├── .editorconfig
├── .github
├── ISSUE_TEMPLATE
│ ├── 01_bug.md
│ ├── 02_feature_request.md
│ ├── 03_enhancement.md
│ └── 04_question.md
└── workflows
│ ├── ci-dependency-check.yml
│ ├── ci-deploy.yml
│ ├── ci-main.yml
│ ├── ci-openapi.yml
│ ├── ci-pull-request.yml
│ ├── ci-release-notes.yml
│ ├── ci-release.yml
│ └── ci-sonar.yml
├── .gitignore
├── .grenrc.js
├── .ort.yml
├── CODEOWNERS
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── Dockerfile
├── LICENSE
├── NOTICE
├── README.md
├── THIRD-PARTY-NOTICES
├── certs
└── PlaceYourGatewayAccessKeysHere.md
├── codestyle
└── checkstyle.xml
├── docker-compose.yml
├── docs
├── dgca-verifier-service.md
└── dgca_overview.png
├── owasp
└── suppressions.xml
├── pom.xml
├── settings.xml
├── src
├── main
│ ├── java
│ │ └── eu
│ │ │ └── europa
│ │ │ └── ec
│ │ │ └── dgc
│ │ │ └── verifier
│ │ │ ├── DgcVerifierServiceApplication.java
│ │ │ ├── config
│ │ │ ├── DgcConfigProperties.java
│ │ │ ├── ErrorHandler.java
│ │ │ ├── OpenApiConfig.java
│ │ │ ├── SchedulerConfig.java
│ │ │ └── ShedLockConfig.java
│ │ │ ├── dto
│ │ │ └── TrustedIssuerDto.java
│ │ │ ├── entity
│ │ │ ├── InfoEntity.java
│ │ │ ├── ShedlockEntity.java
│ │ │ ├── SignerInformationEntity.java
│ │ │ └── TrustedIssuerEntity.java
│ │ │ ├── exception
│ │ │ └── BadRequestException.java
│ │ │ ├── mapper
│ │ │ └── IssuerMapper.java
│ │ │ ├── repository
│ │ │ ├── InfoRepository.java
│ │ │ ├── SignerInformationRepository.java
│ │ │ └── TrustedIssuerRepository.java
│ │ │ ├── restapi
│ │ │ ├── controller
│ │ │ │ ├── ContextController.java
│ │ │ │ ├── SignerInformationController.java
│ │ │ │ └── TrustedIssuerController.java
│ │ │ └── dto
│ │ │ │ ├── CertificatesLookupResponseItemDto.java
│ │ │ │ ├── DeltaListDto.java
│ │ │ │ ├── KidDto.java
│ │ │ │ └── ProblemReportDto.java
│ │ │ └── service
│ │ │ ├── InfoService.java
│ │ │ ├── SignerCertificateDownloadService.java
│ │ │ ├── SignerCertificateDownloadServiceImpl.java
│ │ │ ├── SignerInformationService.java
│ │ │ ├── TrustedIssuerDownloadService.java
│ │ │ ├── TrustedIssuerDownloadServiceImpl.java
│ │ │ └── TrustedIssuerService.java
│ └── resources
│ │ ├── application-cloud.yml
│ │ ├── application.yml
│ │ ├── db
│ │ ├── changelog.xml
│ │ └── changelog
│ │ │ ├── alter-signer-information.xml
│ │ │ ├── create-info-table.xml
│ │ │ ├── create-trusted-issuer-table.xml
│ │ │ └── init-tables.xml
│ │ ├── logback-spring.xml
│ │ └── static
│ │ └── context.json
└── test
│ ├── java
│ └── eu
│ │ └── europa
│ │ └── ec
│ │ └── dgc
│ │ └── verifier
│ │ ├── OpenApiTest.java
│ │ ├── restapi
│ │ └── controller
│ │ │ ├── ContextControllerIntegrationTest.java
│ │ │ ├── ContextControllerWithEnvironmentIntegrationTest.java
│ │ │ ├── SignerInformationIntegrationTest.java
│ │ │ └── TrustedIssuerIntegrationTest.java
│ │ ├── service
│ │ ├── InfoServiceTest.java
│ │ ├── SignerCertificateDownloadServiceImplTest.java
│ │ ├── SignerInformationServiceTest.java
│ │ └── TrustedIssuerDownloadServiceImplTest.java
│ │ └── testdata
│ │ ├── SignerInformationTestHelper.java
│ │ └── TrustedIssuerTestHelper.java
│ └── resources
│ └── application.yml
└── templates
└── file-header.txt
/.editorconfig:
--------------------------------------------------------------------------------
1 | root = true
2 |
3 | [*]
4 | charset = utf-8
5 | end_of_line = lf
6 | indent_style = space
7 | indent_size = 2
8 | insert_final_newline = true
9 |
10 | [*.java]
11 | indent_size = 4
12 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/01_bug.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: "\U0001F6A8 Bug"
3 | about: Did you come across a bug or unexpected behaviour differing from the docs?
4 | labels: bug
5 | ---
6 |
7 |
13 |
14 | ## Describe the bug
15 |
16 |
17 |
18 | ## Expected behaviour
19 |
20 |
21 |
22 | ## Steps to reproduce the issue
23 |
24 |
25 |
26 |
32 |
33 | ## Technical details
34 |
35 | - Host Machine OS (Windows/Linux/Mac):
36 |
37 | ## Possible Fix
38 |
39 |
40 |
41 | ## Additional context
42 |
43 |
44 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/02_feature_request.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: "\U0001F381 Feature Request"
3 | about: Do you have an idea for a new feature?
4 | labels: feature request
5 | ---
6 |
7 |
13 |
14 | ## Feature description
15 |
16 |
21 |
22 | ## Problem and motivation
23 |
24 |
28 |
29 | ## Is this something you're interested in working on
30 |
31 |
32 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/03_enhancement.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: "\u23F1\uFE0F Enhancement"
3 | about: Do you have an idea for an enhancement?
4 | labels: enhancement
5 | ---
6 |
7 |
13 |
14 | ## Current Implementation
15 |
16 |
17 |
18 | ## Suggested Enhancement
19 |
20 |
24 |
25 | ## Expected Benefits
26 |
27 |
31 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/04_question.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: "\U00002753 Question"
3 | about: If you have questions about pieces of the code or documentation for this component, please post them here.
