Skip to content

Support repository for w3c/automotive-viss2. Deployment of a web application based in java that will act as interface between the user and AGT / AT configuration API. User API to make AGT/AT/Viss Servers Requests will soon be implemented.

License

Notifications You must be signed in to change notification settings

josesnchz/viss-manager

Repository files navigation

VISS - MANAGER

Support repository for josesnchz/WAII. (Repository that implements authorization, authentification and other security concepts to w3c/automotive-viss2). This repository consists on a HTML Web application using javascript and golang that can be used to make AGT, AT and Data Requests. The future configuration API for AGT and AT (still on implementation phase) will also be here.

Prerequisites and building

GO version 1.17 is required, since some modules related to crypto are written in go, then compiled to WASM. Since module compilation is required, a script that automatically compiles all modules is given. TLS communication between the web app and VISS servers must be used, although it is not already being used. It will be supported and implemented in future versions.

VISS server, AGT server and AT server must be launched along with the web client. Their IPs and ports must be set in each HTML file, inside the script containing the URL. These servers must be launched after cloning the repository josesnchz/WAII and following the steps provided in it.

A script is (will be) provided to automatically build the files provided and run the webserver. After using the script, client can be used visiting localhost:8080 in any browser supporting localStorage because Keys Generated and Tokens received are stored in the browser. In case the script is used, it is required to have screen installed, it can be downloaded and installed from the official repository.

# get screen
$sudo apt install screen
# compile files and start the webserver
$./viss-manager -run
# stop the webserver
$./viss-manager -stop

The client implements dynamic selection for the purpose of the AT request and the path of the VISS data request. Both of them depends on these files:

specs/purposelist.json
specs/vsspathlist.json

Purpose list is generated by the ecosystem manager, and it is used by the AT Server to provide Access Tokens depending on the AGT claims. VSS Path list is generated by the being read by VISSv2 server at startup, and it contains the data tree of the system. Both of them are imported from the w3c/automotive-viss2 repository. New files can be generated following the rules specified in that repository.

Although it is possible to start the system automatically using the script provided, modules can be compiled separately and launched manually. Go module must be compiled using GOARCH="wasm" and GOOS = "js". The main go implementation is in the file "scripts/go/gofuncs.go", which must be compiled to "scripts/go/golib.wasm".

$ GOARCH="wasm" GOOS="js" go build -o scripts/go/golib.wasm scripts/go/gofuncs.go

A very basic file server is required to run the web app. File server.go is provided for that purpose. It can be run using go.

$ go run server.go

After doing that, the web app will be avaliable in http://localhost:8080

Client System Architecture

This project demonstrates the authentication, authorization and data access flow described in VISSv2 protocol. AGT, AT and VISSv2 requests are therefore supported.

MAIN PAGE

The client holds a keypair, which is used to sign the Proofs of Possession made to each of the servers. Two types of keys are supported: RSA 2048 bits and Elliptic Curve P-256. These can be generated by the system or imported from a file. Since this client is for demonstration purposes, keys are plain-text saved inside localStorage, altough in a short time, those will be generated using Web Cryptography API and stored using Indexed DB with extractable property disable for security purposes.

AGT-REQUEST

The client is able to make an AGT Request modifying all claims at its will. Those requests that do not follow the specification will be refused. The POP generated in case of use of a private key to sign a POP will be shown, along with the received token and the request body. Those can be pretty-printed or shown as raw data. Received tokens can be saved associated with the ID provided.

AT-REQUEST

The client uses one of the tokens obtained from the AGT server to attest its authorization to access the data. The purposes supported are defined in the purposelist.json file, as described above. The signature (if used) to generate the pop can be overriden or not, along with the claims on it. Received tokens can be saved.

VISSv2 REQUEST

The client uses one of the tokens provided from the AT server to access data. Multiple protocols and methods will be supported. The data requested is selected after parsing the vsspathlist.json file, as descrived above

About

Support repository for w3c/automotive-viss2. Deployment of a web application based in java that will act as interface between the user and AGT / AT configuration API. User API to make AGT/AT/Viss Servers Requests will soon be implemented.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published