Skip to content

feat: SSO support and clientcredentials based switchig for single sign on feature #1183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 34 commits into from
Closed

feat: SSO support and clientcredentials based switchig for single sign on feature #1183

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
e55d113
chore: remove yarn.lock and package-lock.json files (#1133)
sairanjit Mar 12, 2025
5e3b4bb
fix: platform agent set up issue (#1136)
bhavanakarwade Mar 12, 2025
3b91a03
fix: Parameter validations (#1138)
bhavanakarwade Mar 20, 2025
1e4943f
added tenant id in get org info (#1139)
pallavighule Mar 25, 2025
971a8d5
fix/added-yml-file-to-push-docker-images (#1142)
KambleSahil3 Mar 25, 2025
967291c
fix/push docker image (#1154)
KambleSahil3 Mar 27, 2025
b92e2fc
chore: add aws module into monorepo (#1135)
sairanjit Apr 2, 2025
c001f78
chore: remove unused modules (#1163)
sairanjit Apr 2, 2025
81eccb7
refactor: remove image-service from libs (#1164)
sairanjit Apr 2, 2025
2bf9db7
refactor: merge nats-interceptor and responses lib into common (#1165)
sairanjit Apr 4, 2025
6a8fdbd
refactor: create common package in libs (#1167)
sairanjit Apr 4, 2025
0fa120f
feat: Support nested attributes while creating schema (#1166)
bhavanakarwade Apr 9, 2025
d979119
refactor: schema data type validations (#1174)
bhavanakarwade Apr 10, 2025
710ef7e
refactor: update organization API to support updation of country, sta…
pranalidhanavade Apr 11, 2025
a9d3638
fix: redirection changes and send email
pranalidhanavade Mar 27, 2025
8de48be
fix: default behaviour
GHkrishna Mar 27, 2025
3235a88
feat: add clientAlias based client credential handling
GHkrishna Apr 17, 2025
e4a50f3
fix: client based auth switching
GHkrishna Apr 22, 2025
d513ed1
feat: dynamic validations from ENV
GHkrishna Apr 22, 2025
f577aec
fix: revert commented code
GHkrishna Apr 22, 2025
9cd6c1f
fix: add appropriate env variables in demo and sample env
GHkrishna Apr 22, 2025
317fde5
fix: add sample env variables in demo and sample env
GHkrishna Apr 22, 2025
91e5052
chore: removed unwanted values (#1212)
KambleSahil3 Apr 29, 2025
4951f72
Merge pull request #1228 from credebl/refactor/optimise-dockerfile
KambleSahil3 May 9, 2025
f587f3a
chore: retorfit templates in develop (#1242)
GHkrishna May 13, 2025
3696153
chore/update-env-demo (#1250)
KambleSahil3 May 15, 2025
e82bc4e
fix: removed unwanted log which was displaying large data
RinkalBhojani May 29, 2025
9741141
Merge pull request #1254 from credebl/fix/improvement-and-logging
RinkalBhojani May 29, 2025
d08dda7
Merge pull request #1256 from credebl/fix/multiuse-connection
bhavanakarwade May 30, 2025
1ce79c1
fix: resolved conflicts
bhavanakarwade Jun 3, 2025
5d3c18e
wip: single sign on
bhavanakarwade Jun 26, 2025
8063050
Merge branch 'develop' of https://github.com/credebl/platform into fe…
bhavanakarwade Jun 26, 2025
2e32d67
fix: route changes
bhavanakarwade Jun 30, 2025
2db9c8c
fix: resolved conflicts
bhavanakarwade Jun 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions .env.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,28 @@ CLOUD_WALLET_NKEY_SEED=
GEOLOCATION_NKEY_SEED=
NOTIFICATION_NKEY_SEED=

# SSO
# To add more clients, simply add comma separated values of client names
SUPPORTED_SSO_CLIENTS=CREDEBL

# To add more client add the following variables for each additional client.
# Replace the `CLIENT-NAME` with the appropriate client name as added in `SUPPORTED_SSO_CLIENTS`
# Default client will not need the following details

# CLIENT-NAME_CLIENT_ALIAS=VERIFIER
# # Domain represents the redirection url once the client logs-in
# # TODO: Can be taken from keycloak instead
# CLIENT-NAME_DOMAIN=htts://VERIFIER-domain.com
# # Encrypted client credentials using the `CRYPTO_PRIVATE_KEY`
# CLIENT-NAME_KEYCLOAK_MANAGEMENT_CLIENT_ID=
# CLIENT-NAME_KEYCLOAK_MANAGEMENT_CLIENT_SECRET=

# Sample values:
# VERIFIER_CLIENT_ALIAS=VERIFIER
# VERIFIER_DOMAIN=htts://VERIFIER-domain.com
# VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_ID=encryptedKeyCloakClientId
# VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_SECRET=encryptedKeyCloakClientSecret

KEYCLOAK_DOMAIN=http://localhost:8080/
KEYCLOAK_ADMIN_URL=http://localhost:8080
KEYCLOAK_MASTER_REALM=master
Expand Down
22 changes: 22 additions & 0 deletions .env.sample
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,28 @@ KEYCLOAK_MANAGEMENT_CLIENT_ID=xxxxxxx
KEYCLOAK_MANAGEMENT_CLIENT_SECRET=xxxxxxx
KEYCLOAK_REALM=xxxxxxx