4 | labels: question
5 | ---
6 |
7 |
13 |
14 | ## Your Question
15 |
16 |
17 |
18 | * Source File:
19 | * Line(s):
20 | * Question:
21 |
--------------------------------------------------------------------------------
/.github/workflows/ci-dependency-check.yml:
--------------------------------------------------------------------------------
1 | name: ci-dependency-check
2 | on:
3 | schedule:
4 | - cron: "0 1 * * 0" # Each Sunday at 01:00 UTC
5 | pull_request:
6 | types:
7 | - opened
8 | - synchronize
9 | - reopened
10 | jobs:
11 | build:
12 | runs-on: ubuntu-22.04
13 | steps:
14 | - uses: actions/setup-java@v2
15 | with:
16 | java-version: 17
17 | distribution: adopt
18 | - uses: actions/checkout@v2
19 | with:
20 | fetch-depth: 0
21 | - uses: actions/cache@v2
22 | with:
23 | path: |
24 | ~/.m2/repository
25 | key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
26 | - name: version
27 | run: |-
28 | APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
29 | APP_LATEST_REV=$(git rev-list --tags --max-count=1)
30 | APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
31 | echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
32 | - name: mvn
33 | run: |-
34 | mvn dependency-check:check \
35 | --batch-mode \
36 | --file ./pom.xml \
37 | --settings ./settings.xml \
38 | --define app.packages.username="${APP_PACKAGES_USERNAME}" \
39 | --define app.packages.password="${APP_PACKAGES_PASSWORD}" \
40 | env:
41 | APP_PACKAGES_USERNAME: ${{ github.actor }}
42 | APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
43 |
--------------------------------------------------------------------------------
/.github/workflows/ci-deploy.yml:
--------------------------------------------------------------------------------
1 | name: ci-deploy
2 | on:
3 | workflow_dispatch:
4 | inputs:
5 | version:
6 | required: true
7 | description: Version to deploy
8 | jobs:
9 | deploy:
10 | runs-on: ubuntu-22.04
11 | environment: dev
12 | env:
13 | APP_VERSION: ${{ github.event.inputs.version }}
14 | steps:
15 | - name: cf setup
16 | run: |-
17 | curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
18 | sudo tar -zx -C /usr/local/bin
19 | env:
20 | CF_VERSION: 7.2.0
21 | CF_RELEASE: linux64-binary
22 | - name: cf push
23 | run: |-
24 | cf api ${CF_API}
25 | cf auth
26 | cf target -o ${CF_ORG} -s ${CF_SPACE}
27 | cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
28 | env:
29 | APP_NAME: dgca-verifier-service-eu-test
30 | APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-verifier-service
31 | CF_API: ${{ secrets.CF_API }}
32 | CF_ORG: ${{ secrets.CF_ORG }}
33 | CF_SPACE: ${{ secrets.CF_SPACE }}
34 | CF_USERNAME: ${{ secrets.CF_USERNAME }}
35 | CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
36 | CF_DOCKER_USERNAME: ${{ secrets.CF_DOCKER_USERNAME }}
37 | CF_DOCKER_PASSWORD: ${{ secrets.CF_DOCKER_PASSWORD }}
38 |
--------------------------------------------------------------------------------
/.github/workflows/ci-main.yml:
--------------------------------------------------------------------------------
1 | name: ci-main
2 | on:
3 | push:
4 | branches:
5 | - main
6 | jobs:
7 | build:
8 | runs-on: ubuntu-22.04
9 | steps:
10 | - uses: actions/setup-java@v2
11 | with:
12 | java-version: 17
13 | distribution: adopt
14 | - uses: actions/checkout@v2
15 | with:
16 | fetch-depth: 0
17 | - uses: actions/cache@v2
18 | with:
19 | path: |
20 | ~/.m2/repository
21 | key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
22 | - name: version
23 | run: |-
24 | APP_SHA=$(git rev-parse --short ${GITHUB_SHA})
25 | APP_LATEST_REV=$(git rev-list --tags --max-count=1)
26 | APP_LATEST_TAG=$(git describe --tags ${APP_LATEST_REV} 2> /dev/null || echo 0.0.0)
27 | echo "APP_VERSION=${APP_LATEST_TAG}-${APP_SHA}" >> ${GITHUB_ENV}
28 | - name: copyContext
29 | run: |-
30 | rm ./src/main/resources/static/context.json
31 | echo '${{ secrets.CONTEXT_FILE }}' > ./src/main/resources/static/context.json
32 | - name: mvn
33 | run: |-
34 | mvn versions:set \
35 | --batch-mode \
36 | --file ./pom.xml \
37 | --settings ./settings.xml \
38 | --define newVersion="${APP_VERSION}"
39 | mvn clean verify \
40 | --batch-mode \
41 | --file ./pom.xml \
42 | --settings ./settings.xml \
43 | --define app.packages.username="${APP_PACKAGES_USERNAME}" \
44 | --define app.packages.password="${APP_PACKAGES_PASSWORD}"
45 | env:
46 | APP_PACKAGES_USERNAME: ${{ github.actor }}
47 | APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
48 | - name: docker
49 | run: |-
50 | echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
51 | --username "${APP_PACKAGES_USERNAME}" \
52 | --password-stdin
53 | docker build . \
54 | --file ./Dockerfile \
55 | --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
56 | docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
57 | env:
58 | APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-verifier-service
59 | APP_PACKAGES_USERNAME: ${{ github.actor }}
60 | APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
61 |
--------------------------------------------------------------------------------
/.github/workflows/ci-openapi.yml:
--------------------------------------------------------------------------------
1 | name: ci-openapi
2 | on:
3 | workflow_dispatch:
4 | release:
5 | types:
6 | - created
7 | jobs:
8 | release:
9 | runs-on: ubuntu-22.04
10 | steps:
11 | - uses: actions/setup-java@v2
12 | with:
13 | java-version: 17
14 | distribution: adopt
15 | - uses: actions/checkout@v2
16 | with:
17 | fetch-depth: 0
18 | - uses: actions/cache@v2
19 | with:
20 | path: |
21 | ~/.m2/repository
22 | key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
23 | - name: version
24 | run: >-
25 | APP_SHA=$(git rev-parse --short ${GITHUB_SHA});
26 | APP_TAG=${GITHUB_REF/refs\/tags\/}
27 | APP_VERSION=${APP_TAG};
28 | echo "APP_SHA=${APP_SHA}" >> ${GITHUB_ENV};
29 | echo "APP_TAG=${APP_TAG}" >> ${GITHUB_ENV};
30 | echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV};
31 | - name: mvn
32 | run: >-
33 | mvn versions:set
34 | --batch-mode
35 | --file ./pom.xml
36 | --settings ./settings.xml
37 | --define newVersion="${APP_VERSION}";
38 | mvn clean verify
39 | --batch-mode
40 | --file ./pom.xml
41 | --settings ./settings.xml
42 | --define app.packages.username="${APP_PACKAGES_USERNAME}"
43 | --define app.packages.password="${APP_PACKAGES_PASSWORD}";
44 | env:
45 | APP_PACKAGES_USERNAME: ${{ github.actor }}
46 | APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
47 | - name: Upload Artifact
48 | uses: actions/upload-artifact@v2
49 | with:
50 | name: openapi.json
51 | path: target/openapi.json
52 | - name: Checkout OpenApi Doc Branch
53 | uses: actions/checkout@v2
54 | with:
55 | ref: openapi-doc
56 | - name: Delete existing openapi.json
57 | run: rm -f openapi.json
58 | - name: Download openapi.json
59 | uses: actions/download-artifact@v2
60 | with:
61 | name: openapi.json
62 | - name: Commit and Push changes
63 | run: |
64 | git config user.name github-actions
65 | git config user.email github-actions@github.com
66 | git commit -a --allow-empty -m "Update OpenAPI JSON"
67 | git push
68 |
--------------------------------------------------------------------------------
/.github/workflows/ci-pull-request.yml:
--------------------------------------------------------------------------------
1 | name: ci-pull-request
2 | on:
3 | pull_request:
4 | types:
5 | - opened
6 | - synchronize
7 | - reopened
8 | jobs:
9 | build:
10 | runs-on: ubuntu-22.04
11 | steps:
12 | - uses: actions/setup-java@v2
13 | with:
14 | java-version: 17
15 | distribution: adopt
16 | - uses: actions/checkout@v2
17 | with:
18 | fetch-depth: 0
19 | - uses: actions/cache@v2
