diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml
new file mode 100644
index 0000000..231fb52
--- /dev/null
+++ b/.github/workflows/helm-release.yml
@@ -0,0 +1,28 @@
+name: Release Charts
+
+on:
+ release:
+ types:
+ - created
+ workflow_dispatch: # This allows the workflow to be triggered manually
+
+jobs:
+ release:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ - name: Configure Git
+ run: |
+ git config user.name "$GITHUB_ACTOR"
+ git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+ - name: Run chart-releaser
+ uses: helm/chart-releaser-action@v1.6.0
+ with:
+ charts_dir: "k8s/charts" # Specify the path to your charts directory
+ env:
+ CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 44644fd..7973785 100644
--- a/pom.xml
+++ b/pom.xml
@@ -93,9 +93,8 @@
eu.europa.ec.dgc
ddcc-gateway-lib
- 2.0.1
+ 2.0.2
-
org.springframework.boot
diff --git a/src/main/java/tng/trustnetwork/keydistribution/entity/TrustedIssuerEntity.java b/src/main/java/tng/trustnetwork/keydistribution/entity/TrustedIssuerEntity.java
index 57a37d0..c18f191 100644
--- a/src/main/java/tng/trustnetwork/keydistribution/entity/TrustedIssuerEntity.java
+++ b/src/main/java/tng/trustnetwork/keydistribution/entity/TrustedIssuerEntity.java
@@ -106,6 +106,12 @@ public class TrustedIssuerEntity {
@Column(name = "signature", nullable = false, length = 6000)
String signature;
+ /**
+ * The domain of the trustedIssuer.
+ */
+ @Column(name = "domain")
+ private String domain;
+
public enum UrlType {
HTTP,
DID
diff --git a/src/main/java/tng/trustnetwork/keydistribution/repository/SignerInformationRepository.java b/src/main/java/tng/trustnetwork/keydistribution/repository/SignerInformationRepository.java
index 627ad7e..532967f 100644
--- a/src/main/java/tng/trustnetwork/keydistribution/repository/SignerInformationRepository.java
+++ b/src/main/java/tng/trustnetwork/keydistribution/repository/SignerInformationRepository.java
@@ -44,10 +44,12 @@ public interface SignerInformationRepository extends JpaRepository getBySubjectHashIsAndCountryIsAndDomainIs(
String subjectHash, String country, String domain);
- @Query("SELECT DISTINCT s.country FROM SignerInformationEntity s")
+ @Query("SELECT DISTINCT s.country FROM SignerInformationEntity s"
+ + " UNION SELECT DISTINCT t.country FROM TrustedIssuerEntity t")
List getCountryList();
- @Query("SELECT DISTINCT s.domain FROM SignerInformationEntity s")
+ @Query("SELECT DISTINCT s.domain FROM SignerInformationEntity s"
+ + " UNION SELECT DISTINCT t.domain FROM TrustedIssuerEntity t")
List getDomainsList();
@Query("SELECT DISTINCT s.group FROM SignerInformationEntity s")
diff --git a/src/main/java/tng/trustnetwork/keydistribution/repository/TrustedIssuerRepository.java b/src/main/java/tng/trustnetwork/keydistribution/repository/TrustedIssuerRepository.java
index f78e6b5..648a09a 100644
--- a/src/main/java/tng/trustnetwork/keydistribution/repository/TrustedIssuerRepository.java
+++ b/src/main/java/tng/trustnetwork/keydistribution/repository/TrustedIssuerRepository.java
@@ -27,4 +27,11 @@
public interface TrustedIssuerRepository extends JpaRepository {
List findAllByUrlTypeIs(TrustedIssuerEntity.UrlType urlType);
+
+ List findAllByUrlTypeIsAndDomainIs(TrustedIssuerEntity.UrlType urlType, String domain);
+
+ List findAllByUrlTypeIsAndCountryIs(TrustedIssuerEntity.UrlType urlType, String country);
+
+ List findAllByUrlTypeIsAndDomainIsAndCountryIs(
+ TrustedIssuerEntity.UrlType urlType, String domain, String country);
}
diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/TrustedIssuerService.java b/src/main/java/tng/trustnetwork/keydistribution/service/TrustedIssuerService.java
index 1a786c4..bcb5a0f 100644
--- a/src/main/java/tng/trustnetwork/keydistribution/service/TrustedIssuerService.java
+++ b/src/main/java/tng/trustnetwork/keydistribution/service/TrustedIssuerService.java
@@ -21,11 +21,8 @@
package tng.trustnetwork.keydistribution.service;
import com.fasterxml.jackson.core.JsonProcessingException;
-import eu.europa.ec.dgc.gateway.connector.mapper.TrustedIssuerMapper;
import eu.europa.ec.dgc.gateway.connector.model.TrustedIssuer;
-import java.util.ArrayList;
import java.util.List;
