Added new config for kernel

mosip · Oct 24, 2019 · a04edb8 · a04edb8
1 parent 6eff76c
commit a04edb8
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 53 deletions.
diff --git a/config-templates/application-env.properties b/config-templates/application-env.properties
@@ -15,16 +15,16 @@ mosip.kernel.idobjectvalidator.masterdata.documenttypes.rest.uri=${mosip.base.ur
 mosip.kernel.idobjectvalidator.masterdata.locations.rest.uri=${mosip.base.url}/v1/masterdata/locations/{langcode}
 mosip.kernel.idobjectvalidator.masterdata.locationhierarchy.rest.uri=${mosip.base.url}/v1/masterdata/locations/locationhierarchy/{hierarchyname}
 
-mosip.kernel.idobjectvalidator.mandatory-attributes.id-repository.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus
-mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus
-mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus
-mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus
-mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus
-mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics
-mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics
+mosip.kernel.idobjectvalidator.mandatory-attributes.id-repository.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber
+mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber
+mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber
+mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber
+mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber
+mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics
+mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics
 
 # Business Validation for ID Schema attributes - These should not be changed, as it impacts all modules
-mosip.id.validation.identity.dateOfBirth=^(19\\d\\d|20\\d\\d)/([0][1-9]|1[0-2])/([0][1-9]|[1-2]\\d|3[01])$
+mosip.id.validation.identity.dateOfBirth=^(1869|18[7-9][0-9]|19\\d\\d|20\\d\\d)/([0][1-9]|1[0-2])/([0][1-9]|[1-2]\\d|3[01])$
 mosip.id.validation.identity.phone=^([6-9]{1})([0-9]{9})$
 mosip.id.validation.identity.email=^[\\w-\\+]+(\\.[\\w]+)*@[\\w-]+(\\.[\\w]+)*(\\.[a-zA-Z]{2,})$
 mosip.id.validation.identity.postalCode=^[(?i)A-Z0-9]{5}$
@@ -36,14 +36,13 @@ mosip.id.validation.identity.addressLine3.[*].value=^(?=.{0,50}$).*
 mosip.id.validation.identity.region.[*].value=^(?=.{0,50}$).*
 mosip.id.validation.identity.province.[*].value=^(?=.{0,50}$).*
 mosip.id.validation.identity.city.[*].value=^(?=.{0,50}$).*
-mosip.id.validation.identity.[*].[*].language=^[(?i)a-z]{3}$
 mosip.id.validation.identity.referenceIdentityNumber=^([0-9]{10,30})$
 mosip.country.code=MOR
 
 # Language Supported By Platform - ISO 
 mosip.supported-languages=eng,ara,fra
 
-mosip.primary-language=fra
+mosip.primary-language=eng
 mosip.secondary-language=ara
 
 # Application IDs
@@ -55,10 +54,9 @@ mosip.idrepo.app-id=ID_REPO
 
 # UTC ISO Date Time Pattern
 mosip.utc-datetime-pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
-
+mosip.sign.header=response-signature
 mosip.signed.response.header=response-signature
 
-
 #----------------------- CBEFF Util--------------------------------------------------
 # Cbeff URL where the files will be stored in git, change it accordingly in case of change of storage location.
 mosip.kernel.xsdstorage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/
@@ -80,7 +78,7 @@ mosip.kernel.tspid.length=4
 mosip.kernel.partnerid.length=4
 
 #-----------------------------TOKEN-ID Properties---------------------------------
-#lenght of the token id
+#length of the token id
 mosip.kernel.tokenid.length=36
 
 #-----------------------------Registration Center Id -----------------------------------------------
@@ -105,7 +103,6 @@ mosip.kernel.rid.sequence-length=5
 mosip.kernel.tokenid.sequence-limit=3
 
 #-----------------------------PRID Properties------------------------------------
-
 #prid-length
 mosip.kernel.prid.length=14
 
@@ -200,35 +197,43 @@ mosip.kernel.uin.length.conjugative-even-digits-limit=3
 
 
 
