Merge branch trusted-content-resolver:main into main

05e0b272 · Michael Zigldrum · 5dbd8ad7 · 03f7b061 · 05e0b272 · 05e0b272
Commit 05e0b272 authored 1 year ago by Michael Zigldrum
--- a/clients/js/package-lock.json
+++ b/clients/js/package-lock.json
--- a/clients/js/package.json
+++ b/clients/js/package.json
@@ -5,7 +5,7 @@
  "main": "src/main.js",
  "scripts": {
    "start": "node src/main.js",
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "test": "./node_modules/.bin/cucumber-js -p default"
  },
  "repository": {
    "type": "git",
@@ -19,13 +19,24 @@
  ],
  "author": "Gaia-X",
  "license": "Apache-2.0",
+  "// dependencies": "keep dependencies sorted",
  "dependencies": {
    "dotenv": "^16.3.1",
    "needle": "^3.2.0"
  },
+  "// devDependencies": "keep dependencies sorted",
  "devDependencies": {
+    "@types/chai": "^4.1.7",
+    "@types/cucumber": "^4.0.5",
+    "chai": "^4.2.0",
    "cross-env": "^7.0.3",
+    "cucumber": "^5.1.0",
+    "cucumber-pretty": "^1.5.0",
+    "cucumber-tsflow": "^3.2.0",
    "jest": "^29.7.0",
-    "nock": "^13.3.3"
+    "license-checker": "^25.0.1",
+    "nock": "^13.3.3",
+    "ts-node": "^8.0.3",
+    "typescript": "^3.3.3333"
  }
 }
--- a/clients/js/test/bdd/steps/bdd.ts
+++ b/clients/js/test/bdd/steps/bdd.ts
+import { binding, given, then, when} from 'cucumber-tsflow';
+import { assert } from 'chai';
+@binding()
+export class TrustedContentResolver {
+    private app: string = "";
+    private actor_x: Object = {}
+    private response: string = "";
+    @given(/we have XFSC TRAIN Trusted Content Resolver REST API/)
+    public stepImpl1() {
+        this.app = 'http://localhost:8087';
+    }
+    @given(/an actor X to be verified/)
+    public stepImpl2() {
+        // TODO check the data if available
+        // load input data for actor x into context
+        this.actor_x = {
+            'some': 'info'
+        }
+    }
+    @when(/we initiate a verification actor X/)
+    public stepImpl3() {
+        this.response = 'SESSION.get(f\'https://example.com\')'
+    }
+    @then(/actor X gets verified/)
+    public stepImpl4() {
+        assert.equal(this.response, 'SESSION.get(f\'https://example.com\')');
+    }
+    @then(/we initiate a verification actor Y/)
+    public stepImpl5() {
+        // TODO: implement
+    }
+}
--- a/clients/js/tsconfig.json
+++ b/clients/js/tsconfig.json
+{
+  "compilerOptions": {
+    /* Basic Options */
+    "target": "es5",                          /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017','ES2018' or 'ESNEXT'. */
+    "module": "commonjs",                     /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', or 'ESNext'. */
+    // "lib": [],                             /* Specify library files to be included in the compilation. */
+    // "allowJs": true,                       /* Allow javascript files to be compiled. */
+    // "checkJs": true,                       /* Report errors in .js files. */
+    // "jsx": "preserve",                     /* Specify JSX code generation: 'preserve', 'react-native', or 'react'. */
+    // "declaration": true,                   /* Generates corresponding '.d.ts' file. */
+    // "sourceMap": true,                     /* Generates corresponding '.map' file. */
+    // "outFile": "./",                       /* Concatenate and emit output to single file. */
+    // "outDir": "./",                        /* Redirect output structure to the directory. */
+    // "rootDir": "./",                       /* Specify the root directory of input files. Use to control the output directory structure with --outDir. */
+    // "removeComments": true,                /* Do not emit comments to output. */
+    // "noEmit": true,                        /* Do not emit outputs. */
+    // "importHelpers": true,                 /* Import emit helpers from 'tslib'. */
+    // "downlevelIteration": true,            /* Provide full support for iterables in 'for-of', spread, and destructuring when targeting 'ES5' or 'ES3'. */
+    // "isolatedModules": true,               /* Transpile each file as a separate module (similar to 'ts.transpileModule'). */
+    /* Strict Type-Checking Options */
+    "strict": true,                           /* Enable all strict type-checking options. */
+    "noImplicitAny": true,                    /* Raise error on expressions and declarations with an implied 'any' type. */
+    "strictNullChecks": true,                 /* Enable strict null checks. */
