├── .mvn
└── wrapper
│ └── maven-wrapper.properties
├── LICENSE
├── README.md
├── build
├── buildDocker.sh
├── docker-compose.yml
└── docker
│ ├── Dockerfile
│ └── src
│ ├── logback-spring.xml
│ └── runCodeFront.sh
├── checkstyle-conf.xml
├── checkstyle-suppressions.xml
├── checkstyle.header
├── client
├── .editorconfig
├── .env
├── .gitignore
├── .nvmrc
├── README.md
├── eslint.config.mjs
├── index.html
├── license.js
├── package-lock.json
├── package.json
├── pom.xml
├── public
│ ├── apple-touch-icon.png
│ ├── favicon.ico
│ ├── favicon.svg
│ ├── logo192.png
│ ├── logo512.png
│ ├── manifest.json
│ └── robots.txt
├── src
│ ├── App.jsx
│ ├── Body.jsx
│ ├── api.js
│ ├── components
│ │ ├── Button
│ │ │ └── Button.jsx
│ │ ├── CircleIcon
│ │ │ └── CircleIcon.jsx
│ │ ├── FlowUserActionSafeguard
│ │ │ └── FlowUserActionSafeguard.jsx
│ │ ├── FoldableContent
│ │ │ └── FoldableContent.jsx
│ │ ├── Footer
│ │ │ └── Footer.jsx
│ │ ├── Guide
│ │ │ └── Guide.jsx
│ │ ├── Header
│ │ │ └── Header.jsx
│ │ ├── HelpText
│ │ │ └── HelpText.jsx
│ │ ├── LanguageDropdown
│ │ │ └── LanguageDropdown.jsx
│ │ ├── MainContent
│ │ │ └── MainContent.jsx
│ │ ├── QRCode
│ │ │ └── QRCode.jsx
│ │ ├── Settings
│ │ │ └── Settings.jsx
│ │ ├── Sidebar
│ │ │ └── Sidebar.jsx
│ │ └── StartButton
│ │ │ └── StartButton.jsx
│ ├── constants.js
│ ├── contexts
│ │ ├── Contexts.jsx
│ │ ├── localization
│ │ │ ├── Localization.jsx
│ │ │ ├── eng.json
│ │ │ └── swe.json
│ │ └── sidebar
│ │ │ └── Sidebar.jsx
│ ├── flow-utils.js
│ ├── hooks
│ │ ├── useDevice.js
│ │ └── useHash.js
│ ├── logo.svg
│ ├── main.jsx
│ ├── pages
│ │ ├── About
│ │ │ └── About.jsx
│ │ ├── Error
│ │ │ └── Error.jsx
│ │ ├── OpenDesktopApp
│ │ │ └── OpenDesktopApp.jsx
│ │ ├── OpenMobileApp
│ │ │ └── OpenMobileApp.jsx
│ │ ├── ResultFailed
│ │ │ └── ResultFailed.jsx
│ │ ├── ResultSuccess
│ │ │ └── ResultSuccess.jsx
│ │ ├── ScanQR
│ │ │ └── ScanQR.jsx
│ │ └── Start
│ │ │ └── Start.jsx
│ ├── router.jsx
│ ├── styling
│ │ ├── fonts
│ │ │ ├── Caveat-Regular.woff
│ │ │ ├── Caveat-Regular.woff2
│ │ │ ├── Inter-Bold.woff
│ │ │ ├── Inter-Bold.woff2
│ │ │ ├── Inter-Regular.woff
│ │ │ └── Inter-Regular.woff2
│ │ ├── images
│ │ │ ├── MarkerArrow.svg
│ │ │ ├── angle-down-solid-darkblue.svg
│ │ │ ├── angle-down-solid-white.svg
│ │ │ ├── arrow-left-solid-darkblue.svg
│ │ │ ├── arrow-right-from-bracket-solid.svg
│ │ │ ├── check-solid.svg
│ │ │ ├── eid-still.png
│ │ │ ├── en.svg
│ │ │ ├── exclamation-solid.svg
│ │ │ ├── gear-solid.svg
│ │ │ ├── github.svg
│ │ │ ├── logo-bank-id.svg
│ │ │ ├── open-mobile.svg
│ │ │ ├── sv.svg
│ │ │ └── system-external-link.svg
│ │ └── index.css
│ └── utils.js
└── vite.config.js
├── mvnw
├── mvnw.cmd
├── pom.xml
└── server
├── README.md
├── certificates
├── localhost-cert.pem
├── localhost-key.pem
├── production
│ ├── truststore.p12
│ └── truststore.pem
└── test
│ ├── FPTestcert5_20240610.p12
│ ├── truststore.p12
│ └── truststore.pem
├── checkstyle.header
├── pom.xml
└── src
├── main
├── java
│ └── com
│ │ └── bankid
│ │ └── codefront
│ │ ├── CodeFrontApplication.java