-import java.util.UUID;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
@@ -57,7 +54,28 @@ public class TrustedIssuerService {
*/
public List getAllDid() {
- return trustedIssuerRepository.findAllByUrlTypeIs(TrustedIssuerEntity.UrlType.DID);
+ return getAllDid(null, null);
+ }
+
+ /**
+ * Method to query the db for DID documents.
+ *
+ * @param domain filter request by domain - set to null to omit this filter
+ * @param country filter request by country - set to null to omit this filter
+ * @return List holding the found trusted issuers.
+ */
+ public List getAllDid(String domain, String country) {
+
+ if (domain != null && country != null) {
+ return trustedIssuerRepository.findAllByUrlTypeIsAndDomainIsAndCountryIs(
+ TrustedIssuerEntity.UrlType.DID, domain, country);
+ } else if (domain == null && country != null) {
+ return trustedIssuerRepository.findAllByUrlTypeIsAndCountryIs(TrustedIssuerEntity.UrlType.DID, country);
+ } else if (domain != null && country == null) {
+ return trustedIssuerRepository.findAllByUrlTypeIsAndDomainIs(TrustedIssuerEntity.UrlType.DID, domain);
+ } else {
+ return trustedIssuerRepository.findAllByUrlTypeIs(TrustedIssuerEntity.UrlType.DID);
+ }
}
/**
diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java b/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java
index d9187a0..db2fcd5 100644
--- a/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java
+++ b/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java
@@ -170,7 +170,7 @@ public void job() {
domain -> didSpecifications.add(new DidSpecification(
List.of(domain),
() -> signerInformationService.getCertificatesByDomain(domain),
- trustedIssuerService::getAllDid)));
+ () -> trustedIssuerService.getAllDid(domain, null))));
// Add all Country and Domain specific DID
domains.forEach(
@@ -178,7 +178,7 @@ public void job() {
country -> didSpecifications.add(new DidSpecification(
List.of(domain, getParticipantCode(country)),
() -> signerInformationService.getCertificatesByCountryDomain(country, domain),
- trustedIssuerService::getAllDid)
+ () -> trustedIssuerService.getAllDid(domain, country))
)));
// Add all Domain independent and country specific DID
@@ -186,7 +186,7 @@ public void job() {
country -> didSpecifications.add(new DidSpecification(
List.of(WILDCARD_CHAR, getParticipantCode(country)),
() -> signerInformationService.getCertificatesByCountry(country),
- trustedIssuerService::getAllDid)));
+ () -> trustedIssuerService.getAllDid(null, country))));
// Add all domain, country and group specific did
domains.forEach(
@@ -195,7 +195,7 @@ public void job() {
group -> didSpecifications.add(new DidSpecification(
List.of(domain, getParticipantCode(country), getMappedGroupName(group)),
() -> signerInformationService.getCertificatesByDomainParticipantGroup(domain, country, group),
- trustedIssuerService::getAllDid)))));
+ Collections::emptyList)))));
// Add all country and group specific did
countries.forEach(
@@ -203,7 +203,7 @@ public void job() {
group -> didSpecifications.add(new DidSpecification(
List.of(WILDCARD_CHAR, getParticipantCode(country), getMappedGroupName(group)),
() -> signerInformationService.getCertificatesByGroupCountry(group, country),
- trustedIssuerService::getAllDid))));
+ Collections::emptyList))));
// Add all domain and group specific did
domains.forEach(
@@ -211,14 +211,14 @@ public void job() {
group -> didSpecifications.add(new DidSpecification(
List.of(domain, WILDCARD_CHAR, getMappedGroupName(group)),
() -> signerInformationService.getCertificatesByDomainGroup(domain, group),
- trustedIssuerService::getAllDid))));
+ Collections::emptyList))));
// Add all group specific did
groups.forEach(
group -> didSpecifications.add(new DidSpecification(
List.of(WILDCARD_CHAR, WILDCARD_CHAR, getMappedGroupName(group)),
() -> signerInformationService.getCertificatesByGroup(group),
- trustedIssuerService::getAllDid)));
+ Collections::emptyList)));
Map didDocuments = new HashMap<>();
didSpecifications.forEach(specification -> didDocuments
@@ -255,7 +255,7 @@ private String generateTrustList(DidSpecification specification, boolean onlyRef
List signerInformationEntities = filterEntities(specification.getCertSupplier().get());
