Merge branch 'main' into fix/1115

.github/workflows/build.yml

@@ -120,7 +120,7 @@ jobs:
 
       - name: Publish Cloud-Agent Open API Specification
         id: upload-oas
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: cloud-agent-openapi-spec-${{ env.OAS_CHECKSUM}}
           path: ./cloud-agent-openapi-spec-${{ env.REVISION_VERSION}}.yaml

.github/workflows/release-clients.yml

@@ -81,7 +81,7 @@ jobs:
 
       - name: Download OpenAPI specification
         if: ${{ !inputs.releaseTag }}
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: cloud-agent-openapi-spec-${{ inputs.check_sum }}
           path: ./cloud-agent/service/api/http

README.md

@@ -1,5 +1,5 @@
 <p align="center">
-  <a href="https://www.hyperledger.org/projects/identus">
+  <a href="https://www.lfdecentralizedtrust.org/projects/identus">
     <img src="docs/images/logos/identus-logo.svg" alt="identus-logo" width="513px" height="99px" />
   </a>
   <br>
@@ -10,7 +10,7 @@
   <a href="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/unit-tests.yml"> <img src="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/unit-tests.yml/badge.svg" alt="Unit tests" /> </a>
   <a href="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/integration-tests.yml"> <img src="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/integration-tests.yml/badge.svg" alt="End-to-end tests" /> </a>
   <a href="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/performance-tests.yml"> <img src="https://github.com/hyperledger/identus-cloud-agent/actions/workflows/performance-tests.yml/badge.svg" alt="Performance tests" /> </a>
-  <a href="https://scala-steward.org">
+  <a href="https://index.scala-lang.org/scala-steward-org/scala-steward">
       <img src="https://img.shields.io/badge/Scala_Steward-helping-blue.svg?style=flat&logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA4AAAAQCAMAAAARSr4IAAAAVFBMVEUAAACHjojlOy5NWlrKzcYRKjGFjIbp293YycuLa3pYY2LSqql4f3pCUFTgSjNodYRmcXUsPD/NTTbjRS+2jomhgnzNc223cGvZS0HaSD0XLjbaSjElhIr+AAAAAXRSTlMAQObYZgAAAHlJREFUCNdNyosOwyAIhWHAQS1Vt7a77/3fcxxdmv0xwmckutAR1nkm4ggbyEcg/wWmlGLDAA3oL50xi6fk5ffZ3E2E3QfZDCcCN2YtbEWZt+Drc6u6rlqv7Uk0LdKqqr5rk2UCRXOk0vmQKGfc94nOJyQjouF9H/wCc9gECEYfONoAAAAASUVORK5CYII=" alt="Scala Steward badge">
   </a>
 
@@ -58,7 +58,7 @@ All documentation, tutorials and API references for the Identus ecosystem can be
 
 Before starting to use the Cloud Agent, it is important to understand the basic concepts of self-sovereign identity (SSI). The following resources provide a good introduction to SSI:
 
-* [Identus SSI introduction](https://docs.atalaprism.io/docs/category/concepts/)
+* [Identus SSI introduction](https://hyperledger.github.io/identus-docs/docs/category/concepts)
 * [Linux Foundation Course: Getting Started with SSI](https://www.edx.org/learn/computer-programming/the-linux-foundation-getting-started-with-self-sovereign-identity)
 
 ### Architecture
@@ -109,7 +109,7 @@ The Cloud Agent can be configured to use different types of ledger, secret stora
 
 To start playing with Cloud Agent, we recommend using the Dev configuration. Pre-production and production configurations are intended for real-world use cases and require additional more complex configurations of the Distributed Ledger stack setup.
 
-> If you're interested in a hosted version of Cloud Agent, please, contact us via the [Identus site](https://www.hyperledger.org/projects/identus).
+> If you're interested in a hosted version of Cloud Agent, please, contact us via the [Identus site](https://www.lfdecentralizedtrust.org/projects/identus).
 
 #### System requirements
 
@@ -128,12 +128,21 @@ If the Cloud Agent is started successfully, all the running containers should ac
 * `http://localhost:8080/cloud-agent` for the `issuer` instance
 * `http://localhost:8090/cloud-agent` for the `holder` instance
 
-You can check the status of the running containers using the [health endpoint](https://docs.atalaprism.io/agent-api/#tag/System/operation/systemHealth):
+You can check the status of the running containers using the [health endpoint](https://hyperledger.github.io/identus-docs/agent-api/#tag/System/operation/systemHealth):
 ```bash
 $ curl http://localhost:8080/cloud-agent/_system/health
 {"version":"1.19.1"}
 ```
 
+#### Simple docker compose for running the Identus Platform
+
+The Identus Platform is a set of services that work together to provide a complete SSI solution.
+The following services are included in the Identus Platform:
+- Cloud Agent
+- Mediator
+
+The docker compose file and documentation for running the full stack with the simplest configuration (single tenant without authentication) is available [here](https://github.com/hyperledger/identus/blob/main/identus-docker/dockerize-identus.md)
+
 #### Compatibility between Cloud Agent and  PRISM Node
 
 There could be some incompatibilities between the most latest versions of Cloud Agent and  PRISM Node. Please, use the following table to check the compatibility between the versions:
@@ -149,10 +158,10 @@ There could be some incompatibilities between the most latest versions of Cloud
 
 The following tutorials will help you get started with the Cloud Agent and issue your first credentials:
 
-* [Creating, updating and deactivating Decentralized Identifiers (DIDs)](https://docs.atalaprism.io/tutorials/category/dids/)
-* [Setting up connections between agents using out-of-band (OOB) protocol](https://docs.atalaprism.io/tutorials/connections/connection)
-* [Issuing verifiable credentials (VCs)](https://docs.atalaprism.io/tutorials/credentials/issue)
-* [Presenting VC proofs](https://docs.atalaprism.io/tutorials/credentials/present-proof)
+* [Creating, updating and deactivating Decentralized Identifiers (DIDs)](https://hyperledger.github.io/identus-docs/tutorials/category/dids/)
+* [Setting up connections between agents using out-of-band (OOB) protocol](https://hyperledger.github.io/identus-docs/tutorials/connections/connection)
+* [Issuing verifiable credentials (VCs)](https://hyperledger.github.io/identus-docs/tutorials/credentials/didcomm/issue)
+* [Presenting VC proofs](https://hyperledger.github.io/identus-docs/tutorials/credentials/didcomm/present-proof)
 
 ## Contributing
 

build.sbt

@@ -37,7 +37,7 @@ inThisBuild(
     // scalacOptions += "-Ysafe-init",
     // scalacOptions +=  "-Werror", // <=> "-Xfatal-warnings"
     scalacOptions += "-Dquill.macro.log=false", // disable quill macro logs // TODO https://github.com/zio/zio-protoquill/issues/470,
-    scalacOptions ++= Seq("-Xmax-inlines", "50")
+    scalacOptions ++= Seq("-Xmax-inlines", "50") // increase above 32 (https://github.com/circe/circe/issues/2162)
   )
 )
 
@@ -104,15 +104,19 @@ lazy val D = new {
   val zioConcurrent: ModuleID = "dev.zio" %% "zio-concurrent" % V.zio
   val zioHttp: ModuleID = "dev.zio" %% "zio-http" % V.zioHttp
   val zioKafka: ModuleID = "dev.zio" %% "zio-kafka" % V.zioKafka excludeAll (
-    ExclusionRule("dev.zio", "zio_3"), ExclusionRule("dev.zio", "zio-streams_3")
+    ExclusionRule("dev.zio", "zio_3"),
+    ExclusionRule("dev.zio", "zio-streams_3")
   )
   val zioCatsInterop: ModuleID = "dev.zio" %% "zio-interop-cats" % V.zioCatsInterop
   val zioMetricsConnectorMicrometer: ModuleID = "dev.zio" %% "zio-metrics-connectors-micrometer" % V.zioMetricsConnector
   val tapirPrometheusMetrics: ModuleID = "com.softwaremill.sttp.tapir" %% "tapir-prometheus-metrics" % V.tapir
   val micrometer: ModuleID = "io.micrometer" % "micrometer-registry-prometheus" % V.micrometer
   val micrometerPrometheusRegistry = "io.micrometer" % "micrometer-core" % V.micrometer
   val scalaUri = Seq(
-    "io.lemonlabs" %% "scala-uri" % V.scalaUri exclude ("org.typelevel", "cats-parse_3"), // Exclude cats-parse to avoid deps conflict
+    "io.lemonlabs" %% "scala-uri" % V.scalaUri exclude (
+      "org.typelevel",
+      "cats-parse_3"
+    ), // Exclude cats-parse to avoid deps conflict
     "org.typelevel" % "cats-parse_3" % "1.0.0", // Replace with version 1.0.0
   )
 
@@ -905,7 +909,7 @@ lazy val cloudAgentServer = project
     Docker / maintainer := "[email protected]",
     Docker / dockerUsername := Some("hyperledger"), // https://github.com/hyperledger
     Docker / dockerRepository := Some("ghcr.io"),
-    dockerExposedPorts := Seq(8080, 8085, 8090),
+    dockerExposedPorts := Seq(8085, 8090),
     // Official docker image for openjdk 21 with curl and bash
     dockerBaseImage := "openjdk:21-jdk",
     buildInfoKeys := Seq[BuildInfoKey](name, version, scalaVersion, sbtVersion),

cloud-agent/service/server/src/main/resources/application.conf

@@ -9,6 +9,11 @@ prismNode {
   }
 }
 
+featureFlag {
+  enableAnoncred = false
+  enableAnoncred = ${?ENABLE_ANONCRED}
+}
+
 pollux {
   database {
     host = "localhost"

cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala

@@ -149,6 +149,12 @@ object MainApp extends ZIOAppDefault {
         .ignore
 
       appConfig <- ZIO.service[AppConfig].provide(SystemModule.configLayer)
+      flags = appConfig.featureFlag
+      _ <- Console.printLine(s"""### Feature Flags: ####
+         | - Support for the credential type JWT VC is ${if (flags.enableJWT) "ENABLED" else "DISABLED"}
+         | - Support for the credential type SD JWT VC is ${if (flags.enableSDJWT) "ENABLED" else "DISABLED"}
+         | - Support for the credential type  Anoncred is ${if (flags.enableAnoncred) "ENABLED" else "DISABLED"}
+         |""")
       // these services are added to any DID document by default when they are created.
       defaultDidDocumentServices = Set(
         DidDocumentService(

cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/config/AppConfig.scala

@@ -7,6 +7,7 @@ import org.hyperledger.identus.shared.db.DbConfig
 import org.hyperledger.identus.shared.messaging.MessagingServiceConfig
 import zio.config.magnolia.*
 import zio.Config
+import zio.ZIO
 
 import java.net.URL
 import java.time.Duration
@@ -17,6 +18,7 @@ final case class AppConfig(
     agent: AgentConfig,
     connect: ConnectConfig,
     prismNode: PrismNodeConfig,
+    featureFlag: FeatureFlagConfig
 ) {
   def validate: Either[String, Unit] =
     for {
@@ -39,6 +41,33 @@ object AppConfig {
 
 }
 
+final case class FeatureFlagConfig(
+    enableAnoncred: Boolean
+) {
+  def enableJWT: Boolean = true // Hardcoded for now // TODO FeatureNotImplemented
+  def enableSDJWT: Boolean = true // Hardcoded for now // TODO FeatureNotImplemented
+
+  def ifJWTIsEnabled[R, E, A](program: ZIO[R, E, A]) =
+    if (enableJWT) program else ZIO.logWarning(FeatureFlagConfig.messageIfDisableForJWT)
+  def ifSDJWTIsEnabled[R, E, A](program: ZIO[R, E, A]) =
+    if (enableSDJWT) program else ZIO.logWarning(FeatureFlagConfig.messageIfDisableForSDJWT)
+  def ifAnoncredIsEnabled[R, E, A](program: ZIO[R, E, A]) =
+    if (enableAnoncred) program else ZIO.logWarning(FeatureFlagConfig.messageIfDisableForAnoncred)
+
+  def ifJWTIsDisable[R, E, A](program: ZIO[R, E, A]) =
+    if (!enableJWT) ZIO.logWarning(FeatureFlagConfig.messageIfDisableForJWT) *> program else ZIO.unit
+  def ifSDJWTIsDisable[R, E, A](program: ZIO[R, E, A]) =
+    if (!enableSDJWT) ZIO.logWarning(FeatureFlagConfig.messageIfDisableForSDJWT) *> program else ZIO.unit
+  def ifAnoncredIsDisable[R, E, A](program: ZIO[R, E, A]) =
+    if (!enableAnoncred) ZIO.logWarning(FeatureFlagConfig.messageIfDisableForAnoncred) *> program else ZIO.unit
+}
+
+object FeatureFlagConfig {
+  def messageIfDisableForJWT = "Feature Disabled: Credential format JWT VC"
+  def messageIfDisableForSDJWT = "Feature Disabled: Credential format SD JWT VC"
+  def messageIfDisableForAnoncred = "Feature Disabled: Credential format Anoncred"
+}
+
 final case class VaultConfig(
     address: String,
     token: Option[String],

cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/DocModels.scala

@@ -65,7 +65,7 @@ object DocModels {
               |It supports DID (Decentralized Identifiers) management, verifiable credential exchange, and secure messaging based on DIDComm standards.
               |The API is designed to be interoperable with various blockchain and DLT (Distributed Ledger Technology) platforms, ensuring wide compatibility and flexibility.
               |Key features include connection management, credential issuance and verification, and secure, privacy-preserving communication between entities.
-              |Additional information and the full list of capabilities can be found in the [Open Enterprise Agent documentation](https://docs.atalaprism.io/docs/category/prism-cloud-agent)
+              |Additional information and the full list of capabilities can be found in the [Open Enterprise Agent documentation](https://hyperledger.github.io/identus-docs/docs/category/prism-cloud-agent)
               |""".stripMargin),
           termsOfService = None,
           contact = None,