-
-#----------------------- SMS Service--------------------------------------
-mosip.kernel.sms.country.code=91
-mosip.kernel.sms.number.length=10
-
-
 #------------------------Auth-Adapter-----------------------------------------------
 auth.server.validate.url=${mosip.base.url}/v1/authmanager/authorize/validateToken
 
 
-
 #----------------------- Crypto --------------------------------------------------
-# Crypto asymmetric algorithm name
-mosip.kernel.crypto.asymmetric-algorithm-name=RSA
+#Crypto asymmetric algorithm name
+mosip.kernel.crypto.asymmetric-algorithm-name=RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
 #Crypto symmetric algorithm name
-mosip.kernel.crypto.symmetric-algorithm-name=AES
+mosip.kernel.crypto.symmetric-algorithm-name=AES/GCM/PKCS5Padding
+#Keygenerator asymmetric algorithm name
+mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA
+#Keygenerator symmetric algorithm name
+mosip.kernel.keygenerator.symmetric-algorithm-name=AES
 #Asymmetric algorithm key length
-mosip.kernel.keygenerator.asymmetric-algorithm-length=2048
+mosip.kernel.keygenerator.asymmetric-key-length=2048
 #Symmetric algorithm key length
-mosip.kernel.keygenerator.symmetric-algorithm-length=256
+mosip.kernel.keygenerator.symmetric-key-length=256
 #Keygenerator symmetric algorithm name
 mosip.kernel.keygenerator.symmetric-algorithm-name=AES
 # keygenerator asymmetric algorithm name
 mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA
 #Encrypted data and encrypted symmetric key separator
 mosip.kernel.data-key-splitter=#KEY_SPLITTER#
+#GCM tag length
+mosip.kernel.crypto.gcm-tag-length=128
+#Hash algo name
+mosip.kernel.crypto.hash-algorithm-name=PBKDF2WithHmacSHA512
+#Symmtric key length used in hash
+mosip.kernel.crypto.hash-symmetric-key-length=256
+#No of iterations in hash
+mosip.kernel.crypto.hash-iteration=100000
+#Sign algo name
+mosip.kernel.crypto.sign-algorithm-name=SHA512withRSA
 
 mosip.kernel.keymanager-service-publickey-url=${mosip.base.url}/v1/keymanager/publickey/{applicationId}
 mosip.kernel.keymanager-service-decrypt-url=${mosip.base.url}/v1/keymanager/decrypt
+mosip.kernel.keymanager-service-auth-decrypt-url=${mosip.base.url}/v1/keymanager/auth/decrypt
 mosip.kernel.keymanager-service-sign-url=${mosip.base.url}/v1/keymanager/sign
 mosip.sign.applicationid=KERNEL
 mosip.sign.refid=SIGN
@@ -302,11 +307,12 @@ mosip.kernel.fsadapter.hdfs.keytab-file=classpath:mosip.keytab
 
 
 
-#---------------Transliteration-----------------------
+#------------------------Transliteration-----------------------------------------------
 mosip.kernel.transliteration.arabic-language-code=ara
 mosip.kernel.transliteration.franch-language-code=fra
 
 
+
 #-------Registration processor Notification types------------
 mosip.registration.processor.notification.types=SMS|EMAIL
 
@@ -327,25 +333,21 @@ mosip.notificationtype=SMS|EMAIL
 mosip.notification.language-type=BOTH
 
 
-#-------------------System---------------
-server.use-forward-headers=false
-
 #-------------------System---------------
 logging.level.org.springframework.web.filter.CommonsRequestLoggingFilter=INFO
 
 #-------------------Admin---------------
 mosip.min-digit-longitude-latitude=4
 mosip.kernel.filtervalue.max_columns=20
-#------------------PDF Genration-----------------------------------------
-mosip.kernel.pdf_owner_password={{ pdf_owner_password }}
-#-------UIN Alias-------------------
-mosip.uin.alias=
 
