Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/gematik/kim-attachment-service

app kim

Last synced: 19 days ago
JSON representation

Host: GitHub
URL: https://github.com/gematik/kim-attachment-service
Owner: gematik
License: other
Created: 2020-12-18T15:56:31.000Z (about 4 years ago)
Default Branch: master
Last Pushed: 2022-03-24T13:37:28.000Z (almost 3 years ago)
Last Synced: 2024-11-08T16:36:07.876Z (2 months ago)
Topics: app, kim
Language: Java
Homepage:
Size: 125 KB
Stars: 2
Watchers: 8
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# KIM-KAS

## Docker

### Build with Spring-Boot

#### Commands

To run the application locally (HTTP only) by its own, run:

$ mvn spring-boot:run

To build the Kas-Dockerimage, run:

$ mvn spring-boot:build-image

To build the image with a proxy, set your proxy in pom.xml under plugins → `spring-boot-maven-plugin`.

#### Need

- Docker installed

- Maven 3.5+ or higher

#### How to use parameters

Parameters can be set by using the `-e =`

Example:

$ docker run --name kas -p 81:8080 -d gematik.kim.kas.maxMailSize=30776 -e kim-kas

## Parameters

**List of parameters:.**

All Parameters start with `gematik.kim.kas.`

PARAMATER_NAME

Description

Default

maxMailSize

Maximal allowed size of an e-mail.
If size is greater than 4G the nginx parameter client_max_body_size must be increased as well.

524288000

storagePath

Path to volume where attachments got stored

./target/storage

logDir

Path to logfile

./target/logs

data_base_location

Path to database storage

./target/db/demo

http-port

Port used by the application

8080

swagger-ui-base-addr

Base URLs used by the swagger ui, separated by a comma

https://localhost:8443,http://localhost:8080

use-first-swagger-base-ui-addr-for-add-attachment

If set to true, the addAttachment method will use the first entry of swagger-ui-base-addr in its answer, otherwise the requesting address or X-Forward header us used

false

cleantime

Scheduled time for cronjob.
The fields read from left to right are interpreted as follows:

Second

Minute

Hour

Day of Month

Month

Day of week

Full documentation here.

0 0 3 * * * (daily at 3 am)

keepIdTime

Time UUI is unique in milliseconds

31536000000 (1 year)

endpoints

All these parameters can be used separately.
To use more than one, provide them comma separated.
The resource can be entered by <host><port>/attachments/v2.2/actuator/<resource_name>

Please do not use this options in productive environment!

httptrace → Showing the http requests and corresponding answers (Just in memory and limited by the capacity)

logfile → Shows the regular logfile

env → Shows all environment variables

scheduledtasks → Shows all configured tasks, and their configuration

mappings → Shows all accessible endpoints

health → Shows status of the server

NONE

http_log_capacity

Amount of saved http requests and responses in memory and displayed by httptrace - endpoint

500

version

Version of the KAS.
This have an effect of the url!

v2.2

kim-am-url

The location of the accountmanager for the basic auth authorization

http://localhost:8082

use-auth-initial

Switch if basicAuth should be used.
This can be switched of via the /switchAuth api for developing reasons

true

## cURL examples

To upload a file **data.file** use the POST method:

$ curl -k -X POST https://localhost:8443/attachments/v2.2/attachment -H "Content-Type: application/octet-stream" --data-binary @data.file
{"Shared-Link":"https://localhost:8443/attachments/v2.2/attachment/469bf002-701f-4362-a9bc-6585c1871250"}

The result of this call can be used to download into the file **download.file**:

$ curl -k -X GET https://localhost:8443/attachments/v2.2/attachmenthttps://localhost:8443/attachments/v2.2/attachment/469bf002-701f-4362-a9bc-6585c1871250 -o download.file

## TLS - Hints

KAS delivers a HTTPS connection with TLS 1.2 and an RSA and brainpool ECC key that are compliment to Gematik specs.

To use modern OpenSSL with the TLS-ECC brainpool, you have explicit use brainpool curve, e.g.:

$ openssl s_client -connect localhost:8443 \
-curves brainpoolP256r1 \
-CAfile GEM.RCA3-TEST-ONLY.pem \
-cert mailuser-ecc.pem \
-key mailuser-ecc.prv.pem

Without a parameter RSA is used, e.g.,

$ openssl s_client -connect localhost:8443 \
-CAfile GEM.RCA2-TEST-ONLY.pem \
-cert mailuser-rsa1.pem \
-key mailuser-rsa1.prv.pem