From 4df4b0ebf38a7d6c34cc2459e69fc2cd33e9eba1 Mon Sep 17 00:00:00 2001 From: Lalith Kota Date: Fri, 22 Mar 2024 16:16:50 +0530 Subject: [PATCH 1/4] Moved vci modules to vci repo Signed-off-by: Lalith Kota --- README.md | 3 - g2p_openid_vci/README.rst | 59 --- g2p_openid_vci/__init__.py | 2 - g2p_openid_vci/__manifest__.py | 31 -- g2p_openid_vci/json_encoder.py | 18 - g2p_openid_vci/models/__init__.py | 1 - g2p_openid_vci/models/vci_issuer.py | 311 ------------- g2p_openid_vci/readme/CONTRIBUTORS.rst | 1 - g2p_openid_vci/readme/DESCRIPTION.rst | 1 - g2p_openid_vci/security/ir.model.access.csv | 2 - g2p_openid_vci/static/default_contexts.json | 91 ---- .../static/default_credential_format.jq | 56 --- .../static/default_issuer_metadata.jq | 89 ---- g2p_openid_vci/static/description/icon.png | Bin 3985 -> 0 bytes g2p_openid_vci/static/description/index.html | 420 ------------------ g2p_openid_vci/views/vci_issuers.xml | 62 --- g2p_openid_vci_programs/README.rst | 59 --- g2p_openid_vci_programs/__init__.py | 1 - g2p_openid_vci_programs/__manifest__.py | 27 -- g2p_openid_vci_programs/models/__init__.py | 1 - g2p_openid_vci_programs/models/vci_issuer.py | 101 ----- .../readme/CONTRIBUTORS.rst | 1 - .../readme/DESCRIPTION.rst | 1 - .../static/default_contexts.json | 101 ----- .../static/default_credential_format.jq | 74 --- .../static/default_issuer_metadata.jq | 107 ----- .../static/description/icon.png | Bin 3985 -> 0 bytes .../static/description/index.html | 420 ------------------ g2p_openid_vci_programs/views/vci_issuers.xml | 21 - g2p_openid_vci_rest_api/README.rst | 54 --- g2p_openid_vci_rest_api/__init__.py | 3 - g2p_openid_vci_rest_api/__manifest__.py | 31 -- .../controllers/__init__.py | 1 - g2p_openid_vci_rest_api/controllers/main.py | 7 - g2p_openid_vci_rest_api/models/__init__.py | 1 - g2p_openid_vci_rest_api/models/openid_vci.py | 76 ---- .../readme/DESCRIPTION.rst | 1 - g2p_openid_vci_rest_api/services/__init__.py | 1 - .../services/vci_service.py | 155 ------- .../static/description/icon.png | Bin 3985 -> 0 bytes .../static/description/index.html | 413 ----------------- requirements.txt | 7 - .../g2p_openid_vci/odoo/addons/g2p_openid_vci | 1 - setup/g2p_openid_vci/setup.py | 6 - .../odoo/addons/g2p_openid_vci_programs | 1 - setup/g2p_openid_vci_programs/setup.py | 6 - .../odoo/addons/g2p_openid_vci_rest_api | 1 - setup/g2p_openid_vci_rest_api/setup.py | 6 - test-requirements.txt | 2 - 49 files changed, 2834 deletions(-) delete mode 100644 g2p_openid_vci/README.rst delete mode 100644 g2p_openid_vci/__init__.py delete mode 100644 g2p_openid_vci/__manifest__.py delete mode 100644 g2p_openid_vci/json_encoder.py delete mode 100644 g2p_openid_vci/models/__init__.py delete mode 100644 g2p_openid_vci/models/vci_issuer.py delete mode 100644 g2p_openid_vci/readme/CONTRIBUTORS.rst delete mode 100644 g2p_openid_vci/readme/DESCRIPTION.rst delete mode 100644 g2p_openid_vci/security/ir.model.access.csv delete mode 100644 g2p_openid_vci/static/default_contexts.json delete mode 100644 g2p_openid_vci/static/default_credential_format.jq delete mode 100644 g2p_openid_vci/static/default_issuer_metadata.jq delete mode 100644 g2p_openid_vci/static/description/icon.png delete mode 100644 g2p_openid_vci/static/description/index.html delete mode 100644 g2p_openid_vci/views/vci_issuers.xml delete mode 100644 g2p_openid_vci_programs/README.rst delete mode 100644 g2p_openid_vci_programs/__init__.py delete mode 100644 g2p_openid_vci_programs/__manifest__.py delete mode 100644 g2p_openid_vci_programs/models/__init__.py delete mode 100644 g2p_openid_vci_programs/models/vci_issuer.py delete mode 100644 g2p_openid_vci_programs/readme/CONTRIBUTORS.rst delete mode 100644 g2p_openid_vci_programs/readme/DESCRIPTION.rst delete mode 100644 g2p_openid_vci_programs/static/default_contexts.json delete mode 100644 g2p_openid_vci_programs/static/default_credential_format.jq delete mode 100644 g2p_openid_vci_programs/static/default_issuer_metadata.jq delete mode 100644 g2p_openid_vci_programs/static/description/icon.png delete mode 100644 g2p_openid_vci_programs/static/description/index.html delete mode 100644 g2p_openid_vci_programs/views/vci_issuers.xml delete mode 100644 g2p_openid_vci_rest_api/README.rst delete mode 100644 g2p_openid_vci_rest_api/__init__.py delete mode 100644 g2p_openid_vci_rest_api/__manifest__.py delete mode 100644 g2p_openid_vci_rest_api/controllers/__init__.py delete mode 100644 g2p_openid_vci_rest_api/controllers/main.py delete mode 100644 g2p_openid_vci_rest_api/models/__init__.py delete mode 100644 g2p_openid_vci_rest_api/models/openid_vci.py delete mode 100644 g2p_openid_vci_rest_api/readme/DESCRIPTION.rst delete mode 100644 g2p_openid_vci_rest_api/services/__init__.py delete mode 100644 g2p_openid_vci_rest_api/services/vci_service.py delete mode 100644 g2p_openid_vci_rest_api/static/description/icon.png delete mode 100644 g2p_openid_vci_rest_api/static/description/index.html delete mode 100644 requirements.txt delete mode 120000 setup/g2p_openid_vci/odoo/addons/g2p_openid_vci delete mode 100644 setup/g2p_openid_vci/setup.py delete mode 120000 setup/g2p_openid_vci_programs/odoo/addons/g2p_openid_vci_programs delete mode 100644 setup/g2p_openid_vci_programs/setup.py delete mode 120000 setup/g2p_openid_vci_rest_api/odoo/addons/g2p_openid_vci_rest_api delete mode 100644 setup/g2p_openid_vci_rest_api/setup.py diff --git a/README.md b/README.md index e79e44d..4da4557 100644 --- a/README.md +++ b/README.md @@ -21,9 +21,6 @@ Available addons addon | version | maintainers | summary --- | --- | --- | --- [g2p_auth_id_oidc](g2p_auth_id_oidc/) | 15.0.1.2.0 | | G2P Auth: OIDC - Reg ID -[g2p_openid_vci](g2p_openid_vci/) | 15.0.1.2.0 | | G2P OpenID VCI: Base -[g2p_openid_vci_programs](g2p_openid_vci_programs/) | 15.0.1.2.0 | | G2P OpenID VCI: Program Beneficiaries -[g2p_openid_vci_rest_api](g2p_openid_vci_rest_api/) | 15.0.1.2.0 | | G2P OpenID VCI: Rest API [g2p_portal_auth](g2p_portal_auth/) | 15.0.1.2.0 | | G2P Portal Auth [//]: # (end addons) diff --git a/g2p_openid_vci/README.rst b/g2p_openid_vci/README.rst deleted file mode 100644 index 9ee0d89..0000000 --- a/g2p_openid_vci/README.rst +++ /dev/null @@ -1,59 +0,0 @@ -==================== -G2P OpenID VCI: Base -==================== - -.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - !! This file is generated by oca-gen-addon-readme !! - !! changes will be overwritten. !! - !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - -.. |badge1| image:: https://img.shields.io/badge/maturity-Alpha-red.png - :target: https://odoo-community.org/page/development-status - :alt: Alpha -.. |badge2| image:: https://img.shields.io/badge/github-OpenG2P%2Fopeng2p--auth-lightgray.png?logo=github - :target: https://github.com/OpenG2P/openg2p-auth/tree/15.0-develop/g2p_openid_vci - :alt: OpenG2P/openg2p-auth - -|badge1| |badge2| - -OpenG2P OpenID for Verifiable Credential Issuance - -.. IMPORTANT:: - This is an alpha version, the data model and design can change at any time without warning. - Only for development or testing purpose, do not use in production. - `More details on development status `_ - -**Table of contents** - -.. contents:: - :local: - -Bug Tracker -=========== - -Bugs are tracked on `GitHub Issues `_. -In case of trouble, please check there if your issue has already been reported. -If you spotted it first, help us smashing it by providing a detailed and welcomed -`feedback `_. - -Do not contact contributors directly about support or help with technical issues. - -Credits -======= - -Authors -~~~~~~~ - -* OpenG2P - -Contributors -~~~~~~~~~~~~ - -* Lalith Kota - -Maintainers -~~~~~~~~~~~ - -This module is part of the `OpenG2P/openg2p-auth `_ project on GitHub. - -You are welcome to contribute. diff --git a/g2p_openid_vci/__init__.py b/g2p_openid_vci/__init__.py deleted file mode 100644 index cb5cf79..0000000 --- a/g2p_openid_vci/__init__.py +++ /dev/null @@ -1,2 +0,0 @@ -from . import json_encoder -from . import models diff --git a/g2p_openid_vci/__manifest__.py b/g2p_openid_vci/__manifest__.py deleted file mode 100644 index 6a9e308..0000000 --- a/g2p_openid_vci/__manifest__.py +++ /dev/null @@ -1,31 +0,0 @@ -# Part of OpenG2P. See LICENSE file for full copyright and licensing details. -{ - "name": "G2P OpenID VCI: Base", - "category": "G2P", - "version": "15.0.1.2.0", - "sequence": 1, - "author": "OpenG2P", - "website": "https://openg2p.org", - "license": "Other OSI approved licence", - "development_status": "Alpha", - "depends": [ - "g2p_registry_base", - "g2p_encryption", - ], - "external_dependencies": { - "python": ["cryptography<37", "python-jose", "pyjq", "PyLD"] - }, - "data": [ - "security/ir.model.access.csv", - "views/vci_issuers.xml", - ], - "assets": { - "web.assets_backend": [], - "web.assets_qweb": [], - }, - "demo": [], - "images": [], - "application": False, - "installable": True, - "auto_install": False, -} diff --git a/g2p_openid_vci/json_encoder.py b/g2p_openid_vci/json_encoder.py deleted file mode 100644 index 02fd873..0000000 --- a/g2p_openid_vci/json_encoder.py +++ /dev/null @@ -1,18 +0,0 @@ -import base64 -import json -from datetime import date, datetime, timezone - - -class RegistryJSONEncoder(json.JSONEncoder): - def default(self, obj): - if isinstance(obj, bytes): - return base64.b64encode(obj).decode() - if isinstance(obj, datetime): - return f'{obj.astimezone(tz=timezone.utc).replace(tzinfo=None).isoformat(timespec="milliseconds")}Z' - if isinstance(obj, date): - return obj.isoformat() - return