Merge pull request #31 from lalithkota/develop-mock-id

Created Blueprint for Mock ID Auth

.github/workflows/push-trigger.yml

@@ -1,30 +1,41 @@
-name: Artifactory build upon a push
+name: MOSIP Token Seeder Docker Build upon push
 
 on:
-  release:
-    types: [published]
   push:
-    branches:
-      - '!release-branch'
-      - master
-      - 1.*
-      - develop
-      - MOSIP*
-      - release*
 
 jobs:
-  build-docker-mosip-token-seeder:
-    strategy:
-      matrix:
-        include:
-          - SERVICE_LOCATION: './'
-            SERVICE_NAME: 'mosip-token-seeder'
-    uses: mosip/kattu/.github/workflows/docker-build.yml@master
-    with:
-      SERVICE_LOCATION: ${{ matrix.SERVICE_LOCATION }}
-      SERVICE_NAME: ${{ matrix.SERVICE_NAME }}
-    secrets:
-      DEV_NAMESPACE_DOCKER_HUB: ${{ secrets.DEV_NAMESPACE_DOCKER_HUB }}
-      ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
-      RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
-      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+  token-seeder-build:
+    runs-on: ubuntu-latest
+    env:
+      NAMESPACE: ${{ secrets.dev_namespace_docker_hub }}
+      SERVICE_NAME: mosip-token-seeder
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Setup branch and env
+        run: |
+          # Strip git ref prefix from version
+          echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
+      - name: Docker build & push
+        run: |
+          IMAGE_ID=$NAMESPACE/$SERVICE_NAME
+
+          # Change all uppercase to lowercase
+          IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
+          if [[ $BRANCH_NAME == master || $BRANCH_NAME == main ]]; then
+            VERSION=latest
+          else
+            VERSION=$BRANCH_NAME
+          fi
+          echo IMAGE_ID=$IMAGE_ID
+          echo VERSION=$VERSION
+          echo "IMAGE_ID=$IMAGE_ID" >> $GITHUB_ENV
+          echo "VERSION=$VERSION" >> $GITHUB_ENV
+
+          docker build . --file Dockerfile --tag $IMAGE_ID:$VERSION
+      - name: Docker login
+        run: |
+          echo "${{ secrets.release_docker_hub }}" | docker login -u ${{ secrets.actor_docker_hub }} --password-stdin
+      - name: Docker push
+        run: |
+          docker push $IMAGE_ID:$VERSION

helm/values.yaml

@@ -51,7 +51,7 @@ service:
 image:
   registry: docker.io
   repository: mosipdev/mosip-token-seeder
-  tag: develop
+  tag: mts-mock
   ## Specify a imagePullPolicy
   ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
   ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

mosip_token_seeder/authenticator/authenticator-config.toml

@@ -1,30 +1,10 @@
 [mosip_auth]
-timestamp_format = "%Y-%m-%dT%H:%M:%S"
-ida_auth_version = '1.0'
-ida_auth_request_id = 'mosip.identity.auth'
-ida_auth_env = 'Staging'
-authorization_header_constant = 'Authorization'
-# partner_apikey = 
-# partner_misp_lk = 
 # partner_id = 
+skip_auth = true
+psut_hash_algo = 'SHA3_256'
 
 [mosip_auth_server]
-# ida_auth_domain_uri = 
 # ida_auth_url = 
 
-
-[crypto_encrypt]
-algorithm = '@none'
-symmetric_key_size = 256
-symmetric_nonce_size = 128
-symmetric_gcm_tag_size = 128
-# certificate from the below path is used to encrypt the Auth Request.
-# encrypt_cert_path = 
-
-[crypto_signature]
-algorithm = 'RS256'
-# sign_p12_file_path = 
-# sign_p12_file_password = 
-
 [logging]
 log_file_path = 'authenticator.log'

mosip_token_seeder/authenticator/authenticator.py

@@ -1,15 +1,12 @@
-import string
-import secrets
+import base64
+import json
 import logging
+import requests
 import sys
 import traceback
-import base64
-import json
-from datetime import datetime
+
 from cryptography.hazmat.primitives import hashes
-import httpx
 
-from .utils import RestUtility
 from .model import DemographicsModel
 from .exceptions import AuthenticatorException, Errors
 
@@ -21,10 +18,9 @@ def __init__(self, config_obj, logger=None, **kwargs ):
         else:
             self.logger = logger
 
-        self.auth_rest_util = RestUtility(config_obj.mosip_auth_server.ida_auth_url, config_obj.mosip_auth.authorization_header_constant)
         self.auth_api_url =  str(config_obj.mosip_auth_server.ida_auth_url)
+
         self.partner_id = str(config_obj.mosip_auth.partner_id)
-
         self.psut_hash_algo = config_obj.mosip_auth.psut_hash_algo
         self.skip_auth = config_obj.mosip_auth.skip_auth
 
@@ -48,12 +44,12 @@ def do_auth(self, auth_req_data : dict):
         try:
             if not self.skip_auth:
                 demographic_data = DemographicsModel(**auth_req_data)
-                with httpx.Client() as client:
-                    response = client.get(url=self.auth_api_url + "/" + vid, headers='')
-            # TODO: Compare demographic_data and response to do demographic verification.
-                    
+
+                response = requests.get(url=self.auth_api_url + "/" + vid, headers='')
+                # TODO: Compare demographic_data and response to do demographic verification.
+
             token = self.generate_psut(vid, self.partner_id, self.psut_hash_algo)
-                  
+
             return json.dumps({
                 "response": {
                     "authStatus": True,
@@ -70,10 +66,10 @@ def do_auth(self, auth_req_data : dict):
             exp = traceback.format_exc()
             self.logger.error('Error Processing Auth Request. Error Message: {}'.format(exp))
             raise AuthenticatorException(Errors.AUT_BAS_001.name, Errors.AUT_BAS_001.value)
-        
+
     def generate_psut(self, vid : str, partner_id: str, hash_algo: str):
         hash_algo = getattr(hashes, hash_algo)()
         digest = hashes.Hash(hash_algo)
         digest.update(f'{vid}{partner_id}'.encode(encoding="utf-8"))
         token=base64.urlsafe_b64encode(digest.finalize()).decode().rstrip("=")
-        return token
+        return token

mosip_token_seeder/requirements.txt

@@ -6,9 +6,9 @@ fastapi == 0.78.0
 uvicorn == 0.18.2
 gunicorn == 20.1.0
 sqlalchemy == 1.4.39
-cryptography == 37.0.2
+cryptography == 39.0.1
 requests == 2.28.1
-jwcrypto == 1.3.1
+jwcrypto == 1.4
 pysqlcipher3 == 1.0.4
 python-multipart == 0.0.5
 APScheduler == 3.9.1