Consumer Data Right - Mock Register
This project includes source code, documentation and instructions for the Consumer Data Right (CDR) Mock Register.
The ACCC operates the CDR Register within the CDR ecosystem. This repository contains a mock implementation of the CDR Register and is offered to help the community in the development and testing of their CDR solutions.
Mock Register - Alignment
The Mock Register aligns to v1.27.0 of the Consumer Data Standards.
Getting Started
There are a number of ways that the artefacts within this project can be used:
- Build and deploy the source code
- Use the pre-built image
- Use the docker compose file to run a multi-container mock CDR Ecosystem
Build and deploy the source code
To get started, clone the source code.
git clone https://github.com/ConsumerDataRight/mock-register.git
To get help on launching and debugging the solution, see the help guide.
If you would like to contribute features or fixes back to the Mock Register repository, consult the contributing guidelines.
Use the pre-built image
A version of the Mock Register is built into a single Docker image that is made available via docker hub.
Pull the latest image
docker pull consumerdataright/mock-register
To get help on running the Mock Register container, see the help guide.
Use the docker-compose.Ecosystem.yml file to run a multi-container Mock CDR Ecosystem
The docker-compose.Ecosystem.yml file can be used to run multiple containers to create a Mock CDR Ecosystem.
To get help on launching the Mock CDR Ecosystem, see the help guide. The help guide also contains instructions for swapping out one of the mock solutions running in the multi-container Mock CDR Ecosystem with a mock solution running in MS Visual Studio or with your own solution.
Try it out
Once the Mock Register is running, you can use the provided Mock Register Postman API collection to try it out.
Certificate Management
Consult the Certificate Management documentation for more information about how certificates are used for the Mock Register.
Loading your own data
Load your own data into the Mock Register
When the Mock Register first starts it will load data from the included seed-data.json file that is included in the CDR.Register.Admin.API project. This file includes dummy metadata for data holders and data recipients. When calls are made to the Mock Register endpoints the dummy metadata is returned.
There are a couple of ways to load your own data into the Mock Register:
-
Provide your own
seed-data.jsonfile within the Mock Register-
Mock Register container:
- Within the
/app/admin/Datafolder of the container, make a copy of theseed-data.Release.jsonfile, renaming to a name of your choice, e.g.my-seed-data.json. - Update your seed data file with your desired metadata.
- Change the
/app/admin/appsettings.Release.jsonfile to load the new data file and overwrite the existing data:
"SeedData": { "FilePath": "Data/my-seed-data.json", "OverwriteExistingData": true },- Restart the Mock Register container.
- Within the
-
Mock Register source:
- Within the
.\Source\CDR.Register.Admin.API\Datafolder, make a copy of theseed-data.Development.jsonfile, renaming to a name of your choice, e.g.my-seed-data.json. - Update your seed data file with your desired metadata.
- Change the
.\Source\appsettings.Development.jsonfile to load the new data file and overwrite the existing data:
"SeedData": { "FilePath": "Data/my-seed-data.json", "OverwriteExistingData": true },- Build and run the Mock Register.
- Within the
-
-
Use the Admin API endpoint to load data
The Mock Register includes an Admin API that allows metadata to be downloaded and uploaded from the repository.
Reload all test data via Admin API
To retrieve the current metadata held within the repository make the following request to the Admin API:
GET https://localhost:7006/admin/metadata
The response will be metadata in JSON format that conforms to the same structure of the seed-data.json file. This payload structure is also the same structure that is used to load new metadata via the Admin API.
To re-load the repository with metadata make the following request to the Admin API:
Note: calling this API will delete all existing metadata and re-load with the provided metadata
POST https://localhost:7006/admin/metadata
{
<JSON metadata - as per the GET /admin/metadata response or seed-data.json file>
}
Note: there is currently no authentication/authorisation applied to this Admin API endpoint as these are seen to be under the control of the container owner. This can be added if there is community feedback to that effect or if a pull request is submitted.
Create or Update Data Holder records via the Admin API
This API endpoint will allow you to create or update an existing data holder record. To create or update data holder metadata within the repository, make the following request to the Admin API data holders endpoint:
POST https://localhost:7006/admin/metadata/data-holders
The response will be a 200 OK if the creation or update of the data holder record was successful.
HTTP/1.1 200 OK
{}
Create or Update Data Recipient records via the Admin API
This API endpoint will allow you to create or update an existing data recipient record. To create or update data recipient metadata within the repository, make the following request to the Admin API data recipients endpoint:
POST https://localhost:7006/admin/metadata/data-recipients
The response will be a 200 OK if the creation or update of the data recipient record was successful.
