CORE-20695: Retire v1 REST version (#6203)

* Retire use of `v1` REST version *Removed v1 deprecated endpoints
corda · Jun 18, 2024 · 21aedf4 · 21aedf4
1 parent 0e1a1ef
commit 21aedf4
Show file tree

Hide file tree

Showing 55 changed files with 135 additions and 7,846 deletions.
diff --git a/applications/tools/p2p-test/app-simulator/scripts/onBoardCluster.sh b/applications/tools/p2p-test/app-simulator/scripts/onBoardCluster.sh
@@ -16,15 +16,15 @@ echo '{
 }
 
 config_gateway() {
-   config_version=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/config/corda.p2p.gateway/ | jq -r '.version')
+   config_version=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/config/corda.p2p.gateway/ | jq -r '.version')
    if [[ $MTLS == "Y" ]]; then
      tls_type="MUTUAL"
    else
      tls_type="ONE_WAY"
    fi
    raw_config=$(jq -n --arg tls_type "$tls_type" '.sslConfig.revocationCheck.mode="OFF" | .sslConfig.tlsType=$tls_type')
    body=$(jq -n --arg raw_config "$raw_config" --arg version $config_version '.section="corda.p2p.gateway" | .config=$raw_config |.schemaVersion.major=1 | .schemaVersion.minor=0| .version=$version')
-   curl --fail-with-body -s -S --insecure -u admin:admin -X PUT  -d "$body" https://$1/api/v1/config
+   curl --fail-with-body -s -S --insecure -u admin:admin -X PUT  -d "$body" https://$1/api/v5_3/config
 }
 
 build_cli_tool() {
@@ -47,23 +47,23 @@ build_cpi() {
 }
 
 trust_cpi_keys() {
-   curl --insecure -u admin:admin -X PUT -F alias="gradle-plugin-default-key" -F certificate=@"$SCRIPT_DIR/gradle-plugin-default-key.pem" https://$1/api/v5_1/certificate/cluster/code-signer
+   curl --insecure -u admin:admin -X PUT -F alias="gradle-plugin-default-key" -F certificate=@"$SCRIPT_DIR/gradle-plugin-default-key.pem" https://$1/api/v5_3/certificate/cluster/code-signer
    keytool -exportcert -rfc -alias "signing key 1" -keystore "$WORKING_DIR"/signingkeys.pfx -storepass "keystore password" -file "$WORKING_DIR"/signingkey1.pem
-   curl --insecure -u admin:admin -X PUT -F alias="signingkey1-2022" -F certificate=@"$WORKING_DIR"/signingkey1.pem https://$1/api/v5_1/certificate/cluster/code-signer
+   curl --insecure -u admin:admin -X PUT -F alias="signingkey1-2022" -F certificate=@"$WORKING_DIR"/signingkey1.pem https://$1/api/v5_3/certificate/cluster/code-signer
 }
 
 allow_client_certificate() {
-  curl --fail-with-body --insecure -u admin:admin -X PUT  https://$1/api/v1/mgm/$3/mutual-tls/allowed-client-certificate-subjects/"$2"
+  curl --fail-with-body --insecure -u admin:admin -X PUT  https://$1/api/v5_3/mgm/$3/mutual-tls/allowed-client-certificate-subjects/"$2"
 }
 upload_cpi() {
-   local CPI_ID=$(curl --fail-with-body -s -S --insecure -u admin:admin -F upload=@$2 https://$1/api/v1/cpi/ | jq -M '.["id"]' | tr -d '"')
+   local CPI_ID=$(curl --fail-with-body -s -S --insecure -u admin:admin -F upload=@$2 https://$1/api/v5_3/cpi/ | jq -M '.["id"]' | tr -d '"')
    echo $CPI_ID
 }
 
