Repository contains mock implementation of auth for e-signet
- Set the kube config file of the Mosip cluster having dependent services is set correctly in PC.
- Make sure DB setup is done.
- Add / merge below mentioned properties files into existing config branch:
- Add below properties in esignet-default.properties incase using MockAuth for esignet.
mosip.esignet.integration.scan-base-package=io.mosip.authentication.esignet.integration,io.mosip.esignet.mock.integration mosip.esignet.integration.binding-validator=BindingValidatorServiceImpl mosip.esignet.integration.authenticator=MockAuthenticationService mosip.esignet.integration.key-binder=MockKeyBindingWrapperService mosip.esignet.integration.audit-plugin=LoggerAuditService mosip.esignet.integration.captcha-validator=GoogleRecaptchaValidatorService
- Below are the dependent services required for compliance toolkit service:
Chart Chart version Keycloak 7.1.18 Keycloak-init 12.0.1-B3 Postgres 10.16.2 Postgres Init 12.0.1-B3 Config-server 12.0.1-B3 Artifactory server 12.0.1-B3 esignet-softhsm 12.0.1-B2 redis 17.3.14 esignet 1.0.0 oidc-ui 1.0.0
- Install
kubectl
andhelm
utilities. - Run
install-all.sh
to deploy esignet services.cd helm ./install-all.sh
- During the execution of the
install-all.sh
script, a prompt appears requesting information regarding the presence of a public domain and a valid SSL certificate on the server. - If the server lacks a public domain and a valid SSL certificate, it is advisable to select the
n
option. Opting it will enable theinit-container
with anemptyDir
volume and include it in the deployment process. - The init-container will proceed to download the server's self-signed SSL certificate and mount it to the specified location within the container's Java keystore (i.e.,
cacerts
) file. - This particular functionality caters to scenarios where the script needs to be employed on a server utilizing self-signed SSL certificates.
- Run
delete-all.sh
to remove esignet services.cd helm ./delete-all.sh
- Run
restart-all.sh
to restart esignet services.cd helm ./restart.sh
- Run onboarder's install.sh script to exchange jwk certificates.
- Below mentioned onboarding steps are added after 1.2.0.1-b3
- Onboarding the default demo-oidc partner
###.Onboarding the default resident-oidc partner
- After successfull partner onboarder run for demo-oidc partner , download html reports from
onboarder
bucket of object store . - Get
CLIENT_ID
from response body of requestcreate-oidc-client
from the report demo-oidc.html - Update deployment of
mock-relying-party-ui
in esignet namespace withCLIENT_ID
value from last step . - As per screenshot get the private and public key pair (shown as selected in the screenshot )from the response of the
get-jwks
request from the report demo-oidc.html - Update
client-private-key
in esignet namespace withbase64 encoded
value of the keypair from previous step. - Restart mock-relying-party-service pod