[WIP] Initial commit - Webvh

.gitignore

@@ -110,12 +110,6 @@ Pipfile.lock
 # mypy
 .mypy_cache/
 
-###
-### Visual Studio Code
-###
-
-.vscode/
-
 ###
 ### MacOS
 ###

webvh/.devcontainer/Dockerfile

@@ -0,0 +1,22 @@
+# See here for image contents: https://github.com/microsoft/vscode-dev-containers/tree/v0.134.0/containers/python-3/.devcontainer/base.Dockerfile
+ARG VARIANT="3.12"
+FROM mcr.microsoft.com/devcontainers/python:${VARIANT}
+
+ARG POETRY_VERSION="1.8.3"
+ENV POETRY_HOME="/opt/poetry" \
+    POETRY_VERSION=${POETRY_VERSION}
+
+RUN curl -sSL https://install.python-poetry.org | python3 - \
+    && update-alternatives --install /usr/local/bin/poetry poetry /opt/poetry/bin/poetry 900 \
+    # Enable tab completion for bash
+    && poetry completions bash >> /home/vscode/.bash_completion \
+    # Enable tab completion for Zsh
+    && mkdir -p /home/vscode/.zfunc/ \
+    && poetry completions zsh > /home/vscode/.zfunc/_poetry \
+    && echo "fpath+=~/.zfunc\nautoload -Uz compinit && compinit" >> /home/vscode/.zshrc
+
+COPY pyproject.toml ./
+# COPY pyproject.toml poetry.lock ./
+RUN poetry config virtualenvs.create true \
+    && poetry install --no-root --no-interaction --with integration --extras "aca-py" \
+    && rm -rf /root/.cache/pypoetry

webvh/.devcontainer/devcontainer.json

@@ -0,0 +1,59 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/python
+{
+  "name": "webvh",
+  "build": {
+    "dockerfile": "Dockerfile",
+    "context": "..",
+    "args": {
+      "VARIANT": "3.12-bullseye",
+      "POETRY_VERSION": "1.8.3"
+    }
+  },
+  "customizations": {
+    "vscode": {
+      "extensions": ["ms-python.python", "ms-python.vscode-pylance"],
+      "settings": {
+        "python.testing.pytestArgs": ["./webvh", "--no-cov"],
+        "python.testing.unittestEnabled": false,
+        "python.testing.pytestEnabled": true,
+        "python.testing.pytestPath": "pytest",
+        "editor.defaultFormatter": null,
+        "editor.formatOnSave": false, // enable per language
+        "[python]": {
+          "editor.formatOnSave": true,
+          "editor.codeActionsOnSave": {
+              "source.fixAll": true,
+              "source.organizeImports": true
+            },
+          "editor.defaultFormatter": "charliermarsh.ruff",
+          "ruff.organizeImports": true
+        },
+        "ruff.codeAction.fixViolation": {
+            "enable": true
+        },
+        "ruff.fixAll": true,
+        "ruff.format.args": ["--config=./pyproject.toml"],
+        "ruff.lint.args": ["--config=./pyproject.toml"]
+      }
+    }
+  },
+
+  "features": {
+    "ghcr.io/devcontainers/features/docker-in-docker:2": {
+      "moby": false
+    }
+  },
+
+  // Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
+  "remoteUser": "vscode",
+
+  "remoteEnv": {
+    "RUST_LOG": "aries-askar::log::target=error"
+  },
+
+  "mounts": [],
+  // Use 'forwardPorts' to make a list of ports inside the container available locally.
+  "forwardPorts": [3000, 3001],
+  "postCreateCommand": "bash ./.devcontainer/post-install.sh"
+}

webvh/.devcontainer/post-install.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+set -ex
+
+# Convenience workspace directory for later use
+WORKSPACE_DIR=$(pwd)
+
+# install all ACA-Py requirements
+python -m pip install --upgrade pip
+
+# Generate Poetry Lock file
+poetry lock --no-update

webvh/.vscode/launch.json

@@ -0,0 +1,55 @@
+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+      {
+        "name": "Run/Debug Witness",
+        "type": "debugpy",
+        "request": "launch",
+        "module": "acapy_agent",
+        "justMyCode": false,
+        "args": ["start", "--arg-file=${workspaceRoot}/docker/witness.yml"]
+      },
+      {
+        "name": "Run/Debug Multitenant",
+        "type": "debugpy",
+        "request": "launch",
+        "module": "acapy_agent",
+        "justMyCode": false,
+        "args": ["start", "--arg-file=${workspaceRoot}/docker/multitenant.yml"]
+      },
+      {
+        "name": "Run/Debug Controller",
+        "type": "debugpy",
+        "request": "launch",
+        "module": "acapy_agent",
+        "justMyCode": false,
+        "args": ["start", "--arg-file=${workspaceRoot}/docker/controller.yml"]
+      },
+      {
+        "name": "ruff - webvh",
+        "type": "debugpy",
+        "request": "launch",
+        "module": "ruff",
+        "console": "integratedTerminal",
+        "sudo": true,
+        "justMyCode": true,
+        "cwd": "${workspaceFolder}/webvh",
+        "args": ["check", "."]
+      },
+      {
+        "name": "ruff fix - webvh",
+        "type": "debugpy",
+        "request": "launch",
+        "module": "ruff",
+        "console": "integratedTerminal",
+        "sudo": true,
+        "justMyCode": true,
+        "cwd": "${workspaceFolder}/webvh",
+        "args": ["check", ".", "--fix"]
+      }
+    ]
+  }
+

webvh/README.md

@@ -0,0 +1,11 @@
+# < Replace With The Plugin Name >
+
+## Description
+
+This plugin provides support for the webvh did method. It provides a controller role that interacts with a did webvh server to resolve and create dids, and a witness role that interacts with the did controller to sign did requests.
+
+## Configuration
+
+The plugin can be configured with a plugin configuration file. This file will be loaded at startup. It can also be overridden or setup at runtime with the configuration API.
+
+

webvh/docker/Dockerfile

@@ -0,0 +1,31 @@
+FROM python:3.12-slim AS base
+WORKDIR /usr/src/app
+
+# Install and configure poetry
+USER root
+
+ENV POETRY_VERSION=1.8.3
+ENV POETRY_HOME=/opt/poetry
+RUN apt-get update && apt-get install -y curl && apt-get clean
+RUN curl -sSL https://install.python-poetry.org | python -
+
+ENV PATH="/opt/poetry/bin:$PATH"
+RUN poetry config virtualenvs.in-project true
+
+# Setup project
+RUN mkdir webvh && touch webvh/__init__.py
+COPY pyproject.toml poetry.lock README.md ./
+ARG install_flags='--with integration --extras aca-py'
+RUN poetry install ${install_flags}
+USER $user
+
+FROM python:3.12-bullseye
+WORKDIR /usr/src/app
+COPY --from=base /usr/src/app/.venv /usr/src/app/.venv
+ENV PATH="/usr/src/app/.venv/bin:$PATH"
+
+COPY webvh/ webvh/
+COPY docker/*.yml ./
+
+ENTRYPOINT ["/bin/bash", "-c", "aca-py \"$@\"", "--"]
+CMD ["start", "--arg-file", "witness.yml"]

webvh/docker/controller.yml

@@ -0,0 +1,37 @@
+label: webvh-controller
+
+auto-provision: true
+
+admin: [0.0.0.0, 4001]
+admin-insecure-mode: true
+
+inbound-transport:
+  - [http, 0.0.0.0, 4000]
+  - [ws, 0.0.0.0, 4002]
+outbound-transport: http
+endpoint:
+  - http://localhost:4000
+
+plugin:
+  - webvh
+
+no-ledger: true
+
+# Wallet
+wallet-type: askar-anoncreds
+wallet-name: controller-wallet
+wallet-key: insecure
+
+
+log-level: info
+
+auto-accept-invites: true
+auto-respond-messages: true
+
+# Plugin
+plugin-config-value:
+plugin-config-value:
+  - did-webvh.server_url=https://localhost:8000
+  - did-webvh.role=controller
+  - did-webvh.witness_invitation=http://localhost:3000?oob=eyJAdHlwZSI6ICJodHRwczovL2RpZGNvbW0ub3JnL291dC1vZi1iYW5kLzEuMS9pbnZpdGF0aW9uIiwgIkBpZCI6ICJlMzI5OGIyNS1mZjRlLTRhZmItOTI2Yi03ZDcyZmVlMjQ1ODgiLCAibGFiZWwiOiAid2VidmgtZW5kb3JzZXIiLCAiaGFuZHNoYWtlX3Byb3RvY29scyI6IFsiaHR0cHM6Ly9kaWRjb21tLm9yZy9kaWRleGNoYW5nZS8xLjAiXSwgInNlcnZpY2VzIjogW3siaWQiOiAiI2lubGluZSIsICJ0eXBlIjogImRpZC1jb21tdW5pY2F0aW9uIiwgInJlY2lwaWVudEtleXMiOiBbImRpZDprZXk6ejZNa3FDQ1pxNURSdkdMcDV5akhlZlZTa2JhN0tYWlQ1Nld2SlJacEQ2Z3RvRzU0I3o2TWtxQ0NacTVEUnZHTHA1eWpIZWZWU2tiYTdLWFpUNTZXdkpSWnBENmd0b0c1NCJdLCAic2VydmljZUVuZHBvaW50IjogImh0dHA6Ly9sb2NhbGhvc3Q6MzAwMCJ9XX0
+  - did-webvh.strict_ssl=false

webvh/docker/integration.yml

@@ -0,0 +1,20 @@
+label: webvh
+
+admin: [0.0.0.0, 3001]
+admin-insecure-mode: true
+
+inbound-transport:
+  - [http, 0.0.0.0, 3000]
+outbound-transport: http
+endpoint:
+  - http://localhost:3000
+
+plugin:
+  - webvh
+
+no-ledger: true
+
+log-level: info
+
+auto-accept-invites: true
+auto-respond-messages: true

webvh/docker/multitenant.yml

@@ -0,0 +1,41 @@
+# Multitenant admin agent configuration
+
+auto-provision: true
+label: multitenant-admin
+
+inbound-transport:
+   - [http, 0.0.0.0, 9050]
+
+outbound-transport: http
+
+wallet-type: askar-anoncreds
+wallet-storage-type: default
+wallet-name: multitenant-admin-wallet
+wallet-key: multitenant-admin-wallet-key
+
+admin-insecure-mode: true
+
+admin: [0.0.0.0, 9051]
+
+endpoint: http://localhost:9050
+
+no-ledger: true
+
+# Connections
+debug-connections: true
+auto-accept-invites: true
+auto-accept-requests: true
+auto-ping-connection: true
+auto-store-credential: true
+
+# Multi-tenancy
+multitenant: true
+jwt-secret: insecure-jwt-secret
+multitenant-admin: true
+
+log-level: info
+
+# Plugin
+plugin:
+  - webvh
+

webvh/docker/witness.yml

@@ -0,0 +1,43 @@
+label: webvh-witness
+
+auto-provision: true
+
+admin: [0.0.0.0, 3001]
+admin-insecure-mode: true
+
+inbound-transport:
+  - [http, 0.0.0.0, 3000]
+  - [ws, 0.0.0.0, 3002]
+outbound-transport: http
+endpoint:
+  - http://localhost:3000
+
+plugin:
+  - webvh
+
+no-ledger: true
+
+# Wallet
+wallet-type: askar-anoncreds
+wallet-name: witness-wallet
+wallet-key: insecure
+
+wallet-allow-insecure-seed: true # Don't do this in production
+
+log-level: info
+
+auto-accept-invites: true
+auto-respond-messages: true
+
+# Multi-tenancy
+multitenant: true
+jwt-secret: insecure-jwt-secret
+multitenant-admin: true
+
+
+# Plugin
+plugin-config-value:
+   - did-webvh.server_url=https://localhost:8000
+   - did-webvh.role=witness
+   - did-webvh.auto_attest=true
+   - did-webvh.strict_ssl=false

webvh/integration/Dockerfile.server

@@ -0,0 +1,18 @@
+FROM python:3.12
+
+WORKDIR /fastapi
+
+ENV VIRTUAL_ENV=/opt/venv
+RUN python3 -m venv "$VIRTUAL_ENV"
+ENV PATH="$VIRTUAL_ENV/bin:$PATH"
+
+RUN apt-get -y update
+RUN apt-get -y install git
+
+RUN pip install --upgrade pip
+RUN pip install poetry
+RUN git clone https://github.com/decentralized-identity/trustdidweb-server-py.git
+WORKDIR /fastapi/trustdidweb-server-py/server
+RUN poetry install
+
+CMD ["python", "main.py"]

webvh/integration/Dockerfile.test.runner

@@ -0,0 +1,20 @@
+FROM python:3.12-slim
+WORKDIR /usr/src/app
+
+# install poetry
+RUN pip3 install --no-cache-dir poetry==1.8.3
+
+# Add docker-compose-wait tool
+ENV WAIT_VERSION 2.7.2
+ADD https://github.com/ufoscout/docker-compose-wait/releases/download/$WAIT_VERSION/wait /wait
+RUN chmod +x /wait
+
+# install dependencies
+COPY pyproject.toml .
+COPY poetry.lock .
+RUN poetry install --only main
+
+# add tests to image
+COPY tests/* tests/
+
+ENTRYPOINT ["/bin/sh", "-c", "/wait && poetry run pytest \"$@\"", "--"]