Skip to content

Commit

Permalink
[CHORE] - update VerificationMethod and .env-example (#3272)
Browse files Browse the repository at this point in the history
* attestation type and use published vocab

* need tupe

* update dcc construction and library to dcc 0.3.10

* update test

* test

* remove/update logging

* ensure query doesn't include regional mines (yet

* make context files configurable.

based on UNTPDCC and BCMinesActPermitCredential versions

* real context extension

* remove type not defined in context files.

update context reference to 0.5.0

* add schema file and config, updated to match 0.1.0 of models package

* nullable but not defaulted.

* same with product

* same for ca

* link to credential, not orgbook identifer.

* real tdw registry, and schema extension

* Define verification method, strip did

stop using sovrin did, just use did:web from tdw server.

* add permit_number, remove name.

* extended class needs extended type

* name is required in model (But not in spec)

remove hardcode from id path

* bc prefix is removed
  • Loading branch information
Jsyro authored Oct 21, 2024
1 parent ad29b1a commit 6875c65
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 16 deletions.
4 changes: 2 additions & 2 deletions services/core-api/.env-example
Original file line number Diff line number Diff line change
Expand Up @@ -115,10 +115,10 @@ TRACTION_TENANT_ID=MISSING_TENANT_ID
TRACTION_WALLET_API_KEY=MISSING_API_KEY
CRED_DEF_ID_MINES_ACT_PERMIT=CRED_DEF_ID_FOR_MINES_ACT_PERMIT
TRACTION_WEBHOOK_X_API_KEY=MISSING_TRACTION_WEBHOOK_X_API_KEY
CHIEF_PERMITTING_OFFICER_DID_WEB=MISSING_CHIEF_PERMITTING_OFFICER_DID_WEB
CHIEF_PERMITTING_OFFICER_DID_WEB_VERIFICATION_METHOD="did:web:registry-dev.apps.silver.devops.gov.bc.ca:mines-act:chief-permitting-officer#key-01-multikey"
UNTP_DIGITAL_CONFORMITY_CREDENTIAL_CONTEXT=https://test.uncefact.org/vocabulary/untp/dcc/0.5.0/
UNTP_DIGITAL_CONFORMITY_CREDENTIAL_SCHEMA=https://test.uncefact.org/vocabulary/untp/dcc/untp-dcc-schema-0.5.0.json
UNTP_BC_MINES_ACT_PERMIT_CONTEXT=https://raw.githubusercontent.com/bcgov/digital-trust-toolkit/refs/heads/main/related_resources/contexts/BCMinesActPermit/v1.jsonld
UNTP_BC_MINES_ACT_PERMIT_CONTEXT=https://bcgov.github.io/digital-trust-toolkit/contexts/BCMinesActPermit/v1.jsonld

# Permit Search Service
PERMITS_ENDPOINT=http://haystack
Expand Down
8 changes: 5 additions & 3 deletions services/core-api/app/api/services/traction_service.py
Original file line number Diff line number Diff line change
Expand Up @@ -188,12 +188,14 @@ def fetch_current_public_did(self):

def sign_jsonld_credential_deprecated(
self,
did: str,
verificationMethod: str,
verkey: str,
credential: BaseModel,
) -> dict:
# #verkey suffix is indy's default, but could be aparameter later.
options = {"verificationMethod": did + "#verkey", "proofPurpose": "assertionMethod"}

#TODO update to resolve the verkey from the verification method and use that. Acapy only knows the verkey as a local did/keypair

options = {"verificationMethod": verificationMethod, "proofPurpose": "assertionMethod"}

class Payload(BaseModel):
doc: dict
Expand Down
12 changes: 8 additions & 4 deletions services/core-api/app/api/verifiable_credentials/manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,8 @@


class UNTPCCMinesActPermit(cc.ConformityAttestation):
pass
type: List[str] = ["ConformityAttestation, MinesActPermit"]
permitNumber: str