json.JSONEncoder.default(self, obj) - - @classmethod - def python_dict_to_json_dict(cls, data: dict) -> dict: - return json.loads(json.dumps(data, cls=cls)) diff --git a/g2p_openid_vci/models/__init__.py b/g2p_openid_vci/models/__init__.py deleted file mode 100644 index 23d962e..0000000 --- a/g2p_openid_vci/models/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from . import vci_issuer diff --git a/g2p_openid_vci/models/vci_issuer.py b/g2p_openid_vci/models/vci_issuer.py deleted file mode 100644 index a49f06d..0000000 --- a/g2p_openid_vci/models/vci_issuer.py +++ /dev/null @@ -1,311 +0,0 @@ -# pylint: disable=[W7936] - -import json -import logging -import uuid -from datetime import datetime - -import pyjq as jq -import requests -from cryptography.hazmat.primitives import hashes -from jose import jwt -from pyld import jsonld - -from odoo import api, fields, models, modules, tools - -from ..json_encoder import RegistryJSONEncoder - -_logger = logging.getLogger(__name__) - - -class OpenIDVCIssuer(models.Model): - _name = "g2p.openid.vci.issuers" - _description = "OpenID VCI Issuer" - - name = fields.Char(required=True) - type = fields.Selection( - [ - ( - "OpenG2PRegistryVerifiableCredential", - "OpenG2PRegistryVerifiableCredential", - ) - ], - required=True, - ) - scope = fields.Char(required=True) - supported_format = fields.Selection( - [("ldp_vc", "ldp_vc")], default="ldp_vc", required=True - ) - unique_issuer_id = fields.Char(default="did:example:12345678abcdefgh") - - encryption_provider_id = fields.Many2one("g2p.encryption.provider") - - auth_sub_id_type_id = fields.Many2one("g2p.id.type") - - auth_allowed_auds = fields.Text() - auth_allowed_issuers = fields.Text() - auth_issuer_jwks_mapping = fields.Text() - auth_allowed_client_ids = fields.Text() - - credential_format = fields.Text() - issuer_metadata_text = fields.Text() - contexts_json = fields.Text() - - @api.model - def issue_vc(self, credential_request: dict, token: str): - # TODO: Raise better errors and error types - auth_claims_unverified = jwt.get_unverified_claims(token) - auth_scopes = auth_claims_unverified.get("scope", "").split() - - request_format = credential_request["format"] - request_types = credential_request["credential_definition"]["type"] - - if not auth_scopes: - raise ValueError("Scope not found in auth token.") - - search_domain = [ - ("supported_format", "=", request_format), - ("scope", "in", auth_scopes), - ] - if request_types: - search_domain.append(("type", "in", request_types)) - credential_issuer = self.sudo().search(search_domain) - if credential_issuer and len(credential_issuer): - credential_issuer = credential_issuer[0] - else: - raise ValueError("Invalid combination of scope, type, format") - - request_auth_iss = auth_claims_unverified["iss"] - # TODO: Client id validation - - try: - auth_allowed_iss = (credential_issuer.auth_allowed_issuers or "").split() - auth_allowed_aud = (credential_issuer.auth_allowed_auds or "").split() - auth_jwks_mapping = ( - credential_issuer.auth_issuer_jwks_mapping or "" - ).split() - # TODO: Cache JWKS somehow - jwks = credential_issuer.get_auth_jwks( - request_auth_iss, - auth_allowed_iss, - auth_jwks_mapping, - ) - jwt.decode( - token, - jwks, - issuer=auth_allowed_iss, - options={"verify_aud": False}, - ) - if auth_allowed_aud and ( - ( - isinstance(auth_claims_unverified["aud"], list) - and set(auth_allowed_aud).issubset( - set(auth_claims_unverified["aud"]) - ) - ) - or ( - isinstance(auth_claims_unverified["aud"], str) - and auth_allowed_aud in auth_claims_unverified["aud"] - ) - ): - raise ValueError("Invalid Audience") - except Exception as e: - raise ValueError("Invalid Auth Token received") from e - - issue_vc_func = getattr(credential_issuer, f"issue_vc_{credential_issuer.type}") - - cred_res = issue_vc_func( - auth_claims=auth_claims_unverified, - credential_request=credential_request, - ) - _logger.debug("Credential Response for DEBUG; %s", json.dumps(cred_res)) - return cred_res - - def issue_vc_OpenG2PRegistryVerifiableCredential( - self, auth_claims, credential_request - ): - self.ensure_one() - web_base_url = ( - self.env["ir.config_parameter"].sudo().get_param("web.base.url").rstrip("/") - ) - reg_id = ( - self.env["g2p.reg.id"] - .sudo() - .search( - [ - ("id_type", "=", self.auth_sub_id_type_id.id), - ("value", "=", auth_claims["sub"]), - ], - limit=1, - ) - ) - partner = None - if not reg_id: - raise ValueError( - "ID not found in DB. Invalid Subject Received in auth claims" - ) - - partner = reg_id.partner_id - - partner_dict = partner.read()[0] - reg_ids_dict = { - reg_id.id_type.name: reg_id.read()[0] for reg_id in partner.reg_ids - } - - curr_datetime = f'{datetime.utcnow().isoformat(timespec = "milliseconds")}Z' - credential = jq.first( - self.credential_format, - RegistryJSONEncoder.python_dict_to_json_dict( - { - "vc_id": str(uuid.uuid4()), - "web_base_url": web_base_url, - "issuer": self.read()[0], - "curr_datetime": curr_datetime, - "partner": partner_dict, - "partner_address": self.get_full_address(partner.address), - "partner_face": self.get_image_base64_data_in_url( - partner.image_1920.decode() - ), - "reg_ids": reg_ids_dict, - }, - ), - ) - credential_response = { - "credential": self.sign_and_issue_credential(credential), - "format": credential_request["format"], - } - return credential_response - - def sign_and_issue_credential(self, credential: dict) -> dict: - self.ensure_one() - - ld_proof = self.build_empty_ld_proof() - normalised_ld_prood_str = jsonld.normalize( - ld_proof, {"algorithm": "URDNA2015", "format": "application/n-quads"} - ) - normalized_json_ld_str = jsonld.normalize( - credential, {"algorithm": "URDNA2015", "format": "application/n-quads"} - ) - - signature = self.get_encryption_provider().jwt_sign( - self.sha256_digest(normalised_ld_prood_str.encode()) - + self.sha256_digest(normalized_json_ld_str.encode()), - include_payload=False, - include_certificate=True, - include_cert_hash=True, - ) - ld_proof["jws"] = signature - ret = dict(credential) - ret["proof"] = ld_proof - return ret - - def build_empty_ld_proof(self): - self.ensure_one() - curr_datetime = f'{datetime.utcnow().isoformat(timespec = "milliseconds")}Z' - web_base_url = ( - self.env["ir.config_parameter"].sudo().get_param("web.base.url").rstrip("/") - ) - # TODO: Remove this hardcoding - return { - "@context": [ - "https://w3id.org/security/v2", - ], - "type": "RsaSignature2018", - "created": curr_datetime, - "verificationMethod": f"{web_base_url}/api/v1/security/.well-known/jwks.json", - "proofPurpose": "assertionMethod", - } - - def get_auth_jwks( - self, - auth_issuer: str, - auth_allowed_issuers: list[str], - auth_allowed_jwks_urls: list[str], - ): - self.ensure_one() - jwk_url = None - try: - jwk_url = auth_allowed_jwks_urls[auth_allowed_issuers.index(auth_issuer)] - except Exception: - jwk_url = f'{auth_issuer.rstrip("/")}/.well-known/jwks.json' - return requests.get(jwk_url).json() - - def get_encryption_provider(self): - self.ensure_one() - prov = self.encryption_provider_id - if not prov: - prov = self.env.ref("g2p_encryption.encryption_provider_default") - return prov - - @api.model - def get_full_address(self, address: str) -> dict: - try: - return json.loads(address) - except Exception: - return {"street_address": address} - - @api.model - def get_image_base64_data_in_url(self, image_base64: str) -> str: - if not image_base64: - return None - image = tools.base64_to_image(image_base64) - return f"data:image/{image.format.lower()};base64,{image_base64}" - - @api.model - def sha256_digest(self, data: bytes) -> bytes: - sha = hashes.Hash(hashes.SHA256()) - sha.update(data) - return sha.finalize()[0:32] - - @api.constrains("credential_format", "type") - def onchange_credential_format(self): - for rec in self: - if not rec.credential_format: - getattr(rec, f"set_from_static_file_{rec.type}")( - file_name="default_credential_format.jq", - field_name="credential_format", - ) - - @api.constrains("issuer_metadata_text", "type") - def onchange_issuer_metadata_text(self): - for rec in self: - if not rec.issuer_metadata_text: - getattr(rec, f"set_from_static_file_{rec.type}")( - file_name="default_issuer_metadata.jq", - field_name="issuer_metadata_text", - ) - - @api.constrains("contexts_json", "type") - def onchange_contexts_json(self): - for rec in self: - if not rec.contexts_json: - getattr(rec, f"set_from_static_file_{rec.type}")( - file_name="default_contexts.json", - field_name="contexts_json", - ) - - def set_from_static_file_OpenG2PRegistryVerifiableCredential( - self, module_name="g2p_openid_vci", file_name="", field_name="", **kwargs - ): - default_path = modules.get_resource_path(module_name, "static", file_name) - text = "" - try: - with open(default_path) as file: - text = file.read() - if field_name: - self.write({field_name: text}) - except Exception: - _logger.exception("Could not set default contexts json") - return text - - @api.model - def verify_proof_and_bind(self, credential_request): - # TODO: Verify proof and do wallet binding - # request_proof_type = credential_request["proof"]["proof_type"] - # request_proof_jwt = credential_request["proof"]["jwt"] - # request_proof = None - # if request_proof_type and request_proof_jwt and request_proof_type == "jwt": - # request_proof = jwt.get_unverified_claims(request_proof_jwt) - # else: - # raise ValueError("Only JWT proof supported") - pass diff --git a/g2p_openid_vci/readme/CONTRIBUTORS.rst b/g2p_openid_vci/readme/CONTRIBUTORS.rst