From 1ae201bc94f5f720e5f5662f0cc4b25b74801b3e Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Thu, 23 Jan 2025 17:58:07 +0100 Subject: [PATCH 01/11] add predefined_token in initial_datas --- idhub/management/commands/initial_datas.py | 13 ++++++++++--- webhook/views.py | 7 +++++++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/idhub/management/commands/initial_datas.py b/idhub/management/commands/initial_datas.py index 462e944..1f97399 100644 --- a/idhub/management/commands/initial_datas.py +++ b/idhub/management/commands/initial_datas.py @@ -7,9 +7,9 @@ from utils import credtools from django.conf import settings from django.core.management.base import BaseCommand from django.contrib.auth import get_user_model -from decouple import config from idhub.models import Schemas from oidc4vp.models import Organization +from webhook.models import Token User = get_user_model() @@ -20,9 +20,13 @@ class Command(BaseCommand): DOMAIN = settings.DOMAIN OIDC_ORGS = settings.OIDC_ORGS + def add_arguments(self, parser): + parser.add_argument('predefined_token', nargs='?', default='', type=str, help='predefined token') + def handle(self, *args, **kwargs): ADMIN_EMAIL = settings.INITIAL_ADMIN_EMAIL ADMIN_PASSWORD = settings.INITIAL_ADMIN_PASSWORD + self.predefined_token = kwargs['predefined_token'] self.create_admin_users(ADMIN_EMAIL, ADMIN_PASSWORD) if settings.CREATE_TEST_USERS: @@ -31,8 +35,8 @@ class Command(BaseCommand): self.create_users(user, '1234') self.org = Organization.objects.create( - name=self.DOMAIN, - domain=self.DOMAIN, + name=self.DOMAIN, + domain=self.DOMAIN, main=True ) @@ -45,6 +49,9 @@ class Command(BaseCommand): su = User.objects.create_superuser(email=email, password=password) su.save() + tk = Token.objects.filter(token=self.predefined_token).first() + if self.predefined_token and not tk: + Token.objects.create(token=self.predefined_token) def create_users(self, email, password): u = User.objects.create(email=email, password=password) diff --git a/webhook/views.py b/webhook/views.py index 71625d7..1563ff1 100644 --- a/webhook/views.py +++ b/webhook/views.py @@ -29,6 +29,10 @@ def webhook_verify(request): if not tk: return JsonResponse({'error': 'Invalid or missing token'}, status=401) + user = User.objects.filter(is_admin=True).first() + if not user.accept_gdpr: + return JsonResponse({'error': 'Temporary out of service'}, status=400) + try: data = json.loads(request.body) except json.JSONDecodeError: @@ -90,6 +94,9 @@ def webhook_issue(request): return JsonResponse({'error': 'Invalid credential'}, status=400) user = User.objects.filter(is_admin=True).first() + if not user.accept_gdpr: + return JsonResponse({'error': 'Temporary out of service'}, status=400) + cred = VerificableCredential( csv_data=vc, issuer_did=did, -- 2.30.2 From 8b3f4704e70a80356db370374ea7d9b9e47a17cb Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Fri, 24 Jan 2025 12:59:50 +0100 Subject: [PATCH 02/11] signed if is authorized --- idhub/models.py | 8 ++++++++ webhook/views.py | 20 ++++++++++++-------- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/idhub/models.py b/idhub/models.py index 73ce848..86291e1 100644 --- a/idhub/models.py +++ b/idhub/models.py @@ -684,6 +684,14 @@ class VerificableCredential(models.Model): if self.status == self.Status.ISSUED: return + supported = False + for name in self.schema.get_schema.get("name"): + if name.get("value") in settings.SUPPORTED_CREDENTIALS: + supported = True + + if not supported: + return + self.subject_did = did self.issued_on = datetime.datetime.now().astimezone(pytz.utc) diff --git a/webhook/views.py b/webhook/views.py index 1563ff1..fd2d931 100644 --- a/webhook/views.py +++ b/webhook/views.py @@ -5,6 +5,7 @@ from django.utils.translation