Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(prism-agent): integrate DID secret storage with Vault #543

Merged
merged 16 commits into from
Jun 16, 2023

Conversation

patlo-iog
Copy link
Contributor

@patlo-iog patlo-iog commented Jun 8, 2023

Overview

ATL-4725

  • Integrate Vault
    • store keys for Peer DID
    • read VAULT_TOKEN and VAULT_ADDR variable for configuration
  • Remove support for PRISM DID random key mode
  • Add DEV_MODE configuration flag for development mode (use for WALLET_SEED lookup behavior)
  • Add Vault testcontainers

Checklist

My PR contains...

  • No code changes (changes to documentation, CI, metadata, etc.)
  • Bug fixes (non-breaking change which fixes an issue)
  • Improvements (misc. changes to existing features)
  • Features (non-breaking change which adds functionality)

My changes...

  • are breaking changes
  • are not breaking changes
  • If yes to above: I have updated the documentation accordingly

Documentation

  • My changes do not require a change to the project documentation
  • My changes require a change to the project documentation
  • If yes to above: I have updated the documentation accordingly

Tests

  • My changes can not or do not need to be tested
  • My changes can and should be tested by unit and/or integration tests
  • If yes to above: I have added tests to cover my changes
  • If yes to above: I have taken care to cover edge cases in my tests

@github-actions
Copy link
Contributor

github-actions bot commented Jun 8, 2023

E2E Test Results

11 files  ±0  11 suites  ±0   5m 48s ⏱️ -13s
20 tests ±0  20 ✔️ ±0  0 💤 ±0  0 ±0 
31 runs  ±0  31 ✔️ ±0  0 💤 ±0  0 ±0 

Results for commit fb0c65f. ± Comparison against base commit c005bc0.

♻️ This comment has been updated with latest results.

@github-actions
Copy link
Contributor

github-actions bot commented Jun 8, 2023

Atala PRISM Test Results

  52 files  ±  0    52 suites  ±0   7m 57s ⏱️ - 1m 4s
412 tests +14  412 ✔️ +14  0 💤 ±0  0 ±0 
413 runs  +14  413 ✔️ +14  0 💤 ±0  0 ±0 

Results for commit fb0c65f. ± Comparison against base commit c005bc0.

This pull request removes 42 and adds 56 tests. Note that renamed tests count towards both.
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - createAndStoreDID - create and store DID list in DIDNonSecretStorage
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - createAndStoreDID - create and store DID secret in DIDSecretStorage
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - createAndStoreDID - created DID contain at least 1 master key in CreateOperation
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - createAndStoreDID - created DID have corresponding public keys in CreateOperation
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - createAndStoreDID - validate DID before persisting it in storage
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - deactivateManagedDID - deactivate published DID
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - deactivateManagedDID - fail on deactivating deactivated DID
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - deactivateManagedDID - fail on deactivating non-existing DID
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - deactivateManagedDID - fail on deactivating unpublished DID
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - publishStoredDID - do not re-publish when publishing already published DID
…
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - createAndStoreDID - create and store DID list in DIDNonSecretStorage
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - createAndStoreDID - create and store DID secret in DIDSecretStorage
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - createAndStoreDID - created DID contain at least 1 master key in CreateOperation
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - createAndStoreDID - created DID have corresponding public keys in CreateOperation
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - createAndStoreDID - validate DID before persisting it in storage
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - deactivateManagedDID - deactivate published DID
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - deactivateManagedDID - fail on deactivating deactivated DID
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - deactivateManagedDID - fail on deactivating non-existing DID
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - deactivateManagedDID - fail on deactivating unpublished DID
io.iohk.atala.agent.walletapi.service.ManagedDIDServiceSpec ‑ ManagedDIDService - jdbc as secret storage - publishStoredDID - do not re-publish when publishing already published DID
…

♻️ This comment has been updated with latest results.