-#---------------------------------kernel Salt Generator---------------------------------------------------#
-mosip.kernel.salt-generator.chunk-size=10
-mosip.kernel.salt-generator.start-sequence=0
-mosip.kernel.salt-generator.end-sequence=999
-#----------------------------------------------------------------------------------------------------------#
+auth.server.admin.validate.url=${mosip.base.url}/v1/authmanager/authorize/admin/validateToken
+
+#-------------------Encryption and Decryption---------------------------
+#mosip.kernel.encrypt.url=${mosip.base.url}/v1/keymanager/encrypt
+#mosip.kernel.decrypt.url=${mosip.base.url}/v1/keymanager/decrypt
+
+#------------------PDF Genration-----------------------------------------
+mosip.kernel.pdf_owner_password={cipher}AQBkvnngPL3QvaZGQd5T9sAAt2jpAeS9UgWvDOypDV4C9E8iZ3gS7R0zTiSUWg2o44PYyrkhUinXu/1iIxuSyPeZpd7wveULzMOhmyXmVmcEoaGa/nDEGbKsQ6Rm6b1UvACPYcAbYScWK8ps79GgsKBXVUrUIuH9O4US13mHJL5cT0Ms5d/VqKQnNpu2NccsmT4rFZMqFmDoUiBATsjOPXDxA8z+wIUuiae1nxh6pU/EZIEOz5GBXi0mOjdRPL3+DHguwYlbEwMxpq9NiQIw5LcUnH9BOY/FlxSZuskYI/OJkbOw0jbG3eYNXJLVIFWdXKM+Kxh1+zVgOyyaO9TJcxLEssO8yEaSRBOTaghnkSp6hHmjaxgmW/VfVKsUP2bDYHw=
 #------------------Quality Check-----------------------------------------
 #Quality threshold for applicant iris
 mosip.iris_threshold=0
@@ -361,3 +363,12 @@ mosip.facequalitythreshold=0
 mosip.fingerprint.provider=io.mosip.kernel.bioapi.impl.BioApiImpl
 mosip.face.provider=io.mosip.kernel.bioapi.impl.BioApiImpl
 mosip.iris.provider=io.mosip.kernel.bioapi.impl.BioApiImpl
+
+#-------UIN Alias-------------------
+mosip.uin.alias=
+
+#---------------------------------kernel Salt Generator---------------------------------------------------#
+mosip.kernel.salt-generator.chunk-size=10
+mosip.kernel.salt-generator.start-sequence=0
+mosip.kernel.salt-generator.end-sequence=999
+#----------------------------------------------------------------------------------------------------------#
diff --git a/config-templates/kernel-env.properties b/config-templates/kernel-env.properties
@@ -13,8 +13,7 @@ mosip.kernel.syncdata.syncdata-version-id=v1.0
 mosip.kernel.syncdata.registration-center-config-file=registration-${spring.profiles.active}.properties
 # Name of the file that is present in the config server which has global config.
 mosip.kernel.syncdata.global-config-file=application-${spring.profiles.active}.properties
-
-
+mosip.kernel.syncdata.syncjob-base-url=http://kernel-syncjob-service:8099/v1/syncjob/syncjobdef
 
 
 #------------------------------------sms notification service-------------------------------
@@ -84,7 +83,6 @@ mosip.kernel.keymanager.softhsm.certificate.organization={{ application_name }}
 #Certificate country
 mosip.kernel.keymanager.softhsm.certificate.country=IN
 
-
 #--------------------Audit Manager------------------------------------------------
 mosip.kernel.auditmanager-service-logs-location=logs/audit.log
 
@@ -107,16 +105,17 @@ idrepo.api.getuindetails=http://id-repository-identity-service:8090/idrepository
 
 datastores=ldap_1_DS,db_1_DS,db_2_DS
 
-admin_datasource=ldap_1_DS
-preregistration_datasource=db_1_DS
+authserver_datasource=ldap_1_DS
+ida_datasource=ldap_1_DS
 registrationclient_datasource=ldap_1_DS
 registrationprocessor_datasource=ldap_1_DS
-ida_datasource=ldap_1_DS
-authserver_datasource=ldap_1_DS
+preregistration_datasource=db_1_DS
+admin_datasource=ldap_1_DS
+residentservices_datasource=ldap_1_DS
 
 mosip.kernel.registrationclient.app.id=registrationclient
 mosip.kernel.registrationclient.client.id=registration_client_app
-mosip.kernel.registrationclient.secret.key=<REGISTRATION_SECRET_KEY>
+mosip.kernel.registrationclient.secret.key=registration_client_app
 