+    // "strictFunctionTypes": true,           /* Enable strict checking of function enums. */
+    // "strictPropertyInitialization": true,  /* Enable strict checking of property initialization in classes. */
+    // "noImplicitThis": true,                /* Raise error on 'this' expressions with an implied 'any' type. */
+    // "alwaysStrict": true,                  /* Parse in strict mode and emit "use strict" for each source file. */
+    /* Additional Checks */
+    // "noUnusedLocals": true,                /* Report errors on unused locals. */
+    // "noUnusedParameters": true,            /* Report errors on unused parameters. */
+    // "noImplicitReturns": true,             /* Report error when not all code paths in function return a value. */
+    // "noFallthroughCasesInSwitch": true,    /* Report errors for fallthrough cases in switch statement. */
+    /* Module Resolution Options */
+    // "moduleResolution": "node",            /* Specify module resolution strategy: 'node' (Node.js) or 'classic' (TypeScript pre-1.6). */
+    // "baseUrl": "./",                       /* Base directory to resolve non-absolute module names. */
+    // "paths": {},                           /* A series of entries which re-map imports to lookup locations relative to the 'baseUrl'. */
+    // "rootDirs": [],                        /* List of root folders whose combined content represents the structure of the project at runtime. */
+    // "typeRoots": [],                       /* List of folders to include type definitions from. */
+    // "enums": [],                           /* Type declaration files to be included in compilation. */
+    // "allowSyntheticDefaultImports": true,  /* Allow default imports from modules with no default export. This does not affect code emit, just typechecking. */
+    "esModuleInterop": true,                  /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */
+    // "preserveSymlinks": true,              /* Do not resolve the real path of symlinks. */
+    /* Source Map Options */
+    // "sourceRoot": "./",                    /* Specify the location where debugger should locate TypeScript files instead of source locations. */
+    // "mapRoot": "./",                       /* Specify the location where debugger should locate map files instead of generated locations. */
+    // "inlineSourceMap": true,               /* Emit a single file with source maps instead of having a separate file. */
+    // "inlineSources": true,                 /* Emit the source alongside the sourcemaps within a single file; requires '--inlineSourceMap' or '--sourceMap' to be set. */
+    /* Experimental Options */
+     "experimentalDecorators": true,          /* Enables experimental support for ES7 decorators. */
+     "emitDecoratorMetadata": true            /* Enables experimental support for emitting type metadata for decorators. */
+  }
+}
--- a/clients/py/requirements/dev.tyt
+++ b/clients/py/requirements/dev.tyt
--- a/clients/py/requirements/prod.txt
+++ b/clients/py/requirements/prod.txt
+behave==1.2.6
+requests==2.31.0
--- a/clients/py/test/bdd/bdd.feature
+++ b/clients/py/test/bdd/bdd.feature
+../../../../features/bdd.feature
\ No newline at end of file
--- a/clients/py/test/bdd/steps/bdd.py
+++ b/clients/py/test/bdd/steps/bdd.py
+from dataclasses import dataclass
+from behave import *
+import requests
+SESSION = requests.Session()
+@dataclass
+class TrustedContentResolver:
+    app: str
+@given('we have XFSC TRAIN Trusted Content Resolver REST API')
+def step_impl(context):
+    # TODO make a heartbeat requests
+    # ask kubernetis url
+    # load trusted-content-resolver/service/src/main/resources/application.yml into context
+    context.ctr = TrustedContentResolver('http://localhost:8087')
+    pass
+@given('an actor X to be verified')
+def step_impl(context):
+    # TODO check the data if available
+    # load input data for actor x into context
+    context.actor_x = {
+        'some': 'info'
+    }
+@when('we initiate a verification actor X')
+def step_impl(context):
+    response = SESSION.get(f'https://example.com')
+    #response = SESSION.post(f'{context.ctr.app}/tcr/verify', data=context.actor_x['some'])
+    context.ctr.response = response
+@then('actor X gets verified')
+def step_impl(context):
+    assert context.ctr.response
+@when("we initiate a verification actor Y")
+def step_impl(context):
+    """
+    :type context: behave.runner.Context
+    """
+    raise NotImplementedError(u'STEP: When we initiate a verification actor Y')
+# @given(
