The attribute provider for DCS (Document Checking Service).
First generate some test keys if not using DCS:
./scripts/generate-key-pair-for-dev.sh
Then build or run the service with gradle by either executing bootRun
task or build
.
Path | Description |
---|---|
/process |
Expects a POST request with some JSON data. This will pack and wrap the data and send it off to DCS. Then it will return an outcome of DCS response. |
/checks/passport |
A mock endpoint to emulate DCS whilst we await to set up certificates with DCS. |
The service expects a POST
request to /process
path,
it expects the following data in the request body:
POST /process
{
passportNumber: string,
surname: string,
forenames: [string],
dateOfBirth: string(format: yyyy-MM-dd'T'HH:mm:ss),
expiryDate: string(format: yyyy-MM-dd'T'HH:mm:ss)
}
This will then proceed to wrap the data as defined in DCS. Currently, this service emulates the DCS endpoint due to not having certificates set up with DCS.
The service calls an internal endpoint /checks/passport
, which proceeds to unwrap the packet,
extract data and then wrap a new data packet in the same fashion as DCS would.
There is a mock
package within the source that mocks the DCS side, this will be removed
once we set up some keys for DCS.
The keys and certificates are currently packaged as part of the executable JAR. This will change once we get actual pipelines and PKI set up.
The ATP service will respond with a JWS, where the ATP signs the data with its private key for the IPV.
Sample JWS payload below:
{
passportValid: boolean,
errorMessages: [string] | null,
}
Currently, the response is returned as a plain text response with the JWS.
This service takes a JSON input, and wraps it in a JWS packet consisting of signed, encrypted and signed again data.
+-------------+ 1 +-------------+ 2 +-----------------+ 3 +-----------------+
| JSON Object | +----> | JSON Object | +----> | +-------------+ | +----> | +-------------+ |
+-------------+ JWS +-------------+ JWE | | JSON Object | | JWS | | JSON Object | |
| Signed | | +-------------+ | | +-------------+ |
+-------------+ | | Signed | | | | Signed | |
| +-------------+ | | +-------------+ |
| Encrypted | | Encrypted |
+-----------------+ +-----------------+
| Signed |
+-----------------+