Skip to content

Commit

Permalink
Merge branch 'main' into coveralls-badge
Browse files Browse the repository at this point in the history
  • Loading branch information
yshyn-iohk authored May 3, 2024
2 parents 1fa6e50 + 32ec1f6 commit 556c6c7
Show file tree
Hide file tree
Showing 15 changed files with 50 additions and 51 deletions.
6 changes: 3 additions & 3 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@
# Pollux:
/pollux/ @patlo-iog @CryptoKnightIOG @mineme0110

# PRISM Agent:
/prism-agent/ @bvoiturier @yshyn-iohk @patlo-iog
# Cloud Agent:
/cloud-agent/ @bvoiturier @yshyn-iohk @patlo-iog

# CI pipelines:
/.github/ @mineme0110
/.github/ @mineme0110 @patlo-iog

# PRISM Node:
/prism-node/ @shotexa
Expand Down
4 changes: 2 additions & 2 deletions .github/labeler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,10 @@ pollux:
- changed-files:
- any-glob-to-any-file:
- pollux/**/*
prism-agent:
cloud-agent:
- changed-files:
- any-glob-to-any-file:
- prism-agent/**/*
- cloud-agent/**/*
prism-node:
- changed-files:
- any-glob-to-any-file:
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ name: MegaLinter

on:
pull_request:
workflow_dispatch:

env: # Comment env block if you don't want to apply fixes
# Apply linter fixes configuration
Expand Down Expand Up @@ -66,6 +65,8 @@ jobs:
uses: peter-evans/create-pull-request@v6
with:
token: ${{ secrets.GITHUB_TOKEN }}
base: ${{ github.head_ref }}
branch-suffix: short-commit-hash
commit-message: "style: apply linters automatic fixes"
title: "style: apply linters automatic fixes"
signoff: true
Expand Down
8 changes: 4 additions & 4 deletions cloud-agent/service/README.md
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
# PrismAgent service
# CloudAgent service

## Quickstart

### Running PrismAgent service locally
### Running CloudAgent service locally

see `./infrastucture/local/README.md` for instruction

---

## DID key management

`prism-agent` is a cloud agent that represents the digital identity (is a DID controller)
`cloud-agent` is a cloud agent that represents the digital identity (is a DID controller)
of the Issuing / Verification organization. As a DID controller, it needs to perform
the operation with private and public keys through the Wallet API abstraction level.
The interface for key-mangement is heavily inspired by
Expand All @@ -31,7 +31,7 @@ Basic documentation on how to execute the Connect flow from command line can be
Basic documentation on how to execute the Issue flow from the command line can be found [here](./issue.md).

---
## Presnt Proof flow
## Present Proof flow
Basic documentation on how to execute the Present Proof flow from the command line can be found [here](./present-proof.md).


Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ import org.hyperledger.identus.verification.controller.VcVerificationServerEndpo
import zio.*
import zio.metrics.*

object PrismAgentApp {
object CloudAgentApp {

def run = for {
_ <- AgentInitialization.run
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ object MainApp extends ZIOAppDefault {
_ <- preMigrations
_ <- migrations

app <- PrismAgentApp.run
app <- CloudAgentApp.run
.provide(
DidCommX.liveLayer,
// infra
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import zio.test.*
import zio.test.Assertion.*
import zio.test.ZIOSpecDefault

/** prismAgentServer/testOnly io.iohk.atala.agent.server.config.AppConfigSpec */
object AppConfigSpec extends ZIOSpecDefault {