+#     "A request update of trust frameworks and DID configuration is successfully reflected in the DNS Zone File (200)")
+# def step_impl(context):
+#     """
+#     :type context: behave.runner.Context
+#     """
+#     # GET to DNS which return success DID configuration
+#     raise NotImplementedError(
+#         u'STEP: Given A request update of trust frameworks and DID configuration is successfully reflected in the DNS Zone File (200)')
+#
+#
+# @step(
+#     "An instantiation of a trust list is reflected in the trust list storage with possibility to retrieve via API endpoints")
+# def step_impl(context):
+#     """
+#     :type context: behave.runner.Context
+#     """
+#     # qhuery database for
+#     raise NotImplementedError(
+#         u'STEP: And An instantiation of a trust list is reflected in the trust list storage with possibility to retrieve via API endpoints')
+#
+#
+# @given("trust framework pointers example.federation1.de and example.federation2.de")
+# def step_impl(context):
+#     """
+#     :type context: behave.runner.Context
+#     """
+#     context.trust_framework_pointers = 'example.federation1.de' and 'example.federation2.de']
+#
+#
+#     @when("Navigate to listed trust framework pointers")
+#     def step_impl(context):
+#         """
+#         :type context: behave.runner.Context
+#         """
+#         data = VerificationRequest(context.trust_framework_pointers)
+#         response = SESSION.post(f'{context.ctr.app}/tcr/verify', data=data.json())
+#         context.ctr.response = response
+#
+#
+# @then("have example.federation1.de and example.federation2.de should be in trust List VC endpoint")
+# def step_impl(context):
+#     """
+#     :type context: behave.runner.Context
+#     """
+#     assert sql.query('SELECT WHERE x in [xample.federation1.de and example.federation2.de]') is True
--- a/docker/.env
+++ b/docker/.env
+COMPOSE_PROJECT_NAME = xfsc-train
+### FC SERVER PROPERTIES ###
+CI_REGISTRY=registry.gitlab.com/gaia-x/data-infrastructure-federation-services/cat/fc-service
+# federated-catalog client secret, gaia-x realm
+FC_CLIENT_SECRET=vZo1equicRl1UdxJDWCNNJWe6vJcm2Cg
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
+version: '3.7'
+services:
+  server:
+    container_name: "tcr-server"
+#    image: "${CI_REGISTRY}/service:latest"
+    build:
+      context: ../service
+      dockerfile: Dockerfile
+#    environment:
+    ports:
+      - "8087:8087"
+    networks:
+      - "gaia-x"
+#    extra_hosts:
+#      - "localhost:127.0.0.1"
+    restart: always #unless-stopped
+networks:
+  gaia-x:
+    driver: "bridge"
\ No newline at end of file
--- a/features/bdd.feature
+++ b/features/bdd.feature
+Feature: Testing Trusted Content Resolver REST API
+  Scenario: Run first simple test
+     Given we have XFSC TRAIN Trusted Content Resolver REST API
+       And an actor X to be verified
+      When we initiate a verification actor X
+      Then actor X gets verified
+#  Scenario: Run first simple test
+#    Given we have XFSC TRAIN Trusted Content Resolver REST API
+#    And an actor X to be verified
+#    When we initiate a verification actor Y
+#    Then actor X gets verified
+#
+#  Scenario: [IDM.TRAIN.00014] Trust Framework Configuration success
+#    Given A request update of trust frameworks and DID configuration is successfully reflected in the DNS Zone File (200)
+#    And An instantiation of a trust list is reflected in the trust list storage with possibility to retrieve via API endpoints
+#    When Creation of a VC is allowed with ability to sign the credential
+#    Then An error is provided if a record is in progress by the operator
+#     And Should be able to reference Trust Frameworks from other Domains
+#
+#  Scenario: [IDM.TRAIN.00014] Trust Framework Configuration 400
+#    Given A request update of trust frameworks and DID configuration is successfully reflected in the DNS Zone File (200)
+#    And An instantiation of a trust list is reflected in the trust list storage with possibility to retrieve via API endpoints
+#    When A wrong context or missing data leads to an exception (400)
+#    And An audit entry is created
+#    Then An error is provided if a record is in progress by the operator
+#    And Should be able to reference Trust Frameworks from other Domains
+#
+#
+#  Acceptance Criteria
+#  The following acceptance criteria MUST be met:
+#  1. Use standardized DNS resolvers
+#  2. Use standardized DID resolver
+#
+#
+#  Given trust framework pointers example.federation1.de and example.federation2.de
