diff --git a/.prettierignore b/.prettierignore
index 13a9a3ff23d91342416e0c731651370006089077..5d97b651437f64aeb17d334ab97440d5ad81b8f6 100644
--- a/.prettierignore
+++ b/.prettierignore
@@ -6,6 +6,7 @@
!*.d.ts
!*.mts
!jest.config.js
+!*.json
# .. also in subdirectories
!*/
diff --git a/apps/connection-manager/README.md b/apps/connection-manager/README.md
index 927fcc8d707fffe56c9c4d615e86ec607cf96913..52acd9eaa3fd699e5737c0c116a74774214c74b6 100644
--- a/apps/connection-manager/README.md
+++ b/apps/connection-manager/README.md
@@ -1,140 +1,64 @@
# OCM Connection Manager
-## Description
-
-<hr/>
-
-The connection manager is the microservice responsible for handling the features related to connection between aries agents.
-The service implements REST endpoints, events and calls to other services related to connections in the Organizational Credential Manager.
-
-#### Security note
-
-`Man in the mid` security concern will be address in Phase II of of the project. It was discussed multiple times, and one of the options is to use [TRAIN API](https://train.trust-scheme.de/info/) .
+## Introduction
+The OCM Connection Manager API enables you to:
+- Create and accept invitations
+- Create self-connections
+- List all connections
+- Retrieve a connection by ID
+- Block connections
+
+## Prerequisites
+Ensure you have Node.js installed ([official Node.js website](https://nodejs.org)).
+
+## Configuration
+Set configuration via environment variables or an `.env` file:
+
+| Property | Description | Default |
+|---|---|---|
+| `HTTP_HOSTNAME` | HTTP server hostname | `0.0.0.0` |
+| `HTTP_PORT` | HTTP server port | `3000` |
+| `NATS_URL` | NATS Server URL | `nats://localhost:4222` |
+| `NATS_USER` | NATS user | |
+| `NATS_PASSWORD` | NATS password | |
+| `NATS_MONITORING_URL` | NATS Monitoring URL | `http://localhost:8222` |
## Usage
-<hr/>
-
-### Swagger Documentation:
-
-[Swagger/OpenAPI](swagger.json)
-
-## Installation
-
-<hr/>
-
-### Pre-requisites
-
-- pnpm
-- docker
-- docker-compose
-- postgres
-- NATS Server
-
-### OCM Services Dependencies
-
-- SSI Abstraction
-- Principal Manager
-- Attestation Manager
-- Proof Manager
-
-## Running the app
-
-<hr/>
-
-**Each service in the Organizational Credential Manager can be run from the infrastructure repository with Docker.**
-
-**The .env files are in the infrastructure repository under /env**
-
-```bash
- ## production:
- ./deployment/ci
- ## development:
- ./deployment/dev
-```
-
-- (optional) Edit docker-compose.yml in "infrastructure" to use either **/ci/** or **/dev/** Dockerfiles.
-
-- Run while in **"infrastructure"** project:
-
+Start in development mode:
```bash
-$ docker-compose up --build conn-m
+pnpm start
```
-to run only Connection Manager or
+### Operations
+> **Note:** All requests need a `tenantId` query parameter.
+#### Create an Invitation
```bash
-$ docker-compose up --build
-```
-
-to run all the services.
-
-### Environment variables required
-
-```
-1. PORT
-2. DATABASE_URL
-3. NATS_URL
-4. AGENT_URL
-```
-
-### Outgoing communication services
-
+curl -X POST http://ocm-indy.xfsc.dev/v1/invitations?tenantId=<tenantId>
```
-1. PRINCIPAL MANAGER
-2. ATTESTATION MANAGER
-3. PROOF MANAGER
+Response:
+```json
+{
+ "status": 201,
+ "data": {
+ "invitationUrl": "http://ocm-indy.xfcs.dev?oob=..."
+ }
+}
```
-### Incoming communication services
-
-```
-1. SSI-ABSTRACTION
-2. PROOF MANAGER
-3. ATTESTATION MANAGER
-```
-
-### Supported features
-
-```
-1. Nats endpoint to update connection status
-2. Create invitation URL.
-3. Provide connection information.
-4. Provide a list of connections.
-5. Nats endpoint to get connection by ID.
-6. Nats endpoint to make connection trusted.
-7. Accept connection invitation.
+#### Accept an Invitation
+```bash
+curl -X POST -d '{"invitationUrl":"..."}' http://ocm-indy.xfsc.dev/v1/invitations/accept?tenantId=<tenantId>
```
-## Test
-
-<hr/>
-
+#### Create a Self-Connection
```bash
-# unit tests
-$ pnpm test
-
-# e2e tests
-$ pnpm test:e2e
-
-# test coverage
-$ pnpm test:cov
+curl -X POST http://ocm-indy.xfsc.dev/v1/connections?tenantId=<tenantId>
```
-## GDPR
-
-<hr/>
-
-[GDPR](GDPR.md)
-
-## Dependencies
-
-<hr/>
-
-[Dependencies](package.json)
+## API Reference
+For detailed documentation, refer to the [OpenAPI Specification](openapi.json).
## License
-
-<hr/>
-
-[Apache 2.0 license](LICENSE)
+Licensed under the Apache 2.0 License ([LICENSE](LICENSE)).
diff --git a/apps/connection-manager/openapi.json b/apps/connection-manager/openapi.json
new file mode 100644
index 0000000000000000000000000000000000000000..3937de62aa9b8117ddf265ba0a02c0f6769375f4
--- /dev/null
+++ b/apps/connection-manager/openapi.json
@@ -0,0 +1,488 @@
+{
+ "openapi": "3.0.0",
+ "paths": {
+ "/v1/connections": {
+ "get": {
+ "operationId": "ConnectionsController_getAll",
+ "summary": "Fetch a list of connections",
+ "description": "This call provides a list of connections for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Connections fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Connections fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Connections fetched successfully",
+ "data": []
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Connections"]
+ },
+ "post": {
+ "operationId": "ConnectionsController_createWithSelf",
+ "summary": "Create a connection",
+ "description": "This call creates a self connection for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Connection created successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Connection created successfully": {
+ "value": {
+ "statusCode": 201,
+ "message": "Connection created successfully",
+ "data": {}
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Connections"]
+ }
+ },
+ "/v1/connections/{connectionId}": {
+ "get": {
+ "operationId": "ConnectionsController_getById",
+ "summary": "Fetch a connection by ID",
+ "description": "This call provides a connection for a given tenant and connection ID",
+ "parameters": [
+ {
+ "name": "connectionId",
+ "required": true,
+ "in": "path",
+ "description": "The connection ID",
+ "example": "71b784a3",
+ "schema": { "type": "string" }
+ },
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Connection fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Connection fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Connection fetched successfully",
+ "data": {}
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Connection not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ },
+ "Connection not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Connection not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Connections"]
+ }
+ },
+ "/v1/connections/{idOrDid}/block": {
+ "post": {
+ "operationId": "ConnectionsController_block",
+ "summary": "Block a connection",
+ "description": "This call blocks a connection for a given tenant and connection ID",
+ "parameters": [
+ {
+ "name": "idOrDid",
+ "required": true,
+ "in": "path",
+ "description": "The connection ID or DID",
+ "example": "8d74c6ec-fa3e-4a09-91fb-5fd0062da835",
+ "schema": { "type": "string" }
+ },
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Connection blocked successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Connection blocked successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Connection blocked successfully",
+ "data": {}
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Connection not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ },
+ "Connection not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Connection not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Connections"]
+ }
+ },
+ "/v1/invitations": {
+ "post": {
+ "operationId": "InvitationsController_createInvitation",
+ "summary": "Create a new invitation",
+ "description": "This call creates a new invitation for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Invitation created successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Invitation created successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Invitation created successfully",
+ "data": {
+ "invitationUrl": "https://example.com/invitation"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Failed to create invitation",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Failed to create invitation": {
+ "value": {
+ "statusCode": 500,
+ "message": "Failed to create invitation",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Invitations"]
+ }
+ },
+ "/v1/invitations/receive": {
+ "post": {
+ "operationId": "InvitationsController_receiveInvitation",
+ "summary": "Receive an invitation",
+ "description": "This call receives an invitation for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ReceiveInvitationPayload"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Invitation received successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Invitation received successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Invitation received successfully",
+ "data": { "connectionId": "123" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Failed to receive invitation",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Failed to receive invitation": {
+ "value": {
+ "statusCode": 500,
+ "message": "Failed to receive invitation",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Invitations"]
+ }
+ }
+ },
+ "info": {
+ "title": "Gaia-X OCM Connection Manager",
+ "description": "",
+ "version": "1.0.0",
+ "contact": {}
+ },
+ "tags": [],
+ "servers": [],
+ "components": {
+ "schemas": {
+ "ReceiveInvitationPayload": {
+ "type": "object",
+ "properties": {
+ "invitationUrl": {
+ "type": "string",
+ "description": "The invitation URL to receive",
+ "example": "https://example.com/invitation"
+ }
+ },
+ "required": ["invitationUrl"]
+ }
+ }
+ }
+}
diff --git a/apps/credential-manager/README.md b/apps/credential-manager/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..40940e30a9423a6a53e5a9253fedd2096c9614f1
--- /dev/null
+++ b/apps/credential-manager/README.md
@@ -0,0 +1,73 @@
+# OCM Credential Manager
+
+## Introduction
+The OCM Credential Manager API enables you to:
+- Fetch credentials, offers and requests
+- Revoke credentials
+- Accept credential offers
+- Evaluate TSA policies for single credentials
+
+## Prerequisites
+Ensure you have Node.js installed ([official Node.js website](https://nodejs.org)).