20 | with:
21 | path: |
22 | ~/.m2/repository
23 | key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
24 | - name: mvn
25 | run: |-
26 | mvn clean package \
27 | --batch-mode \
28 | --file ./pom.xml \
29 | --settings ./settings.xml \
30 | --define app.packages.username="${APP_PACKAGES_USERNAME}" \
31 | --define app.packages.password="${APP_PACKAGES_PASSWORD}"
32 | env:
33 | APP_PACKAGES_USERNAME: ${{ github.actor }}
34 | APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
35 | - name: docker
36 | run: |-
37 | docker build . \
38 | --file ./Dockerfile
39 |
--------------------------------------------------------------------------------
/.github/workflows/ci-release-notes.yml:
--------------------------------------------------------------------------------
1 | name: ci-release-notes
2 | on:
3 | release:
4 | types:
5 | - created
6 | jobs:
7 | release-notes:
8 | runs-on: ubuntu-22.04
9 | env:
10 | APP_VERSION: ${{ github.event.release.tag_name }}
11 | steps:
12 | - uses: actions/checkout@v2
13 | with:
14 | fetch-depth: 0
15 | - name: release-notes
16 | run: npx github-release-notes release --override --tags ${APP_VERSION}
17 | env:
18 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
19 | GREN_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
20 |
--------------------------------------------------------------------------------
/.github/workflows/ci-release.yml:
--------------------------------------------------------------------------------
1 | name: ci-release
2 | on:
3 | release:
4 | types:
5 | - created
6 | jobs:
7 | build:
8 | runs-on: ubuntu-22.04
9 | env:
10 | APP_VERSION: ${{ github.event.release.tag_name }}
11 | steps:
12 | - uses: actions/setup-java@v2
13 | with:
14 | java-version: 17
15 | distribution: adopt
16 | - uses: actions/checkout@v2
17 | with:
18 | fetch-depth: 0
19 | - uses: actions/cache@v2
20 | with:
21 | path: |
22 | ~/.m2/repository
23 | key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
24 | - name: mvn
25 | run: |-
26 | mvn versions:set \
27 | --batch-mode \
28 | --file ./pom.xml \
29 | --settings ./settings.xml \
30 | --define newVersion="${APP_VERSION}"
31 | mvn clean deploy \
32 | --batch-mode \
33 | --file ./pom.xml \
34 | --settings ./settings.xml \
35 | --define app.packages.username="${APP_PACKAGES_USERNAME}" \
36 | --define app.packages.password="${APP_PACKAGES_PASSWORD}"
37 | env:
38 | APP_PACKAGES_USERNAME: ${{ github.actor }}
39 | APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
40 | - name: docker
41 | run: |-
42 | echo "${APP_PACKAGES_PASSWORD}" | docker login "${APP_PACKAGES_URL}" \
43 | --username "${APP_PACKAGES_USERNAME}" \
44 | --password-stdin
45 | docker build . \
46 | --file ./Dockerfile \
47 | --tag "${APP_PACKAGES_URL}:latest" \
48 | --tag "${APP_PACKAGES_URL}:${APP_VERSION}"
49 | docker push "${APP_PACKAGES_URL}:latest"
50 | docker push "${APP_PACKAGES_URL}:${APP_VERSION}"
51 | env:
52 | APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/dgca-verifier-service
53 | APP_PACKAGES_USERNAME: ${{ github.actor }}
54 | APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
55 | - name: assets
56 | run: |-
57 | gh release upload ${APP_VERSION} \
58 | --clobber \
59 | ./target/openapi.json#openapi-${APP_VERSION}.json \
60 | ./target/generated-resources/licenses.xml#licenses-${APP_VERSION}.xml
61 | env:
62 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
63 | deploy:
64 | runs-on: ubuntu-20.04
65 | environment: dev
66 | needs:
67 | - build
68 | env:
69 | APP_VERSION: ${{ github.event.release.tag_name }}
70 | steps:
71 | - name: cf setup
72 | run: |-
73 | curl -sL "https://packages.cloudfoundry.org/stable?release=${CF_RELEASE}&version=${CF_VERSION}" | \
74 | sudo tar -zx -C /usr/local/bin
75 | env:
76 | CF_VERSION: 7.2.0
77 | CF_RELEASE: linux64-binary
78 | - name: cf push
79 | run: |-
80 | cf api ${CF_API}
81 | cf auth
82 | cf target -o ${CF_ORG} -s ${CF_SPACE}
83 | cf push ${APP_NAME} --docker-image ${APP_IMAGE}:${APP_VERSION} --docker-username ${CF_DOCKER_USERNAME}
84 | env:
85 | APP_NAME: dgca-verifier-service-eu-test
86 | APP_IMAGE: docker.pkg.github.com/${{ github.repository }}/dgca-verifier-service
87 | CF_API: ${{ secrets.CF_API }}
88 | CF_ORG: ${{ secrets.CF_ORG }}
89 | CF_SPACE: ${{ secrets.CF_SPACE }}
90 | CF_USERNAME: ${{ secrets.CF_USERNAME }}
91 | CF_PASSWORD: ${{ secrets.CF_PASSWORD }}
92 | CF_DOCKER_USERNAME: ${{ secrets.CF_DOCKER_USERNAME }}
93 | CF_DOCKER_PASSWORD: ${{ secrets.CF_DOCKER_PASSWORD }}
94 |
--------------------------------------------------------------------------------
/.github/workflows/ci-sonar.yml:
--------------------------------------------------------------------------------
1 | name: ci-sonar
2 | on:
3 | workflow_dispatch:
4 | push:
5 | branches:
6 | - main
7 | pull_request:
8 | types:
9 | - opened
10 | - synchronize
11 | - reopened
12 | jobs:
13 | sonar:
14 | runs-on: ubuntu-22.04
15 | steps:
16 | - uses: actions/setup-java@v3
17 | with:
18 | java-version: 17
19 | distribution: adopt
20 | - uses: actions/checkout@v3
21 | with:
22 | fetch-depth: 0
23 | - uses: actions/cache@v3
24 | with:
25 | path: |
26 | ~/.m2/repository
27 | key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
28 | - name: mvn
29 | run: |-
30 | mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
31 | --batch-mode \
32 | --file ./pom.xml \
33 | --settings ./settings.xml \
34 | --define app.packages.username="${APP_PACKAGES_USERNAME}" \
35 | --define app.packages.password="${APP_PACKAGES_PASSWORD}"
36 | env:
37 | SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
38 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
39 | APP_PACKAGES_USERNAME: ${{ github.actor }}
40 | APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
41 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | HELP.md
2 | target/
3 | !.mvn/wrapper/maven-wrapper.jar
4 | !**/src/main/**
5 | !**/src/test/**
6 |
7 | ### STS ###
8 | .apt_generated
9 | .classpath
10 | .factorypath
11 | .project
12 | .settings
13 | .springBeans
14 | .sts4-cache
15 |
16 | ### IntelliJ IDEA ###
17 | .idea
18 | *.iws
19 | *.iml
20 | *.ipr
21 | .jpb
22 |
23 | ### NetBeans ###
24 | /nbproject/
25 | /nbbuild/
26 | /dist/
27 | /.nb-gradle/
28 | build/
29 |
30 | ### VS Code ###
31 | .vscode/
32 |
33 | ### Others ###
34 | ~$*.docx
35 | *.b64
36 | /testdata/
37 | *.log
38 |
39 | /keystore
40 |
41 | /tools/*
42 | !/tools/*.bat
43 | !/tools/*.sh
44 |
45 | ### MAC OS ###
46 | .DS_STORE
47 |
48 | .settings.xml
49 | pom.xml.versionsBackup
50 |
--------------------------------------------------------------------------------
/.grenrc.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | "dataSource": "prs",
3 | "prefix": "",
4 | "onlyMilestones": false,
5 | "groupBy": {
6 | "Enhancements": [
7 | "enhancement",
8 | "internal"
9 | ],
10 | "Bug Fixes": [
11 | "bug"
12 | ],
13 | "Documentation": [
14 | "documentation"
15 | ],
16 | "Others": [
17 | "other"
18 | ]
19 | },
20 | "changelogFilename": "CHANGELOG.md",
21 | "template": {
22 | commit: ({ message, url, author, name }) => `- [${message}](${url}) - ${author ? `@${author}` : name}`,
23 | issue: "- {{name}} [{{text}}]({{url}})",
24 | noLabel: "other",
25 | group: "\n#### {{heading}}\n",
26 | changelogTitle: "# Changelog\n\n",
27 | release: "## {{release}} ({{date}})\n{{body}}",
28 | releaseSeparator: "\n---\n\n"
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/.ort.yml:
--------------------------------------------------------------------------------
1 | excludes:
2 | scopes:
3 | - pattern: "provided"
4 | reason: "PROVIDED_DEPENDENCY_OF"
5 | comment: "Packages provided at runtime by the JDK or container only."