@patlo-iog patlo-iog force-pushed the feat/vault-phase-1 branch 3 times, most recently from d9a1134 to 22f0230 Compare June 8, 2023 13:01
@patlo-iog patlo-iog force-pushed the feat/vault-phase-1 branch 5 times, most recently from 75a4aa8 to 43f13f4 Compare June 9, 2023 06:38
@github-actions
Copy link
Contributor

github-actions bot commented Jun 9, 2023

Atala PRISM Code Coverage

File Coverage
All files 22%

Minimum allowed coverage is 12%

Generated by 🐒 cobertura-action against fb0c65f

@patlo-iog patlo-iog force-pushed the feat/vault-phase-1 branch from 8868816 to fe42bc4 Compare June 9, 2023 11:57
@patlo-iog patlo-iog marked this pull request as ready for review June 9, 2023 11:58
@patlo-iog patlo-iog force-pushed the feat/vault-phase-1 branch 2 times, most recently from 2d7592c to 0388840 Compare June 12, 2023 05:33
@patlo-iog patlo-iog requested a review from a user June 14, 2023 13:37
@patlo-iog patlo-iog requested a review from BS-IO as a code owner June 14, 2023 13:37
Copy link

@antonbaliasnikov antonbaliasnikov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work! 3 failed tests will be fixed after rebasing from main. Please, do not forget to use PR checklist to clarify things about your changes.

infrastructure/local/.env Outdated Show resolved Hide resolved
@patlo-iog patlo-iog force-pushed the feat/vault-phase-1 branch from f8763e7 to f672cac Compare June 16, 2023 09:39
@patlo-iog patlo-iog merged commit ee43feb into main Jun 16, 2023
@patlo-iog patlo-iog deleted the feat/vault-phase-1 branch June 16, 2023 10:07
atala-dev added a commit that referenced this pull request Jun 16, 2023
# [1.5.0](prism-agent-v1.4.0...prism-agent-v1.5.0) (2023-06-16)

### Features

* **prism-agent:** integrate credential schema into VC issue flow ([#541](#541)) ([ab88736](ab88736))
* **prism-agent:** integrate DID secret storage with Vault ([#543](#543)) ([ee43feb](ee43feb))
patlo-iog pushed a commit that referenced this pull request Aug 17, 2023
…epo subject to the Developer Certificate of Origin (DCO), Version 1.1.