private val baseVaultConfig = VaultConfig(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -73,13 +73,13 @@ sequenceDiagram
actor Admin
actor User
participant Client
participant PrismAgent
participant CloudAgent
participant Keycloak
autonumber
Admin ->> PrismAgent: Create a new wallet
PrismAgent ->> Keycloak: Register a new resource
Admin ->> CloudAgent: Create a new wallet
CloudAgent ->> Keycloak: Register a new resource
Admin ->> Keycloak: Create a new user
Admin ->> Keycloak: Create a new user-credential
Admin ->> Keycloak: Create a new permission
Expand All @@ -93,7 +93,7 @@ sequenceDiagram
actor Admin
actor User
participant Client
participant PrismAgent
participant CloudAgent
participant Keycloak
autonumber
Expand All @@ -103,17 +103,17 @@ sequenceDiagram
Client ->> Keycloak: Login with preconfigured flow
Keycloak ->> Client: JWT AccessToken
User ->> Client: Check my VC
Client ->> PrismAgent: Get CredentialRecord
Client ->> CloudAgent: Get CredentialRecord
opt Bearer token is not RPT
PrismAgent ->> Keycloak: Get permissions
Keycloak ->> PrismAgent: Permitted resource(s)
CloudAgent ->> Keycloak: Get permissions
Keycloak ->> CloudAgent: Permitted resource(s)
end
alt is permitted
PrismAgent ->> Client: CredentialRecord
CloudAgent ->> Client: CredentialRecord
else is not permitted
PrismAgent ->> Client: 403 Forbidden
CloudAgent ->> Client: 403 Forbidden
end
```

Expand Down
40 changes: 20 additions & 20 deletions docs/docusaurus/connections/connection.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,19 +9,19 @@ allowing them to exchange information and interact.

The connection protocol has two roles:

1. [Inviter](/docs/concepts/glossary#inviter): A subject that initiates a connection request by sending a [connection invitation](/docs/concepts/glossary#connection-invitation).
2. [Invitee](/docs/concepts/glossary#invitee): A subject that receives a connection invitation and accepts it by sending a [connection request](/docs/concepts/glossary#connection-request).
1. [Inviter](/docs/concepts/glossary#inviter): A subject that initiates a connection request by sending a [connection invitation](/docs/concepts/glossary#connection-invitation).
2. [Invitee](/docs/concepts/glossary#invitee): A subject that receives a connection invitation and accepts it by sending a [connection request](/docs/concepts/glossary#connection-request).

## Prerequisites

1. Inviter and Invitee Cloud Agents up and running

## Identus Cloud Agent endpoints overview
## Cloud Agent endpoints overview

The protocol uses the following REST API endpoints:

1. [`/connections`](/agent-api/#tag/Connections-Management):
- [`POST`](/agent-api/#tag/Connections-Management/operation/createConnection): Creates a new connection and returns an invitation
- [`POST`](/agent-api/#tag/Connections-Management/operation/createConnection): Creates a new connection and returns an invitation
- [`GET`](/agent-api/#tag/Connections-Management/operation/getConnections): Returns a list of connections
2. [`GET /connections/{connectionId}`](/agent-api/#tag/Connections-Management/operation/getConnection): Returns an existing connection record by id
3. [`POST /connection-invitations`](/agent-api/#tag/Connections-Management/operation/acceptConnectionInvitation): Accepts an externally received invitation
Expand All @@ -32,10 +32,10 @@ Please check the full [Cloud Agent API](/agent-api) specification for more detai

## Inviter Flow

1. Generate and share a new Out-of-Band (OOB) invitation (connection gets created in `InvitationGenerated` state)
2. Receive a connection request from the Invitee (connection moves to `ConnectionRequestReceived` state)
3. Accept the connection request (connection moves to `ConnectionResponsePending` state)
4. Send the connection response via the DIDComm Agent (connection achieves `ConnectionResponseSent` state)
1. Generate and share a new Out-of-Band (OOB) invitation (connection gets created in `InvitationGenerated` state)
2. Receive a connection request from the Invitee (connection moves to `ConnectionRequestReceived` state)
3. Accept the connection request (connection moves to `ConnectionResponsePending` state)
4. Send the connection response via the DIDComm Agent (connection achieves `ConnectionResponseSent` state)

The following diagram represents the Inviter's Connection state transitions:
```mermaid
Expand All @@ -53,10 +53,10 @@ ConnectionResponseSent --> [*]

## Invitee Flow

1. Receive the OOB invitation (`InvitationReceived` state)
2. Accept the invitation (connection is created in `ConnectionRequestPending` state)
3. Send the connection request via [DIDComm](/docs/concepts/glossary#didcomm) (connection achieves `ConnectionRequestSent` state)
4. Receive the connection response (connection achieves `ConnectionResponseReceived` state)
1. Receive the OOB invitation (`InvitationReceived` state)
2. Accept the invitation (connection is created in `ConnectionRequestPending` state)
3. Send the connection request via [DIDComm](/docs/concepts/glossary#didcomm) (connection achieves `ConnectionRequestSent` state)
4. Receive the connection response (connection achieves `ConnectionResponseReceived` state)

The following diagram represents the Invitee's Connection state transitions:
```mermaid
Expand Down Expand Up @@ -85,10 +85,10 @@ The following example demonstrates how you could use two Cloud Agent APIs to set

```shell
curl -X 'POST' \
'http://localhost:8080/prism-agent/connections' \
-H 'Content-Type: application/json' \
-H "apikey: $API_KEY" \
-d '{ "label": "Connect with Alice" }' | jq
'http://localhost:8080/prism-agent/connections' \
-H 'Content-Type: application/json' \
-H "apikey: $API_KEY" \
-d '{ "label": "Connect with Alice" }' | jq
```

Example response:
Expand All @@ -114,10 +114,10 @@ Example response:
Replace `{RAW_INVITATION}` with the value of the '_oob' query string parameter from the invitation URL above
```shell
curl -X 'POST' \
'http://localhost:8090/prism-agent/connection-invitations' \
-H 'Content-Type: application/json' \
-H "apikey: $API_KEY" \
-d '{ "invitation": "{RAW_INVITATION}" }' | jq
'http://localhost:8090/prism-agent/connection-invitations' \
-H 'Content-Type: application/json' \
-H "apikey: $API_KEY" \
-d '{ "invitation": "{RAW_INVITATION}" }' | jq
```

Example response:
Expand Down
4 changes: 2 additions & 2 deletions docs/docusaurus/credentialdefinition/create.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Create the Credential Definition

The Identus Cloud Agent exposes REST API for creation, fetching, and searching the [credential definition](/docs/concepts/glossary#credential-definition) records.
The Cloud Agent exposes REST API for creation, fetching, and searching the [credential definition](/docs/concepts/glossary#credential-definition) records.

The OpenAPI specification and ReDoc documentation describe the endpoint.

Expand Down Expand Up @@ -131,7 +131,7 @@ You should receive a response containing the JSON object representing the creden
}
```