6 | - pattern: "test"
7 | reason: "TEST_DEPENDENCY_OF"
8 | comment: "Packages for testing only."
--------------------------------------------------------------------------------
/CODEOWNERS:
--------------------------------------------------------------------------------
1 | # This file provides an overview of code owners in this repository.
2 |
3 | # Each line is a file pattern followed by one or more owners.
4 | # The last matching pattern has the most precedence.
5 | # For more details, read the following article on GitHub: https://help.github.com/articles/about-codeowners/.
6 |
7 | # These are the default owners for the whole content of this repository. The default owners are automatically added as reviewers when you open a pull request, unless different owners are specified in the file.
8 | * @eu-digital-green-certificates/dgca-verifier-service-members
9 |
--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
1 |
2 | # Contributor Covenant Code of Conduct
3 |
4 | ## Our Pledge
5 |
6 | We as members, contributors, and leaders pledge to make participation in our
7 | community a harassment-free experience for everyone, regardless of age, body
8 | size, visible or invisible disability, ethnicity, sex characteristics, gender
9 | identity and expression, level of experience, education, socio-economic status,
10 | nationality, personal appearance, race, religion, or sexual identity
11 | and orientation.
12 |
13 | We pledge to act and interact in ways that contribute to an open, welcoming,
14 | diverse, inclusive, and healthy community.
15 |
16 | ## Our Standards
17 |
18 | Examples of behavior that contributes to a positive environment for our
19 | community include:
20 |
21 | * Demonstrating empathy and kindness toward other people
22 | * Being respectful of differing opinions, viewpoints, and experiences
23 | * Giving and gracefully accepting constructive feedback
24 | * Accepting responsibility and apologizing to those affected by our mistakes,
25 | and learning from the experience
26 | * Focusing on what is best not just for us as individuals, but for the
27 | overall community
28 |
29 | Examples of unacceptable behavior include:
30 |
31 | * The use of sexualized language or imagery, and sexual attention or
32 | advances of any kind
33 | * Trolling, insulting or derogatory comments, and personal or political attacks
34 | * Public or private harassment
35 | * Publishing others' private information, such as a physical or email
36 | address, without their explicit permission
37 | * Other conduct which could reasonably be considered inappropriate in a
38 | professional setting
39 |
40 | ## Enforcement Responsibilities
41 |
42 | Community leaders are responsible for clarifying and enforcing our standards of
43 | acceptable behavior and will take appropriate and fair corrective action in
44 | response to any behavior that they deem inappropriate, threatening, offensive,
45 | or harmful.
46 |
47 | Community leaders have the right and responsibility to remove, edit, or reject
48 | comments, commits, code, wiki edits, issues, and other contributions that are
49 | not aligned to this Code of Conduct, and will communicate reasons for moderation
50 | decisions when appropriate.
51 |
52 | ## Scope
53 |
54 | This Code of Conduct applies within all community spaces, and also applies when
55 | an individual is officially representing the community in public spaces.
56 | Examples of representing our community include using an official e-mail address,
57 | posting via an official social media account, or acting as an appointed
58 | representative at an online or offline event.
59 |
60 | ## Enforcement
61 |
62 | Instances of abusive, harassing, or otherwise unacceptable behavior may be
63 | reported to the community leaders responsible for enforcement at
64 | [opensource@telekom.de](mailto:opensource@telekom.de).
65 | All complaints will be reviewed and investigated promptly and fairly.
66 |
67 | All community leaders are obligated to respect the privacy and security of the
68 | reporter of any incident.
69 |
70 | ## Enforcement Guidelines
71 |
72 | Community leaders will follow these Community Impact Guidelines in determining
73 | the consequences for any action they deem in violation of this Code of Conduct:
74 |
75 | ### 1. Correction
76 |
77 | **Community Impact**: Use of inappropriate language or other behavior deemed
78 | unprofessional or unwelcome in the community.
79 |
80 | **Consequence**: A private, written warning from community leaders, providing
81 | clarity around the nature of the violation and an explanation of why the
82 | behavior was inappropriate. A public apology may be requested.
83 |
84 | ### 2. Warning
85 |
86 | **Community Impact**: A violation through a single incident or series
87 | of actions.
88 |
89 | **Consequence**: A warning with consequences for continued behavior. No
90 | interaction with the people involved, including unsolicited interaction with
91 | those enforcing the Code of Conduct, for a specified period of time. This
92 | includes avoiding interactions in community spaces as well as external channels
93 | like social media. Violating these terms may lead to a temporary or
94 | permanent ban.
95 |
96 | ### 3. Temporary Ban
97 |
98 | **Community Impact**: A serious violation of community standards, including
99 | sustained inappropriate behavior.
100 |
101 | **Consequence**: A temporary ban from any sort of interaction or public
102 | communication with the community for a specified period of time. No public or
103 | private interaction with the people involved, including unsolicited interaction
104 | with those enforcing the Code of Conduct, is allowed during this period.
105 | Violating these terms may lead to a permanent ban.
106 |
107 | ### 4. Permanent Ban
108 |
109 | **Community Impact**: Demonstrating a pattern of violation of community
110 | standards, including sustained inappropriate behavior, harassment of an
111 | individual, or aggression toward or disparagement of classes of individuals.
