Skip to content
forked from mosip/esignet

Open ID based e-Signet service for large scale verification & authentication.

License

Notifications You must be signed in to change notification settings

iiitb-pilot/esignet

 
 

Repository files navigation

Maven Package upon a push Quality Gate Status

e-Signet Project

Overview

This repository contains the implementation of Authorization Code flow of OAuth 2.0. Supports all the mandatory features of OIDC (Open ID Connect) specification.

e-Signet repository contains following:

  1. esignet-core - Library containing all the common interfaces, DTOs and utils that is used as dependency in the other esignet module libraries and services
  2. esignet-service - Deployable API service containing all the OIDC and UI controllers.
  3. esignet-integration-api - Library containing all the integration interfaces.
  4. client-management-service-impl - Client management implementations classes.
  5. oidc-service-impl - Oauth and OIDC implementation classes.
  6. binding-service-impl - key and individualId binding service implementation classes.
  7. consent-service-impl - Service to manage user consent per client.
  8. vci-service-impl - Credential issuance service implementation classes.
  9. db_scripts - Contains all the db scripts required to setup or upgrade the DB for esignet module.

Databases

Refer to SQL scripts.

Build & run (for developers)

The project requires JDK 11.

  1. Build and install:
    $ mvn clean install -Dgpg.skip=true
    
  2. Build Docker for a service:
    $ docker build -f Dockerfile
    

Installing in k8s cluster using helm

Pre-requisites

  1. Set the kube config file of the Mosip cluster having dependent services is set correctly in PC.
  2. Make sure DB setup is done.
  3. Add / merge below mentioned properties files into existing config branch:
  4. Below are the dependent services required for esignet service integrated with MOSIP IDA:
    Chart Chart version
    Keycloak 7.1.18
    Keycloak-init 12.0.1-B3
    Postgres 10.16.2
    Postgres Init 12.0.1-B3
    Minio 10.1.6
    Kafka 0.4.2
    Config-server 12.0.1-B3
    Websub 12.0.1-B2
    Artifactory server 12.0.1-B3
    Keymanager service 12.0.1-B2
    Kernel services 12.0.1-B2
    Biosdk service 12.0.1-B3
    Idrepo services 12.0.1-B2
    Pms services 12.0.1-B3
    IDA services 12.0.1-B3

Install

  • Install kubectl and helm utilities.
  • Run install-all.sh to deploy esignet services.
    cd helm
    ./install-all.sh
    
  • During the execution of the install-all.sh script, a prompt appears requesting information regarding the presence of a public domain and a valid SSL certificate on the server.
  • If the server lacks a public domain and a valid SSL certificate, it is advisable to select the n option. Opting it will enable the init-container with an emptyDir volume and include it in the deployment process.
  • The init-container will proceed to download the server's self-signed SSL certificate and mount it to the specified location within the container's Java keystore (i.e., cacerts) file.
  • This particular functionality caters to scenarios where the script needs to be employed on a server utilizing self-signed SSL certificates.

Delete

  • Run delete-all.sh to remove esignet services.
    cd helm
    ./delete-all.sh
    

Restart

  • Run restart-all.sh to restart esignet services.
    cd helm
    ./restart-all.sh
    

Onboard esignet

  • Run onboarder's install.sh script to exchange jwk certificates.

APIs

API documentation is available here.

License

This project is licensed under the terms of Mozilla Public License 2.0.

About

Open ID based e-Signet service for large scale verification & authentication.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Java 84.1%
  • JavaScript 11.6%
  • Shell 3.2%
  • Dockerfile 0.6%
  • Smarty 0.3%
  • HTML 0.1%
  • Other 0.1%