The Decentralized Identity Management (DIM) Wallet stub application provides REST APIs for below wallet functionality.
- Setup Wallet and push Did document to portal backend
- Issue Verifiable Credentials
- Sign and get Verifiable Credentials by ID
- Create Self issued (SI) token with scope and without scope
- Query Verifiable Presentation
- Create technical user for wallet to access APIs using OAuth flow
- Request BPN Did mapping
This application can be used as a temporary wallet solution for local and integration testing.
This application is using Java 21 and Spring boot framework to serve REST APIs.
The DIM Wallet is part of the Self-Sovereign Identity (SSI) Flow of Eclipse Tractus-X.
- Update env variables in application.yaml
| Name | Description | Default value |
|---|---|---|
| APPLICATION_PORT | Application port | 8080 |
| ENABLE_SWAGGER_UI | Enable the Swagger UI | true |
| ENABLE_API_DOC | Enable API documentation | true |
| STUB_ENV | Environment(LZ) in with application is running. | local |
| BASE_WALLET_BPN | Issuer BPN number | BPNL000000000000 |
| SEED_WALLETS_BPN | List of BPNs for which wallets will be seeded on application startup | BPNL00000003AZQP,BPNL00000003AYRE |
| DID_HOST | Did host | localhost |
| STUB_URL | Wallet stub application host | https://localhost |
| STATUS_LIST_VC_ID | VC id of status list credential of base wallet | 8a6c7486-1e1f-4555-bdd2-1a178182651e |
| TOKEN_EXPIRY_TIME | JWT(STS, VC and VP) expiry time in minutes | 5 |
| PORTAL_WAIT_TIME | Wait time before we push did document to portal after wallet creation in seconds | 60 |
| PORTAL_HOST | Host of port backend application | |
| PORTAL_CLIENT_ID | Keycloak client_id to access portal API | |
| PORTAL_CLIENT_SECRET | keycloak client_secret to access portal API | |
| PORTAL_REALM | keycloak realm | |
| PORTAL_AUTH_SERVER_URL | Authentication server(keycloak) | |
| APP_LOG_LEVEL | Log level of application | DEBUG |
- Run application using Gradle:
./gradlew :runtimes:ssi-dim-wallet-stub-memory:clean :runtimes:ssi-dim-wallet-stub-memory:bootrun
- After successful running of the application, you can access swagger
on
http://localhost:8080/ui/swagger-ui/index.html
Please refer deploy using helm
- Update env variables in application.yaml
| Name | Description | Default value |
|---|---|---|
| APPLICATION_PORT | Application port | 8080 |
| ENABLE_SWAGGER_UI | Enable the Swagger UI | true |
| ENABLE_API_DOC | Enable API documentation | true |
| STUB_ENV | Environment(LZ) in with application is running. | local |
| BASE_WALLET_BPN | Issuer BPN number | BPNL000000000000 |
| SEED_WALLETS_BPN | List of BPNs for which wallets will be seeded on application startup | BPNL00000003AZQP,BPNL00000003AYRE |
| DID_HOST | Did host | localhost |
| STUB_URL | Wallet stub application host | https://localhost |
| STATUS_LIST_VC_ID | VC id of status list credential of base wallet | 8a6c7486-1e1f-4555-bdd2-1a178182651e |
| TOKEN_EXPIRY_TIME | JWT(STS, VC and VP) expiry time in minutes | 5 |
| PORTAL_WAIT_TIME | Wait time before we push did document to portal after wallet creation in seconds | 60 |
| PORTAL_HOST | Host of port backend application | |
| PORTAL_CLIENT_ID | Keycloak client_id to access portal API | |
| PORTAL_CLIENT_SECRET | keycloak client_secret to access portal API | |
| PORTAL_REALM | keycloak realm | |
| PORTAL_AUTH_SERVER_URL | Authentication server(keycloak) | |
| APP_LOG_LEVEL | Log level of application | DEBUG |
| SPRING_DATASOURCE_URL | The URL to connect to the database | jdbc:h2:mem:testdb;MODE=PostgreSQL |
| SPRING_DATASOURCE_USERNAME | The username to access the database | sa |
| SPRING_DATASOURCE_PASSWORD | The password to access the database | |
| SPRING_DATASOURCE_DRIVER_CLASS_NAME | The driver used for the database | org.h2.Driver |
- Run application using Gradle:
./gradlew :runtimes:ssi-dim-wallet-stub:clean :runtimes:ssi-dim-wallet-stub:bootrun
- After successful running of the application, you can access swagger
on
http://localhost:8080/ui/swagger-ui/index.html
Please refer deploy using helm
Detailed documentation can be found here
- There are two possible options, each defined in a separate runtimes:
ssi-dim-wallet-stub(with optional persistence) andssi-dim-wallet-stub-memory(in-memory only).- Simple Java
Mapis used to store keypair, VC and VP of wallet to avoid any further complexity. Please refer MemoryStorage.java - Stored in the database: DatabaseStorage.java
- Simple Java
- This application will create same key for given BPN on given environment. Please refer DeterministicECKeyPairGenerator.java
- If a wallet is not created at any point of request, application will create a new wallet at runtime
- Application will issue new VC during
/presentations/queryAPI if not issued previously - Application will not give error if request VC is not already issue
- There is no separate IDP for this wallet application. OAuth token creation API is part of this application only
- We are not validating
client_secretwhile creating OAuth token andclient_idwill be BPN - Negative scenarios are not covered
jticlaim is not validated- No actual revocation of verifiable credentials
- All stored credentials will be lost upon application restart unless persistence and the database are enabled.
- JWTs are printed with debug log level for debugging purposes
This application provides container images for demonstration purposes.
See Docker notice files for more information:
Distributed under the Apache 2.0 License. See LICENSE for more information.