+
+## Configuration
+Set configuration via environment variables or an `.env` file:
+
+| Property | Description | Default |
+|---|---|---|
+| `HTTP_HOSTNAME` | HTTP server hostname | `0.0.0.0` |
+| `HTTP_PORT` | HTTP server port | `3000` |
+| `NATS_URL` | NATS Server URL | `nats://localhost:4222` |
+| `NATS_USER` | NATS user | |
+| `NATS_PASSWORD` | NATS password | |
+| `NATS_MONITORING_URL` | NATS Monitoring URL | `http://localhost:8222` |
+| `POLICIES_URL` | TSA Policy Manager URL | |
+| `POLICIES_AUTO_REVOCATION_POLICY` | Policy name for auto revocation check | |
+| `POLICIES_AUTO_REISSUE_POLICY` | Policy name for auto-reissue check | |
+| `POLICIES_REFRESH_POLICY` | Policy name for refresh check | |
+
+## Usage
+
+Start in development mode:
+```bash
+pnpm start
+```
+
+### Operations
+> **Note:** All requests need a `tenantId` query parameter.
+
+#### Get credential list
+
+```bash
+curl -X GET http://ocm-indy.xfsc.dev/v1/credentials?tenantId=<tenantId>
+```
+
+Response:
+
+```json
+{
+ "status": 200,
+ "data": [...]
+}
+```
+
+#### Revoke a credential
+
+```bash
+curl -X POST http://ocm-indy.xfsc.dev/v1/credentials/?tenantId=<tenantId>
+```
+
+Response:
+
+```json
+{
+ "status": 201,
+ "data": {}
+}
+```
+
+## API Reference
+For detailed documentation, refer to the [OpenAPI Specification](openapi.json).
+
+## License
+Licensed under the Apache 2.0 License ([LICENSE](LICENSE)).
diff --git a/apps/credential-manager/openapi.json b/apps/credential-manager/openapi.json
new file mode 100644
index 0000000000000000000000000000000000000000..c257015939c7d7c29ebcbd5e25933528c41040e8
--- /dev/null
+++ b/apps/credential-manager/openapi.json
@@ -0,0 +1,1217 @@
+{
+ "openapi": "3.0.0",
+ "paths": {
+ "/v1/credentials": {
+ "get": {
+ "operationId": "CredentialsController_find",
+ "summary": "Fetch a list of credentials",
+ "description": "This call provides a list of credentials for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credentials fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credentials fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credentials fetched successfully",
+ "data": [{ "id": "71b784a3" }]
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ }
+ },
+ "tags": ["Credentials"]
+ }
+ },
+ "/v1/credentials/{credentialRecordId}": {
+ "get": {
+ "operationId": "CredentialsController_get",
+ "summary": "Fetch a credential",
+ "description": "This call provides a credential for a given tenant",
+ "parameters": [
+ {
+ "name": "credentialRecordId",
+ "required": true,
+ "in": "path",
+ "description": "The credential record ID to retrieve",
+ "schema": { "format": "string", "type": "string" }
+ },
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential fetched successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ }
+ },
+ "tags": ["Credentials"]
+ }
+ },
+ "/v1/credentials/{credentialId}/revoke": {
+ "post": {
+ "operationId": "CredentialsController_revoke",
+ "summary": "Revoke a credential",
+ "description": "This call revokes a credential for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential revoked successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential revoked successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential revoked successfully",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ }
+ },
+ "tags": ["Credentials"]
+ }
+ },
+ "/v1/credentials/{credentialId}": {
+ "delete": {
+ "operationId": "CredentialsController_delete",
+ "summary": "Delete a credential",
+ "description": "This call deletes a credential for a given tenant",
+ "parameters": [
+ {
+ "name": "credentialRecordId",
+ "required": true,
+ "in": "path",
+ "description": "The credential record ID to delete",
+ "schema": { "format": "string", "type": "string" }
+ },
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential deleted successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential deleted successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential deleted successfully",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ }
+ },
+ "tags": ["Credentials"]
+ }
+ },
+ "/v1/credential-offers": {
+ "get": {
+ "operationId": "CredentialOffersController_find",
+ "summary": "Fetch a list of credential offers",
+ "description": "This call provides a list of credential offers for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential offers fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offers fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential offers fetched successfully",
+ "data": [{ "id": "71b784a3" }]
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "description": "Something went wrong",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Something went wrong": {
+ "value": {
+ "statusCode": 500,
+ "message": "Something went wrong",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Offers"]
+ },
+ "post": {
+ "operationId": "CredentialOffersController_offer",
+ "summary": "Create a credential offer",
+ "description": "This call creates a credential offer for a given connection ID and credential definition ID",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": { "$ref": "#/components/schemas/OfferPayload" }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Credential offer created successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offer created successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential offer created successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offer not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential offer not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ },
+ "Credential definition not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential definition not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "description": "Something went wrong",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Something went wrong": {
+ "value": {
+ "statusCode": 500,
+ "message": "Something went wrong",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Offers"]
+ }
+ },
+ "/v1/credential-offers/{credentialOfferId}": {
+ "get": {
+ "operationId": "CredentialOffersController_getById",
+ "summary": "Fetch a credential offer by ID",
+ "description": "This call provides a credential offer for a given ID",
+ "parameters": [
+ {
+ "name": "credentialOfferId",
+ "required": true,
+ "in": "path",
+ "description": "The credential offer ID to retrieve",
+ "schema": { "format": "string", "type": "string" }
+ },
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential offer fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offer fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential offer fetched successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offer not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential offer not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "description": "Something went wrong",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Something went wrong": {
+ "value": {
+ "statusCode": 500,
+ "message": "Something went wrong",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Offers"]
+ }
+ },
+ "/v1/credential-offers/self": {
+ "post": {
+ "operationId": "CredentialOffersController_offerToSelf",
+ "summary": "Create a credential offer to self",
+ "description": "This call creates a credential offer for a given credential definition ID",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": { "$ref": "#/components/schemas/OfferPayloadSelf" }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Credential offer created successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offer created successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential offer created successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offer not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential offer not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ },
+ "Credential definition not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential definition not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "description": "Something went wrong",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Something went wrong": {
+ "value": {
+ "statusCode": 500,
+ "message": "Something went wrong",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Offers"]
+ }
+ },
+ "/v1/credential-offers/{credentialOfferId}/accept": {
+ "post": {
+ "operationId": "CredentialOffersController_acceptOffer",
+ "summary": "Accept a credential offer",
+ "description": "This call accepts a credential offer for a given ID",
+ "parameters": [
+ {
+ "name": "credentialOfferId",
+ "required": true,
+ "in": "path",
+ "description": "The credential offer ID to retrieve",
+ "schema": { "format": "string", "type": "string" }
+ },
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential offer accepted successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offer accepted successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential offer accepted successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential offer not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential offer not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "description": "Something went wrong",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Something went wrong": {
+ "value": {
+ "statusCode": 500,
+ "message": "Something went wrong",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Offers"]
+ }
+ },
+ "/v1/credential-requests": {
+ "get": {
+ "operationId": "CredentialRequestsController_find",
+ "summary": "Fetch a list of credential requests",
+ "description": "This call provides a list of credential requests for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential requests fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential requests fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential requests fetched successfully",
+ "data": [{ "id": "71b784a3" }]
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential request not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential request not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Requests"]
+ }
+ },
+ "/v1/credential-requests/{id}": {
+ "get": {
+ "operationId": "CredentialRequestsController_getById",
+ "summary": "Fetch a credential request by id",
+ "description": "This call provides a credential request for a given tenant by id",
+ "parameters": [
+ {
+ "name": "credentialRequestId",
+ "required": true,
+ "in": "path",
+ "description": "The credential request ID to retrieve",
+ "schema": { "format": "string", "type": "string" }
+ },
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential request fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential request fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential request fetched successfully",
+ "data": { "id": "71b784a3" }
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential request not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential request not found",
+ "data": null
+ }
+ },
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Requests"]
+ }
+ },
+ "/v1/policies/check-reissue": {
+ "post": {
+ "operationId": "PoliciesController_checkAutoReissue",
+ "summary": "Check if a credential can be reissued",
+ "description": "Check if a credential can be reissued",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": { "$ref": "#/components/schemas/PolicyParams" }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "The result of the policy evaluation",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "properties": { "result": { "type": "boolean" } }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ },
+ "Credential not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ }
+ },
+ "tags": ["Policies"]
+ }
+ },
+ "/v1/policies/check-revocation": {
+ "post": {
+ "operationId": "PoliciesController_checkAutoRevocation",
+ "summary": "Check if a credential should be revoked",
+ "description": "Check if a credential should be revoked",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": { "$ref": "#/components/schemas/PolicyParams" }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "The result of the policy evaluation",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "properties": { "result": { "type": "boolean" } }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ },
+ "Credential not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ }
+ },
+ "tags": ["Policies"]
+ }
+ },
+ "/v1/policies/refresh": {
+ "post": {
+ "operationId": "PoliciesController_checkRefresh",
+ "summary": "Check if a credential should be refreshed",
+ "description": "Check if a credential should be refreshed",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": { "$ref": "#/components/schemas/PolicyParams" }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "The result of the policy evaluation",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "properties": { "result": { "type": "boolean" } }
+ }
+ }
+ }
+ },
+ "404": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ },
+ "Credential not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential not found",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ },
+ "500": {
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ },
+ "description": ""
+ }
+ },
+ "tags": ["Policies"]
+ }
+ }
+ },
+ "info": {
+ "title": "Gaia-X OCM Credential Manager",
+ "description": "",
+ "version": "1.0.0",
+ "contact": {}
+ },
+ "tags": [],
+ "servers": [],
+ "components": {
+ "schemas": {
+ "Attribute": {
+ "type": "object",
+ "properties": {
+ "name": { "type": "string" },
+ "value": { "type": "string" },
+ "mimeType": { "type": "string" }
+ },
+ "required": ["name", "value"]
+ },
+ "OfferPayload": {
+ "type": "object",
+ "properties": {
+ "connectionId": { "type": "string" },
+ "credentialDefinitionId": { "type": "string" },
+ "attributes": {
+ "type": "array",
+ "items": { "$ref": "#/components/schemas/Attribute" }
+ },
+ "revocationRegistryDefinitionId": { "type": "string" }
+ },
+ "required": [
+ "connectionId",
+ "credentialDefinitionId",
+ "attributes",
+ "revocationRegistryDefinitionId"
+ ]
+ },
+ "OfferPayloadSelf": {
+ "type": "object",
+ "properties": {
+ "credentialDefinitionId": { "type": "string" },
+ "attributes": {
+ "type": "array",
+ "items": { "$ref": "#/components/schemas/Attribute" }
+ },
+ "revocationRegistryDefinitionId": { "type": "string" }
+ },
+ "required": [
+ "credentialDefinitionId",
+ "attributes",
+ "revocationRegistryDefinitionId"
+ ]
+ },
+ "PolicyParams": {
+ "type": "object",
+ "properties": {
+ "credentialId": {
+ "type": "string",
+ "description": "The credential ID to check the policy for"
+ }
+ },
+ "required": ["credentialId"]
+ }
+ }
+ }
+}
diff --git a/apps/did-manager/README.md b/apps/did-manager/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..974526dd54a195a6e0c2c3ad5b960b9207cf75d2
--- /dev/null
+++ b/apps/did-manager/README.md
@@ -0,0 +1,76 @@
+# OCM DID Manager
+
+## Introduction
+OCM DID Manager enables you to:
+- Register DIDs from a seed
+- Resolve DID Documents
+- Get [DID Configuration](https://identity.foundation/.well-known/resources/did-configuration/)
+
+## Prerequisites
+Ensure you have Node.js installed ([official Node.js website](https://nodejs.org)).
