chore: added signatory.conf config-map, updated signatory service to …

…load the configured entity
walt-id · May 2, 2023 · d03c81a · d03c81a
1 parent a371521
commit d03c81a
Show file tree

Hide file tree

Showing 7 changed files with 67 additions and 24 deletions.
diff --git a/config/signatory.conf b/config/signatory.conf
@@ -4,5 +4,6 @@ proofConfig {
     proofType="LD_PROOF"
     domain="todo"
     nonce="todo"
+    credentialsEndpoint="http://127.0.0.1:7001/v1/credentials"
 }
 templatesFolder: "vc-templates-runtime"
diff --git a/k8s/deployment-dev.yaml b/k8s/deployment-dev.yaml
@@ -1,3 +1,16 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+    name: signatory-config
+data:
+    signatory.conf: |
+        {
+            "proofConfig": {
+                "proofType": "LD_PROOF",
+                "credentialsEndpoint": "https://signatory.ssikit.walt-test.cloud/v1/credentials"
+            },
+            "templatesFolder": "vc-templates-runtime"
+        }
 ---
 kind: Deployment
 apiVersion: apps/v1
@@ -18,6 +31,11 @@ spec:
       containers:
         - name: ssikit
           image: waltid/ssikit:latest
+          volumeMounts:
+              -   name: signatory-config
+                  mountPath: "/app/config/signatory.conf"
+                  subPath: "signatory.conf"
+                  readOnly: true
           args:
             - serve
             - -b
@@ -33,6 +51,13 @@ spec:
               name: auditor-api
             - containerPort: 7004
               name: essif-api
+      volumes:
+          -   name: signatory-config
+              configMap:
+                  items:
+                      -   key: signatory.conf
+                          path: signatory.conf
+                  name: signatory-config
 ---
 kind: Service
 apiVersion: v1

diff --git a/k8s/deployment-prod.yaml b/k8s/deployment-prod.yaml
@@ -1,3 +1,16 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+    name: signatory-config
+data:
+    signatory.conf: |
+        {
+            "proofConfig": {
+                "proofType": "LD_PROOF",
+                "credentialsEndpoint": "https://signatory.ssikit.walt.id/v1/credentials"
+            },
+            "templatesFolder": "vc-templates-runtime"
+        }
 ---
 kind: Deployment
 apiVersion: apps/v1
@@ -18,6 +31,11 @@ spec:
       containers:
         - name: ssikit
           image: waltid/ssikit:latest
+          volumeMounts:
+              -   name: signatory-config
+                  mountPath: "/app/config/signatory.conf"
+                  subPath: "signatory.conf"
+                  readOnly: true
           args:
             - serve
             - -b
@@ -33,6 +51,13 @@ spec:
               name: auditor-api
             - containerPort: 7004
               name: essif-api
+      volumes:
+          -   name: signatory-config
+              configMap:
+                  items:
+                      -   key: signatory.conf
+                          path: signatory.conf
+                  name: signatory-config
 ---
 kind: Service
 apiVersion: v1

diff --git a/src/main/kotlin/id/walt/common/CommonUtils.kt b/src/main/kotlin/id/walt/common/CommonUtils.kt
@@ -8,7 +8,6 @@ import org.apache.commons.codec.digest.DigestUtils
 import org.bouncycastle.util.encoders.Base32
 import java.io.ByteArrayOutputStream
 import java.io.File
-import java.nio.charset.StandardCharsets
 import java.util.*
 import java.util.zip.*
 import kotlin.reflect.full.memberProperties
@@ -43,19 +42,6 @@ fun resolveContentToFile(fileUrlContent: String, tempPrefix: String = "TEMP", te
     return fileCheck
 }
 
-fun getExternalHostname(): String? {
-    return System.getenv("EXTERNAL_HOSTNAME")
-        ?: System.getenv("HOSTNAMEE") // linux
-        ?: File("/etc/hostname").let { file -> // linux alternative
-            if (file.exists()) {
-                file.readText(StandardCharsets.UTF_8).trim()
-            } else {
-                null
-            }
-        }
-        ?: System.getenv("COMPUTERNAME") // windows
-}
-
 fun compressGzip(data: ByteArray): ByteArray {
     val result = ByteArrayOutputStream()
     GZIPOutputStream(result).use {

