data
 
@@ -78,20 +94,18 @@ services:
   # Services
   ##########################
   mediator:
-    image: ghcr.io/input-output-hk/mercury-mediator:0.1.0-SNAPSHOT
+    image: ghcr.io/input-output-hk/mercury-mediator:0.2.0
 
   iris:
-    image: ghcr.io/input-output-hk/iris-service:0.1.0-SNAPSHOT
-    ports:
-      - 8081:8081
+    image: ghcr.io/input-output-hk/iris-service:0.1.0
     environment:
       IRIS_DB_HOST: db_iris
       IRIS_DB_PORT: 5432
       IRIS_DB_NAME: iris
       IRIS_DB_USER: postgres
 
   prism-agent:
-    image: ghcr.io/input-output-hk/prism-agent:0.2.0-SNAPSHOT
+    image: ghcr.io/input-output-hk/prism-agent:0.6.0-SNAPSHOT
     environment:
       IRIS_HOST: iris
       IRIS_PORT: 8081
@@ -105,9 +119,12 @@ services:
       POLLUX_DB_NAME: pollux
       POLLUX_DB_USER: postgres
       POLLUX_DB_PASSWORD: postgres
-    ports:
-      - "8085:8085"
-      - "8080:8080"
+      CONNECT_DB_HOST: db_connect
+      CONNECT_DB_PORT: 5432
+      CONNECT_DB_NAME: connect
+      CONNECT_DB_USER: postgres
+      CONNECT_DB_PASSWORD: postgres
+      DIDCOMM_SERVICE_URL: http://host.docker.internal:${PORT}/didcomm/
 
   swagger-ui:
     image: swaggerapi/swagger-ui:v4.14.0
@@ -121,7 +138,7 @@ services:
   haproxy:
     image: haproxy:2.6.5
     ports:
-      - "80:80"   # Http
+      - "${PORT}:80"   # Http
     depends_on:
       - mediator
       - prism-agent
@@ -132,4 +149,5 @@ services:
 volumes:
   pg_data_castor_db:
   pg_data_pollux_db:
+  pg_data_connect_db:
   pg_data_iris_db:

infrastructure/local/haproxy/haproxy.cfg

@@ -24,10 +24,11 @@ frontend https-in
     option httplog
     option logasap
 
-    use_backend mediator      if { path_beg -i /mediator }
-    use_backend swagger-ui   if { path_beg -i /apidocs }
-    use_backend prism-agent  if { path_beg -i /prism-agent }
-    use_backend prism-agent-tapir  if { path_beg -i /tapir }
+    use_backend mediator                        if { path_beg -i /mediator }
+    use_backend swagger-ui                      if { path_beg -i /apidocs }
+    use_backend prism-agent                     if { path_beg -i /prism-agent }
+    use_backend prism-agent-didcomm             if { path_beg -i /didcomm }
+    use_backend prism-agent-tapir               if { path_beg -i /tapir }
 
 backend mediator
     balance roundrobin
@@ -43,6 +44,13 @@ backend prism-agent
     option forwardfor
     server s1 prism-agent:8080 maxconn 32
 
+backend prism-agent-didcomm
+    balance roundrobin
+    http-request set-uri %[url,regsub(^/didcomm,,)] if { path_beg /didcomm }
+    option httpclose
+    option forwardfor
+    server s1 prism-agent:8090 maxconn 32
+
 backend prism-agent-tapir
     balance roundrobin
     http-request set-uri %[url,regsub(^/tapir,,)] if { path_beg /tapir }

mercury/mercury-library/resolver/src/main/scala/io/iohk/atala/resolvers/DidValidator.scala