+
+## Configuration
+Set configuration via environment variables or an `.env` file:
+
+| Property | Description | Default |
+|---|---|---|
+| `HTTP_HOSTNAME` | HTTP server hostname | `0.0.0.0` |
+| `HTTP_PORT` | HTTP server port | `3000` |
+| `NATS_URL` | NATS Server URL | `nats://localhost:4222` |
+| `NATS_USER` | NATS user | |
+| `NATS_PASSWORD` | NATS password | |
+| `NATS_MONITORING_URL` | NATS Monitoring URL | `http://localhost:8222` |
+
+## Usage
+
+Start in development mode:
+```bash
+pnpm start
+```
+
+### Operations
+> **Note:** All requests need a `tenantId` query parameter.
+
+#### Register DID from a seed
+
+```bash
+curl -X POST -d '{"seed":"s2b6rqknk77x016jkyloy3hnrh6s48le"}' http://ocm-indy.xfsc.dev/v1/dids?tenantId=<tenantId>
+```
+
+Response:
+
+```json
+{
+ "status": 201,
+ "data": ["did:indy:..."]
+}
+```
+
+#### Resolve DID
+
+```bash
+curl -X GET http://ocm-indy.xfsc.dev/v1/dids/<did>?tenantId=<tenantId>
+```
+
+Response:
+
+```json
+{
+ "status": 200,
+ "data": {
+ "@context": [
+ "https://w3id.org/did/v1",
+ "https://w3id.org/security/suites/ed25519-2018/v1"
+ ],
+ "id": "did:indy:...",
+ ...
+ }
+}
+```
+
+## API Reference
+For detailed documentation, refer to the [OpenAPI Specification](openapi.json).
+
+## License
+Licensed under the Apache 2.0 License ([LICENSE](LICENSE)).
+
diff --git a/apps/did-manager/openapi.json b/apps/did-manager/openapi.json
new file mode 100644
index 0000000000000000000000000000000000000000..aaa1eeb5ef27b1b1e288d06631fb3536b97eebb7
--- /dev/null
+++ b/apps/did-manager/openapi.json
@@ -0,0 +1,300 @@
+{
+ "openapi": "3.0.0",
+ "paths": {
+ "/v1/dids/{did}": {
+ "get": {
+ "operationId": "DIDsController_resolve",
+ "summary": "Resolve DID",
+ "description": "Resolve DID",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ },
+ {
+ "name": "did",
+ "required": true,
+ "in": "path",
+ "description": "DID to resolve",
+ "example": "did:example:123",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "DID resolved successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "DID resolved successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "DID resolved successfully",
+ "data": {}
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid DID",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Invalid DID": {
+ "value": { "statusCode": 400, "message": "Invalid DID" }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "DID not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found"
+ }
+ },
+ "DID not found": {
+ "value": { "statusCode": 404, "message": "DID not found" }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Something went wrong",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Something went wrong": {
+ "value": {
+ "statusCode": 500,
+ "message": "Something went wrong",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["DIDs"]
+ }
+ },
+ "/v1/dids": {
+ "post": {
+ "operationId": "DIDsController_registerFromSeed",
+ "summary": "Register DID from seed",
+ "description": "Register DID from seed",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/RegisterFromSeedPayload"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "DID registered successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "DID registered successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "DID registered successfully",
+ "data": {}
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid seed",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Invalid seed": {
+ "value": { "statusCode": 400, "message": "Invalid seed" }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found"
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Something went wrong",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Something went wrong": {
+ "value": {
+ "statusCode": 500,
+ "message": "Something went wrong",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["DIDs"]
+ }
+ },
+ "/v1/dids/configuration": {
+ "post": {
+ "operationId": "DIDsController_getConfiguration",
+ "summary": "Get DID configuration",
+ "description": "Get DID configuration",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetConfigurationPayload"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "DID configuration fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "DID configuration fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "DID configuration fetched successfully",
+ "data": {}
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found"
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Something went wrong",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Something went wrong": {
+ "value": {
+ "statusCode": 500,
+ "message": "Something went wrong",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["DIDs"]
+ }
+ }
+ },
+ "info": { "title": "", "description": "", "version": "1.0.0", "contact": {} },
+ "tags": [],
+ "servers": [],
+ "components": {
+ "schemas": {
+ "RegisterFromSeedPayload": {
+ "type": "object",
+ "properties": {
+ "seed": {
+ "type": "string",
+ "description": "Seed to use for DID generation",
+ "example": "000000000000000000000000Steward1"
+ },
+ "services": {
+ "description": "Services to associate with DID",
+ "example": [
+ {
+ "identifier": "example",
+ "url": "https://example.com",
+ "type": "example"
+ }
+ ],
+ "type": "array",
+ "items": { "type": "string" }
+ }
+ },
+ "required": ["seed", "services"]
+ },
+ "GetConfigurationPayload": { "type": "object", "properties": {} }
+ }
+ }
+}
diff --git a/apps/proof-manager/README.md b/apps/proof-manager/README.md
index 301032704adfedcb8f51a6709adddd1190ea75d0..c3ab3802a57cedfb8b96cba1b9fdb37d71256cd1 100644
--- a/apps/proof-manager/README.md
+++ b/apps/proof-manager/README.md
@@ -1,137 +1,85 @@
# OCM Proof Manager
-## Description
-
-<hr/>
-The Proof Manager, is the microservice responsible for handling the features related to Proof Presentation in the Organizational Credential Manager.
+## Introduction
+The OCM Proof Manager API enables you to:
+- Request presentation proofs
+- List all presentation proofs
+- Retrieve a presentation proof by ID
+- Accept incoming presentation proofs
+- Delete presentation proofs
+
+## Prerequisites
+Ensure you have Node.js installed ([official Node.js website](https://nodejs.org)).
+
+## Configuration
+Set configuration via environment variables or an `.env` file:
+
+| Property | Description | Default |
+|---|---|---|
+| `HTTP_HOSTNAME` | HTTP server hostname | `0.0.0.0` |
+| `HTTP_PORT` | HTTP server port | `3000` |
+| `NATS_URL` | NATS Server URL | `nats://localhost:4222` |
+| `NATS_USER` | NATS user | |
+| `NATS_PASSWORD` | NATS password | |
+| `NATS_MONITORING_URL` | NATS Monitoring URL | `http://localhost:8222` |
## Usage
-<hr/>
-
-### Swagger Documentation:
-
-[Swagger/OpenAPI](swagger.json)
-
-## Installation
-
-<hr/>
-
-### Pre-requisite
-
-- pnpm
-- docker
-- docker-compose
-- Postgres
-
-### OCM Services Dependencies
-
-- SSI Abstraction
-- Connection Manager
-- Attestation Manager
-
-## Running the app
-
-**Each service in the Organizational Credential Manager can be run from the infrastructure repository with Docker.**
-
-**The .env files are in the infrastructure repository under /env**
-
-### There are two separate Dockefiles in "./deployment" of every project:
-
+Start in development mode:
```bash
- ## production in:
- ./deployment/ci
- ## development in:
- ./deployment/dev
-```
-
-- (optional) Edit docker-compose.yml in "infrastructure" to use either **/ci/** or **/dev/** Dockerfiles.