+#  # 2. Issuer details from the VC/VP (e.g., DID/URI)
+#  #3. ServiceType of the trust list (e.g., issuance service, verifier service)
+#   When Navigate to listed trust framework pointers
+#   Then have example.federation1.de and example.federation2.de should be in trust List VC endpoint
+#    And have Corresponding DID mapped to example.federation1.de and example.federation2.de
+#     And exists DID Document of the DID
--- a/openapi/tcr_openapi.yaml
+++ b/openapi/tcr_openapi.yaml
@@ -2,6 +2,8 @@ openapi: 3.0.1
 info:
  title: Eclipse XFSC TRAIN Trusted Content Resolver
  description: XFSC TRAIN Trusted Content Resolver REST API
+  contact:
+    email: denis.sukhoroslov@telekom.com
  license:
    name: Apache 2.0
    url: http://www.apache.org/licenses/LICENSE-2.0.html
@@ -9,6 +11,7 @@ info:
 servers:
  - url: https://tcr-service.xfsc.org
    description: some future test environment
 components:
  responses:
    NotFound:
@@ -17,20 +20,6 @@ components:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
-    Unauthorized:
-      description: Unauthorized
-      content:
-        application/json:
-          schema:
-            $ref: '#/components/schemas/Error'
-    Forbidden:
-      description: >-
-        Forbidden. The user does not have the permission to execute this
-        request.
-      content:
-        application/json:
-          schema:
-            $ref: '#/components/schemas/Error'
    ServerError:
      description: >-
        May contain hints how to solve the error or indicate what went wrong at
@@ -54,12 +43,6 @@ components:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
-    Unprocessible:
-      description: HTTP Unprocessible Entity 422
-      content:
-        application/json:
-          schema:
-            $ref: '#/components/schemas/Error'
  schemas:
    Error:
      type: object
@@ -71,220 +54,71 @@ components:
      required:
        - code
        - message
-    Parameters: 
+    VerificationRequest:
-      type: object
-      additionalProperties:
-        type: object
-      example:
-        name: "John"
-        limit: 10
-        offset: 5
-    Result:
      type: object
-      additionalProperties:
+      properties:
-        type: object
+        issuer:
-    ResultPage:
+          description: Issuer details from the VC/VP (e.g., DID/URI)
+          type: string
+        trustSchemePointer:
+          description: Trust Framework Pointer (e.g., example.federation1.de)
+          type: string
+        endpointTypes:
+          description: Endpoint types to be consideredduring the resolving
+          type: array
+          items:
+            type: string            
+        trustListServiceType:
+          description: ServiceType of the trust list (e.g., issuance service, verifier service)
+          type: string  
+      required:
+        - issuer
+        - trustSchemePointer
+    VerificationResult:
      type: object
      properties:
-        totalCount:
+        resolvedDID:
-          type: integer
+          description: Corresponding DID mapped to Trust Framework Pointer
-    Results:
+          type: string  
-      allOf:
+        resolvedDoc: 
-        - $ref: '#/components/schemas/ResultPage'
+          description: DID Document of the DID (is is a doc URL or the whole doc content?!)
-        - type: object
+          type: string
-          properties:
+        trustListEndpoints:  
-            items: 
+          description: Trust List VC endpoint
-              type: array
+          type: array
-              items: 
+          items:
-                $ref: '#/components/schemas/Result'
+            type: string            
-  parameters:
-    OffsetParam:
-      name: offset
-      in: query
-      schema:
-        type: integer
-        minimum: 0
-        default: 0
-      required: false
-      description: The number of items to skip before starting to collect the result set.
-    LimitParam:
-      in: query
-      name: limit
-      schema:
-        type: integer
-        minimum: 1
-        maximum: 1000
-        default: 100
-      required: false
-      description: The number of items to return.
-    OrderByParam:
-      in: query
-      name: orderBy
-      schema:
-        type: string
-      required: false
-      description: Results will be sorted by this field.
-    AscendingParam:
-      in: query
-      name: ascending
-      schema:
-        type: boolean
-        default: true
-      required: false
-      description: Ascending/Descending ordering.