@@ -0,0 +1,44 @@
+package io.iohk.atala.resolvers
+
+import io.iohk.atala.mercury.model.DidId
+
+object DidValidator extends DidValidator
+trait DidValidator {
+  val regexAny = "^did:(.*):(.*)$".r
+
+  /** Ex: did:prism:66940961cc0f6a884ff5876992991b994ca518aa34b3bacfd15f2b51a7b042cf
+    */
+  val regexPRISM = "^did:prism:(.*)$".r
+
+  /** Ex:
+    * did:peer:2.Ez6LSeSTchYyPTBk131pKECXWP7t1CYG2RMgRE2KWoiWi962w.Vz6MkmLJC9YyMerhFD831jrbVAo8rHXiBvDV6UKnt8xzQY7MJ.SeyJ0IjoiZG0iLCJzIjoiaHR0cDovL2xvY2FsaG9zdEw5OTk5IiwiciI6W10sImEiOlsiZGlkY29tbS92MiJdfQ
+    */
+  val regexPeer =
+    "^did:peer:(([01](z)([1-9a-km-zA-HJ-NP-Z]{46,47}))|(2((\\.[AEVID](z)([1-9a-km-zA-HJ-NP-Z]{46,47}))+(\\.(S)[0-9a-zA-Z=]*)?)))$".r
+
+  def isDidPRISM(did: String) = did match {
+    case regexPRISM(id) => true
+    case _              => false
+  }
+  def isDidPeer(did: String) = did match {
+    case regexPeer(id, _*) => true
+    case _                 => false
+  }
+
+  def validDID(did: DidId): Boolean = validDID(did.value)
+  def validDID(did: String): Boolean = did match {
+    case regexAny(method, id) => true
+    case _                    => false
+  }
+
+  def supportedDid(did: DidId): Boolean = supportedDid(did.value)
+  def supportedDid(did: String): Boolean = did match
+    case regexPRISM(id)                  => true
+    case regexPeer(id, _*)               => true
+    case regexAny("example", "alice")    => true // for debug
+    case regexAny("example", "mediator") => true // for debug
+    case regexAny("example", "bob")      => true // for debug
+    case regexAny(method, id)            => false
+    case _                               => false // NOT a DID
+
+}

mercury/mercury-library/resolver/src/test/scala/io/iohk/atala/resolvers/DidValidatorSpec.scala

@@ -0,0 +1,31 @@
+package io.iohk.atala.resolvers
+
+import munit.*
+
+/** resolver/testOnly io.iohk.atala.resolvers.DidValidatorSpec
+  */
+class DidValidatorSpec extends ZSuite {
+  val exPRISM = "did:prism:66940961cc0f6a884ff5876992991b994ca518aa34b3bacfd15f2b51a7b042cf"
+  val exPeer =
+    "did:peer:2.Ez6LSeSTchYyPTBk131pKECXWP7t1CYG2RMgRE2KWoiWi962w.Vz6MkmLJC9YyMerhFD831jrbVAo8rHXiBvDV6UKnt8xzQY7MJ.SeyJ0IjoiZG0iLCJzIjoiaHR0cDovL2xvY2FsaG9zdEw5OTk5IiwiciI6W10sImEiOlsiZGlkY29tbS92MiJdfQ"
+
+  test("validDID") {
+    assertEquals(DidValidator.validDID(exPRISM), true)
+    assertEquals(DidValidator.validDID(exPeer), true)
+    assertEquals(DidValidator.validDID("did:test:ola"), true)
+  }
+
+  test("supportedDid") {
+    assertEquals(DidValidator.supportedDid(exPRISM), true)
+    assertEquals(DidValidator.supportedDid(exPeer), true)
+    assertEquals(DidValidator.supportedDid("did:test:ola"), false)
+  }
+
+  test("isDidPRISM and isDidPeer") {
+    assertEquals(DidValidator.isDidPRISM(exPRISM), true)
+    assertEquals(DidValidator.isDidPeer(exPRISM), false)
+
+    assertEquals(DidValidator.isDidPRISM(exPeer), false)
+    assertEquals(DidValidator.isDidPeer(exPeer), true)
+  }
+}

prism-agent/service/CHANGELOG.md

@@ -1,3 +1,10 @@
+# [prism-agent-v0.6.0](https://github.com/input-output-hk/atala-prism-building-blocks/compare/prism-agent-v0.5.0...prism-agent-v0.6.0) (2022-11-29)
+
+
+### Features
+
+* **prism-agent:** add connect/issue doc + allow local execution of multiple Prism Agent instances ([#178](https://github.com/input-output-hk/atala-prism-building-blocks/issues/178)) ([dc8d86b](https://github.com/input-output-hk/atala-prism-building-blocks/commit/dc8d86b1ba87d747c5ac0089573ddd8c2ab62f5e))
+
 # [prism-agent-v0.5.0](https://github.com/input-output-hk/atala-prism-building-blocks/compare/prism-agent-v0.4.0...prism-agent-v0.5.0) (2022-11-28)
 
 

prism-agent/service/README.md

@@ -47,7 +47,14 @@ Similar to [Indy Wallet SDK - secret API](https://github.com/hyperledger/indy-sd
 *it does not expose a private-key* for external use, instead it provide functions to perform cryptographic actions using internally stored private-keys.
 