deleted file mode 100644 index 3fe1649..0000000 --- a/g2p_openid_vci/readme/CONTRIBUTORS.rst +++ /dev/null @@ -1 +0,0 @@ -* Lalith Kota diff --git a/g2p_openid_vci/readme/DESCRIPTION.rst b/g2p_openid_vci/readme/DESCRIPTION.rst deleted file mode 100644 index ea569fc..0000000 --- a/g2p_openid_vci/readme/DESCRIPTION.rst +++ /dev/null @@ -1 +0,0 @@ -OpenG2P OpenID for Verifiable Credential Issuance diff --git a/g2p_openid_vci/security/ir.model.access.csv b/g2p_openid_vci/security/ir.model.access.csv deleted file mode 100644 index d990396..0000000 --- a/g2p_openid_vci/security/ir.model.access.csv +++ /dev/null @@ -1,2 +0,0 @@ -id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink -access_vci_issuers,OpenID VCI Issuers System user,model_g2p_openid_vci_issuers,base.group_system,1,1,1,1 diff --git a/g2p_openid_vci/static/default_contexts.json b/g2p_openid_vci/static/default_contexts.json deleted file mode 100644 index 8505dcd..0000000 --- a/g2p_openid_vci/static/default_contexts.json +++ /dev/null @@ -1,91 +0,0 @@ -{ - "@context": { - "OpenG2PRegistryVerifiableCredential": { - "@id": "https://openg2p.org/credential#OpenG2PRegistryVerifiableCredential", - "@context": [ - "https://www.w3.org/2018/credentials/v1", - { - "@vocab": "https://openg2p.org/credential#OpenG2PRegistryVerifiableCredential#", - "credentialSubject": { - "@id": "credentialSubject", - "@type": "@id", - "@context": { - "@vocab": "https://openg2p.org/credential#OpenG2PRegistryVerifiableCredential#credentialSubject#", - "name": { - "@id": "name", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "fullName": { - "@id": "fullName", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "gender": { - "@id": "gender", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "dateOfBirth": "dateOfBirth", - "email": "email", - "phone": "phone", - "addressLine1": { - "@id": "addressLine1", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "addressLine2": { - "@id": "addressLine2", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "addressLine3": { - "@id": "addressLine3", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "province": { - "@id": "province", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "region": { - "@id": "region", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "postalCode": "postalCode", - "face": "face", - "vcVer": "vcVer", - "UIN": "UIN" - } - } - } - ] - } - } -} diff --git a/g2p_openid_vci/static/default_credential_format.jq b/g2p_openid_vci/static/default_credential_format.jq deleted file mode 100644 index 30c27e7..0000000 --- a/g2p_openid_vci/static/default_credential_format.jq +++ /dev/null @@ -1,56 +0,0 @@ -{ - "@context": [ - "https://www.w3.org/2018/credentials/v1", - (.web_base_url + "/api/v1/vci/.well-known/contexts.json") - ], - "id": .vc_id, - "type": ["VerifiableCredential", .issuer.type], - "issuer": .issuer.unique_issuer_id, - "issuanceDate": .curr_datetime, - "credentialSubject": { - "vcVer": "VC-V1", - "id": (.web_base_url + "/api/v1/registry/individual/" + (.partner.id | tostring)), - "name": [ - { - "language": "eng", - "value": .partner.name - } - ], - "fullName": [ - { - "language": "eng", - "value": .partner.name - } - ], - "gender": [ - { - "language": "eng", - "value": .partner.gender - } - ], - "dateOfBirth": .partner.birthdate, - "email": .partner.email, - "phone": .partner.phone, - "addressLine1": [ - { - "language": "eng", - "value": .partner_address.street_address - } - ], - "province": [ - { - "language": "eng", - "value": .partner_address.locality - } - ], - "region": [ - { - "language": "eng", - "value": .partner_address.region - } - ], - "postalCode": .partner_address.postal_code, - "face": .partner_face, - "UIN": .reg_ids["NATIONAL ID"]?.value - } -} diff --git a/g2p_openid_vci/static/default_issuer_metadata.jq b/g2p_openid_vci/static/default_issuer_metadata.jq deleted file mode 100644 index ef9c27a..0000000 --- a/g2p_openid_vci/static/default_issuer_metadata.jq +++ /dev/null @@ -1,89 +0,0 @@ -[ - { - "id": .type, - "format": .supported_format, - "scope": .scope, - "cryptographic_binding_methods_supported": [ - "did:jwk" - ], - "credential_signing_alg_values_supported": [ - "RS256" - ], - "proof_types_supported": [ - "jwt" - ], - "credential_definition": { - "type": [ - "VerifiableCredential", - .type - ], - "credentialSubject": { - "fullName": { - "display": [ - { - "name": "Name", - "locale": "en" - } - ] - }, - "gender": { - "display": [ - { - "name": "Gender", - "locale": "en" - } - ] - }, - "dateOfBirth": { - "display": [ - { - "name": "Date of Birth", - "locale": "en" - } - ] - }, - "address": { - "display": [ - { - "name": "Address", - "locale": "en" - } - ] - }, - "UIN": { - "display": [ - { - "name": "Beneficiary ID", - "locale": "en" - } - ] - }, - "nationalID": { - "display": [ - { - "name": "National ID", - "locale": "en" - } - ] - } - } - }, - "display": [ - { - "name": "OpenG2P Registry Credential", - "locale": "en", - "logo": { - "url": (.web_base_url + "/g2p_openid_vci/static/description/icon.png"), - "alt_text": "a square logo of a OpenG2P" - }, - "background_color": "#12107c", - "text_color": "#FFFFFF" - } - ], - "order": [ - "fullName", - "gender", - "dateOfBirth" - ] - } -] diff --git a/g2p_openid_vci/static/description/icon.png b/g2p_openid_vci/static/description/icon.png deleted file mode 100644 index 5ecb429ea9ceb3863d46ea852dc9c9f78d4e901b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3985 zcmZ{n`9BkmAIC8pv!Q92t8$HU&3*S_?hrzbeAwnL%6)_wHrJX+S}0c-Wzr~eMDCAc z3e6Qh%8{GMmHPTVzCV9|c)eeb_v7^sJfCT{SIxM>=H)Shy|Bjjx?H>A&FwonBg- z;pNj}4ZUWDW}WDhk3W6DLFO)@EG&?-{|zfkUIBuIg;&GE*w7)WVErlh0sk03aU#cr z9mpQ+1?EO`UJ_2TBS{!@!w8&ZuzKTvq!sP5i}*;?G6Ozf31_umSm!HX_UqwnT(H@F z!;4+U(}n_e!#;GwpT87{g+-6+*1w#%zH;3OnWfOilJi--y~$P9xDhgz4Ss2SZy>& zeDnlOJI>wC&e{J?`*!KF3>sZC5(&vKSp&S)Nexs^!d`0pD&bEb&``VbyL3ffQ28~a zPqZo{@J3Fr+GEx3>w?XUGfX&*5<-x$@j_YB{I5p9Wb*aKjwXh@a#PQUcED$`n6pM! zU$y4@_|tV0KFY)749csA9d;b#Qb*)rN~&GVL3+Fc-}|qrGJGx6L~9!$lLB1#VZ1zEe5&g^$1THq`Vs5Lbc1CjIy~SZv z=lz0hR|xp!(sr{5TyjhPE+L%M{{*+)5R!t62oDgzu{t%&quHjkH7q;R1eCAI%nJ|^ ztw4^@1)i>ESwKg?T>4`ZbIc|Q>N(xnUF(bL+EN;tE~ZGTq6Y2_C#&9;6Hi<6@}j^5 zl*yjySU%qk^w^8lNt7|rcltV-FFr2|OVcFPzzz~F60rr1M&frEy(qJw?m%g&?FJGw zl!lF!iHdDu^n@((5Sozy`Wm#~{}Ow46zBNYae0TJ(m&E#x8?1j*A?o~XmQ3s8)`GC zdq6^J$GV5;f<-WkF=F=6M+5$n9cq9kQISRQjfQH1m;35CY9G<9o}f(ZPybuap>(iv zGf`{NCB>&$;FCYHG4zs+bzIn3v{`1N07zM#rADR8AhYvL7cJ#O9WefihzwcVLhv&I z>ux1t!+kFtusq)w?@$gEqj*O;57~?Askg^~=`QZ< z975e6wC`Tl+sKn0l7A(*dqqTv><|8|DzeD%|Jv(j9&l^xe7Qt5yP0rz@Vg#nNNJP9 zDvmh<{NpNErK0B7Jx_Ut5qapcOb(}7Y^Vrk$H1NaT%HRW2zIR6s}_1*^669!W*P^B z7T~uymT&Xvl6CoGaaj1f4r|syYnq3Oc%OAULg^%7_Bv{Y?tGl&S+jGXvyytbizZn0 z+3q*=kBp)I!-HTqv$)vFw7Fe#5guV-X_{!VSK)GH8S<8A`VKG(QNT{(tFB@4$9DS( z2w$UmtmVnt>b}yii5h*2n=a_8s-UxSjO&MZ)qFr)^bPkNqhC& zy+AU@E@KJL#RzdptH}HL12Ks1BtIy%b-Hdh;QeM3HmUWroq&Nxoza6L6JT@DpoT&9 zo7J|{QV~H~u4_L==Oz(utH-j8o z*#O=xe!9y{MvU>w<1ZJ%?xs$xxn(L6mc`VkPdq}vt|wa$8*X*5KmG8n-)M%#H13K7 zvY7fsf9&178e}_Dipe`-bMLMge4PcZ&6j>;#E7kpS8n}@yBlud5OqSen5s36%=2;i zX8xRz=)O1y)WkVwBW!m?paXohe4^`G))F>*bgM`&I4&Yvi#lr*nL9z+8*XBJr-fd> zMZocZUWnx_1gdytJKHYj%MWHxeJd9eA;r8giAKX>qMHF}gmLptV~csPBV)C~ikKF4 zb~o&4zp$JQxAd@UMTP!b$S?4u=N-(aarBrN!#|fZZ%xh7J=MO~Uf1Ch^bfBpiffy@ zVcJre$X}K9?LOJcD1dW}V#o2gkp|ltO^m*&I9qbwNHK2^R%ZvZcC$J8T{MeL=jI3! zO6e}Xn^5xAr9@{|KbPux8}7Vv@+YENV>t21;|Yb3%yy3LSx5kdGY@ZeJoC}7eits2 zRk67A41~lx=4QSKe3pmt9#b*gewUD`qGH{dXKNkUVE&h|JtLeJjxN5D@S@$){b;CZ zZ%&WqZ2PJZuOO6M*j18>6wzF|Ki8 z04-~EVjJh^6)8k{ejR~)+%ormPQW%W_gZq*p0PsCpf@JR)tlm`kyu%Dt1^D}IoFtG zru!uTee_C)aV!vtzp3o0;PBLcpK!CK9zo2h#Y#{oe%~6Vj=qmCK<~MaoNtyUR@$p{ z7%TNMlFmQU;jn;L@y3vO#yBK9QPRmeP&22LCT?)ou^|-%qsLmMVYyy$=GfqH@T$Mh z_i7a*%EMlQ7T(_Sf)Q@+Us~C^Ax*rZO+87&UZX7fFtrm5 zdDu$Z6@yrkC$+8;)zIoXSLtg*ypHxK;H_9{tCVFS`>#t5Q&c-k(jxF}C@dxGpJ`O* zxid`+S|ujEw0(6__AnN(vDp08A*L9?-S%t9WqFQbzkcbW`taAkGvo zr*J=;arqUT6t%k5Ae-Z8mh7?Ac7XSACXil3x$p8jeBe_|9KH%N1z` zGM!*QHykP8((We#uUABH&UkA;)sN3sTbpi!67|WOviA6o%p1l)IMwk{Ci_jCR*$Y# zNmEA6yCZ;^Y4P>XatST*<_=3uO@j;gIN!OylGyvB?0S)yvW_OMy|2AIP#OWZ&sHds zM<9av;&2S75Nz()9Gn@=x4>z#$^IFEARfiwBE!&z#|KsM$y4%o*d`EEIQrjA@aPKu zxleJ{>b>A46GM?C8!^fPP}wrA%=%&7`^EJO?VoO(+-?ud^)+0%b0SCA%z+! z3trk8b0Dk__(b#9^+^bpBqs{dc+)dY0@)P44kdl~O_-1u!N`Q<*n@bjsKgMqBGNs$JxFytI$)E$+%TA0GNs!$(99>Tl&T%(pMMubbHA7A+K zWkF*$WC$Y0`z}eYy`@$7R{^jbKh@4+tFS+EQ5L@9u$8=_S-FyB82<-Isr=Kjt;I!d zDQ`QR1>=aU4|XFk9HlN)4rbKMeT{#V+Spz-_J;eRKg(cBJf5Zq*cSO<&_!=#EJtk6 zx6+Xu7frJvZjt^o+IKQ_hn50`vbOo+)=JWy-z8MEZR9Xd*rqwFm?=YcMLcs0Ii`I} zj$3gZtGs=U`Glfnl7`1%=%HpQ7I{D{9c;~$Y@VE-R5QPFwz;auSpI~zQ(NXDv8=}r zQdVQFSq^O$*iRkVWcB}}=>)X4L%E92z3}ID%j~K!jE)xq5-Mvpp`t$85A3%_Z`3U| z_mfD+Z_U>vNs*6hk&PX})%6n%^A|QW)1+04wKP%r((^n?&XXKB8FM9azaNY)UY@_0x7Uvrd2Yker2@P*8^o9r@)VN14D=0#ZmhP{I^=G6Ud6%;*k02fl8|u`G0`mg0 zbwwjz1L(%`>S=wAwiFn7fKPeoLixCF1B1DbhK!MpvV*2^DMaxjO6P)u>=4%}!nKRh zYXnML1|4z;L}fM4<_^a$$>~NqUwX9P+&$}$zw0u~w8XRY+cnBdpcg42D>W1T6{%Y*U|J?nqQC@Ju$M4~q)PoHwr*NY|Oo!U_cUq)QE9WxIt7 zu`}SIkE2V`tV*2-a;&yp(HjW}We~mOIq_K0sdcih=M5qN5ToT3Ul^Z?dE&8g>n%Y2 zV~pS_U+TRNgH>ED4>T-S?NK8i+J*7?#ty-$eU@+X#XfCoHm1Y+Vl#_n_fb8@XWyUS zTi3ktJP>mn(!J;=`?C>$=pMcbP*-C19i-H_BF`%$h%I}?)<0rAtRJJ&(gcprGsK*b z==K|lG3~j@rp0j{8-T#SyUQ|mP8ABIO{$fntjf%CP(TL$T?u2kuce)eboTsk2mEtF zar;GOQo6f^yFbuD{C(#o z_`)S=%=3|fEAXaiyhxzL5#8eAyg}kr0vCkL_9QO(@B9?xjruX>Umt32uV(&VG5w#k cQjyE?yb-=lO40g}r&`ToVRF@&hQ=iR2lB5=%K!iX diff --git a/g2p_openid_vci/static/description/index.html b/g2p_openid_vci/static/description/index.html deleted file mode 100644 index b7f0b59..0000000 --- a/g2p_openid_vci/static/description/index.html +++ /dev/null @@ -1,420 +0,0 @@ - - - - - - -G2P OpenID VCI: Base - - - -
-