-  securitySchemes:
-    jwt:
-      type: http
-      scheme: bearer
-      bearerFormat: JWT
 tags:
  - name: TrustedContentResolver
-    description: Management for TCR
+    description: Trusted Content Resolver API
 paths:
-  /tcr:
+  /resolve:
-    get:
-      tags:
-        - TrustedContentResolver
-      summary: Get the list of metadata of Self-Descriptions in the Catalogue
-      operationId: readSelfDescriptions
-      parameters: #!! Added filter parameters for all(?) metadata fields
-        - name: uploadTimerange
-          in: query
-          description: >-
-            Filter for the time range when the Self-Description was uploaded to
-            the catalogue. The time range has to be specified as start time and
-            end time as ISO8601 timestamp separated by a `/`.
-          required: false
-          example: 2022-03-01T13:00:00Z/2022-05-11T15:30:00Z
-          schema:
-            type: string
-        - name: statusTimerange
-          in: query
-          description: >-
-            Filter for the time range when the status of the Self-Description
-            was last changed in the catalogue. The time range has to be
-            specified as start time and end time as ISO8601 timestamp separated
-            by a `/`.
-          required: false
-          example: 2022-03-01T13:00:00Z/2022-05-11T15:30:00Z
-          schema:
-            type: string
-        - name: issuers
-          in: query
-          description: >-
-            Filter for the issuer of the Self-Description. This is the unique ID
-            of the Participant that has prepared the Self-Description.
-          required: false
-          schema:
-            type: array
-            items:
-              type: string
-          explode: false    
-        - name: validators
-          in: query
-          description: >-
-            Filter for a validator of the Self-Description. This is the unique
-            ID of the Participant that validated (part of) the Self-Description.
-          required: false
-          schema:
-            type: array
-            items:
-              type: string
-          explode: false    
-        - name: ids
-          in: query
-          description: Filter for a id/credentialSubject of the Self-Description.
-          required: false
-          schema:
-            type: array
-            items:
-              type: string
-          explode: false    
-        - name: hashes
-          in: query
-          description: Filter for a hash of the Self-Description.
-          required: false
-          schema:
-            type: array
-            items:
-              type: string
-          explode: false
-        - name: withMeta
-          in: query
-          description: To add Self-Description Metadata to response or not.
-          required: false
-          schema:
-            type: boolean
-            default: true
-        - name: withContent
-          in: query
-          description: To add Self-Description Content to response or not.
-          required: false
-          schema:
-            type: boolean
-            default: false
-        - $ref: '#/components/parameters/OffsetParam'
-        - $ref: '#/components/parameters/LimitParam'
-      responses:
-        '200':
-          description: List of meta data of available Self-Descriptions.
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/Results'
-        '400':
-          $ref: '#/components/responses/ClientError'
-        '401':
-          $ref: '#/components/responses/Unauthorized'
-        '500':
-          $ref: '#/components/responses/ServerError'
    post:
      tags:
        - TrustedContentResolver
-      summary: Add a new Service-Offering SelfDescription to the catalogue
+      summary: Verification result based on issuer & trust scheme pointers
-      operationId: addSelfDescription
+      description: Returns a Verification result from TCR
-      security:
+      operationId: resolveIssuer
-        - jwt: []
      requestBody:
-        description: The new SelfDescription
+        description: Verification params
        content:
          application/json:
            schema:
-              type: string
+              $ref: '#/components/schemas/VerificationRequest'
        required: true
      responses:
-        '201':
+        '200':
-          description: Created
+          description: Verified
-          headers:
-            location:
-              description: URL of the added Self-Description.
-              schema:
-                type: string
          content:
            application/json:
              schema:
-                $ref: '#/components/schemas/Results'
+                $ref: '#/components/schemas/VerificationResult'
-        '202':
-          description: The request was accepted but the validation is not finished yet.
-          headers:
-            location:
-              description: The URL of the status page.
-              schema:
-                type: string
-            retry-after:
-              description: >-
-                The delay the client have to wait before requesting the status
-                page.