-
-- Run while in **"infrastructure"** project:
-
-```bash
-$ docker-compose up --build proof-m
-```
-
-to run only Connection Manager or
-
-```bash
-$ docker-compose up --build
-```
-
-to run all the services.
-
-## Build
-
-```
-pnpm build
-```
-
-## Run
-
-```
pnpm start
```
-### Environment Variables Required
-
-```
-1. PORT
-2. DATABASE_URL
-3. ECSURL
-4. NATS_URL
-5. AGENT_URL
-```
-
-### Outgoing communication services
-
-```
-1. SSI Abstraction
-```
+### Operations
+> **Note:** All requests need a `tenantId` query parameter.
-### Incomming communication services
+#### Request a presentation proof
-```
-1. Connection Manager
-2. Attestation Manager
+```bash
+curl -X POST -d '{"name":"Proof_name","connectionId":"0f777ad8-647a-464f-bb93-6b2c5d2805c5","requestedAttributes":{...},"requestedPredicates":{...}}' http://ocm-indy.xfsc.dev/v1/proofs?tenantId=<tenantId>
```
-## Features supported
-
-```
-1. Proof Presentation
-2. Out of Band
+Response:
+```json
+{
+ "status": 201,
+ "data": {
+ "_tags": {},
+ "metadata": {},
+ "id": "96f25c87-3702-4269-bbfb-5c7671df0784",
+ "createdAt": "2024-03-11T10:00:40.572Z",
+ "protocolVersion": "v2",
+ "state": "request-sent",
+ ...
+ }
+}
```
-## Test
-
-<hr/>
+#### Accept a presentation proof request
```bash
-# unit tests
-$ pnpm test
-
-# e2e tests
-$ pnpm test:e2e
-
-# test coverage
-$ pnpm test:cov
+curl -X POST http://ocm-indy.xfsc.dev/v1/proofs/96f25c87-3702-4269-bbfb-5c7671df0784/accept?tenantId=<tenantId>
```
-## GDPR
+Response:
-<hr/>
-
-[GDPR](GDPR.md)
-
-## Dependencies
-
-<hr/>
+```json
+{
+ "statusCode": 200,
+ "data": {
+ "_tags": {
+ "connectionId": "13254185-deed-4d37-a4a8-3dc56adff524",
+ "role": "prover",
+ "state": "request-received",
+ "threadId": "d78ed0ad-1ad6-41db-bccc-2acf57b5cdd5"
+ },
+ ...
+ }
+}
+```
-[Dependencies](package.json)
+## API Reference
+For detailed documentation, refer to the [OpenAPI Specification](openapi.json).
## License
-
-<hr/>
-
-[Apache 2.0 license](LICENSE)
+Licensed under the Apache 2.0 License ([LICENSE](LICENSE)).
diff --git a/apps/proof-manager/openapi.json b/apps/proof-manager/openapi.json
new file mode 100644
index 0000000000000000000000000000000000000000..58c8a660957cea17d7ef0a2b86691ee0ff4fb674
--- /dev/null
+++ b/apps/proof-manager/openapi.json
@@ -0,0 +1,465 @@
+{
+ "openapi": "3.0.0",
+ "paths": {
+ "/v1/proofs": {
+ "get": {
+ "operationId": "ProofsController_find",
+ "summary": "Fetch a list of presentation proofs",
+ "description": "This call provides a list of presentation proofs for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Presentation proofs fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Presentation proofs fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Presentation proofs fetched successfully",
+ "data": []
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Presentation Proofs"]
+ },
+ "post": {
+ "operationId": "ProofsController_request",
+ "summary": "Request a presentation proof",
+ "description": "This call requests a presentation proof for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "example": "Proof of Vaccination"
+ },
+ "connectionId": { "type": "string", "example": "1234567890" },
+ "requestedAttributes": {
+ "type": "object",
+ "additionalProperties": {
+ "type": "object",
+ "properties": {
+ "names": {
+ "type": "array",
+ "items": { "type": "string" }
+ },
+ "restrictions": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "schema_id": { "type": "string" },
+ "schema_issuer_id": { "type": "string" },
+ "schema_name": { "type": "string" },
+ "schema_version": { "type": "string" },
+ "issuer_id": { "type": "string" },
+ "cred_def_id": { "type": "string" },
+ "rev_reg_id": { "type": "string" },
+ "schema_issuer_did": { "type": "string" },
+ "issuer_did": { "type": "string" }
+ },
+ "patternProperties": {
+ "^attr::.*?::marker$": { "enum": ["1", "0"] },
+ "^attr::.*?::value$": { "type": "string" }
+ },
+ "additionalProperties": {
+ "type": "string",
+ "anyOf": [
+ { "enum": ["1", "0"] },
+ { "type": "string" }
+ ]
+ }
+ }
+ }
+ },
+ "required": ["names"]
+ }
+ },
+ "requestedPredicates": {
+ "type": "object",
+ "properties": {
+ "name": { "type": "string" },
+ "predicateType": { "enum": [">=", ">", "<=", "<"] },
+ "predicateValue": { "type": "number" },
+ "restrictions": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "schema_id": { "type": "string" },
+ "schema_issuer_id": { "type": "string" },
+ "schema_name": { "type": "string" },
+ "schema_version": { "type": "string" },
+ "issuer_id": { "type": "string" },
+ "cred_def_id": { "type": "string" },
+ "rev_reg_id": { "type": "string" },
+ "schema_issuer_did": { "type": "string" },
+ "issuer_did": { "type": "string" }
+ },
+ "patternProperties": {
+ "^attr::.*?::marker$": { "enum": ["1", "0"] },
+ "^attr::.*?::value$": { "type": "string" }
+ },
+ "additionalProperties": {
+ "type": "string",
+ "anyOf": [
+ { "enum": ["1", "0"] },
+ { "type": "string" }
+ ]
+ }
+ }
+ }
+ },
+ "required": ["name", "predicateType", "predicateValue"]
+ }
+ },
+ "required": [
+ "name",
+ "connectionId",
+ "requestedAttributes",
+ "requestedPredicates"
+ ]
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Presentation proof requested successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Presentation proof requested successfully": {
+ "value": {
+ "statusCode": 201,
+ "message": "Presentation proof requested successfully",
+ "data": {}
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request payload",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Invalid request payload": {
+ "value": {
+ "statusCode": 400,
+ "message": "Invalid request payload",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Presentation Proofs"]
+ }
+ },
+ "/v1/proofs/{id}": {
+ "get": {
+ "operationId": "ProofsController_get",
+ "summary": "Fetch a presentation proof by id",
+ "description": "This call provides a presentation proof for a given tenant and id",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Presentation proof fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Presentation proof fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Presentation proof fetched successfully",
+ "data": {}
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid presentation proof id",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Invalid presentation proof id": {
+ "value": {
+ "statusCode": 400,
+ "message": "Invalid presentation proof id",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Presentation Proofs"]
+ },
+ "delete": {
+ "operationId": "ProofsController_delete",
+ "summary": "Delete a presentation proof",
+ "description": "This call deletes a presentation proof for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Presentation proof deleted successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Presentation proof deleted successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Presentation proof deleted successfully",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid presentation proof id",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Invalid presentation proof id": {
+ "value": {
+ "statusCode": 400,
+ "message": "Invalid presentation proof id",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ },
+ "Presentation proof not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Presentation proof not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Presentation Proofs"]
+ }
+ },
+ "/v1/proofs/{proofRecordId}/accept": {
+ "post": {
+ "operationId": "ProofsController_accept",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": { "200": { "description": "" } },
+ "tags": ["Presentation Proofs"]
+ }
+ }
+ },
+ "info": {
+ "title": "Gaia-X OCM Proof Manager",
+ "description": "",
+ "version": "1.0.0",
+ "contact": {}
+ },
+ "tags": [],
+ "servers": [],
+ "components": { "schemas": {} }
+}
diff --git a/apps/proof-manager/swagger.json b/apps/proof-manager/swagger.json
deleted file mode 100644
index d43658b72a4baf6fd0e0239215b5a918446771af..0000000000000000000000000000000000000000
--- a/apps/proof-manager/swagger.json
+++ /dev/null
@@ -1,970 +0,0 @@
-{
- "openapi": "3.0.0",
- "paths": {
- "/v1/health": {
- "get": {
- "operationId": "HealthController_getHealth",
- "summary": "Health check",
- "description": "This call provides the capability to check the service is working and up. The call returns 200 Status Code and current server time in json body",
- "parameters": [],
- "responses": {
- "200": {
- "description": "Service is up and running.",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Service is up and running.": {
- "value": {
- "statusCode": 200,
- "message": "Thu Jan 01 1970 00:00:00 GMT+0000 (Coordinated Universal Time)"
- }
- }
- }
- }
- }
- }
- }
- }
- },
- "/v1/find-proof-presentation": {
- "get": {
- "operationId": "PresentationProofsController_findProofPresentation",
- "summary": "Fetch list of proof requests",
- "description": "This call provides the capability to search proofs (Credential Presentation) by using pagination and filter parameters. This call returns a list of proof requests (Proof Presentations) and overall count of records. Filter supports following parameters: page, pageSize, proofRecordId, connectionId, credentialDefId, schemaId, theirDid, status, createdDateStart, createdDateEnd, updatedDateStart, updatedDateEnd",
- "parameters": [
- {
- "name": "updatedDateEnd",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "updatedDateStart",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "createdDateEnd",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "createdDateStart",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "status",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "theirDid",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "schemaId",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "credentialDefId",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "connectionId",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "proofRecordId",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "pageSize",
- "required": false,
- "in": "query",