112 |
113 | **Consequence**: A permanent ban from any sort of public interaction within
114 | the community.
115 |
116 | ## Attribution
117 |
118 | This Code of Conduct is adapted from the [Contributor Covenant][homepage],
119 | version 2.0, available at
120 | https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
121 |
122 | Community Impact Guidelines were inspired by [Mozilla's code of conduct
123 | enforcement ladder](https://github.com/mozilla/diversity).
124 |
125 | [homepage]: https://www.contributor-covenant.org
126 |
127 | For answers to common questions about this code of conduct, see the FAQ at
128 | https://www.contributor-covenant.org/faq. Translations are available at
129 | https://www.contributor-covenant.org/translations.
130 |
131 |
--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | # Contributing
2 |
3 | ## Code of conduct
4 |
5 | All members of the project community must abide by the [Contributor Covenant, version 2.0](CODE_OF_CONDUCT.md).
6 | Only by respecting each other can we develop a productive, collaborative community.
7 | Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting [opensource@telekom.de](mailto:opensource@telekom.de) and/or a project maintainer.
8 |
9 | We appreciate your courtesy of avoiding political questions here. Issues which are not related to the project itself will be closed by our community managers.
10 |
11 | ## Engaging in our project
12 |
13 | We use GitHub to manage reviews of pull requests.
14 |
15 | * If you are a new contributor, see: [Steps to Contribute](#steps-to-contribute)
16 |
17 | * If you have a trivial fix or improvement, go ahead and create a pull request, addressing (with `@...`) a suitable maintainer of this repository (see [CODEOWNERS](CODEOWNERS) of the repository you want to contribute to) in the description of the pull request.
18 |
19 | * If you plan to do something more involved, please reach out to us and send an [email](mailto:opensource@telekom.de). This will avoid unnecessary work and surely give you and us a good deal of inspiration.
20 |
21 | * Relevant coding style guidelines are available in the respective sub-repositories as they are programming language-dependent.
22 |
23 | ## Steps to Contribute
24 |
25 | Should you wish to work on an issue, please claim it first by commenting on the GitHub issue that you want to work on. This is to prevent duplicated efforts from other contributors on the same issue.
26 |
27 | If you have questions about one of the issues, please comment on them, and one of the maintainers will clarify.
28 |
29 | We kindly ask you to follow the [Pull Request Checklist](#Pull-Request-Checklist) to ensure reviews can happen accordingly.
30 |
31 | ## Contributing Code
32 |
33 | You are welcome to contribute code in order to fix a bug or to implement a new feature.
34 |
35 | The following rule governs code contributions:
36 |
37 | * Contributions must be licensed under the [Apache 2.0 License](./LICENSE)
38 | * Newly created files must be opened by an instantiated version of the file 'templates/file-header.txt'
39 | * At least if you add a new file to the repository, add your name into the contributor section of the file NOTICE (please respect the preset entry structure)
40 |
41 | ## Contributing Documentation
42 |
43 | You are welcome to contribute documentation to the project.
44 |
45 | The following rule governs documentation contributions:
46 |
47 | * Contributions must be licensed under the same license as code, the [Apache 2.0 License](./LICENSE)
48 |
49 | ## Pull Request Checklist
50 |
51 | * Branch from the main branch and, if needed, rebase to the current main branch before submitting your pull request. If it doesn't merge cleanly with main you may be asked to rebase your changes.
52 |
53 | * Commits should be as small as possible while ensuring that each commit is correct independently (i.e., each commit should compile and pass tests).
54 |
55 | * Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests. If tested manually, provide information about the test scope in the PR description (e.g. “Test passed: Upgrade version from 0.42 to 0.42.23.”).
56 |
57 | * Create _Work In Progress [WIP]_ pull requests only if you need clarification or an explicit review before you can continue your work item.
58 |
59 | * If your patch is not getting reviewed or you need a specific person to review it, you can @-reply a reviewer asking for a review in the pull request or a comment, or you can ask for a review by contacting us via [email](mailto:opensource@telekom.de).
60 |
61 | * Post review:
62 | * If a review requires you to change your commit(s), please test the changes again.
63 | * Amend the affected commit(s) and force push onto your branch.
64 | * Set respective comments in your GitHub review to resolved.
65 | * Create a general PR comment to notify the reviewers that your amendments are ready for another round of review.
66 |
67 | ## Issues and Planning
68 |
69 | * We use GitHub issues to track bugs and enhancement requests.
70 |
71 | * Please provide as much context as possible when you open an issue. The information you provide must be comprehensive enough to reproduce that issue for the assignee. Therefore, contributors may use but aren't restricted to the issue template provided by the project maintainers.
72 |
73 | * When creating an issue, try using one of our issue templates which already contain some guidelines on which content is expected to process the issue most efficiently. If no template applies, you can of course also create an issue from scratch.
74 |
75 | * Please apply one or more applicable [labels](/../../labels) to your issue so that all community members are able to cluster the issues better.
76 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM adoptopenjdk:11-jre-hotspot
2 | COPY ./target/*.jar /app/app.jar
3 | WORKDIR /app
4 | ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -Djava.security.egd=file:/dev/./urandom -jar ./app.jar" ]
5 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "[]"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright [yyyy] [name of copyright owner]
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/NOTICE:
--------------------------------------------------------------------------------
1 | Copyright (c) 2021 T-Systems International GmbH and all other contributors.
2 |
3 | This project is licensed under Apache License, Version 2.0;
4 | you may not use them except in compliance with the License.
5 |
6 | Contributors:
7 | -------------
8 |
9 | Daniel Eder [daniel-eder], T-Mobile International Austria GmbH
10 | Andreas Scheibal [ascheibal], T-Systems International GmbH
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 | EU Digital COVID Certificate Verifier Service
3 |
20 |
21 | ## About
22 |
23 | This repository contains the source code of the Digital Green Certificates Verifier Service.
24 |
25 | The DGC Verifier Service is part of the national backends and caches the public keys that are distributed through the [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway). It is accessed by the DGC Verifier Apps ([Android](https://github.com/eu-digital-green-certificates/dgca-verifier-app-android), [iOS](https://github.com/eu-digital-green-certificates/dgca-verifier-app-ios)) to update the key store periodically.
26 |
27 | ## Development
28 |
29 | **Note:** The verifier service needs a connection to the gateway in order to run. There is no standalone version available.