 # to be changed by the user, temporarily using mosip dev password for testing purpose **** must be replaced with templates later *****
 mosip.kernel.auth.app.id=authserver
@@ -145,11 +144,8 @@ mosip.kernel.tokenid.uin.salt=zHuDEAbmbxiUbUShgy6pwUhKh9DE0EZn9kQDKPPKbWscGajMwf
 mosip.kernel.tokenid.partnercode.salt=yS8w5Wb6vhIKdf1msi4LYTJks7mqkbmITk2O63Iq8h0bkRlD0d
 
 
-
 #------------------------DataBase Properties-----------------------------------------
 javax.persistence.jdbc.driver=org.postgresql.Driver
-
-
 hibernate.dialect=org.hibernate.dialect.PostgreSQL95Dialect
 hibernate.jdbc.lob.non_contextual_creation=true
 hibernate.hbm2ddl.auto=none
@@ -165,8 +161,11 @@ spring.datasource.initialization-mode=always
 logging.level.org.hibernate.SQL=ERROR
 logging.level.org.hibernate.type=ERROR
 
-
 #Kernel admin service
+admin_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
+admin_database_username=kerneluser
+admin_database_password={{ adminuser_password }}
+
 syncjob_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
 syncjob_database_username=kerneluser
 syncjob_database_password={{ kerneluser_password }}
@@ -184,6 +183,7 @@ masterdata_database_password={{ masteruser_password }}
 
 
 #Database mappings uin
+uin.swagger.base-url={{ uin swagger dns name }}
 uin_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
 uin_database_username=kerneluser
 uin_database_password={{ kerneluser_password }}
@@ -211,8 +211,8 @@ licensekeymanager_database_username=masteruser
 licensekeymanager_database_password={{ masteruser_password }}
 
 #Database mappings rid generator
-ridgenerator_database_username = regprcuser
-ridgenerator_database_url = jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_regprc
+ridgenerator_database_username =regprcuser
+ridgenerator_database_url =jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_regprc
 ridgenerator_database_password ={{ regprcuser_password }}
 
 
@@ -223,6 +223,7 @@ iam.datasource.password={{ iamuser_password }}
 iam.datasource.driverClassName=org.postgresql.Driver
 spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true
 
+#---------Ldap------------
 ldap_1_DS.datastore.ipaddress=< ldap-ipaddress >
 ldap_1_DS.datastore.port=< ldap-port >
 
@@ -238,5 +239,28 @@ db_2_DS.datastore.password={{ iamuser_password }}
 db_2_DS.datastore.driverClassName=org.postgresql.Driver
 db_2_DS.datastore.schema=GOVT_OFFICERS
 
+#-------------------------------------------------------------------------------------------------#
+
+#------------------------KeyCloak Config changes---------------------------
+
+mosip.keycloak.authorization_endpoint={{ keyclock endpoint }}
+mosip.keycloak.token_endpoint={{ keyclock token endpoint }}
+mosip.admin.login_flow.name=authorization_code
+mosip.admin.login_flow.response_type=code
+mosip.admin.login_flow.scope=cls
+mosip.admin.clientid=mosip-local
+mosip.admin.clientsecret={{ keyclock client secret }}
+mosip.admin.redirecturi={{ authmanager dns }}/v1/authmanager/login-redirect/
+mosip.admin_realm_id=mosip
+auth.server.admin.validate.url={{ authmanager dns }}/v1/authmanager/authorize/admin/validateToken
+
+keycloak.realm=registration-client
+keycloak.resource=account
+keycloak.auth-server-url={{ keyclock server url }}
+keycloak.ssl-required=none
+keycloak.public-client=true
+keycloak.use-resource-role-mappings=true
+keycloak.verify-token-audience=true
+mosip.kernel.open-id-uri={{ keyclock open id uri }}
 
 #-------------------------------------------------------------------------------------------------#