# SSO
# To add more clients, simply add comma separated values of client names
SUPPORTED_SSO_CLIENTS=CREDEBL

# To add more client add the following variables for each additional client.
# Replace the `CLIENT-NAME` with the appropriate client name as added in `SUPPORTED_SSO_CLIENTS`
# Default client will not need the following details

# CLIENT-NAME_CLIENT_ALIAS=MYAPP
# # Domain represents the redirection url once the client logs-in
# # TODO: Can be taken from keycloak instead
# CLIENT-NAME_DOMAIN=htts://myapp.com
# # Encrypted client credentials using the `CRYPTO_PRIVATE_KEY`
# CLIENT-NAME_KEYCLOAK_MANAGEMENT_CLIENT_ID=
# CLIENT-NAME_KEYCLOAK_MANAGEMENT_CLIENT_SECRET

# Sample values:
# VERIFIER_CLIENT_ALIAS=VERIFIER
# VERIFIER_DOMAIN=htts://VERIFIER-domain.com
# VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_ID=encryptedKeyCloakClientId
# VERIFIER_KEYCLOAK_MANAGEMENT_CLIENT_SECRET=encryptedKeyCloakClientSecret

ENABLE_CORS_IP_LIST="" # Provide a list of domains that are allowed to use this server
SCHEMA_FILE_SERVER_URL= // Please provide schema URL
SCHEMA_FILE_SERVER_TOKEN=xxxxxxxx // Please provide schema file server token for polygon
Expand Down
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/FEATURE-REQUEST.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,4 +70,4 @@ body:
- Docs updated
- Tests written and passing
validations:
required: false
required: false
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Re-add missing trailing newline to satisfy YAMLlint & POSIX text-file convention

Removing the final newline triggers the YAMLlint new-line-at-end-of-file error and can break CI pipelines that enforce linting. All text files should terminate with a single \n.

     validations:
       required: false
+
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
required: false
validations:
required: false
🧰 Tools
🪛 YAMLlint (1.37.1)

[error] 73-73: no new line character at the end of file

(new-line-at-end-of-file)

🤖 Prompt for AI Agents 
In .github/ISSUE_TEMPLATE/FEATURE-REQUEST.yml at line 73, the file is missing a
trailing newline at the end. Add a single newline character after the last line
to satisfy YAMLlint requirements and POSIX text-file conventions, ensuring the
file ends with a newline to prevent linting errors and CI pipeline failures.

2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/bug_report.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,4 +87,4 @@ body:
- Console output
- Stack traces
validations:
required: false
required: false
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Restore trailing newline to avoid YAMLlint failure

Same issue as in the feature-request template—lack of a terminal newline violates lint rules and standard tooling expectations.

     validations:
       required: false
+
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
required: false
required: false
🧰 Tools
🪛 YAMLlint (1.37.1)

[error] 90-90: no new line character at the end of file

(new-line-at-end-of-file)

🤖 Prompt for AI Agents 
In .github/ISSUE_TEMPLATE/bug_report.yml at line 90, the file is missing a
trailing newline which causes YAMLlint to fail. Add a newline character at the
end of the file to comply with linting rules and standard file formatting
conventions.

29 changes: 15 additions & 14 deletions apps/agent-service/src/repositories/agent-service.repository.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,6 @@
import { PrismaService } from '@credebl/prisma-service';
/* eslint-disable camelcase */
import { AgentType, PrismaTables } from '@credebl/enum/enum';
import { ConflictException, Injectable, Logger } from '@nestjs/common';
// eslint-disable-next-line camelcase
import {
Prisma,
ledgerConfig,
ledgers,
org_agents,
org_agents_type,
org_dids,
organisation,
platform_config,
user
} from '@prisma/client';
import {
ICreateOrgAgent,
ILedgers,
Expand All @@ -24,7 +13,19 @@ import {
LedgerNameSpace,
OrgDid
} from '../interface/agent-service.interface';
import { AgentType, PrismaTables } from '@credebl/enum/enum';
import {
Prisma,
ledgerConfig,
ledgers,
org_agents,
org_agents_type,
org_dids,
organisation,
platform_config,
user
} from '@prisma/client';
Comment on lines +16 to +26
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Mark Prisma model imports as type-only to prevent accidental runtime usage
ledgerConfig, organisation, etc. are compile-time types – they are not needed at runtime and importing them as values slightly increases the bundle size and can mislead readers.

-import {
-  Prisma,
-  ledgerConfig,
-  ledgers,
-  org_agents,
-  org_agents_type,
-  org_dids,
-  organisation,
-  platform_config,
-  user
-} from '@prisma/client';
+import type {
+  Prisma,
+  ledgerConfig,
+  ledgers,
+  org_agents,
+  org_agents_type,
+  org_dids,
+  organisation,
+  platform_config,
+  user
+} from '@prisma/client';

Using import type (TS 3.8+) keeps the import purely in the type space and communicates intent more clearly.

🤖 Prompt for AI Agents 
In apps/agent-service/src/repositories/agent-service.repository.ts around lines
16 to 26, the Prisma model imports like ledgerConfig and organisation are used
only as types and should be imported with 'import type' to avoid including them
in the runtime bundle. Change the import statement to use 'import type' for
these Prisma models to ensure they are treated purely as types, reducing bundle
size and clarifying intent.


import { PrismaService } from '@credebl/prisma-service';

@Injectable()
export class AgentServiceRepository {
Expand Down
Loading