import gettext_lazy as _ from django.views.decorators.csrf import csrf_exempt from django.views.generic.edit import DeleteView from django.views.generic.base import View +from django.core.cache import cache from django.http import JsonResponse from django_tables2 import SingleTableView from pyvckit.verify import verify_vp, verify_vc @@ -20,6 +21,10 @@ from webhook.tables import TokensTable @csrf_exempt def webhook_verify(request): if request.method == 'POST': + user = User.objects.filter(is_admin=True).first() + if not cache.get("KEY_DIDS") or not user.accept_gdpr: + return JsonResponse({'error': 'Temporary out of service'}, status=400) + auth_header = request.headers.get('Authorization') if not auth_header or not auth_header.startswith('Bearer '): return JsonResponse({'error': 'Invalid or missing token'}, status=401) @@ -29,10 +34,6 @@ def webhook_verify(request): if not tk: return JsonResponse({'error': 'Invalid or missing token'}, status=401) - user = User.objects.filter(is_admin=True).first() - if not user.accept_gdpr: - return JsonResponse({'error': 'Temporary out of service'}, status=400) - try: data = json.loads(request.body) except json.JSONDecodeError: @@ -60,6 +61,10 @@ def webhook_verify(request): @csrf_exempt def webhook_issue(request): if request.method == 'POST': + user = User.objects.filter(is_admin=True).first() + if not cache.get("KEY_DIDS") or not user.accept_gdpr: + return JsonResponse({'error': 'Temporary out of service'}, status=400) + auth_header = request.headers.get('Authorization') if not auth_header or not auth_header.startswith('Bearer '): return JsonResponse({'error': 'Invalid or missing token'}, status=401) @@ -93,10 +98,6 @@ def webhook_issue(request): if not schema: return JsonResponse({'error': 'Invalid credential'}, status=400) - user = User.objects.filter(is_admin=True).first() - if not user.accept_gdpr: - return JsonResponse({'error': 'Temporary out of service'}, status=400) - cred = VerificableCredential( csv_data=vc, issuer_did=did, @@ -107,6 +108,9 @@ def webhook_issue(request): cred.set_type() vc_signed = cred.issue(did, domain=request.get_host(), save=save) + if not vc_signed: + return JsonResponse({'error': 'Invalid credential'}, status=400) + return JsonResponse({'status': 'success', "data": vc_signed}, status=200) return JsonResponse({'status': 'fail'}, status=200) -- 2.30.2 From b6162e2491fe205459e6a1fde6f56c3c8d73c7cc Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Mon, 27 Jan 2025 20:34:24 +0100 Subject: [PATCH 03/11] add create_default_did in initial_data --- .../{initial_datas.py => initial_data.py} | 63 ++++++++++++++++++- 1 file changed, 61 insertions(+), 2 deletions(-) rename idhub/management/commands/{initial_datas.py => initial_data.py} (70%) diff --git a/idhub/management/commands/initial_datas.py b/idhub/management/commands/initial_data.py similarity index 70% rename from idhub/management/commands/initial_datas.py rename to idhub/management/commands/initial_data.py index 1f97399..db68043 100644 --- a/idhub/management/commands/initial_datas.py +++ b/idhub/management/commands/initial_data.py @@ -7,7 +7,13 @@ from utils import credtools from django.conf import settings from django.core.management.base import BaseCommand from django.contrib.auth import get_user_model -from idhub.models import Schemas +from django.urls import reverse +from pyvckit.did import ( + generate_did, + gen_did_document, +) + +from idhub.models import Schemas, DID from oidc4vp.models import Organization from webhook.models import Token @@ -16,17 +22,19 @@ User = get_user_model() class Command(BaseCommand): - help = "Insert minimum datas for the project" + help = "Insert minimum data for the project" DOMAIN = settings.DOMAIN OIDC_ORGS = settings.OIDC_ORGS def add_arguments(self, parser): parser.add_argument('predefined_token', nargs='?', default='', type=str, help='predefined token') + parser.add_argument('example_did', nargs='?', default='', type=str, help='predefined did') def handle(self, *args, **kwargs): ADMIN_EMAIL = settings.INITIAL_ADMIN_EMAIL ADMIN_PASSWORD = settings.INITIAL_ADMIN_PASSWORD self.predefined_token = kwargs['predefined_token'] + self.predefined_did = kwargs['predefined_did'] self.create_admin_users(ADMIN_EMAIL, ADMIN_PASSWORD) if settings.CREATE_TEST_USERS: @@ -53,6 +61,57 @@ class Command(BaseCommand): if self.predefined_token and not tk: Token.objects.create(token=self.predefined_token) + self.create_default_did(su, password) + + def create_default_did(self, admin, password): + # import pdb; pdb.set_trace() + fdid = self.open_example_did() + if not fdid: + return + + did = DID() + new_key_material = fdid.get("key_material", "") + label = fdid.get("label", "") + if not new_key_material: + return + did.set_key_material(new_key_material) + + if label: + did.label = label + + if did.type == did.Types.KEY: + did.did = generate_did(new_key_material) + elif did.type == did.Types.WEB: + url = "https://{}".format(settings.DOMAIN) + path = reverse("idhub:serve_did", args=["a"]) + + if path: + path = path.split("/a/did.json")[0] + url = "https://{}/{}".format(settings.DOMAIN, path) + + did.did = generate_did(new_key_material, url) + key = json.loads(new_key_material) + url, did.didweb_document = gen_did_document(self.did, key) + + did.save() + + def open_example_did(self): + # import pdb; pdb.set_trace() + BASE_DIR = Path(__file__).resolve().parent.parent.parent.parent + didweb_path = os.path.join(BASE_DIR, "examples", "keys_did.json") + + if self.predefined_web: + didweb_path = self.predefined_web + + data = '' + with didweb_path.open() as _file: + try: + data = json.loads(_file.read()) + except Exception: + pass + + return data + def create_users(self, email, password): u = User.objects.create(email=email, password=password) u.set_password(password) -- 2.30.2 From 730d689430d53b48f0a7dffbbe3cc83bd7174897 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Mon, 27 Jan 2025 20:35:13 +0100 Subject: [PATCH 04/11] rename initial_data to demo_data --- idhub/management/commands/{initial_data.py => demo_data.py} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename idhub/management/commands/{initial_data.py => demo_data.py} (100%) diff --git a/idhub/management/commands/initial_data.py b/idhub/management/commands/demo_data.py similarity index 100% rename from idhub/management/commands/initial_data.py rename to idhub/management/commands/demo_data.py -- 2.30.2 From 84cfe723629a952818dc88befdac937e6adceb75 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Tue, 28 Jan 2025 18:15:35 +0100 Subject: [PATCH 05/11] command predetermined diddocument --- idhub/admin/forms.py | 38 ++++++++++---------- idhub/management/commands/demo_data.py | 48 ++++++++++++++++---------- idhub_auth/models.py | 5 +-- 3 files changed, 51 insertions(+), 40 deletions(-) diff --git a/idhub/admin/forms.py b/idhub/admin/forms.py index 0ec7aee..24d9f17 100644 --- a/idhub/admin/forms.py +++ b/idhub/admin/forms.py @@ -36,16 +36,16 @@ class TermsConditionsForm2(forms.Form): if data.get("accept"): self.user.accept_gdpr = True else: - self.user.accept_gdpr = False + self.user.accept_gdpr = False return data - + def save(self, commit=True): if commit: self.user.save() return self.user - - return + + return class EncryptionKeyForm(forms.Form): @@ -80,8 +80,8 @@ class EncryptionKeyForm(forms.Form): did = DID.objects.create(label='Default', type=DID.Types.WEB) did.set_did() did.save() - - return + + return class TermsConditionsForm(forms.Form): @@ -131,16 +131,16 @@ class