-              schema:
-                type: integer
        '400':
          $ref: '#/components/responses/ClientError'
-        '401':
-          $ref: '#/components/responses/Unauthorized'
-        '403':
-          $ref: '#/components/responses/Forbidden'
        '409':
          $ref: '#/components/responses/Conflict'
        '500':
          $ref: '#/components/responses/ServerError'
+#  /validate:
--- a/pom.xml
+++ b/pom.xml
@@ -27,11 +27,15 @@
            <id>danubetech-maven-public</id>
            <url>https://repo.danubetech.com/repository/maven-public/</url>
        </repository>
+        <repository>
+			<id>sovrin</id>
+			<url>https://repo.sovrin.org/repository/maven-public</url>
+		</repository>
    </repositories>
    <modules>
        <module>api</module>
-        <!--module>clients/java</module-->
+        <module>clients/java</module>
        <module>service</module>
    </modules>
@@ -48,22 +52,24 @@
        <!-- dependencies -->
        <spring.version>6.0.11</spring.version>
        <spring-boot.version>3.1.2</spring-boot.version>
-        <spring.security.version>6.1.2</spring.security.version>
        <spring-cloud-contract-wiremock.version>4.0.3</spring-cloud-contract-wiremock.version>
        <mockwebserver.version>4.11.0</mockwebserver.version>
-        <security.test-addons.version>4.5.1</security.test-addons.version>
        <springdoc.version>2.2.0</springdoc.version>
        <lombok.version>1.18.28</lombok.version>
-        <keycloak.version>20.0.2</keycloak.version>
        <micrometer.version>1.11.3</micrometer.version>
        <vc.version>1.2.0</vc.version>
        <key-format.version>1.8.0</key-format.version>
        <did.version>1.4.0</did.version>
+        <uni-resolver.version>0.13.0</uni-resolver.version>
        <titanium.version>1.3.2</titanium.version>
        <caffeine.version>3.1.8</caffeine.version>        
        <eclipse-collections.version>11.1.0</eclipse-collections.version>
        <bcpkix.jdk15on.version>1.70</bcpkix.jdk15on.version>
        <jose4j.version>0.9.3</jose4j.version>
+        <dnsjava.version>3.5.2</dnsjava.version>
+        <dnssecjava.version>2.0.0</dnssecjava.version>
+        <okhttp.version>4.11.0</okhttp.version>
+        <dss-xades.version>5.12.1</dss-xades.version>
        <!-- plugins -->
        <plugin.jib.version>3.2.1</plugin.jib.version>
        <plugin.openapi-generator.version>6.4.0</plugin.openapi-generator.version>
@@ -97,11 +103,11 @@
                <artifactId>trusted-content-resolver-api</artifactId>
                <version>${project.version}</version>
            </dependency>
-            <!--dependency>
+            <dependency>
                <groupId>eu.xfsc.train</groupId>
-                <artifactId>trusted-content-resolver-client</artifactId>
+                <artifactId>trusted-content-resolver-java-client</artifactId>
                <version>${project.version}</version>
-            </dependency-->
+            </dependency>
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-starter</artifactId>
@@ -112,31 +118,11 @@
                <artifactId>spring-boot-starter-actuator</artifactId>
                <version>${spring-boot.version}</version>
            </dependency>
-            <!--dependency>
-                <groupId>org.springframework.boot</groupId>
-                <artifactId>spring-boot-starter-security</artifactId>
-                <version>${spring-boot.version}</version>
-            </dependency>
-            <dependency>
-                <groupId>org.springframework.boot</groupId>
-                <artifactId>spring-boot-starter-oauth2-client</artifactId>
-                <version>${spring-boot.version}</version>
-            </dependency>
-            <dependency>
-                <groupId>org.springframework.boot</groupId>
-                <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
-                <version>${spring-boot.version}</version>
-            </dependency-->
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-starter-web</artifactId>
                <version>${spring-boot.version}</version>
            </dependency>
-            <!--dependency>
-                <groupId>org.springframework.security</groupId>
-                <artifactId>spring-security-web</artifactId>
-                <version>${spring.security.version}</version>
-            </dependency-->
            <dependency>
                <groupId>org.springdoc</groupId>
                <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
@@ -179,6 +165,45 @@
                <artifactId>did-common-java</artifactId>
                <version>${did.version}</version>
            </dependency>
+            <dependency>
+	            <groupId>decentralized-identity</groupId>
+	            <artifactId>uni-resolver-local</artifactId>
+	            <version>${uni-resolver.version}</version>
+            </dependency>
+            <!--
+            <dependency>
+                <groupId>decentralized-identity</groupId>
+                <artifactId>uni-resolver-driver-did-sov</artifactId>
+                <version>0.7-SNAPSHOT</version>
+            </dependency>
+            -->
+<!-- 
+            <dependency>
+	            <groupId>decentralized-identity</groupId>