216ff3a fix(prism-agent): fix OAS on empty DID resolution representation (#616)
4fb1ca7 test: silence migration loggers in tests (#612)
7609e35 build: dependencies updates (#601)
bb1f112 fix(castor): align DID document translation logic (#595)
a1e457a fix(prism-agent): add did-method path segment in HD key derivation (#596)
a8b2f85 build: fix failing build (#597)
fa8c720 docs: improve explanation on DID update lineage (#587)
c0db5c8 fix(pollux): add pagination at db level for getCredentialRecords (#586)
c9e69f6 feat(prism-agent): align DID document service handling with the spec (#582)
24b2300 fix(castor): fix DID parser that failing to parse some DIDs (#581)
e8411dd fix(prism-agent): fix concurrent requests breaking DID index counter (#571)
6a5f9ce fix(prism-agent): decouple secret storage backend from agent (#570)
f450563 chore: cleanup unused oas api template (#566)
d6ff373 test: add key derivation benchmark tests and docs (#563)
3d7696b docs: add new tutorial page on seed generation and fixes (#561)
c3a5d8e fix: log seed error before effect fail (#557)
ee43feb feat(prism-agent): integrate DID secret storage with Vault (#543)
6129baf feat(prism-agent): add support for hierarchical deterministic key with seed (#534)
e36c634 fix(prism-agent): refactor crypto abstraction in the walletAPI (#522)
7bda5b0 chore: cleanup castor and wallet-api unused code (#519)
88eeefd feat(prism-agent): migrate did-registrar endpoint to tapir (#517)
9d587ff feat(prism-agent): migrate DID endpoint to tapir (#511)
8384fe3 feat(castor): add support for context in DID document & operation (#489)
e426a82 feat(prism-node): add context to protobuf definition (#487)
6e5bc5f ci: customize protolint rule in megalinter (#478)
2af6d11 docs: update did tutorial examples (#469)
af356d6 fix(prism-agent): fix incorrect long-form parsing behavior on resolution endpoint (#475)
f269b7e fix(pollux): upgrade castor version (#472)
5ed0978 fix(castor): fix unintended ordering behavior when parsing long-form DID (#471)
1cbb729 feat(prism-agent): add universal-resolver compatible endpoint (#455)
184838c docs: add docusaurus deactivate DID guide (#437)
30d11ff docs: improve DID OAS documentation (#442)
8b34217 docs: add docusaurus DID update guide (#417)
490ae2d docs: docusaurus publish DID guide (#406)
bf03674 fix(prism-agent): avoid race condition when update or deactivate DID (#415)
dd04c3f fix(prism-agent): add consistency to documentation of OAS on DID endpoints (#408)
447817d tests(prism-agent): fix failing e2e Prism DID scenarios (#402)
6a98f70 fix(prism-agent): add uri normalization on UpdateService patch (#401)
cd77edc docs: add create-DID docusaurus guide (#383)
a21e388 feat(prism-agent): add pagination to did-registrar list DID endpoint (#394)
3d08996 feat(prism-agent): fix DID service URI class and improve validation error response message (#389)
757b16b feat(pollux): upgrade castor vertion to 0.8.1 (#388)
f92fed6 fix(castor): use URI that is compliant to RFC3986 (#385)
1aa856f feat(prism-agent): do not create new Prism DID when proof presentation is generated (#378)
253f827 feat(pollux): check prover DID is the same as VC subject when creating a VP (#377)
1305555 test(pollox): make munit tests run (#374)
1c1a171 feat(prism-agent): issue credential to Prism DID holder by Prism DID issuer (#373)
5a1acde feat(pollux): support issuing VC to Prism DID subject by Prism DID issuer (#371)
74e1d21 test(prism-agent): add wallet-api and key-management tests (#362)
b8643a8 feat(prism-agent): upgrade castor and pollux and align OAS to the DID spec (#342)
00a6026 feat(pollux): upgrade castor and update DID public key extraction logic (#339)
7992b80 feat(castor): align castor implementation with DID spec (#336)
29a804f feat(prism-agent): add deactivate DID endpoint (#326)
de180a6 feat(pollux): upgrade castor to 0.7.0 (#330)
5ceb7e9 feat(castor): add support DID deactivate operation (#325)
a934cd4 fix(prism-agent): remove deprecated did-auth endpoints (#324)
a57365f feat(prism-agent): enable update DID operation on prism-agent (#307)
c97624d feat(pollux): upgrade castor to 0.6.0 (#320)
27b77b2 feat(castor): add support for DID update operation (#306)
af71ba1 ci: disable tsql linter and customise sql-lint linter (#313)
762c0cf ci: use latest megalinter version 6.18 for pre-commit hook (#308)
5661e76 feat(castor): upgrade node client for new key type (#287)
a533507 feat(prism-node): align Prism DID protobuf key type (#286)
7e116a3 feat(prism-agent): implement JDBC did nonsecret storage (#284)
ea10db5 feat(pollux): integrate castor resolver to pollux-jwt-vc library (#250)
27370ab fix(castor): add missing did document field (#251)
0ba3b89 feat(prism-agent): upgrade castor version with DID serviceEndpoint (#229)
8223740 feat(castor): upgrade castor with service in protobuf definition (#224)
8a6bad5 feat(prism-agent): bump dependencies version (#228)
53841d6 feat(prism-node): move api directory / make client releasable (#223)
680ef7b feat(prism-node): add service to prism-node protobuf (#222)
d7618eb infra: make prism-agent wait for db (#218)
e149f58 build(prism-agent): remove mistakenly added sbt settings (#214)
0308b4f feat(prism-agent): remove unused / deprecated DID endpoints (#213)
d5e08ab feat(prism-agent): implement get DIDs endpoint (#198)
7fba9b0 feat(prism-agent): implement DID resolution endpoint (#184)
d72159f feat(castor): implement translation of Node DidData to W3C DidDocument (#182)
e85e7c0 feat(prism-agent): upgrade castor on prism-agent (#141)
56cc1c3 feat(connect): bump up shared version to use 0.2.0
4809414 feat(pollux): fix shared version to 0.2.0
5e3445f feat(castor): update castor to use prism-node protobuf (#136)
14906a6 chore(pollux): upgrade shared lib version (#148)
70555c9 feat(shared): add base64 helper function (#135)
b39e38f ci(prism-node): add prism-node github workflow (#129)
948e864 feat(prism-node): add prism-node scala grpc client generation (#128)
71937da ci: add prism-node commit scope (#127)
a873090 fix(prism-agent): reuse db connection for background job (#102)
9cd1faa ci: rename commit scope agent to prism-agent (#97)
4a88ded feat(agent): integrate key-manage into prism-agent server (#77)
47dc3cd feat: define key-management interface (3) (#71)
a19a781 fix(iris): align type signature (#72)
bcb0991 [ATL-1925] feat(agent): define key-management interface (2) (#66)
6f5534d [ATL-1925] feat(agent): define key-management interface (1) (#63)
8492422 [ATL-1926] feat(castor): implement createPublishedDID (3) (#58)
f6afd38 [ATL-1926] feat(castor): implement createPublishedDID (2) (#53)
4e5260e [ATL-1926] feat(castor): implement createPublishedDID functionality (1) (#48)
24786b9 [ATL-1924] feat: rfc17 repo restructure (#47)
6f25f4c [ATL-1808] feat(castor): update http server for new OAS (#35)
642a2cd [ATL-1759] feat(castor): merge worker and api-server into a single runnable (#28)
45a18c9 [ATL-1759] feat(castor): castor services scaffolding (#24)
ca13854 Merge pull request #13 from input-output-hk/resolve-castor-c4-comment
fa7688c docs(castor): adjust diagram according to review comments
359ffd6 [ATL-1477] add Castor C4 diagram (#6)

