Vastuu Group
Translator Skeleton
Last updated: 02/06/2020

A Platform Of Trust translator standardizes the responses from a data source to the Platform itself. The translator also adds security measures, such as signature verification and signing the response.

The Python skeleton is built with Python Bottle

You can use this skeleton to build your own translators.


Requirements:

You need the following installed on your computer:

  • Python 3.6
  • Pipenv (pip install pipenv)
  • Yarn - For documentation


Implementing a Translator:

Add the Platform Of Trust public key to the settings.py POT_PUBLIC_KEY variable. This public key is used for validating the signature header sent from the Platform Of Trust Data Broker API.

You need to create a private/public key pair to be used with the translator. The public key URL MUST be added to the data product when creating it in the Platform Of Trust Product API. It is defined in the organizationPublicKeys list:


"organizationPublicKeys": [
    {
        "type": "RsaSignature2018",
        "url": "https://example.com/public-key.pub"
    }
]
    

Now define the created keys in settings.py as the environment variables PRIVATE_KEY and PUBLIC_KEY respectively.
IMPORTANT: Do NOT commit the private key to the repository, but instead use e.g. encryption or docker environment variables for it.

Make sure you implement the services.get_data() function that handles the getting of the actual data to return to the Data Broker API.

There are placeholders for some of the mandatory parameters in the skeleton code. Make sure you implement the correct values for the response.

You should also update the unit tests in the app/tests to match your changes.

Make sure you update the @request_args()-decorator for the parameter-field if you require any additional parameters. For now, the parameters.name is required.


Tests:

The tests for controllers are found under app/tests/. Remember to update the tests when creating the translator. There is an invoke task for running tests, run pipenv run invoke test. Or run the command ENV=test python -m pytest to run the tests on the command line.


Generating private and public keys:

To generate the PEM keys used for the signing of data:


ssh-keygen -t rsa -b 4096 -q -N "" -m PEM -f RS256.key
openssl rsa -in RS256.key -pubout -outform PEM -out RS256.key.pub
    

API Documentation:

The API uses RAML to document the API. To generate the documentation you need to install Yarn, and run pipenv run invoke docs.

This will generate an index.html-file under docs/. Open the file in your browser to check that the documentation is in order.

The HTML API documentation for the skeleton can be found here

Get It Now!
See Starter Guide
Something is not working?
Identified an issue? Report it to GitHub

Changes:

Changes in the translator skeleton can be found in the CHANGELOG.

License:

MIT, see LICENSE.