Update creating/managing groups guide + separate party configuration (#35)

* Update creating/managing groups guide + separate party configuration

This updates cleans up and updates the guide for creating and managing groups and separates the party configuration details to a new guide.

* Update src/routes/guides/managing-groups/+page.svelte

Co-authored-by: Janne Enberg <janne.enberg@lietu.net>

* Apply suggestions from code review

Co-authored-by: Janne Enberg <janne.enberg@lietu.net>

* Add details based on feedback

* Update image with one with email addresses

* Optimize images

---------

Co-authored-by: Janne Enberg <janne.enberg@lietu.net>

Author: joakimnordling

src/routes/guides/images.json

@@ -140,15 +140,28 @@
     }
   },
   "MANAGE_GROUP": {
-    "EDITING_A_GROUP": {
-      "src": "/guides/managing-groups/editing_a_group.png",
-      "alt": "Editing a group page in Developer Portal"
+    "MY_GROUPS_BUTTON": {
+      "src": "/guides/managing-groups/my_groups_button.png",
+      "alt": "My groups page with the Add a group button"
     },
-    "PAGE_FOR_CREATING_GROUPS": {
-      "src": "/guides/managing-groups/page_for_creating_groups.png",
-      "alt": "Create a group page in Developer Portal"
+    "MY_GROUPS_DISCLAIMER": {
+      "src": "/guides/managing-groups/my_groups_disclaimer.png",
+      "alt": "My groups page with disclaimer"
+    },
+    "CREATE_GROUP_PAGE": {
+      "src": "/guides/managing-groups/create_group_page.png",
+      "alt": "Create a group page"
+    },
+    "GROUP_LISTING": {
+      "src": "/guides/managing-groups/group_listing.png",
+      "alt": "List items on the My groups page"
+    },
+    "EDIT_GROUP": {
+      "src": "/guides/managing-groups/edit_group.png",
+      "alt": "Edit group page"
     }
   },
+  "PARTY_CONFIGURATION": {},
   "USING_DATA": {
     "MENU_DATA_SOURCES": {
       "src": "/guides/using-data-from-data-sources/menu_data_sources.png",

src/routes/guides/managing-groups/+page.svelte

@@ -1,13 +1,12 @@
 <script lang="ts">
   import SectionTitle from "$lib/components/SectionTitle.svelte"
-  import Code from "$lib/components/Code.svelte"
-  import json from "svelte-highlight/languages/json"
   import A from "$lib/components/A.svelte"
   import Breadcrumbs from "$lib/components/Breadcrumbs.svelte"
   import Title from "$lib/components/Title.svelte"
   import TableOfContents from "$lib/components/TableOfContents.svelte"
   import GuideImage from "$lib/components/GuideImage.svelte"
   import type { PageData } from "./$types"
+  import { GUIDES } from "../urls"
 
