How to start the implementation of NPNT


#16

@Amit
Digital sky api is the API which runs in backend like a server.
Digital sky app is the frontend RestAPI like a client.


#17

Ok so Digital ski app will run on my laptop and api will deployed on the server.

How to build and install the app and api on my local computer?


#18

For your testing purpose it would be good to run both backend and front end on your local machine. Backend has a docker file so I guess we can build and run this docker image to start the server. RestAPI is optional you can either use powershell or someother application like postman instead of digital sky app


#19

Hey I have been looking at the presentation deck and I have found a schematic in which I am not sure what the role of management server is here, Anyone with any ideas would help(the query is regarding the one circled in red)


#20

@dmd4597
Last night i was studying the ppt. I am also confused with this management server thing.


#21

@Vardhan
It means that initially i should go with the api docker build and postman.
There is no readme file available for the api docker. Or i just build the docker rest will automatically setup.


#22

The purpose of Management Server is two-fold:

  1. Registering the drone on Digital Sky
  2. Keeping a record of drone registrations and UINs

The idea is that the manufacturer should register the drone on behalf of the buyer (much like the car showroom owner does ROC registration with RTO on behalf of the buyer). Therefore, each manufacturer needs to operate a management server either by themselves or through a third-party. This process involves sending an API request to the POST /droneDevice/register endpoint. The request should be signed using the manufacturer’s certificate through a DSC Token (same as the one used to digitally sign IT returns etc.) or HSM.

My company provides hosted management server. Let me know if you think that will help you.


#23

@Amit
Try running the docker image after you built it. while building docker image tag an image name and then run this docker image with that name. That might be enough to run api on our local machine


#24

Hi Nihal,

Thank you for your comments and replies.

I’m new to this NPNT forum. There are two compliance level mentioned in Guidance manual ( Level 0 and Level 1 ). Level 0 compliance doesn’t required to generate Keys in RFM, It can generated in Software level ( GCS ) right. Please correct me if I’m wrong.


#25

Software refers to the code that runs on the RFM. Level 1 is when there is dedicated hardware with a TEE(Trusted execution Environment) that performs these functions. Not the GCS. Having Key generation done in the GCS is not allowed.


#26

Okay understood, Thanks for this clarification.


#27

Hi!

I’ve been trying to run this digital-sky-api on my local machine and have encountered multiple issues:

  1. Mysql connection error
  2. Mongodb connection issue

i solved the first two issues, but i’m not able to grasp the 3rd one. I’ve posted the error stack at the issues section of their Github Repository. Please look into it, and help me setup the local server.

@nihal @Vardhan


#28

Or, if possible, please list out the steps i’ll need to follow to be able to properly run this repository on my local machine.


#29

i was able to somehow start the Tomcat server. But everytime i make any API request, i get the following error:
{
“timestamp”: 1567038797080,
“status”: 401,
“error”: “Unauthorized”,
“message”: “Sorry, You’re not authorized to access this resource.”,
“path”: “/”
}

Mainly, “status”: 401,
“error”: “Unauthorized”,
“message”: “Sorry, You’re not authorized to access this resource.”,

I’m totally new to Spring boot. Please help me start the server, So i can start the further developement.

@nihal @Vardhan @abhiroop.bhatnagar @sid @satyam_amu


#30

can you tell us the URI and method you are pointing to. Because digital sky api’s services need an authenticated token (of course not all but many). There are few services like (HttpMethod.GET,"/api/airspaceCategory/list") which don’t need ant token for query.

Hope this will be of any help as I am a newbie myself with just days experience.


#31

Hi @Vardhan,
Thanks for responding!

I was trying to use this API: localhost:9000/api/applicationForm/flyDronePermissionApplication

How do i fetch the jwt token?
FYI, I haven’t followed this intruction: 3. Copy JWT certificate to /home/<user>/certs folder
(It was shared in the digital sky deployment repository )

Please help me solve this issue.
@nihal @Vardhan @abhiroop.bhatnagar @sid @satyam_amu


#32

According to the docs, for login, the data should be formatted as :
{ "username": "[email protected]", "password": "abcd1234" }
But, this doesn’t seem to work.
Try this, instead:
{ "email": "[email protected]", "password": "something" }

That is, change the username to email.
Kindly, comment if i am missing something.


#33

The data format for API : /api/pilot, as suggested in this docs seems wrong, Because i get the error: 415 Unsupported Media Type error.

Also, i looked up the code for addPilot here:

	@RequestMapping(method = RequestMethod.POST, consumes = MediaType.MULTIPART_FORM_DATA_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> addPilot(
@RequestParam(value = "trainingCertificateDocument", required = false) MultipartFile trainingCertificateDocument,
@RequestParam(value = "pilotPayload") String pilotPayload
) {
try {

Pilot pilot = objectMapper.readValue(pilotPayload, Pilot.class);

validator.validate(pilot);

pilot.setTrainingCertificate(trainingCertificateDocument);
pilot.setTrainingCertificateDocName(resolveFileName(trainingCertificateDocument));

UserPrincipal userPrincipal = UserPrincipal.securityContext();

pilot.setResourceOwnerId(userPrincipal.getId());
pilot.setName(userPrincipal.getUsername());
pilot.setEmail(userPrincipal.getEmail());
Pilot savedPilotInstance = pilotService.createNewPilot(pilot);
return new ResponseEntity<>(savedPilotInstance, HttpStatus.CREATED);
} catch (PilotProfileAlreadyExist e) {
return new ResponseEntity<>(new Errors(e.getMessage()), HttpStatus.CONFLICT);

} catch (IOException e) {
return new ResponseEntity<>(new Errors("Bad Request"), HttpStatus.BAD_REQUEST);
}
}

And, as you can see, this API expects two values trainingCertificateDocument and pilotPayload both of which are not present in the example data format for this particular API.

Kindly, comment if i am missing something.


#34

hi @Sasitharan_A,
what i infer from your communication with nihal is that we have to generate the key pair in the hardware of drone. We can’t do it on desktop application.
Am i correct?


#35

As per Section 3.1 in Chapter 7 of Revision 1.1 of the RPAS Guidance Manual,

3.1 Generation of Keys

  1. Key pair is generated at RFM level or generated elsewhere and transported to
    RFM.
  2. If keypair is not generated at RFM, it should be generated within a zone that
    has the same security requirements as RFM and has to be transported to the
    RFM on a communication channel secured using or equivalent of 128bit
    symmetric key (minimum).
  3. If key rotation is required, the generated key may be signed using previous key
    pair and sent for updation to DigitalSky.

Therefore, it is ok to generate key pair on a desktop application as long as it is securely generated and transported to the RFM.