SID MOCK

January 19, 2024 ยท View on GitHub

Docker Image CI Run tests

Java application to act as local replacement for SID DEMO. Built Docker images are pushed to Docker Hub

Mocked endpoints

  • Certificate choice session
    • POST /smart-id-rp/v2/certificatechoice/etsi/{identifier}
    • POST /smart-id-rp/v2/certificatechoice/document/{documentnumber}
  • Authentication session
    • POST /smart-id-rp/v2/authentication/etsi/{identifier}
    • POST /smart-id-rp/v2/authentication/document/{documentnumber}
  • Signing session
    • POST /smart-id-rp/v2/signature/etsi/{identifier}
    • POST /smart-id-rp/v2/signature/document/{documentnumber}
  • Session status
    • GET /smart-id-rp/v2/session/{sessionId}

Usage

Requirements

  • Docker
  • Docker Compose

Using image from Docker Hub

# running SID mock
docker compose up 
# or
docker compose up sid-mock-service 

MockData (Users)

Predefined accounts list should mostly match SID DEMO test accounts list.

As of 2024.01.18 the accounts list matches SID DEMO test accounts @2024.01.18 with the following exceptions:

  • Additional accounts:
    • Custom (have never existed in SID DEMO):
      • PNOBB-0303039903 (follows Barbados NRN format YYMMDDRRRR)
      • PNOIS-30303039903 (does not follow Icelandic identification number format)
    • Legacy (no longer exist in SID DEMO)
      • PNOEE-39912319997
      • PNOLT-39912319997
      • PNOLV-010404-29990
      • PNOLV-329999-99805
  • Data mismatch:
    • Unlike DEMO, mocks signing certificates don't include users birthdate

All certificates for 'OK' response have been created with document number suffix "MOCK-Q".

OCSP

In order to support OCSP validation every new/updated user certificate needs to be uploaded to: https://demo.sk.ee/upload_cert/index.php

Note: only applies for user certificates with OCSP URL pointing at SK demo.

Configuration

sid-mock:
  delay: 1s
  expiration: 5m
  store-session-init-requests: false
  override-document-number: false
configuration keydescription
sid-mock.delayMinimum how long mock will wait before completing session.
sid-mock.expirationHow long mock will retain a session and its generated response.
sid-mock.store-session-init-requestsWhether mock will store session init request info (how long is defined by expiration key)
sid-mock.override-document-numberApplies to /documentnumber/ endpoints.
If true, mock uses provided document number (with valid format) in response body. Note! this will not change the document number in certificate and therefore creates a mismatch.
If false, mock permits only document numbers ending in "MOCK-Q" (matches embedded certificates).
For other endpoints mock always returns document number with "MOCK-Q" suffix.

In addition, it is possible to edit or override predefined users list and their responses.

For this, there are the following endpoints:

/users/{identifier}

MethodAction
GETGet user.
PUTAdd new user. 500 if user already exists.
POSTEdit existing user.
DELETEDelete existing user.

/users

MethodAction
GETGet all users.
PUTAdd multiple new users. 500 if any duplicates.
POSTEdit multiple users. Add if user doesn't exist.
DELETEDelete multiple users.

/users/reset

MethodAction
GETReset users to predefined list.

Development

Requirements

  • Java 17
  • Redis is running on default port (6379).
    docker run -p 6379:6379 redis 
    

Continuous building during development

./gradlew run -t

Build Docker image locally

  1. Download repo
  2. Build image
# building local SID mock image
docker build -t nortal/sid-mock:latest .
  1. Run image
# running SID mock
docker compose up 
# or
docker compose up sid-mock-service 

Note: docker-compose is using "nortal/sid-mock:latest" as image name

Improvements

Listed under GitHub issues