│ │ ├── ServletInitializer.java
│ │ ├── bankid
│ │ └── relyingparty
│ │ │ ├── RpApi.java
│ │ │ ├── metrics
│ │ │ └── RpApiMetrics.java
│ │ │ └── signature
│ │ │ ├── BidSignatureNamespaceContext.java
│ │ │ ├── DigitalSignature.java
│ │ │ ├── SignatureParseException.java
│ │ │ └── XmlParseErrorHandler.java
│ │ ├── config
│ │ ├── AppConfig.java
│ │ ├── BankIDRelyingPartyConfig.java
│ │ ├── ClockConfig.java
│ │ ├── HeadersConfig.java
│ │ ├── Metrics.java
│ │ ├── SecurityConfig.java
│ │ ├── SessionConfig.java
│ │ └── SessionConfigDev.java
│ │ ├── models
│ │ ├── Base64String.java
│ │ ├── ValidatedValue.java
│ │ ├── bankid
│ │ │ └── relyingparty
│ │ │ │ ├── AdditionalWebData.java
│ │ │ │ ├── BankIDRequirements.java
│ │ │ │ ├── CancelRequest.java
│ │ │ │ ├── CollectRequest.java
│ │ │ │ ├── CollectResponse.java
│ │ │ │ ├── CompletionData.java
│ │ │ │ ├── DeviceData.java
│ │ │ │ ├── RiskLevel.java
│ │ │ │ ├── RiskRequirement.java
│ │ │ │ ├── SetUpData.java
│ │ │ │ ├── StartAuthenticationRequest.java
│ │ │ │ ├── StartSignatureRequest.java
│ │ │ │ ├── StartTransactionResponse.java
│ │ │ │ └── UserData.java
│ │ └── service
│ │ │ ├── BankIDTransaction.java
│ │ │ ├── CollectResult.java
│ │ │ ├── CompletionResult.java
│ │ │ └── Status.java
│ │ ├── rest
│ │ ├── controller
│ │ │ ├── GlobalControllerExceptionHandler.java
│ │ │ ├── SpaController.java
│ │ │ ├── StartController.java
│ │ │ ├── TransactionController.java
│ │ │ └── metrics
│ │ │ │ └── TransactionControllerMetrics.java
│ │ └── model
│ │ │ ├── AuthenticationRequest.java
│ │ │ ├── CheckResponse.java
│ │ │ ├── CompletionResponse.java
│ │ │ ├── ErrorCode.java
│ │ │ ├── SessionValue.java
│ │ │ ├── SignRequest.java
│ │ │ ├── StartResponse.java
│ │ │ ├── TransactionResponse.java
│ │ │ └── UserVisibleDataFormat.java
│ │ ├── service
│ │ ├── AuditService.java
│ │ └── BankIDService.java
│ │ └── utils
│ │ └── CodeFrontWebApplicationException.java
└── resources
│ ├── application-dev.yaml
│ ├── application-prod.yaml
│ ├── application-redis.yaml
│ ├── application-tlsdisabled.yaml
│ ├── application.yaml
│ ├── findbugs-exclude.xml
│ └── logback-spring.xml
└── test
└── java
└── com
└── bankid
└── codefront
├── TestUtils.java
├── actuator
└── K8sProbesTest.java
├── bankid
└── relyingparty
│ ├── RpApiTest.java
│ └── signature
│ └── DigitalSignatureTest.java
├── models
├── Base64StringTest.java
└── bankid
│ └── relyingparty
│ ├── BankIDRequirementsTest.java
│ ├── CancelRequestTest.java
│ ├── CollectRequestTest.java
│ ├── CollectResponseTest.java
│ ├── CompletionDataTest.java
│ ├── StartAuthenticationRequestTest.java
│ ├── StartSignatureRequestTest.java
│ └── StartTransactionResponseTest.java
├── rest
├── contoller
│ ├── AuthenticationResponse.java
│ ├── CheckResponse.java
│ ├── GlobalControllerExceptionHandlerTest.java
│ ├── RestBaseControllerTest.java
│ ├── RestControllerTest.java
│ ├── SpaControllerTest.java
│ └── TransactionControllerTest.java
└── model
│ ├── AuthenticationRequestTest.java
│ ├── CompletionResponseTest.java
│ └── SignRequestTest.java
└── service
└── BankIDServiceTest.java
/.mvn/wrapper/maven-wrapper.properties:
--------------------------------------------------------------------------------
1 | # Licensed to the Apache Software Foundation (ASF) under one
2 | # or more contributor license agreements. See the NOTICE file
3 | # distributed with this work for additional information
4 | # regarding copyright ownership. The ASF licenses this file
5 | # to you under the Apache License, Version 2.0 (the
6 | # "License"); you may not use this file except in compliance
7 | # with the License. You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing,
12 | # software distributed under the License is distributed on an
13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14 | # KIND, either express or implied. See the License for the
15 | # specific language governing permissions and limitations
16 | # under the License.
17 | wrapperVersion=3.3.2
18 | distributionType=only-script
19 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip
20 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | BSD 3-Clause License
2 |
3 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
4 | All rights reserved.
5 |
6 | Redistribution and use in source and binary forms, with or without
7 | modification, are permitted provided that the following conditions are met:
8 |
9 | 1. Redistributions of source code must retain the above copyright notice, this
10 | list of conditions and the following disclaimer.
11 |
12 | 2. Redistributions in binary form must reproduce the above copyright notice,
13 | this list of conditions and the following disclaimer in the documentation
14 | and/or other materials provided with the distribution.
15 |
16 | 3. Neither the name of the copyright holder nor the names of its
17 | contributors may be used to endorse or promote products derived from
18 | this software without specific prior written permission.
19 |
20 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
24 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
26 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
27 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
28 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # About BankID
2 | BankID is the largest eID in Sweden, with more than 8,4 million users and over 6000 connected businesses and authorities. Our solution has revolutionized everyday life in Sweden and lays the foundation for a modern and accessible society.
3 | ## All information moved to developer’s site
4 | We no longer update our repositories on Github as all our information for developers is now found on our website developers.bankid.com.
5 |
6 | [Visit the website for developers ](https://developers.bankid.com)
7 |
8 | ## Live example of flows
9 | To see how the identification and signature flows work you can visit our test site for end-users. If you hold a production BankID you can try the full flows. If you don’t have a production BankID you can’t complete the full tests, but can still benefit from viewing the UI.
