e-Signet Project

Overview

This repository contains the implementation of Authorization Code flow of OAuth 2.0. Supports all the mandatory features of OIDC (Open ID Connect) specification.

e-Signet repository contains following:

1. e-Signet-core - Library containing all the common interfaces, DTOs and utils that is used as dependency in the other esignet module libraries and services
2. e-Signet-service - Deployable API service containing all the OIDC and UI controllers.
3. e-Signet-integration-api - Library containing all the integration interfaces.
4. client-management-service-impl - Client management implementations classes.
5. oidc-service-impl - Oauth and OIDC implementation classes.
6. binding-service-impl - key and individualId binding service implementation classes.
7. db_scripts - Contains all the db scripts required to setup or upgrade the DB for esignet module.

Databases

Refer to SQL scripts.

Build & run (for developers)

The project requires JDK 11.

1. Build and install:

   $ mvn clean install -Dgpg.skip=true
   

2. Build Docker for a service:

   $ docker build -f Dockerfile
   

Installing in k8s cluster using helm

Pre-requisites

1. Set the kube config file of the Mosip cluster having dependent services is set correctly in PC.
2. Make sure DB setup is done.
3. Add / merge below mentioned properties files into existing config branch:
   • esignet-default.properties
   • application-default.properties
4. Below are the dependent services required for esignet service:

   Chart	Chart version
   Keycloak	7.1.18
   Keycloak-init	12.0.1-B3
   Postgres	10.16.2
   Postgres Init	12.0.1-B3
   Minio	10.1.6
   Kafka	0.4.2
   Config-server	12.0.1-B3
   Websub	12.0.1-B2
   Artifactory server	12.0.1-B3
   Keymanager service	12.0.1-B2
   Kernel services	12.0.1-B2
   Biosdk service	12.0.1-B3
   Idrepo services	12.0.1-B2
   Pms services	12.0.1-B3
   IDA services	12.0.1-B3

Install

• Install kubectl and helm utilities.
• Run install-all.sh to deploy esignet services.

  cd helm
  ./install-all.sh
  

Delete

• Run delete-all.sh to remove esignet services.

  cd helm
  ./delete-all.sh
  

Restart

• Run restart-all.sh to restart esignet services.

  cd helm
  ./restart-all.sh
  

Onboard esignet

• Run onboarder's install.sh script .

Configurational steps after onboarding is completed.

• Below mentioned onboarding steps are added after 1.2.0.1-b3
  • Onboarding the default esignet partner
  • Onboarding the default resident-oidc partner

###1. Onboarding the default esignet partner

• After successfull partner onboarder run for esignet , download html reports from onboarder bucket of object store .
• Get licensekey from response body of request create-the-MISP-license-key-for-partner from the report e-signet.html
• Update & commit value of mosip.esignet.misp.license.key parameter with licensekey value from last step in esignet-default.properties .
• Restart esignet pod.

###2.Onboarding the default resident-oidc partner

• After successfull partner onboarder run for resident-oidc , download html reports from onboarder bucket of object store .
• Get clientId from response body of request create-oidc-client from the report resident-oidc.html .
• Update & commit value of mosip.iam.module.clientID parameter with clientId value from last step in resident-default.properties .
• Restart resident pod.

APIs

API documentation is available here.

License

This project is licensed under the terms of Mozilla Public License 2.0.