diff --git a/charts/vc-authn-oidc/README.md b/charts/vc-authn-oidc/README.md index d5ece3dc..5febe64e 100644 --- a/charts/vc-authn-oidc/README.md +++ b/charts/vc-authn-oidc/README.md @@ -93,10 +93,11 @@ kubectl delete secret,pvc --selector "app.kubernetes.io/instance"=my-release | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------- | | `acapyTenancyMode` | Agent tenancy mode, either `single` or `multi` | `single` | | `setNonRevoked` | if True, the `non_revoked` attributed will be added to each of the present-proof request `requested_attribute` and `requested_predicate` with 'from=0' and'to=`int(time.time())` | `true` | +| `invitationLabel` | For the invitations sent that include the proof, what to add as the my_label field. Can be used to identify the requester to the prover | `"VC-AuthN"` | | `useOobPresentProof` | if True, the present-proof request will be provided as a an [out of band](https://github.com/hyperledger/aries-rfcs/tree/main/features/0434-outofband) invitation with a [present-proof](https://github.com/hyperledger/aries-rfcs/tree/main/features/0037-present-proof) request inside. If False, the present-proof request will be use the [service-decorator](https://github.com/hyperledger/aries-rfcs/tree/main/features/0056-service-decorator) | `false` | | `useOobLocalDIDService` | | `false` | | `useUrlDeepLink` | if True, will use the new encoded URL (`didcomm://?_url={redirect URL}`) redirect form of the deep link | `false` | -| `walletDeepLinkPrefix` | Custom URI scheme and host to use for deep links (`{walletDeepLinkPrefix}?c_i={connection payload`) | `bcwallet://aries_proof-request` | +| `walletDeepLinkPrefix` | Custom URI scheme and host to use for deep links (`{walletDeepLinkPrefix}?c_i={connection payload`) | `"bcwallet://aries_proof-request"` | | `controllerCameraRedirectUrl` | The redirect url can be a web link or the name of a template | `wallet_howto` | | `controllerPresentationExpireTime` | The number of time in seconds a proof request will be valid for | `300` | | `useHTTPS` | Prepend Agent and Admin URLs with `https` | `true` | diff --git a/charts/vc-authn-oidc/templates/deployment.yaml b/charts/vc-authn-oidc/templates/deployment.yaml index 400749b1..8e75c70f 100644 --- a/charts/vc-authn-oidc/templates/deployment.yaml +++ b/charts/vc-authn-oidc/templates/deployment.yaml @@ -71,6 +71,8 @@ spec: value: {{ include "acapy.agent.url" . }} - name: ACAPY_ADMIN_URL value: {{ include "acapy.internal.admin.url" . }} + - name: INVITATION_LABEL + value: {{ .Values.invitationLabel | quote }} - name: USE_OOB_PRESENT_PROOF value: {{ .Values.useOobPresentProof | quote }} - name: USE_URL_DEEP_LINK diff --git a/charts/vc-authn-oidc/values.yaml b/charts/vc-authn-oidc/values.yaml index 005d3548..566ae42e 100644 --- a/charts/vc-authn-oidc/values.yaml +++ b/charts/vc-authn-oidc/values.yaml @@ -26,6 +26,8 @@ ingressSuffix: .apps.silver.devops.gov.bc.ca acapyTenancyMode: single ## @param setNonRevoked if True, the `non_revoked` attributed will be added to each of the present-proof request `requested_attribute` and `requested_predicate` with 'from=0' and'to=`int(time.time())` setNonRevoked: true +## @param invitationLabel For the invitations sent that include the proof, what to add as the my_label field. Can be used to identify the requester to the prover +invitationLabel: VC-AuthN ## @param useOobPresentProof if True, the present-proof request will be provided as a an [out of band](https://github.com/hyperledger/aries-rfcs/tree/main/features/0434-outofband) invitation with a [present-proof](https://github.com/hyperledger/aries-rfcs/tree/main/features/0037-present-proof) request inside. If False, the present-proof request will be use the [service-decorator](https://github.com/hyperledger/aries-rfcs/tree/main/features/0056-service-decorator) useOobPresentProof: false ## @param useOobLocalDIDService diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index 4c4c8421..9d46c83f 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -38,6 +38,7 @@ services: - USE_OOB_LOCAL_DID_SERVICE=${USE_OOB_LOCAL_DID_SERVICE} - USE_URL_DEEP_LINK=${USE_URL_DEEP_LINK} - WALLET_DEEP_LINK_PREFIX=${WALLET_DEEP_LINK_PREFIX} + - INVITATION_LABEL=${INVITATION_LABEL} ports: - ${CONTROLLER_SERVICE_PORT}:5000 - 5678:5678 diff --git a/docker/manage b/docker/manage index d05b3ae3..418f0341 100755 --- a/docker/manage +++ b/docker/manage @@ -180,6 +180,7 @@ configureEnvironment() { export CONTROLLER_SESSION_TIMEOUT_CONFIG_FILE="/tmp/sessiontimeout.json" #controller app settings + export INVITATION_LABEL=${INVITATION_LABEL:-"VC-AuthN"} export SET_NON_REVOKED="True" export USE_OOB_PRESENT_PROOF=${USE_OOB_PRESENT_PROOF:-"true"} export USE_OOB_LOCAL_DID_SERVICE=${USE_OOB_LOCAL_DID_SERVICE:-"true"} diff --git a/oidc-controller/api/core/acapy/client.py b/oidc-controller/api/core/acapy/client.py index 42fa0a3c..2c651dda 100644 --- a/oidc-controller/api/core/acapy/client.py +++ b/oidc-controller/api/core/acapy/client.py @@ -124,6 +124,7 @@ def oob_create_invitation( } ], "use_public_did": use_public_did, + "my_label": settings.INVITATION_LABEL, } resp_raw = requests.post( diff --git a/oidc-controller/api/core/config.py b/oidc-controller/api/core/config.py index 47098726..feddc440 100644 --- a/oidc-controller/api/core/config.py +++ b/oidc-controller/api/core/config.py @@ -214,6 +214,7 @@ class GlobalConfig(BaseSettings): OIDC_CLIENT_SECRET: str = os.environ.get("OIDC_CLIENT_SECRET", "**********") # OIDC Controller Settings + INVITATION_LABEL: str = os.environ.get("INVITATION_LABEL", "VC-AuthN") CONTROLLER_API_KEY: str = os.environ.get("CONTROLLER_API_KEY", "") USE_OOB_PRESENT_PROOF: bool = strtobool( os.environ.get("USE_OOB_PRESENT_PROOF", False)