G2P OpenID VCI: Base

- - -

Alpha OpenG2P/openg2p-auth

-

OpenG2P OpenID for Verifiable Credential Issuance

-
-

Important

-

This is an alpha version, the data model and design can change at any time without warning. -Only for development or testing purpose, do not use in production. -More details on development status

-
-

Table of contents

- -
-

Bug Tracker

-

Bugs are tracked on GitHub Issues. -In case of trouble, please check there if your issue has already been reported. -If you spotted it first, help us smashing it by providing a detailed and welcomed -feedback.

-

Do not contact contributors directly about support or help with technical issues.

-
-
-

Credits

-
-

Authors

-
    -
  • OpenG2P
    • -
-
-
-

Contributors

- -
-
-

Maintainers

-

This module is part of the OpenG2P/openg2p-auth project on GitHub.

-

You are welcome to contribute.

-
-
-
- - diff --git a/g2p_openid_vci/views/vci_issuers.xml b/g2p_openid_vci/views/vci_issuers.xml deleted file mode 100644 index 2429312..0000000 --- a/g2p_openid_vci/views/vci_issuers.xml +++ /dev/null @@ -1,62 +0,0 @@ - - - - - view_g2p_openid_vci_issuers_tree - g2p.openid.vci.issuers - 1 - - - - - - - - - - - view_g2p_openid_vci_issuers_form - g2p.openid.vci.issuers - 1 - -
- - - - - - - - - - - - - - - - - - - -
- - - - - VCI issuers - g2p.openid.vci.issuers - tree,form - Manage allowed VCI issuers. - - - - diff --git a/g2p_openid_vci_programs/README.rst b/g2p_openid_vci_programs/README.rst deleted file mode 100644 index e27d8c1..0000000 --- a/g2p_openid_vci_programs/README.rst +++ /dev/null @@ -1,59 +0,0 @@ -===================================== -G2P OpenID VCI: Program Beneficiaries -===================================== - -.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - !! This file is generated by oca-gen-addon-readme !! - !! changes will be overwritten. !! - !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - -.. |badge1| image:: https://img.shields.io/badge/maturity-Alpha-red.png - :target: https://odoo-community.org/page/development-status - :alt: Alpha -.. |badge2| image:: https://img.shields.io/badge/github-OpenG2P%2Fopeng2p--auth-lightgray.png?logo=github - :target: https://github.com/OpenG2P/openg2p-auth/tree/15.0-develop/g2p_openid_vci_programs - :alt: OpenG2P/openg2p-auth - -|badge1| |badge2| - -OpenG2P OpenID for Verifiable Credential Issuance for G2P Beneficiaries - -.. IMPORTANT:: - This is an alpha version, the data model and design can change at any time without warning. - Only for development or testing purpose, do not use in production. - `More details on development status `_ - -**Table of contents** - -.. contents:: - :local: - -Bug Tracker -=========== - -Bugs are tracked on `GitHub Issues `_. -In case of trouble, please check there if your issue has already been reported. -If you spotted it first, help us smashing it by providing a detailed and welcomed -`feedback `_. - -Do not contact contributors directly about support or help with technical issues. - -Credits -======= - -Authors -~~~~~~~ - -* OpenG2P - -Contributors -~~~~~~~~~~~~ - -* Lalith Kota - -Maintainers -~~~~~~~~~~~ - -This module is part of the `OpenG2P/openg2p-auth `_ project on GitHub. - -You are welcome to contribute. diff --git a/g2p_openid_vci_programs/__init__.py b/g2p_openid_vci_programs/__init__.py deleted file mode 100644 index 0650744..0000000 --- a/g2p_openid_vci_programs/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from . import models diff --git a/g2p_openid_vci_programs/__manifest__.py b/g2p_openid_vci_programs/__manifest__.py deleted file mode 100644 index b1c6135..0000000 --- a/g2p_openid_vci_programs/__manifest__.py +++ /dev/null @@ -1,27 +0,0 @@ -# Part of OpenG2P. See LICENSE file for full copyright and licensing details. -{ - "name": "G2P OpenID VCI: Program Beneficiaries", - "category": "G2P", - "version": "15.0.1.2.0", - "sequence": 1, - "author": "OpenG2P", - "website": "https://openg2p.org", - "license": "Other OSI approved licence", - "development_status": "Alpha", - "depends": [ - "g2p_openid_vci", - "g2p_programs", - ], - "data": [ - "views/vci_issuers.xml", - ], - "assets": { - "web.assets_backend": [], - "web.assets_qweb": [], - }, - "demo": [], - "images": [], - "application": False, - "installable": True, - "auto_install": False, -} diff --git a/g2p_openid_vci_programs/models/__init__.py b/g2p_openid_vci_programs/models/__init__.py deleted file mode 100644 index 23d962e..0000000 --- a/g2p_openid_vci_programs/models/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from . import vci_issuer diff --git a/g2p_openid_vci_programs/models/vci_issuer.py b/g2p_openid_vci_programs/models/vci_issuer.py deleted file mode 100644 index b06d27d..0000000 --- a/g2p_openid_vci_programs/models/vci_issuer.py +++ /dev/null @@ -1,101 +0,0 @@ -import logging -import uuid -from datetime import datetime - -import pyjq as jq # pylint: disable=[W7936] - -from odoo import fields, models - -from odoo.addons.g2p_openid_vci.json_encoder import RegistryJSONEncoder - -_logger = logging.getLogger(__name__) - - -class BeneficiaryOpenIDVCIssuer(models.Model): - _inherit = "g2p.openid.vci.issuers" - - type = fields.Selection( - selection_add=[ - ( - "OpenG2PBeneficiaryVerifiableCredential", - "OpenG2PBeneficiaryVerifiableCredential", - ) - ], - ondelete={"OpenG2PBeneficiaryVerifiableCredential": "cascade"}, - ) - - program_id = fields.Many2one("g2p.program") - - def issue_vc_OpenG2PBeneficiaryVerifiableCredential( - self, auth_claims, credential_request - ): - self.ensure_one() - web_base_url = ( - self.env["ir.config_parameter"].sudo().get_param("web.base.url").rstrip("/") - ) - - reg_id = ( - self.env["g2p.reg.id"] - .sudo() - .search( - [ - ("id_type", "=", self.auth_sub_id_type_id.id), - ("value", "=", auth_claims["sub"]), - ( - "partner_id.program_membership_ids.program_id", - "=", - self.program_id.id, - ), - ], - limit=1, - ) - ) - partner = None - if not reg_id: - raise ValueError( - "ID not found in DB. Invalid Subject Received in auth claims. Or person not part of the program." - ) - - partner = reg_id.partner_id - program_membership_id = partner.program_membership_ids.filtered( - lambda x: x.program_id.id == self.program_id.id - ) - if program_membership_id.state != "enrolled": - raise ValueError("Person not enrolled into program.") - - partner_dict = partner.read()[0] - program_membership_dict = program_membership_id.read()[0] - reg_ids_dict = { - reg_id.id_type.name: reg_id.read()[0] for reg_id in partner.reg_ids - } - program_dict = self.program_id.read()[0] - - curr_datetime = f'{datetime.utcnow().isoformat(timespec = "milliseconds")}Z' - credential = jq.first( - self.credential_format, - RegistryJSONEncoder.python_dict_to_json_dict( - { - "vc_id": str(uuid.uuid4()), - "web_base_url": web_base_url, - "issuer": self.read()[0], - "curr_datetime": curr_datetime, - "partner": partner_dict, - "partner_address": self.get_full_address(partner.address), - "partner_face": self.get_image_base64_data_in_url( - partner.image_1920.decode() - ), - "reg_ids": reg_ids_dict, - "program_membership": program_membership_dict, - "program": program_dict, - }, - ), - ) - credential_response = { - "credential": self.sign_and_issue_credential(credential), - "format": credential_request["format"], - } - return credential_response - - def set_from_static_file_OpenG2PBeneficiaryVerifiableCredential(self, **kwargs): - kwargs.setdefault("module_name", "g2p_openid_vci_programs") - return self.set_from_static_file_OpenG2PRegistryVerifiableCredential(**kwargs) diff --git a/g2p_openid_vci_programs/readme/CONTRIBUTORS.rst b/g2p_openid_vci_programs/readme/CONTRIBUTORS.rst deleted file mode 100644 index 3fe1649..0000000 --- a/g2p_openid_vci_programs/readme/CONTRIBUTORS.rst +++ /dev/null @@ -1 +0,0 @@ -* Lalith Kota diff --git a/g2p_openid_vci_programs/readme/DESCRIPTION.rst b/g2p_openid_vci_programs/readme/DESCRIPTION.rst deleted file mode 100644 index 2110fef..0000000 --- a/g2p_openid_vci_programs/readme/DESCRIPTION.rst +++ /dev/null @@ -1 +0,0 @@ -OpenG2P OpenID for Verifiable Credential Issuance for G2P Beneficiaries diff --git a/g2p_openid_vci_programs/static/default_contexts.json b/g2p_openid_vci_programs/static/default_contexts.json deleted file mode 100644 index 1112e3c..0000000 --- a/g2p_openid_vci_programs/static/default_contexts.json +++ /dev/null @@ -1,101 +0,0 @@ -{ - "@context": { - "OpenG2PBeneficiaryVerifiableCredential": { - "@id": "https://openg2p.org/credential#OpenG2PBeneficiaryVerifiableCredential", - "@context": [ - "https://www.w3.org/2018/credentials/v1", - { - "@vocab": "https://openg2p.org/credential#OpenG2PBeneficiaryVerifiableCredential#", - "credentialSubject": { - "@id": "credentialSubject", - "@type": "@id", - "@context": { - "@vocab": "https://openg2p.org/credential#OpenG2PRegistryVerifiableCredential#credentialSubject#", - "name": { - "@id": "name", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "fullName": { - "@id": "fullName", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "gender": { - "@id": "gender", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "dateOfBirth": "dateOfBirth", - "email": "email", - "phone": "phone", - "addressLine1": { - "@id": "addressLine1", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "addressLine2": { - "@id": "addressLine2", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "addressLine3": { - "@id": "addressLine3", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "province": { - "@id": "province", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "region": { - "@id": "region", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "postalCode": "postalCode", - "face": "face", - "vcVer": "vcVer", - "UIN": "UIN", - "nationalId": "nationalId", - "programName": { - "@id": "programName", - "@type": "@id", - "@context": { - "value": "@value", - "language": "@language" - } - }, - "validUntil": "validUntil" - } - } - } - ] - } - } -} diff --git a/g2p_openid_vci_programs/static/default_credential_format.jq b/g2p_openid_vci_programs/static/default_credential_format.jq deleted file mode 100644 index 19cb2bb..0000000 --- a/g2p_openid_vci_programs/static/default_credential_format.jq +++ /dev/null @@ -1,74 +0,0 @@ -{ - "@context": [ - "https://www.w3.org/2018/credentials/v1", - (.web_base_url + "/api/v1/vci/.well-known/contexts.json") - ], - "id": .vc_id, - "type": ["VerifiableCredential", .issuer.type], - "issuer": .issuer.unique_issuer_id, - "issuanceDate": .curr_datetime, - "credentialSubject": { - "vcVer": "VC-V1", - "id": (.web_base_url + "/api/v1/registry/individual/" + (.partner.id | tostring)), - "name": [ - { - "language": "eng", - "value": .partner.name - } - ], - "fullName": [ - { - "language": "eng", - "value": .partner.name - } - ], - "gender": [ - { - "language": "eng", - "value": .partner.gender - } - ], - "dateOfBirth": .partner.birthdate, - "email": .partner.email, - "phone": .partner.phone, - "addressLine1": [ - { - "language": "eng", - "value": .partner_address.street_address - } - ], - "province": [ - { - "language": "eng", - "value": .partner_address.locality - } - ], - "region": [ - { - "language": "eng", - "value": .partner_address.region - } - ], - "postalCode": .partner_address.postal_code, - "face": .partner_face, - "nationalId": .reg_ids["NATIONAL ID"]?.value, - "UIN": ( - (.reg_ids["NATIONAL ID"]?.value[0:5] | explode | reverse | implode) - + (.reg_ids["NATIONAL ID"]?.value[6:10] | explode | reverse| implode) - ), - "programName": [ - { - "language": "eng", - "value": .program.name - } - ], - "validUntil": ( - .curr_datetime - | sub(".[0-9]+Z$"; "Z") - | strptime("%Y-%m-%dT%H:%M:%SZ") - | mktime - | . + 31556926 - | strftime("%Y-%m-%d") - ) - } -} diff --git a/g2p_openid_vci_programs/static/default_issuer_metadata.jq b/g2p_openid_vci_programs/static/default_issuer_metadata.jq deleted file mode 100644 index 9f366ba..0000000 --- a/g2p_openid_vci_programs/static/default_issuer_metadata.jq +++ /dev/null @@ -1,107 +0,0 @@ -[ - { - "id": .type, - "format": .supported_format, - "scope": .scope, - "cryptographic_binding_methods_supported": [ - "did:jwk" - ], - "credential_signing_alg_values_supported": [ - "RS256" - ], - "proof_types_supported": [ - "jwt" - ], - "credential_definition": { - "type": [ - "VerifiableCredential", - .type - ], - "credentialSubject": { - "fullName": { - "display": [ - { - "name": "Name", - "locale": "en" - } - ] - }, - "gender": { - "display": [ - { - "name": "Gender", - "locale": "en" - } - ] - }, - "dateOfBirth": { - "display": [ - { - "name": "Date of Birth", - "locale": "en" - } - ] - }, - "address": { - "display": [ - { - "name": "Address", - "locale": "en" - } - ] - }, - "UIN": { - "display": [ - { - "name": "Beneficiary ID", - "locale": "en" - } - ] - }, - "nationalID": { - "display": [ - { - "name": "National ID", - "locale": "en" - } - ] - }, - "programName": { - "display": [ - { - "name": "Program Name", - "locale": "en" - } - ] - }, - "validUntil": { - "display": [ - { - "name": "Valid until", - "locale": "en" - } - ] - } - } - }, - "display": [ - { - "name": "OpenG2P Program Beneficiary Credential", - "locale": "en", - "logo": { - "url": (.web_base_url + "/g2p_openid_vci_programs/static/description/icon.png"), - "alt_text": "a square logo of a OpenG2P" - }, - "background_color": "#f5c538", - "text_color": "#03096e" - } - ], - "order": [ - "fullName", - "programName", - "gender", - "dateOfBirth", - "validUntil" - ] - } -] diff --git a/g2p_openid_vci_programs/static/description/icon.png b/g2p_openid_vci_programs/static/description/icon.png deleted file mode 100644 index 5ecb429ea9ceb3863d46ea852dc9c9f78d4e901b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3985 zcmZ{n`9BkmAIC8pv!Q92t8$HU&3*S_?hrzbeAwnL%6)_wHrJX+S}0c-Wzr~eMDCAc z3e6Qh%8{GMmHPTVzCV9|c)eeb_v7^sJfCT{SIxM>=H)Shy|Bjjx?H>A&FwonBg- z;pNj}4ZUWDW}WDhk3W6DLFO)@EG&?-{|zfkUIBuIg;&GE*w7)WVErlh0sk03aU#cr z9mpQ+1?EO`UJ_2TBS{!@!w8&ZuzKTvq!sP5i}*;?G6Ozf31_umSm!HX_UqwnT(H@F z!;4+U(}n_e!#;GwpT87{g+-6+*1w#%zH;3OnWfOilJi--y~$P9xDhgz4Ss2SZy>& zeDnlOJI>wC&e{J?`*!KF3>sZC5(&vKSp&S)Nexs^!d`0pD&bEb&``VbyL3ffQ28~a zPqZo{@J3Fr+GEx3>w?XUGfX&*5<-x$@j_YB{I5p9Wb*aKjwXh@a#PQUcED$`n6pM! zU$y4@_|tV0KFY)749csA9d;b#Qb*)rN~&GVL3+Fc-}|qrGJGx6L~9!$lLB1#VZ1zEe5&g^$1THq`Vs5Lbc1CjIy~SZv z=lz0hR|xp!(sr{5TyjhPE+L%M{{*+)5R!t62oDgzu{t%&quHjkH7q;R1eCAI%nJ|^ ztw4^@1)i>ESwKg?T>4`ZbIc|Q>N(xnUF(bL+EN;tE~ZGTq6Y2_C#&9;6Hi<6@}j^5 zl*yjySU%qk^w^8lNt7|rcltV-FFr2|OVcFPzzz~F60rr1M&frEy(qJw?m%g&?FJGw zl!lF!iHdDu^n@((5Sozy`Wm#~{}Ow46zBNYae0TJ(m&E#x8?1j*A?o~XmQ3s8)`GC zdq6^J$GV5;f<-WkF=F=6M+5$n9cq9kQISRQjfQH1m;35CY9G<9o}f(ZPybuap>(iv zGf`{NCB>&$;FCYHG4zs+bzIn3v{`1N07zM#rADR8AhYvL7cJ#O9WefihzwcVLhv&I z>ux1t!+kFtusq)w?@$gEqj*O;57~?Askg^~=`QZ< z975e6wC`Tl+sKn0l7A(*dqqTv><|8|DzeD%|Jv(j9&l^xe7Qt5yP0rz@Vg#nNNJP9 zDvmh<{NpNErK0B7Jx_Ut5qapcOb(}7Y^Vrk$H1NaT%HRW2zIR6s}_1*^669!W*P^B z7T~uymT&Xvl6CoGaaj1f4r|syYnq3Oc%OAULg^%7_Bv{Y?tGl&S+jGXvyytbizZn0 z+3q*=kBp)I!-HTqv$)vFw7Fe#5guV-X_{!VSK)GH8S<8A`VKG(QNT{(tFB@4$9DS( z2w$UmtmVnt>b}yii5h*2n=a_8s-UxSjO&MZ)qFr)^bPkNqhC& zy+AU@E@KJL#RzdptH}HL12Ks1BtIy%b-Hdh;QeM3HmUWroq&Nxoza6L6JT@DpoT&9 zo7J|{QV~H~u4_L==Oz(utH-j8o z*#O=xe!9y{MvU>w<1ZJ%?xs$xxn(L6mc`VkPdq}vt|wa$8*X*5KmG8n-)M%#H13K7 zvY7fsf9&178e}_Dipe`-bMLMge4PcZ&6j>;#E7kpS8n}@yBlud5OqSen5s36%=2;i zX8xRz=)O1y)WkVwBW!m?paXohe4^`G))F>*bgM`&I4&Yvi#lr*nL9z+8*XBJr-fd> zMZocZUWnx_1gdytJKHYj%MWHxeJd9eA;r8giAKX>qMHF}gmLptV~csPBV)C~ikKF4 zb~o&4zp$JQxAd@UMTP!b$S?4u=N-(aarBrN!#|fZZ%xh7J=MO~Uf1Ch^bfBpiffy@ zVcJre$X}K9?LOJcD1dW}V#o2gkp|ltO^m*&I9qbwNHK2^R%ZvZcC$J8T{MeL=jI3! zO6e}Xn^5xAr9@{|KbPux8}7Vv@+YENV>t21;|Yb3%yy3LSx5kdGY@ZeJoC}7eits2 zRk67A41~lx=4QSKe3pmt9#b*gewUD`qGH{dXKNkUVE&h|JtLeJjxN5D@S@$){b;CZ zZ%&WqZ2PJZuOO6M*j18>6wzF|Ki8 z04-~EVjJh^6)8k{ejR~)+%ormPQW%W_gZq*p0PsCpf@JR)tlm`kyu%Dt1^D}IoFtG zru!uTee_C)aV!vtzp3o0;PBLcpK!CK9zo2h#Y#{oe%~6Vj=qmCK<~MaoNtyUR@$p{ z7%TNMlFmQU;jn;L@y3vO#yBK9QPRmeP&22LCT?)ou^|-%qsLmMVYyy$=GfqH@T$Mh z_i7a*%EMlQ7T(_Sf)Q@+Us~C^Ax*rZO+87&UZX7fFtrm5 zdDu$Z6@yrkC$+8;)zIoXSLtg*ypHxK;H_9{tCVFS`>#t5Q&c-k(jxF}C@dxGpJ`O* zxid`+S|ujEw0(6__AnN(vDp08A*L9?-S%t9WqFQbzkcbW`taAkGvo zr*J=;arqUT6t%k5Ae-Z8mh7?Ac7XSACXil3x$p8jeBe_|9KH%N1z` zGM!*QHykP8((We#uUABH&UkA;)sN3sTbpi!67|WOviA6o%p1l)IMwk{Ci_jCR*$Y# zNmEA6yCZ;^Y4P>XatST*<_=3uO@j;gIN!OylGyvB?0S)yvW_OMy|2AIP#OWZ&sHds zM<9av;&2S75Nz()9Gn@=x4>z#$^IFEARfiwBE!&z#|KsM$y4%o*d`EEIQrjA@aPKu zxleJ{>b>A46GM?C8!^fPP}wrA%=%&7`^EJO?VoO(+-?ud^)+0%b0SCA%z+! z3trk8b0Dk__(b#9^+^bpBqs{dc+)dY0@)P44kdl~O_-1u!N`Q<*n@bjsKgMqBGNs$JxFytI$)E$+%TA0GNs!$(99>Tl&T%(pMMubbHA7A+K zWkF*$WC$Y0`z}eYy`@$7R{^jbKh@4+tFS+EQ5L@9u$8=_S-FyB82<-Isr=Kjt;I!d zDQ`QR1>=aU4|XFk9HlN)4rbKMeT{#V+Spz-_J;eRKg(cBJf5Zq*cSO<&_!=#EJtk6 zx6+Xu7frJvZjt^o+IKQ_hn50`vbOo+)=JWy-z8MEZR9Xd*rqwFm?=YcMLcs0Ii`I} zj$3gZtGs=U`Glfnl7`1%=%HpQ7I{D{9c;~$Y@VE-R5QPFwz;auSpI~zQ(NXDv8=}r zQdVQFSq^O$*iRkVWcB}}=>)X4L%E92z3}ID%j~K!jE)xq5-Mvpp`t$85A3%_Z`3U| z_mfD+Z_U>vNs*6hk&PX})%6n%^A|QW)1+04wKP%r((^n?&XXKB8FM9azaNY)UY@_0x7Uvrd2Yker2@P*8^o9r@)VN14D=0#ZmhP{I^=G6Ud6%;*k02fl8|u`G0`mg0 zbwwjz1L(%`>S=wAwiFn7fKPeoLixCF1B1DbhK!MpvV*2^DMaxjO6P)u>=4%}!nKRh zYXnML1|4z;L}fM4<_^a$$>~NqUwX9P+&$}$zw0u~w8XRY+cnBdpcg42D>W1T6{%Y*U|J?nqQC@Ju$M4~q)PoHwr*NY|Oo!U_cUq)QE9WxIt7 zu`}SIkE2V`tV*2-a;&yp(HjW}We~mOIq_K0sdcih=M5qN5ToT3Ul^Z?dE&8g>n%Y2 zV~pS_U+TRNgH>ED4>T-S?NK8i+J*7?#ty-$eU@+X#XfCoHm1Y+Vl#_n_fb8@XWyUS zTi3ktJP>mn(!J;=`?C>$=pMcbP*-C19i-H_BF`%$h%I}?)<0rAtRJJ&(gcprGsK*b z==K|lG3~j@rp0j{8-T#SyUQ|mP8ABIO{$fntjf%CP(TL$T?u2kuce)eboTsk2mEtF zar;GOQo6f^yFbuD{C(#o z_`)S=%=3|fEAXaiyhxzL5#8eAyg}kr0vCkL_9QO(@B9?xjruX>Umt32uV(&VG5w#k cQjyE?yb-=lO40g}r&`ToVRF@&hQ=iR2lB5=%K!iX diff --git a/g2p_openid_vci_programs/static/description/index.html b/g2p_openid_vci_programs/static/description/index.html deleted file mode 100644 index 2ac8849..0000000 --- a/g2p_openid_vci_programs/static/description/index.html +++ /dev/null @@ -1,420 +0,0 @@ - - - - - - -G2P OpenID VCI: Program Beneficiaries - - - -
-