HTTP/1.1 200 OK
{}
Note: The /admin/metadata/data-recipients and /admin/metadata/data-holders APIs will have the option of running in an authenticated mode and an unauthenticated mode. Running in an authenticated mode is required when the Mock Register is hosted in a secure environment and access to the /admin/metadata/data-recipients and /admin/metadata/data-holders APIs needs to be controlled. Running in an unauthenticated mode will be useful for local development tasks and for external users who have downloaded the Mock Register from GitHub or Docker Hub.
New configuration values have been added to the Mock Register, to switch authentication on or off for the /admin/metadata/data-recipients and /admin/metadata/data-holders APIs.
"oidc": {
"issuer": "",
"scope": ""
}
If the Mock Register can find an issuer in the oidc.issuer config setting at start-up, then Authentication will be applied to the /admin/metadata/data-recipients and /admin/metadata/data-holders APIs.
If the Mock Register cannot find an issuer in the oidc.issuer config setting at start-up, then Authentication will not be applied to the /admin/metadata/data-recipients and /admin/metadata/data-holders APIs.
Use the docker compose file to run a multi-container mock CDR Ecosystem
The docker compose file can be used to run multiple containers from the Mock CDR Ecosystem.
Note: the docker compose file utilises the Microsoft SQL Server Image from Docker Hub. The Microsoft EULA for the Microsoft SQL Server Image must be accepted to use the docker compose file. See the Microsoft SQL Server Image on Docker Hub for more information.
To get help on launching and debugging the solutions as containers and switching out your solution(s), see the help guide.
Mock Register - Architecture
The following diagram outlines the high level architecture of the Mock Register:
Mock Register - Components
The Mock Register contains the following components:
- TLS Gateway
- Hosted at
https://localhost:7000 - Provides the base URL endpoint for TLS only Register communications
- Hosted at
- mTLS Gateway
- Hosted at
https://localhost:7001 - Provides the base URL endpoint for mTLS Register communications
- Performs certificate validation
- Hosted at
- Identity Provider
- Hosted at
https://localhost:7002 - Register identity provider implementation utilising
.Net 6 - Accessed via the TLS and mTLS Gateways, depending on the target endpoint.
- Hosted at
- Discovery API
- Hosted at
https://localhost:7003 - Contains the
GetDataHolderBrandsandGetDataRecipientsRegister APIs. - Accessed via the TLS Gateway (
GetDataRecipients) and mTLS gateway (GetDataHolderBrands).
- Hosted at
- Status API
- Hosted at
https://localhost:7004 - Contains the
GetDataRecipientsStatus,GetSoftwareProductsStatusandGetDataHoldersStatusRegister APIs. - Accessed via the TLS Gateway.
- Hosted at
- SSA API
- Hosted at
https://localhost:7005 - Contains the
SSA JWKSandGetSoftwareStatementAssertionRegister APIs. - Accessed via the TLS (
SSA JWKS) and mTLS Gateway (GetSoftwareStatementAssertion).
- Hosted at
- Admin API
- Hosted at
https://localhost:7006 - Not part of the Register standard, but allows for the maintenance of metadata in the Mock Register repository.
- A user interface may be added at some time in the future to provide user friendly access to the repository data.
- Contains
loopbackdummy Data Recipient endpoints used for testing purposes.
- Hosted at
- Repository
- A SQL database containing Register metadata.
Technology Stack
The following technologies have been used to build the Mock Register:
- The source code has been written in
C#using the.Net 6framework. - The Identity Provider is implemented using
.Net 6. - The TLS and mTLS Gateways have been implemented using
Ocelot. - The Repository utilises a
SQLinstance.
Testing
A collection of API requests has been made available in Postman in order to test the Mock Register and view the expected interactions. See the Mock Register Postman documentation for more information.
Frequently Asked Questions
See the Frequently Asked Questions page for answers to some common questions and links to help files.
Contribute
We encourage contributions from the community. See our contributing guidelines.
Code of Conduct
This project has adopted the Contributor Covenant. For more information see the code of conduct.
Security Policy
See our security policy for information on security controls, reporting a vulnerability and supported versions.
License
Notes
The Mock Register is provided as a development tool and is not an exact replica of the production CDR Register.
It conforms to the Consumer Data Standards, however there may be slight differences due to infrastructure and technology stack variances with the production CDR Register.