Software Components
The GAIA-X-Med architecture is divided into several (primarily web-based) services and user libraries, both adopted from the upstream Gaia-X implementations as well as components developed by the WP 110-130 team.
This page provides an overview of all software components, links to their respective repositories as well as a brief summary of their function.
Federation Services
These services are intended to be hosted as a single instance, federation-wide, by the Federators. All Participants can access these Services. Some might require authentication.
The functionality per service shown in this overview is also referenced in the data architecture.
Authentication Service
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/federation-services/authentication-service
- Technologies:
Python (Flask)
- Description:
Implements our authentication flow, i.e. allows participants to log into the Catalogue and Provider Services using their DIDs.
- Lead developer:
Hannes
Catalog
Certificate Service
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/federation-services/certificate-service
- Technologies:
Python (Flask)
- Description:
Our “Trust Anchor” that automatically signs CSRs using our CA.
- Lead developer:
Hannes
Compliance Service
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/federation-services/compliance-service
- Technologies:
TypeScript (nest.js, Axios, etc.)
- Description:
Validates Self Descriptions and issues Compliance Credentials. We need to fork this to fix some upstream issues (notably to implement proper VC canonization)
- Lead developer:
Hannes
Credential Manager
- Also known as:
Identity Manager
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/federation-services/credential-manager
- Technologies:
TypeScript (Angular)
- Description:
Provides a GUI that allows for management of Verifiable Credentials (of both Participants and their Service Offerings), their DID documents and certificates. Furthermore abstracts the signing and verification processes by implementing the necessary protocols and talking to the respective services.
- Lead developer:
Hannes
Negotiation Service
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/federation-services/negotiation-service
- Technologies:
Python (FastAPI)
- Description:
Receives and validates Contract Offer requests from Consumers and handles negotiation with a Provider’s Contract Service.
- Lead developer:
Hannes
OIDC Identity Provider
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/federation-services/oidc-identity-provider
- Technologies:
JavaScript (express.js), node-oidc-provider
- Description:
Provides OpenID Connect compatible authentication using GAIA-X-Med credentials.
- Lead developer:
Hannes
Registry Service
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/federation-services/registry-service
- Technologies:
TypeScript (nest.js, Axios, etc.), MongoDB
- Description:
Holds our custom CA and shapes.
- Lead developer:
Hannes
Provider Services
These are reference implementations of software components that are intended to used by Providers in order to host one or multiple Service(s). These can be replaced with proprietary components as long as they implement the same protocols.
Furthermore, not all of these components are mandatory. For example, a Service that does not need a web frontend does not need an OpenID Connect Client, etc.
Authentication Proxy
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/provider-services/authentication-proxy
- Technologies:
Java (Spring)
- Description:
Intercepts requests to Provider Services, handing them off to the Authentication Service. Only passes through requests from successfully authenticated participants.
- Lead developer:
Tobias
Contract Service
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/provider-services/contract-service
- Technologies:
JavaScript, MongoDB
- Description:
Implements contract negotiation and stores finalized contracts so that they can be verified by the Authentication Proxy and Provider Services.
- Lead developers:
Max, Bennet, Hannes
Credential Store
- Also known as:
Identity Store
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/credential-store
- Technologies:
nginx + nginx-jwt-module
- Description:
Hosts the Verifiable Presentations, DID documents and certificates of Participants and their Service Offerings (akin to a “Wallet”) and provides endpoints that allow the Identity Manager to automatically upload those.
- Lead developers:
Max & Bennet
OIDC Client/Proxy
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/demonstrator-web-service/-/tree/main/proxy
- Technologies:
- Description:
Secures a Service Web App as an OpenID Connect client connecting to the OIDC Identity Provider.
- Lead developers:
Hannes
Service Backend Example
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/demonstrator-web-service/-/tree/main/backend
- Technologies:
TypeScript (express.js)
- Description:
An application-specific API that is either offered by a Provider as-is or that serves as a backend to a Web App Service.
- Lead developer(s):
Hannes
Service Web App Example
- Repository:
https://gitlab.isp.uni-luebeck.de/gaia-x-med/demonstrator-web-service
- Technologies:
JavaScript (React.js)
- Description:
An application-specific web app that a Provider wants to offer to Consumers. The example is an image gallery service with optional upload capabilities.
- Lead developer(s):
Niklas, Hannes
Libraries
These libraries implement common tasks and routines like working with domain-specific files and implementing communication protocols.
Consumer Base API Client
- Repositories:
- Description:
Generic APIs/Libraries that consume Provider Service APIs, implementing authentication and data transfer, but offer no domain logic. Intended to be used as a base for developing application-specific Service clients.
- Lead developer:
Hannes
PIF library
- Repositories:
- Description:
Library for handling Participant Identity Files, including decryption.
- Lead developer:
Hannes
VC library
- Repositories:
- Description:
Library for handling, fetching and verifying Verifiable Credentials.
- Lead developer:
Hannes