10 |
11 | [Visit the test site for end-users ](https://test.bankid.com)
--------------------------------------------------------------------------------
/build/buildDocker.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | dockerTempTag=codefront-server
3 | echo ${dockerTempTag}
4 |
5 | mkdir -p docker/target/bin/
6 | cp ../server/target/codefront-develop-SNAPSHOT.war docker/target/bin/codefront-server.war
7 |
8 | docker buildx build docker/. \
9 | --no-cache \
10 | -t ${dockerTempTag} \
11 | --progress=plain
12 |
--------------------------------------------------------------------------------
/build/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: "3"
2 |
3 | services:
4 | codefront:
5 | image: codefront-server
6 | restart: always
7 | user: "2000"
8 | read_only: true
9 | cap_drop:
10 | - ALL
11 | environment:
12 | - SPRING_PROFILES_ACTIVE=dev
13 | tmpfs:
14 | # These directories need to be writable at runtime.
15 | - /tmp:uid=2000,gid=2000
16 | volumes:
17 | - ../server/certificates/:/opt/codefront/certificates/:r
18 | - ./docker/src/logback-spring.xml:/opt/codefront/src/main/resources/logback-spring.xml:r
19 | ports:
20 | - "8443:8443"
21 |
--------------------------------------------------------------------------------
/build/docker/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG BASE_IMAGE=${BASE_IMAGE:-registry.access.redhat.com/ubi8/openjdk-17-runtime:1.19-4}
2 | FROM ${BASE_IMAGE}
3 |
4 | LABEL base-image=${BASE_IMAGE}
5 | LABEL name="codefront-server"
6 | LABEL description="CodeFront-server is the java-based server, currently the main GUI server"
7 | LABEL distribution-scope="opensource"
8 | LABEL summary="codefront-server"
9 |
10 | # Expose ports and volumes.
11 | EXPOSE 8443
12 | VOLUME ["/opt/codefront/config/", "/opt/codefront/logs"]
13 |
14 | # Copy files.
15 | COPY src/runCodeFront.sh target/bin/codefront-server.war /opt/codefront/
16 | COPY src/logback-spring.xml /opt/codefront/default-config/
17 |
18 | USER root
19 |
20 | # Run required commands.
21 | RUN chmod 755 /opt && \
22 | chmod 755 /opt/codefront/runCodeFront.sh && \
23 | chmod 644 /opt/codefront/codefront-server.war
24 |
25 | # Set working directory and user.
26 | WORKDIR /opt/codefront/
27 | USER 2000
28 |
29 | # Set entry point.
30 | ENTRYPOINT ["/opt/codefront/runCodeFront.sh"]
31 |
--------------------------------------------------------------------------------
/build/docker/src/logback-spring.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {"HOSTNAME":"${HOSTNAME}"}
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 | %d [%thread] %level{8} %logger{50} [%X{userIp}] [%X{userId}] %msg%n
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/build/docker/src/runCodeFront.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | exec java \
3 | $JAVA_OPTS \
4 | -XX:-ParallelRefProcEnabled \
5 | -XX:MaxGCPauseMillis=500 \
6 | -XX:+ExitOnOutOfMemoryError \
7 | \
8 | -Djava.net.preferIPv4Stack=true \
9 | -Djava.awt.headless=true \
10 | \
11 | -jar \
12 | /opt/codefront/codefront-server.war \
13 | "$@"
14 |
--------------------------------------------------------------------------------
/checkstyle-suppressions.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
6 |
7 |
8 |
9 |
10 |
--------------------------------------------------------------------------------
/checkstyle.header:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
--------------------------------------------------------------------------------
/client/.editorconfig:
--------------------------------------------------------------------------------
1 | root = true
2 |
3 | [*]
4 | end_of_line = lf
5 | insert_final_newline = true
6 | charset = utf-8
7 | indent_style = space
8 | indent_size = 2
9 |
--------------------------------------------------------------------------------
/client/.env:
--------------------------------------------------------------------------------
1 | VITE_PUBLIC_URL=
2 |
--------------------------------------------------------------------------------
/client/.gitignore:
--------------------------------------------------------------------------------
1 | # See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
2 |
3 | # dependencies
4 | /node_modules
5 | /.pnp
6 | .pnp.js
7 |
8 | # testing
9 | /coverage
10 |
11 | # production
12 | /build
13 |
14 | # misc
15 | .DS_Store
16 | .env.local
17 | .env.development.local
18 | .env.test.local
19 | .env.production.local
20 |
21 | npm-debug.log*
22 | yarn-debug.log*
23 | yarn-error.log*
24 |
--------------------------------------------------------------------------------
/client/.nvmrc:
--------------------------------------------------------------------------------
1 | 22.12.0
2 |
--------------------------------------------------------------------------------
/client/README.md:
--------------------------------------------------------------------------------
1 | # BankID Demo Client
2 |
3 | This is the frontend part of the BankID Demo. Here we provide an example of how to handle all the things necessary in a frontend of a site with a BankID integration.
