-
Notifications
You must be signed in to change notification settings - Fork 71
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(jans-casa): reimplement bioid plugin (#8180)
* fix(jans-casa): fix imports Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> * refactor(jans-casa): new style Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> * refactor(jans-casa): change UI Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> * refactor: add agama Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> * feat(jans-casa): bioid code storage Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> * chore: delete dummy files Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> * feat(jans-casa): add full bioid flow Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> * feat(jans-casa): fix labels Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> * docs(jans-casa): add bioid document Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> --------- Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com> Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>
- Loading branch information
Showing
52 changed files
with
2,925 additions
and
52,982 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| # BioID plugin | ||
|
|
||
| ## Overview | ||
| This plugin allows users to enroll their BioID facial biometrics. | ||
|
|
||
| ## Requirements | ||
| - A Janssen server installation with Casa installed | ||
| - A BioID account. Register on the [BioID site](https://bwsportal.bioid.com/register) | ||
| - Application credentials from the BWS Portal. Please register an application against your account. You will need the app identifier, app secret, storage and partition. | ||
|
|
||
| ## Installation | ||
|
|
||
| 1. [Download the plugin jar]() | ||
| 1. Log into Casa as an administrator, navigate to `Administration Console > Casa plugins` and add the plugin jar | ||
| 1. Using the TUI, enable the `agama` custom script | ||
| 1. Run the following commands to generate the Agama flow file: | ||
|
|
||
| ``` | ||
| git clone --depth 1 --branch main --no-checkout https://github.com/JanssenProject/jans.git | ||
| cd jans/jans-casa/plugins/bioid/extras/agama | ||
| zip -r casa-bioid.gama ./* | ||
| ``` | ||
| 1. Transfer the `casa-bioid.gama` file to the server, and deploy it using the TUI | ||
| 1. Using the TUI, export the sample configuration, edit it according to the specification below and import it back in | ||
|
|
||
| ## Agama Configuration | ||
| ``` | ||
| { | ||
| "io.jans.agama.bioid.enroll": { | ||
| "host": "https://<HOSTNAME>/jans-auth/fl/callback", | ||
| "endpoint": "https://bws.bioid.com/extension/", | ||
| "appIdentifier": "", | ||
| "appSecret": "", | ||
| "storage": "", | ||
| "partition": "" | ||
| } | ||
| } | ||
| ``` | ||
| - `host`: Replace `<HOSTNAME>` with the hostname of your server | ||
| - `endpoint`: BioID API endpoint. Leave as default | ||
| - `appIdentifier`: The app identifier string from BWS Portal - Configuration | ||
| - `appSecret`: The app secret from BWS Portal - Configuration | ||
| - `storage`: Storage value from BWS Portal - Configuration | ||
| - `partition`: Partition value from BWS Portal - Configuration | ||
|
|
||
| ## How to use | ||
| The plugin provides a user menu. When clicking the `Click to Enroll` button, Casa launches the `io.jans.agama.bioid.enroll` flow on the authorization server. This flow queries the BioID database for existing enrollments for the user. If the user has not enrolled, the flow presents the BWS GUI for enrollment. Upon success, the flow redirects back to a Casa landing page. Deletion of credentials is not supported as of now because Casa is unaware of enrollment status of a user. |
41 changes: 41 additions & 0 deletions
41
....metadata/.plugins/org.eclipse.m2e.logback.configuration/logback.1.16.3.20211002-1029.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| <configuration scan="true"> | ||
| <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> | ||
| <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> | ||
| <pattern>%date [%thread] %-5level %logger{35} - %msg%n</pattern> | ||
| </encoder> | ||
| <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> | ||
| <level>OFF</level> <!-- change to DEBUG to mimic '-consolelog' behaviour --> | ||
| </filter> | ||
| </appender> | ||
|
|
||
| <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender"> | ||
| <File>${org.eclipse.m2e.log.dir}/0.log</File> | ||
| <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> | ||
| <FileNamePattern>${org.eclipse.m2e.log.dir}/%i.log</FileNamePattern> | ||
| <MinIndex>1</MinIndex> | ||
| <MaxIndex>10</MaxIndex> | ||
| </rollingPolicy> | ||
| <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> | ||
| <MaxFileSize>100MB</MaxFileSize> | ||
| </triggeringPolicy> | ||
| <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> | ||
| <pattern>%date [%thread] %-5level %logger{35} - %msg%n</pattern> | ||
| </encoder> | ||
| </appender> | ||
|
|
||
| <appender name="EclipseLog" class="org.eclipse.m2e.logback.appender.EclipseLogAppender"> | ||
| <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> | ||
| <level>WARN</level> | ||
| </filter> | ||
| </appender> | ||
|
|
||
| <appender name="MavenConsoleLog" class="org.eclipse.m2e.logback.appender.MavenConsoleAppender"> | ||
| </appender> | ||
|
|
||
| <root level="INFO"> | ||
| <appender-ref ref="FILE" /> | ||
| <appender-ref ref="STDOUT" /> | ||
| <appender-ref ref="EclipseLog" /> | ||
| <appender-ref ref="MavenConsoleLog" /> | ||
| </root> | ||
| </configuration> |
22 changes: 22 additions & 0 deletions
22
jans-casa/plugins/bioid/extras/agama/code/io.jans.agama.bioid.enroll.flow
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| Flow io.jans.agama.bioid.enroll | ||
| Basepath "" | ||
| Configs conf | ||
| Inputs bioid_enrollment_code login_hint | ||
| bioid = Call io.jans.agama.bioid.BioIdService#new conf | ||
| idp = Call io.jans.agama.bioid.IdentityProcessor#new | ||
| bioid_verification = Call idp validateBioIdCode login_hint bioid_enrollment_code | ||
| When bioid_verification is false | ||
| error_map = {success:false, error: "Failed to verify BioID code"} | ||
| Finish error_map | ||
| enrolled = Call bioid isEnrolled login_hint | ||
| When enrolled is false | ||
| token = Call bioid getBWSToken login_hint "enroll" | ||
| enroll_map = {token:token, return_url:conf.host, state: "abcdef"} | ||
| enroll_result = RRF "bioid.ftlh" enroll_map true | ||
| When enroll_result.error is not null | ||
| error_map = {success:false, error: "Enrollment failed; please try again later."} | ||
| Finish error_map | ||
| success_map = {success:true, data: {userId: login_hint, status: "success"}} | ||
| Finish success_map | ||
| error_map = {success:true, data: {status: "enrolled", userId: login_hint}} | ||
| Finish error_map |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| { | ||
| "projectName": "casa-bioid", | ||
| "author": "SafinWasi", | ||
| "type": "Community", | ||
| "version": "1.0.0", | ||
| "description": "A helper project for Jans Casa BioID plugin", | ||
| "noDirectLaunch": [], | ||
| "configs": { | ||
| "io.jans.agama.bioid.enroll": { | ||
| "host": "https://<hostname>/jans-auth/fl/callback", | ||
| "endpoint": "https://bws.bioid.com/extension/", | ||
| "appIdentifier": "", | ||
| "appSecret": "", | ||
| "storage": "", | ||
| "partition": "" | ||
| } | ||
| } | ||
| } |
Oops, something went wrong.