 wait_for_cpi() {
    n=0
    until [ "$n" -ge 25 ];  do
-     cpi_status=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/cpi/status/$2 | jq -r .status)
+     cpi_status=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/cpi/status/$2 | jq -r .status)
      if [[ "$cpi_status" == "OK" ]]; then
        break
      else
@@ -75,14 +75,14 @@ wait_for_cpi() {
 }
 
 cpi_checksum() {
-   local CPI_CHECKSUM=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/cpi/status/$2 | jq -M '.["cpiFileChecksum"]' | tr -d '"')
+   local CPI_CHECKSUM=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/cpi/status/$2 | jq -M '.["cpiFileChecksum"]' | tr -d '"')
    echo $CPI_CHECKSUM
 }
 
 wait_for_vnode() {
    n=0
    until [ "$n" -ge 25 ];  do
-     cpi_status=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/virtualnode/$2 | jq -r '.flowP2pOperationalStatus')
+     cpi_status=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/virtualnode/$2 | jq -r '.flowP2pOperationalStatus')
      if [[ $cpi_status == 'ACTIVE' ]]; then
        break
      else
@@ -93,45 +93,45 @@ wait_for_vnode() {
    done
 }
 create_vnode() {
-    local HOLDING_ID_SHORT_HASH=$(curl --fail-with-body -s -S --insecure -u admin:admin -d '{ "request": { "cpiFileChecksum": "'$2'", "x500Name": "'$3'"  } }' https://$1/api/v1/virtualnode | jq -M '.requestId' | tr -d '"')
+    local HOLDING_ID_SHORT_HASH=$(curl --fail-with-body -s -S --insecure -u admin:admin -d '{ "request": { "cpiFileChecksum": "'$2'", "x500Name": "'$3'"  } }' https://$1/api/v5_3/virtualnode | jq -M '.requestId' | tr -d '"')
     wait_for_vnode $1 $HOLDING_ID_SHORT_HASH
     echo $HOLDING_ID_SHORT_HASH
 }
 
 assign_hsm_and_generate_session_key_pair() {
-    curl --fail-with-body -s -S --insecure -u admin:admin -X POST https://$1/api/v1/hsm/soft/$2/SESSION_INIT &> /dev/null
-    local MGM_SESSION_KEY_ID=$(curl --fail-with-body -s -S --insecure -u admin:admin -X POST https://$1/api/v5_1/key/$2/alias/$2-session/category/SESSION_INIT/scheme/CORDA.ECDSA.SECP256R1 | jq -M '.["id"]' | tr -d '"')
+    curl --fail-with-body -s -S --insecure -u admin:admin -X POST https://$1/api/v5_3/hsm/soft/$2/SESSION_INIT &> /dev/null
+    local MGM_SESSION_KEY_ID=$(curl --fail-with-body -s -S --insecure -u admin:admin -X POST https://$1/api/v5_3/key/$2/alias/$2-session/category/SESSION_INIT/scheme/CORDA.ECDSA.SECP256R1 | jq -M '.["id"]' | tr -d '"')
     echo $MGM_SESSION_KEY_ID
 }
 
 assign_hsm_and_generate_tls_key_pair() {
-    curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v1/hsm/soft/p2p/TLS &> /dev/null
-    MGM_TLS_KEY_ID=$(curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_1/key/p2p/alias/cluster-tls/category/TLS/scheme/CORDA.RSA | jq -M '.["id"]' | tr -d '"')
+    curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_3/hsm/soft/p2p/TLS &> /dev/null
+    MGM_TLS_KEY_ID=$(curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_3/key/p2p/alias/cluster-tls/category/TLS/scheme/CORDA.RSA | jq -M '.["id"]' | tr -d '"')
     echo $MGM_TLS_KEY_ID
 }
 