#this should probably be imported from somewhere.
Expand Down Expand Up @@ -194,7 +195,8 @@ def process_all_untp_map_for_orgbook():
# send to traction to be signed
for cred_payload, record in records:
signed_cred = traction_service.sign_jsonld_credential_deprecated(
public_did, public_verkey, cred_payload)
Config.CHIEF_PERMITTING_OFFICER_DID_WEB_VERIFICATION_METHOD, public_verkey,
cred_payload)
if signed_cred:
record.signed_credential = json.dumps(signed_cred["signed_doc"])
record.sign_date = datetime.now()
Expand Down Expand Up @@ -424,8 +426,10 @@ def produce_untp_cc_map_payload(cls, did: str, permit_amendment: PermitAmendment
tzinfo=ZoneInfo("UTC")).isoformat()

cred = UNTPCCMinesActPermit(
id="https://orgbook.gov.bc.ca/entity/FM0362955/credential/PLACEHOLDER",
name="This attests the existence and good standing of a BC Mines Act Permit Credential",
id=
f"https://orgbook.gov.bc.ca/entity/{orgbook_entity.registration_id}/credential/PLACEHOLDER",
name="Credential for permitNumber=" + permit_amendment.permit_no,
permitNumber=permit_amendment.permit_no,
assessmentLevel=codes.AssessmentLevelCode.GovtApproval,
attestationType=codes.AttestationType.Certification,
scope=cc.ConformityAssessmentScheme(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ def get(self, vc_unsigned_hash: str):
PermitAmendmentOrgBookPublish.find_by_unsigned_payload_hash(
vc_unsigned_hash, unsafe=True).signed_credential)



class W3CCredentialListResource(Resource, UserMixin):
parser = reqparse.RequestParser(trim=True)
Expand Down Expand Up @@ -94,14 +93,15 @@ def post(self):
data["permit_amendment_guid"])
traction_service = TractionService()
public_did_dict = traction_service.fetch_current_public_did()
public_did = "did:indy:bcovrin:test:" + public_did_dict["did"]
public_did = Config.CHIEF_PERMITTING_OFFICER_DID_WEB
public_verkey = public_did_dict["verkey"]

credential_dict = VerifiableCredentialManager.produce_map_01_credential_payload(
public_did, permit_amendment)

signed_credential = traction_service.sign_jsonld_credential_deprecated(
public_did, public_verkey, credential_dict)
Config.CHIEF_PERMITTING_OFFICER_DID_WEB_VERIFICATION_METHOD, public_verkey,
credential_dict)
current_app.logger.warning(
"credential signed by did:indy, not by did:web and using deprecated acapy endpoints" +
dumps(signed_credential))
Expand Down Expand Up @@ -140,5 +140,5 @@ def post(self):
credential = VerifiableCredentialManager.produce_untp_cc_map_payload(
public_did, permit_amendment)
signed_credential = traction_service.sign_jsonld_credential_deprecated(
public_did, public_verkey, credential)
Config.CHIEF_PERMITTING_OFFICER_DID_WEB_VERIFICATION_METHOD, public_verkey, credential)
return signed_credential["signed_doc"]
10 changes: 7 additions & 3 deletions services/core-api/app/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -291,9 +291,13 @@ def JWT_ROLE_CALLBACK(jwt_dict):
CRED_DEF_ID_MINES_ACT_PERMIT = os.environ.get("CRED_DEF_ID_MINES_ACT_PERMIT",
"CRED_DEF_ID_MINES_ACT_PERMIT")

#The key pair in this did web MUST match the keypair of the did:indy:candy in Traction.
CHIEF_PERMITTING_OFFICER_DID_WEB = os.environ.get("CHIEF_PERMITTING_OFFICER_DID_WEB",
"CHIEF_PERMITTING_OFFICER_DID_WEB")
CHIEF_PERMITTING_OFFICER_DID_WEB_VERIFICATION_METHOD = os.environ.get(
"CHIEF_PERMITTING_OFFICER_DID_WEB_VERIFICATION_METHOD",
"CHIEF_PERMITTING_OFFICER_DID_WEB_VERIFICATION_METHOD")

CHIEF_PERMITTING_OFFICER_DID_WEB = CHIEF_PERMITTING_OFFICER_DID_WEB_VERIFICATION_METHOD.split(
"#")[0]

UNTP_DIGITAL_CONFORMITY_CREDENTIAL_CONTEXT = os.environ.get(
"UNTP_DIGITAL_CONFORMITY_CREDENTIAL_CONTEXT", "UNTP_DIGITAL_CONFORMITY_CREDENTIAL_CONTEXT")
UNTP_DIGITAL_CONFORMITY_CREDENTIAL_SCHEMA = os.environ.get(
Expand Down

0 comments on commit 6875c65

Please sign in to comment.