30 |
31 | ### Prerequisites
32 |
33 | - [Open JDK 11](https://openjdk.java.net)
34 | - [Maven](https://maven.apache.org)
35 | - [Docker](https://www.docker.com)
36 | - An installation of the [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway)
37 | - Keys to access the [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway) via the
38 | [DGCG Connector](https://github.com/eu-digital-green-certificates/dgc-lib) of the [DGC-lib](https://github.com/eu-digital-green-certificates/dgc-lib)
39 | - Authenticate to [Github Packages](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)
40 |
41 | #### Needed keys for accessing the DGC Gateway
42 |
43 | For accessing the DGC Gateway via the DGC Connector you need the following keys in place:
44 |
45 | - The public key of the used Gateway. The public key should be stored in the *tls_trust_store*. If you use one of the
46 | provided gateways, you will get the public key as .pem from DIGIT. This .pem needs to be converted into pkcs12 format:
47 | ````
48 | openssl pkcs12 -export -in pub_tls.pem -name trust -out tls_trust_store.p12
49 | ````
50 | - Your key pair for accessing the Gateway stored in *tls_key_store*. This needs to be generated by yourself and then whitelisted by operations team (see [onboarding manual](https://github.com/eu-digital-green-certificates/dgc-participating-countries/blob/main/gateway/OnboardingChecklist.md) of the Gateway). To use it in the verifier service this needs to be converted as well into pkcs12 format:
51 | ````
52 | openssl pkcs12 -export -in tls.pem -inkey tls_private.pem -name 1 -out tls_key_store.p12
53 | ````
54 |
55 | - The public key of the TrustAnchor of the Gateway. If you use one of the provided Gateways you will get it as well, at onboarding. The key should be stored in a jks file.
56 |
57 | For more information on how to generate certificates for DGC Gateway and how to run your own local one, please have a look in the documentation of the [Gateway](https://github.com/eu-digital-green-certificates/dgc-gateway).
58 |
59 | #### Authenticating in to GitHub Packages
60 |
61 | As some of the required libraries (and/or versions are pinned/available only from GitHub Packages) You need to authenticate
62 | to [GitHub Packages](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)
63 | The following steps need to be followed
64 |
65 | - Create [PAT](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) with scopes:
66 | - `read:packages` for downloading packages
67 |
68 | ##### GitHub Maven
69 |
70 | - Copy/Augment `~/.m2/settings.xml` with the contents of `settings.xml` present in this repository
71 | - Replace `${app.packages.username}` with your github username
72 | - Replace `${app.packages.password}` with the generated PAT
73 |
74 | ##### GitHub Docker Registry
75 |
76 | - Run `docker login docker.pkg.github.com/eu-digital-green-certificates` before running further docker commands.
77 | - Use your GitHub username as username
78 | - Use the generated PAT as password
79 |
80 |
81 |
82 | For further information about the keys and certificates needed, please refer to the documentation of the
83 | [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway) and the
84 | [DGC-lib](https://github.com/eu-digital-green-certificates/dgc-lib)
85 |
86 | ### Build
87 |
88 | Whether you cloned or downloaded the 'zipped' sources you will either find the sources in the chosen checkout-directory or get a zip file with the source code, which you can expand to a folder of your choice.
89 |
90 | In either case open a terminal pointing to the directory you put the sources in. The local build process is described afterwards depending on the way you choose.
91 |
92 |
93 | #### Build with maven
94 | Building this project is done with maven.
95 |
96 | * Check [settings.xml](settings.xml) in the root folder of this git repository as example.
97 | Copy the servers to your own `~/.m2/settings.xml` in order to connect the GitHub repositories we use in our code. Provide your GitHub username and access token (see [GitHub Help](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token)) under the variables suggested.
98 |
99 | * Run the following command from the project root folder
100 | ```shell
101 | mvn clean install
102 | ```
103 | All required dependencies will be downloaded, the project build and the artifact stored in your local repository.
104 | #### Run with docker
105 | * Perform maven build as described above
106 | * Place the keys and certificates named [above](#access-keys) into the ***certs*** folder.
107 | * Adjust the values in the [docker-compose.yml](docker-compose.yml) file to fit the url for the gateway you use and
108 | your keys and certificates you have to access it.
109 | ```yaml
110 | - DGC_GATEWAY_CONNECTOR_ENDPOINT=https://dgc-gateway.example.com
111 | - DGC_GATEWAY_CONNECTOR_TLSTRUSTSTORE_PATH=file:/ec/prod/app/san/dgc/tls_trust_store.p12
112 | - DGC_GATEWAY_CONNECTOR_TLSTRUSTSTORE_PASSWORD=dgcg-p4ssw0rd
113 | - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_ALIAS=1
114 | - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_PATH=file:/ec/prod/app/san/dgc/tls_key_store.p12
115 | - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_PASSWORD=dgcg-p4ssw0rd
116 | - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_ALIAS=ta
117 | - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_PATH=file:/ec/prod/app/san/dgc/trust_anchor.jks
118 | - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_PASSWORD=dgcg-p4ssw0rd
119 | ```
120 | ***Note:*** Leave the path as is and only change the file names, as the ***certs*** folder will be mapped to this folder inside the docker container.
121 |
122 | * Run the following command from the project root folder
123 |
124 | ```shell
125 | docker-compose up --build
126 | ```
127 |
128 | After all containers have started, you will be able to reach the service on your [local machine](http://localhost:8080/api/docs) under port 8080.
129 |
130 | ## Documentation
131 |
132 | [OpenAPI Spec](https://eu-digital-green-certificates.github.io/dgca-verifier-service/)
133 |
134 | [Service description](./docs/dgca-verifier-service.md)
135 |
136 |
137 | ## Support and feedback
138 |
139 | The following channels are available for discussions, feedback, and support requests:
140 |
141 | | Type | Channel |
142 | | ------------------------ | ------------------------------------------------------ |
143 | | **Issues** | |
144 | | **Other requests** | |
145 |
146 | ## How to contribute
147 |
148 | Contribution and feedback is encouraged and always welcome. For more information about how to contribute, the project structure, as well as additional contribution information, see our [Contribution Guidelines](./CONTRIBUTING.md). By participating in this project, you agree to abide by its [Code of Conduct](./CODE_OF_CONDUCT.md) at all times.
149 |
150 | ## Contributors
151 |
152 | Our commitment to open source means that we are enabling -in fact encouraging- all interested parties to contribute and become part of its developer community.
153 |
154 | ## Licensing
155 |
156 | Copyright (C) 2021 T-Systems International GmbH and all other contributors
157 |
158 | Licensed under the **Apache License, Version 2.0** (the "License"); you may not use this file except in compliance with the License.
159 |
160 | You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0.
161 |
162 | Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the [LICENSE](./LICENSE) for the specific language governing permissions and limitations under the License.
163 |
--------------------------------------------------------------------------------
/certs/PlaceYourGatewayAccessKeysHere.md:
--------------------------------------------------------------------------------
1 | ### Note:
2 |
3 | If you want to run the verifier service via the given docker-compose file, place your keys to access the
4 | [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway) in this folder and adjust the file names
5 | in the [docker-compose.yml](../docker-compose.yml) file.