4 |
5 |
6 |
7 | ## Secure start
8 |
9 | > To protect users and businesses, Secure start will be mandatory from 1st of May 2024.
10 | >
11 | > Secure start means using animated QR code and autostart.
12 |
13 | ### Animated QR code
14 | QR code is used when the user visits a site on one device and uses the BankID app on another device. The user simply scans the QR code with their BankID app and verify the authentication.
15 |
16 | In the frontend we handle the animation by polling the API every second to get the latest code and update the QR code shown on the site.
17 |
18 | See [src/pages/ScanQR](src/pages/ScanQR/ScanQR.js) for more info.
19 |
20 | ### Autostart
21 |
22 | Autostart is used when the user visits a site on the same device as the BankID is located, either on a mobile device where the BankID app is installed or on a desktop device where the BankID Security Program is installed. The user simply clicks a button on the site which opens their BankID application where they can verify the authentication.
23 |
24 | In the frontend we handle this by checking what type of device the user has and show different buttons depending on the scenario.
25 |
26 | ### Autostart Desktop
27 |
28 | If the user is on a desktop device we just redirect to a URL with the `bankid://`-scheme and the BankID Security Program opens.
29 |
30 | See [src/pages/OpenDesktopApp](src/pages/OpenDesktopApp/OpenDesktopApp.js) for more info.
31 |
32 | ### Autostart Mobile
33 |
34 | On a mobile device we redirect to `app.bankid.com` which handles opening of the BankID app correctly on iOS and Android. For the BankID app to redirect back to the site correctly we need to pass a `returnUrl`. On iOS this is a bit tricky due to all links opening in Safari regardless of what default browser the user has.
35 |
36 | See [src/pages/OpenMobileApp](src/pages/OpenMobileApp/OpenMobileApp.js) for more info.
37 |
38 |
39 | ---
40 |
41 | ## Available scripts
42 |
43 | In the project directory, you can run:
44 |
45 | ### `npm run dev`
46 |
47 | Runs the app in the development mode.\
48 | Open [http://localhost:5173](http://localhost:5173) to view it in your browser.
49 |
50 | ### `npm run lint`
51 |
52 | Runs ESLint to statically analyze the code and look for problems.
53 |
54 | ### `npm run build`
55 |
56 | Builds the app for production to the `build` folder.
