DGCServerVerifier/README.md

45 lines
1.7 KiB
Markdown
Raw Permalink Normal View History

2021-09-26 18:11:31 +02:00
# DGCServerVerifier
## what is it?
2021-09-26 18:46:21 +02:00
This web server takes a post request on ``/api/green`` with a json object as body.
2021-09-26 18:11:31 +02:00
Verifies if the data are correct:
* Downloads the last rules released on https://get.dgc.gov.it/v1/dgc/settings
* Downloads the valid keys on https://get.dgc.gov.it/v1/dgc/signercertificate/status and https://get.dgc.gov.it/v1/dgc/signercertificate/update.
* Verifies that the certificate is correctly encoded, as per standard.
* Verifies signature on the certificate is still valid as the day of the request.
* Verifies that DGC provided is still valid as today using the setting in the first point.
## how does it work?
To perform a request to the endpoint, preferably behind a reverse proxy in HTTPS, you should
build a JSON object with this structure:
{key:'HC1:6BFOXN%TS3DHPVO13J /G-/2YRVA.Q/R8VRU2FC1J9M$DI9C3K9$:L44HRJPC%OQHIZC4.OI1RM8ZA.A5:S9MKN4NN3F85QNCY0O%0VZ001HOC9JU0D0HT0HB2PL/IB*09B9LW4T*8+DC9I0%YB/VM$*SBAKYE9*FJ7ID$0HY84Q:GY3LV2LW 2C0IO$571IL+9J2P6%24.8P+5E/HW.CV2L%3L%*8PHN6D7LLK*2HG%89UV-0LZ 2ZJJ %C4IJZJJBY43%8 C1VHLEC78G1TFHM*K2ILS-O:S9UZ4+FJE 4Y3LO78L:P...ecc'}
The string is the raw value read from a QR code reader app.
2021-09-26 18:46:21 +02:00
## what does it return?
2021-09-26 18:11:31 +02:00
When the request is complete, the server returns a JSON object with this structure:
{
"signature": {
2021-09-26 20:00:33 +02:00
"valid": true
2021-09-26 18:11:31 +02:00
},
"valid": {
2021-09-26 20:00:33 +02:00
"valid": true,
"message": "Certificate is valid"
2021-09-26 18:46:21 +02:00
},
"info": {
"identity": {
2021-09-26 20:00:33 +02:00
"fnt": "ROSSI",
"fn": "ROSSI",
"gnt": "MARIO",
"gn": "MARIO"
2021-09-26 18:46:21 +02:00
},
"dob": "1973-06-22"
2021-09-26 18:11:31 +02:00
}
}
## third party copyright notice
This software uses the library [DCC Utils](https://github.com/ministero-salute/dcc-utils) written by ministero-salute