add file snapshot_pre-verifiable-credential

Reviewed-on: #44

.dockerignore

@@ -0,0 +1,2 @@
+db
+.git

.env.example

@@ -1,5 +1,15 @@
-DH_DOMAIN=localhost
+####
-DH_PORT=8000
+# DEV OPTIONS
+####
+
+DEV_DOCKER_ALWAYS_BUILD=false
+
+####
+# DEVICEHUB
+####
+
+DEVICEHUB_DOMAIN=localhost
+DEVICEHUB_PORT=8001
 DEMO=true
 # note that with DEBUG=true, logs are more verbose (include tracebacks)
 DEBUG=true
@@ -16,7 +26,48 @@ EMAIL_BACKEND="django.core.mail.backends.smtp.EmailBackend"
 EMAIL_FILE_PATH="/tmp/app-messages"
 ENABLE_EMAIL=false
 PREDEFINED_TOKEN='5018dd65-9abd-4a62-8896-80f34ac66150'
-DH_ALLOWED_HOSTS=${DH_DOMAIN},${DH_DOMAIN}:${DH_PORT},127.0.0.1,127.0.0.1:${DH_PORT}
+DEVICEHUB_ALLOWED_HOSTS=${DEVICEHUB_DOMAIN},${DEVICEHUB_DOMAIN}:${DEVICEHUB_PORT},127.0.0.1,127.0.0.1:${DEVICEHUB_PORT}
 # TODO review these vars
 #SNAPSHOTS_DIR=/path/to/TODO
 #EVIDENCES_DIR=/path/to/TODO
+#DEMO_IDHUB_DOMAIN='idhub.example.org'
+
+####
+# IDHUB
+####
+
+IDHUB_ENABLED=false
+
+IDHUB_DOMAIN=localhost
+IDHUB_PORT=9001
+IDHUB_ALLOWED_HOSTS=${IDHUB_DOMAIN},${IDHUB_DOMAIN}:${IDHUB_PORT},127.0.0.1,127.0.0.1:${IDHUB_PORT}
+IDHUB_TIME_ZONE='Europe/Madrid'
+#IDHUB_SECRET_KEY='uncomment-it-and-fill-this'
+# enable dev flags when DEVELOPMENT deployment
+# adapt to your domain in a production/reverse proxy env
+IDHUB_CSRF_TRUSTED_ORIGINS='https://idhub.example.org'
+
+# fill this section with your email credentials
+IDHUB_DEFAULT_FROM_EMAIL="user@example.org"
+IDHUB_EMAIL_HOST="smtp.example.org"
+IDHUB_EMAIL_HOST_USER="smtp_user"
+IDHUB_EMAIL_HOST_PASSWORD="smtp_passwd"
+IDHUB_EMAIL_PORT=25
+IDHUB_EMAIL_USE_TLS=True
+IDHUB_EMAIL_BACKEND="django.core.mail.backends.smtp.EmailBackend"
+
+# replace with production data
+#   this is used when IDHUB_DEPLOYMENT is not equal to DEVELOPMENT
+IDHUB_ADMIN_USER='admin'
+IDHUB_ADMIN_PASSWD='admin'
+IDHUB_ADMIN_EMAIL='admin@example.org'
+
+# this option needs to be set to 'n' to be able to make work idhub in docker
+#   by default it is set to 'y' to facilitate idhub dev when outside docker
+IDHUB_SYNC_ORG_DEV='n'
+
+# TODO that is only for testing
+IDHUB_ENABLE_EMAIL=false
+IDHUB_ENABLE_2FACTOR_AUTH=false
+IDHUB_ENABLE_DOMAIN_CHECKER=false
+IDHUB_PREDEFINED_TOKEN='27f944ce-3d58-4f48-b068-e4aa95f97c95'

.gitignore

@@ -1,4 +1,7 @@
-db.sqlite3
 env/
 __pycache__/
 .env
+
+# the following could be autogenerated by devicehub
+db.sqlite3
+example/snapshots/snapshot_workbench-script_verifiable-credential.json

api/views.py

@@ -90,7 +90,7 @@ class NewSnapshotView(ApiMixing):
             ev_uuid = data["credentialSubject"].get("uuid")
 
         if not ev_uuid:
-            txt = "error: the snapshot not have uuid"
+            txt = "error: the snapshot does not have an uuid"
             logger.error("%s", txt)
             return JsonResponse({'status': txt}, status=500)
 

device/models.py

@@ -315,3 +315,8 @@ class Device:
     def components(self):
         self.get_last_evidence()
         return self.last_evidence.get_components()
+
+    @property
+    def did_document(self):
+        self.get_last_evidence()
+        return self.last_evidence.get_did_document()

device/templates/details.html

@@ -228,17 +228,33 @@
 
     <div class="tab-pane fade" id="evidences">
       <h5 class="card-title">{% trans 'List of evidences' %}</h5>
-      <div class="list-group col-6">
+      <div class="list-group col">
+	  <table class="table">
+           <thead>
+             <tr>
+               <th scope="col">uuid</th>
+               <th scope="col">Did Document</th>
+               <th scope="col">{% trans "Date" %}</th>
+             </tr>
+           </thead>
+           <tbody>
 	     {% for snap in object.evidences %}
-          <div class="list-group-item">
+             <tr>
-            <div class="d-flex w-100 justify-content-between">
+               <td>
-              <small class="text-muted">{{ snap.created }}</small>
-            </div>
-            <p class="mb-1">
                   <a href="{% url 'evidence:details' snap.uuid %}">{{ snap.uuid }}</a>
-            </p>
+	       </td>
-          </div>
+               <td>
+		 {% if snap.did_document %}
+		 <a href="{{ snap.did_document }}" target="_blank">DID</a>
+		 {% endif %}
+	       </td>
+               <td>
+                 <small class="text-muted">{{ snap.created }}</small>
+	       </td>
+             </tr>
 	     {% endfor %}
+           </tbody>
+         </table>
       </div>
     </div>
 

docker-compose.yml

@@ -1,18 +1,59 @@
 services:
   devicehub-django:
     init: true
+    image: farga.pangea.org/ereuse/devicehub-django/latest
     build:
+      context: .
       dockerfile: docker/devicehub-django.Dockerfile
     environment:
       - DEBUG=${DEBUG:-false}
-      - DOMAIN=${DH_DOMAIN:-localhost}
+      - DOMAIN=${DEVICEHUB_DOMAIN:-localhost}
-      - PORT=${DH_PORT:-8000}
+      - PORT=${DEVICEHUB_PORT:-8000}
-      - ALLOWED_HOSTS=${DH_ALLOWED_HOSTS:-$DH_DOMAIN}
+      - ALLOWED_HOSTS=${DEVICEHUB_ALLOWED_HOSTS:-$DEVICEHUB_DOMAIN}
       - DEMO=${DEMO:-false}
+      - DEMO_IDHUB_DOMAIN=${DEMO_IDHUB_DOMAIN:-}
+      - DEMO_IDHUB_PREDEFINED_TOKEN=${IDHUB_PREDEFINED_TOKEN:-}
       - PREDEFINED_TOKEN=${PREDEFINED_TOKEN:-}
       - DPP=${DPP:-false}
+    # TODO manage volumes dev vs prod
     volumes:
       - .:/opt/devicehub-django
     ports:
-      - ${DH_PORT}:${DH_PORT}
+      - ${DEVICEHUB_PORT:-8000}:${DEVICEHUB_PORT:-8000}
 
+  # TODO add database service for idhub, meanwhile sqlite
+
+  idhub:
+    # https://docs.docker.com/compose/how-tos/profiles/
+    profiles: [idhub]
+    init: true
+    image: farga.pangea.org/ereuse/idhub/latest
+    environment:
+      - DOMAIN=${IDHUB_DOMAIN:-localhost}
+      - ALLOWED_HOSTS=${IDHUB_ALLOWED_HOSTS:-$IDHUB_DOMAIN}
+      - DEBUG=true
+      - DEMO=${DEMO:-false}
+      - INITIAL_ADMIN_EMAIL=${IDHUB_ADMIN_EMAIL}
+      - INITIAL_ADMIN_PASSWORD=${IDHUB_ADMIN_PASSWD}
+      - CREATE_TEST_USERS=true
+      - ENABLE_EMAIL=${IDHUB_ENABLE_EMAIL:-true}
+      - ENABLE_2FACTOR_AUTH=${IDHUB_ENABLE_2FACTOR_AUTH:-true}
+      - ENABLE_DOMAIN_CHECKER=${IDHUB_ENABLE_DOMAIN_CHECKER:-true}
+      - PREDEFINED_TOKEN=${IDHUB_PREDEFINED_TOKEN:-}
+      - SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
+      - STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/}
+      - MEDIA_ROOT=${IDHUB_MEDIA_ROOT:-/media/}
+      - PORT=${IDHUB_PORT:-9001}
+      - DEFAULT_FROM_EMAIL=${IDHUB_DEFAULT_FROM_EMAIL}
+      - EMAIL_HOST=${IDHUB_EMAIL_HOST}
+      - EMAIL_HOST_USER=${IDHUB_EMAIL_HOST_USER}
+      - EMAIL_HOST_PASSWORD=${IDHUB_EMAIL_HOST_PASSWORD}
+      - EMAIL_PORT=${IDHUB_EMAIL_PORT}
+      - EMAIL_USE_TLS=${IDHUB_EMAIL_USE_TLS}
+      - EMAIL_BACKEND=${IDHUB_EMAIL_BACKEND}
+      - SUPPORTED_CREDENTIALS=['Snapshot']
+      - SYNC_ORG_DEV=${IDHUB_SYNC_ORG_DEV}
+    ports:
+      - 9001:9001
+
+  # TODO add database service for idhub, meanwhile sqlite

docker-reset.sh

@@ -19,12 +19,24 @@ main() {
                 cp -v .env.example .env
                 echo "WARNING: .env was not there, .env.example was copied, this only happens once"
         fi
+
+        # load vars
+        . ./.env
+
+        if [ "${IDHUB_ENABLED:-}" = 'true' ]; then
+                export COMPOSE_PROFILES='idhub'
+        fi
         # remove old database
         rm -vfr ./db/*
         # deactivate configured flag
         rm -vfr ./already_configured
         docker compose down -v
+        if [ "${DEV_DOCKER_ALWAYS_BUILD:-}" = 'true' ]; then
+                docker compose pull --ignore-buildable
                 docker compose build
+        else
+                docker compose pull
+        fi
         docker compose up ${detach_arg:-}
 }
 

docker/devicehub-django.Dockerfile

@@ -6,6 +6,7 @@ RUN apt update && \
     python3-xapian \
     git \
     sqlite3 \
+    curl \
     jq \
     time \
     vim \
@@ -37,6 +38,7 @@ RUN pip install -i https://test.pypi.org/simple/ ereuseapitest==0.0.14
 #   Set PYTHONPATH to include the directory with the xapian module
 ENV PYTHONPATH="${PYTHONPATH}:/usr/lib/python3/dist-packages"
 
+COPY . .
 COPY docker/devicehub-django.entrypoint.sh /
 
 RUN chown -R app:app /opt/devicehub-django

docker/devicehub-django.entrypoint.sh

@@ -118,6 +118,51 @@ END
         ./manage.py dlt_register_user "${DATASET_FILE}"
 }
 
+# wait until idhub api is prepared to received requests
+wait_idhub() {
+        echo "Start waiting idhub API"
+        while true; do
+                result="$(curl -s "${url}" \
+                               | jq -r .error \
+                               || echo "Reported errors, idhub API is still not ready")"
+
+                if [ "${result}" = "Invalid request method" ]; then
+                        break
+                        sleep 2
+                else
+                        echo "Waiting idhub API"
+                        sleep 3
+                fi
+        done
+}
+
+demo__send_to_sign_credential() {
+        filepath="${1}"
+        # hashlib.sha3_256 of PREDEFINED_TOKEN for idhub
+        DEMO_IDHUB_PREDEFINED_TOKEN="${DEMO_IDHUB_PREDEFINED_TOKEN:-}"
+        auth_header="Authorization: Bearer ${DEMO_IDHUB_PREDEFINED_TOKEN}"
+        json_header='Content-Type: application/json'
+        curl -s -X POST \
+             -H "${json_header}" \
+             -H "${auth_header}" \
+             -d @"${filepath}" \
+             "${url}" \
+                | jq -r .data
+}
+
+run_demo() {
+        if [ "${DEMO_IDHUB_DOMAIN:-}" ]; then
+                DEMO_IDHUB_DOMAIN="${DEMO_IDHUB_DOMAIN:-}"
+                # this demo only works with FQDN domain (with no ports)
+                url="https://${DEMO_IDHUB_DOMAIN}/webhook/sign/"
+                wait_idhub
+                demo__send_to_sign_credential \
+                        'example/demo-snapshots-vc/snapshot_pre-verifiable-credential.json' \
+                        > 'example/snapshots/snapshot_workbench-script_verifiable-credential.json'
+        fi
+        /usr/bin/time ./manage.py up_snapshots example/snapshots/ "${INIT_USER}"
+}
+
 config_phase() {
         # TODO review this flag file
         init_flagfile="${program_dir}/already_configured"
@@ -132,7 +177,7 @@ config_phase() {
                         # 12, 13, 14
                         config_dpp_part1
 
-                        # cleanup other spnapshots and copy dlt/dpp snapshots
+                        # cleanup other snapshots and copy dlt/dpp snapshots
                         # TODO make this better
                         rm example/snapshots/*
                         cp example/dpp-snapshots/*.json example/snapshots/
@@ -140,7 +185,7 @@ config_phase() {
 
                 # # 15. Add inventory snapshots for user "${INIT_USER}".
                 if [ "${DEMO:-}" = 'true' ]; then
-                        /usr/bin/time ./manage.py up_snapshots example/snapshots/ "${INIT_USER}"
+                        run_demo
                 fi
 
                 # remain next command as the last operation for this if conditional

evidence/models.py

@@ -206,3 +206,14 @@ class Evidence:
 
     def is_web_snapshot(self):
         return self.doc.get("type") == "WebSnapshot"
+
+    def did_document(self):
+        if not self.doc.get("credentialSubject"):
+            return ''
+        did = self.doc.get('issuer')
+        if not "did:web" in did:
+            return ''
+
+        return  "https://{}/did.json".format(
+            did.split("did:web:")[1].replace(":", "/")
+        )