Develop#36
Open
kneckinator wants to merge 1156 commits into
Open
Conversation
Previously CredentialMetadata was holding dataShareUrl and credentialValidity, but these fields are deleted now. Due to this the previous entries read from DB is throwing UnrecognizedPropertyException. To avoid this breaking change unknown properties are ignored Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
[INJIWEB-1541] Enhancement for login & related APIs
Signed-off-by: Nandhukumar <nandhukumare@gmail.com>
MOSIP-41593 - Update mimoto testrig to support latest esignet 1.5.1 and above
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
[INJIWEB-1541] merge usage of 2 controllerAdvice
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
[INJIWEB-1541] update postman collections
…729) Signed-off-by: sairam-g9162 <sairamgirirao@gmail.com>
Signed-off-by: Mahesh.Binayak <mahesh.binyak@technoforte.o>
Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com>
…only if the request is sent with correct walletId after unlocking the wallet and update some messages in swagger annotation to keep it consistent with api json file Signed-off-by: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com>
Changing pom to migrage to maven central
Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com>
* Changing pom to remove execution block Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com> * Changing distributionmanagement Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com> --------- Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com>
[INJIWEB-1533] update the logic of delete wallet api to reset wallet correctly in different scenarios
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com>
Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com>
…ive data Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com>
[INJIWEB-1563] modify oAuth success redirect url
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
[INJIWEB-1563] move auth success redirect config to default profile
Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com>
Signed-off-by: Gurpreet41082 <gurpreet.kaur@thoughtworks.com>
* [INJIWEB-1861] Added constructor injection for the CONTROLLER files Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * [INJIWEB-1861] Added constructor injection for the SERVICE files Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * [INJIWEB-1861] reused SecureRandom instance as a static final field Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * [INJIWEB-1861] removed the redundant word 'image' from alt attribute Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * [INJIWEB-1861] Addressed code rabbit comments Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * [INJIWEB-1861] Used static string for alt attribute in credential template Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> --------- Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com>
* injiweb-1871-mimoto-coverage added coverage for above 80% Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * injiweb-1871-mimoto-coverage fixed code rabbit comments Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * injiweb-1871-mimoto-coverage fixed code rabbit comments Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * injiweb-1871-mimoto-coverage fixed credentialShare & pdfGen tests Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * injiweb-1871-mimoto-coverage changed context to list type Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * injiweb-1871-mimoto-coverage rebased changes Signed-off-by: cyber-titan <saiabhi2309@gmail.com> --------- Signed-off-by: cyber-titan <saiabhi2309@gmail.com>
…le. (#1044) * MOSIP-41353 Signed-off-by: Sradha Mohanty <mohantysradha10@gmail.com> * MOSIP-41353 Signed-off-by: Sradha Mohanty <mohantysradha10@gmail.com> * MOSIP-41353 Signed-off-by: Sradha Mohanty <mohantysradha10@gmail.com> * MOSIP-41353 Signed-off-by: Sradha Mohanty <mohantysradha10@gmail.com> * MOSIP-41353 Signed-off-by: Sradha Mohanty <mohantysradha10@gmail.com> * MOSIP-41353 Signed-off-by: Sradha Mohanty <mohantysradha10@gmail.com> --------- Signed-off-by: Sradha Mohanty <mohantysradha10@gmail.com>
* [INJIWEB-1861] Refactored reflection tests and addressed review comments Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * [INJIWEB-1861] addressed nitpick test comments Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> --------- Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com>
* MOSIP-44720 New Get Isssuer V2 API automation Signed-off-by: Nitin Hegde <nitin.k@cyberpwn.com> * MOSIP-44720 New Get Isssuer V2 API automation Signed-off-by: Nitin Hegde <nitin.k@cyberpwn.com> * MOSIP-44720 New Get Isssuer V2 API automation Signed-off-by: Nitin Hegde <nitin.k@cyberpwn.com> * MOSIP-44720 New Get Isssuer V2 API automation Signed-off-by: Nitin Hegde <nitin.k@cyberpwn.com> --------- Signed-off-by: Nitin Hegde <nitin.k@cyberpwn.com>
…nd response uris (#1055) * [INJIWEB-1873] - Update Verifier Validation parameters to client id and response uris update logic to consider redirect_uri from post api response update test cases Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * [INJIWEB-1873] - Add redirect uri fallback and update test cases Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> --------- Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
#1048) * MOSIP-44432:Mimoto -Update the test case descriptions to improve clarity and readability Signed-off-by: Mrudula <mrudula.c@cyberpwn.com> * MOSIP-44432:Mimoto -Update the test case descriptions to improve clarity and readability Signed-off-by: Mrudula <mrudula.c@cyberpwn.com> * MOSIP-44432:Mimoto -Update the test case descriptions to improve clarity and readability Signed-off-by: Mrudula <mrudula.c@cyberpwn.com> * MOSIP-44432:Mimoto -Update the test case descriptions to improve clarity and readability Signed-off-by: Mrudula <mrudula.c@cyberpwn.com> * MOSIP-44432:Mimoto -Update the test case descriptions to improve clarity and readability Signed-off-by: Mrudula <mrudula.c@cyberpwn.com> * MOSIP-44432:resloved the coderabbit comments Signed-off-by: Mrudula <mrudula.c@cyberpwn.com> --------- Signed-off-by: Mrudula <mrudula.c@cyberpwn.com>
