adapter- Implementation details for data access, input and output
- May depend on:
app,openapi
app- Business logic, completely agnostic towards data access implementation.
Internally structured according to logical application usecases. Defines interfaces
for any needed external data access, which are then implemented in the
adaptermodule - May not have dependencies to other modules
- Business logic, completely agnostic towards data access implementation.
Internally structured according to logical application usecases. Defines interfaces
for any needed external data access, which are then implemented in the
db-changelog- Liquibase changes and related helpers
- May not have dependencies to other modules
openapi- Openapi definition and code generation of cdoc2-auth-server REST API
- May not have dependencies to other modules
webapp- Spring boot application
- May depend on
adapter,db-changelog
- Create database (see README.md under /db-changelog)
mvn clean install. JAR is created under /webapp/target.- run JAR -
java -jar cdoc2-rp-server-app.jar. Provide customapplication.propertiesin same folder as needed
In configuration files, the following properties must start with the app. prefix:
app.restclient.auth-server.hostUrl
| application prop | default | description |
|---|---|---|
| restclient.auth-server.hostUrl | URL of the cdoc2-auth-server component | |
| restclient.auth-server.read-timeout | 5000 | read timeout for auth server requests, in millisecond |
| restclient.auth-server.hosconnection-request-timeouttUrl | 5000 | connection timeout for auth server requests, in milliseconds |
| rp.name | Relying party name that rp-server presents to the SID/MID services | |
| rp.uuid | Relying party UUID that rp-server presents to the SID/MID services | |
| rp.certificate-level | QUALIFIED | The required certificate level when authenticating through SID/MID services |
| rp.scheme-name | smart-id-demo | Name of the SID scheme used (eg. smart-id) |
| smartid.client.hostUrl | URL of the SID RP API |
In configuration files, the following properties must start with the spring. prefix:
spring.datasource.url
| spring prop | description |
|---|---|
| datasource.url | |
| datasource.username | |
| datasource.password | |
| datasource.driver-class-name |
Keystores and trust stores are defined with Spring SSL bundles.
Trust store example, where somebundle is a placeholder for an actual bundle name:
spring.ssl.bundle.jks.somebundle.truststore.location=truststore.jks
spring.ssl.bundle.jks.somebundle.truststore.password=changeit
spring.ssl.bundle.jks.somebundle.truststore.type=jks
Keystore example, where somebundle is a placeholder for an actual bundle name::
spring.ssl.bundle.jks.somebundle.keystore.location=keystore.p12
spring.ssl.bundle.jks.somebundle.keystore.password=changeit
spring.ssl.bundle.jks.somebundle.keystore.type=pkcs12
spring.ssl.bundle.jks.somebundle.key.alias=rpServerKey
Defined bundles:
| bundle name | type | description |
|---|---|---|
| server-bundle | keystore, truststore | keystore and truststore (if any) to use for embedded server SSL connections |
| sid-server | truststore | provides truststore for SID server connections |
| trusted-infra | truststore | provides truststore for REST clients communicating with other CDOC2 components |
To build Docker images:
./build-images.shTo run the build container:
docker run --rm --network=host ghcr.io/open-eid/cdoc2-rp-server:0.5.0-SNAPSHOT