- "schema": {}
- },
- {
- "name": "page",
- "required": false,
- "in": "query",
- "schema": {}
- }
- ],
- "responses": {
- "200": {
- "description": "Proof presentations fetched successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Proof presentations fetched successfully": {
- "value": {
- "statusCode": 200,
- "message": "Proof presentations fetched successfully",
- "data": {
- "count": 1,
- "records": [
- {
- "id": "30774a7e",
- "proofRecordId": "9b4ab922",
- "connectionId": "",
- "credentialDefId": "",
- "schemaId": "",
- "theirDid": "",
- "status": "request-sent",
- "createdDate": "1970-01-01T00:00:00.642Z",
- "updatedDate": "1970-01-01T00:00:00.642Z"
- }
- ]
- }
- }
- }
- }
- }
- }
- },
- "404": {
- "description": "No Data found",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "No Data found": {
- "value": {
- "statusCode": 404,
- "message": "No Data found"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/find-by-presentation-id": {
- "get": {
- "operationId": "PresentationProofsController_findProofByProofRecordId",
- "summary": "Fetch proof presentation by proofRequestId",
- "description": "This call provides the capability to get proof request by providing proofRecordId (presentationId). The call returns an information about proof request and also (if user accepted proof request) information about requested user credentials",
- "parameters": [
- {
- "name": "proofRecordId",
- "required": true,
- "in": "query",
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Proof presentation fetched successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Proof presentation fetched successfully": {
- "value": {
- "statusCode": 200,
- "message": "Proof presentation fetched successfully",
- "data": {
- "state": "request-sent",
- "presentations": [
- {
- "schemaId": "",
- "credDefId": "",
- "revRegId": "",
- "timestamp": "",
- "credentialSubject": {}
- }
- ]
- }
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "Find presentation request required following attributes: ( proofRecordId )",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Find presentation request required following attributes: ( proofRecordId )": {
- "value": {
- "statusCode": 400,
- "message": "Find presentation request required following attributes: ( proofRecordId )"
- }
- }
- }
- }
- }
- },
- "404": {
- "description": "No Data found",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "No Data found": {
- "value": {
- "statusCode": 404,
- "message": "No Data found"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/send-presentation-request": {
- "post": {
- "operationId": "PresentationProofsController_sendPresentationRequest",
- "summary": "Send presentation request",
- "description": "This call provides the capability to create a new presentation request bound to existing connection. It is mandatory to provide a schema for every requested attribute and attribute name in the body information of the connection. The call returns an information about proof request (proofRecordId, connectionId, credentialDefId, schemaId, theirDid, status, createdDate, updatedDate, threadId)",
- "parameters": [],
- "requestBody": {
- "required": true,
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/SendProofRequest"
- }
- }
- }
- },
- "responses": {
- "201": {
- "description": "Presentation request sent successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Presentation request sent successfully": {
- "value": {
- "statusCode": 201,
- "message": "Presentation request sent successfully",
- "data": {
- "id": "a7ccc2f7",
- "proofRecordId": "fb556018-1907-47c1-a6d6-c7cbca7d23b4",
- "connectionId": "a9371aed-67ed-4448-ace0-d773e7b30e1c",
- "credentialDefId": "",
- "schemaId": "",
- "theirDid": "",
- "status": "request-sent",
- "createdDate": "2023-03-02T13:02:43.656Z",
- "updatedDate": "2023-03-02T13:02:43.656Z",
- "threadId": "75045c1b-f0ef-4f10-831e-4e4f301333af"
- }
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "Find presentation request required following attributes: ( proofRecordId )",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Find presentation request required following attributes: ( proofRecordId )": {
- "value": {
- "statusCode": 400,
- "message": "Find presentation request required following attributes: ( proofRecordId )"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/send-out-of-band-presentation-request": {
- "post": {
- "operationId": "PresentationProofsController_sendOutOfBandPresentationRequest",
- "summary": "Send out of band presentation request",
- "description": "This call provides the capability to create a new presentation request not bound to any proposal or existing connection. The call returns an information about presentation request",
- "parameters": [],
- "requestBody": {
- "required": true,
- "content": {
- "application/json": {
- "schema": {
- "$ref": "#/components/schemas/SendProofRequestBody"
- }
- }
- }
- },
- "responses": {
- "201": {
- "description": "Presentation request sent successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Presentation request sent successfully": {
- "value": {
- "statusCode": 201,
- "message": "Presentation request sent successfully",
- "data": {
- "id": "d6667caa",
- "proofRecordId": "600dd422",
- "connectionId": "",
- "credentialDefId": "",
- "schemaId": "",
- "theirDid": "",
- "status": "request-sent",
- "createdDate": "1970-01-01T00:00:00.934Z",
- "updatedDate": "1970-01-01T00:00:00.934Z",
- "presentationMessage": "https://serviceEndpointUrl.com:443/ocm/didcomm/?d_m=eyJAdHlwZSI6I",
- "presentationMessageShort": "https://selfUrl.com/v1/url/1234abcd"
- }
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "Send presentation request required following attributes( attributes, schemaId or credentialDefinitionId )",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Send presentation request required following attributes( attributes, schemaId or credentialDefinitionId )": {
- "value": {
- "statusCode": 400,
- "message": "Send presentation request required following attributes( attributes, schemaId or credentialDefinitionId )"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/out-of-band-proof": {
- "post": {
- "operationId": "PresentationProofsController_outOfBandProof",
- "summary": "Send out of band proof",
- "description": "This call provides the capability to create a new presentation request not bound to any proposal or existing connection but it creates just on type defined in attestation manager (type is bound to schema id there). The call returns an information about presentation request",
- "parameters": [
- {
- "name": "type",
- "required": true,
- "in": "query",
- "schema": {}
- }
- ],
- "responses": {
- "201": {
- "description": "Presentation request sent successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Presentation request sent successfully": {
- "value": {
- "statusCode": 201,
- "message": "Presentation request sent successfully",
- "data": {
- "id": "60f38aa4",
- "proofRecordId": "852ee278",
- "connectionId": "",
- "credentialDefId": "",
- "schemaId": "",
- "theirDid": "",
- "status": "request-sent",
- "createdDate": "2023-03-02T13:12:38.934Z",
- "updatedDate": "2023-03-02T13:12:38.934Z",
- "presentationMessage": "https://serviceEndpointUrl.com:443/ocm/didcomm/?d_m=eyJAdHlwZSI6Imh0dHBzOi8",
- "presentationMessageShort": "https://selfUrl/v1/url/1234abcd"
- }
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "Could not get schema details. please try again.",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Could not get schema details. please try again.": {
- "value": {
- "statusCode": 400,
- "message": "Could not get schema details. please try again."
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/accept-presentation/{proofRecordId}": {
- "post": {
- "operationId": "PresentationProofsController_acceptPresentation",
- "summary": "Accept presentation request by proofRecordId",
- "description": "Accept a presentation as prover (by sending a presentation acknowledgement message) to the connection associated with the proof record.",
- "parameters": [
- {
- "name": "proofRecordId",
- "required": true,
- "in": "path",
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": "Presentation accepted successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Presentation accepted successfully": {
- "value": {}
- }
- }
- }
- }
- },
- "400": {
- "description": "Accept presentation request required following attributes ( proof_record_id )",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Accept presentation request required following attributes ( proof_record_id )": {
- "value": {
- "statusCode": 400,
- "message": "Accept presentation request required following attributes ( proof_record_id )"
- }
- }
- }
- }
- }
- },
- "500": {
- "description": "Internal Server Error",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Internal Server Error": {
- "value": {
- "statusCode": 500,
- "timestamp": "1970-01-01T00:00:00.891Z",
- "message": "Something went wrong: Lorem Ipsum"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/accept-proof-request/{proofRecordId}": {
- "post": {
- "operationId": "PresentationProofsController_acceptProofRequest",
- "summary": "Accept proof request by proofRecordId",
- "description": "Accept a presentation request as prover (by sending a presentation message) to the connection associated with the proof record.",
- "parameters": [],
- "responses": {
- "200": {
- "description": "Request accepted successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Request accepted successfully": {
- "value": {
- "statusCode": 200,
- "message": "Request accepted successfully",
- "data": {
- "_tags": {
- "threadId": "6b5c57b3",
- "state": "request-received",
- "connectionId": "653b8cdc"
- },
- "metadata": {},
- "id": "19c5269f",
- "createdAt": "1970-01-01T00:00:00.498Z",
- "requestMessage": {
- "@type": "https://didcomm.org/present-proof/1.0/request-presentation",
- "@id": "6b5c57b3",
- "comment": "Proof Presenation",
- "request_presentations~attach": [
- {
- "@id": "libindy-request-presentation-0",