G2P OpenID VCI: Program Beneficiaries

- - -

Alpha OpenG2P/openg2p-auth

-

OpenG2P OpenID for Verifiable Credential Issuance for G2P Beneficiaries

-
-

Important

-

This is an alpha version, the data model and design can change at any time without warning. -Only for development or testing purpose, do not use in production. -More details on development status

-
-

Table of contents

- -
-

Bug Tracker

-

Bugs are tracked on GitHub Issues. -In case of trouble, please check there if your issue has already been reported. -If you spotted it first, help us smashing it by providing a detailed and welcomed -feedback.

-

Do not contact contributors directly about support or help with technical issues.

-
-
-

Credits

-
-

Authors

-
    -
  • OpenG2P
    • -
-
-
-

Contributors

- -
-
-

Maintainers

-

This module is part of the OpenG2P/openg2p-auth project on GitHub.

-

You are welcome to contribute.

-
-
-
- - diff --git a/g2p_openid_vci_programs/views/vci_issuers.xml b/g2p_openid_vci_programs/views/vci_issuers.xml deleted file mode 100644 index f4fde06..0000000 --- a/g2p_openid_vci_programs/views/vci_issuers.xml +++ /dev/null @@ -1,21 +0,0 @@ - - - - - view_g2p_openid_vci_issuers_program_form - g2p.openid.vci.issuers - - 2 - - - - - - - diff --git a/g2p_openid_vci_rest_api/README.rst b/g2p_openid_vci_rest_api/README.rst deleted file mode 100644 index 6238230..0000000 --- a/g2p_openid_vci_rest_api/README.rst +++ /dev/null @@ -1,54 +0,0 @@ -======================== -G2P OpenID VCI: Rest API -======================== - -.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - !! This file is generated by oca-gen-addon-readme !! - !! changes will be overwritten. !! - !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - -.. |badge1| image:: https://img.shields.io/badge/maturity-Alpha-red.png - :target: https://odoo-community.org/page/development-status - :alt: Alpha -.. |badge2| image:: https://img.shields.io/badge/github-OpenG2P%2Fopeng2p--auth-lightgray.png?logo=github - :target: https://github.com/OpenG2P/openg2p-auth/tree/15.0-develop/g2p_openid_vci_rest_api - :alt: OpenG2P/openg2p-auth - -|badge1| |badge2| - -OpenG2P OpenID VCI REST API - -.. IMPORTANT:: - This is an alpha version, the data model and design can change at any time without warning. - Only for development or testing purpose, do not use in production. - `More details on development status `_ - -**Table of contents** - -.. contents:: - :local: - -Bug Tracker -=========== - -Bugs are tracked on `GitHub Issues `_. -In case of trouble, please check there if your issue has already been reported. -If you spotted it first, help us smashing it by providing a detailed and welcomed -`feedback `_. - -Do not contact contributors directly about support or help with technical issues. - -Credits -======= - -Authors -~~~~~~~ - -* OpenG2P - -Maintainers -~~~~~~~~~~~ - -This module is part of the `OpenG2P/openg2p-auth `_ project on GitHub. - -You are welcome to contribute. diff --git a/g2p_openid_vci_rest_api/__init__.py b/g2p_openid_vci_rest_api/__init__.py deleted file mode 100644 index c312a84..0000000 --- a/g2p_openid_vci_rest_api/__init__.py +++ /dev/null @@ -1,3 +0,0 @@ -from . import controllers -from . import models -from . import services diff --git a/g2p_openid_vci_rest_api/__manifest__.py b/g2p_openid_vci_rest_api/__manifest__.py deleted file mode 100644 index 901bacb..0000000 --- a/g2p_openid_vci_rest_api/__manifest__.py +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "G2P OpenID VCI: Rest API", - "category": "G2P", - "version": "15.0.1.2.0", - "sequence": 1, - "author": "OpenG2P", - "website": "https://openg2p.org", - "license": "Other OSI approved licence", - "development_status": "Alpha", - "depends": [ - "g2p_openid_vci", - "component", - "pydantic", - "base_rest", - "base_rest_pydantic", - "extendable", - ], - "external_dependencies": { - "python": ["extendable-pydantic", "pydantic==1.10.10", "pyjq"] - }, - "data": [], - "assets": { - "web.assets_backend": [], - "web.assets_qweb": [], - }, - "demo": [], - "images": [], - "application": False, - "installable": True, - "auto_install": False, -} diff --git a/g2p_openid_vci_rest_api/controllers/__init__.py b/g2p_openid_vci_rest_api/controllers/__init__.py deleted file mode 100644 index 12a7e52..0000000 --- a/g2p_openid_vci_rest_api/controllers/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from . import main diff --git a/g2p_openid_vci_rest_api/controllers/main.py b/g2p_openid_vci_rest_api/controllers/main.py deleted file mode 100644 index 3d96a39..0000000 --- a/g2p_openid_vci_rest_api/controllers/main.py +++ /dev/null @@ -1,7 +0,0 @@ -from odoo.addons.base_rest.controllers.main import RestController - - -class OpenIDVCIController(RestController): - _root_path = "/api/v1/" - _collection_name = "base.rest.openid.vci.services" - _default_auth = "public" diff --git a/g2p_openid_vci_rest_api/models/__init__.py b/g2p_openid_vci_rest_api/models/__init__.py deleted file mode 100644 index ac912b9..0000000 --- a/g2p_openid_vci_rest_api/models/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from . import openid_vci diff --git a/g2p_openid_vci_rest_api/models/openid_vci.py b/g2p_openid_vci_rest_api/models/openid_vci.py deleted file mode 100644 index bbf3390..0000000 --- a/g2p_openid_vci_rest_api/models/openid_vci.py +++ /dev/null @@ -1,76 +0,0 @@ -# pylint: disable=[W7936] - -from typing import Dict, List, Optional, Union - -from extendable_pydantic import ExtendableModelMeta -from pydantic import BaseModel - - -class VCIBaseModel(BaseModel, metaclass=ExtendableModelMeta): - class Config: - extra = "allow" - - -class CredetialRequestProof(VCIBaseModel): - proof_type: str - jwt: Optional[str] = None - cwt: Optional[str] = None - - -class CredentialRequestDefintion(VCIBaseModel): - type: List[str] - - -class CredentialRequest(VCIBaseModel): - format: str - proof: Optional[CredetialRequestProof] = None - credential_definition: CredentialRequestDefintion - - -class CredentialBaseResponse(VCIBaseModel): - c_nonce: Optional[str] = None - c_nonce_expires_in: Optional[int] = None - - -class CredentialResponse(CredentialBaseResponse): - format: str - credential: dict - acceptance_token: Optional[str] = None - - -class CredentialErrorResponse(CredentialBaseResponse): - error: str - error_description: str - - -class CredentialIssuerDisplayLogoResponse(VCIBaseModel): - url: str - alt_text: str - - -class CredentialIssuerDisplayResponse(VCIBaseModel): - name: str - locale: str - logo: CredentialIssuerDisplayLogoResponse - background_color: str - text_color: str - - -class CredentialIssuerConfigResponse(VCIBaseModel): - id: Optional[str] = None - format: str - scope: str - cryptographic_binding_methods_supported: List[str] - credential_signing_alg_values_supported: List[str] - credential_definition: Dict - proof_types_supported: Union[Dict, List] - display: List[CredentialIssuerDisplayResponse] - - -class CredentialIssuerResponse(VCIBaseModel): - credential_issuer: str - credential_endpoint: str - credentials_supported: Optional[List[CredentialIssuerConfigResponse]] = None - credential_configurations_supported: Optional[ - Dict[str, CredentialIssuerConfigResponse] - ] = None diff --git a/g2p_openid_vci_rest_api/readme/DESCRIPTION.rst b/g2p_openid_vci_rest_api/readme/DESCRIPTION.rst deleted file mode 100644 index 71a8827..0000000 --- a/g2p_openid_vci_rest_api/readme/DESCRIPTION.rst +++ /dev/null @@ -1 +0,0 @@ -OpenG2P OpenID VCI REST API diff --git a/g2p_openid_vci_rest_api/services/__init__.py b/g2p_openid_vci_rest_api/services/__init__.py deleted file mode 100644 index a2e262b..0000000 --- a/g2p_openid_vci_rest_api/services/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from . import vci_service diff --git a/g2p_openid_vci_rest_api/services/vci_service.py b/g2p_openid_vci_rest_api/services/vci_service.py deleted file mode 100644 index dc8ccaa..0000000 --- a/g2p_openid_vci_rest_api/services/vci_service.py +++ /dev/null @@ -1,155 +0,0 @@ -import json -import logging - -import pyjq as jq -from werkzeug.exceptions import Unauthorized - -from odoo.http import request - -from odoo.addons.base_rest import restapi -from odoo.addons.base_rest_pydantic.restapi import PydanticModel -from odoo.addons.component.core import Component -from odoo.addons.g2p_openid_vci.json_encoder import RegistryJSONEncoder - -from ..models.openid_vci import ( - CredentialBaseResponse, - CredentialErrorResponse, - CredentialIssuerResponse, - CredentialRequest, - CredentialResponse, - VCIBaseModel, -) - -_logger = logging.getLogger(__name__) - - -class OpenIdVCIRestService(Component): - _name = "openid_vci_base.rest.service" - _inherit = ["base.rest.service"] - _usage = "vci" - _collection = "base.rest.openid.vci.services" - _description = """ - OpenID for VCI API Services - """ - - @restapi.method( - [ - ( - [ - "/credential", - ], - "POST", - ) - ], - input_param=PydanticModel(CredentialRequest), - output_param=PydanticModel(CredentialBaseResponse), - ) - def post_credential(self, credential_request: CredentialRequest): - token = request.httprequest.headers.get("Authorization", "").removeprefix( - "Bearer" - ) - if not token: - raise Unauthorized("Invalid Bearer Token received.") - try: - # TODO: Split into smaller steps to better handle errors - return CredentialResponse( - **self.env["g2p.openid.vci.issuers"].issue_vc( - credential_request.dict(), token.strip() - ) - ) - except Exception as e: - _logger.exception("Error while handling credential request") - # TODO: Remove this hardcoding - return CredentialErrorResponse( - error="invalid_scope", - error_description=f"Invalid Scope. {e}", - c_nonce="", - c_nonce_expires_in=1, - ) - - @restapi.method( - [ - ( - [ - "/.well-known/openid-credential-issuer", - ], - "GET", - ) - ], - output_param=PydanticModel(CredentialIssuerResponse), - ) - def get_openid_credential_issuers_all(self): - return self.get_openid_credential_issuer() - - @restapi.method( - [ - ( - [ - "/.well-known/openid-credential-issuer/", - ], - "GET", - ) - ], - output_param=PydanticModel(CredentialIssuerResponse), - ) - def get_openid_credential_issuer(self, issuer_name=""): - search_domain = [] - if issuer_name: - search_domain.append(("name", "=", issuer_name)) - vci_issuers = ( - self.env["g2p.openid.vci.issuers"].sudo().search(search_domain).read() - ) - web_base_url = ( - self.env["ir.config_parameter"].sudo().get_param("web.base.url").rstrip("/") - ) - cred_configs = None - for issuer in vci_issuers: - issuer["web_base_url"] = web_base_url - issuer = RegistryJSONEncoder.python_dict_to_json_dict(issuer) - issuer_metadata = jq.first(issuer["issuer_metadata_text"], issuer) - if isinstance(issuer_metadata, list): - if not cred_configs: - cred_configs = [] - cred_configs.extend(issuer_metadata) - elif isinstance(issuer_metadata, dict): - if not cred_configs: - cred_configs = {} - cred_configs.update(issuer_metadata) - response = { - "credential_issuer": web_base_url, - "credential_endpoint": f"{web_base_url}/api/v1/vci/credential", - } - if isinstance(cred_configs, list): - response["credentials_supported"] = cred_configs - elif isinstance(cred_configs, dict): - response["credential_configurations_supported"] = cred_configs - return CredentialIssuerResponse(**response) - - @restapi.method( - [ - ( - [ - "/.well-known/contexts.json", - ], - "GET", - ) - ], - output_param=PydanticModel(VCIBaseModel), - ) - def get_openid_contexts_json(self): - web_base_url = ( - self.env["ir.config_parameter"].sudo().get_param("web.base.url").rstrip("/") - ) - context_jsons = ( - self.env["g2p.openid.vci.issuers"].sudo().search([]).read(["contexts_json"]) - ) - final_context = {"@context": {}} - for context in context_jsons: - context = context["contexts_json"].strip() - if context: - final_context["@context"].update( - json.loads(context.replace("web_base_url", web_base_url))[ - "@context" - ] - ) - return VCIBaseModel(**final_context) diff --git a/g2p_openid_vci_rest_api/static/description/icon.png b/g2p_openid_vci_rest_api/static/description/icon.png deleted file mode 100644 index 5ecb429ea9ceb3863d46ea852dc9c9f78d4e901b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3985 zcmZ{n`9BkmAIC8pv!Q92t8$HU&3*S_?hrzbeAwnL%6)_wHrJX+S}0c-Wzr~eMDCAc z3e6Qh%8{GMmHPTVzCV9|c)eeb_v7^sJfCT{SIxM>=H)Shy|Bjjx?H>A&FwonBg- z;pNj}4ZUWDW}WDhk3W6DLFO)@EG&?-{|zfkUIBuIg;&GE*w7)WVErlh0sk03aU#cr z9mpQ+1?EO`UJ_2TBS{!@!w8&ZuzKTvq!sP5i}*;?G6Ozf31_umSm!HX_UqwnT(H@F z!;4+U(}n_e!#;GwpT87{g+-6+*1w#%zH;3OnWfOilJi--y~$P9xDhgz4Ss2SZy>& zeDnlOJI>wC&e{J?`*!KF3>sZC5(&vKSp&S)Nexs^!d`0pD&bEb&``VbyL3ffQ28~a zPqZo{@J3Fr+GEx3>w?XUGfX&*5<-x$@j_YB{I5p9Wb*aKjwXh@a#PQUcED$`n6pM! zU$y4@_|tV0KFY)749csA9d;b#Qb*)rN~&GVL3+Fc-}|qrGJGx6L~9!$lLB1#VZ1zEe5&g^$1THq`Vs5Lbc1CjIy~SZv z=lz0hR|xp!(sr{5TyjhPE+L%M{{*+)5R!t62oDgzu{t%&quHjkH7q;R1eCAI%nJ|^ ztw4^@1)i>ESwKg?T>4`ZbIc|Q>N(xnUF(bL+EN;tE~ZGTq6Y2_C#&9;6Hi<6@}j^5 zl*yjySU%qk^w^8lNt7|rcltV-FFr2|OVcFPzzz~F60rr1M&frEy(qJw?m%g&?FJGw zl!lF!iHdDu^n@((5Sozy`Wm#~{}Ow46zBNYae0TJ(m&E#x8?1j*A?o~XmQ3s8)`GC zdq6^J$GV5;f<-WkF=F=6M+5$n9cq9kQISRQjfQH1m;35CY9G<9o}f(ZPybuap>(iv zGf`{NCB>&$;FCYHG4zs+bzIn3v{`1N07zM#rADR8AhYvL7cJ#O9WefihzwcVLhv&I z>ux1t!+kFtusq)w?@$gEqj*O;57~?Askg^~=`QZ< z975e6wC`Tl+sKn0l7A(*dqqTv><|8|DzeD%|Jv(j9&l^xe7Qt5yP0rz@Vg#nNNJP9 zDvmh<{NpNErK0B7Jx_Ut5qapcOb(}7Y^Vrk$H1NaT%HRW2zIR6s}_1*^669!W*P^B z7T~uymT&Xvl6CoGaaj1f4r|syYnq3Oc%OAULg^%7_Bv{Y?tGl&S+jGXvyytbizZn0 z+3q*=kBp)I!-HTqv$)vFw7Fe#5guV-X_{!VSK)GH8S<8A`VKG(QNT{(tFB@4$9DS( z2w$UmtmVnt>b}yii5h*2n=a_8s-UxSjO&MZ)qFr)^bPkNqhC& zy+AU@E@KJL#RzdptH}HL12Ks1BtIy%b-Hdh;QeM3HmUWroq&Nxoza6L6JT@DpoT&9 zo7J|{QV~H~u4_L==Oz(utH-j8o z*#O=xe!9y{MvU>w<1ZJ%?xs$xxn(L6mc`VkPdq}vt|wa$8*X*5KmG8n-)M%#H13K7 zvY7fsf9&178e}_Dipe`-bMLMge4PcZ&6j>;#E7kpS8n}@yBlud5OqSen5s36%=2;i zX8xRz=)O1y)WkVwBW!m?paXohe4^`G))F>*bgM`&I4&Yvi#lr*nL9z+8*XBJr-fd> zMZocZUWnx_1gdytJKHYj%MWHxeJd9eA;r8giAKX>qMHF}gmLptV~csPBV)C~ikKF4 zb~o&4zp$JQxAd@UMTP!b$S?4u=N-(aarBrN!#|fZZ%xh7J=MO~Uf1Ch^bfBpiffy@ zVcJre$X}K9?LOJcD1dW}V#o2gkp|ltO^m*&I9qbwNHK2^R%ZvZcC$J8T{MeL=jI3! zO6e}Xn^5xAr9@{|KbPux8}7Vv@+YENV>t21;|Yb3%yy3LSx5kdGY@ZeJoC}7eits2 zRk67A41~lx=4QSKe3pmt9#b*gewUD`qGH{dXKNkUVE&h|JtLeJjxN5D@S@$){b;CZ zZ%&WqZ2PJZuOO6M*j18>6wzF|Ki8 z04-~EVjJh^6)8k{ejR~)+%ormPQW%W_gZq*p0PsCpf@JR)tlm`kyu%Dt1^D}IoFtG zru!uTee_C)aV!vtzp3o0;PBLcpK!CK9zo2h#Y#{oe%~6Vj=qmCK<~MaoNtyUR@$p{ z7%TNMlFmQU;jn;L@y3vO#yBK9QPRmeP&22LCT?)ou^|-%qsLmMVYyy$=GfqH@T$Mh z_i7a*%EMlQ7T(_Sf)Q@+Us~C^Ax*rZO+87&UZX7fFtrm5 zdDu$Z6@yrkC$+8;)zIoXSLtg*ypHxK;H_9{tCVFS`>#t5Q&c-k(jxF}C@dxGpJ`O* zxid`+S|ujEw0(6__AnN(vDp08A*L9?-S%t9WqFQbzkcbW`taAkGvo zr*J=;arqUT6t%k5Ae-Z8mh7?Ac7XSACXil3x$p8jeBe_|9KH%N1z` zGM!*QHykP8((We#uUABH&UkA;)sN3sTbpi!67|WOviA6o%p1l)IMwk{Ci_jCR*$Y# zNmEA6yCZ;^Y4P>XatST*<_=3uO@j;gIN!OylGyvB?0S)yvW_OMy|2AIP#OWZ&sHds zM<9av;&2S75Nz()9Gn@=x4>z#$^IFEARfiwBE!&z#|KsM$y4%o*d`EEIQrjA@aPKu zxleJ{>b>A46GM?C8!^fPP}wrA%=%&7`^EJO?VoO(+-?ud^)+0%b0SCA%z+! z3trk8b0Dk__(b#9^+^bpBqs{dc+)dY0@)P44kdl~O_-1u!N`Q<*n@bjsKgMqBGNs$JxFytI$)E$+%TA0GNs!$(99>Tl&T%(pMMubbHA7A+K zWkF*$WC$Y0`z}eYy`@$7R{^jbKh@4+tFS+EQ5L@9u$8=_S-FyB82<-Isr=Kjt;I!d zDQ`QR1>=aU4|XFk9HlN)4rbKMeT{#V+Spz-_J;eRKg(cBJf5Zq*cSO<&_!=#EJtk6 zx6+Xu7frJvZjt^o+IKQ_hn50`vbOo+)=JWy-z8MEZR9Xd*rqwFm?=YcMLcs0Ii`I} zj$3gZtGs=U`Glfnl7`1%=%HpQ7I{D{9c;~$Y@VE-R5QPFwz;auSpI~zQ(NXDv8=}r zQdVQFSq^O$*iRkVWcB}}=>)X4L%E92z3}ID%j~K!jE)xq5-Mvpp`t$85A3%_Z`3U| z_mfD+Z_U>vNs*6hk&PX})%6n%^A|QW)1+04wKP%r((^n?&XXKB8FM9azaNY)UY@_0x7Uvrd2Yker2@P*8^o9r@)VN14D=0#ZmhP{I^=G6Ud6%;*k02fl8|u`G0`mg0 zbwwjz1L(%`>S=wAwiFn7fKPeoLixCF1B1DbhK!MpvV*2^DMaxjO6P)u>=4%}!nKRh zYXnML1|4z;L}fM4<_^a$$>~NqUwX9P+&$}$zw0u~w8XRY+cnBdpcg42D>W1T6{%Y*U|J?nqQC@Ju$M4~q)PoHwr*NY|Oo!U_cUq)QE9WxIt7 zu`}SIkE2V`tV*2-a;&yp(HjW}We~mOIq_K0sdcih=M5qN5ToT3Ul^Z?dE&8g>n%Y2 zV~pS_U+TRNgH>ED4>T-S?NK8i+J*7?#ty-$eU@+X#XfCoHm1Y+Vl#_n_fb8@XWyUS zTi3ktJP>mn(!J;=`?C>$=pMcbP*-C19i-H_BF`%$h%I}?)<0rAtRJJ&(gcprGsK*b z==K|lG3~j@rp0j{8-T#SyUQ|mP8ABIO{$fntjf%CP(TL$T?u2kuce)eboTsk2mEtF zar;GOQo6f^yFbuD{C(#o z_`)S=%=3|fEAXaiyhxzL5#8eAyg}kr0vCkL_9QO(@B9?xjruX>Umt32uV(&VG5w#k cQjyE?yb-=lO40g}r&`ToVRF@&hQ=iR2lB5=%K!iX diff --git a/g2p_openid_vci_rest_api/static/description/index.html b/g2p_openid_vci_rest_api/static/description/index.html deleted file mode 100644 index 1522e1d..0000000 --- a/g2p_openid_vci_rest_api/static/description/index.html +++ /dev/null @@ -1,413 +0,0 @@ - - - - - - -G2P OpenID VCI: Rest API - - - -
-

