diff --git a/config-templates/application-env.properties b/config-templates/application-env.properties index 4cf482fa58e..cf1c76f0b8d 100644 --- a/config-templates/application-env.properties +++ b/config-templates/application-env.properties @@ -15,16 +15,16 @@ mosip.kernel.idobjectvalidator.masterdata.documenttypes.rest.uri=${mosip.base.ur mosip.kernel.idobjectvalidator.masterdata.locations.rest.uri=${mosip.base.url}/v1/masterdata/locations/{langcode} mosip.kernel.idobjectvalidator.masterdata.locationhierarchy.rest.uri=${mosip.base.url}/v1/masterdata/locations/locationhierarchy/{hierarchyname} -mosip.kernel.idobjectvalidator.mandatory-attributes.id-repository.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics +mosip.kernel.idobjectvalidator.mandatory-attributes.id-repository.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber +mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber +mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber +mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber +mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber +mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics +mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,residenceStatus,referenceIdentityNumber,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics # Business Validation for ID Schema attributes - These should not be changed, as it impacts all modules -mosip.id.validation.identity.dateOfBirth=^(19\\d\\d|20\\d\\d)/([0][1-9]|1[0-2])/([0][1-9]|[1-2]\\d|3[01])$ +mosip.id.validation.identity.dateOfBirth=^(1869|18[7-9][0-9]|19\\d\\d|20\\d\\d)/([0][1-9]|1[0-2])/([0][1-9]|[1-2]\\d|3[01])$ mosip.id.validation.identity.phone=^([6-9]{1})([0-9]{9})$ mosip.id.validation.identity.email=^[\\w-\\+]+(\\.[\\w]+)*@[\\w-]+(\\.[\\w]+)*(\\.[a-zA-Z]{2,})$ mosip.id.validation.identity.postalCode=^[(?i)A-Z0-9]{5}$ @@ -36,14 +36,13 @@ mosip.id.validation.identity.addressLine3.[*].value=^(?=.{0,50}$).* mosip.id.validation.identity.region.[*].value=^(?=.{0,50}$).* mosip.id.validation.identity.province.[*].value=^(?=.{0,50}$).* mosip.id.validation.identity.city.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.[*].[*].language=^[(?i)a-z]{3}$ mosip.id.validation.identity.referenceIdentityNumber=^([0-9]{10,30})$ mosip.country.code=MOR # Language Supported By Platform - ISO mosip.supported-languages=eng,ara,fra -mosip.primary-language=fra +mosip.primary-language=eng mosip.secondary-language=ara # Application IDs @@ -55,10 +54,9 @@ mosip.idrepo.app-id=ID_REPO # UTC ISO Date Time Pattern mosip.utc-datetime-pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' - +mosip.sign.header=response-signature mosip.signed.response.header=response-signature - #----------------------- CBEFF Util-------------------------------------------------- # Cbeff URL where the files will be stored in git, change it accordingly in case of change of storage location. mosip.kernel.xsdstorage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ @@ -80,7 +78,7 @@ mosip.kernel.tspid.length=4 mosip.kernel.partnerid.length=4 #-----------------------------TOKEN-ID Properties--------------------------------- -#lenght of the token id +#length of the token id mosip.kernel.tokenid.length=36 #-----------------------------Registration Center Id ----------------------------------------------- @@ -105,7 +103,6 @@ mosip.kernel.rid.sequence-length=5 mosip.kernel.tokenid.sequence-limit=3 #-----------------------------PRID Properties------------------------------------ - #prid-length mosip.kernel.prid.length=14 @@ -200,35 +197,43 @@ mosip.kernel.uin.length.conjugative-even-digits-limit=3 - -#----------------------- SMS Service-------------------------------------- -mosip.kernel.sms.country.code=91 -mosip.kernel.sms.number.length=10 - - #------------------------Auth-Adapter----------------------------------------------- auth.server.validate.url=${mosip.base.url}/v1/authmanager/authorize/validateToken - #----------------------- Crypto -------------------------------------------------- -# Crypto asymmetric algorithm name -mosip.kernel.crypto.asymmetric-algorithm-name=RSA +#Crypto asymmetric algorithm name +mosip.kernel.crypto.asymmetric-algorithm-name=RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING #Crypto symmetric algorithm name -mosip.kernel.crypto.symmetric-algorithm-name=AES +mosip.kernel.crypto.symmetric-algorithm-name=AES/GCM/PKCS5Padding +#Keygenerator asymmetric algorithm name +mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA +#Keygenerator symmetric algorithm name +mosip.kernel.keygenerator.symmetric-algorithm-name=AES #Asymmetric algorithm key length -mosip.kernel.keygenerator.asymmetric-algorithm-length=2048 +mosip.kernel.keygenerator.asymmetric-key-length=2048 #Symmetric algorithm key length -mosip.kernel.keygenerator.symmetric-algorithm-length=256 +mosip.kernel.keygenerator.symmetric-key-length=256 #Keygenerator symmetric algorithm name mosip.kernel.keygenerator.symmetric-algorithm-name=AES # keygenerator asymmetric algorithm name mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA #Encrypted data and encrypted symmetric key separator mosip.kernel.data-key-splitter=#KEY_SPLITTER# +#GCM tag length +mosip.kernel.crypto.gcm-tag-length=128 +#Hash algo name +mosip.kernel.crypto.hash-algorithm-name=PBKDF2WithHmacSHA512 +#Symmtric key length used in hash +mosip.kernel.crypto.hash-symmetric-key-length=256 +#No of iterations in hash +mosip.kernel.crypto.hash-iteration=100000 +#Sign algo name +mosip.kernel.crypto.sign-algorithm-name=SHA512withRSA mosip.kernel.keymanager-service-publickey-url=${mosip.base.url}/v1/keymanager/publickey/{applicationId} mosip.kernel.keymanager-service-decrypt-url=${mosip.base.url}/v1/keymanager/decrypt +mosip.kernel.keymanager-service-auth-decrypt-url=${mosip.base.url}/v1/keymanager/auth/decrypt mosip.kernel.keymanager-service-sign-url=${mosip.base.url}/v1/keymanager/sign mosip.sign.applicationid=KERNEL mosip.sign.refid=SIGN @@ -302,11 +307,12 @@ mosip.kernel.fsadapter.hdfs.keytab-file=classpath:mosip.keytab -#---------------Transliteration----------------------- +#------------------------Transliteration----------------------------------------------- mosip.kernel.transliteration.arabic-language-code=ara mosip.kernel.transliteration.franch-language-code=fra + #-------Registration processor Notification types------------ mosip.registration.processor.notification.types=SMS|EMAIL @@ -327,25 +333,21 @@ mosip.notificationtype=SMS|EMAIL mosip.notification.language-type=BOTH -#-------------------System--------------- -server.use-forward-headers=false - #-------------------System--------------- logging.level.org.springframework.web.filter.CommonsRequestLoggingFilter=INFO #-------------------Admin--------------- mosip.min-digit-longitude-latitude=4 mosip.kernel.filtervalue.max_columns=20 -#------------------PDF Genration----------------------------------------- -mosip.kernel.pdf_owner_password={{ pdf_owner_password }} -#-------UIN Alias------------------- -mosip.uin.alias= -#---------------------------------kernel Salt Generator---------------------------------------------------# -mosip.kernel.salt-generator.chunk-size=10 -mosip.kernel.salt-generator.start-sequence=0 -mosip.kernel.salt-generator.end-sequence=999 -#----------------------------------------------------------------------------------------------------------# +auth.server.admin.validate.url=${mosip.base.url}/v1/authmanager/authorize/admin/validateToken + +#-------------------Encryption and Decryption--------------------------- +#mosip.kernel.encrypt.url=${mosip.base.url}/v1/keymanager/encrypt +#mosip.kernel.decrypt.url=${mosip.base.url}/v1/keymanager/decrypt + +#------------------PDF Genration----------------------------------------- +mosip.kernel.pdf_owner_password={cipher}AQBkvnngPL3QvaZGQd5T9sAAt2jpAeS9UgWvDOypDV4C9E8iZ3gS7R0zTiSUWg2o44PYyrkhUinXu/1iIxuSyPeZpd7wveULzMOhmyXmVmcEoaGa/nDEGbKsQ6Rm6b1UvACPYcAbYScWK8ps79GgsKBXVUrUIuH9O4US13mHJL5cT0Ms5d/VqKQnNpu2NccsmT4rFZMqFmDoUiBATsjOPXDxA8z+wIUuiae1nxh6pU/EZIEOz5GBXi0mOjdRPL3+DHguwYlbEwMxpq9NiQIw5LcUnH9BOY/FlxSZuskYI/OJkbOw0jbG3eYNXJLVIFWdXKM+Kxh1+zVgOyyaO9TJcxLEssO8yEaSRBOTaghnkSp6hHmjaxgmW/VfVKsUP2bDYHw= #------------------Quality Check----------------------------------------- #Quality threshold for applicant iris mosip.iris_threshold=0 @@ -361,3 +363,12 @@ mosip.facequalitythreshold=0 mosip.fingerprint.provider=io.mosip.kernel.bioapi.impl.BioApiImpl mosip.face.provider=io.mosip.kernel.bioapi.impl.BioApiImpl mosip.iris.provider=io.mosip.kernel.bioapi.impl.BioApiImpl + +#-------UIN Alias------------------- +mosip.uin.alias= + +#---------------------------------kernel Salt Generator---------------------------------------------------# +mosip.kernel.salt-generator.chunk-size=10 +mosip.kernel.salt-generator.start-sequence=0 +mosip.kernel.salt-generator.end-sequence=999 +#----------------------------------------------------------------------------------------------------------# \ No newline at end of file diff --git a/config-templates/kernel-env.properties b/config-templates/kernel-env.properties index 7deb9a77385..fed5e8ec8bb 100644 --- a/config-templates/kernel-env.properties +++ b/config-templates/kernel-env.properties @@ -13,8 +13,7 @@ mosip.kernel.syncdata.syncdata-version-id=v1.0 mosip.kernel.syncdata.registration-center-config-file=registration-${spring.profiles.active}.properties # Name of the file that is present in the config server which has global config. mosip.kernel.syncdata.global-config-file=application-${spring.profiles.active}.properties - - +mosip.kernel.syncdata.syncjob-base-url=http://kernel-syncjob-service:8099/v1/syncjob/syncjobdef #------------------------------------sms notification service------------------------------- @@ -84,7 +83,6 @@ mosip.kernel.keymanager.softhsm.certificate.organization={{ application_name }} #Certificate country mosip.kernel.keymanager.softhsm.certificate.country=IN - #--------------------Audit Manager------------------------------------------------ mosip.kernel.auditmanager-service-logs-location=logs/audit.log @@ -107,16 +105,17 @@ idrepo.api.getuindetails=http://id-repository-identity-service:8090/idrepository datastores=ldap_1_DS,db_1_DS,db_2_DS -admin_datasource=ldap_1_DS -preregistration_datasource=db_1_DS +authserver_datasource=ldap_1_DS +ida_datasource=ldap_1_DS registrationclient_datasource=ldap_1_DS registrationprocessor_datasource=ldap_1_DS -ida_datasource=ldap_1_DS -authserver_datasource=ldap_1_DS +preregistration_datasource=db_1_DS +admin_datasource=ldap_1_DS +residentservices_datasource=ldap_1_DS mosip.kernel.registrationclient.app.id=registrationclient mosip.kernel.registrationclient.client.id=registration_client_app -mosip.kernel.registrationclient.secret.key= +mosip.kernel.registrationclient.secret.key=registration_client_app # to be changed by the user, temporarily using mosip dev password for testing purpose **** must be replaced with templates later ***** mosip.kernel.auth.app.id=authserver @@ -145,11 +144,8 @@ mosip.kernel.tokenid.uin.salt=zHuDEAbmbxiUbUShgy6pwUhKh9DE0EZn9kQDKPPKbWscGajMwf mosip.kernel.tokenid.partnercode.salt=yS8w5Wb6vhIKdf1msi4LYTJks7mqkbmITk2O63Iq8h0bkRlD0d - #------------------------DataBase Properties----------------------------------------- javax.persistence.jdbc.driver=org.postgresql.Driver - - hibernate.dialect=org.hibernate.dialect.PostgreSQL95Dialect hibernate.jdbc.lob.non_contextual_creation=true hibernate.hbm2ddl.auto=none @@ -165,8 +161,11 @@ spring.datasource.initialization-mode=always logging.level.org.hibernate.SQL=ERROR logging.level.org.hibernate.type=ERROR - #Kernel admin service +admin_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel +admin_database_username=kerneluser +admin_database_password={{ adminuser_password }} + syncjob_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel syncjob_database_username=kerneluser syncjob_database_password={{ kerneluser_password }} @@ -184,6 +183,7 @@ masterdata_database_password={{ masteruser_password }} #Database mappings uin +uin.swagger.base-url={{ uin swagger dns name }} uin_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel uin_database_username=kerneluser uin_database_password={{ kerneluser_password }} @@ -211,8 +211,8 @@ licensekeymanager_database_username=masteruser licensekeymanager_database_password={{ masteruser_password }} #Database mappings rid generator -ridgenerator_database_username = regprcuser -ridgenerator_database_url = jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_regprc +ridgenerator_database_username =regprcuser +ridgenerator_database_url =jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_regprc ridgenerator_database_password ={{ regprcuser_password }} @@ -223,6 +223,7 @@ iam.datasource.password={{ iamuser_password }} iam.datasource.driverClassName=org.postgresql.Driver spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true +#---------Ldap------------ ldap_1_DS.datastore.ipaddress=< ldap-ipaddress > ldap_1_DS.datastore.port=< ldap-port > @@ -238,5 +239,28 @@ db_2_DS.datastore.password={{ iamuser_password }} db_2_DS.datastore.driverClassName=org.postgresql.Driver db_2_DS.datastore.schema=GOVT_OFFICERS +#-------------------------------------------------------------------------------------------------# + +#------------------------KeyCloak Config changes--------------------------- + +mosip.keycloak.authorization_endpoint={{ keyclock endpoint }} +mosip.keycloak.token_endpoint={{ keyclock token endpoint }} +mosip.admin.login_flow.name=authorization_code +mosip.admin.login_flow.response_type=code +mosip.admin.login_flow.scope=cls +mosip.admin.clientid=mosip-local +mosip.admin.clientsecret={{ keyclock client secret }} +mosip.admin.redirecturi={{ authmanager dns }}/v1/authmanager/login-redirect/ +mosip.admin_realm_id=mosip +auth.server.admin.validate.url={{ authmanager dns }}/v1/authmanager/authorize/admin/validateToken + +keycloak.realm=registration-client +keycloak.resource=account +keycloak.auth-server-url={{ keyclock server url }} +keycloak.ssl-required=none +keycloak.public-client=true +keycloak.use-resource-role-mappings=true +keycloak.verify-token-audience=true +mosip.kernel.open-id-uri={{ keyclock open id uri }} #-------------------------------------------------------------------------------------------------#