1.0.0 • Published 4 years ago

identity-namespace-service v1.0.0

Weekly downloads
-
License
ISC
Repository
gitlab
Last release
4 years ago

identity-namespace-service

Summary

The Identity Namespace service is responsible for issuing and keeping track of globaliD names and their associated identities. The following are the key features of the service:

More info on https://global-id.atlassian.net/wiki/spaces/CPL/pages/2785317/Identity+namespace+service

Updating identity Information: https://global-id.atlassian.net/wiki/spaces/CPL/pages/27099143/Updating+Identity+Information

Current service Status

100% coverage for integration tests Some coverage for unit tests

Description

See https://global-id.atlassian.net/wiki/spaces/CPL/pages/2785317/Identity+namespace+service

Service Dependencies

  • MYSQL Database
  • AWS SNS/SQS
  • PROFILE IMAGE VALIDATION SERVICE
  • AUTH SERVICE
  • HYDRA SERVICE
  • OBFUSCATOR SERVICE

Installation instructions

  • Install Dependencies
npm install

Environment variables

  • AUTH_BASE_URL URL for authentication service e.g. http://auth:9290/
  • IDENTITY_IMAGE_MAX_SIZE Maximum file size for identity image uploads
  • IMG_VALIDATION_API_AUTH_TOKEN This is the token that is set in the image validation service to be used by this service to authenticate requests
  • IMG_VALIDATION_API_URL URL for profile image validation service e.g. http://auth:9290/
  • S3_BUCKET_USER_IMAGES This is the bucket to which identity service uploads identity images
  • ATTEMPTS_LIMIT This variable hold the maximum number of identity restore attemps that can be done within a set ATTEMPTS_TIME_LIMIT time limit
  • ATTEMPTS_TIME_LIMIT The window of time during which we calculate the number of maximum attempts
  • UPDATE_IDENTITY_REQUEST_TIMEOUT_MINUTES The minutes that need to pass before we consider an identity update request as expired and therefore rejected
  • LOCALID_PASSWORD_RESET_ATTEMPTS_TIME_PERIOD_MINUTES The minutes that need to pass before another password request attempt can be requested
  • LOCALID_PASSWORD_RESET_MAX_ATTEMPTS The maximum number of reset attempts that can be requested within LOCALID_PASSWORD_RESET_ATTEMPTS_TIME_PERIOD_MINUTES
  • LOCALID_PASSWORD_RESET_ATTEMPTS_TIME_EXPIRATION_MINUTES The minutes until the password attempt request record expire and cannot be used anymore
  • MAX_ACCOUNT_LIMIT The maximum number of globalid accounts that can be associated with a unique identifier (e.g. phone_number)
  • ISSUE_TOKEN_ATTEMPT_LIMIT=3 Max token issue attempts in given time limit
  • ISSUE_TOKEN_ATTEMPT_LOCK_TIME_HOURS=2 Time limit for max token issue attempts
  • ISSUE_TOKEN_ATTEMPT_EXPIRATION_MINUTES=3 Time in which token issue attempt expires

Usage Instructions

  • Linting the project
npm run lint
  • Build project
npm run build
  • use docker-compose-example.yml in order to know which dependencies are required .
docker-compose -f docker-compose.example.yml up
  • Copy .env.example to .env and make sure the mandatory variables are set
  • Setup mock aws services
      awslocal s3api create-bucket --bucket dev-bucket
  awslocal s3api create-bucket --bucket dev-bucket-attestations
  awslocal s3api create-bucket --bucket dev-bucket-vault
  awslocal s3api create-bucket --bucket globalid.net
  awslocal s3api create-bucket --bucket somebucket
  awslocal s3api create-bucket --bucket some-bucket
  • Start service
npm run build
npm run start
  • To run unit test
npm run test:unit
  • To run integration tests
npm run test:e2e

Deployment instructions

Automatically deployed using configuration inside chart/ folder

Documentation Links

https://global-id.atlassian.net/wiki/spaces/CPL/pages/2785317/Identity+namespace+service

Notes

None yet

Monitoring, Logging and Dashboards links

Monitoring events and links to dashboards

Administration options

Topics, Queues and events triggered by the service

  • NAMESPACE_IDENTITY_RELEASED This event is triggered whenever an identity gets released

  • IDENTITY_REVOKE: This event is triggered whenever an identity gets revoked

  • IDENTITY_RESTORE: This event is triggered whenever an identity gets restored

  • IDENTITY_UPDATE_REQUEST This topic event is triggered when a request to be update some of an identity fields has been received
  • IDENTITY_UPDATE This topic event is triggered when some identity fields have been updated
  • TEXT_MODERATION_REQUEST This queue event is triggered when a value needs to be moderated ##Topics and events listened by the service
  • CRON_MINUTE_TICK: Used to do regular cron task on the service
  1. Clean up identities that have abandoned the signup flow after a configured time (REVOKE_SIGNUP_MINUTES)
  2. Revoke abandoned sign ups after REVOKE_SIGNUP_MINUTES
  3. Expire token issue attempts
  • TEXT_MODERATION_RESPONSE Used to do check moderation responses from moderation service
  • LOCALID_PASSWORD_RESET_REQUESTED Used to deliver a localid password reset request to notification service and other service listening

Installation

Installation and running steps 1. npm install 2. docker-compose -f docker-compose.example.yml up 4. cp .env.example .env 5. update .env with correct local variables for dependencies 6. set up local aws services - see usage instructions above 7. npm run build 8. npm run start

##FEATURE FLAGS FEATURE_FLAG_ES - enables ElasticSearch full text searching

@awspilot/dynamodb@globalid/webpurify-connector-types@types/randomstringareacodesattestation-agency-sdkaws-sdk-mockaxiosbcryptbluebirdbody-parsercsvdotenvdynamodb-marshalerfsglobalid-attestation-sdkglobalid-crypto-libraryglobalid-hydra-helpergoogle-libphonenumberjaeger-clientlodashmicro-kit-atlasmomentmysqlopentracingpolly-jsrandom-number-csprngrandomstringrequestrequest-promise-nativesharpuuid
1.0.0

4 years ago