FDC3 Security In MonoRepo - NOT READY TO REVIEW

[robmoffat]

Describe your change

Porting the FDC3 Security project into the monorepo structure.

Fixing: #1492

• I acknowledge that a contributor license agreement is required and that I have one in place or will seek to put one in place ASAP.

Work In Progress Checklist

• Move In the FDC3 Security Module
• Tests Passing
• Good Coverage
• New Contexts
  • fdc3.user
  • fdc3.security.symmetricKey.request
  • fdc3.security.symmetricKey.response
  • fdc3.user.request
• CreateIdentityToken Intent
• Example Apps Added to Demo (working)
• New Parameter for getAgent
• Passing Optional Certificates
• Rework the FDC3 Security interface.
• Documentation
  • New Diagrams that separate front and back. @Yannick-Malins
  • Request user from IDP flow diagram @Yannick-Malins
  • Page on how security works (divided up by use case)
  • Add detail to the get-agent parameters. (two ways to integrate)
  • How to configure signing / checking locally and remotely
  • Refer to all this in the fdc3-security/README.
  • Some docs in the demo folder on the security apps
• Demos
  • Back-end processing demos
  • IDP Request demo
• Incorporate Julianna's Metadata PR (added comment to [WIP] Expand broadcast, raise*, and open methods to include metadata #1595) @kriswest @julianna-ciq
  • Intent Result Metadata
  • Code Layer to adapt to whether metadata is available or not

Review Checklist

• Issue: If a change was made to the FDC3 Standard, was an issue linked above?
• CHANGELOG: Is a CHANGELOG.md entry included?
• API changes: Does this PR include changes to any of the FDC3 APIs (DesktopAgent, Channel, PrivateChannel, Listener, Bridging)?
  • Docs & Sources: If yes, were both documentation (/docs) and sources updated?
    
    JSDoc comments on interfaces and types should be matched to the main documentation in /docs
  • Conformance tests: If yes, are conformance test definitions (/toolbox/fdc3-conformance) still correct and complete?
    
    Conformance test definitions should cover all required aspects of an FDC3 Desktop Agent implementation, which are usually marked with a MUST keyword, and optional features (SHOULD or MAY) where the format of those features is defined
  • Schemas: If yes, were changes applied to the Bridging and FDC3 for Web protocol schemas?
    
    The Web Connection protocol and Desktop Agent Communication Protocol schemas must be able to support all necessary aspects of the Desktop Agent API, while Bridging must support those aspects necessary for Desktop Agents to communicate with each other
    • If yes, was code generation (npm run build) run and the results checked in?
      
      Generated code will be found at /src/api/BrowserTypes.ts and/or /src/bridging/BridgingTypes.ts
• Context types: Were new Context type schemas created or modified in this PR?
  • Were the field type conventions adhered to?
  • Was the BaseContext schema applied via allOf (as it is in existing types)?
  • Was a title and description provided for all properties defined in the schema?
  • Was at least one example provided?
  • Was code generation (npm run build) run and the results checked in?
    
    Generated code will be found at /src/context/ContextTypes.ts
• Intents: Were new Intents created in this PR?
  • Were the intent name prefixes and other naming conventions & characteristics adhered to?
  • Was the new intent added to the list in the Intents Overview?

[netlify]

✅ Deploy Preview for fdc3 ready!

Name	Link
🔨 Latest commit	0a83427
🔍 Latest deploy log	https://app.netlify.com/projects/fdc3/deploys/6904d8e9ffc17000087291e1
😎 Deploy Preview	https://deploy-preview-1627.preview-fdc3.finos.org
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[robmoffat]

Documentation:

• Functional use case in desktop agent API
• Properties in metadata.
• API Part
  • Overview - A whole page on FDC3 Security, functional use cases and how it works.
  • A page in the API Part

@Yannick-Malins

[robmoffat]

• Focus on docs first, software second.
• We also need to move tests into the regular packages.