Merge branch 'main' into feature/322_backup_recovery

.eslintrc

@@ -18,13 +18,11 @@
   ],
   "plugins": [
     "@typescript-eslint",
-    "react",
     "unused-imports"
   ],
   "extends": [
     "eslint:recommended",
     "plugin:@typescript-eslint/recommended",
-    "plugin:react/recommended"
   ],
   "rules": {
     "comma-dangle": 0,
@@ -48,16 +46,12 @@
     "unused-imports/no-unused-imports": "error",
     "unused-imports/no-unused-vars": "off"
   },
-  "settings": {
-    "react": {
-      "version": "detect"
-    }
-  },
+  "settings": {},
   "env": {
     "browser": true,
     "node": true,
     "jasmine": true,
     "jest": true,
     "es2021": true
   }
-}
+}

.github/workflows/ci.yml

@@ -53,6 +53,14 @@ jobs:
       - name: Run coverage test
         run: npm run coverage
 
+      - name: Test integration node-cjs
+        working-directory: integration-tests/node/cjs
+        run: npm i && node test.cjs
+
+      - name: Test integration node-esm
+        working-directory: integration-tests/node/esm
+        run: npm i && node test.mjs
+
       - name: Npm audit
         uses: oke-py/[email protected]
         with:

README.md

@@ -74,11 +74,14 @@ npm run dev
 ```
 
 ### Implementing storage for the SDK
-This SDK exposes Pluto, which manages data schemas, migrations for you, but requires a Pluto.Store which needs to be implemented by the user, as this is particular to your use case.
+Pluto, the SDK storage layer, is not a complete solution and requires some work. To make this as simple as possible there are multiple options of different complexity provided. These options are discussed in more detail in the Pluto module.
+[Read more here.](./src/pluto/README.md)
 
-Provided demo implementations are intentionally oversimplified and **should not** be used in production.
+> [!WARNING]  
+> Provided demo implementations are intentionally oversimplified and **should not** be used in production.
 
-Example community implementations:
+
+#### Example community implementations:
 - [atala-community-projects/pluto-encrypted](https://github.com/atala-community-projects/pluto-encrypted): InMemory, IndexDB, LevelDB, as well as a test-suite to help you build your own.
 
 

demos/next-sdjwt-workshop/.eslintrc.json

@@ -0,0 +1,3 @@
+{
+  "extends": "next/core-web-vitals"
+}

demos/next-sdjwt-workshop/.gitignore

@@ -0,0 +1,36 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+.yarn/install-state.gz
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# local env files
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts

demos/next-sdjwt-workshop/README.md

@@ -0,0 +1,49 @@
+<p align="center">
+  <a href="https://www.hyperledger.org/projects/identus">
+    <img src="https://cdn.jsdelivr.net/gh/hyperledger/[email protected]/resources/images/hyperledger-identus.svg" alt="identus-logo" width="513px" height="99px" />
+  </a>
+  <br>
+  <i> <font size="18">SDJWT Workshop Typescript</font> </i>
+  <br>
+</p>
+<hr>
+
+# Introduction
+This workshop will show you how to Issue and Verify a SD-JWT Credential and Presentation using connectionless flows, meaning, you won't need to establish a didcomm connection between the Issuer, Holder and Verifier.
+
+### **What Can I expect from this workshop?**
+
+You will learn everything that is needed to receive an Issued SD-JWT credential from the Cloud Agent and then use this credential to respond to a Presentation Submission request.
+
+### **What are connectionless flows?**
+
+In this presentation we won't be using [DIDComm Connections](https://hyperledger.github.io/identus-docs/docs/concepts/multi-tenancy#didcomm-connections) but instead we will generate Out of Band (OOB) codes for Issuance and Verification.
+
+You will then receive and process this OOB in your Edge Agent and run the corresponding flow:
+1. Create the Credential Request from the Credential Offer
+2. Create the Presentation Submission from the Verification Request
+
+### Components
+All documentation on how to deploy each service is inside the workshop just open the project and copy the commands:
+
+1. Cloud Agent
+2. Mediator
+3. Typescript SDK
+
+# Workshop
+
+In order to run this workshop you must run the following commands:
+
+```bash
+git clone [email protected]:hyperledger/identus-edge-agent-sdk-ts.git
+```
+
+Then, move to the demo directory in ./demos/next-sdjwt-workshop
+
+```bash
+cd demos/next-sdjwt-workshop
+npm i
+npm run dev
+```
+
+**This create a site on http://localhost:3000, open the link and continue with the on screen instructions to continue the workshop**

demos/next-sdjwt-workshop/dbs/mongo-initdb.js

@@ -0,0 +1,37 @@
+db.createUser({
+    user: "admin",
+    pwd: "admin",
+    roles: [
+        { role: "readWrite", db: "mediator" }
+    ]
+});
+
+const database = 'mediator';
+const collectionDidAccount = 'user.account';
+const collectionMessages = 'messages';
+const collectionMessagesSend = 'messages.outbound';
+
+// The current database to use.
+use(database);
+
+// Create  collections.
+db.createCollection(collectionDidAccount);
+db.createCollection(collectionMessages);
+db.createCollection(collectionMessagesSend);
+
+//create index
+db.getCollection(collectionDidAccount).createIndex({ 'did': 1 }, { unique: true });
+// Only enforce uniqueness on non-empty arrays
+db.getCollection(collectionDidAccount).createIndex({ 'alias': 1 }, { unique: true, partialFilterExpression: { "alias.0": { $exists: true } } });
+db.getCollection(collectionDidAccount).createIndex({ "messagesRef.hash": 1, "messagesRef.recipient": 1 });
+
+// There are 2 message types  `Mediator`  and `User` Please follow the Readme for more details in the section Mediator storage
+const expireAfterSeconds = 7 * 24 * 60 * 60; // 7 day * 24 hours * 60 minutes * 60 seconds
+db.getCollection(collectionMessages).createIndex(
+    { ts: 1 },
+    {
+        name: "message-ttl-index",
+        partialFilterExpression: { "message_type": "Mediator" },
+        expireAfterSeconds: expireAfterSeconds
+    }
+)

demos/next-sdjwt-workshop/dbs/postgres-init-script.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+
+set -e
+set -u
+
+function create_user_and_database() {
+	local database=$1
+	local app_user=${database}-application-user
+	echo "  Creating user and database '$database'"
+
+	# Check if user exists
+	user_exists=$(psql -U "$POSTGRES_USER" -tAc "SELECT 1 FROM pg_catalog.pg_roles WHERE rolname = '$app_user'")
+	if [ "$user_exists" != "1" ]; then
+		psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+			      CREATE USER "$app_user" WITH PASSWORD 'password';
+		EOSQL
+	else
+		echo "  User '$app_user' already exists, skipping creation."
+	fi
+
+	# Check if database exists
+	db_exists=$(psql -U "$POSTGRES_USER" -tAc "SELECT 1 FROM pg_database WHERE datname = '$database'")
+	if [ "$db_exists" != "1" ]; then
+		psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+			        CREATE DATABASE $database;
+		EOSQL
+	else
+		echo "  Database '$database' already exists, skipping creation."
+	fi
+
+	# Grant privileges
+	psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+		      \c $database
+		      ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO "$app_user";
+	EOSQL
+}
+
+if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then
+	echo "Multiple database creation requested: $POSTGRES_MULTIPLE_DATABASES"
+	for db in $(echo $POSTGRES_MULTIPLE_DATABASES | tr ',' ' '); do
+		create_user_and_database $db
+	done
+	echo "Multiple databases created"
+fi

demos/next-sdjwt-workshop/dbs/postgres-max_conns.sql

@@ -0,0 +1 @@
+ALTER SYSTEM SET max_connections = 500;

demos/next-sdjwt-workshop/docker-compose.yaml

@@ -0,0 +1,116 @@
+services:
+
+  ########################################
+  ### Identus Cloud Agent & PRISM Node ###
+  ########################################
+
+  db:
+    image: postgres:13
+    network_mode: "host"
+    environment:
+      POSTGRES_MULTIPLE_DATABASES: "pollux,connect,agent,node_db"
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+    volumes:
+      - pg_data_db:/var/lib/postgresql/data