G2P OpenID VCI: Rest API

- - -

Alpha OpenG2P/openg2p-auth

-

OpenG2P OpenID VCI REST API

-
-

Important

-

This is an alpha version, the data model and design can change at any time without warning. -Only for development or testing purpose, do not use in production. -More details on development status

-
-

Table of contents

- -
-

Bug Tracker

-

Bugs are tracked on GitHub Issues. -In case of trouble, please check there if your issue has already been reported. -If you spotted it first, help us smashing it by providing a detailed and welcomed -feedback.

-

Do not contact contributors directly about support or help with technical issues.

-
-
-

Credits

-
-

Authors

-
    -
  • OpenG2P
    • -
-
-
-

Maintainers

-

This module is part of the OpenG2P/openg2p-auth project on GitHub.

-

You are welcome to contribute.

-
-
-
- - diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index 7d8def7..0000000 --- a/requirements.txt +++ /dev/null @@ -1,7 +0,0 @@ -# generated from manifests external_dependencies -cryptography<37 -extendable-pydantic -pydantic==1.10.10 -pyjq -PyLD -python-jose diff --git a/setup/g2p_openid_vci/odoo/addons/g2p_openid_vci b/setup/g2p_openid_vci/odoo/addons/g2p_openid_vci deleted file mode 120000 index 06f6b95..0000000 --- a/setup/g2p_openid_vci/odoo/addons/g2p_openid_vci +++ /dev/null @@ -1 +0,0 @@ -../../../../g2p_openid_vci \ No newline at end of file diff --git a/setup/g2p_openid_vci/setup.py b/setup/g2p_openid_vci/setup.py deleted file mode 100644 index 28c57bb..0000000 --- a/setup/g2p_openid_vci/setup.py +++ /dev/null @@ -1,6 +0,0 @@ -import setuptools - -setuptools.setup( - setup_requires=['setuptools-odoo'], - odoo_addon=True, -) diff --git a/setup/g2p_openid_vci_programs/odoo/addons/g2p_openid_vci_programs b/setup/g2p_openid_vci_programs/odoo/addons/g2p_openid_vci_programs deleted file mode 120000 index 5b0b3f7..0000000 --- a/setup/g2p_openid_vci_programs/odoo/addons/g2p_openid_vci_programs +++ /dev/null @@ -1 +0,0 @@ -../../../../g2p_openid_vci_programs \ No newline at end of file diff --git a/setup/g2p_openid_vci_programs/setup.py b/setup/g2p_openid_vci_programs/setup.py deleted file mode 100644 index 28c57bb..0000000 --- a/setup/g2p_openid_vci_programs/setup.py +++ /dev/null @@ -1,6 +0,0 @@ -import setuptools - -setuptools.setup( - setup_requires=['setuptools-odoo'], - odoo_addon=True, -) diff --git a/setup/g2p_openid_vci_rest_api/odoo/addons/g2p_openid_vci_rest_api b/setup/g2p_openid_vci_rest_api/odoo/addons/g2p_openid_vci_rest_api deleted file mode 120000 index dfd3ed5..0000000 --- a/setup/g2p_openid_vci_rest_api/odoo/addons/g2p_openid_vci_rest_api +++ /dev/null @@ -1 +0,0 @@ -../../../../g2p_openid_vci_rest_api \ No newline at end of file diff --git a/setup/g2p_openid_vci_rest_api/setup.py b/setup/g2p_openid_vci_rest_api/setup.py deleted file mode 100644 index 28c57bb..0000000 --- a/setup/g2p_openid_vci_rest_api/setup.py +++ /dev/null @@ -1,6 +0,0 @@ -import setuptools - -setuptools.setup( - setup_requires=['setuptools-odoo'], - odoo_addon=True, -) diff --git a/test-requirements.txt b/test-requirements.txt index 4562813..3e4e76f 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,4 +1,2 @@ -git+https://github.com/OpenG2P/server-auth@15.0#subdirectory=setup/auth_oidc git+https://github.com/OpenG2P/openg2p-registry@15.0-develop#subdirectory=setup/g2p_registry_base git+https://github.com/OpenG2P/openg2p-registry@15.0-develop#subdirectory=setup/g2p_registry_individual -git+https://github.com/OpenG2P/openg2p-security@15.0-develop#subdirectory=setup/g2p_encryption From 75755b33db437cb46b79801af8fef246df3b9bd4 Mon Sep 17 00:00:00 2001 From: Lalith Kota Date: Mon, 25 Mar 2024 05:11:37 +0530 Subject: [PATCH 2/4] Auth_oauth: temporarily switching to auth_oauth dependency, till replacement found Signed-off-by: Lalith Kota --- .github/workflows/pre-commit.yml | 10 +++-- .github/workflows/test.yml | 41 +++++++++++++++---- g2p_auth_id_oidc/__manifest__.py | 7 ++-- g2p_auth_id_oidc/models/__init__.py | 6 +-- .../views/g2p_auth_id_oidc_provider.xml | 7 ++-- g2p_portal_auth/__manifest__.py | 7 ++-- g2p_portal_auth/models/__init__.py | 3 +- g2p_portal_auth/views/auth_oauth_provider.xml | 7 ++-- 8 files changed, 57 insertions(+), 31 deletions(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 4d9c129..610b332 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -1,13 +1,17 @@ name: pre-commit -on: push +on: + pull_request: + push: jobs: pre-commit: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: actions/setup-python@v2 + with: + python-version: "3.11" - name: Get python version run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV - uses: actions/cache@v1 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f49b9b4..4e314f3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -4,10 +4,11 @@ on: pull_request: branches: - "15.0*" + - "17.0*" push: branches: - "15.0*" - - "15.0-ocabot-*" + - "17.0*" env: OCA_GIT_USER_NAME: openg2p OCA_GIT_USER_EMAIL: bot@openg2p.org @@ -29,7 +30,36 @@ jobs: fi fi done + matrix_prep: + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + steps: + - id: set-matrix + run: | + BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,') + if [[ $BRANCH_NAME = 15.0* ]] ; then + matrix='{"include": [{ + "container": "ghcr.io/oca/oca-ci/py3.8-odoo15.0:latest", + "makepot": "true", + "name": "test with Odoo 15" + },{ + "container": "ghcr.io/oca/oca-ci/py3.8-ocb15.0:latest", + "name": "test with OCB 15" + }]}' + elif [[ $BRANCH_NAME = 17.0* ]] ; then + matrix='{"include": [{ + "container": "ghcr.io/oca/oca-ci/py3.10-odoo17.0:latest", + "makepot": "true", + "name": "test with Odoo 17" + },{ + "container": "ghcr.io/oca/oca-ci/py3.10-ocb17.0:latest", + "name": "test with OCB 17" + }]}' + fi + echo "matrix<> $GITHUB_OUTPUT test: + needs: matrix_prep runs-on: ubuntu-latest container: ${{ matrix.container }} name: ${{ matrix.name }} @@ -37,13 +67,7 @@ jobs: contents: write strategy: fail-fast: false - matrix: - include: - - container: ghcr.io/oca/oca-ci/py3.8-odoo15.0:latest - makepot: "true" - name: test with Odoo - - container: ghcr.io/oca/oca-ci/py3.8-ocb15.0:latest - name: test with OCB + matrix: ${{fromJson(needs.matrix_prep.outputs.matrix)}} services: postgres: image: postgres:9.6 @@ -69,6 +93,7 @@ jobs: run: oca_init_test_database - name: Run tests run: oca_run_tests + - uses: codecov/codecov-action@v1 - name: Update .pot files run: oca_export_and_push_pot https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }} if: ${{ matrix.makepot == 'true' && github.event_name == 'push' && github.repository_owner == 'openg2p' }} diff --git a/g2p_auth_id_oidc/__manifest__.py b/g2p_auth_id_oidc/__manifest__.py index c3b3acd..a7ce562 100644 --- a/g2p_auth_id_oidc/__manifest__.py +++ b/g2p_auth_id_oidc/__manifest__.py @@ -8,10 +8,11 @@ "website": "https://openg2p.org", "license": "Other OSI approved licence", "development_status": "Alpha", - "depends": ["g2p_registry_base"], + # TODO: Find a replacement for auth_oidc module. + # Temporarily using auth_oauth. + "depends": ["auth_oauth", "g2p_registry_base"], "data": [ - # "views/g2p_auth_id_oidc_provider.xml", - # TODO: The 'auth_oidc' module was removed; a replacement is needed in the code + "views/g2p_auth_id_oidc_provider.xml", ], "assets": { "web.assets_backend": [], diff --git a/g2p_auth_id_oidc/models/__init__.py b/g2p_auth_id_oidc/models/__init__.py index b22e470..51d2e61 100644 --- a/g2p_auth_id_oidc/models/__init__.py +++ b/g2p_auth_id_oidc/models/__init__.py @@ -1,4 +1,2 @@ -# from . import g2p_auth_id_oidc_provider -# from . import res_users - -# TODO: The 'auth_oidc' module was removed; a replacement is needed in the code +from . import g2p_auth_id_oidc_provider +from . import res_users diff --git a/g2p_auth_id_oidc/views/g2p_auth_id_oidc_provider.xml b/g2p_auth_id_oidc/views/g2p_auth_id_oidc_provider.xml index d088e14..4a1d5ad 100644 --- a/g2p_auth_id_oidc/views/g2p_auth_id_oidc_provider.xml +++ b/g2p_auth_id_oidc/views/g2p_auth_id_oidc_provider.xml @@ -1,10 +1,9 @@ - - + diff --git a/g2p_portal_auth/__manifest__.py b/g2p_portal_auth/__manifest__.py index f2fdcb5..b524508 100644 --- a/g2p_portal_auth/__manifest__.py +++ b/g2p_portal_auth/__manifest__.py @@ -8,10 +8,11 @@ "website": "https://openg2p.org", "license": "Other OSI approved licence", "development_status": "Alpha", - "depends": [], + # TODO: Find a replacement for auth_oidc module. + # Temporarily using auth_oauth. + "depends": ["auth_oauth"], "data": [ - # TODO: The 'auth_oidc' module was removed; a replacement is needed in the code. - # "views/auth_oauth_provider.xml", + "views/auth_oauth_provider.xml", ], "assets": { "web.assets_backend": [], diff --git a/g2p_portal_auth/models/__init__.py b/g2p_portal_auth/models/__init__.py index 1f1d391..4bc62d3 100644 --- a/g2p_portal_auth/models/__init__.py +++ b/g2p_portal_auth/models/__init__.py @@ -1,2 +1 @@ -# from . import auth_oauth_provider -# TODO: The 'auth_oidc' module was removed; a replacement is needed in the code. +from . import auth_oauth_provider diff --git a/g2p_portal_auth/views/auth_oauth_provider.xml b/g2p_portal_auth/views/auth_oauth_provider.xml index 7521b60..dfe3b64 100644 --- a/g2p_portal_auth/views/auth_oauth_provider.xml +++ b/g2p_portal_auth/views/auth_oauth_provider.xml @@ -1,10 +1,9 @@ - - + From dd0d9dd2d5b081585a55537df42e94473ea6814c Mon Sep 17 00:00:00 2001 From: Lalith Kota Date: Mon, 25 Mar 2024 07:06:22 +0530 Subject: [PATCH 3/4] Modified formatter and linters and aligned code with latest 17.0 Signed-off-by: Lalith Kota --- .github/workflows/test.yml | 12 ++-- .pre-commit-config.yaml | 19 +++--- .pylintrc | 2 +- .pylintrc-mandatory | 2 +- g2p_auth_id_oidc/__manifest__.py | 2 +- .../models/g2p_auth_id_oidc_provider.py | 16 +++-- g2p_auth_id_oidc/models/res_users.py | 62 +++++-------------- .../static/description/index.html | 29 +++++---- g2p_portal_auth/__manifest__.py | 2 +- g2p_portal_auth/models/auth_oauth_provider.py | 8 +-- g2p_portal_auth/static/description/index.html | 25 ++++---- 11 files changed, 77 insertions(+), 102 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4e314f3..ff82278 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,10 +14,10 @@ env: OCA_GIT_USER_EMAIL: bot@openg2p.org jobs: unreleased-deps: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 name: Detect unreleased dependencies steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - run: | for reqfile in requirements.txt test-requirements.txt ; do if [ -f ${reqfile} ] ; then @@ -31,7 +31,7 @@ jobs: fi done matrix_prep: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: @@ -60,7 +60,7 @@ jobs: echo "matrix<> $GITHUB_OUTPUT test: needs: matrix_prep - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 container: ${{ matrix.container }} name: ${{ matrix.name }} permissions: @@ -70,7 +70,7 @@ jobs: matrix: ${{fromJson(needs.matrix_prep.outputs.matrix)}} services: postgres: - image: postgres:9.6 + image: postgres:12.0 env: POSTGRES_USER: odoo POSTGRES_PASSWORD: odoo @@ -78,7 +78,7 @@ jobs: ports: - 5432:5432 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: persist-credentials: false - name: Install addons and dependencies diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index cf406ac..3b78855 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -28,12 +28,21 @@ repos: language: fail files: "\\.rej$" - repo: https://github.com/oca/maintainer-tools - rev: dfba427ba03900b69e0a7f2c65890dc48921d36a + rev: 9a170331575a265c092ee6b24b845ec508e8ef75 hooks: # update the NOT INSTALLABLE ADDONS section above - id: oca-update-pre-commit-excluded-addons - id: oca-fix-manifest-website args: ["https://openg2p.org"] + - id: oca-gen-addon-readme + args: + - --addons-dir=. + - --branch=15.0-develop + - --org-name=OpenG2P + - --repo-name=openg2p-auth + - --if-source-changed + - --keep-source-digest + - id: oca-gen-external-dependencies - repo: https://github.com/myint/autoflake rev: v1.4 hooks: @@ -49,6 +58,8 @@ repos: rev: 22.3.0 hooks: - id: black + args: + - --line-length=110 - repo: https://github.com/pre-commit/mirrors-prettier rev: v2.4.1 hooks: @@ -107,12 +118,6 @@ repos: rev: 3.0.3 hooks: - id: setuptools-odoo-make-default - - id: setuptools-odoo-get-requirements - args: - - --output - - requirements.txt - - --header - - "# generated from manifests external_dependencies" - repo: https://github.com/PyCQA/flake8 rev: 3.9.2 hooks: diff --git a/.pylintrc b/.pylintrc index 11b8c89..1251c28 100644 --- a/.pylintrc +++ b/.pylintrc @@ -9,7 +9,7 @@ readme_template_url="https://github.com/OCA/maintainer-tools/blob/master/templat manifest_required_authors=OpenG2P manifest_required_keys=license manifest_deprecated_keys=description,active -license_allowed=AGPL-3,GPL-2,GPL-2 or any later version,GPL-3,GPL-3 or any later version,LGPL-3,Other OSI approved licence +license_allowed=AGPL-3,GPL-2,GPL-2 or any later version,GPL-3,GPL-3 or any later version,LGPL-3,MPL-2 valid_odoo_versions=15.0 [MESSAGES CONTROL] diff --git a/.pylintrc-mandatory b/.pylintrc-mandatory index 3e5ad23..5c6742c 100644 --- a/.pylintrc-mandatory +++ b/.pylintrc-mandatory @@ -8,7 +8,7 @@ readme_template_url="https://github.com/OCA/maintainer-tools/blob/master/templat manifest_required_authors=OpenG2P manifest_required_keys=license manifest_deprecated_keys=description,active -license_allowed=AGPL-3,GPL-2,GPL-2 or any later version,GPL-3,GPL-3 or any later version,LGPL-3,Other OSI approved licence +license_allowed=AGPL-3,GPL-2,GPL-2 or any later version,GPL-3,GPL-3 or any later version,LGPL-3,MPL-2 valid_odoo_versions=15.0 [MESSAGES CONTROL] diff --git a/g2p_auth_id_oidc/__manifest__.py b/g2p_auth_id_oidc/__manifest__.py index a7ce562..ffaee66 100644 --- a/g2p_auth_id_oidc/__manifest__.py +++ b/g2p_auth_id_oidc/__manifest__.py @@ -6,7 +6,7 @@ "sequence": 1, "author": "OpenG2P", "website": "https://openg2p.org", - "license": "Other OSI approved licence", + "license": "MPL-2", "development_status": "Alpha", # TODO: Find a replacement for auth_oidc module. # Temporarily using auth_oauth. diff --git a/g2p_auth_id_oidc/models/g2p_auth_id_oidc_provider.py b/g2p_auth_id_oidc/models/g2p_auth_id_oidc_provider.py index 5ee88eb..d104917 100644 --- a/g2p_auth_id_oidc/models/g2p_auth_id_oidc_provider.py +++ b/g2p_auth_id_oidc/models/g2p_auth_id_oidc_provider.py @@ -5,16 +5,22 @@ class G2PAuthIDOidcProvider(models.Model): _inherit = "auth.oauth.provider" g2p_oidc_id_to_use = fields.Boolean("Use G2P Reg ID", default=False) - g2p_id_type = fields.Many2one( - "g2p.id.type", "G2P Registrant ID Type", required=False - ) + g2p_id_type = fields.Many2one("g2p.id.type", "G2P Registrant ID Type", required=False) partner_creation_call_validate_url = fields.Boolean( help="Whether to call Validation Url for data during Partner Creation", default=False, ) partner_creation_validate_response_mapping = fields.Char( help="Map Fields from Validation_url response while Partner Creation", - default="name:name email:email phone_number:phone_number birthdate:birthdate gender:gender address:address", + default=( + "name:name " + "email:email " + "phone_number:phone " + "birthdate:birthdate " + "gender:gender " + "address:address " + "picture:picture " + ), ) partner_creation_date_format = fields.Char( help="Format of date to be used while Partner Creation", @@ -35,6 +41,6 @@ def map_validation_response_partner_creation(self, req): res = {} if self.partner_creation_validate_response_mapping: for pair in self.partner_creation_validate_response_mapping.split(" "): - from_key, to_key = [k.strip() for k in pair.split(":", 1)] + from_key, to_key = (k.strip() for k in pair.split(":", 1)) res[to_key] = req.get(from_key, "") return res diff --git a/g2p_auth_id_oidc/models/res_users.py b/g2p_auth_id_oidc/models/res_users.py index 9e44aaf..0bc6124 100644 --- a/g2p_auth_id_oidc/models/res_users.py +++ b/g2p_auth_id_oidc/models/res_users.py @@ -48,17 +48,11 @@ def _auth_oauth_signin(self, provider, validation, params): return oauth_user.login except AccessDenied: json.loads(params["state"]) - partner = self.generate_partner_signup( - oauth_provider, validation, params - ) - new_user = self.generate_partner_user_signup( - partner, oauth_provider, validation, params - ) + partner = self.generate_partner_signup(oauth_provider, validation, params) + new_user = self.generate_partner_user_signup(partner, oauth_provider, validation, params) return new_user.login else: - return super(ResUsers, self)._auth_oauth_signin( - provider, validation, params - ) + return super()._auth_oauth_signin(provider, validation, params) def generate_partner_user_signup(self, partner, oauth_provider, validation, params): oauth_uid = validation["user_id"] @@ -83,23 +77,15 @@ def generate_partner_user_signup(self, partner, oauth_provider, validation, para def generate_partner_signup(self, oauth_provider, validation, params): if oauth_provider.partner_creation_call_validate_url: - userinfo_dict = self._auth_oauth_rpc( - oauth_provider.validation_endpoint, params["access_token"] - ) - update_dict = oauth_provider.map_validation_response_partner_creation( - userinfo_dict - ) + userinfo_dict = self._auth_oauth_rpc(oauth_provider.validation_endpoint, params["access_token"]) + update_dict = oauth_provider.map_validation_response_partner_creation(userinfo_dict) validation.update(update_dict) _logger.debug( "Userinfo JWT payload after validation call. %s", json.dumps(userinfo_dict), ) - _logger.debug( - "Update dict after validation call. %s", json.dumps(update_dict) - ) - _logger.debug( - "Validation Dict after validation call. %s", json.dumps(validation) - ) + _logger.debug("Update dict after validation call. %s", json.dumps(update_dict)) + _logger.debug("Validation Dict after validation call. %s", json.dumps(validation)) try: g2p_reg_id = self.env["g2p.reg.id"].search( [ @@ -123,7 +109,7 @@ def generate_partner_signup(self, oauth_provider, validation, params): "addl_name": " ".join(name.split(" ")[1:-1]), "email": validation.pop( "email", - "provider_%s_user_%s" % (oauth_provider.id, validation["user_id"]), + f"provider_{oauth_provider.id}_user_{validation['user_id']}", ), "is_registrant": True, "is_group": False, @@ -138,20 +124,14 @@ def generate_partner_signup(self, oauth_provider, validation, params): validation.pop("birthdate", None), date_format=oauth_provider.partner_creation_date_format, ) - partner_dict["reg_ids"] = self.process_ids( - oauth_provider.g2p_id_type, validation - ) - phone_numbers, primary_phone = self.process_phones( - validation.pop("phone", "") - ) + partner_dict["reg_ids"] = self.process_ids(oauth_provider.g2p_id_type, validation) + phone_numbers, primary_phone = self.process_phones(validation.pop("phone", "")) if primary_phone: partner_dict["phone"] = primary_phone if phone_numbers: partner_dict["phone_number_ids"] = phone_numbers - partner_dict["image_1920"] = self.process_picture( - validation.pop("picture", None) - ) + partner_dict["image_1920"] = self.process_picture(validation.pop("picture", None)) partner_dict.update( self.process_other_fields( @@ -164,20 +144,14 @@ def generate_partner_signup(self, oauth_provider, validation, params): def _auth_oauth_rpc(self, endpoint, access_token): # This is recreated to suit that application/jwt response type - if ( - self.env["ir.config_parameter"] - .sudo() - .get_param("auth_oauth.authorization_header") - ): + if self.env["ir.config_parameter"].sudo().get_param("auth_oauth.authorization_header"): response = requests.get( endpoint, headers={"Authorization": "Bearer %s" % access_token}, timeout=10, ) else: - response = requests.get( - endpoint, params={"access_token": access_token}, timeout=10 - ) + response = requests.get(endpoint, params={"access_token": access_token}, timeout=10) if response.ok: # nb: could be a successful failure if response.headers.get("content-type"): @@ -186,9 +160,7 @@ def _auth_oauth_rpc(self, endpoint, access_token): return jwt.get_unverified_claims(response.text) if "application/json" in response.headers["content-type"]: return response.json() - auth_challenge = werkzeug.http.parse_www_authenticate_header( - response.headers.get("WWW-Authenticate") - ) + auth_challenge = werkzeug.http.parse_www_authenticate_header(response.headers.get("WWW-Authenticate")) if auth_challenge.type == "bearer" and "error" in auth_challenge: return dict(auth_challenge) @@ -223,9 +195,7 @@ def process_ids(self, id_type, validation_dict, expiry_date=None): try: id_type_id = int(id_type_id) except Exception: - _logger.exception( - "Invalid Id type mapping. Has to end with `user_id`" - ) + _logger.exception("Invalid Id type mapping. Has to end with `user_id`") continue reg_ids.append( ( @@ -257,7 +227,7 @@ def process_phones(self, phone): def process_picture(self, picture): image_parsed = None if picture: - with urlopen(picture) as response: + with urlopen(picture, timeout=20) as response: image_parsed = base64.b64encode(response.read()) return image_parsed diff --git a/g2p_auth_id_oidc/static/description/index.html b/g2p_auth_id_oidc/static/description/index.html index e151360..6ee53c8 100644 --- a/g2p_auth_id_oidc/static/description/index.html +++ b/g2p_auth_id_oidc/static/description/index.html @@ -1,20 +1,19 @@ - - + G2P Auth: OIDC - Reg ID