Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add issuer component #18

Merged
merged 31 commits into from
Mar 25, 2024
Merged

feat: add issuer component #18

merged 31 commits into from
Mar 25, 2024

Conversation

Phil91
Copy link
Member

@Phil91 Phil91 commented Mar 8, 2024
edited by evegufy
Loading

Description

Add the ssi issuer component

Why

To provide a api to create, sign and revoke credentials for wallets of an issuer and holder

Issue

#3 #4 #5 #6 #7 #8 #9 #13

Checklist

  • I have followed the contributing guidelines
  • I have performed IP checks for added or updated 3rd party libraries
  • I have created and linked IP issues or requested their creation by a committer
  • I have performed a self-review of my own code
  • I have successfully tested my changes locally
  • I have added tests that prove my changes work
  • I have checked that new and existing tests pass locally with my changes
  • I have commented my code, particularly in hard-to-understand areas
  • I have added copyright and license headers, footers (for .md files) or files (for images)

BEGIN_COMMIT_OVERRIDE
feat: establish a database to handle credential requests, verified credentials, document proof, and managing lifecycle
feat: establish a GET endpoint for retrieving own credential requests with their current status
feat: establish a GET endpoint to retrieve supported credential types, allowing customers to see all credentials that can be requested
feat: establish POST endpoints for credential requests for BPN (Business Partner Number), Membership, and Framework Agreement credentials
feat: establish an admin endpoint to retrieve credential requests for the purpose of approval or rejection
feat: establish endpoints to approve or reject customer credential requests
feat: establish a processes worker to create credentials and submit them for signature by the issuer wallet
feat: establish a job to store newly created verified credentials inside the holder wallet
feat: implement a job to run expiry validation and revocation of credentials
feat: establish a notification system for credential expiry to alert holders
END_COMMIT_OVERRIDE

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 8, 2024
View reviewed changes
Copy link

@github-advanced-security github-advanced-security bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

@Phil91 Phil91 changed the title Feat/2 issuer component feat: issuer component Mar 8, 2024
@jjeroch jjeroch added the priority PR needs to prioritized at review label Mar 11, 2024
@jjeroch jjeroch added this to the CX Release 24.05 (dev) milestone Mar 11, 2024
@Phil91 Phil91 force-pushed the feat/2-issuer-component branch 4 times, most recently from 5610db0 to 30638ba Compare March 12, 2024 11:04
@Phil91 Phil91 mentioned this pull request Mar 12, 2024
Merged
9 tasks
@Phil91 Phil91 marked this pull request as ready for review March 13, 2024 12:06
evegufy
evegufy requested changes Mar 13, 2024
View reviewed changes
Copy link
Contributor

@evegufy evegufy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you please rename from src/credentials/SsiCredentialIssuer.Expiry.App.app to src/credentials/SsiCredentialIssuer.Expiry.App?

@evegufy
Copy link
Contributor

evegufy commented Mar 13, 2024

and not sure if you saw the comment from codeql, could you please take care of the warnings?

@Phil91 Phil91 force-pushed the feat/2-issuer-component branch 2 times, most recently from 3a35c8e to d5e30ad Compare March 14, 2024 07:48
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 14, 2024
View reviewed changes
tests/issuer/SsiCredentialIssuer.Service.Tests/BusinessLogic/CredentialBusinessLogicTests.cs Fixed Show fixed Hide fixed
tests/processes/Processes.Library.Tests/ManualProcessDataExtensionsTests.cs Fixed Show fixed Hide fixed
tests/externalservices/Wallet.Service.Tests/Services/BasicAuthTokenServiceTests.cs Dismissed Show dismissed Hide dismissed
tests/externalservices/Wallet.Service.Tests/Services/BasicAuthTokenServiceTests.cs Dismissed Show dismissed Hide dismissed
tests/externalservices/Wallet.Service.Tests/Services/WalletServiceTests.cs Dismissed Show dismissed Hide dismissed
tests/issuer/SsiCredentialIssuer.Service.Tests/BusinessLogic/CredentialBusinessLogicTests.cs Fixed Show fixed Hide fixed
tests/issuer/SsiCredentialIssuer.Service.Tests/BusinessLogic/CredentialBusinessLogicTests.cs Fixed Show fixed Hide fixed
tests/issuer/SsiCredentialIssuer.Service.Tests/BusinessLogic/CredentialBusinessLogicTests.cs Fixed Show fixed Hide fixed
tests/processes/CredentialProcess.Library.Tests/CredentialProcessHandlerTests.cs Fixed Show fixed Hide fixed
tests/Tests.Shared/HttpMessageHandlerMock.cs Dismissed Show dismissed Hide dismissed
@Phil91 Phil91 requested a review from evegufy March 14, 2024 09:28
@evegufy evegufy mentioned this pull request Mar 14, 2024
Merged
3 tasks
ntruchsess
ntruchsess requested changes Mar 20, 2024
View reviewed changes
Copy link
Contributor

@ntruchsess ntruchsess left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in addition to the other findings I don't think it's a good idea to exclude major parts of the code by using [ExcludeFromCodeCoverage]. If reported coverage is low than this is what it is.

src/issuer/SsiCredentialIssuer.Service/BusinessLogic/CredentialBusinessLogic.cs Outdated
private async Task<string> GetHolderInformation(string didDocumentLocation, CancellationToken cancellationToken)
{
var client = _clientFactory.CreateClient("didDocumentDownload");
var result = await client.GetAsync(didDocumentLocation, cancellationToken)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

didDocumentLocation url originates from post-data and therefore must be sanitized before calling the remote system. (never trust the client!)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added

src/issuer/SsiCredentialIssuer.Service/BusinessLogic/CredentialBusinessLogic.cs Outdated Show resolved Hide resolved
src/issuer/SsiCredentialIssuer.Service/BusinessLogic/CredentialBusinessLogic.cs Outdated Show resolved Hide resolved
src/issuer/SsiCredentialIssuer.Service/Controllers/CredentialController.cs Outdated Show resolved Hide resolved
src/issuer/SsiCredentialIssuer.Service/Controllers/IssuerController.cs Show resolved Hide resolved
@Phil91
Copy link
Member Author

Phil91 commented Mar 20, 2024

in addition to the other findings I don't think it's a good idea to exclude major parts of the code by using [ExcludeFromCodeCoverage]. If reported coverage is low than this is what it is.

I removed the [ExceludeFromCodeCoverage] attributes

evegufy
evegufy requested changes Mar 20, 2024
View reviewed changes
Copy link
Contributor

@evegufy evegufy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested again on local and after ba75b66 everything worked fine 👍

charts/ssi-credential-issuer/values.yaml Outdated Show resolved Hide resolved
@Phil91 Phil91 requested a review from evegufy March 21, 2024 10:25
evegufy
evegufy previously approved these changes Mar 21, 2024
View reviewed changes
Copy link
Contributor

@evegufy evegufy left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still added two small changes 5bd8959 3f18571

ntruchsess
ntruchsess requested changes Mar 21, 2024
View reviewed changes
src/issuer/SsiCredentialIssuer.Service/BusinessLogic/IssuerBusinessLogic.cs Outdated
private async Task<string> GetHolderInformation(string didDocumentLocation, CancellationToken cancellationToken)
{
var client = _clientFactory.CreateClient("didDocumentDownload");
var result = await client.GetAsync(HttpUtility.HtmlEncode(didDocumentLocation), cancellationToken)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

HtmlEncode does translate special characters to their html-representation. E.g. & instead of &. This is not suitable for Urls

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

adjusted the validation of the url

@Phil91 Phil91 requested a review from ntruchsess March 22, 2024 07:36
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Mar 22, 2024

Quality Gate Passed Quality Gate passed

Issues
4 New issues
4 Accepted issues

Measures
0 Security Hotspots
85.3% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@Phil91 Phil91 merged commit 609567a into dev Mar 25, 2024
11 checks passed
@Phil91 Phil91 deleted the feat/2-issuer-component branch March 25, 2024 08:35
This was referenced Mar 25, 2024
Merged
Merged
Phil91 added a commit that referenced this pull request Apr 8, 2024
@Phil91 @evegufy @ntruchsess
feat: add issuer component (#18)
9e31581 
* feat: add issuer component
* build: add helm chart for issuer component
* feat(notification): adjust notification endpoint
* fix(build): enable build of docker images (#21)
* feat: add callback process step
* chore: enable helm chart (#22)
* fix: remove lint issue
* fix: solve templating issues
* chore: change setup of cronjobs: remove hooks
* chore: change name setup of job resources
* chore: add line breaks
* chore: move placeholder value into resources
* chore: change to unique templates for db subchart
* chore: change secret setup
* chore: move passwords from db dependency to according section
* chore: remove upgrade env file
* chore: change centralidp setup
* chore: rearrange health checks
* chore: rearrange values file
* chore: change ingress to trg-5.04
* chore: fix container name and namespace
* chore: change image tag retrieval
* chore: change version
* chore(db-dependency): change image tag to get latest minor updates
* chore: set resource limits
* chore: update readme files
* chore: change credentialexpiry to camelcase
* chore: fix helm chart, improve workflows and docs (#23)
* chore(helm-test): fix image name and tag override at upgrade
* chore: fix owasp scan
* chore(helm-test and owasp): change set command
* chore: re-arrange values file
* chore(pre-checks): run only on changes to src/**
* docs(CONTRIBUTING.md): update to contribution details
* chore: fix db dependency secret name in cronjobs
* chore(dependencies-check): align file naming and docs
* chore: remove white space

---------

Refs: #2 #3 #4 #5 #6 #7 #8 #9 #13 #21 #22 #23
Reviewed-by: Evelyn Gurschler <evelyn.gurschler@bmw.de>
Reviewed-by: Norbert Truchsess <norbert.truchsess@t-online.de>
Co-authored-by: Evelyn Gurschler <evelyn.gurschler@bmw.de>
Co-authored-by: Norbert Truchsess <norbert.truchsess@t-online.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ntruchsess ntruchsess ntruchsess approved these changes

@evegufy evegufy evegufy approved these changes

Assignees
No one assigned
Labels
priority PR needs to prioritized at review
Projects
None yet
Milestone
Release 1.0.0 (24.05)
Development

Successfully merging this pull request may close these issues.
4 participants
@Phil91 @evegufy @ntruchsess @jjeroch