6 |
7 | Further information can be found in the [README](../README.md)
8 |
--------------------------------------------------------------------------------
/codestyle/checkstyle.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
52 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
69 |
70 |
71 |
73 |
74 |
75 |
81 |
82 |
83 |
84 |
87 |
88 |
89 |
90 |
91 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
109 |
111 |
113 |
114 |
115 |
116 |
117 |
118 |
119 |
120 |
121 |
122 |
125 |
126 |
127 |
128 |
129 |
130 |
131 |
132 |
133 |
134 |
135 |
136 |
137 |
138 |
139 |
140 |
141 |
142 |
143 |
144 |
145 |
146 |
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
158 |
159 |
160 |
161 |
163 |
164 |
165 |
166 |
168 |
169 |
170 |
171 |
173 |
174 |
175 |
176 |
178 |
179 |
180 |
181 |
183 |
184 |
185 |
186 |
188 |
189 |
190 |
191 |
193 |
194 |
195 |
196 |
198 |
199 |
200 |
201 |
203 |
204 |
205 |
206 |
208 |
210 |
212 |
214 |
215 |
216 |
217 |
218 |
219 |
220 |
221 |
222 |
223 |
224 |
225 |
226 |
229 |
230 |
231 |
232 |
233 |
234 |
235 |
236 |
237 |
238 |
239 |
242 |
243 |
244 |
246 |
247 |
248 |
249 |
254 |
255 |
256 |
257 |
260 |
261 |
262 |
263 |
265 |
266 |
267 |
268 |
269 |
270 |
271 |
272 |
273 |
274 |
275 |
277 |
278 |
279 |
280 |
281 |
283 |
284 |
285 |
286 |
287 |
288 |
289 |
290 |
291 |
292 |
293 |
294 |
295 |
296 |
297 |
298 |
299 |
301 |
302 |
303 |
304 |
305 |
306 |
307 |
308 |
309 |
310 |
311 |
312 |
313 |
315 |
316 |
317 |
318 |
--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 |
3 | services:
4 | postgres:
5 | image: library/postgres:9.6
6 | container_name: dgc-verifier-service-postgres
7 | ports:
8 | - 5432:5432
9 | environment:
10 | POSTGRES_DB: postgres
11 | POSTGRES_USER: postgres
12 | POSTGRES_PASSWORD: postgres
13 | restart: unless-stopped
14 | networks:
15 | persistence:
16 |
17 | backend:
18 | build: .
19 | image: eu-digital-green-certificates/dgc-verifier-service
20 | container_name: dgc-verifier-service
21 | ports:
22 | - 8080:8080
23 | volumes:
24 | - ./certs:/ec/prod/app/san/dgc
25 | environment:
26 | - SERVER_PORT=8080
27 | - SPRING_PROFILES_ACTIVE=cloud
28 | - SPRING_DATASOURCE_URL=jdbc:postgresql://dgc-verifier-service-postgres:5432/postgres
29 | - SPRING_DATASOURCE_USERNAME=postgres
30 | - SPRING_DATASOURCE_PASSWORD=postgres
31 | - DGC_GATEWAY_CONNECTOR_ENDPOINT=https://dgc-gateway.example.com
32 | - DGC_GATEWAY_CONNECTOR_TLSTRUSTSTORE_PATH=file:/ec/prod/app/san/dgc/tls_trust_store.p12
33 | - DGC_GATEWAY_CONNECTOR_TLSTRUSTSTORE_PASSWORD=dgcg-p4ssw0rd
34 | - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_ALIAS=1
35 | - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_PATH=file:/ec/prod/app/san/dgc/tls_key_store.p12
36 | - DGC_GATEWAY_CONNECTOR_TLSKEYSTORE_PASSWORD=dgcg-p4ssw0rd
37 | - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_ALIAS=ta
38 | - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_PATH=file:/ec/prod/app/san/dgc/trust_anchor.jks
39 | - DGC_GATEWAY_CONNECTOR_TRUSTANCHOR_PASSWORD=dgcg-p4ssw0rd
40 | depends_on:
41 | - postgres
42 | networks:
43 | backend:
44 | persistence:
45 |
46 | networks:
47 | backend:
48 | persistence:
49 |
--------------------------------------------------------------------------------
/docs/dgca-verifier-service.md:
--------------------------------------------------------------------------------
1 | # European Digital Green Certificate Applications
2 | ## DGCA-Verifier-Service
3 |
4 | ### Intention
5 | The DGCA-Verifier-Service provides a template implementation for a member state backend service for a verifier application.
6 |
7 | ### General Overview
8 | A general overview of how the different member state backends work together, can be seen in the following picture.
9 |
10 | 
11 |
12 | As you can see in the picture, each member state backend provides the services for it's own applications (e.g. verifier, issuer and wallet).
13 | The member state synchronises the validation certificates over the [DGCGateway](https://github.com/eu-digital-green-certificates/dgc-gateway).
14 |
15 | ### Purpose and functionality of the DGCA-Verifier-Service
16 | The verifier service basically caches the public keys that are distributed through the [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway) to the member states backends.
17 | The service provides the Trust List of certificates for the verifier apps. The apps can get the list to update their key store via an api.
18 | To have an actual trust list the verifier service periodically polls the [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway)
19 | for the actual trust list.
20 |
21 | In the git repository you will find two implementations of that download functionality:
22 |
23 | - The first one ([SignerCertificateDownloadServiceImpl](../src/main/java/eu/europa/ec/dgc/verifier/service/SignerCertificateDownloadServiceImpl.java)) implements the common access two the Digital Green Certificate Gateway via the [DGC-lib](https://github.com/eu-digital-green-certificates/dgc-lib).
24 | The DGC-lib provides a download connector, which handles the download and check of the certificates from the Digital Green Certificate Gateway.
25 |
26 |
27 | - The second one ([SignerCertificateDownloadBtpServiceImpl](../src/main/java/eu/europa/ec/dgc/verifier/service/SignerCertificateDownloadBtpServiceImpl.java)) is a demo implementation to connect to the Digital Green Certificate Gateway on SAP's Business Technology Plattform.
28 | This implementation serves as a reference where you already have an endpoint to the gateway provided by your runtime environment and using the connector from the dgc-lib on top would be superfluous. In this case the endpoint is fully configured via the destination API
29 | available on BTP and the checks of the downloaded certificates must be done by the service.
30 |
31 |
32 | In both cases the downloaded keys were stored in a postgres db and revoked keys were removed from it. The keys can than be requested by the verifier apps using the api described in the next section.
33 |
34 |
35 |
36 | ### API documentation
37 |
38 | The api is described with [OpenApi v3](https://swagger.io). You can access the API documentation in your web browser, when you run the service :
39 |
40 | /swagger
41 |
42 | Which results in the following URL on your local machine:
43 | http://localhost:8080/swagger
44 |
45 | From the latest release you can see the OpenApi doc online here: [OpenAPI Spec](https://eu-digital-green-certificates.github.io/dgca-verifier-service/)
46 |
47 | It is also possible to download the OpenApi file in json format from the latest release:
48 | * [openapi.json](https://github.com/eu-digital-green-certificates/dgca-verifier-service/releases/latest/download/openapi.json)
49 |
50 | You can than put the file in the openapi viewer of your choice. ([editor.swagger.io](https://editor.swagger.io) for example)
51 |
52 |
53 | ### Further Information
54 | Further information can be found at [ec.europa.eu/health](https://ec.europa.eu/health/ehealth/covid-19_en)
55 | Especially at [Volume 4: Digital Green Certificate Applications](https://ec.europa.eu/health/sites/default/files/ehealth/docs/digital-green-certificates_v4_en.pdf)
56 | And the github repository of the [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway)
57 |
--------------------------------------------------------------------------------
/docs/dgca_overview.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/eu-digital-green-certificates/dgca-verifier-service/1db7757d0be20d5e0a48bdfe50b2c6af97b533a2/docs/dgca_overview.png
--------------------------------------------------------------------------------
/owasp/suppressions.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | see https://github.com/jeremylong/DependencyCheck/issues/1827>
5 | CVE-2018-1258
6 |
7 |
8 | see https://github.com/jeremylong/DependencyCheck/issues/2952
9 | CVE-2011-2732
10 | CVE-2011-2731
11 | CVE-2012-5055
12 |
13 |
14 | see https://tomcat.apache.org/security-9.html#Apache_Tomcat_9.x_vulnerabilities vulnerability is fixed in tomcat 9.0.38
15 | CVE-2020-13943
16 |
17 |
18 |
19 |
20 | da214a6f44ee5811c97f3b53a6dda31edf25ac9e
21 | CVE-2016-9878
22 | CVE-2018-1270
23 | CVE-2018-1271
24 | CVE-2018-1272
25 | CVE-2020-5421
26 |
27 |
28 |
29 | CVE-2021-22118
30 |
31 |
32 | H2 is only used for Unit Testing. Version 2.x includes major breaking changes.
