Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Discovery: SQLite-based server implementation #2589

Merged
merged 24 commits into from
Nov 30, 2023
Merged
Show file tree
Hide file tree
Changes from 15 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -176,9 +176,9 @@ The following options can be configured on the server:
:widths: 20 30 50
:class: options-table

==================================== =============================================================================================================================================================================================================================================================================================================== ==================================================================================================================================================================================================================================
==================================== =============================================================================================================================================================================================================================================================================================================== ================================================================================================================================================================================================================================================================================================================================
Key Default Description
==================================== =============================================================================================================================================================================================================================================================================================================== ==================================================================================================================================================================================================================================
==================================== =============================================================================================================================================================================================================================================================================================================== ================================================================================================================================================================================================================================================================================================================================
configfile nuts.yaml Nuts config file
cpuprofile When set, a CPU profile is written to the given path. Ignored when strictmode is set.
datadir ./data Directory where the node stores its files.
Expand Down Expand Up @@ -224,7 +224,7 @@ The following options can be configured on the server:
http.default.auth.type Whether to enable authentication for the default interface, specify 'token_v2' for bearer token mode or 'token' for legacy bearer token mode.
http.default.cors.origin [] When set, enables CORS from the specified origins on the default HTTP interface.
**JSONLD**
jsonld.contexts.localmapping [https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json=assets/contexts/lds-jws2020-v1.ldjson,https://schema.org=assets/contexts/schema-org-v13.ldjson,https://nuts.nl/credentials/v1=assets/contexts/nuts.ldjson,https://www.w3.org/2018/credentials/v1=assets/contexts/w3c-credentials-v1.ldjson] This setting allows mapping external URLs to local files for e.g. preventing external dependencies. These mappings have precedence over those in remoteallowlist.
jsonld.contexts.localmapping [https://nuts.nl/credentials/v1=assets/contexts/nuts.ldjson,https://www.w3.org/2018/credentials/v1=assets/contexts/w3c-credentials-v1.ldjson,https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json=assets/contexts/lds-jws2020-v1.ldjson,https://schema.org=assets/contexts/schema-org-v13.ldjson] This setting allows mapping external URLs to local files for e.g. preventing external dependencies. These mappings have precedence over those in remoteallowlist.
jsonld.contexts.remoteallowlist [https://schema.org,https://www.w3.org/2018/credentials/v1,https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json] In strict mode, fetching external JSON-LD contexts is not allowed except for context-URLs listed here.
**Network**
network.bootstrapnodes [] List of bootstrap nodes ('<host>:<port>') which the node initially connect to.
Expand Down Expand Up @@ -252,12 +252,12 @@ The following options can be configured on the server:
storage.redis.sentinel.password Password for authenticating to Redis Sentinels.
storage.redis.sentinel.username Username for authenticating to Redis Sentinels.
storage.redis.tls.truststorefile PEM file containing the trusted CA certificate(s) for authenticating remote Redis servers. Can only be used when connecting over TLS (use 'rediss://' as scheme in address).
storage.sql.connection Connection string for the SQL database. If not set, it defaults to a SQLite database stored inside the configured data directory
storage.sql.connection Connection string for the SQL database. If not set it, defaults to a SQLite database stored inside the configured data directory. Note: using SQLite is not recommended in production environments. If using SQLite anyways, remember to enable foreign keys ('_foreign_keys=on') and the write-ahead-log ('_journal_mode=WAL').
**VCR**
vcr.openid4vci.definitionsdir Directory with the additional credential definitions the node could issue (experimental, may change without notice).
vcr.openid4vci.enabled true Enable issuing and receiving credentials over OpenID4VCI.
vcr.openid4vci.timeout 30s Time-out for OpenID4VCI HTTP client operations.
==================================== =============================================================================================================================================================================================================================================================================================================== ==================================================================================================================================================================================================================================
==================================== =============================================================================================================================================================================================================================================================================================================== ================================================================================================================================================================================================================================================================================================================================

This table is automatically generated using the configuration flags in the core and engines. When they're changed
the options table must be regenerated using the Makefile:
Expand Down
48 changes: 48 additions & 0 deletions discovery/config.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
/*
* Copyright (C) 2023 Nuts community
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
*/

package discovery

// Config holds the config of the module
type Config struct {
reinkrul marked this conversation as resolved.
Show resolved Hide resolved
Server ServerConfig `koanf:"server"`
reinkrul marked this conversation as resolved.
Show resolved Hide resolved
Definitions ServiceDefinitionsConfig `koanf:"definitions"`
}

// ServiceDefinitionsConfig holds the config for loading Service Definitions.
type ServiceDefinitionsConfig struct {
Directory string `koanf:"directory"`
}

