fix: implementing the Hyperledger Identus SDJWT workshop (#323)

Signed-off-by: Francisco Javier Ribo Labrador <elribonazo@gmail.com>
hyperledger · Nov 8, 2024 · 8b0a7be · 8b0a7be · github-actions · Nov 8, 2024
1 parent bd3d946
commit 8b0a7be
Show file tree

Hide file tree

Showing 74 changed files with 13,399 additions and 6,591 deletions.
diff --git a/demos/next-sdjwt-workshop/.eslintrc.json b/demos/next-sdjwt-workshop/.eslintrc.json
@@ -0,0 +1,3 @@
+{
+  "extends": "next/core-web-vitals"
+}
diff --git a/demos/next-sdjwt-workshop/.gitignore b/demos/next-sdjwt-workshop/.gitignore
@@ -0,0 +1,36 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+.yarn/install-state.gz
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# local env files
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts
diff --git a/demos/next-sdjwt-workshop/README.md b/demos/next-sdjwt-workshop/README.md
@@ -0,0 +1,49 @@
+<p align="center">
+  <a href="https://www.hyperledger.org/projects/identus">
+    <img src="https://cdn.jsdelivr.net/gh/hyperledger/identus@v2.13/resources/images/hyperledger-identus.svg" alt="identus-logo" width="513px" height="99px" />
+  </a>
+  <br>
+  <i> <font size="18">SDJWT Workshop Typescript</font> </i>
+  <br>
+</p>
+<hr>
+
+# Introduction
+This workshop will show you how to Issue and Verify a SD-JWT Credential and Presentation using connectionless flows, meaning, you won't need to establish a didcomm connection between the Issuer, Holder and Verifier.
+
+### **What Can I expect from this workshop?**
+
+You will learn everything that is needed to receive an Issued SD-JWT credential from the Cloud Agent and then use this credential to respond to a Presentation Submission request.
+
+### **What are connectionless flows?**
+
+In this presentation we won't be using [DIDComm Connections](https://hyperledger.github.io/identus-docs/docs/concepts/multi-tenancy#didcomm-connections) but instead we will generate Out of Band (OOB) codes for Issuance and Verification.
+
+You will then receive and process this OOB in your Edge Agent and run the corresponding flow:
+1. Create the Credential Request from the Credential Offer
+2. Create the Presentation Submission from the Verification Request
+
+### Components
+All documentation on how to deploy each service is inside the workshop just open the project and copy the commands:
+
+1. Cloud Agent
+2. Mediator
+3. Typescript SDK
+
+# Workshop
+
+In order to run this workshop you must run the following commands:
+
+```bash
+git clone git@github.com:hyperledger/identus-edge-agent-sdk-ts.git
+```
+
+Then, move to the demo directory in ./demos/next-sdjwt-workshop
+
+```bash
+cd demos/next-sdjwt-workshop
+npm i
+npm run dev
+```
+
+**This create a site on http://localhost:3000, open the link and continue with the on screen instructions to continue the workshop**
diff --git a/demos/next-sdjwt-workshop/dbs/mongo-initdb.js b/demos/next-sdjwt-workshop/dbs/mongo-initdb.js
@@ -0,0 +1,37 @@
+db.createUser({
+    user: "admin",
+    pwd: "admin",
+    roles: [
+        { role: "readWrite", db: "mediator" }
+    ]
+});
+
+const database = 'mediator';
+const collectionDidAccount = 'user.account';
+const collectionMessages = 'messages';
+const collectionMessagesSend = 'messages.outbound';
+
+// The current database to use.
+use(database);
+
+// Create  collections.