+	            <artifactId>uni-resolver-driver</artifactId>
+	            <version>${uni-resolver.version}</version>
+            </dependency>
+-->            
+            <dependency>
+                <groupId>dnsjava</groupId>
+                <artifactId>dnsjava</artifactId>
+                <version>${dnsjava.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.jitsi</groupId>
+                <artifactId>dnssecjava</artifactId>
+                <version>${dnssecjava.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.squareup.okhttp3</groupId>
+                <artifactId>okhttp</artifactId>
+                <version>${okhttp.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.europa.ec.joinup.sd-dss</groupId>
+                <artifactId>dss-xades</artifactId>
+                <version>${dss-xades.version}</version>
+            </dependency>            
            <dependency>
                <groupId>org.bouncycastle</groupId>
                <artifactId>bcpkix-jdk15on</artifactId>
@@ -192,18 +217,6 @@
                <version>${spring-boot.version}</version>
                <scope>test</scope>
            </dependency>
-            <!--dependency>
-                <groupId>com.c4-soft.springaddons</groupId>
-                <artifactId>spring-security-oauth2-test-addons</artifactId>
-                <version>${security.test-addons.version}</version>
-                <scope>test</scope>
-            </dependency-->
-            <!--dependency>
-                <groupId>org.springframework.cloud</groupId>
-                <artifactId>spring-cloud-contract-wiremock</artifactId>
-                <version>${spring-cloud-contract-wiremock.version}</version>
-                <scope>test</scope>
-            </dependency-->
            <dependency>
                <groupId>org.bitbucket.b_c</groupId>
                <artifactId>jose4j</artifactId>

--- a/service/Dockerfile
+++ b/service/Dockerfile
+FROM openjdk:17
+COPY /target/trusted-content-resolver-service-*.jar trusted-content-resolver-service.jar
+ENTRYPOINT ["java", "-jar","/trusted-content-resolver-service.jar"]
--- a/service/pom.xml
+++ b/service/pom.xml
@@ -14,7 +14,7 @@
    <version>${revision}</version>
    <packaging>jar</packaging>
    <name>trusted-content-resolver-service</name>
-    <description>Eclipse XFSC TRAIN Trust Content Resoler Server Application</description>
+    <description>Eclipse XFSC TRAIN Trust Content Resolver Server Application</description>
    <dependencies>
        <dependency>
@@ -29,10 +29,6 @@
            <groupId>eu.xfsc.train</groupId>
            <artifactId>trusted-content-resolver-api</artifactId>
        </dependency>
-        <!--dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
-        </dependency-->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
@@ -41,14 +37,6 @@
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-webflux</artifactId>
        </dependency-->
-        <!--dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-web</artifactId>
-        </dependency-->
        <dependency>
            <groupId>org.springdoc</groupId>
            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
@@ -70,12 +58,41 @@
            <groupId>io.micrometer</groupId>
            <artifactId>micrometer-tracing-bridge-otel</artifactId>
        </dependency>        
+        <dependency>
+            <groupId>decentralized-identity</groupId>
+	        <artifactId>uni-resolver-local</artifactId>
+        </dependency>
+        <!--
+		<dependency>
+			<groupId>decentralized-identity</groupId>
+			<artifactId>uni-resolver-driver-did-sov</artifactId>
+			<version>0.4-SNAPSHOT</version>
+			<scope>compile</scope>
+		</dependency>
+		-->
+		<dependency>
+            <groupId>dnsjava</groupId>
+            <artifactId>dnsjava</artifactId>
+        </dependency>            
+        <dependency>
+            <groupId>org.jitsi</groupId>
+            <artifactId>dnssecjava</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.squareup.okhttp3</groupId>
+            <artifactId>okhttp</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.joinup.sd-dss</groupId>
+            <artifactId>dss-xades</artifactId>
+        </dependency>            
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
+        <!--
        <dependency>
            <groupId>org.bouncycastle</groupId>
            <artifactId>bcpkix-jdk15on</artifactId>
@@ -86,6 +103,7 @@
            <artifactId>jose4j</artifactId>
            <scope>test</scope>
        </dependency>
+        -->
    </dependencies>
    <build>

--- a/service/src/main/java/eu/xfsc/train/tcr/server/config/JacksonConfig.java
+++ b/service/src/main/java/eu/xfsc/train/tcr/server/config/JacksonConfig.java
+package eu.xfsc.train.tcr.server.config;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
+import com.fasterxml.jackson.module.paramnames.ParameterNamesModule;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+/**
+ * Configurations for working with JSON.
+ */
+@Configuration
+public class JacksonConfig {
+  /**
+   * Provides functionality for reading and writing JSON, either to and from basic POJOs, or to and from
+   * a general-purpose JSON Tree Model (JsonNode), as well as related functionality for performing conversions.
