ID is a digital identity service from Mastercard that helps you apply for, enroll in, log in to, and access services more simply, securely and privately. Rather than manually providing your information when you are trying to complete tasks online or in apps, ID enables you to share your verified information automatically, more securely, and with your consent and control. ID also enables you to do away with passwords and protects your personal information. Please see here for more details on the API: Mastercard Developers.
For more information regarding the program, refer to ID Service
- Mastercard's OAuth Signer library
- Using OAuth 1.0a to Access Mastercard APIs
- Mastercard's Payload Encryption/Decryption library
- Using Payload Encryption
- Mastercard Developers Account with access to ID for Relying Parties API
- IntelliJ IDEA (or any other IDE)
- Java 8
- Spring Boot 2.2+ up to 2.7.x
- Apache Maven 3.3+
- Set up the
JAVA_HOMEenvironment variable to match the location of your Java installation
-
Create an account at Mastercard Developers.
-
Create a new project and add
ID for Relying PartiesAPI to your project. -
Configure project and download all the keys. It will download multiple files.
-
Select all
.p12files and copy it tosrc/main/resourcesin the project folder. -
Open
${project.basedir}/src/main/resources/application.propertiesand configure below parameters.Connection
mastercard.api.base.path=corresponding MC ID Service Url, example :
https://sandbox.api.mastercard.com/idservice-rp, it is a static field, will be used as a host to make API calls.server.port=, application port.
Authentication
mastercard.api.key.file=, this refers to .p12 file found in the signing key. Please place .p12 file at src\main\resources in the project folder and add classpath for .p12 file.
mastercard.api.consumer.key=, this refers to your consumer key. Copy it from "Keys" section on your project page in Mastercard Developers
mastercard.api.keystore.alias=keyalias, this is the default value of key alias. If it is modified, use the updated one from keys section in Mastercard Developers.
mastercard.api.keystore.password=keystorepassword, this is the default value of key alias. If it is modified, use the updated one from keys section in Mastercard Developers.
Decryption
mastercard.api.decryption.keystore=classpath:, copy your downloaded .p12 file to src/main/resources and set value as "classpath:keyalias-encryption-mc.p12"
mastercard.api.decryption.alias=, alias of your key. Default key alias for sandbox is
keyalias.mastercard.api.decryption.keystore.password=, password of your Keystore. Default keystore password for sandbox project is
keystorepassword.
OpenAPI Generator generates API client libraries from OpenAPI Specs. It provides generators and library templates for supporting multiple languages and frameworks.
See also:
<!-- https://mvnrepository.com/artifact/org.openapitools/openapi-generator-maven-plugin -->
<plugin>
<groupId>org.openapitools</groupId>
<artifactId>openapi-generator-maven-plugin</artifactId>
<version>${openapi-generator.version}</version>
<executions>
<execution>
<goals>
<goal>generate</goal>
</goals>
<configuration>
<inputSpec>${project.basedir}/src/main/resources/mids-reference-app-spec.yaml</inputSpec>
<generatorName>java</generatorName>
<library>okhttp-gson</library>
<generateApiTests>false</generateApiTests>
<generateModelTests>false</generateModelTests>
<configOptions>
<sourceFolder>src/gen/main/java</sourceFolder>
<dateLibrary>java8</dateLibrary>
</configOptions>
</configuration>
</execution>
</executions>
</plugin>Once you clone the project you must ensure that IntelliJ IDEA recognizes the folders. Go to
(file > project structure > modules) and select the folder src/main/java as a source and src/test/java as test folder,
also check the language level at this configuration options and see if it's selected (8 - lambda type annotation etc.) following your java version
add also the Maven support in the Project tool window, right-click your project and select Add Framework Support.
Now that you have all the required dependencies, you can generate the sources. To do this, use one of the following two methods:
Using IDE
-
Method 1
In IntelliJ IDEA, open the Maven window (View > Tool Windows > Maven). Click the iconsReimport All Maven ProjectsandGenerate Sources and Update Folders for All Projects -
Method 2
In the same menu, navigate to the commands ({Project name} > Lifecycle), select
cleanandcompile, then click the iconRun Maven Build.
Using Terminal
- Navigate to the root directory of the project within a terminal window and execute
mvn clean compilecommand.
Navigate to the test package and right click to Run All Tests
The main use cases in ID for Relying Parties Reference APIs are Claims Sharing and Oauth2 Access Token.
Below are the different APIs available in ID for Relying Parties Reference application:
A - Claims Sharing - Documentation.
-
Please refer to
callClaimsIdentityAttributesin IDRPReference.java for details from attached reference application.URL :
/idservice-rp/claims/{arid}/identity-attributesPath Variable : arid
Response : ClaimsIdentityAttributes
Once this endpoint returns a proof object containing a JWS. You may validate this JWS using the below implementation.
-
Here in method
verifyJWSProofon IDRPReferenceApplication.java we may see a use case to verify the signature. -
Also refer to
verifyin SigningValidator.java for more information.Example: JWS Token
-
B - Oauth 2.0 Access Token - Documentation.
-
Please refer to
callSasAccessTokenin IDRPReference.java for details from attached reference application.URL :
/saat-auth/oauth2/tokenRequest : SasAccessTokenRequestDTO
Response : SasAccessTokenResponseDTO
Details on the inputs needed to run the reference app flow can be found here.
Guides and tutorials can be found here.
- Run mvn clean install from the root of the project directory.
- There are two ways to execute the user cases :
- Execute the test cases
- At the
src/test/javawhich is the main root folder for all Junit tests of the application. - Run the tests.
- At the
- Select the menu options provided by the application
- Run
mvn spring-boot:runcommand to run the application. - Once the application is running, you should be able to see and chose the follow two options:
- 1 Claims Identity Attributes
- 2 Exit
- Run
- Execute the test cases
- To develop a client application that consumes a RESTful ID Service API with Spring Boot, refer to the documentation below.
- ID for Relying Parties Reference.
The com.mastercard.dis.mids.reference.config package will provide you API client. This class will take care of adding the correct Authorization header before sending the request.
It is recommended to create an instance of ApiClient per thread in a multithreaded environment to avoid any potential issues.
If you would like further information, please send an email to apisupport@mastercard.com
- For information regarding licensing, refer to the LICENSE.
- For copyright information, refer to the COPYRIGHT.
- For instructions on how to contribute to this project, refer to the CONTRIBUTING.
- For changelog information, refer to the CHANGELOG.
Copyright 2023 Mastercard
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.