Giter Club home page Giter Club logo

keyworker-service's Introduction

keyworker-service

OMIC Keyworker Service

Env Variables:

      SERVER_PORT=8081
      SPRING_PROFILES_ACTIVE=dev
      API_GATEWAY_TOKEN=***
      API_GATEWAY_PRIVATE_KEY=***
      USE_API_GATEWAY_AUTH=false
      JWT_PUBLIC_KEY=secret
      ELITE2_URI_ROOT=http://localhost:8080
      QUARTZ_ENABLED=false
      DEALLOCATION_JOB_CRON=0 15 09 ? * *
      API_KEYWORKER_INITIAL_DEALLOCATE_THRESHOLD=2018-04-01T12:00
      ELITE2API_CLIENT_CLIENTSECRET=**

Setting secrets

The token is sent to you after submitting the client.pub file to the https://nomis-api-access.service.justice.gov.uk site

openssl ecparam -name prime256v1 -genkey -noout -out client.key
openssl ec -in client.key -pubout -out client.pub
openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in client.key -out client.pkcs8.key

API_GATEWAY_PRIVATE_KEY is the output in client.pkcs8.key with the -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY----- removed

JWT_PUBLIC_KEY is generated from:-

keytool -list -rfc --keystore elite2api.jks | openssl x509 -inform pem -pubkey -noout | base64

elite2api.jks is the pub/private key pair that elite2-api holds.

Other Variables

####QUARTZ_ENABLED Switch running batch processes on or off ####DEALLOCATION_JOB_CRON Defines when the deallocation job runs. Can be as often as desired provided there isnt a significant load on NOMIS. ####API_KEYWORKER_INITIAL_DEALLOCATE_THRESHOLD The earliest date the deallocate batch job needs to go back to, e.g. migration time of the earliest prison. This is used when there is no previous batch run timestamp available. ####ELITE2API_CLIENT_CLIENTSECRET The secret for the "omicadmin" oauth2 client id.

To build:

./gradlew build

To Run:

docker-compose up

Running against local postgres docker:

Run the postgres docker image:

docker run --name=keyworker-postgres -e POSTGRES_PASSWORD=password -p5432:5432 -d postgres

Run spring boot with the the postgres spring profile

Connecting to Dev / Stage keyworker RDS DB instances

The RDS DB required SSL mode to connect therefore add sslmode=verify-full to the end of the JDBC URL

In addition you will need to add the root Amazon CA certificate

mkdir ~/.postgresql
curl https://s3.amazonaws.com/rds-downloads/rds-ca-2015-root.pem > ~/.postgresql/root.crt

keyworker-service's People

Contributors

mjwillis avatar lbennett-moj avatar steverendell avatar bell-pa avatar jamiedraperuk avatar glenjamin avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.