With the release of v3.0.0 we introduce the support of SQLite database context management and offline functionality. This enables the client to be used as application for embedded devices, as well as servers.
Changed:
- configuration changes:
-
renamed configuration parameter for static authentication token
- json:
registerAuth
->staticAuth
- envconfig:
UBIRCH_REGISTERAUTH
->UBIRCH_STATIC_AUTH
- json:
-
setting a static authentication token in the configuration is now optional, but mandatory if at least one of
the following endpoints is enabled -
endpoints that require a static authentication token, i.e. identity registration, CSR creation and key
de-/re-activation, must be enabled explicitly via configuration parameters:- json:
enableRegistrationEndpoint
envconfig:UBIRCH_ENABLE_REGISTRATION_ENDPOINT
(boolean) - json:
enableCSRCreationEndpoint
envconfig:UBIRCH_ENABLE_CSR_CREATION_ENDPOINT
(boolean) - json:
enableDeactivationEndpoint
envconfig:UBIRCH_ENABLE_DEACTIVATION_ENDPOINT
(boolean)
- json:
-
since SQLite database support was added, the configuration parameter for the database DSN was renamed
- json:
postgresDSN
->dbDSN
- envconfig:
UBIRCH_POSTGRES_DSN
->UBIRCH_DB_DSN
- json:
-
the database driver, i.e.
"postgres"
or"sqlite"
, has to be set in the configuration via the following
parameter- json:
dbDriver
envconfig:UBIRCH_DB_DRIVER
(string)
- json:
-
Added:
-
configuration additions:
- individually configurable HTTP client timeouts for requests to upstream servers
-
json:
identityServiceTimeoutMs
envconfig:UBIRCH_IDENTITY_SERVICE_TIMEOUT_MS
(integer) -
json:
authServiceTimeoutMs
envconfig:UBIRCH_AUTH_SERVICE_TIMEOUT_MS
(integer) -
json:
verifyServiceTimeoutMs
envconfig:UBIRCH_VERIFY_SERVICE_TIMEOUT_MS
(integer) -
json:
verificationTimeoutMs
envconfig:UBIRCH_VERIFICATION_TIMEOUT_MS
(integer) -
if timeout values are not set in the configuration, the following default values will be used
defaultIdentityServiceTimeoutMs = 10_000 defaultAuthServiceTimeoutMs = 2_000 defaultVerifyServiceTimeoutMs = 600 defaultVerificationTimeoutMs = 2_000
-
- individually configurable HTTP client timeouts for requests to upstream servers
-
API additions
-
endpoints for offline signing and verification functionality
/${uuid}/offline
- Offline Sealing Hashes (chained) - original data/${uuid}/offline/hash
- Offline Sealing Hashes (chained) - hash/${uuid}/anchor/offline
- Offline Sealing Hashes (no chain) - original data/${uuid}/anchor/offline/hash
- Offline Sealing Hashes (no chain) - hash/verify/offline
- Offline Verification - original data/verify/offline/hash
- Offline Verification - hash
added support for persistent storage of external identities in order to verify UPPs in offline mode without need
of retrieving public key from UBIRCH identity service
-
-
other
- context migration from legacy context files to SQLite or postgres database
- migration can be initiated by passing command-line flag
--migrate
- after successful migration, the process will exit with status
0
, otherwise1
.
- migration can be initiated by passing command-line flag
- context migration from legacy context files to SQLite or postgres database
Removed:
- deprecated support of database schema migration for postgres