+   *
+   * @return ObjectMapper
+   */
+  @Bean
+  @Primary
+  public ObjectMapper objectMapper() {
+    return new ObjectMapper()
+        .registerModule(new ParameterNamesModule())
+        .registerModule(new JavaTimeModule())
+        .configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false)
+        .configure(SerializationFeature.WRITE_DATE_TIMESTAMPS_AS_NANOSECONDS, false)
+        .disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
+  }
+}
\ No newline at end of file
--- a/service/src/main/java/eu/xfsc/train/tcr/server/config/OpenApiConfig.java
+++ b/service/src/main/java/eu/xfsc/train/tcr/server/config/OpenApiConfig.java
+package eu.xfsc.train.tcr.server.config;
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Info;
+import io.swagger.v3.oas.models.info.License;
+import java.util.Optional;
+import lombok.RequiredArgsConstructor;
+import org.springframework.boot.info.BuildProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+/**
+ * The OpenApi Spring config.
+ */
+@Configuration
+@RequiredArgsConstructor
+public class OpenApiConfig {
+  private final Optional<BuildProperties> buildProperties;
+  /**
+   * The OpenApi Info bean config.
+   */
+  @Bean
+  public OpenAPI openApiInfo() {
+    String version;
+    if (buildProperties.isPresent()) {
+      version = buildProperties.get().getVersion();
+    } else {
+      version = "Development Build";
+    }
+    return new OpenAPI().info(new Info().version(version).title("GAIA-X Federated Catalogue")
+    		.description("This is the REST API of the XFSC TRAIN Trusted Content Resolver.")
+    		.license(new License().name("Apache 2.0").url("http://www.apache.org/licenses/LICENSE-2.0")));
+    		//.addSecurityItem(new SecurityRequirement().addList(securitySchemeName))
+            //.components(
+            //        new Components()
+            //            .addSecuritySchemes(securitySchemeName,
+            //                new SecurityScheme()
+            //                    .name(securitySchemeName)
+            //                    .type(SecurityScheme.Type.HTTP)
+            //                    .scheme("bearer")
+            //                    .bearerFormat("JWT")
+            //           )
+            //);
+    }
+}
--- a/service/src/main/java/eu/xfsc/train/tcr/server/exception/DNSException.java
+++ b/service/src/main/java/eu/xfsc/train/tcr/server/exception/DNSException.java
+package eu.xfsc.train.tcr.server.exception;
+public class DNSException extends Exception {
+    public DNSException(String s) {
+        super(s);
+    }
+}
--- a/service/src/main/java/eu/xfsc/train/tcr/server/legacy/AdvancedDocHelper.java
+++ b/service/src/main/java/eu/xfsc/train/tcr/server/legacy/AdvancedDocHelper.java
+package eu.xfsc.train.tcr.server.legacy;
+import java.security.cert.X509Certificate;
+import java.util.HashMap;
+import java.util.Map;
+public abstract class AdvancedDocHelper {
+    private Map<X509Certificate, Boolean> verificationResults;
+    public AdvancedDocHelper() {
+        verificationResults = new HashMap<>();
+    }
+    public boolean verify(X509Certificate forCert) {
+        //SubjectKeyIdentifier subjectKeyIdentifier = X509Helper.genSubjectKeyIdentifier(forCert);
+        if (verificationResults.containsKey(forCert)) {
+            return this.verificationResults.get(forCert);
+        }
+        //AdvancedDocHelper.logger.error("No verification result for cert " + forCert.getIssuerDN());
+        return false;
+    }
+    protected void setVerificationResult(X509Certificate certificate, boolean result) {
+        //SubjectKeyIdentifier subjectKeyIdentifier = X509Helper.genSubjectKeyIdentifier(certificate);
+        verificationResults.put(certificate, result);
+    }
+    public abstract boolean verify();
+    public abstract boolean verify(boolean skipSignatureValidation);
+    public abstract X509Certificate getCertificate();
+}
--- a/service/src/main/java/eu/xfsc/train/tcr/server/legacy/DANEException.java
+++ b/service/src/main/java/eu/xfsc/train/tcr/server/legacy/DANEException.java
+package eu.xfsc.train.tcr.server.legacy;
+public class DANEException extends Exception {
+    public DANEException(String s) {
+        super(s);
+    }
+    public DANEException(Exception e) {
+        super(e);
+    }
+}