Signed-off-by: Pat Losoponkul <[email protected]>
antonbaliasnikov pushed a commit that referenced this pull request Aug 21, 2023
…epo subject to the Developer Certificate of Origin (DCO), Version 1.1.

216ff3a fix(prism-agent): fix OAS on empty DID resolution representation (#616)
4fb1ca7 test: silence migration loggers in tests (#612)
7609e35 build: dependencies updates (#601)
bb1f112 fix(castor): align DID document translation logic (#595)
a1e457a fix(prism-agent): add did-method path segment in HD key derivation (#596)
a8b2f85 build: fix failing build (#597)
fa8c720 docs: improve explanation on DID update lineage (#587)
c0db5c8 fix(pollux): add pagination at db level for getCredentialRecords (#586)
c9e69f6 feat(prism-agent): align DID document service handling with the spec (#582)
24b2300 fix(castor): fix DID parser that failing to parse some DIDs (#581)
e8411dd fix(prism-agent): fix concurrent requests breaking DID index counter (#571)
6a5f9ce fix(prism-agent): decouple secret storage backend from agent (#570)
f450563 chore: cleanup unused oas api template (#566)
d6ff373 test: add key derivation benchmark tests and docs (#563)
3d7696b docs: add new tutorial page on seed generation and fixes (#561)
c3a5d8e fix: log seed error before effect fail (#557)
ee43feb feat(prism-agent): integrate DID secret storage with Vault (#543)
6129baf feat(prism-agent): add support for hierarchical deterministic key with seed (#534)
e36c634 fix(prism-agent): refactor crypto abstraction in the walletAPI (#522)
7bda5b0 chore: cleanup castor and wallet-api unused code (#519)
88eeefd feat(prism-agent): migrate did-registrar endpoint to tapir (#517)
9d587ff feat(prism-agent): migrate DID endpoint to tapir (#511)
8384fe3 feat(castor): add support for context in DID document & operation (#489)
e426a82 feat(prism-node): add context to protobuf definition (#487)
6e5bc5f ci: customize protolint rule in megalinter (#478)
2af6d11 docs: update did tutorial examples (#469)
af356d6 fix(prism-agent): fix incorrect long-form parsing behavior on resolution endpoint (#475)
f269b7e fix(pollux): upgrade castor version (#472)
5ed0978 fix(castor): fix unintended ordering behavior when parsing long-form DID (#471)
1cbb729 feat(prism-agent): add universal-resolver compatible endpoint (#455)
184838c docs: add docusaurus deactivate DID guide (#437)
30d11ff docs: improve DID OAS documentation (#442)
8b34217 docs: add docusaurus DID update guide (#417)
490ae2d docs: docusaurus publish DID guide (#406)
bf03674 fix(prism-agent): avoid race condition when update or deactivate DID (#415)
dd04c3f fix(prism-agent): add consistency to documentation of OAS on DID endpoints (#408)
447817d tests(prism-agent): fix failing e2e Prism DID scenarios (#402)
6a98f70 fix(prism-agent): add uri normalization on UpdateService patch (#401)
cd77edc docs: add create-DID docusaurus guide (#383)
a21e388 feat(prism-agent): add pagination to did-registrar list DID endpoint (#394)
3d08996 feat(prism-agent): fix DID service URI class and improve validation error response message (#389)
757b16b feat(pollux): upgrade castor vertion to 0.8.1 (#388)
f92fed6 fix(castor): use URI that is compliant to RFC3986 (#385)
1aa856f feat(prism-agent): do not create new Prism DID when proof presentation is generated (#378)
253f827 feat(pollux): check prover DID is the same as VC subject when creating a VP (#377)
1305555 test(pollox): make munit tests run (#374)
1c1a171 feat(prism-agent): issue credential to Prism DID holder by Prism DID issuer (#373)
5a1acde feat(pollux): support issuing VC to Prism DID subject by Prism DID issuer (#371)
74e1d21 test(prism-agent): add wallet-api and key-management tests (#362)