TermsConditionsForm(forms.Form): if privacy and legal and cookies: self.user.accept_gdpr = True else: - self.user.accept_gdpr = False + self.user.accept_gdpr = False return data - + def save(self, commit=True): if commit: self.user.save() return self.user - - return + + return class ImportForm(forms.Form): @@ -197,7 +197,7 @@ class ImportForm(forms.Form): eidas1=True, did=eidas1 ).first() - + return data def clean_schema(self): @@ -288,15 +288,15 @@ class ImportForm(forms.Form): def save(self, commit=True): table = [] for k, v in self.rows.items(): - table.append(self.create_credential(k, v)) + table.append(self.create_credential(k, v)) if commit: for cred in table: cred.save() File_datas.objects.create(file_name=self.file_name) return table - - return + + return def validate_jsonld(self, line, row): try: @@ -355,7 +355,7 @@ class ImportForm(forms.Form): class SchemaForm(forms.Form): file_template = forms.FileField(label=_("File template")) - + class MembershipForm(forms.ModelForm): class Meta: @@ -376,7 +376,7 @@ class MembershipForm(forms.ModelForm): if members.filter(start_date__lte=start_date, end_date=None).exists(): msg = _("This membership already exists!") raise forms.ValidationError(msg) - + if (start_date and end_date): if start_date > end_date: msg = _("The end date is less than the start date") @@ -399,8 +399,8 @@ class MembershipForm(forms.ModelForm): if members.exists(): msg = _("This membership already exists!") raise forms.ValidationError(msg) - - + + return end_date @@ -417,7 +417,7 @@ class UserRolForm(forms.ModelForm): choices = self.fields['service'].choices choices.queryset = choices.queryset.exclude(users__user=user) self.fields['service'].choices = choices - + def clean_service(self): data = super().clean() service = UserRol.objects.filter( diff --git a/idhub/management/commands/demo_data.py b/idhub/management/commands/demo_data.py index db68043..391c636 100644 --- a/idhub/management/commands/demo_data.py +++ b/idhub/management/commands/demo_data.py @@ -7,6 +7,7 @@ from utils import credtools from django.conf import settings from django.core.management.base import BaseCommand from django.contrib.auth import get_user_model +from django.core.cache import cache from django.urls import reverse from pyvckit.did import ( generate_did, @@ -28,25 +29,28 @@ class Command(BaseCommand): def add_arguments(self, parser): parser.add_argument('predefined_token', nargs='?', default='', type=str, help='predefined token') - parser.add_argument('example_did', nargs='?', default='', type=str, help='predefined did') + parser.add_argument('predefined_did', nargs='?', default='', type=str, help='predefined did') def handle(self, *args, **kwargs): ADMIN_EMAIL = settings.INITIAL_ADMIN_EMAIL ADMIN_PASSWORD = settings.INITIAL_ADMIN_PASSWORD self.predefined_token = kwargs['predefined_token'] self.predefined_did = kwargs['predefined_did'] - - self.create_admin_users(ADMIN_EMAIL, ADMIN_PASSWORD) - if settings.CREATE_TEST_USERS: - for u in range(1, 6): - user = 'user{}@example.org'.format(u) - self.create_users(user, '1234') + cache.set("KEY_DIDS", "1", None) self.org = Organization.objects.create( name=self.DOMAIN, domain=self.DOMAIN, main=True ) + self.org.set_encrypted_sensitive_data() + self.org.save() + + self.create_admin_users(ADMIN_EMAIL, ADMIN_PASSWORD) + if settings.CREATE_TEST_USERS: + for u in range(1, 6): + user = 'user{}@example.org'.format(u) + self.create_users(user, '1234') if self.OIDC_ORGS: self.create_organizations() @@ -57,23 +61,30 @@ class Command(BaseCommand): su = User.objects.create_superuser(email=email, password=password) su.save() - tk = Token.objects.filter(token=self.predefined_token).first() - if self.predefined_token and not tk: - Token.objects.create(token=self.predefined_token) + if self.predefined_token: + tk = Token.objects.filter(token=self.predefined_token).first() + if not tk: + Token.objects.create(token=self.predefined_token) - self.create_default_did(su, password) + self.create_default_did() + + def create_default_did(self): + + # did = DID.objects.create(label='Default', type=DID.Types.WEB) + # did.set_did() + # did.save() + # return - def create_default_did(self, admin, password): - # import pdb; pdb.set_trace() fdid = self.open_example_did() if not fdid: return - did = DID() + did = DID(type=DID.Types.WEB) new_key_material = fdid.get("key_material", "") label = fdid.get("label", "") if not new_key_material: return + did.set_key_material(new_key_material) if label: @@ -91,20 +102,19 @@ class Command(BaseCommand): did.did = generate_did(new_key_material, url) key = json.loads(new_key_material) - url, did.didweb_document = gen_did_document(self.did, key) + url, did.didweb_document = gen_did_document(did.did, key) did.save() def open_example_did(self): - # import pdb; pdb.set_trace() BASE_DIR = Path(__file__).resolve().parent.parent.parent.parent didweb_path = os.path.join(BASE_DIR, "examples", "keys_did.json") - if self.predefined_web: - didweb_path = self.predefined_web + if self.predefined_did: + didweb_path = self.predefined_did data = '' - with didweb_path.open() as _file: + with open(didweb_path) as _file: try: data = json.loads(_file.read()) except Exception: diff --git a/idhub_auth/models.py b/idhub_auth/models.py index 0552b35..2a6becd 100644 --- a/idhub_auth/models.py +++ b/idhub_auth/models.py @@ -125,7 +125,7 @@ class User(AbstractBaseUser): sb = secret.SecretBox(sb_key) if not isinstance(data, bytes): data = data.encode('utf-8') - + return base64.b64encode(sb.encrypt(data)).decode('utf-8') def get_salt(self): @@ -151,6 +151,7 @@ class User(AbstractBaseUser): return base64.b64encode(value_enc).decode('utf-8') def decrypt_data(self, data): + import pdb; pdb.set_trace() pw = self.decrypt_sensitive_data().encode('utf-8') sb = self.get_secret_box(pw) value = base64.b64decode(data.encode('utf-8')) @@ -166,6 +167,6 @@ class User(AbstractBaseUser): sb = secret.SecretBox(sb_key) if not isinstance(data, bytes): data = data.encode('utf-8') - + encrypted_data = base64.b64encode(sb.encrypt(data)).decode('utf-8') self.encrypted_sensitive_data = encrypted_data -- 2.30.2 From 97e2bb36c4dbafbc6e231d3be4fbd1a0d8804a6d Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Tue, 28 Jan 2025 18:16:35 +0100 Subject: [PATCH 06/11] drop pdbs --- idhub_auth/models.py | 1 - 1 file changed, 1 deletion(-) diff --git a/idhub_auth/models.py b/idhub_auth/models.py index 2a6becd..bdd7458 100644 --- a/idhub_auth/models.py +++ b/idhub_auth/models.py @@ -151,7 +151,6 @@ class User(AbstractBaseUser): return base64.b64encode(value_enc).decode('utf-8') def decrypt_data(self, data): - import pdb; pdb.set_trace() pw = self.decrypt_sensitive_data().encode('utf-8') sb = self.get_secret_box(pw) value = base64.b64decode(data.encode('utf-8')) -- 2.30.2 From 0f258c9076d71b87132f90fd93abdf35c74e7623 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Tue, 28 Jan 2025 18:38:56 +0100 Subject: [PATCH 07/11] add keys_did.json to examples] --- examples/keys_did.json | 1 + 1 file changed, 1 insertion(+) create mode 100644 examples/keys_did.json diff --git a/examples/keys_did.json b/examples/keys_did.json new file mode 100644 index 0000000..35caa1d --- /dev/null +++ b/examples/keys_did.json @@ -0,0 +1 @@ +{"label": "Default", "key_material": "{\"kty\": \"OKP\", \"crv\": \"Ed25519\", \"x\": \"IRqDfIumhbKKHhqMjOngikQmGoT1cZ6LPP-JjXa8CsY\", \"d\": \"AZXUEnJYFbGcn3Ebzy3vQWYFzx6rdnoHKilaMYUWuHA\", \"kid\": \"Generated\"}"} \ No newline at end of file -- 2.30.2 From