// ServerConfig holds the config for the server
type ServerConfig struct {
// DefinitionIDs specifies which use case lists the server serves.
DefinitionIDs []string `koanf:"definition_ids"`
}

// DefaultConfig returns the default configuration.
func DefaultConfig() Config {
return Config{
Server: ServerConfig{},
}
}

// IsServer returns true if the node act as Discovery Server.
func (c Config) IsServer() bool {
return len(c.Server.DefinitionIDs) > 0
}
71 changes: 71 additions & 0 deletions discovery/definition.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
/*
* Copyright (C) 2023 Nuts community
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
*/

package discovery

import (
"bytes"
"embed"
"encoding/json"
"github.com/nuts-foundation/nuts-node/vcr/pe"
v2 "github.com/nuts-foundation/nuts-node/vcr/pe/schema/v2"
"github.com/santhosh-tekuri/jsonschema"
)

//go:embed *.json
var jsonSchemaFiles embed.FS
var serviceDefinitionJsonSchema *jsonschema.Schema

func init() {
serviceDefinitionSchemaData, err := jsonSchemaFiles.ReadFile("service-definition-schema.json")
if err != nil {
panic(err)
}
const schemaURL = "http://nuts.nl/schemas/discovery-service-v0.json"
compiler := v2.Compiler()
if err := compiler.AddResource(schemaURL, bytes.NewReader(serviceDefinitionSchemaData)); err != nil {
panic(err)
}
serviceDefinitionJsonSchema = compiler.MustCompile(schemaURL)
}

// ServiceDefinition holds the definition of a service.
type ServiceDefinition struct {
// ID is the unique identifier of the use case.
ID string `json:"id"`
// Endpoint is the endpoint where the use case list is served.
Endpoint string `json:"endpoint"`
// PresentationDefinition specifies the Presentation ServiceDefinition submissions to the list must conform to,
// according to the Presentation Exchange specification.
PresentationDefinition pe.PresentationDefinition `json:"presentation_definition"`
// PresentationMaxValidity specifies how long submitted presentations are allowed to be valid (in seconds).
PresentationMaxValidity int `json:"presentation_max_validity"`
}

// ParseServiceDefinition validates the input against the JSON schema for service definitions.
// If the input is valid, it is parsed and returned as a ServiceDefinition.
func ParseServiceDefinition(data []byte) (*ServiceDefinition, error) {
if err := serviceDefinitionJsonSchema.Validate(bytes.NewReader(data)); err != nil {
return nil, err
}
var definition ServiceDefinition
if err := json.Unmarshal(data, &definition); err != nil {
return nil, err
}
return &definition, nil
}
52 changes: 52 additions & 0 deletions discovery/interface.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
/*
* Copyright (C) 2023 Nuts community
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
*/

package discovery

import (
"errors"
"github.com/nuts-foundation/go-did/vc"
)

// Timestamp is value that references a point in the list.
// It is used by clients to request new entries since their last query.
// It's implemented as lamport timestamp (https://en.wikipedia.org/wiki/Lamport_timestamp);
// it is incremented when a new entry is added to the list.
// Pass 0 to start at the beginning of the list.
type Timestamp uint64
reinkrul marked this conversation as resolved.
Show resolved Hide resolved

// ErrServiceNotFound is returned when a service (ID) is not found in the discovery service.
var ErrServiceNotFound = errors.New("discovery service not found")

// ErrPresentationAlreadyExists is returned when a presentation is added to the discovery service,
// but a presentation with this ID already exists.
var ErrPresentationAlreadyExists = errors.New("presentation already exists")

// Server defines the API for Discovery Servers.
type Server interface {
// Add registers a presentation on the given Discovery Service.
// If the presentation is not valid or it does not conform to the Service ServiceDefinition, it returns an error.
Add(serviceID string, presentation vc.VerifiablePresentation) error
// Get retrieves the presentations for the given service, starting at the given timestamp.
Get(serviceID string, startAt Timestamp) ([]vc.VerifiablePresentation, *Timestamp, error)
}

// Client defines the API for Discovery Clients.
type Client interface {
Search(serviceID string, query map[string]string) ([]vc.VerifiablePresentation, error)
}
31 changes: 31 additions & 0 deletions discovery/log/logger.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
/*
* Copyright (C) 2023 Nuts community
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
*/

package log

import (
"github.com/nuts-foundation/nuts-node/core"
"github.com/sirupsen/logrus"
)

var _logger = logrus.StandardLogger().WithField(core.LogFieldModule, "Discovery")

// Logger returns a logger with the module field set
func Logger() *logrus.Entry {
return _logger
}
Loading