Setup steps
Openid federation
- Copy all files from https://github.com/SUNET/docker-fedservice/tree/main/setup_SUNET into /opt
- Start all the dockers with
docker compose -f /opt/openidfed/docker-compose.yml up
- Configure everything with
/opt/setup.sh
Wallet provider
- Configure SaToSa with a backend for user verification
- Configure a frontend according to info in https://github.com/rohe/satosa-openid4vci/tree/main/openid4vci_oidc
docker exec -t openidfed-ta_eu-1 bash -c "/src/fedservice/setup_federation/get_info.py -k -t https://0.0.0.0:8443 > /data/trust_anchor.json"
to get TA-keysdocker exec -t openidfed-tmi-1 bash -c "/src/fedservice/setup_federation/create_trust_mark.py -d /data -m http://dc4eu.example.com/PersonIdentificationData/se -e https://satosa-test-1.sunet.se"
to create Trust Markdocker exec -t openidfed-ta_eu-1 bash -c "/src/fedservice/setup_federation/add_info.py -s /data/wallet-ci.json -t /data/subordinates"
to import Wallet into federation
Endpoints
Role | URL |
---|---|
Trust Anchor | |
Trust Mark Issuer | |
Wallet Provider | |
Satosa |
Trust Anchor Keys
Code Block | ||
---|---|---|
| ||
{"https://openidfed-test-1.sunet.se:7001": {"keys": [{"kty": "RSA", "use": "sig", "kid": "UFpoajluZU42dTNUUXo5RnhBVEJnRk9JY2N |
...
tU1JKdlVYUk1RUFRyVkFFRQ", "n": "p9S2whcSjmBdxerp80tIJreUUmZiGNGXIocJlNjx9pgD5_WD2l6mBNuEZMpP-QUB_TSV3VesNiqmOdydGp1wkfQ-NmVdo |
...
so29FjEdgrckLIwirAVmVQ6bGQQnXJrR56mRz0QqENi11vVpbDj6hsprxK1EZBQL-sQ2kem289B_BCNT-NvwVHrYJlaQA32z7cs1a7W8wt9eLxA10PeiYMgDVU_69 |
...
wKBw4YrjjozOHKMRGchUQEjQhfSZfk49bip_5TNz4dmBmSCIbdE2yilFrfRSNrh7q2myuyDE3k2QZbSOXXGGT1LtHO74WIY58v-M3A7_zxp0f2Eo9ZD3N4h-InIw" |
...
, "e": "AQAB"}, {"kty": "EC", "use": "sig", "kid": "Nm82cTJKMDkydXhxOUMtTm0teFpMWlZiR0ZVa2U3YVVtbkJTV3hBd3FqOA", "crv": "P-25 |
...
6", "x": "69XlQkKYfWJDXAv_Vbrqyfz9gfAhu1qQ4mtLde18-Cg", "y": "ntBwdhy4_cS2PRBS-xdKkNwcO1yQP8TdoOHbHN9Yjv8"}]}} |