Remember, in the Identus Cloud Agent, the combination of author, id, and version uniquely identifies each credential definition. Thus, using the same agent DID as the author, you cannot establish another credential definition with identical id and version values.
Remember, in the Cloud Agent, the combination of author, id, and version uniquely identifies each credential definition. Thus, using the same agent DID as the author, you cannot establish another credential definition with identical id and version values.

### 4. Update the Credential Definition

Expand Down
2 changes: 1 addition & 1 deletion docs/docusaurus/multitenancy/tenant-migration.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ In the migration process from `apikey` to `JWT`, there is only one role:

1. Keycloak up and running
2. Keycloak is configured the same as in [Tenant Onboarding Self-Service](./tenant-onboarding-self-service.md)
3. The Cloud Agent up and running
3. The Cloud Agent is up and running
4. The Cloud Agent is configured the same as in [Tenant Onboarding Self-Service](./tenant-onboarding-self-service.md)
5. The user has access to the wallet using `apikey`. (See [Tenant Onboarding](./tenant-onboarding.md))
6. The user has an account registered on Keycloak
Expand Down
4 changes: 2 additions & 2 deletions docs/docusaurus/multitenancy/tenant-onboarding-ext-iam.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ In tenant management with external IAM, there are 2 roles:
1. A realm called `my-realm` is created
2. A client called `prism-agent` under `my-realm` with __authorization__ feature is created. (See [create client instruction](https://www.keycloak.org/docs/latest/authorization_services/index.html#_resource_server_create_client))
3. Make sure the `prism-agent` client has __direct access grants__ enabled to simplify the login process for this tutorial
3. the Cloud Agent up and running
3. the Cloud Agent is up and running
4. the Cloud Agent is configured with the following environment variables:
1. `ADMIN_TOKEN=my-admin-token`
2. `DEFAULT_WALLET_ENABLED=false`
Expand Down Expand Up @@ -125,7 +125,7 @@ Response Example:

There are multiple ways to complete this step.
The goal is to ensure the user has registered on Keycloak.
Keycloak offers great flexibility, allowing users to self-register,
Keycloak offers great flexibility, allowing users to self-register,
For this tutorial, we will generate the user manually using Keycloak admin API for simplicity.

The first step is to get an admin token from Keycloak using the username and password.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ In self-service tenant management with external IAM, there is only one role:
2. A client called `prism-agent` under `my-realm` with __authorization__ feature is created. (See [create client instruction](https://www.keycloak.org/docs/latest/authorization_services/index.html#_resource_server_create_client))
3. Make sure the `prism-agent` client has __direct access grants__ enabled to simplify the login process for this tutorial.
4. Make sure to [allow user self-registration](https://www.keycloak.org/docs/latest/server_admin/index.html#con-user-registration_server_administration_guide).
3. The Cloud Agent up and running
3. The Cloud Agent is up and running
4. The Cloud Agent is configured with the following environment variables:
1. `ADMIN_TOKEN=my-admin-token`
2. `DEFAULT_WALLET_ENABLED=false`
Expand Down
3 changes: 1 addition & 2 deletions docs/docusaurus/multitenancy/tenant-onboarding.md
Original file line number Diff line number Diff line change
Expand Up @@ -130,8 +130,7 @@ Response Example:

With the new tenant now equipped with both a wallet and an entity,
the final step involves setting up the entity's authentication method.
Once this step is completed, the administrator should provide the tenant with an `apikey`, granting them access to
utilize the Agent.
Once this step is completed, the administrator should provide the tenant with an `apikey`, granting them access to utilize the Agent.

```bash
curl -X 'POST' \
Expand Down
2 changes: 1 addition & 1 deletion docs/general/key-derivation-benchmark.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ The tests are being ignored to avoid running them on CI. When running locally,
the ignore aspect should be removed and the test can be run by

```bash
sbt prismAgentWalletAPI/'testOnly -- -tag benchmark'
sbt agentWalletAPI/'testOnly -- -tag benchmark'
```

## Scenario
Expand Down

0 comments on commit 556c6c7

Please sign in to comment.