diff --git a/src/main/kotlin/id/walt/credentials/w3c/builder/W3CCredentialBuilder.kt b/src/main/kotlin/id/walt/credentials/w3c/builder/W3CCredentialBuilder.kt
@@ -5,12 +5,15 @@ import id.walt.common.createBaseToken
 import id.walt.credentials.w3c.*
 import id.walt.model.credential.status.CredentialStatus
 import id.walt.signatory.ProofConfig
+import id.walt.signatory.Signatory
+import id.walt.signatory.SignatoryConfig
 import id.walt.signatory.revocation.SimpleCredentialStatusFactory
 import id.walt.signatory.revocation.SimpleStatusFactoryParameter
 import id.walt.signatory.revocation.StatusListEntryFactory
 import id.walt.signatory.revocation.StatusListEntryFactoryParameter
 import id.walt.signatory.revocation.statuslist2021.StatusListCredentialStorageService
 import id.walt.signatory.revocation.statuslist2021.StatusListIndexService
+import io.ktor.http.*
 import kotlinx.serialization.json.JsonElement
 import kotlinx.serialization.json.JsonObject
 import kotlinx.serialization.json.jsonArray
@@ -28,22 +31,23 @@ class W3CCredentialBuilderWithCredentialStatus<C : VerifiableCredential, B : Abs
         StatusListCredentialStorageService.getService(),
     )
     private val simpleStatusFactory = SimpleCredentialStatusFactory()
+    private val signatoryConfig = Signatory.getService().configuration as? SignatoryConfig
 
     override fun build(): C = builder.apply {
         getStatusProperty(
             type = proofConfig.statusType!!,
             purpose = proofConfig.statusPurpose,
-            credentialUrl = proofConfig.revocationUrl
+            credentialUrl = proofConfig.credentialsEndpoint ?: signatoryConfig?.proofConfig?.credentialsEndpoint ?: ""
         )?.let { this.setProperty("credentialStatus", it) }
     }.build()
 
     private fun getStatusProperty(type: CredentialStatus.Types, purpose: String, credentialUrl: String) = when (type) {
         CredentialStatus.Types.SimpleCredentialStatus2022 -> simpleStatusFactory.create(SimpleStatusFactoryParameter(
-            id = credentialUrl + "token/${createBaseToken()}",
+            id = URLBuilder().takeFrom(credentialUrl).appendPathSegments("token", createBaseToken()).buildString(),
         )).asMap()
         CredentialStatus.Types.StatusList2021Entry -> statusListEntryFactory.create(StatusListEntryFactoryParameter(
             purpose = purpose,
-            credentialUrl = credentialUrl + "status/$purpose",
+            credentialUrl = URLBuilder().takeFrom(credentialUrl).appendPathSegments("status", purpose).buildString(),
         )).asMap()
     }.takeIf {
         it.isNotEmpty()

diff --git a/src/main/kotlin/id/walt/signatory/Signatory.kt b/src/main/kotlin/id/walt/signatory/Signatory.kt
@@ -1,7 +1,6 @@
 package id.walt.signatory
 
 import com.beust.klaxon.Json
-import id.walt.common.getExternalHostname
 import id.walt.credentials.w3c.VerifiableCredential
 import id.walt.credentials.w3c.W3CIssuer
 import id.walt.credentials.w3c.builder.AbstractW3CCredentialBuilder
@@ -10,8 +9,8 @@ import id.walt.crypto.LdSignatureType
 import id.walt.model.credential.status.CredentialStatus
 import id.walt.servicematrix.ServiceConfiguration
 import id.walt.servicematrix.ServiceProvider
+import id.walt.servicematrix.ServiceRegistry
 import id.walt.services.WaltIdService
-import id.walt.signatory.rest.SignatoryRestAPI
 import mu.KotlinLogging
 import java.time.Instant
 
@@ -47,9 +46,7 @@ data class ProofConfig(
     @Json(serializeNull = false) val ecosystem: Ecosystem = Ecosystem.DEFAULT,
     @Json(serializeNull = false) val statusType: CredentialStatus.Types? = null,
     @Json(serializeNull = false) val statusPurpose: String = "revocation",
-    @Json(serializeNull = false) val revocationUrl: String = "https://${
-        getExternalHostname() ?: "${SignatoryRestAPI.BIND_ADDRESS}:${SignatoryRestAPI.SIGNATORY_API_PORT}"
-    }/v1/credentials/",
+    @Json(serializeNull = false) val credentialsEndpoint: String? = null,
 )
 
 data class SignatoryConfig(
@@ -61,7 +58,9 @@ abstract class Signatory : WaltIdService() {
     override val implementation: Signatory get() = serviceImplementation()
 
     companion object : ServiceProvider {
-        override fun getService() = object : Signatory() {}
+        override fun getService() = ServiceRegistry.getService(Signatory::class)
+        override fun defaultImplementation() = WaltIdSignatory("config/signatory.conf")
+
     }
 
     open fun issue(

diff --git a/src/main/kotlin/id/walt/signatory/WaltIdSignatory.kt b/src/main/kotlin/id/walt/signatory/WaltIdSignatory.kt
@@ -67,7 +67,10 @@ class WaltIdSignatory(configurationPath: String) : Signatory() {
             expirationDate = config.expirationDate,
             dataProviderIdentifier = config.dataProviderIdentifier,
             ldSignatureType = config.ldSignatureType ?: defaultLdSignatureByDidMethod(config.issuerDid),
-            creator = config.creator
+            creator = config.creator,
+            statusPurpose = config.statusPurpose,
+            statusType = config.statusType,
+            credentialsEndpoint = config.credentialsEndpoint
         )
     }