- "mime-type": "application/json",
- "data": {
- "base64": "eyJuYW="
- }
- }
- ]
- },
- "state": "presentation-sent",
- "connectionId": "653b8cdc",
- "threadId": "6b5c57b3",
- "presentationMessage": {
- "@type": "https://didcomm.org/present-proof/1.0/presentation",
- "@id": "c1089096",
- "presentations~attach": [
- {
- "@id": "libindy-presentation-0",
- "mime-type": "application/json",
- "data": {
- "base64": "eyJwcm9vZ"
- }
- }
- ],
- "~thread": {
- "thid": "6b5c57b3"
- }
- }
- }
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "Accept proof request required following attributes ( proofRecordId )",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Accept proof request required following attributes ( proofRecordId )": {
- "value": {
- "statusCode": 400,
- "timestamp": "1970-01-01T00:00:00.891Z",
- "message": "Accept proof request required following attributes ( proofRecordId )"
- }
- }
- }
- }
- }
- },
- "500": {
- "description": "Internal Server Error",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Internal Server Error": {
- "value": {
- "statusCode": 500,
- "timestamp": "1970-01-01T00:00:00.891Z",
- "message": "Something went wrong: Lorem Ipsum"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/delete-proof-request/{proofRecordId}": {
- "post": {
- "operationId": "PresentationProofsController_deleteProofRequest",
- "summary": "Delete proof request by proofRecordId",
- "description": "Deletes a proofRecord in the proof repository.",
- "parameters": [],
- "responses": {
- "200": {
- "description": "Delete proof request",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Delete proof request": {
- "value": {
- "statusCode": 200,
- "message": "Proof request deleted successfully",
- "data": ""
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "Delete proof request required following attributes ( proofRecordId )",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Delete proof request required following attributes ( proofRecordId )": {
- "value": {
- "statusCode": 400,
- "timestamp": "1970-01-01T00:00:00.891Z",
- "message": "Delete proof request required following attributes ( proofRecordId )"
- }
- }
- }
- }
- }
- },
- "500": {
- "description": "Internal Server Error",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Internal Server Error": {
- "value": {
- "statusCode": 500,
- "timestamp": "1970-01-01T00:00:00.891Z",
- "message": "Something went wrong: Lorem Ipsum"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/decline-proof-request/{proofRecordId}": {
- "post": {
- "operationId": "PresentationProofsController_declineProofRequest",
- "summary": "Decline proof request by proofRecordId",
- "description": "Decline proof request as prover (by sending a presentation message) to the connection associated with the proof record.",
- "parameters": [],
- "responses": {
- "200": {
- "description": "Request declined successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Request declined successfully": {
- "value": {
- "statusCode": 200,
- "message": "Request declined successfully",
- "data": {
- "_tags": {
- "threadId": "6b5c57b3",
- "state": "request-received",
- "connectionId": "653b8cdc"
- },
- "metadata": {},
- "id": "19c5269f",
- "createdAt": "1970-01-01T00:00:00.498Z",
- "requestMessage": {
- "@type": "https://didcomm.org/present-proof/1.0/request-presentation",
- "@id": "6b5c57b3",
- "comment": "Proof Presenation",
- "request_presentations~attach": [
- {
- "@id": "libindy-request-presentation-0",
- "mime-type": "application/json",
- "data": {
- "base64": "eyJuYW="
- }
- }
- ]
- },
- "state": "presentation-sent",
- "connectionId": "653b8cdc",
- "threadId": "6b5c57b3",
- "presentationMessage": {
- "@type": "https://didcomm.org/present-proof/1.0/presentation",
- "@id": "c1089096",
- "presentations~attach": [
- {
- "@id": "libindy-presentation-0",
- "mime-type": "application/json",
- "data": {
- "base64": "eyJwcm9vZ"
- }
- }
- ],
- "~thread": {
- "thid": "6b5c57b3"
- }
- }
- }
- }
- }
- }
- }
- }
- },
- "400": {
- "description": "Accept proof request required following attributes ( proofRecordId )",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Accept proof request required following attributes ( proofRecordId )": {
- "value": {
- "statusCode": 400,
- "timestamp": "1970-01-01T00:00:00.891Z",
- "message": "Accept proof request required following attributes ( proofRecordId )"
- }
- }
- }
- }
- }
- },
- "500": {
- "description": "Internal Server Error",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Internal Server Error": {
- "value": {
- "statusCode": 500,
- "timestamp": "1970-01-01T00:00:00.891Z",
- "message": "Something went wrong: Lorem Ipsum"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/agent-proofs": {
- "get": {
- "operationId": "PresentationProofsController_getAllProofRequest",
- "summary": "Fetch all proofs directly from the agent",
- "description": "This call provides the capability to get all proof records directly from agent. Pagination and sorting does not implemented in that version of Aries Framework Javascript",
- "parameters": [
- {
- "name": "threadId",
- "required": false,
- "in": "query",
- "schema": {}
- }
- ],
- "responses": {
- "200": {
- "description": "Proofs fetched successfully",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Proofs fetched successfully": {
- "value": {
- "statusCode": 200,
- "message": "Proofs fetched successfully",
- "data": [
- {
- "_tags": {
- "threadId": "75045c1b",
- "state": "request-received",
- "connectionId": "e6d30380"
- },
- "metadata": {},
- "id": "6f776996",
- "createdAt": "1970-01-01T00:00:00.640Z",
- "requestMessage": {
- "@type": "https://didcomm.org/present-proof/1.0/request-presentation",
- "@id": "75045c1b",
- "comment": "Proof Presenation",
- "request_presentations~attach": [
- {
- "@id": "libindy-request-presentation-0",
- "mime-type": "application/json",
- "data": {
- "base64": "eyJ"
- }
- }
- ]
- },
- "state": "request-received",
- "connectionId": "e6d30380",
- "threadId": "75045c1b"
- },
- {
- "_tags": {
- "connectionId": "a9371aed",
- "state": "request-sent",
- "threadId": "75045c1b"
- },
- "metadata": {},
- "id": "fb556018",
- "createdAt": "1970-01-01T00:00:00.568Z",
- "requestMessage": {
- "@type": "https://didcomm.org/present-proof/1.0/request-presentation",
- "@id": "75045c1b",
- "comment": "Proof Presenation",
- "request_presentations~attach": [
- {
- "@id": "libindy-request-presentation-0",
- "mime-type": "application/json",
- "data": {
- "base64": "eyJ"
- }
- }
- ]
- },
- "state": "request-sent",
- "connectionId": "a9371aed",
- "threadId": "75045c1b"
- }
- ]
- }
- }
- }
- }
- }
- },
- "500": {
- "description": "Internal Server Error",
- "content": {
- "application/json": {
- "schema": {},
- "examples": {
- "Internal Server Error": {
- "value": {
- "statusCode": 500,
- "timestamp": "1970-01-01T00:00:00.891Z",
- "message": "Something went wrong: Lorem Ipsum"
- }
- }
- }
- }
- }
- }
- },
- "tags": ["Proofs"]
- }
- },
- "/v1/url/{id}": {
- "get": {
- "operationId": "PresentationProofsController_redirectToOriginalUrl",
- "summary": "Get full url from short url id",
- "description": "Get full url from short url id",
- "parameters": [
- {
- "name": "id",
- "required": true,
- "in": "path",
- "schema": {
- "type": "string"
- }
- }
- ],
- "responses": {
- "200": {
- "description": ""
- }
- },
- "tags": ["Proofs"]
- }
- }
- },
- "info": {
- "title": "Gaia-x Proof Manager API",
- "description": "API documentation for GAIA-X Proof Manager",
- "version": "1.0",
- "contact": {}
- },
- "tags": [],
- "servers": [],
- "components": {
- "schemas": {
- "SendProofRequest": {
- "type": "object",
- "properties": {
- "comment": {
- "type": "string",
- "example": "comments"
- },
- "connectionId": {
- "type": "string",
- "example": "3fa85f64-5717-4562-b3fc-2c963f66afa6"
- },
- "attributes": {
- "example": [
- {
- "attributeName": "attributeName",
- "schemaId": "schemaId",
- "credentialDefId": "credentialDefId"
- }
- ],
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- },
- "required": ["comment", "connectionId", "attributes"]
- },
- "SendProofRequestBody": {
- "type": "object",
- "properties": {
- "comment": {
- "type": "string",
- "example": "comments"
- },
- "schemaId": {
- "type": "string",
- "example": "WgWxqztrNooG92RXvxSTWv:3:CL:20:tag"
- },
- "options": {
- "type": "object",
- "example": {
- "type": "Aries1.0",
- "credentialDefinitionId": "credentialDefinitionId"
- }
- },
- "attributes": {
- "example": ["attributeName"],
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- },
- "required": ["comment", "schemaId", "options", "attributes"]
- }
- }
- }
-}
diff --git a/apps/schema-manager/README.md b/apps/schema-manager/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..0b61ba3c5421e248d58d6b13a39b1e1359bf7d23
--- /dev/null
+++ b/apps/schema-manager/README.md
@@ -0,0 +1,78 @@
+# OCM Schema Manager
+
+## Introduction
+The OCM Schema Manager API enables you to:
+- Register Schemas on the ledger
+- Register Credential Definitions on the ledger
+- List registered schemas and credential definitions
+- Fetch schemas and credential definitions by ID
+
+## Prerequisites
+Ensure you have Node.js installed ([official Node.js website](https://nodejs.org)).
+
+## Configuration
+Set configuration via environment variables or an `.env` file:
+
+| Property | Description | Default |
+|---|---|---|
+| `HTTP_HOSTNAME` | HTTP server hostname | `0.0.0.0` |
+| `HTTP_PORT` | HTTP server port | `3000` |
+| `NATS_URL` | NATS Server URL | `nats://localhost:4222` |
+| `NATS_USER` | NATS user | |
+| `NATS_PASSWORD` | NATS password | |
+| `NATS_MONITORING_URL` | NATS Monitoring URL | `http://localhost:8222` |
+
+## Usage
+
+Start in development mode:
+```bash
+pnpm start
+```
+
+### Operations
+> **Note:** All requests need a `tenantId` query parameter.
+
+#### Register a new schema
+
+```bash
+curl -X POST -d '{"issuerDid":"did:indy:...","name":"...",...}' http://ocm-indy.xfsc.dev/v1/schemas?tenantId=<tenantId>
+```
+
+Response:
+
+```json
+{
+ "statusCode": 201,
+ "data": {
+ "schemaId": "did:indy:...",
+ "name": "...",
+ "version": "...",
+ ...