57 |
--------------------------------------------------------------------------------
/client/eslint.config.mjs:
--------------------------------------------------------------------------------
1 | import react from "eslint-plugin-react";
2 | import reactHooks from "eslint-plugin-react-hooks";
3 | import _import from "eslint-plugin-import";
4 | import jsxA11Y from "eslint-plugin-jsx-a11y";
5 | import licenseHeader from "eslint-plugin-license-header";
6 | import { fixupPluginRules } from "@eslint/compat";
7 | import globals from "globals";
8 | import path from "node:path";
9 | import { fileURLToPath } from "node:url";
10 | import js from "@eslint/js";
11 | import { FlatCompat } from "@eslint/eslintrc";
12 |
13 | const __filename = fileURLToPath(import.meta.url);
14 | const __dirname = path.dirname(__filename);
15 | const compat = new FlatCompat({
16 | baseDirectory: __dirname,
17 | recommendedConfig: js.configs.recommended,
18 | allConfig: js.configs.all
19 | });
20 |
21 | export default [{
22 | ignores: ["**/eslint.config.mjs", "**/license.js", "target/*", "build/*"],
23 | }, ...compat.extends("plugin:react/recommended"), {
24 | plugins: {
25 | react,
26 | "react-hooks": fixupPluginRules(reactHooks),
27 | import: fixupPluginRules(_import),
28 | "jsx-a11y": jsxA11Y,
29 | "license-header": licenseHeader,
30 | },
31 |
32 | settings: {
33 | react: {
34 | version: "detect",
35 | },
36 | },
37 |
38 | languageOptions: {
39 | globals: {
40 | ...globals.browser,
41 | },
42 |
43 | ecmaVersion: "latest",
44 | sourceType: "module",
45 | },
46 |
47 | rules: {
48 | "react/react-in-jsx-scope": 0,
49 | "jsx-quotes": ["error", "prefer-single"],
50 |
51 | "react/function-component-definition": [2, {
52 | namedComponents: "arrow-function",
53 | }],
54 | "no-console": 1,
55 | "react-hooks/exhaustive-deps": 1,
56 | "react/require-default-props": 0,
57 | "react/jsx-props-no-spreading": 0,
58 | "react/jsx-filename-extension": 0,
59 | "import/prefer-default-export": 0,
60 | "react/prop-types": 0,
61 | "license-header/header": ["error", "./license.js"],
62 | },
63 | }];
64 |
--------------------------------------------------------------------------------
/client/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
11 |
12 |
13 | BankID Demo
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
--------------------------------------------------------------------------------
/client/license.js:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
--------------------------------------------------------------------------------
/client/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "bankid-demo",
3 | "private": true,
4 | "version": "0.0.0",
5 | "type": "module",
6 | "scripts": {
7 | "dev": "vite",
8 | "build": "vite build",
9 | "lint": "eslint . --report-unused-disable-directives --max-warnings 0",
10 | "preview": "vite preview"
11 | },
12 | "dependencies": {
13 | "axios": "^1.7.7",
14 | "classnames": "^2.5.1",
15 | "is-mobile": "^5.0.0",
16 | "qrcode": "^1.5.4",
17 | "react": "^18.3.1",
18 | "react-dom": "^18.3.1",
19 | "react-markdown": "^9.0.1",
20 | "react-router-dom": "^6.26.2",
21 | "remark-gfm": "^4.0.0"
22 | },
23 | "devDependencies": {
24 | "@eslint/compat": "^1.2.4",
25 | "@eslint/eslintrc": "^3.2.0",
26 | "@eslint/js": "^9.16.0",
27 | "@types/react": "^18.3.1",
28 | "@types/react-dom": "^18.3.0",
29 | "@vitejs/plugin-basic-ssl": "^1.0.2",
30 | "@vitejs/plugin-react": "^4.3.1",
31 | "eslint": "^9.16.0",
32 | "eslint-plugin-import": "^2.31.0",
33 | "eslint-plugin-jsx-a11y": "^6.10.2",
34 | "eslint-plugin-license-header": "^0.6.1",
35 | "eslint-plugin-react": "^7.36.1",
36 | "eslint-plugin-react-hooks": "^5.1.0",
37 | "eslint-plugin-react-refresh": "^0.4.12",
38 | "globals": "^15.13.0",
39 | "vite": "^6.0.3"
40 | },
41 | "overrides": {
42 | "qrcode": {
43 | "yargs": "~17.7.2"
44 | }
45 | }
46 | }
47 |
--------------------------------------------------------------------------------
/client/public/apple-touch-icon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/public/apple-touch-icon.png