c8729973b71e132858fa62537a69b7e18017c9ee Mon Sep 17 00:00:00 2001 From: pedro Date: Wed, 29 Jan 2025 17:22:24 +0100 Subject: [PATCH 08/11] demo_data: cleanup test commiter: cayo --- idhub/management/commands/demo_data.py | 5 ----- 1 file changed, 5 deletions(-) diff --git a/idhub/management/commands/demo_data.py b/idhub/management/commands/demo_data.py index 391c636..d5956f1 100644 --- a/idhub/management/commands/demo_data.py +++ b/idhub/management/commands/demo_data.py @@ -70,11 +70,6 @@ class Command(BaseCommand): def create_default_did(self): - # did = DID.objects.create(label='Default', type=DID.Types.WEB) - # did.set_did() - # did.save() - # return - fdid = self.open_example_did() if not fdid: return -- 2.30.2 From 3d77e9983e40c13f536526041dc1b9606d40a23f Mon Sep 17 00:00:00 2001 From: pedro Date: Wed, 29 Jan 2025 18:02:17 +0100 Subject: [PATCH 09/11] idhub: demo vault and default did use DEMO --- examples/keys_did.json | 2 +- idhub/management/commands/demo_data.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/examples/keys_did.json b/examples/keys_did.json index 35caa1d..070965c 100644 --- a/examples/keys_did.json +++ b/examples/keys_did.json @@ -1 +1 @@ -{"label": "Default", "key_material": "{\"kty\": \"OKP\", \"crv\": \"Ed25519\", \"x\": \"IRqDfIumhbKKHhqMjOngikQmGoT1cZ6LPP-JjXa8CsY\", \"d\": \"AZXUEnJYFbGcn3Ebzy3vQWYFzx6rdnoHKilaMYUWuHA\", \"kid\": \"Generated\"}"} \ No newline at end of file +{"label": "DEMO", "key_material": "{\"kty\": \"OKP\", \"crv\": \"Ed25519\", \"x\": \"IRqDfIumhbKKHhqMjOngikQmGoT1cZ6LPP-JjXa8CsY\", \"d\": \"AZXUEnJYFbGcn3Ebzy3vQWYFzx6rdnoHKilaMYUWuHA\", \"kid\": \"Generated\"}"} diff --git a/idhub/management/commands/demo_data.py b/idhub/management/commands/demo_data.py index d5956f1..4eabe55 100644 --- a/idhub/management/commands/demo_data.py +++ b/idhub/management/commands/demo_data.py @@ -36,7 +36,8 @@ class Command(BaseCommand): ADMIN_PASSWORD = settings.INITIAL_ADMIN_PASSWORD self.predefined_token = kwargs['predefined_token'] self.predefined_did = kwargs['predefined_did'] - cache.set("KEY_DIDS", "1", None) + # on demo situation, encrypted vault is hardcoded with password DEMO + cache.set("KEY_DIDS", "DEMO", None) self.org = Organization.objects.create( name=self.DOMAIN, -- 2.30.2 From 32be93d294600dcaf7f4343220f275d80f7800c2 Mon Sep 17 00:00:00 2001 From: pedro Date: Wed, 29 Jan 2025 18:03:00 +0100 Subject: [PATCH 10/11] improve error messages when service is unavailable --- idhub/user/views.py | 4 ++-- locale/ca/LC_MESSAGES/django.po | 6 +++--- locale/es/LC_MESSAGES/django.po | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/idhub/user/views.py b/idhub/user/views.py index 4f5735d..d1de190 100644 --- a/idhub/user/views.py +++ b/idhub/user/views.py @@ -179,8 +179,8 @@ class TermsAndConditionsView(UserView, FormView): class WaitingView(UserView, TemplateView): template_name = "idhub/user/waiting.html" - title = _("Comunication with admin") - subtitle = _('Service temporary close') + title = _("Comunication with admin required") + subtitle = _('Service temporarily closed') section = "" icon = 'bi bi-file-earmark-medical' success_url = reverse_lazy('idhub:user_dashboard') diff --git a/locale/ca/LC_MESSAGES/django.po b/locale/ca/LC_MESSAGES/django.po index b62a260..b7c67b4 100644 --- a/locale/ca/LC_MESSAGES/django.po +++ b/locale/ca/LC_MESSAGES/django.po @@ -2796,11 +2796,11 @@ msgid "Data Protection" msgstr "Protecció de dades" #: idhub/user/views.py:183 -msgid "Comunication with admin" -msgstr "Comunicació amb l'admin" +msgid "Comunication with admin required" +msgstr "Es requereix comunicació amb l'admin" #: idhub/user/views.py:184 -msgid "Service temporary close" +msgid "Service temporarily closed" msgstr "Tancament temporal del servei" #: idhub/user/views.py:407 diff --git a/locale/es/LC_MESSAGES/django.po b/locale/es/LC_MESSAGES/django.po index db75844..d683e63 100644 --- a/locale/es/LC_MESSAGES/django.po +++ b/locale/es/LC_MESSAGES/django.po @@ -2789,11 +2789,11 @@ msgid "Data Protection" msgstr "Proteccion de datos" #: idhub/user/views.py:183 -msgid "Comunication with admin" -msgstr "Comunicación con el admin" +msgid "Comunication with admin required" +msgstr "Se requiere comunicación con el admin" #: idhub/user/views.py:184 -msgid "Service temporary close" +msgid "Service temporarily closed" msgstr "Cierre temporal del servicio" #: idhub/user/views.py:407 -- 2.30.2 From f09efcdf10c29fd8e4101c986368dc4afea1ab4c Mon Sep 17 00:00:00 2001 From: pedro Date: Wed, 29 Jan 2025 18:08:48 +0100 Subject: [PATCH 11/11] adapt docker to demo situation about predefined token and did --- .env.example | 5 ++++- docker-compose.yml | 3 ++- docker-reset.sh | 1 + docker/idhub.entrypoint.sh | 6 ++++-- 4 files changed, 11 insertions(+), 4 deletions(-) diff --git a/.env.example b/.env.example index 6117fe9..0897b02 100644 --- a/.env.example +++ b/.env.example @@ -31,11 +31,14 @@ IDHUB_ADMIN_USER='admin' IDHUB_ADMIN_PASSWD='admin' IDHUB_ADMIN_EMAIL='admin@example.org' +IDHUB_SUPPORTED_CREDENTIALS="['CourseCredential', 'EOperatorClaim', 'FederationMembership', 'FinancialVulnerabilityCredential', 'MembershipCard', 'Snapshot']" + # this option needs to be set to 'n' to be able to make work idhub in docker # by default it is set to 'y' to facilitate idhub dev when outside docker IDHUB_SYNC_ORG_DEV='n' -# TODO that is only for testing +# TODO that is only for testing/demo purposes IDHUB_ENABLE_EMAIL=false IDHUB_ENABLE_2FACTOR_AUTH=false IDHUB_ENABLE_DOMAIN_CHECKER=false +IDHUB_PREDEFINED_TOKEN='27f944ce-3d58-4f48-b068-e4aa95f97c95' diff --git a/docker-compose.yml b/docker-compose.yml index 2804ead..05f0764 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -15,6 +15,7 @@ services: - ENABLE_EMAIL=${IDHUB_ENABLE_EMAIL:-true} - ENABLE_2FACTOR_AUTH=${IDHUB_ENABLE_2FACTOR_AUTH:-true} - ENABLE_DOMAIN_CHECKER=${IDHUB_ENABLE_DOMAIN_CHECKER:-true} + - PREDEFINED_TOKEN=${IDHUB_PREDEFINED_TOKEN:-} - SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd} - STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/} - MEDIA_ROOT=${IDHUB_MEDIA_ROOT:-/media/} @@ -26,7 +27,7 @@ services: - EMAIL_PORT=${IDHUB_EMAIL_PORT} - EMAIL_USE_TLS=${IDHUB_EMAIL_USE_TLS} - EMAIL_BACKEND=${IDHUB_EMAIL_BACKEND} - - SUPPORTED_CREDENTIALS=['CourseCredential', 'EOperatorClaim', 'FederationMembership', 'FinancialVulnerabilityCredential', 'MembershipCard', 'Snapshot'] + - SUPPORTED_CREDENTIALS=${IDHUB_SUPPORTED_CREDENTIALS:-} - SYNC_ORG_DEV=${IDHUB_SYNC_ORG_DEV} ports: - ${IDHUB_PORT:-9001}:${IDHUB_PORT:-9001} diff --git a/docker-reset.sh b/docker-reset.sh index 3a7e3ad..d31b567 100755 --- a/docker-reset.sh +++ b/docker-reset.sh @@ -15,6 +15,7 @@ main() { cp -v .env.example .env echo "WARNING: .env was not there, .env.example was copied, this only happens once" fi + . ./.env docker compose down -v if [ "${DEV_DOCKER_ALWAYS_BUILD:-}" = 'true' ]; then diff --git a/docker/idhub.entrypoint.sh b/docker/idhub.entrypoint.sh index 52b27e0..b7ebd78 100755 --- a/docker/idhub.entrypoint.sh +++ b/docker/idhub.entrypoint.sh @@ -45,8 +45,10 @@ deployment_strategy() { echo "INFO detected NEW deployment" ./manage.py migrate - printf "This is DEVELOPMENT/PILOTS_EARLY DEPLOYMENT: including demo hardcoded data\n creating initial Datas\n" >&2 - ./manage.py initial_datas + printf "This is DEVELOPMENT/PILOTS_EARLY DEPLOYMENT: including demo hardcoded data\n" >&2 + + PREDEFINED_TOKEN="${PREDEFINED_TOKEN:-}" + ./manage.py demo_data "${PREDEFINED_TOKEN}" if [ "${OIDC_ORGS:-}" ]; then config_oidc4vp -- 2.30.2