   export let data: PageData
 
@@ -21,73 +20,73 @@
 
   <SectionTitle title="Introduction" />
   <p>
-    A group is needed both for data sources and for applications. You create a group in the
-    developer portal. You have to input a unique name for the group and then input the party
-    configuration domain where you hosted a party configuration you set up. In case you have an
-    existing group without a party configuration you can find the group in your list of groups, edit
-    it, add the party configuration domain and click the update button.
+    A group is needed both to create data sources and to be able to request data from data sources
+    that use access control.
+  </p>
+
+  <SectionTitle title="Creating a group" />
+
+  <p>
+    You can create a group in the <em>My groups</em> section using the <em>Add a group</em> button.
+  </p>
+  <GuideImage img={images.MY_GROUPS_BUTTON} />
+  <p>
+    <strong>Note:</strong> In some IOXIO data sharing services, such as
+    <A href="https://ioxio.io/">IOXIO.io</A> the group creation is restricted and the group is instead
+    created by the support upon separate requests and verification. In that case the
+    <em>My groups</em> page has a disclaimer with instructions to follow. Please also after it has
+    been created follow the steps in<A href="#editing-a-group">Editing a group</A> section of this guide
+    to fill in a GDPR and technical contact for the group.
+  </p>
+  <GuideImage img={images.MY_GROUPS_DISCLAIMER} />
+  <GuideImage img={images.CREATE_GROUP_PAGE} />
+  <p>
+    When creating the group, note that the name of the group needs to be unique for the data sharing
+    service, can consist of lower case letters a-z, underscores and numbers, and be at most 64
+    characters long.
   </p>
   <p>
-    Note that some dataspaces require groups to be created by staff, so if the page has a notice
-    saying so, please follow the instructions written on it.
+    The group should also have a GDPR contact, as well as a technical contact that can be contacted
+    in case of technical problems, such as problems with requesting data from data sources or
+    requests to data sources made by the group. It's recommended that these addresses are generic
+    gdpr@ or support@ -style addresses where applicable so you don't have to worry about updating
+    them as your team changes.
   </p>
-  <GuideImage img={images.PAGE_FOR_CREATING_GROUPS} />
-  <GuideImage img={images.EDITING_A_GROUP} />
-  <SectionTitle title="Creating and hosting party configuration" />
   <p>
-    <strong>1.</strong>
-    Select a domain (it can also be a subdomain) on which you want to host your party configuration.
-    <br />
-    <strong>Note:</strong> You will need to be able to create a file at
-    <em>/.well-known/dataspace/party-configuration.json</em>
-    on that domain and it needs to be accessible over <em>https://</em> with a valid certificate.
+    The group can also optionally have a party configuration domain; a domain on which a party (the
+    group) publishes standardized configuration files. In most cases this should be left empty. It
+    is only needed if the group is going to use HTTP Message Signatures or intends to use the
+    consent protocol prototype (only available on a limited set of IOXIO data sharing services). To
+    set it up, see the
+    <A href={GUIDES.PARTY_CONFIGURATION.href}>{GUIDES.PARTY_CONFIGURATION.title}</A> guide for details
+    before entering the domain here.
   </p>
   <p>
-    <strong>2.</strong>
-    Create the <em>party-configuration.json</em> and host it on the desired domain. See
-    <A href="/schemas/party-configuration/">party configuration schema</A>
-    for more details.
+    Once you have filled in all the required fields, press the <em>Create</em> button.
   </p>
+
+  <SectionTitle title="Editing a group" />
+
   <p>
-    <strong>3.</strong>
-    Ensure the <em>jwks_uri</em> points to some <em>https://</em> based domain and a location you
-    can control. A suggestion is to point it to the <em>/.well-known/jwks.json</em> on the same
-    domain as the party configuration.<br />Example from
-    <A href="/schemas/party-configuration">https://docs.ioxio.dev/schemas/party-configuration</A>:
+    You can also open any of your groups for editing from the <em>My groups</em> page by pressing
+    the <em>View</em> button next to it.
   </p>
-  <Code lang={json}>
-    {`
-{
-  "jwks_uri": "https://ioxio.com/.well-known/jwks.json"
-}
-`}
-  </Code>
+  <GuideImage img={images.GROUP_LISTING} />
+
+  <GuideImage img={images.EDIT_GROUP} />
+
   <p>
-    <strong>4.</strong>
-    Create the content for the <em>jwks_uri</em> and host it in the location you specified in the
-    party configuration. For this, you will need to generate an RSA public/private keypair. Ensure
-    there is at least one key and that it has a <em>kid</em>, the <em>kty</em> is <em>RSA</em>, the
-    <em>use</em>
-    is set to <em>sig</em>, the <em>alg</em>
-    is <em>RS256</em> and it has the <em>n</em> and <em>e</em> parameters. Here is an example of
-    what it should look like from
-    <A href="https://ioxio.com/.well-known/jwks.json">https://ioxio.com/.well-known/jwks.json</A>:
+    If your group was created by support, please ensure you fill in a GDPR contact and a technical
+    contact.
   </p>
 
-  <Code lang={json}>
-    {`
-{
-  "keys": [
-    {
-      "kid": "302feac8851574f3ef74ec1c62a7489f",
-      "kty": "RSA",
-      "use": "sig",
-      "alg": "RS256",
-      "n": "wO_R-_1EUodohCn9mIf3lxH70IFDLIsSbSLg3rNbKJIexFlxE8X72_gFGwMoZJqbeNfEDcPI9UiSXM6H9z_bpfVF7jxtvvyCqSmy-R5miadGoiiYUZpRvK-nxyjOiXlobsaPOgXiC3tCwxZ4EfXznzu5WZm2ekSeIf9nj-NKuPNuUpfCLH6Jbfq7PzWq5BMnmjEwz_VXqqk58mkqgFwr_0BRh2I2i5ufHTixyUGV7u7NK1WkkeIF4VbQILpO0t5-yxO6by2r3A_pubjSUmy8F5FSqqWkxNOfv5svFLnbCTvFuXVonjMqs6MD4BFVjRRhSI9NDWfjTisy-EKNpmWtbM0WAqk2hwey-dE8Fd0B7FmR9GmWt8oR5-LN3QgoRa8_z-h0dYhSWi6vV7dBJxHtyFFVJSTHw3xwCpg6PdeuB8OxqlSuLxry5tMVGNv9humih_92tPbAOq3luAuUuVKmxEgZ-_bk3y9Gxo2YutFfTI8QcaBEyqiao040NIJiNJ0z0OiBodalGny-sHL51Y7iB_z8TYIs8aie_WDfpXRg5IP5UbZ3Onl84IIrH3RbsM2p889-qEpMRXJJY5pQVjur3LIlx2TQ3ir7nBqGYC_5JAeq0sDFonvFGGTfWA_e_QDLKth9Dz2-HPVCUqBsdyF2Es7Ot1ijBV9rVKiaGUtx67M",
-      "e": "AQAB"
-    }
-  ]
-}
-    `}
-  </Code>
+  <SectionTitle title="Next steps" />
+
+  <p>When you have a group, you might want to check out the following guides:</p>
+
+  <ul>
+    <li><A href={GUIDES.MANAGE_GROUP_MEMBERS.href}>{GUIDES.MANAGE_GROUP_MEMBERS.title}</A></li>
+    <li><A href={GUIDES.BUILD_DATA_SOURCE.href}>{GUIDES.BUILD_DATA_SOURCE.title}</A></li>
+    <li><A href={GUIDES.USING_DATA.href}>{GUIDES.USING_DATA.title}</A></li>
+  </ul>
 </TableOfContents>