b8643a8 feat(prism-agent): upgrade castor and pollux and align OAS to the DID spec (#342)
00a6026 feat(pollux): upgrade castor and update DID public key extraction logic (#339)
7992b80 feat(castor): align castor implementation with DID spec (#336)
29a804f feat(prism-agent): add deactivate DID endpoint (#326)
de180a6 feat(pollux): upgrade castor to 0.7.0 (#330)
5ceb7e9 feat(castor): add support DID deactivate operation (#325)
a934cd4 fix(prism-agent): remove deprecated did-auth endpoints (#324)
a57365f feat(prism-agent): enable update DID operation on prism-agent (#307)
c97624d feat(pollux): upgrade castor to 0.6.0 (#320)
27b77b2 feat(castor): add support for DID update operation (#306)
af71ba1 ci: disable tsql linter and customise sql-lint linter (#313)
762c0cf ci: use latest megalinter version 6.18 for pre-commit hook (#308)
5661e76 feat(castor): upgrade node client for new key type (#287)
a533507 feat(prism-node): align Prism DID protobuf key type (#286)
7e116a3 feat(prism-agent): implement JDBC did nonsecret storage (#284)
ea10db5 feat(pollux): integrate castor resolver to pollux-jwt-vc library (#250)
27370ab fix(castor): add missing did document field (#251)
0ba3b89 feat(prism-agent): upgrade castor version with DID serviceEndpoint (#229)
8223740 feat(castor): upgrade castor with service in protobuf definition (#224)
8a6bad5 feat(prism-agent): bump dependencies version (#228)
53841d6 feat(prism-node): move api directory / make client releasable (#223)
680ef7b feat(prism-node): add service to prism-node protobuf (#222)
d7618eb infra: make prism-agent wait for db (#218)
e149f58 build(prism-agent): remove mistakenly added sbt settings (#214)
0308b4f feat(prism-agent): remove unused / deprecated DID endpoints (#213)
d5e08ab feat(prism-agent): implement get DIDs endpoint (#198)
7fba9b0 feat(prism-agent): implement DID resolution endpoint (#184)
d72159f feat(castor): implement translation of Node DidData to W3C DidDocument (#182)
e85e7c0 feat(prism-agent): upgrade castor on prism-agent (#141)
56cc1c3 feat(connect): bump up shared version to use 0.2.0
4809414 feat(pollux): fix shared version to 0.2.0
5e3445f feat(castor): update castor to use prism-node protobuf (#136)
14906a6 chore(pollux): upgrade shared lib version (#148)
70555c9 feat(shared): add base64 helper function (#135)
b39e38f ci(prism-node): add prism-node github workflow (#129)
948e864 feat(prism-node): add prism-node scala grpc client generation (#128)
71937da ci: add prism-node commit scope (#127)
a873090 fix(prism-agent): reuse db connection for background job (#102)
9cd1faa ci: rename commit scope agent to prism-agent (#97)
4a88ded feat(agent): integrate key-manage into prism-agent server (#77)
47dc3cd feat: define key-management interface (3) (#71)
a19a781 fix(iris): align type signature (#72)
bcb0991 [ATL-1925] feat(agent): define key-management interface (2) (#66)
6f5534d [ATL-1925] feat(agent): define key-management interface (1) (#63)
8492422 [ATL-1926] feat(castor): implement createPublishedDID (3) (#58)
f6afd38 [ATL-1926] feat(castor): implement createPublishedDID (2) (#53)
4e5260e [ATL-1926] feat(castor): implement createPublishedDID functionality (1) (#48)
24786b9 [ATL-1924] feat: rfc17 repo restructure (#47)
6f25f4c [ATL-1808] feat(castor): update http server for new OAS (#35)
642a2cd [ATL-1759] feat(castor): merge worker and api-server into a single runnable (#28)
45a18c9 [ATL-1759] feat(castor): castor services scaffolding (#24)
ca13854 Merge pull request #13 from input-output-hk/resolve-castor-c4-comment
fa7688c docs(castor): adjust diagram according to review comments
359ffd6 [ATL-1477] add Castor C4 diagram (#6)

Signed-off-by: Pat Losoponkul <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants