[INJICERT-642] add dev & integrator docs #145
Conversation
Topics: * add plugin docs * add local development & setup guide * add docs for hosting a DID document Signed-off-by: Harsh Vardhan <[email protected]>
There was a problem hiding this comment.
Overall the documents in the PR has come out well.
Good job @vharsh
| @@ -0,0 +1,101 @@ | |||
| import os | |||
There was a problem hiding this comment.
Is it possible to move these 3 files under this folder inside the below document as code sections and ask user to create these as files and then run ?
I know it will make it a little difficult for user, but currently we don't have a utils folder and we are introducing one with a python script (deviation from the current stack used in the repo) for this usecase. Which will become unnecessary in the next release of Inji certify, since we will be serving the DID document directly from Inji certify service.
There was a problem hiding this comment.
Hitesh and I had plans to dump some sample files and other scripts, schema-context.json examples, etc here. Should I move this to docs/multibase-script as this directory is supposed to just contain docs.
a little difficult for user,
I've added relative path links to this script, it'll be easy to find but slightly harder to maintain(if we remove the script later on).
docker-compose/docker-compose-injistack/config/certify-mock-identity.properties
Show resolved
Hide resolved
|
|
||
| ## How to choose to implement either one? | ||
|
|
||
| - An integrator can choose to implement VCIssuancePlugin interface if they want to implement the VC Signing by themselves. This gives more power to the VC Plugin authors in choosing to support their own formats, signing algorithms which may or may not be supported by Certify. |
There was a problem hiding this comment.
This has to come out little differently, we have to say if the implementor already has a VC generation system in place and wishes to use that and use the certify only for delivering the VC in OpenID4VCI way to the holder
There was a problem hiding this comment.
Changing it to...
- An integrator can choose to implement VCIssuancePlugin interface if they want to implement the VC Signing by themselves or already have a working/existing VC Generation System. This gives more power to the VC Plugin authors in choosing to support their own formats, signing algorithms which may or may not be supported by Certify and only using the Certify for delivering the VC in an OpenID4VCI compatible way to open up to a wider ecosystem of clients which are also compatible with the standard.
- There may be a case, where an integrator might want Certify to deal with fewer aspects of VCIssuance, in this case the implementors can choose to implement DataProviderPlugin interface and only implement the business logic required to fetch the data based on the claims object.
- Both plugins can leave some aspects of the configuration to the Certify's configuration provider which can be a bunch of static config files or something such as Spring Config Server.
| | VC Signing | managed by the plugin itself | done by Inji Certify itself | | ||
| | Credential Creation | done by the plugin itself | done by plugin itself | | ||
| | Signing key management | can be done by plugin or delegated to keymanager lib | done by Inji Certify end-to-end via keymanager | | ||
| | VC Issuance | done by the plugin completely | data is given by the plugin, VC issuance is done by Inji Certify | |
There was a problem hiding this comment.
this table to be little more simplified. what is the VC signing vs credential creation ?
Also, is it not implicitly understood that whoever is doing the VC signing will maintain the signing keys ?
| - Docker and Docker Compose installed on your system | ||
| - Git (to clone the repository) | ||
| - Basic understanding of Docker and container operations | ||
| - Relevant Postman collections are [here](../../docs/postman-collections/), please add the `mock` ones and install the [pmlib library](https://joolfe.github.io/postman-util-lib/) as per the rules given under the heading `Postman Collection`. | ||
|
|
||
| ### Building inji-web-proxy | ||
| Before running the docker-compose, you need to build the inji-web-proxy image: | ||
|
|
||
| ```bash | ||
| # Clone the repository | ||
| git clone https://github.com/mosip/inji-web.git -b release-0.11.x |
There was a problem hiding this comment.
Please check the status on this with Inji web team, since they may move away from using the proxy project to nginx config and this step might not work
https://mosip.atlassian.net/browse/INJIWEB-1213
| @@ -0,0 +1,131 @@ | |||
| # Creating a DID Document | |||
There was a problem hiding this comment.
I don't see link in the docker compose readme file to this document
There was a problem hiding this comment.
I've added a link to this file from the docker compose README.md
| # Build the Docker image | ||
| docker build -t inji-web-proxy:local . | ||
| ``` | ||
|
|
||
| ## Directory Structure Setup | ||
|
|
There was a problem hiding this comment.
"Ensure all configuration files are properly updated in the config directory" - this is very level for someone to just try out a usecase using docker componse.
Can we give specific configuration they have to change ?
Like the mosip.certify.issuer.uri and mosip.certify.issuer.pub.key for example, since this needs to be changed once the did document setup is done.
| # Build the Docker image | ||
| docker build -t inji-web-proxy:local . | ||
| ``` | ||
|
|
||
| ## Directory Structure Setup | ||
|
|
||
| Create the following directory structure before proceeding: | ||
|
|
There was a problem hiding this comment.
Change the below property file, since we don't want to point default to hitesh github file for csv changes.
mosip.certify.plugin.csv.file.uri=/home/mosip/config/farmer_identity_data.csv
There was a problem hiding this comment.
Below changes in docker compose are required for this.
volumes:
- ./config/certify-default.properties:/home/mosip/config/certify-default.properties
- ./config/certify-mock-identity.properties:/home/mosip/config/certify-mock-identity.properties
- ./config/farmer_identity_data.csv:/home/mosip/config/farmer_identity_data.csv
- ./data/CERTIFY_PKCS12:/home/mosip/CERTIFY_PKCS12
- ./loader_path/certify/:/home/mosip/additional_jars/
| # Build the Docker image | ||
| docker build -t inji-web-proxy:local . | ||
| ``` | ||
|
|
||
| ## Directory Structure Setup | ||
|
|
||
| Create the following directory structure before proceeding: | ||
|
|
||
| ``` |
There was a problem hiding this comment.
Have a CSV file along with photo, so the VC is created with photo
This means the context file, template all should have the photo also.
The default context file and did keys use the mosip-config github pages onces
| ### Building inji-web-proxy | ||
| Before running the docker-compose, you need to build the inji-web-proxy image: | ||
|
|
||
| ```bash | ||
| # Clone the repository | ||
| git clone https://github.com/mosip/inji-web.git -b release-0.11.x | ||
| cd inji-web/inji-web-proxy | ||
| ``` |
There was a problem hiding this comment.
password config update step is missing for using the oidckeystore.p12 file of collab.
mosip.oidc.p12.password=
|
|
||
| ```bash |
There was a problem hiding this comment.
Nginx port uses 80, which is generally tough to be allowed in developer machines. please change to 8081 in the docker compose file.
container_name: nginx
image: nginx:alpine
ports:
- '8081:80'
|
|
||
| ```bash | ||
| # Build the Docker image | ||
| docker build -t inji-web-proxy:local . |
There was a problem hiding this comment.
Use case in the docker compose is Farmer, but the mimoto config file below calls out as Mock which need to be changed correctly.
docker-compose/docker-compose-injistack/config/mimoto-issuers-config.json
|
Running Certify in IntelliJ produces the error below {"@timestamp":"2024-12-16T08:44:16.493+02:00","@Version":"1","message":"Fetching config from server at : http://localhost:8888","logger_name":"org.springframework.cloud.config.client.ConfigServicePropertySourceLocator","thread_name":"main","level":"INFO","level_value":20000,"appName":"certify,certify-plugin"} Process finished with exit code 1 |
Topics: