Hyperledger

.vscode/settings.json

@@ -0,0 +1,2 @@
+{
+}

app.js

@@ -35,6 +35,7 @@ const api = require('./routes/api/index');
 const oauth2 = require('./routes/oauth2/oauth2');
 const saml2 = require('./routes/saml2/saml2');
 const authregistry = require('./routes/authregistry/authregistry');
+const hyperledger = require('./routes/hyperledger/index');
 const oauth2_controller = require('./controllers/oauth2/oauth2');
 
 const translation_merger = require('./lib/json_directory_merger');
@@ -205,6 +206,10 @@ if (config.https.enabled) {
   app.use('/oauth2', force_ssl, oauth2);
   app.get('/user', force_ssl, oauth2_controller.authenticate_token);
 
+  if (config.hyperledger.enabled) {
+    app.use('/hyperledger', force_ssl, hyperledger);
+  }
+
   if (config.authorization.level === 'payload') {
     app.post('/pdp/open_policy_agent', force_ssl, oauth2_controller.auth_opa_policy);
     app.post('/pdp/xacml', force_ssl, oauth2_controller.auth_xacml_policy);
@@ -237,6 +242,10 @@ if (config.https.enabled) {
   app.use('/oauth2', oauth2);
   app.get('/user', oauth2_controller.authenticate_token);
 
+  if (config.hyperledger.enabled) {
+    app.use('/hyperledger', hyperledger);
+  }
+
   if (config.authorization.level === 'payload') {
     app.post('/pdp/open_policy_agent', oauth2_controller.auth_opa_policy);
     app.post('/pdp/xacml', oauth2_controller.auth_xacml_policy);
@@ -278,4 +287,17 @@ if (config.authorization.authzforce.enabled) {
     });
 }
 
+if (config.hyperledger.enabled) {
+  //debug(  require('./lib/hyperledger.js'));
+  //llamar a funciones e el then
+  require('./lib/hyperledger.js')
+    .init()
+    .then(function (status) {
+      debug(clc.green('Hyperledger: ' + status));
+    })
+    .catch(function (error) {
+      debug(clc.red(error));
+    });
+}
+
 module.exports = app;

config.js

@@ -1,7 +1,8 @@
+#!/usr/bin/env node
 const config = {};
 
-config.port = 3000;
-config.host = 'http://172.17.0.1:3000';
+config.port = 5000;
+config.host = 'http://localhost:5000';
 config.headless = false;
 config.debug = false;
 
@@ -23,7 +24,7 @@ config.https = {
 config.email_list_type = null; // whitelist or blacklist
 
 // Enable 2fa authentication
-config.enable_2fa = process.env.IDM_ENABLE_2FA || false;
+config.enable_2fa = false;
 
 // Secret for user sessions in web
 config.session = {
@@ -62,7 +63,7 @@ config.oauth2 = {
   unique_url: false, // This parameter allows to verify that an application with the same url
   // does not exist when creating or editing it. If there are already applications
   // with the same URL, they should be changed manually
-  not_require_client_authentication_grant_type: []
+  not_require_client_authentication_grant_type: [] // Define grant types that do not require a client authentication
 };
 
 // Config oidc parameters
@@ -90,6 +91,12 @@ config.authorization = {
   }
 };
 
+config.hyperledger = {
+  enabled: true,
+  schema_name: 'schema30',
+  schema_version: '3.0'
+};
+
 // Enable usage control and configure where is the Policy Translation Point
 config.usage_control = {
   enabled: false,
@@ -102,9 +109,9 @@ config.usage_control = {
 // Database info
 config.database = {
   host: 'localhost',
-  password: 'keyrock2020',
-  username: 'idm',
   database: 'idm',
+  username: 'root',
+  password: 'idm',
   dialect: 'mysql',
   port: undefined
 };
@@ -156,7 +163,7 @@ config.pr = {
   client_crt: undefined
 };
 
-// External Authorization Registry
+// External Authorization Registry (requires enabling the external participant registry)
 config.ar = {
   url: undefined,
   id: 'EU.EORI.NL000000004',

config.js.template

@@ -92,6 +92,11 @@ config.authorization = {
   }
 };
 
+config.hyperledger = {
+  enabled: false,
+  schema_name: 'schema26',
+  schema_version: '3.0'
+}
 // Enable usage control and configure where is the Policy Translation Point
 config.usage_control = {
   enabled: false,

controllers/hyperledger/hyperledger.js

@@ -0,0 +1,130 @@
+//const models = require('../../models/models.js');
+//const config_service = require('../../lib/configService.js');
+const hyperledger_funtion = require('../../lib/hyperledger.js');
+const debug = require('debug')('idm:hyperledger_controller');
+const user_controller = require('../web/users');
+const clc = require('cli-color');
+const invitation_ids = {};
+
+
+exports.show_login_for_invitation = function (req, res) {
+  debug(' --> show_login_for_invitation');
+  const errors = req.session.errors || {};
+  delete req.session.errors;
+  if (req.session.message) {
+    res.locals.message = req.session.message;
+    delete req.session.message;
+  }
+
+  if (req.session.user)
+    res.redirect('/hyperledger/show-invitation')
+  else
+    res.render('hyperledger/login', { errors, csrf_token: req.csrfToken() });
+};
+
+
+exports.handler_create_invitation = function (req, res) {
+  debug(' --> handler_create_invitation');
+
+    // If inputs email or password are empty create an array of errors
+  const errors = [];
+  if (!req.body.email) {
+    errors.push({ message: 'email' });
+  }
+  if (!req.body.password) {
+    errors.push({ message: 'password' });
+  }
+
+  if (req.body.email && req.body.password) {
+    // Authenticate user using user controller function
+    user_controller.authenticate(req.body.email, req.body.password, function (error, user) {
+      if (error) {
+        // If error exists send a message to /auth/login
+        req.session.errors = [{ message: error.message }];
+        res.redirect('/hyperledger/invitation');
+        debug(error);
+        return;
+      }
+
+        req.session.user = {
+          id: user.id,
+          username: user.username,
+          email: user.email,
+          description: user.description,
+          change_password: user.date_password,
+          starters_tour_ended: user.starters_tour_ended,
+          extra: user.extra
+        };
+
+        res.redirect('/hyperledger/show-invitation')
+
+    });
+  } else {
+    debug(errors);
+    // If error exists send a message to /auth/login
+    req.session.errors = errors;
+    res.redirect('/hyperledger/invitation');
+  }
+};
+
+
+exports.handler_show_invitation = function (req, res) {
+
+  debug(' --> handler_show_invitation');
+
+  hyperledger_funtion
+    .create_invitation()
+    .then(function (invitation_data) {
+      res.render('hyperledger/show_invitation', { invitation: JSON.parse(invitation_data) });
+      debug(clc.green('The invitation has been created'));
+    })
+    .catch(function (error) {
+      res.send(error);
+      debug(clc.red(error));
+    });
+
+}
+
+
+exports.handler_webhook = function (connection_id) {
+  debug(' --> handler_webhook');
+  hyperledger_funtion
+    .accepts_connection_request(connection_id)
+    .then(function (invitation_id) {
+      invitation_ids[invitation_id] = connection_id;
+      debug(clc.green('Connection complete'));
+    })
+    .catch(function (error) {
+      debug(clc.red(error));
+    });
+};
+
+exports.handler_polling_invitation = function (req, res) {
+  debug(' --> handler_polling_invitation');
+  debug(' -->' + req.query.invitation_id);
+  if (Object.keys(invitation_ids).includes(req.query.invitation_id)) {
+    res.send('Recibido');
+  } else {
+    res.send('NO');
+  }
+};
+
+exports.handler_issue_credential = function (req, res) {
+  // connection_id,
+  // cred_def_id,
+  // issuer_did,
+  // schema_id,
+  // schema_name,
+  // schema_version
+  debug(' --> handler_issue_credential');
+  let connection_id = invitation_ids[req.query.invitation_id];
+  hyperledger_funtion
+    .issuing_credential(connection_id, req.session.user.username,req.session.user.email,req.session.user.description) //, cred_def_id, issuer_did, schema_id, schema_name, schema_version)
+    .then(function () {
+      res.render('hyperledger/issue_credential');
+      debug(clc.green('Issue credential complete'));
+    })
+    .catch(function (error) {
+      debug(clc.red(error));
+    });
+};

controllers/web/users.js

@@ -493,6 +493,7 @@ if (external_auth.enabled) {
         attributes: [
           'id',
           'username',
+          'description',
           'salt',
           'password',
           'enabled',

etc/hyperledger/attributes.json

@@ -0,0 +1 @@
+{"schema_id":"PLEVLDPJQMJvPLyX3LgB6S:2:schema30:3.0","credential_definition_id":"PLEVLDPJQMJvPLyX3LgB6S:3:CL:123:default","public_did":"PLEVLDPJQMJvPLyX3LgB6S"}

etc/translations/de.json

@@ -232,6 +232,9 @@
         "content07": "Klicken Sie auf die folgende Schaltfläche und geben Sie dann Ihre E-Mail ein.",
         "content08": "Wir werden Ihnen eine Anleitung zusenden, wie Sie auf Ihr Profil zugreifen können, um diese zweite Authentifizierung zu vermeiden. ",
         "content09": "Zwei-Faktor-Authentifizierung deaktivieren"
+      },
+      "hyperledger": {
+        "loginin_btn": "Generate credential"
       }
     },
     "home": {

etc/translations/en.json

@@ -232,6 +232,9 @@
       "content07": "Click in the following button and, then, introduce your email.",
       "content08": "We will send you instructions of how to access your profile avoiding this second authentication. ",
       "content09": "Disable two factor authentication"
+    },
+    "hyperledger": {
+      "loginin_btn": "Generate credential"
     }
   },
   "home": {

etc/translations/es.json

@@ -232,6 +232,9 @@
       "content07": "Haga click en el siguiente boton e introduzca su correo electronico.",
       "content08": "Le enviaremos las instrucciones que debe seguir para poder acceder a su perfil.",
       "content09": "Desactivar Verificación en dos pasos"
+    },
+    "hyperledger": {
+      "loginin_btn": "Generar credencial"
     }
   },
   "home": {

etc/translations/ja.json

@@ -232,6 +232,9 @@
       "content07": "次のボタンをクリックして、メールを導入してください。",
       "content08": "この2回目の認証を回避して、プロファイルにアクセスする方法の説明を送信します。",
       "content09": "二要素認証を無効化"
+    },
+    "hyperledger": {
+      "loginin_btn": "Generate credential"
     }
   },
   "home": {

etc/translations/ko.json

@@ -232,6 +232,9 @@
       "content07": "Click in the following button and, then, introduce your email.",
       "content08": "We will send you instructions of how to access your profile avoiding this second authentication. ",
       "content09": "Disable two factor authentication"
+    },
+    "hyperledger": {
+      "loginin_btn": "Generate credential"
     }
   },
   "home": {

lib/configService.js

@@ -118,6 +118,10 @@ function process_environment_variables(verbose) {
     'IDM_AUTHZFORCE_ENABLED',
     'IDM_AUTHZFORCE_HOST',
     'IDM_AUTHZFORCE_PORT',
+    //Hyperledger
+    'IDM_HYPERLEDGER_ENABLED',
+    'IDM_HYPERLEDGER_SCHEMA_NAME',
+    'IDM_HYPERLEDGER_SCHEMA_VERSION',
     // Enable usage control and configure where is the Policy Translation Point
     'IDM_USAGE_CONTROL_ENABLED',
     'IDM_PTP_HOST',
@@ -368,6 +372,17 @@ function process_environment_variables(verbose) {
     }
   }
 
+  config.hyperledger = config.hyperledger || {};
+  if (process.env.IDM_HYPERLEDGER_ENABLED) {
+    config.hyperledger.enabled = to_boolean(process.env.IDM_HYPERLEDGER_ENABLED, false);
+  }
+  if (process.env.IDM_HYPERLEDGER_SCHEMA_NAME) {
+    config.hyperledger.schema_name = process.env.IDM_HYPERLEDGER_SCHEMA_NAME;
+  }
+  if (process.env.IDM_HYPERLEDGER_SCHEMA_VERSION) {
+    config.hyperledger.schema_version = process.env.IDM_HYPERLEDGER_SCHEMA_VERSION;
+  }
+
   // Enable usage control and configure where is the Policy Translation Point
   config.usage_control = config.usage_control || {};
   if (process.env.IDM_USAGE_CONTROL_ENABLED) {