 assign_hsm_and_generate_edch_key_pair() {
-    curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v1/hsm/soft/$2/PRE_AUTH &> /dev/null
-    MGM_EDCH_KEY_ID=$(curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_1/key/$2/alias/$2-auth/category/PRE_AUTH/scheme/CORDA.ECDSA.SECP256R1 | jq -M '.["id"]' | tr -d '"')
+    curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_3/hsm/soft/$2/PRE_AUTH &> /dev/null
+    MGM_EDCH_KEY_ID=$(curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_3/key/$2/alias/$2-auth/category/PRE_AUTH/scheme/CORDA.ECDSA.SECP256R1 | jq -M '.["id"]' | tr -d '"')
     echo $MGM_EDCH_KEY_ID
 }
 
 assign_hsm_and_generate_ledger_key_pair() {
-    curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v1/hsm/soft/$2/LEDGER &> /dev/null
-    LEDGER_KEY_ID=$(curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_1/key/$2/alias/$2-ledger/category/LEDGER/scheme/CORDA.ECDSA.SECP256R1 | jq -M '.["id"]' | tr -d '"')
+    curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_3/hsm/soft/$2/LEDGER &> /dev/null
+    LEDGER_KEY_ID=$(curl --fail-with-body -s -S -k -u admin:admin -X POST https://$1/api/v5_3/key/$2/alias/$2-ledger/category/LEDGER/scheme/CORDA.ECDSA.SECP256R1 | jq -M '.["id"]' | tr -d '"')
     echo $LEDGER_KEY_ID
 }
 
 get_csr() {
-    curl --fail-with-body -s -S -k -u admin:admin  -X POST -H "Content-Type: application/json" -d '{"x500Name": "'$2'", "subjectAlternativeNames": [ "'$3'" ]}' "https://$1/api/v5_1/certificate/p2p/$4" > "$WORKING_DIR"/$5.csr
+    curl --fail-with-body -s -S -k -u admin:admin  -X POST -H "Content-Type: application/json" -d '{"x500Name": "'$2'", "subjectAlternativeNames": [ "'$3'" ]}' "https://$1/api/v5_3/certificate/p2p/$4" > "$WORKING_DIR"/$5.csr
 }
 
 sign_certificate() {
     java -jar $CA_JAR --home="$WORKING_DIR"/ca csr "$WORKING_DIR"/$1.csr
 }
 
 upload_certificate() {
-    curl --fail-with-body -s -S -k -u admin:admin -X PUT  -F certificate=@$2 -F alias=cluster-tls "https://$1/api/v5_1/certificate/cluster/p2p-tls"
+    curl --fail-with-body -s -S -k -u admin:admin -X PUT  -F certificate=@$2 -F alias=cluster-tls "https://$1/api/v5_3/certificate/cluster/p2p-tls"
 }
 
 register_node() {
@@ -177,18 +177,18 @@ register_mgm() {
 wait_for_approve() {
   n=0
   until [ "$n" -ge 25 ];  do
-    registrationStatus=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/membership/$2/$3 | jq -r .registrationStatus)
+    registrationStatus=$(curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/membership/$2/$3 | jq -r .registrationStatus)
     if [[ "$registrationStatus" == "APPROVED" ]]; then
-      curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/membership/$2/$3 | jq
+      curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/membership/$2/$3 | jq
       break
     elif [[ "$registrationStatus" == "DECLINED" ]]; then
-      curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/membership/$2/$3 | jq
+      curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/membership/$2/$3 | jq
       exit -1
     elif [[ "$registrationStatus" == "FAILED" ]]; then
-      curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/membership/$2/$3 | jq
+      curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/membership/$2/$3 | jq
       exit -1
     elif [[ "$registrationStatus" == "INVALID" ]]; then
-      curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v1/membership/$2/$3 | jq
+      curl --fail-with-body -s -S --insecure -u admin:admin https://$1/api/v5_3/membership/$2/$3 | jq
       exit -1
     else
       echo "Registration status is $registrationStatus, waiting a bit"
@@ -205,7 +205,7 @@ register() {
     echo $COMMAND | jq
 
