Merge remote-tracking branch 'origin/main'

.github/CODEOWNERS

@@ -7,11 +7,11 @@
 # Pollux:
 /pollux/ @patlo-iog @CryptoKnightIOG @mineme0110
 
-# PRISM Agent:
-/prism-agent/ @bvoiturier @yshyn-iohk @patlo-iog
+# Cloud Agent:
+/cloud-agent/ @bvoiturier @yshyn-iohk @patlo-iog
 
 # CI pipelines:
-/.github/ @mineme0110
+/.github/ @mineme0110 @patlo-iog
 
 # PRISM Node:
 /prism-node/ @shotexa

.github/labeler.yml

@@ -15,10 +15,10 @@ pollux:
   - changed-files:
       - any-glob-to-any-file:
           - pollux/**/*
-prism-agent:
+cloud-agent:
   - changed-files:
       - any-glob-to-any-file:
-          - prism-agent/**/*
+          - cloud-agent/**/*
 prism-node:
   - changed-files:
       - any-glob-to-any-file:

.github/workflows/lint.yml

@@ -26,12 +26,13 @@ jobs:
       pull-requests: write
 
     steps:
-      # Git Chekcout
+      # Git Checkout
       - name: Checkout Code
         uses: actions/checkout@v4
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           fetch-depth: 0
+          persist-credentials: false
 
       - name: MegaLinter
         id: ml
@@ -47,16 +48,31 @@ jobs:
             mega-linter.log
           overwrite: true
 
+      - uses: crazy-max/ghaction-import-gpg@v3
+        id: import_gpg
+        with:
+          gpg-private-key: ${{ secrets.HYP_BOT_GPG_PRIVATE }}
+          passphrase: ${{ secrets.HYP_BOT_GPG_PASSWORD }}
+          git-user-signingkey: true
+          git-commit-gpgsign: true
+          git_config_global: true
+          git_tag_gpgsign: true
+
       # Create pull request if applicable (for now works only on PR from same repository, not from forks)
       - name: Create Pull Request with applied fixes
         id: cpr
         if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix')
         uses: peter-evans/create-pull-request@v6
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: "style: Apply linters automatic fixes"
-          title: "style: Apply linters automatic fixes"
-          labels: "hyperledger-bot"
+          base: ${{ github.head_ref }}
+          branch-suffix: short-commit-hash
+          commit-message: "style: apply linters automatic fixes"
+          title: "style: apply linters automatic fixes"
+          signoff: true
+          committer: "Hyperledger Bot <hyperledger-bot@hyperledger.org>"
+          author: "Hyperledger Bot <hyperledger-bot@hyperledger.org>"
+
       - name: Create PR output
         if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix')
         run: |

README.md

@@ -6,7 +6,7 @@
   <i> <font size="18">Identus Cloud Agent</font> </i>
   <br>
   <br>
-  <a href='https://coveralls.io/github/input-output-hk/atala-prism-building-blocks?branch=main'><img src='https://coveralls.io/repos/github/input-output-hk/atala-prism-building-blocks/badge.svg?branch=main&amp;t=91BUzX&kill_cache=1' alt='Coverage Status' /></a>
+  <a href='https://coveralls.io/github/hyperledger/identus-cloud-agent?branch=main'><img src='https://coveralls.io/repos/github/hyperledger/identus-cloud-agent/badge.svg?branch=main' alt='Coverage Status' /></a>
   <a href="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/unit-tests.yml"> <img src="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/unit-tests.yml/badge.svg" alt="Unit tests" /> </a>
   <a href="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/integration-tests.yml"> <img src="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/integration-tests.yml/badge.svg" alt="End-to-end tests" /> </a>
   <a href="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/performance-tests.yml"> <img src="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/performance-tests.yml/badge.svg" alt="Performance tests" /> </a>
@@ -96,7 +96,7 @@ The following sections describe how to run the Cloud Agent in different configur
 The Cloud Agent can be configured to use different types of ledger, secret storage and DID persistence. Any combination of options is available, but the most common configurations are:
 
 | Configuration  | Secret Storage | DIDs persistence | Prism Node                                      |
-| -------------- | -------------- | ---------------- |-------------------------------------------------|
+|----------------|----------------|------------------|-------------------------------------------------|
 | Dev            | PostgreSQL     | No               | In-memory                                       |
 | Pre-production | PostgreSQL     | Yes              | Distributed Ledger testnet (preview or preprod) |
 | Production     | Hashicorp      | Yes              | Distributed Ledger mainnet                      |
@@ -179,7 +179,7 @@ The following tutorials will help you get started with the Cloud Agent and issue
 