+      - ./dbs/postgres-init-script.sh:/docker-entrypoint-initdb.d/init-script.sh
+      - ./dbs/postgres-max_conns.sql:/docker-entrypoint-initdb.d/max_conns.sql
+    healthcheck:
+      test: [ "CMD", "pg_isready", "-U", "postgres", "-d", "agent" ]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
+  prism-node:
+    image: ghcr.io/input-output-hk/prism-node:2.4.1
+    network_mode: "host"
+    environment:
+      NODE_PSQL_HOST: localhost:5432
+    depends_on:
+      db:
+        condition: service_healthy
+
+  cloud-agent:
+    image: ghcr.io/hyperledger/identus-cloud-agent:1.40.0
+    network_mode: "host"
+    ports:
+      - "8085:8085" # API endpoint
+      - "8090:8090" # DIDComm endpoint
+    environment:
+      POLLUX_DB_HOST: localhost
+      POLLUX_DB_PORT: 5432
+      POLLUX_DB_NAME: pollux
+      POLLUX_DB_USER: postgres
+      POLLUX_DB_PASSWORD: postgres
+      CONNECT_DB_HOST: localhost
+      CONNECT_DB_PORT: 5432
+      CONNECT_DB_NAME: connect
+      CONNECT_DB_USER: postgres
+      CONNECT_DB_PASSWORD: postgres
+      AGENT_DB_HOST: localhost
+      AGENT_DB_PORT: 5432
+      AGENT_DB_NAME: agent
+      AGENT_DB_USER: postgres
+      AGENT_DB_PASSWORD: postgres
+      PRISM_NODE_HOST: localhost
+      PRISM_NODE_PORT: 50053
+      POLLUX_STATUS_LIST_REGISTRY_PUBLIC_URL: http://localhost:8085/cloud-agent
+      DIDCOMM_SERVICE_URL: http://localhost:3000/didcomm
+      REST_SERVICE_URL: http://localhost:8085/cloud-agent
+      SECRET_STORAGE_BACKEND: postgres
+      DEV_MODE: true
+      API_KEY_ENABLED: false
+    depends_on:
+      db:
+        condition: service_healthy
+      prism-node:
+        condition: service_started
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://cloud-agent:8085/_system/health" ]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+
+  ################
+  ### MEDIATOR ###
+  ################
+
+  mongo:
+    image: mongo:6.0
+    network_mode: "host"
+    ports:
+      - "27017:27017"
+    command: [ "--auth" ]
+    environment:
+      - MONGO_INITDB_ROOT_USERNAME=admin
+      - MONGO_INITDB_ROOT_PASSWORD=admin
+      - MONGO_INITDB_DATABASE=mediator
+    volumes:
+      - ./dbs/mongo-initdb.js:/docker-entrypoint-initdb.d/initdb.js
+
+  identus-mediator:
+    image: ghcr.io/hyperledger/identus-mediator:1.0.0
+    network_mode: "host"
+    ports:
+      - "8080:8080"
+    environment:
+      # Creates the identity:
+      # These keys are for demo purpose only for production deployments generate keys
+      # Please follow the README file for guidelines on How to generate JWK format keys
+      # KEY_AGREEMENT KEY_AUTHENTICATION are using format JOSE(JWK) OKP type base64urlsafe encoded keys
+      - KEY_AGREEMENT_D=Z6D8LduZgZ6LnrOHPrMTS6uU2u5Btsrk1SGs4fn8M7c
+      - KEY_AGREEMENT_X=Sr4SkIskjN_VdKTn0zkjYbhGTWArdUNE4j_DmUpnQGw
+      - KEY_AUTHENTICATION_D=INXCnxFEl0atLIIQYruHzGd5sUivMRyQOzu87qVerug
+      - KEY_AUTHENTICATION_X=MBjnXZxkMcoQVVL21hahWAw43RuAG-i64ipbeKKqwoA
+      - SERVICE_ENDPOINTS=http://localhost:8080;ws://localhost:8080/ws
+      - MONGODB_USER=admin
+      - MONGODB_PASSWORD=admin
+      - MONGODB_PROTOCOL=mongodb
+      - MONGODB_HOST=localhost
+      - MONGODB_PORT=27017
+      - MONGODB_DB_NAME=mediator
+    depends_on:
+      - "mongo"
+
+volumes:
+  pg_data_db:

demos/next-sdjwt-workshop/next.config.js

@@ -0,0 +1,28 @@
+/** @type {import('next').NextConfig} */
+const nextConfig = {
+    webpack: (config, { isServer }) => {
+        if (!isServer) {
+            config.resolve.fallback = {
+                fs: false,
+                crypto: false,
+                stream: false,
+                path: false,
+            };
+        }
+        return config;
+    },
+    async rewrites() {
+        return [
+            {
+                source: '/cloud-agent/:path*',
+                destination: 'http://localhost:8085/:path*'
+            },
+            {
+                source: '/didcomm',
+                destination: 'http://localhost:8090'
+            }
+        ]
+    }
+}
+
+module.exports = nextConfig