--------------------------------------------------------------------------------
/client/public/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/public/favicon.ico
--------------------------------------------------------------------------------
/client/public/favicon.svg:
--------------------------------------------------------------------------------
1 |
15 |
--------------------------------------------------------------------------------
/client/public/logo192.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/public/logo192.png
--------------------------------------------------------------------------------
/client/public/logo512.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/public/logo512.png
--------------------------------------------------------------------------------
/client/public/manifest.json:
--------------------------------------------------------------------------------
1 | {
2 | "short_name": "BankID",
3 | "name": "BankID Demo",
4 | "icons": [
5 | {
6 | "src": "favicon.ico",
7 | "sizes": "64x64 32x32 24x24 16x16",
8 | "type": "image/x-icon"
9 | },
10 | {
11 | "src": "logo192.png",
12 | "type": "image/png",
13 | "sizes": "192x192"
14 | },
15 | {
16 | "src": "logo512.png",
17 | "type": "image/png",
18 | "sizes": "512x512"
19 | }
20 | ],
21 | "display": "standalone"
22 | }
23 |
--------------------------------------------------------------------------------
/client/public/robots.txt:
--------------------------------------------------------------------------------
1 | # https://www.robotstxt.org/robotstxt.html
2 | User-agent: *
3 | Disallow:
4 |
--------------------------------------------------------------------------------
/client/src/App.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useEffect, useState } from 'react';
36 | import { BrowserRouter } from 'react-router-dom';
37 | import Axios from 'axios';
38 |
39 | import Contexts from './contexts/Contexts';
40 | import Header from './components/Header/Header';
41 | import api from './api';
42 | import Body from './Body';
43 |
44 | const App = () => {
45 | const [loaded, setLoaded] = useState(false);
46 |
47 | // On launch we call the API to get a CSRF-token.
48 | useEffect(() => {
49 | api.start().then((response) => {
50 | Axios.defaults.headers.common['X-CSRF-TOKEN'] = response.data.csrfToken;
51 | setLoaded(true);
52 | });
53 | }, []);
54 |
55 | if (!loaded) {
56 | return null;
57 | }
58 |
59 | return (
60 |
61 |
62 |
63 |
64 |
65 |
66 | );
67 | };
68 |
69 | export default App;
70 |
--------------------------------------------------------------------------------
/client/src/Body.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import classNames from 'classnames';
36 |
37 | import MainContent from './components/MainContent/MainContent';
38 | import Footer from './components/Footer/Footer';
39 | import Sidebar from './components/Sidebar/Sidebar';
40 | import Router from './router';
41 | import { useSidebar } from './contexts/sidebar/Sidebar';
42 |
43 | const Body = () => {
44 | const { isOpen: sidebarOpen } = useSidebar();
45 |
46 | return (
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 | );
62 | };
63 |
64 | export default Body;
65 |
--------------------------------------------------------------------------------
/client/src/api.js:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import Axios from 'axios';
36 |
37 | const BASE_URL = `${window.location.origin}${import.meta.env.VITE_PUBLIC_URL}/api`;
38 |
39 | const start = () => Axios.get(
40 | `${BASE_URL}/start`,
41 | { withCredentials: true },
42 | );
43 |
44 | const authentication = ({ text, textIsFormatted }) => {
45 | const userVisibleData = text;
46 | const userVisibleDataFormat = textIsFormatted ? 'SIMPLE_MARKDOWN_V1' : 'NONE';
47 |
48 | return Axios.post(
49 | `${BASE_URL}/authentication`,
50 | {
51 | userVisibleData,
52 | userVisibleDataFormat,
53 | },
54 | { withCredentials: true },
55 | );
56 | };
57 |
58 | const sign = ({ text, textIsFormatted }) => {
59 | const userVisibleData = text;
60 | const userVisibleDataFormat = textIsFormatted ? 'SIMPLE_MARKDOWN_V1' : 'NONE';