 ---
+## Connect flow
+Basic documentation on how to execute the Connect flow from command line can be found [here](./connect.md).
 
+---
+## Issue flow
+Basic documentation on how to execute the Issue flow from the command line can be found [here](./issue.md).
+
+---
 ## Known limitations
 
 ### Castor `worker` process embedded inside `prism-agent` runnable

prism-agent/service/api/http/pollux/schemas.yaml

@@ -244,126 +244,6 @@ components:
         count:
           type: integer
 
-#
-
-    W3CCredentialInput:
-      description: |-
-        Credential input object based on which the new instance of the verifiable credentials is created.
-        Object contains the minimal set of the fields required to create the credentials for the given subject.
-        All other required fields of the verifiable credential depend on the context of the cloud agent
-      required:
-        - subjectId
-        - claims
-      properties:
-        schemaId:
-          type: string
-          description: "Identity of the Verifiable Credentials Schema associated with this object"
-          example: "did:example:MDP8AsFhHzhwUvGNuYkX7T;id=06e126d1-fa44-4882-a243-1e326fbe21db;version=1.0"
-        subjectId:
-          type: string
-          description: "Subject DID of the verifiable credentials object"
-          example: "did:prism:subjectofverifiablecredentials"
-        validityPeriod:
-          type: number
-          description: "The validity period in seconds of the verifiable credential"
-          example: 3600
-        claims:
-          type: object
-          additionalProperties:
-            type: string
-          description: "Clams associated with given credentials object (for now it's just a key/value, later should be more complex"
-
-    W3CCredential:
-      description: "Verifiable Credential Object according to W3C specification"
-      required: ["id", "type", "issuer", "issuanceDate", "credentialSubject"]
-      properties:
-        id:
-          type: string
-          description: "Credential id or url that can be used to get the status of revoke the credential"
-          example: "http://example.edu/credentials/1872"
-        type:
-          type: string
-          description: "Credential type according to W3C specification. Must include VerifiableCredentials and type of concrete credentials"
-          example: '["VerifiableCredential", "AlumniCredential"]'
-        issuer:
-          type: string
-          description: "Issuer DID"
-          example: "did:prism:issuerdid"
-        issuanceDate:
-          type: string
-          description: "Datetime in ISO format that corresponds to the date of issuance"
-          example: "2010-01-01T19:23:24Z"
-        credentialSubject:
-          type: object
-          description: "Credentials subject DID and claims according to the schema object"
-          additionalProperties:
-            type: string
-          example:
-            id: "did:prism:subject12345"
-            alumni_of: "University"
-            degree: "master of openapi specification"
-        proof:
-          $ref: "#/components/schemas/W3CProof"
-
-    W3CCredentialsPaginated:
-      description: "Paginated response that contains an array of the credential objects"
-      properties:
-        data:
-          type: array
-          items:
-            $ref: "#/components/schemas/W3CCredential"
-        offset:
-          type: integer
-        limit:
-          type: integer
-        count:
-          type: integer
-
-    W3CIssuanceBatch:
-      description: "An issuance batch object that is associated with thelist of verifiable credentials"
-      properties:
-        id:
-          type: string
-          description: "Issuance batch id"
-        count:
-          type: integer
-          description: "Count of the verifiable credentials object in the batch"
-        actions:
-          type: array
-          items:
-            $ref: "#/components/schemas/W3CIssuanceBatchAction"
-
-    W3CIssuanceBatchAction:
-      description: "Action performed on the list of credentials associated with the issuance batch"
-      properties:
-        action:
-          description: "Action name"
-          type: string
-          enum: ["sign", "issue", "send"]
-          example: "issue"
-        id:
-          description: "Action id for tracking"
-          type: string
-          example: "uid"
-        status:
-          description: "Action status"
-          type: string
-          enum: ["scheduled", "pending", "completed", "failed"]
-
-    W3CIssuanceBatchPaginated:
-      description: "Paginated response that contains an array of the issuance-batch objects"
-      properties:
-        data:
-          type: array
-          items:
-            $ref: "#/components/schemas/W3CIssuanceBatch"
-        offset:
-          type: integer
-        limit:
-          type: integer
-        count:
-          type: integer
-
     W3CCredentialStatus:
       description: Verifiable Credential revocation status
       required: