commit 03172ebdae9bd409a00a2f54dc7cf11ab0aa50fd
Author: Henrique Chan Carvalho Machado <henriqueccmachado@tecnico.ulisboa.pt>
Date: Wed, 8 Oct 2025 12:38:26 +0200
verifier: Added Helper Scripts, spring config, automated requests
Diffstat:
8 files changed, 171 insertions(+), 0 deletions(-)
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,17 @@
+.DS_Store
+
+target/
+!.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**/target/
+!**/src/test/**/target/
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+### VS Code ###
+.vscode/
+/codeql/
+/swiyu-verifier-codeql-db/
diff --git a/swiyu-verifier/api_requests/post_sw_verifier_ver_req.hurl b/swiyu-verifier/api_requests/post_sw_verifier_ver_req.hurl
@@ -0,0 +1,6 @@
+POST http://localhost:8080/management/api/verifications
+Accept: application/json
+Content-Type: application/json
+
+file,ver_req_over18.json;
+
diff --git a/swiyu-verifier/api_requests/swiyu_verifier_verification_request.sh b/swiyu-verifier/api_requests/swiyu_verifier_verification_request.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+# sends a POST request to the swiyu verifier and generates a qr code from the verification_url in the response.
+# requires hurl, jq, and qrencode.
+hurl post_sw_verifier_ver_req.hurl | jq -r '.verification_url' | tee /dev/tty | xargs qrencode -o swiyu.png
+open swiyu.png
+
diff --git a/swiyu-verifier/api_requests/ver_req_over18.json b/swiyu-verifier/api_requests/ver_req_over18.json
@@ -0,0 +1,44 @@
+{
+ "jwt_secured_authorization_request": true,
+ "response_mode": "direct_post",
+ "response_type": "vp_token",
+ "presentation_definition": {
+ "id": "00000000-0000-0000-0000-000000000000",
+ "name": "Over 18 and Name Verification",
+ "purpose": "Verify age over 18 and collect first and last name",
+ "input_descriptors": [
+ {
+ "id": "11111111-1111-1111-1111-111111111111",
+ "format": {
+ "vc+sd-jwt": {
+ "sd-jwt_alg_values": [
+ "ES256"
+ ],
+ "kb-jwt_alg_values": [
+ "ES256"
+ ]
+ }
+ },
+ "constraints": {
+ "fields": [
+ {
+ "path": [
+ "$.vct"
+ ],
+ "filter": {
+ "type": "string",
+ "const": "betaid-sdjwt"
+ }
+ },
+ {
+ "path": [
+ "$.age_over_18"
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "configuration_override": {}
+}
diff --git a/swiyu-verifier/application-local-dockerless.yml.template b/swiyu-verifier/application-local-dockerless.yml.template
@@ -0,0 +1,37 @@
+# SPDX-FileCopyrightText: 2025 Swiss Confederation
+#
+# SPDX-License-Identifier: MIT
+
+# Duplicate this file. REPLACE the uppercase variable names
+
+application:
+ external-url: "${EXTERNAL_URL:}"
+ client_id: "${VERIFIER_DID:}"
+ client_id_scheme: "did"
+ signing_key: "${secret.signing_key:${SIGNING_KEY:}}"
+ signing-key-verification-method: "${DID_VERIFICATION_METHOD:}"
+ client-metadata-file: "${OPENID_CLIENT_METADATA_FILE:}"
+
+spring:
+ docker:
+ compose:
+ enabled: false
+ file: compose.yaml
+ datasource:
+ driver-class-name: org.postgresql.Driver
+ url: "${POSTGRES_JDBC}"
+ username: "${POSTGRES_USER}"
+ password: "${POSTGRES_PASSWORD}"
+
+ mvc:
+ log-resolved-exception: false # see https://stackoverflow.com/a/77147791
+ jpa:
+ hibernate:
+ ddl-auto: create # when starting locally we connect to the db from compose.yml and generate the schema from hibernate
+
+logging:
+ level:
+ ch.admin.bj.swiyu: DEBUG
+
+springdoc:
+ show-actuator: true
diff --git a/swiyu-verifier/scripts/drop.sh b/swiyu-verifier/scripts/drop.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+dropdb verifier_db
+dropuser verifier_user
diff --git a/swiyu-verifier/scripts/run.sh b/swiyu-verifier/scripts/run.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# using swiyu's mvn wrapper (mvnw).
+if [ -z "$(find verifier-application/target -maxdepth 1 -name '*.jar' -type f 2>/dev/null)" ]; then
+ echo "Building the project..."
+ ./mvnw clean package -DskipTests
+fi
+
+if [ "$1" == "-d" ]; then
+ echo "Running in debug mode..."
+ ./mvnw spring-boot:run -pl verifier-application -Dspring-boot.run.profiles=local-dockerless -Dspring-boot.run.fork=true -Dspring-boot.run.jvmArguments="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005"
+ exit 0
+fi
+
+echo "Running the application..."
+./mvnw spring-boot:run -pl verifier-application -Dspring-boot.run.profiles=local-dockerless
+\ No newline at end of file
diff --git a/swiyu-verifier/scripts/setup.sh b/swiyu-verifier/scripts/setup.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+DB_PORT=5432
+DB_NAME=verifier_db
+DB_USER=verifier_user
+DB_PASS=secret
+DB_ADMIN=${DB_ADMIN:-}
+
+echo "Setting up PostgreSQL database for verifier application..."
+echo
+echo "WARNING: Test Environment!"
+echo
+
+if ! command -v psql &> /dev/null
+then
+ echo "postgresql@15 could not be found, please install it first."
+ exit 1
+fi
+
+if ! pg_isready -h localhost -p "$DB_PORT" >/dev/null 2>&1; then
+ echo "PostgreSQL is not running."
+ exit 1
+fi
+
+PSQL_CMD="psql -h localhost -p $DB_PORT"
+if [ -n "$DB_ADMIN" ]; then
+ PSQL_CMD="$PSQL_CMD -U $DB_ADMIN"
+fi
+
+# Create user if not exists
+$PSQL_CMD -d postgres -tc "SELECT 1 FROM pg_roles WHERE rolname='$DB_USER'" | grep -q 1 || \
+$PSQL_CMD -d postgres -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';"
+
+# Create database if not exists
+$PSQL_CMD -d postgres -tc "SELECT 1 FROM pg_database WHERE datname='$DB_NAME'" | grep -q 1 || \
+$PSQL_CMD -d postgres -c "CREATE DATABASE $DB_NAME OWNER $DB_USER;"
+
+# Grant privileges
+$PSQL_CMD -d "$DB_NAME" -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;"
+
+echo "Setup completed."