src/routes/guides/party-configuration/+page.server.ts

@@ -0,0 +1,11 @@
+import IMAGES from "../images.json"
+import { GUIDES } from "../urls"
+
+export async function load({ url, route }) {
+  return {
+    path: url.pathname,
+    route: route.id,
+    guide: GUIDES.PARTY_CONFIGURATION,
+    images: IMAGES.PARTY_CONFIGURATION,
+  }
+}

src/routes/guides/party-configuration/+page.svelte

@@ -0,0 +1,85 @@
+<script lang="ts">
+  import SectionTitle from "$lib/components/SectionTitle.svelte"
+  import Code from "$lib/components/Code.svelte"
+  import json from "svelte-highlight/languages/json"
+  import Breadcrumbs from "$lib/components/Breadcrumbs.svelte"
+  import Title from "$lib/components/Title.svelte"
+  import TableOfContents from "$lib/components/TableOfContents.svelte"
+
+  import type { PageData } from "./$types"
+  import A from "$lib/components/A.svelte"
+
+  export let data: PageData
+</script>
+
+<TableOfContents>
+  <Title title={data.guide.title} />
+
+  <Breadcrumbs path={data.path} />
+
+  <SectionTitle title="Introduction" />
+
+  <p>
+    On the IOXIO data sharing services groups can optionally have a party configuration domain; a
+    domain on which a party (the group) publishes standardized configuration files. They are used
+    with HTTP Message Signatures or with the consent protocol prototype, which is available only on
+    some data sharing services.
+  </p>
+
+  <p>This guide explains how to set up the necessary configuration files.</p>
+
+  <SectionTitle title="Creating and hosting party configuration" />
+  <p>
+    <strong>1.</strong>
+    Select a domain (it can also be a subdomain) on which you want to host your party configuration.
+    <br />
+    <strong>Note:</strong> You will need to be able to create a file at
+    <em>/.well-known/dataspace/party-configuration.json</em> on that domain and it needs to be
+    accessible over <em>https://</em> with a valid certificate.
+  </p>
+  <p>
+    <strong>2.</strong>
+    Create the <em>party-configuration.json</em> and host it on the desired domain. See
+    <A href="/schemas/party-configuration/">party configuration schema</A> for more details.
+  </p>
+  <p>
+    <strong>3.</strong>
+    Ensure the <em>jwks_uri</em> points to some <em>https://</em> based domain and a location you
+    can control. A suggestion is to point it to the <em>/.well-known/jwks.json</em> on the same
+    domain as the party configuration.<br />Example from
+    <A href="/schemas/party-configuration">https://docs.ioxio.dev/schemas/party-configuration</A>:
+  </p>
+  <Code lang={json}>
+    {`
+{
+  "jwks_uri": "https://ioxio.com/.well-known/jwks.json"
+}
+`}
+  </Code>
+  <p>
+    <strong>4.</strong>
+    Create the content for the <em>jwks_uri</em> and host it in the location you specified in the
+    party configuration. For this, you will need to generate an RSA public/private keypair. Ensure
+    there is at least one key and that it has a <em>kid</em>, the <em>kty</em> is <em>RSA</em>, the
+    <em>use</em> is set to <em>sig</em>, the <em>alg</em> is <em>RS256</em> and it has the
+    <em>n</em> and <em>e</em> parameters. Here is an example of what it should look like from
+    <A href="https://ioxio.com/.well-known/jwks.json">https://ioxio.com/.well-known/jwks.json</A>:
+  </p>
+
+  <Code lang={json}>
+    {`
+{
+  "keys": [
+    {
+      "kid": "302feac8851574f3ef74ec1c62a7489f",
+      "kty": "RSA",
+      "use": "sig",
+      "alg": "RS256",
+      "n": "wO_R-_1...tx67M",
+      "e": "AQAB"
+    }
+  ]
+}
+    `}
+  </Code>
+</TableOfContents>

src/routes/guides/urls.ts

@@ -23,6 +23,10 @@ export const GUIDES = {
     title: "Using data from data sources",
     href: "/guides/using-data-from-data-sources",
   },
+  PARTY_CONFIGURATION: {
+    title: "Setting up a party configuration domain",
+    href: "/guides/party-configuration",
+  },
   BUILD_APP: {
     title: "Legacy: Building an application",
     href: "/guides/building-an-application",