Signed-off-by: Madhuravas reddy <madhu@mosip.io>
Add Test cases in IssuersController Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
…fall back redirect logic in case of response_mode is not direct_post (#1064) * [INJIWEB-1873] - Add conditional validation for verifer Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * [INJIWEB-1873] - bring back fallback logic for building direct uri incase of response mode is not direct_post Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * [INJIWEB-1873] - Add Optional logic for responseUris and redirecturis Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> --------- Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
…authorization server (#1058) Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
* [INJIWEB-1891] - Removed unused config from issuers config Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * [INJIWEB-1891] - Replace Config with Mock ID usecase Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * [INJIWEB-1891] - Update Token endpoint Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * [INJIWEB-1891] - Update Token endpoint in local setup Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> --------- Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
* [INJIWEB-1891] Added logic to derive token_endpoint field internally in mimoto Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * [INJIWEB-1891] Addressed review comments and amended the readMe Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * [INJIWEB-1891] Removed extra values from mimoto-issuer-config json Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> --------- Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com>
… 13 and v1 versions ref #555 (#1074) * feat(openid4vci): Add implementation for parsing well known for both versions part of #555 Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * refactor: Fix validation, serialization, and test coverage for well-known response DTOs and parsers part of #555 Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * Decouple version-specific well-known DTOs into draft13/v1 packages ref #555, use objectmapper for map Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): Add internal classes for Logo and Background Image Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): Remove redundant null checks and update test case Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): add version to CredentialIssuerWellKnownResponse Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> --------- Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
…part of #555 (#1076) * feat(openid4vci): Add factory implementation for downloading credential from issuer and support draft 13 part of #555 Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * feat(openid4vci): Addressed comments, removed CredentialRequestService Interface, updated tests Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * feat(openid4vci): remove private method description from Draft13VCDownloadHandler Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * rebased, addressed comments, added tests Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * feat(openid4vci): Refactor get Credential Well Known response, update test cases Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): update Credentialmetadata object with claims and update credentialdefinition to null Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): update credentialdefinition to unassigned Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> --------- Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> Co-authored-by: Durgesh Konga <kongadurgesh20@gmail.com>
Signed-off-by: Sradha Mohanty <mohantysradha10@gmail.com>
…nID4VP (#1073) * INJIWEB-1887 added error execption for Invalid transaction data in OpenID4VP Signed-off-by: Madhuravas reddy <madhu@mosip.io> * Added payload error exception Signed-off-by: Madhuravas reddy <madhu@mosip.io> * removed call name to keep existing parameter Signed-off-by: Madhuravas reddy <madhu@mosip.io> * Added test cases to cover toOpenId4VpException method Signed-off-by: Madhuravas reddy <madhu@mosip.io> * Refactor OpenID4VPService: rename toOpenId4VpException to openId4VPErrorException and make it private Signed-off-by: Madhuravas reddy <madhu@mosip.io> --------- Signed-off-by: Madhuravas reddy <madhu@mosip.io>
…inji-web #568 (#1079) * feat(openid4vci): add implementation for v1 spec vc download Add test cases Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * fix V1 credential request: add proofs JSON mapping, guard blank nonce endpoint on retry Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): Split wellknown validator into Draft13 and V1 variants with version-specific ldp_vc validation and List<Map> claims type Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): Add Error Response handling for Credential Endpoint Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): remove temporary code for mock service part of inji-web #568 Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): remove unuse imports inji-web #568 Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): remove unuse imports inji-web #568 Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> * feat(openid4vci): update logs inji-web #568 Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> --------- Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
* docs(mimoto) Updated the documentation to have error codes and added details in google integration doc Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> * docs(mimoto) Addressed code rabbit formatting changes Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com> --------- Signed-off-by: Rudhhi Shah <rudhhi.shah@thoughtworks.com>
Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
…#1090) * [INJIWEB-1856] - Add Logic for sd-jwt ovp credential matching * [INJIWEB-1856] - Add Logic for Algorithm Check * [INJIWEB-1856] - Add logic to resolve publicClaims and sdClaims in api response * [INJIWEB-1856] - Remove metadata keys from public claims * [INJIWEB-1856] - Add null handling scenarios, claims generation logic * [INJIWEB-1856] - Add logic to handle nested sdClaims # Conflicts: # src/main/java/io/mosip/mimoto/service/impl/VcSdJwtCredentialFormatHandler.java * [INJIWEB-1856] - Add Junit Test cases * [INJIWEB-1856] - Update description for claims attribute Update logic for sdClaims update Test cases for sdClaims * [INJIWEB-1856] - Refactor Matches Format logic Remove hardcoded testdata * [INJIWEB-1856] - Code refactoring and update test cases * [INJIWEB-1856] - Update to Constructor Injection replacing Autowired --------- Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com>
…rt in Inji web wallet (#1075) * docs(vci): add design document for OpenID4VCI 1.0 specification support in Inji web wallet Signed-off-by: jackjain <jackjain1995@gmail.com> * docs(vci): fix lint error on markdown, add placeholders instead of actual credential data, fix interface texts Signed-off-by: jackjain <jackjain1995@gmail.com> * docs(vci): update v1 VCDownloadHandler class Signed-off-by: jackjain <jackjain1995@gmail.com> * docs(vci): update the design to process only first credential received from the issuer since wallet supports only single proof Signed-off-by: jackjain <jackjain1995@gmail.com> * docs(vci): fix grammar issues Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> --------- Signed-off-by: jackjain <jackjain1995@gmail.com> Signed-off-by: Durgesh Konga <kongadurgesh20@gmail.com> Co-authored-by: Durgesh Konga <kongadurgesh20@gmail.com>
Signed-off-by: Abhi <abhishek.shankarcs@gmail.com>
[MOSIP-37808] Updated DB attributes for mimoto
* feat: add spec_version to Verifier - This field indicates the specification version currently followed by the Verifier. - The default value for this field will be v1 Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> * docs: udpate docs for /verifier api Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> --------- Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
…#1089) * injiweb-1855-sd-jwt-ovp add SD-JWT OVP credential presentation with selective disclosure support and fix misleading missingClaims response Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * injiweb-1855-sd-jwt-ovp address CR comments — per-format signers, input mutation, typo fix, and test correctness Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * injiweb-1855-sd-jwt-ovp address CR comments — alg advertisement, containsKey guard, unchecked cast Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * feat(openid4vp): support dc+sd-jwt, per-credential SD-JWT signing, & share no disclosures when selectedSdClaims empty Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * docs(openid4vp): harden presentation rejection request schema in API spec Signed-off-by: cyber-titan <saiabhi2309@gmail.com> * refactor(openid4vp): sign each VP token format with its own signer Signed-off-by: cyber-titan <saiabhi2309@gmail.com> --------- Signed-off-by: cyber-titan <saiabhi2309@gmail.com>
* feat(dpop): add v2 token endpoint that passes the AS error through as-is
Add POST /v2/get-token/{issuer} so the wallet's DPoP (RFC 9449) token
exchange via the mimoto proxy receives the authorization server response
untouched:
- Accept an optional DPoP request header and forward it to the AS token
endpoint.
- Return the AS response as a raw ResponseEntity<String>, passing the
status, body and headers (including DPoP-Nonce and WWW-Authenticate)
through as-is on both success and error, so a use_dpop_nonce challenge
reaches the wallet for the nonce retry.
- The existing v1 endpoint behaviour is unchanged.
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* fix: add NoArgsConstructor to CredentialIssuerConfiguration and explicit PathVariable name in IdpController to fix failing tests
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* fix: strip Transfer-Encoding header in getTokenV2 response
Copying upstream response headers including Transfer-Encoding: chunked
caused double chunked encoding when Tomcat also applied its own chunked
encoding, resulting in HTTP 502 from reverse proxies.
Filter out Transfer-Encoding from forwarded headers to fix this.
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* fix: strip all hop-by-hop headers in getTokenV2 response
Per RFC 7230, hop-by-hop headers (Transfer-Encoding, Connection,
Keep-Alive, TE, Trailer, Upgrade, Proxy-Authenticate,
Proxy-Authorization) must not be forwarded by proxies.
Previously only Transfer-Encoding was stripped. Now all hop-by-hop
headers are filtered to be fully RFC-compliant.
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* revert: restore mosip.mimoto.database.hostname property name
Revert inji.mimoto.database.hostname back to mosip.mimoto.database.hostname
to avoid breaking existing production deployments.
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* refactor: extract token response header filtering
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* fix: preserve configured issuer token endpoints
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* fix: keep default config changes scoped to v2 token endpoint
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* fix: address v2 token review comments
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
* chore(api-test): bump up api test version to 1.6.0
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
---------
Signed-off-by: abhip2565 <paul.apaul.abhishek.ap@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.