src | ||
.babelrc | ||
.eslintrc.json | ||
.gitignore | ||
jest.config.js | ||
LICENSE | ||
package-lock.json | ||
package.json | ||
README.md | ||
tsconfig.json |
DGCServerVerifier
what is it?
This web server takes a post request on /api/green with a json object as body.
Verifies if the data are correct:
- Downloads the last rules released on https://get.dgc.gov.it/v1/dgc/settings
- Downloads the valid keys on https://get.dgc.gov.it/v1/dgc/signercertificate/status and https://get.dgc.gov.it/v1/dgc/signercertificate/update.
- Verifies that the certificate is correctly encoded, as per standard.
- Verifies signature on the certificate is still valid as the day of the request.
- Verifies that DGC provided is still valid as today using the setting in the first point.
how does it work?
To perform a request to the endpoint, preferably behind a reverse proxy in HTTPS, you should build a JSON object with this structure:
{key:'HC1:6BFOXN%TS3DHPVO13J /G-/2YRVA.Q/R8VRU2FC1J9M$DI9C3K9$:L44HRJPC%OQHIZC4.OI1RM8ZA.A5:S9MKN4NN3F85QNCY0O%0VZ001HOC9JU0D0HT0HB2PL/IB*09B9LW4T*8+DC9I0%YB/VM$*SBAKYE9*FJ7ID$0HY84Q:GY3LV2LW 2C0IO$571IL+9J2P6%24.8P+5E/HW.CV2L%3L%*8PHN6D7LLK*2HG%89UV-0LZ 2ZJJ %C4IJZJJBY43%8 C1VHLEC78G1TFHM*K2ILS-O:S9UZ4+FJE 4Y3LO78L:P...ecc'}
The string is the raw value read from a QR code reader app.
what does it returns?
When the request is complete, the server returns a JSON object with this structure:
{
"signature": {
"valid": true,
},
"valid": {
"valid": true,
"message": "Certificate is valid"
}
}
third party copyright notice
This software uses the library DCC Utils written by ministero-salute