33 | CVE-2021-23463
34 | CVE-2018-14335
35 | CVE-2022-45868
36 |
37 |
38 | No fix available, still analyzed
39 | CVE-2023-35116
40 |
41 |
42 | False positive, Dependency Updated but still matches for fixed version
43 | CVE-2022-45688
44 |
45 |
46 |
--------------------------------------------------------------------------------
/settings.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | false
5 |
6 |
7 | dgc-github
8 | ${app.packages.username}
9 | ${app.packages.password}
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/src/main/java/eu/europa/ec/dgc/verifier/DgcVerifierServiceApplication.java:
--------------------------------------------------------------------------------
1 | /*-
2 | * ---license-start
3 | * eu-digital-green-certificates / dgca-verifier-service
4 | * ---
5 | * Copyright (C) 2021 T-Systems International GmbH and all other contributors
6 | * ---
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | * ---license-end
19 | */
20 |
21 | package eu.europa.ec.dgc.verifier;
22 |
23 | import eu.europa.ec.dgc.verifier.config.DgcConfigProperties;
24 | import org.springframework.boot.SpringApplication;
25 | import org.springframework.boot.autoconfigure.SpringBootApplication;
26 | import org.springframework.boot.context.properties.EnableConfigurationProperties;
27 | import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
28 |
29 | /**
30 | * The Application class.
31 | */
32 | @SpringBootApplication
33 | @EnableConfigurationProperties(DgcConfigProperties.class)
34 | public class DgcVerifierServiceApplication extends SpringBootServletInitializer {
35 |
36 | /**
37 | * The main Method.
38 | *
39 | * @param args the args for the main method
40 | */
41 | public static void main(String[] args) {
42 | SpringApplication.run(DgcVerifierServiceApplication.class, args);
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/src/main/java/eu/europa/ec/dgc/verifier/config/DgcConfigProperties.java:
--------------------------------------------------------------------------------
1 | /*-
2 | * ---license-start
3 | * eu-digital-green-certificates / dgca-verifier-service
4 | * ---
5 | * Copyright (C) 2021 T-Systems International GmbH and all other contributors
6 | * ---
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | * ---license-end
19 | */
20 |
21 | package eu.europa.ec.dgc.verifier.config;
22 |
23 | import lombok.Getter;
24 | import lombok.Setter;
25 | import org.springframework.boot.context.properties.ConfigurationProperties;
26 |
27 | @Getter
28 | @Setter
29 | @ConfigurationProperties("dgc")
30 | public class DgcConfigProperties {
31 |
32 | private final CertificatesDownloader certificatesDownloader = new CertificatesDownloader();
33 |
34 | private final TrustedIssuerDownloader trustedIssuerDownloader = new TrustedIssuerDownloader();
35 |
36 | private String context = "";
37 |
38 | @Getter
39 | @Setter
40 | public static class CertificatesDownloader {
41 | private Integer timeInterval;
42 | private Integer lockLimit;
43 | }
44 |
45 | @Getter
46 | @Setter
47 | public static class TrustedIssuerDownloader {
48 | private boolean enabled;
49 | private Integer timeInterval;
50 | private Integer lockLimit;
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/src/main/java/eu/europa/ec/dgc/verifier/config/ErrorHandler.java:
--------------------------------------------------------------------------------
1 | /*-
2 | * ---license-start
3 | * eu-digital-green-certificates / dgca-verifier-service
4 | * ---
5 | * Copyright (C) 2021 T-Systems International GmbH and all other contributors
6 | * ---
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | * ---license-end
19 | */
20 |
21 | package eu.europa.ec.dgc.verifier.config;
22 |
23 | import eu.europa.ec.dgc.verifier.exception.BadRequestException;
24 | import eu.europa.ec.dgc.verifier.restapi.dto.ProblemReportDto;
25 | import lombok.RequiredArgsConstructor;
26 | import lombok.extern.slf4j.Slf4j;
27 | import org.springframework.context.annotation.Configuration;
28 | import org.springframework.http.HttpStatus;
29 | import org.springframework.http.MediaType;
30 | import org.springframework.http.ResponseEntity;
31 | import org.springframework.web.bind.annotation.ControllerAdvice;
32 | import org.springframework.web.bind.annotation.ExceptionHandler;
33 | import org.springframework.web.server.ResponseStatusException;
34 | import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
35 |
36 | @ControllerAdvice
37 | @Configuration
38 | @RequiredArgsConstructor
39 | @Slf4j
40 | public class ErrorHandler extends ResponseEntityExceptionHandler {
41 |
42 | /**
43 | * Handles {@link BadRequestException} when a validation failed.
44 | *
45 | * @param e the thrown {@link BadRequestException}
46 | * @return A ResponseEntity with a ErrorMessage inside.
47 | */
48 | @ExceptionHandler(BadRequestException.class)
49 | public ResponseEntity
7 | 
8 | 
9 | 
|
145 |
146 | ## How to contribute
147 |
148 | Contribution and feedback is encouraged and always welcome. For more information about how to contribute, the project structure, as well as additional contribution information, see our [Contribution Guidelines](./CONTRIBUTING.md). By participating in this project, you agree to abide by its [Code of Conduct](./CODE_OF_CONDUCT.md) at all times.
149 |
150 | ## Contributors
151 |
152 | Our commitment to open source means that we are enabling -in fact encouraging- all interested parties to contribute and become part of its developer community.
153 |
154 | ## Licensing
155 |
156 | Copyright (C) 2021 T-Systems International GmbH and all other contributors
157 |
158 | Licensed under the **Apache License, Version 2.0** (the "License"); you may not use this file except in compliance with the License.
159 |
160 | You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0.
161 |
162 | Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the [LICENSE](./LICENSE) for the specific language governing permissions and limitations under the License.
163 |
--------------------------------------------------------------------------------
/certs/PlaceYourGatewayAccessKeysHere.md:
--------------------------------------------------------------------------------
1 | ### Note:
2 |
3 | If you want to run the verifier service via the given docker-compose file, place your keys to access the
4 | [DGCG](https://github.com/eu-digital-green-certificates/dgc-gateway) in this folder and adjust the file names
5 | in the [docker-compose.yml](../docker-compose.yml) file.
6 |
7 | Further information can be found in the [README](../README.md)
8 |
--------------------------------------------------------------------------------
/codestyle/checkstyle.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
15 |
16 |