     # Register
-    registrationId=$(curl --fail-with-body -s -S --insecure -u admin:admin -d " $COMMAND " https://$1/api/v1/membership/$2 | jq -r .registrationId)
+    registrationId=$(curl --fail-with-body -s -S --insecure -u admin:admin -d " $COMMAND " https://$1/api/v5_3/membership/$2 | jq -r .registrationId)
 
     echo "Registration Id $registrationId for $2"
 
@@ -214,11 +214,11 @@ register() {
 }
 
 complete_network_setup() {
-    curl --fail-with-body -s -S -k -u admin:admin -X PUT -d '{"p2pTlsCertificateChainAlias": "cluster-tls", "sessionKeysAndCertificates": [{"sessionKeyId": "'$3'", "preferred": true}]}' "https://$1/api/v1/network/setup/$2"
+    curl --fail-with-body -s -S -k -u admin:admin -X PUT -d '{"p2pTlsCertificateChainAlias": "cluster-tls", "sessionKeysAndCertificates": [{"sessionKeyId": "'$3'", "preferred": true}]}' "https://$1/api/v5_3/network/setup/$2"
 }
 
 extract_group_policy() {
-   curl --fail-with-body -s -S --insecure -u admin:admin -X GET "https://$1/api/v1/mgm/$2/info" > "$WORKING_DIR"/GroupPolicy-out.json
+   curl --fail-with-body -s -S --insecure -u admin:admin -X GET "https://$1/api/v5_3/mgm/$2/info" > "$WORKING_DIR"/GroupPolicy-out.json
 }
 
 on_board_mgm() {

diff --git a/applications/tools/p2p-test/app-simulator/scripts/runReceiver.sh b/applications/tools/p2p-test/app-simulator/scripts/runReceiver.sh
@@ -36,7 +36,7 @@ deploy_receiver() {
 }
 
 MGM_HOLDING_ID_SHORT_HASH=$(cat $MGM_HOLDING_ID_FILE)
-GROUP_ID=$(curl --fail-with-body -s -S --insecure -u admin:admin -X GET https://$MGM_RPC/api/v1/members/$MGM_HOLDING_ID_SHORT_HASH | jq '.members[0].memberContext."corda.groupId"' | tr -d '"')
+GROUP_ID=$(curl --fail-with-body -s -S --insecure -u admin:admin -X GET https://$MGM_RPC/api/v5_3/members/$MGM_HOLDING_ID_SHORT_HASH | jq '.members[0].memberContext."corda.groupId"' | tr -d '"')
 
 if kubectl get ns metrics-server > /dev/null 2>/dev/null ; then
   metrics_args=" -f \"$SCRIPT_DIR/app-simulator-eks.metrics.yaml\""

diff --git a/applications/tools/p2p-test/app-simulator/scripts/runSender.sh b/applications/tools/p2p-test/app-simulator/scripts/runSender.sh
@@ -42,7 +42,7 @@ deploy_sender() {
 echo "Starting Sender in $1 mode"
 
 MGM_HOLDING_ID_SHORT_HASH=$(cat $MGM_HOLDING_ID_FILE)
-GROUP_ID=$(curl --fail-with-body -s -S --insecure -u admin:admin -X GET https://$MGM_RPC/api/v1/members/$MGM_HOLDING_ID_SHORT_HASH | jq '.members[0].memberContext."corda.groupId"' | tr -d '"')
+GROUP_ID=$(curl --fail-with-body -s -S --insecure -u admin:admin -X GET https://$MGM_RPC/api/v5_3/members/$MGM_HOLDING_ID_SHORT_HASH | jq '.members[0].memberContext."corda.groupId"' | tr -d '"')
 
 HELM_A_X500_NAME=$(echo $A_X500_NAME | sed 's/,/\\,/g')
 HELM_B_X500_NAME=$(echo $B_X500_NAME | sed 's/,/\\,/g')

diff --git a/applications/workers/release/combined-worker/README.md b/applications/workers/release/combined-worker/README.md
@@ -136,7 +136,7 @@ Use one of the following run configuratons:
 
 ## Interact with the worker
 
-The worker will expose the HTTP API on port 8888: https://localhost:8888/api/v1/swagger
+The worker will expose the HTTP API on port 8888: https://localhost:8888/api/v5_3/swagger
 The status endpoint is also exposed: http://localhost:7000/status
 
 ## Smoketests

diff --git a/applications/workers/release/flow-worker/README.md b/applications/workers/release/flow-worker/README.md
@@ -78,7 +78,7 @@ instructions below are for using curl.
    the CBP file.)
 
 ```shell
-curl --insecure -u admin:admin  -s -F upload=@./test-cordapp-5.0.0.0-SNAPSHOT-package.cpb https://localhost:8888/api/v1/cpi/
+curl --insecure -u admin:admin  -s -F upload=@./test-cordapp-5.0.0.0-SNAPSHOT-package.cpb https://localhost:8888/api/v5_3/cpi/
 
 ```
 
@@ -93,7 +93,7 @@ This should yield a result similar to this:
 2) Get the status of the file upload and the cpi file checksum value
 
 ```shell
-curl --insecure -u admin:admin  https://localhost:8888/api/v1/cpi/status/[ID]
+curl --insecure -u admin:admin  https://localhost:8888/api/v5_3/cpi/status/[ID]
 ```
 
 where ID is the UUID output from step 1
@@ -109,8 +109,8 @@ This should yield are result similar to this
 3) Create a virtual node using the checksum returned from the step above
 
 ```shell
-curl --insecure -u admin:admin -d '{ "cpiFileChecksum": "B669663F74EA", "x500Name": "C=GB, L=London, O=Alice" }' https://localhost:8888/api/v1/virtualnode
-curl --insecure -u admin:admin -d '{ "cpiFileChecksum": "B669663F74EA", "x500Name": "C=GB, L=London, O=Bob" }' https://localhost:8888/api/v1/virtualnode
+curl --insecure -u admin:admin -d '{ "cpiFileChecksum": "B669663F74EA", "x500Name": "C=GB, L=London, O=Alice" }' https://localhost:8888/api/v5_3/virtualnode
+curl --insecure -u admin:admin -d '{ "cpiFileChecksum": "B669663F74EA", "x500Name": "C=GB, L=London, O=Bob" }' https://localhost:8888/api/v5_3/virtualnode
 ```
 
 This should yield a result similar to this for first request:
@@ -136,8 +136,8 @@ This should yield a result similar to this for first request:
 4) Register the members to the network
 
 ```shell
-curl --insecure -u admin:admin -d '{ "context": { "corda.key.scheme" : "CORDA.ECDSA.SECP256R1" } }' https://localhost:8888/api/v1/membership/3B8DECDDD6E2
-curl --insecure -u admin:admin -d '{ "context": { "corda.key.scheme" : "CORDA.ECDSA.SECP256R1" } }' https://localhost:8888/api/v1/membership/44D0F817B592
+curl --insecure -u admin:admin -d '{ "context": { "corda.key.scheme" : "CORDA.ECDSA.SECP256R1" } }' https://localhost:8888/api/v5_3/membership/3B8DECDDD6E2
+curl --insecure -u admin:admin -d '{ "context": { "corda.key.scheme" : "CORDA.ECDSA.SECP256R1" } }' https://localhost:8888/api/v5_3/membership/44D0F817B592
 ```
 
 ### Calling the flow and testing for a result
@@ -146,7 +146,7 @@ curl --insecure -u admin:admin -d '{ "context": { "corda.key.scheme" : "CORDA.EC
 
 ```shell
 curl --insecure -u admin:admin -X 'POST' \
-  'https://localhost:8888/api/v1/flow/3B8DECDDD6E2' \
+  'https://localhost:8888/api/v5_3/flow/3B8DECDDD6E2' \
   -d '{
     "clientRequestId": "request1",
     "flowClassName": "com.r3.corda.testing.testflows.MessagingFlow",
@@ -159,5 +159,5 @@ The holding ID is taken from the output of the 'create virtual node' step
 2) Check on the progress of the flow:
 