+db.createCollection(collectionDidAccount);
+db.createCollection(collectionMessages);
+db.createCollection(collectionMessagesSend);
+
+//create index
+db.getCollection(collectionDidAccount).createIndex({ 'did': 1 }, { unique: true });
+// Only enforce uniqueness on non-empty arrays
+db.getCollection(collectionDidAccount).createIndex({ 'alias': 1 }, { unique: true, partialFilterExpression: { "alias.0": { $exists: true } } });
+db.getCollection(collectionDidAccount).createIndex({ "messagesRef.hash": 1, "messagesRef.recipient": 1 });
+
+// There are 2 message types  `Mediator`  and `User` Please follow the Readme for more details in the section Mediator storage
+const expireAfterSeconds = 7 * 24 * 60 * 60; // 7 day * 24 hours * 60 minutes * 60 seconds
+db.getCollection(collectionMessages).createIndex(
+    { ts: 1 },
+    {
+        name: "message-ttl-index",
+        partialFilterExpression: { "message_type": "Mediator" },
+        expireAfterSeconds: expireAfterSeconds
+    }
+)
diff --git a/demos/next-sdjwt-workshop/dbs/postgres-init-script.sh b/demos/next-sdjwt-workshop/dbs/postgres-init-script.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+set -e
+set -u
+
+function create_user_and_database() {
+	local database=$1
+	local app_user=${database}-application-user
+	echo "  Creating user and database '$database'"
+
+	# Check if user exists
+	user_exists=$(psql -U "$POSTGRES_USER" -tAc "SELECT 1 FROM pg_catalog.pg_roles WHERE rolname = '$app_user'")
+	if [ "$user_exists" != "1" ]; then
+		psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+			      CREATE USER "$app_user" WITH PASSWORD 'password';
+		EOSQL
+	else
+		echo "  User '$app_user' already exists, skipping creation."
+	fi
+
+	# Check if database exists
+	db_exists=$(psql -U "$POSTGRES_USER" -tAc "SELECT 1 FROM pg_database WHERE datname = '$database'")
+	if [ "$db_exists" != "1" ]; then
+		psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+			        CREATE DATABASE $database;
+		EOSQL
+	else
+		echo "  Database '$database' already exists, skipping creation."
+	fi
+
+	# Grant privileges
+	psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+		      \c $database
+		      ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO "$app_user";
+	EOSQL
+}
+
+if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then
+	echo "Multiple database creation requested: $POSTGRES_MULTIPLE_DATABASES"
+	for db in $(echo $POSTGRES_MULTIPLE_DATABASES | tr ',' ' '); do
+		create_user_and_database $db
+	done
+	echo "Multiple databases created"
+fi
diff --git a/demos/next-sdjwt-workshop/dbs/postgres-max_conns.sql b/demos/next-sdjwt-workshop/dbs/postgres-max_conns.sql
@@ -0,0 +1 @@
+ALTER SYSTEM SET max_connections = 500;
diff --git a/demos/next-sdjwt-workshop/docker-compose.yaml b/demos/next-sdjwt-workshop/docker-compose.yaml
@@ -0,0 +1,116 @@
+services:
+
+  ########################################
+  ### Identus Cloud Agent & PRISM Node ###
+  ########################################
+
+  db:
+    image: postgres:13
+    network_mode: "host"
+    environment:
+      POSTGRES_MULTIPLE_DATABASES: "pollux,connect,agent,node_db"
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+    volumes:
+      - pg_data_db:/var/lib/postgresql/data
+      - ./dbs/postgres-init-script.sh:/docker-entrypoint-initdb.d/init-script.sh
+      - ./dbs/postgres-max_conns.sql:/docker-entrypoint-initdb.d/max_conns.sql
+    healthcheck:
+      test: [ "CMD", "pg_isready", "-U", "postgres", "-d", "agent" ]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
+  prism-node:
+    image: ghcr.io/input-output-hk/prism-node:2.4.1
+    network_mode: "host"
+    environment:
+      NODE_PSQL_HOST: localhost:5432