List trustedIssuerEntities = specification.getIssuerSupplier().get();
- if (signerInformationEntities.isEmpty() || trustedIssuerEntities.isEmpty()) {
+ if (signerInformationEntities.isEmpty() && trustedIssuerEntities.isEmpty()) {
log.info("Empty DID for path {}", specification.getPath());
return null;
}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 1691039..24ae187 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -63,6 +63,7 @@ dgc:
type: did
url: did:web:tng-cdn-dev.who.int:trustlist
signature: No-Signature # required because of DB restrictions
+ domain: DCC
enable-trusted-issuer-resolving: false
gateway:
connector:
@@ -111,6 +112,7 @@ dgc:
XB: XXB
XO: XXO
XL: XCL
+ WH: WHO
group-deny-list:
- AUTHENTICATION
- UPLOAD
diff --git a/src/main/resources/db/changelog/create-trusted-issuer-table.yaml b/src/main/resources/db/changelog/create-trusted-issuer-table.yaml
index 76bedec..accf798 100644
--- a/src/main/resources/db/changelog/create-trusted-issuer-table.yaml
+++ b/src/main/resources/db/changelog/create-trusted-issuer-table.yaml
@@ -53,3 +53,6 @@ databaseChangeLog:
type: varchar(6000)
constraints:
nullable: false
+ - column:
+ name: domain
+ type: varchar(50)
diff --git a/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java b/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java
index 6aa61c6..60143d1 100644
--- a/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java
+++ b/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java
@@ -207,9 +207,9 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
didTrustListService.job();
- Assertions.assertEquals(48, uploadArgumentCaptor.getAllValues().size());
+ Assertions.assertEquals(64, uploadArgumentCaptor.getAllValues().size());
- int expectedNullDid = 12;
+ int expectedNullDid = 28;
for (byte[] uploadedDid : uploadArgumentCaptor.getAllValues()) {
@@ -237,13 +237,21 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist");
+
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC:XEU:DSC":
Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU:DSC", parsed.getController());
- Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC:XEU:DSC");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC":
Assertions.assertEquals("did:web:abc:trustlist:DCC", parsed.getController());
@@ -253,127 +261,207 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC");
+
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:-:XEU":
Assertions.assertEquals("did:web:abc:trustlist:-:XEU", parsed.getController());
- Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(3, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:-:XEU");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:-:XEU");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:-:DEU":
Assertions.assertEquals("did:web:abc:trustlist:-:DEU", parsed.getController());
- Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(3, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:-:DEU");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:-:DEU");
+
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC:XEU:CSA":
Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU:CSA", parsed.getController());
- Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:DCC:XEU:CSA");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC:DEU:DSC":
Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU:DSC", parsed.getController());
- Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC:DEU:DSC");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC:DEU:CSA":
Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU:CSA", parsed.getController());
- Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:DCC:DEU:CSA");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC:DEU":
Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU", parsed.getController());
- Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(3, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC:DEU");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:DCC:DEU");
+
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC:XEU":
Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU", parsed.getController());
- Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(3, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC:XEU");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:DCC:XEU");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:-:XEU:DSC":
Assertions.assertEquals("did:web:abc:trustlist:-:XEU:DSC", parsed.getController());
- Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:-:XEU:DSC");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:-:DEU:DSC":
Assertions.assertEquals("did:web:abc:trustlist:-:DEU:DSC", parsed.getController());
- Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:-:DEU:DSC");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:-:DEU:CSA":
Assertions.assertEquals("did:web:abc:trustlist:-:DEU:CSA", parsed.getController());
- Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:-:DEU:CSA");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:-:-:CSA":
Assertions.assertEquals("did:web:abc:trustlist:-:-:CSA", parsed.getController());
- Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(2, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:-:-:CSA");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:-:-:CSA");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:-:-:DSC":
Assertions.assertEquals("did:web:abc:trustlist:-:-:DSC", parsed.getController());
- Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(2, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:-:-:DSC");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:-:-:DSC");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:-:XEU:CSA":
Assertions.assertEquals("did:web:abc:trustlist:-:XEU:CSA", parsed.getController());
- Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:-:XEU:CSA");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC:-:DSC":
Assertions.assertEquals("did:web:abc:trustlist:DCC:-:DSC", parsed.getController());
- Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(2, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC:-:DSC");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC:-:DSC");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
case "did:web:abc:trustlist:DCC:-:CSA":
Assertions.assertEquals("did:web:abc:trustlist:DCC:-:CSA", parsed.getController());
- Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+ Assertions.assertEquals(2, parsed.getVerificationMethod().size());
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:DCC:-:CSA");
assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:DCC:-:CSA");
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
+ break;
+ case "did:web:abc:trustlist:-:XY":
+ Assertions.assertEquals("did:web:abc:trustlist:-:XY", parsed.getController());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
+ break;
+ case "did:web:abc:trustlist:DCC:XY":
+ Assertions.assertEquals("did:web:abc:trustlist:DCC:XY", parsed.getController());
+ Assertions.assertEquals(1, parsed.getVerificationMethod().size());
+
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
+ Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
+ Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
break;
default:
if (!parsed.getId().contains("trustlist-ref")) {
@@ -385,10 +473,6 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
private void checkJsonDocument(SignedDidTrustList parsed) throws JsonProcessingException {
- Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer"));
- Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer"));
- Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer"));
-
Assertions.assertEquals(2, parsed.getContext().size());
Assertions.assertEquals("JsonWebSignature2020", parsed.getProof().getType());
Assertions.assertTrue(
diff --git a/src/test/java/tng/trustnetwork/keydistribution/testdata/TrustedIssuerTestHelper.java b/src/test/java/tng/trustnetwork/keydistribution/testdata/TrustedIssuerTestHelper.java
index b880bd2..6922b88 100644
--- a/src/test/java/tng/trustnetwork/keydistribution/testdata/TrustedIssuerTestHelper.java
+++ b/src/test/java/tng/trustnetwork/keydistribution/testdata/TrustedIssuerTestHelper.java
@@ -47,6 +47,7 @@ public TrustedIssuerEntity createTrustedIssuer(final String country) {
trustedIssuer.setThumbprint("thumbprint");
trustedIssuer.setKeyStorageType("JWKS");
trustedIssuer.setSignature("sig");
+ trustedIssuer.setDomain("DCC");
return trustedIssuer;
}