 ## User documentation
 
-All extended documentation, tutorials and API references for the Identus ecosystem can be found at https://docs.atalaprism.io/
+All extended documentation, tutorials and API references for the Identus ecosystem can be found at <https://docs.atalaprism.io/>
 
 ## Contributing
 

build.sbt

@@ -67,6 +67,8 @@ lazy val V = new {
 
   val typesafeConfig = "1.4.3"
   val protobuf = "3.1.9"
+  val grpcOkHttp = "1.63.0"
+
   val testContainersScala = "0.41.3"
   val testContainersJavaKeycloak = "3.2.0" // scala-steward:off
 
@@ -77,7 +79,6 @@ lazy val V = new {
   val logback = "1.4.14"
   val slf4j = "2.0.13"
 
-  val prismSdk = "1.4.1" // scala-steward:off
   val scalaUri = "4.0.3"
 
   val jwtCirceVersion = "9.4.6"
@@ -138,6 +139,7 @@ lazy val D = new {
   val scalaPbRuntime: ModuleID =
     "com.thesamet.scalapb" %% "scalapb-runtime" % scalapb.compiler.Version.scalapbVersion % "protobuf"
   val scalaPbGrpc: ModuleID = "com.thesamet.scalapb" %% "scalapb-runtime-grpc" % scalapb.compiler.Version.scalapbVersion
+  val grpcOkHttp: ModuleID = "io.grpc" % "grpc-okhttp" % V.grpcOkHttp
 
   val testcontainersPostgres: ModuleID =
     "com.dimafeng" %% "testcontainers-scala-postgresql" % V.testContainersScala % Test
@@ -165,16 +167,6 @@ lazy val D = new {
   val monocleMacro: ModuleID = "dev.optics" %% "monocle-macro" % V.monocle % Test
 
   val apollo = "io.iohk.atala.prism.apollo" % "apollo-jvm" % V.apollo
-  // We have to exclude bouncycastle since for some reason bitcoinj depends on bouncycastle jdk15to18
-  // (i.e. JDK 1.5 to 1.8), but we are using JDK 11
-  val prismCrypto = "io.iohk.atala" % "prism-crypto-jvm" % V.prismSdk excludeAll
-    ExclusionRule(
-      organization = "org.bouncycastle"
-    )
-  // Added here to make prism-crypto works.
-  // Once migrated to apollo, re-evaluate if this should be removed.
-  val bouncyBcpkix = "org.bouncycastle" % "bcpkix-jdk18on" % V.bouncyCastle
-  val bouncyBcprov = "org.bouncycastle" % "bcprov-jdk18on" % V.bouncyCastle
 
   // LIST of Dependencies
   val doobieDependencies: Seq[ModuleID] =
@@ -204,9 +196,6 @@ lazy val D_SharedCrypto = new {
     Seq(
       D.zioJson,
       D.apollo,
-      D.bouncyBcpkix,
-      D.bouncyBcprov,
-      D.prismCrypto, // TODO: remove after migrated all primitives to apollo
       D.nimbusJwt,
       D.zioTest,
       D.zioTestSbt,
@@ -290,7 +279,6 @@ lazy val D_Pollux = new {
     D.zioMock,
     D.munit,
     D.munitZio,
-    D.prismCrypto,
     // shared,
     logback,
     slf4jApi,
@@ -399,7 +387,6 @@ lazy val D_CloudAgent = new {
     D.micrometer,
     D.micrometerPrometheusRegistry
   )
-  val bouncyDependencies: Seq[ModuleID] = Seq(D.bouncyBcpkix, D.bouncyBcprov)
   val tapirDependencies: Seq[ModuleID] =
     Seq(
       tapirSwaggerUiBundle,
@@ -417,7 +404,7 @@ lazy val D_CloudAgent = new {
 
   // Project Dependencies
   lazy val keyManagementDependencies: Seq[ModuleID] =
-    baseDependencies ++ bouncyDependencies ++ D.doobieDependencies ++ Seq(D.zioCatsInterop, D.zioMock, vaultDriver)
+    baseDependencies ++ D.doobieDependencies ++ Seq(D.zioCatsInterop, D.zioMock, vaultDriver)
 
   lazy val iamDependencies: Seq[ModuleID] = Seq(keycloakAuthz, D.jwtCirce)
 
@@ -697,7 +684,7 @@ val prismNodeClient = project
   .in(file("prism-node/client/scala-client"))
   .settings(
     name := "prism-node-client",
-    libraryDependencies ++= Seq(D.scalaPbGrpc, D.scalaPbRuntime),
+    libraryDependencies ++= Seq(D.scalaPbGrpc, D.scalaPbRuntime, D.grpcOkHttp),
     coverageEnabled := false,
     // gRPC settings
     Compile / PB.targets := Seq(scalapb.gen() -> (Compile / sourceManaged).value / "scalapb"),

castor/src/main/scala/org/hyperledger/identus/castor/core/model/did/PrismDID.scala

@@ -1,7 +1,7 @@
 package org.hyperledger.identus.castor.core.model.did
 
 import org.hyperledger.identus.castor.core.model.ProtoModelHelper
-import io.iohk.atala.prism.crypto.{Sha256, Sha256Digest}
+import org.hyperledger.identus.shared.crypto.Sha256Hash
 import io.iohk.atala.prism.protos.node_models
 import io.iohk.atala.prism.protos.node_models.AtalaOperation.Operation
 import org.hyperledger.identus.shared.models.Base64UrlString
@@ -30,7 +30,7 @@ object PrismDID extends ProtoModelHelper {
   val LONG_FORM_SUFFIX_REGEX: Regex = "^([0-9a-f]{64}):([A-Za-z0-9_-]+$)".r
 
   def buildCanonical(stateHash: Array[Byte]): Either[String, CanonicalPrismDID] =
-    Try(Sha256Digest.fromBytes(stateHash)).toEither.left
+    Try(Sha256Hash.fromBytes(stateHash)).toEither.left
       .map(_.getMessage)
       .map(_ => CanonicalPrismDID(HexString.fromByteArray(stateHash)))
 
@@ -109,7 +109,7 @@ final case class LongFormPrismDID private[did] (atalaOperation: node_models.Atal
 
   override val stateHash: HexString = {
     val encodedState = atalaOperation.toByteArray
-    HexString.fromByteArray(Sha256.compute(encodedState).getValue)
+    HexString.fromByteArray(Sha256Hash.compute(encodedState).bytes.toArray)
   }
 
   override val suffix: DIDMethodSpecificId = {

castor/src/main/scala/org/hyperledger/identus/castor/core/model/did/PrismDIDOperation.scala

@@ -1,15 +1,15 @@
 package org.hyperledger.identus.castor.core.model.did
 
 import org.hyperledger.identus.castor.core.model.ProtoModelHelper
-import io.iohk.atala.prism.crypto.Sha256
+import org.hyperledger.identus.shared.crypto.Sha256Hash
 
 import scala.collection.compat.immutable.ArraySeq
 import io.iohk.atala.prism.protos.node_models
 
 sealed trait PrismDIDOperation {
   def did: CanonicalPrismDID
   def toAtalaOperation: node_models.AtalaOperation
-  def toAtalaOperationHash: Array[Byte] = Sha256.compute(toAtalaOperation.toByteArray).getValue
+  def toAtalaOperationHash: Array[Byte] = Sha256Hash.compute(toAtalaOperation.toByteArray).bytes.toArray
 }
 
 object PrismDIDOperation extends ProtoModelHelper {
@@ -38,7 +38,7 @@ final case class SignedPrismDIDOperation(
     import ProtoModelHelper.*
     this.toProto
   }
-  def toAtalaOperationId: Array[Byte] = Sha256.compute(toSignedAtalaOperation.toByteArray).getValue
+  def toAtalaOperationId: Array[Byte] = Sha256Hash.compute(toSignedAtalaOperation.toByteArray).bytes.toArray
 }
 
 final case class ScheduleDIDOperationOutcome(

castor/src/test/scala/org/hyperledger/identus/castor/core/model/did/PrismDIDSpec.scala

@@ -1,7 +1,7 @@
 package org.hyperledger.identus.castor.core.model.did
 
 import com.google.protobuf.ByteString
-import io.iohk.atala.prism.crypto.{Sha256, Sha256Digest}
+import org.hyperledger.identus.shared.crypto.Sha256Hash
 import io.iohk.atala.prism.protos.node_models
 import org.hyperledger.identus.shared.models.Base64UrlString
 import zio.*
@@ -12,11 +12,11 @@ import org.hyperledger.identus.castor.core.model.did.PrismDID
 object PrismDIDSpec extends ZIOSpecDefault {
 
   private val canonicalSuffixHex = "9b5118411248d9663b6ab15128fba8106511230ff654e7514cdcc4ce919bde9b"
-  private val canonicalSuffix = Sha256Digest.fromHex(canonicalSuffixHex)
+  private val canonicalSuffix = Sha256Hash.fromHex(canonicalSuffixHex)
   private val encodedStateUsedBase64 =
     "Cj8KPRI7CgdtYXN0ZXIwEAFKLgoJc2VjcDI1NmsxEiEDHpf-yhIns-LP3tLvA8icC5FJ1ZlBwbllPtIdNZ3q0jU"
 
-  private val short = PrismDID.buildCanonical(canonicalSuffix.getValue).toOption.get
+  private val short = PrismDID.buildCanonical(canonicalSuffix.bytes.toArray).toOption.get
   private val long = PrismDID
     .buildLongFormFromAtalaOperation(
       node_models.AtalaOperation.parseFrom(Base64UrlString.fromStringUnsafe(encodedStateUsedBase64).toByteArray)
@@ -27,7 +27,7 @@ object PrismDIDSpec extends ZIOSpecDefault {
 
   private val didParserSpec = suite("PrismDID.fromString")(
     test("success for valid DID") {
-      val stateHash = Sha256.compute(Array()).getValue
+      val stateHash = Sha256Hash.compute(Array()).bytes.toArray
       val validDID = PrismDID.buildCanonical(stateHash).toOption.get
       val unsafeDID = PrismDID.fromString(validDID.toString)
       assert(unsafeDID)(isRight(equalTo(validDID)))
@@ -58,7 +58,7 @@ object PrismDIDSpec extends ZIOSpecDefault {
       )
       val encodedState = mockAtalaOperation.toByteArray
       val encodedStateBase64 = Base64UrlString.fromByteArray(encodedState).toStringNoPadding
-      val stateHash = Sha256.compute(encodedState).getHexValue
+      val stateHash = Sha256Hash.compute(encodedState).hexEncoded
       val didString = s"did:prism:$stateHash:$encodedStateBase64"
       val unsafeDID = PrismDID.fromString(didString)
       assert(unsafeDID)(isLeft(containsString("CreateDid Atala operation expected")))

cloud-agent/client/kotlin/.openapi-generator-ignore

@@ -11,3 +11,7 @@ src/main/kotlin/org/hyperledger/identus/client/models/ServiceType.kt
 
 src/main/kotlin/org/hyperledger/identus/client/models/StatusPurpose.kt
 src/main/kotlin/org/hyperledger/identus/client/models/CredentialSubject.kt
+
+src/main/kotlin/org/hyperledger/identus/client/models/DateTimeParameter.kt
+src/main/kotlin/org/hyperledger/identus/client/models/DidParameter.kt
+src/main/kotlin/org/hyperledger/identus/client/models/VcVerificationParameter.kt

cloud-agent/client/kotlin/src/main/kotlin/org/hyperledger/identus/client/models/DateTimeParameter.kt

@@ -0,0 +1,41 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package org.hyperledger.identus.client.models
+
+
+import com.google.gson.annotations.SerializedName
+
+/**
+ * 
+ *
+ * @param dateTime 
+ * @param parameterType 
+ */
+
+
+data class DateTimeParameter (
+
+    @SerializedName("did")
+    override val did: kotlin.String? = null,
+
+    @SerializedName("parameterType")
+    override val parameterType: kotlin.String = "DateTimeParameter",
+
+    @SerializedName("dateTime")
+    override val dateTime: java.time.OffsetDateTime,
+
+) : VcVerificationParameter
+

cloud-agent/client/kotlin/src/main/kotlin/org/hyperledger/identus/client/models/DidParameter.kt

@@ -0,0 +1,40 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package org.hyperledger.identus.client.models
+
+
+import com.google.gson.annotations.SerializedName
+
+/**
+ * 
+ *
+ * @param did 
+ * @param parameterType 
+ */
+
+
+data class DidParameter (
+
+    @SerializedName("did")
+    override val did: kotlin.String,
+
+    @SerializedName("parameterType")
+    override val parameterType: kotlin.String = "DidParameter",
+
+    @get:SerializedName("dateTime")
+    override val dateTime: java.time.OffsetDateTime? = null,
+) : VcVerificationParameter
+