+    depends_on:
+      db:
+        condition: service_healthy
+
+  cloud-agent:
+    image: ghcr.io/hyperledger/identus-cloud-agent:1.40.0
+    network_mode: "host"
+    ports:
+      - "8085:8085" # API endpoint
+      - "8090:8090" # DIDComm endpoint
+    environment:
+      POLLUX_DB_HOST: localhost
+      POLLUX_DB_PORT: 5432
+      POLLUX_DB_NAME: pollux
+      POLLUX_DB_USER: postgres
+      POLLUX_DB_PASSWORD: postgres
+      CONNECT_DB_HOST: localhost
+      CONNECT_DB_PORT: 5432
+      CONNECT_DB_NAME: connect
+      CONNECT_DB_USER: postgres
+      CONNECT_DB_PASSWORD: postgres
+      AGENT_DB_HOST: localhost
+      AGENT_DB_PORT: 5432
+      AGENT_DB_NAME: agent
+      AGENT_DB_USER: postgres
+      AGENT_DB_PASSWORD: postgres
+      PRISM_NODE_HOST: localhost
+      PRISM_NODE_PORT: 50053
+      POLLUX_STATUS_LIST_REGISTRY_PUBLIC_URL: http://localhost:8085/cloud-agent
+      DIDCOMM_SERVICE_URL: http://localhost:3000/didcomm
+      REST_SERVICE_URL: http://localhost:8085/cloud-agent
+      SECRET_STORAGE_BACKEND: postgres
+      DEV_MODE: true
+      API_KEY_ENABLED: false
+    depends_on:
+      db:
+        condition: service_healthy
+      prism-node:
+        condition: service_started
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://cloud-agent:8085/_system/health" ]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+
+  ################
+  ### MEDIATOR ###
+  ################
+
+  mongo:
+    image: mongo:6.0
+    network_mode: "host"
+    ports:
+      - "27017:27017"
+    command: [ "--auth" ]
+    environment:
+      - MONGO_INITDB_ROOT_USERNAME=admin
+      - MONGO_INITDB_ROOT_PASSWORD=admin
+      - MONGO_INITDB_DATABASE=mediator
+    volumes:
+      - ./dbs/mongo-initdb.js:/docker-entrypoint-initdb.d/initdb.js
+
+  identus-mediator:
+    image: ghcr.io/hyperledger/identus-mediator:1.0.0
+    network_mode: "host"
+    ports:
+      - "8080:8080"
+    environment:
+      # Creates the identity:
+      # These keys are for demo purpose only for production deployments generate keys
+      # Please follow the README file for guidelines on How to generate JWK format keys
+      # KEY_AGREEMENT KEY_AUTHENTICATION are using format JOSE(JWK) OKP type base64urlsafe encoded keys
+      - KEY_AGREEMENT_D=Z6D8LduZgZ6LnrOHPrMTS6uU2u5Btsrk1SGs4fn8M7c
+      - KEY_AGREEMENT_X=Sr4SkIskjN_VdKTn0zkjYbhGTWArdUNE4j_DmUpnQGw
+      - KEY_AUTHENTICATION_D=INXCnxFEl0atLIIQYruHzGd5sUivMRyQOzu87qVerug
+      - KEY_AUTHENTICATION_X=MBjnXZxkMcoQVVL21hahWAw43RuAG-i64ipbeKKqwoA
+      - SERVICE_ENDPOINTS=http://localhost:8080;ws://localhost:8080/ws
+      - MONGODB_USER=admin
+      - MONGODB_PASSWORD=admin
+      - MONGODB_PROTOCOL=mongodb
+      - MONGODB_HOST=localhost
+      - MONGODB_PORT=27017
+      - MONGODB_DB_NAME=mediator
+    depends_on:
+      - "mongo"
+
+volumes:
+  pg_data_db:
diff --git a/demos/next-sdjwt-workshop/next.config.js b/demos/next-sdjwt-workshop/next.config.js
@@ -0,0 +1,28 @@
+/** @type {import('next').NextConfig} */
+const nextConfig = {
+    webpack: (config, { isServer }) => {
+        if (!isServer) {
+            config.resolve.fallback = {
+                fs: false,
+                crypto: false,
+                stream: false,
+                path: false,
+            };
+        }
+        return config;
+    },
+    async rewrites() {
+        return [
+            {
+                source: '/cloud-agent/:path*',
+                destination: 'http://localhost:8085/:path*'
+            },
+            {
+                source: '/didcomm',
+                destination: 'http://localhost:8090'
+            }
+        ]
+    }
+}
+
+module.exports = nextConfig