 ```shell
-curl --insecure -u admin:admin https://localhost:8888/api/v1/flow/[HOLDING_ID_HASH]/request1
+curl --insecure -u admin:admin https://localhost:8888/api/v5_3/flow/[HOLDING_ID_HASH]/request1
 ```
diff --git a/charts/corda/templates/NOTES.txt b/charts/corda/templates/NOTES.txt
@@ -10,14 +10,14 @@ kubectl get secret {{ include "corda.restApiAdminPasswordSecretName" . }} --name
 
 2. The API endpoint definition can then be accessed via: 
 {{- range .Values.workers.rest.ingress.hosts }}
-https://{{ . }}/api/v1/swagger
+https://{{ . }}/api/v5_3/swagger
 {{- end }}
 {{- else }}
 
 2. Expose the API endpoint on localhost by running this command:
 kubectl port-forward --namespace {{ .Release.Namespace }} deployment/{{ include "corda.fullname" . }}-rest-worker 8888 &
 
-3. The API endpoint definition can then be accessed via: https://localhost:8888/api/v1/swagger
+3. The API endpoint definition can then be accessed via: https://localhost:8888/api/v5_3/swagger
 
 {{- end }}
 

diff --git a/...ership-rest-impl/src/main/kotlin/net/corda/membership/impl/rest/v1/MGMRestResourceImpl.kt b/...ership-rest-impl/src/main/kotlin/net/corda/membership/impl/rest/v1/MGMRestResourceImpl.kt
@@ -285,17 +285,9 @@ class MGMRestResourceImpl internal constructor(
         reason: ManualDeclinationReason
     ) = impl.declineRegistrationRequest(holdingIdentityShortHash, requestId, reason)
 
-    @Deprecated("Deprecated in favour of suspendMember")
-    override fun deprecatedSuspendMember(holdingIdentityShortHash: String, suspensionParams: SuspensionActivationParameters) =
-        impl.suspendMember(holdingIdentityShortHash, suspensionParams)
-
     override fun suspendMember(holdingIdentityShortHash: String, suspensionParams: SuspensionActivationParameters) =
         impl.suspendMember(holdingIdentityShortHash, suspensionParams.throwBadRequestIfNoSerialNumber())
 
-    @Deprecated("Deprecated in favour of activateMember")
-    override fun deprecatedActivateMember(holdingIdentityShortHash: String, activationParams: SuspensionActivationParameters) =
-        impl.activateMember(holdingIdentityShortHash, activationParams)
-
     override fun activateMember(holdingIdentityShortHash: String, activationParams: SuspensionActivationParameters) =
         impl.activateMember(holdingIdentityShortHash, activationParams.throwBadRequestIfNoSerialNumber())
 

diff --git a/...st-impl/src/main/kotlin/net/corda/membership/impl/rest/v1/MemberLookupRestResourceImpl.kt b/...st-impl/src/main/kotlin/net/corda/membership/impl/rest/v1/MemberLookupRestResourceImpl.kt
@@ -91,29 +91,7 @@ class MemberLookupRestResourceImpl @Activate constructor(
         coordinator.stop()
     }
 
-    @Deprecated("Deprecated in favour of lookupV51")
     override fun lookup(
-        holdingIdentityShortHash: String,
-        commonName: String?,
-        organization: String?,
-        organizationUnit: String?,
-        locality: String?,
-        state: String?,
-        country: String?,
-        statuses: List<String>,
-    ) = impl.lookup(
-        ShortHash.parseOrThrow(holdingIdentityShortHash),
-        commonName,
-        organization,
-        organizationUnit,
-        locality,
-        state,
-        country,
-        statuses.toSet(),
-        false
-    )
-
-    override fun lookupV51(
         holdingIdentityShortHash: String,
         commonName: String?,
         organization: String?,