+ }
+}
+```
+
+#### Register a credential definition
+
+```bash
+curl -X POST -d '{"schemaId":"did:indy:...","tag":"...","supportRevocation":true}' http://ocm-indy.xfsc.dev/v1/credential-definitions?tenantId=<tenantId>
+```
+
+Response:
+
+```json
+{
+ "statusCode": 201,
+ "data": {
+ "credentialDefinitionId": "did:indy:...",
+ "schemaId": "did:indy:...",
+ ...
+ }
+}
+```
+
+## API Reference
+For detailed documentation, refer to the [OpenAPI Specification](openapi.json).
+
+## License
+Licensed under the Apache 2.0 License ([LICENSE](LICENSE)).
diff --git a/apps/schema-manager/openapi.json b/apps/schema-manager/openapi.json
new file mode 100644
index 0000000000000000000000000000000000000000..b3a5233ec0031e4cf1ac15b32867313cd5a052ec
--- /dev/null
+++ b/apps/schema-manager/openapi.json
@@ -0,0 +1,552 @@
+{
+ "openapi": "3.0.0",
+ "paths": {
+ "/v1/schemas": {
+ "get": {
+ "operationId": "SchemasController_getAll",
+ "summary": "Fetch a list of schemas",
+ "description": "This call provides a list of schemas for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Schemas fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Schemas fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Schemas fetched successfully",
+ "data": []
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Schemas"]
+ },
+ "post": {
+ "operationId": "SchemasController_register",
+ "summary": "Register a new schema",
+ "description": "This call provides the capability to create new schema on ledger by name, author, version, schema attributes and type. Later this schema can be used to issue new credential definition. This call returns an information about created schema.",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": { "$ref": "#/components/schemas/RegisterSchemaPayload" }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Schema registered successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Schema registered successfully": {
+ "value": {
+ "statusCode": 201,
+ "message": "Schema registered successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "All fields are required for schema registration",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "All fields are required for schema registration": {
+ "value": {
+ "statusCode": 400,
+ "message": "All fields are required for schema registration",
+ "error": "Bad Request"
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "409": {
+ "description": "Schema already exists",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Schema already exists": {
+ "value": {
+ "statusCode": 409,
+ "message": "Schema already exists",
+ "error": "Conflict"
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Schemas"]
+ }
+ },
+ "/v1/schemas/{schemaId}": {
+ "get": {
+ "operationId": "SchemasController_getById",
+ "summary": "Fetch a schema by id",
+ "description": "This call allows you to retrieve schema data for a given tenant by specifying the `schemaId`.",
+ "parameters": [
+ {
+ "name": "schemaId",
+ "required": true,
+ "in": "path",
+ "description": "The schema ID to retrieve",
+ "schema": { "format": "string", "type": "string" }
+ },
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Schema fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Schema fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Schema fetched successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "data": null
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Schemas"]
+ }
+ },
+ "/v1/credential-definitions": {
+ "get": {
+ "operationId": "CredentialDefinitionsController_find",
+ "summary": "Fetch a list of credential definitions",
+ "description": "This call provides a list of credential definitions for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential definitions fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential definitions fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential definitions fetched successfully",
+ "data": [{ "id": "71b784a3" }]
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "error": "Not Found"
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Definitions"]
+ },
+ "post": {
+ "operationId": "CredentialDefinitionsController_register",
+ "summary": "Create a credential definition",
+ "description": "This call allows you to create a credential definition for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ }
+ ],
+ "requestBody": {
+ "required": true,
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateCredentialDefinitionPayload"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Credential definition created successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential definition created successfully": {
+ "value": {
+ "statusCode": 201,
+ "message": "Credential definition created successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Invalid request": {
+ "value": {
+ "statusCode": 400,
+ "message": "Invalid request",
+ "error": "Bad Request"
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Tenant not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Tenant not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Tenant not found",
+ "error": "Not Found"
+ }
+ }
+ }
+ }
+ }
+ },
+ "409": {
+ "description": "Credential definition already exists",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential definition already exists": {
+ "value": {
+ "statusCode": 409,
+ "message": "Credential definition already exists",
+ "error": "Conflict"
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Definitions"]
+ }
+ },
+ "/v1/credential-definitions/{credentialDefinitionId}": {
+ "get": {
+ "operationId": "CredentialDefinitionsController_get",
+ "summary": "Fetch a credential definition by ID",
+ "description": "This call provides a credential definition for a given tenant",
+ "parameters": [
+ {
+ "name": "tenantId",
+ "required": true,
+ "in": "query",
+ "description": "Specifies the tenant ID",
+ "schema": { "type": "string" }
+ },
+ {
+ "name": "credentialDefinitionId",
+ "required": true,
+ "in": "path",
+ "schema": { "type": "string" }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential definition fetched successfully",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential definition fetched successfully": {
+ "value": {
+ "statusCode": 200,
+ "message": "Credential definition fetched successfully",
+ "data": { "id": "71b784a3" }
+ }
+ }
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Credential definition not found",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Credential definition not found": {
+ "value": {
+ "statusCode": 404,
+ "message": "Credential definition not found",
+ "error": "Not Found"
+ }
+ }
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Internal server error",
+ "content": {
+ "application/json": {
+ "schema": {},
+ "examples": {
+ "Internal server error": {
+ "value": {
+ "statusCode": 500,
+ "message": "Internal server error",
+ "error": "Internal Server Error"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "tags": ["Credential Definitions"]
+ }
+ }
+ },
+ "info": {
+ "title": "Gaia-X OCM Schema Manager",
+ "description": "",
+ "version": "1.0.0",
+ "contact": {}
+ },
+ "tags": [],
+ "servers": [],
+ "components": {
+ "schemas": {
+ "RegisterSchemaPayload": {
+ "type": "object",
+ "properties": {
+ "issuerDid": { "type": "string" },
+ "name": { "type": "string" },
+ "version": { "type": "string" },
+ "attributeNames": { "type": "array", "items": { "type": "string" } }
+ },
+ "required": ["issuerDid", "name", "version", "attributeNames"]
+ },
+ "CreateCredentialDefinitionPayload": {
+ "type": "object",
+ "properties": {
+ "issuerDid": { "type": "string" },
+ "schemaId": { "type": "string" },
+ "tag": { "type": "string" },
+ "supportsRevocation": { "type": "boolean" }
+ },
+ "required": ["issuerDid", "schemaId", "tag", "supportsRevocation"]
+ }
+ }
+ }
+}
diff --git a/apps/ssi-abstraction/EVENTS-DOCUMENTATION.md b/apps/ssi-abstraction/EVENTS-DOCUMENTATION.md
deleted file mode 100644
index b858705e2c1ca5f949ad1de9cceceda9a720efdb..0000000000000000000000000000000000000000
--- a/apps/ssi-abstraction/EVENTS-DOCUMENTATION.md
+++ /dev/null
@@ -1,39 +0,0 @@
-<hr/>
-
-# Event types published on nats
-
-- ```
- {
- endpoint: 'SSI_ABSTRACTION_SERVICE/BasicMessageStateChanged',
- }
- ```
-- ```
- {
- endpoint: 'SSI_ABSTRACTION_SERVICE/ConnectionStateChanged',
- }
- ```
-- ```
- {
- endpoint: 'SSI_ABSTRACTION_SERVICE/CredentialStateChanged',
- }
- ```
-- ```
- {
- endpoint: 'SSI_ABSTRACTION_SERVICE/ProofStateChanged',
- }
- ```
-- ```
- {
- endpoint: 'SSI_ABSTRACTION_SERVICE/MediationStateChanged',
- }
- ```
-- ```
- {
- endpoint: 'SSI_ABSTRACTION_SERVICE/RecipientKeylistUpdated',
- }
- ```
-- ```
- {
- endpoint: 'SSI_ABSTRACTION_SERVICE/OutboundWebSocketClosedEvent',
- }
- ```
diff --git a/apps/ssi-abstraction/README.md b/apps/ssi-abstraction/README.md
index 7e3e4d4fabd46e0b0aadcfdd771c06a6cc994063..53f79b18ea1d9d36e5e6b33a094a92a711eb0712 100644
--- a/apps/ssi-abstraction/README.md
+++ b/apps/ssi-abstraction/README.md
@@ -1,118 +1,52 @@
-# SSI Abstraction Service
-
-## Description
-
-<hr/>
- <p align="center">A core service for the Organizational Credential Manager, providing the DIDComm functionality and initializing the agent, wallet and ledger interactions of the whole application.</p>
+# OCM SSI Abstraction Manager
+
+## Introduction
+SSI Abstraction is a core component of the OCM microservices stack, designed to interface with the Indy Ledger. This connection is facilitated through the `AGENT_LEDGER_ID` environment variable, which specifies the target ledger for operations and transactions.
+
+Underpinning SSI Abstraction is the engine credo-ts, which leverages an internal SQLite database to store and manage data efficiently. This database is integral to the operation of SSI Abstraction, providing a robust and reliable storage solution that supports the service's functionality and performance requirements.
+
+SSI Abstraction is designed to subscribe to a specific set of events, facilitating its communication within the OCM ecosystem. This subscription model is central to how SSI Abstraction receives and processes requests from other services in the stack. The List of these events is in the `events.md` file. Communication with SSI Abstraction is achieved as other services publish these predefined events on NATS. This mechanism ensures a decoupled, scalable, and efficient way for services to interact and fulfill their roles within the microservices architecture.
+
+SSI Abstraction requires an S3-compatible server to store tails files, which are essential for the credential revocation mechanism within the Indy ledger system. Details, such as the server URL, the access key and the secret key, are set with respective environment variables.
+
+In the SSI Abstraction component, the endorser DID seed plays a critical role in the endorsement of tenants' transactions on the ledger. This seed is a foundational element used to generate a Digital Identity (DID) that possesses the authority to endorse transactions, ensuring they are valid and authorized for inclusion on the ledger. The endorser DID seed is configured within SSI Abstraction through the `AGENT_INDY_DID_SEED` environment variable. By setting this variable, administrators can define the specific seed value that will be used to generate the endorser DID, thereby granting the necessary permissions for transaction endorsement.
+
+## Prerequisites
+Ensure you have Node.js installed ([official Node.js website](https://nodejs.org)).
+You will also need a DID which has at least the 'ENDORSER' permission on the ledger.
+
+## Configuration
+Set configuration via environment variables or an `.env` file:
+
+| Property | Description | Default |
+|---|---|---|
+| `HTTP_HOSTNAME` | HTTP server hostname | `0.0.0.0` |
+| `HTTP_PORT` | HTTP server port | `3000` |
+| `NATS_URL` | NATS Server URL | `nats://localhost:4222` |
+| `NATS_USER` | Username for NATS authentication | |
+| `NATS_PASSWORD` | Password for NATS authentication | |
+| `NATS_MONITORING_URL` | URL for accessing NATS monitoring interface | `http://localhost:8222` |
+| `AGENT_NAME` | Name identifier for the agent within the ecosystem | |
+| `AGENT_WALLET_ID` | Unique identifier for the agent's wallet | |
+| `AGENT_WALLET_KEY` | Key of the agent's wallet | |
+| `AGENT_HOST` | Hostname or IP address where the agent service is accessible | |
+| `AGENT_INBOUND_PORT` | Port for inbound connections to the agent | `3001` |
+| `AGENT_INDY_DID_SEED` | Seed used to generate the agent's DID for transactions on the ledger | |
+| `AGENT_AUTO_ACCEPT_CONNECTION` | Automatically accept incoming connection requests | `true` |
+| `AGENT_AUTO_ACCEPT_CREDENTIAL` | Automatically accept incoming credential offers | `contentApproved` |
+| `AGENT_LEDGER_ID` | Identifier for the ledger the agent interacts with | |
+| `TAILS_SERVER_BASE_URL` | Base URL for the server hosting tails files for revocation | |
+| `TAILS_SERVER_BUCKET_NAME` | Name of the bucket on the tails file server | |
+| `S3_ACCESS_KEY` | Access key for S3 or S3-compatible storage service | |
+| `S3_SECRET` | Secret key for S3 or S3-compatible storage service | |
## Usage
-<hr/>
-
-### Endpoint documentation at:
-
-[Aries REST Extension](swagger.json)
-
-[Full Agent Events](EVENTS-DOCUMENTATION.md)
-
-[Sign and Verify Interface](SIGN-AND-VERIFY.md)
-
-with the default exposed ports:
-
-- 3010 - Aries REST extension
-- 3009 - Sign and Veify interface exposed
-- 4000 - didcomm interface
-
-## Installation
-
-<hr/>
-
-Dependencies:
-
-```bash
-$ pnpm install
-```
-
-- **If docker is not installed, [Install docker](https://docs.docker.com/engine/install/)**.
-
-- **If docker-compose is not installed, [Install docker-compose](https://docs.docker.com/compose/install/)**.
-
-- (optional) Postgres GUI
- https://dbeaver.io/download/
-
-<hr/>
-
-## Running the app
-
-<hr/>
-
-### Environment variables
-
-[.env.example](.env.example)
-
-- PORT is the port for the signing and verification interface
-- AGENT_AUTO_ACCEPT_CONNECTION can be either true or false
-- AGENT_AUTO_ACCEPT_CREDENTIAL can be either: always, contentApproved, never
-- AGENT_INDY_DID_SEED will generate the did and verkey (32 symbols)
-- for security reasons AGENT_WALLET_KEY and AGENT_WALLET_ID should be different
-- AGENT_LEDGER_ID can be: ID_UNION,BCOVRIN_TEST,GREEN_LIGHT
-
- - the three pool transaction genesis are inside the code configuration
- - every ledger can be provided on its own
- - multiple ledgers can also be specified, separated by a comma
-
-- AGENT_ID_UNION_KEY is needed if the ledger of choice is IDUnion
-
-**Each service in the Organizational Credential Manager can be run from the infrastructure repository with Docker.**
-
-**The .env files are in the infrastructure repository under /env**
-
-### There are two separate Dockefiles in "./deployment" of every project:
-
-```bash
- ## production in:
- ./deployment/ci
- ## development in:
- ./deployment/dev
-```
-
-- (optional) Edit docker-compose.yml in "infrastructure" to use either **/ci/** or **/dev/** Dockerfiles.
-
-- Run while in **"infrastructure"** project:
-
-```bash
-$ docker-compose up --build
-```
-
-## Test
-
-<hr/>
-
+Start in development mode:
```bash
-# unit tests
-$ pnpm test
-
-# e2e tests
-$ pnpm test:e2e
-
-# test coverage
-$ pnpm test:cov
+pnpm start
```
-## GDPR
-
-<hr/>
-
-[GDPR](GDPR.md)
-
-## Dependencies
-
-<hr/>
-
-[Dependencies](package.json)
-
## License
+Licensed under the Apache 2.0 License ([LICENSE](LICENSE)).
-<hr/>
-
-[Apache 2.0 license](LICENSE)
diff --git a/apps/ssi-abstraction/SIGN-AND-VERIFY.md b/apps/ssi-abstraction/SIGN-AND-VERIFY.md
deleted file mode 100644
index b17386b1b514da77fbe209fdb05faa6645beedb9..0000000000000000000000000000000000000000
--- a/apps/ssi-abstraction/SIGN-AND-VERIFY.md
+++ /dev/null
@@ -1,86 +0,0 @@
-## Signing and verification interface is accessible on SSI Abstraction
-
-### METHOD: POST
-
-**type: "buffer" is necessary to know internally what transformation needs to be done**
-
-```
-:3009/v1/agent/wallet/sign
-
-body : {
- data: [
- {
- type: "buffer",
- dataBase64: base64 string
- },
- verkey: string
- ]
-}
-
-
-```
-
-### Returns
-
-```
-{
- statusCode: Number,
- message: string, // The message is the path you followed on the agent object
- data: base64 string, // signature
-}
-```
-
-<hr/>
-and
-<hr/>
-
-### METHOD: POST
-
-```
-:3009/v1/agent/wallet/verify
-
-body : {
- data: [
- signerVerkey: string,
- {
- type: "buffer",
- dataBase64: base64 string //// This is the data to be verified
- },
- {
- type: "buffer",
- dataBase64: base64 string //// This is the signature
- }
- ]
-}
-```
-
-### Returns
-
-```
-{
- statusCode: Number,
- message: string, // The message is the path you followed on the agent object
- data: boolean // returns validity of signature on the data
-}
-```
-
-## Get Agent Info endpoint (did, verkey) on SSI Abstraction
-
-### METHOD: GET
-
-```
-:3009/v1/agent/info
-```
-
-### Returns
-
-```
-{
- "statusCode": 200,
- "message": "Success",
- "data": {
- "did": string, // did of the OCM agent
- "verkey": string // verkey needed for signing and verification
- }
-}
-```
diff --git a/apps/ssi-abstraction/events.md b/apps/ssi-abstraction/events.md
new file mode 100644
index 0000000000000000000000000000000000000000..71fdd7d8a24f90ea3d7253c0171446813245a370
--- /dev/null
+++ b/apps/ssi-abstraction/events.md
@@ -0,0 +1,42 @@
+# OCM NATS Events
+
+| Token |
+|-|
+| `didcomm.connections.getAll` |
+| `didcomm.connections.getById` |
+| `didcomm.connections.createInvitation` |
+| `didcomm.connections.receiveInvitationFromUrl` |
+| `didcomm.connections.createWithSelf` |
+| `didcomm.connections.block` |
+| `didcomm.connections.parseInvitation` |
+| `anoncreds.credentialDefinitions.getAll` |
+| `anoncreds.credentialDefinitions.getById` |
+| `anoncreds.credentialDefinitions.register` |
+| `anoncreds.credentials.getAll` |
+| `anoncreds.credentials.getById` |
+| `didcomm.anoncreds.credentials.acceptOffer` |
+| `didcomm.anoncreds.credentials.offer` |
+| `didcomm.anoncreds.credentials.offerToSelf` |
+| `anoncreds.credentials.offerToSelf.deleteById` |
+| `anoncreds.credentialOffers.getAll` |
+| `anoncreds.credentialOffers.getById` |
+| `anoncreds.credentialRequests.getAll` |
+| `anoncreds.credentialRequests.getById` |
+| `dids.resolve` |
+| `dids.register.indy.endorser` |
+| `dids.register.indy.fromSeed` |
+| `dids.didConfiguration` |
+| `anoncreds.proofs.getAll` |
+| `anoncreds.proofs.getById` |
+| `didcomm.anoncreds.proofs.request` |
+| `anoncreds.proofs.deleteById` |
+| `didcomm.anoncreds.proofs.acceptRequest` |
+| `anoncreds.revocation.revoke` |
+| `anoncreds.revocation.registerRevocationStatusList` |
+| `anoncreds.revocation.tailsFile` |
+| `anoncreds.revocation.checkCredentialStatus` |
+| `anoncreds.schemas.getAll` |
+| `anoncreds.schemas.getById` |
+| `anoncreds.schemas.register` |
+| `tenants.create` |
+| `tenants.getAllTenantIds` |