61 |
62 | return Axios.post(
63 | `${BASE_URL}/sign`,
64 | {
65 | userVisibleData,
66 | userVisibleDataFormat,
67 | },
68 | { withCredentials: true },
69 | );
70 | };
71 |
72 | const check = () => Axios.post(
73 | `${BASE_URL}/check`,
74 | {},
75 | { withCredentials: true },
76 | );
77 |
78 | const cancel = () => Axios.delete(
79 | `${BASE_URL}/cancel`,
80 | { withCredentials: true },
81 | );
82 |
83 | const api = {
84 | start,
85 | authentication,
86 | sign,
87 | check,
88 | cancel,
89 | };
90 |
91 | export default api;
92 |
--------------------------------------------------------------------------------
/client/src/components/Button/Button.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { Link } from 'react-router-dom';
36 | import classNames from 'classnames';
37 |
38 | const Button = ({
39 | to,
40 | state,
41 | text,
42 | buttonType = 'primary',
43 | disabled,
44 | title,
45 | onClick,
46 | }) => {
47 | const handleClick = (e) => {
48 | if (disabled) {
49 | e.preventDefault();
50 | return;
51 | }
52 |
53 | if (typeof onClick === 'function') {
54 | onClick(e);
55 | }
56 | };
57 |
58 | return (
59 |
67 | {text}
68 |
69 | );
70 | };
71 |
72 | export default Button;
73 |
--------------------------------------------------------------------------------
/client/src/components/CircleIcon/CircleIcon.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import classNames from 'classnames';
36 |
37 | import exclamationIcon from '../../styling/images/exclamation-solid.svg';
38 | import checkIcon from '../../styling/images/check-solid.svg';
39 |
40 | const icons = {
41 | error: exclamationIcon,
42 | success: checkIcon,
43 | };
44 |
45 | const CircleIcon = ({
46 | type,
47 | className,
48 | }) => (
49 |
50 |
55 |
56 | );
57 |
58 | export default CircleIcon;
59 |
--------------------------------------------------------------------------------
/client/src/components/FlowUserActionSafeguard/FlowUserActionSafeguard.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useEffect } from 'react';
36 | import { useLocation, useNavigate } from 'react-router-dom';
37 | import useHash from '../../hooks/useHash';
38 |
39 | export const pageOpenedByUserAction = (location = {}, hashParams = {}) => (location.state || {}).triggeredByUser || hashParams.initiated === 'true';
40 |
41 | // To avoid initiating a flow without the users intent we should navigate away
42 | // if we somehow ended up on a flow page without the correct state
43 | const FlowUserActionSafeguard = () => {
44 | const location = useLocation();
45 | const navigate = useNavigate();
46 | const { hashParams } = useHash();
47 |
48 | useEffect(() => {
49 | const shouldNavigateAway = !pageOpenedByUserAction(location, hashParams);
50 |
51 | if (shouldNavigateAway) {
52 | navigate('/');
53 | }
54 | }, []);
55 |
56 | return null;
57 | };
58 |
59 | export default FlowUserActionSafeguard;
60 |
--------------------------------------------------------------------------------
/client/src/components/FoldableContent/FoldableContent.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useState } from 'react';
36 | import classNames from 'classnames';
37 |
38 | import { useLocalization } from '../../contexts/localization/Localization';
39 | import downIcon from '../../styling/images/angle-down-solid-white.svg';
40 |
41 | const FoldableContent = ({ title, children }) => {
42 | const { translate } = useLocalization();
43 | const [open, setOpen] = useState(false);
44 |
45 | const toggleOpen = () => {
46 | setOpen(!open);
47 | };
48 |
49 | return (
50 |
51 |
63 |
64 |
65 | { children }
66 |
67 |
68 |
69 | );
70 | };
71 |
72 | export default FoldableContent;
73 |
--------------------------------------------------------------------------------
/client/src/components/Guide/Guide.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useNavigate } from 'react-router-dom';
36 | import classNames from 'classnames';
37 |
38 | import { useLocalization } from '../../contexts/localization/Localization';
39 | import arrowLeftIcon from '../../styling/images/arrow-left-solid-darkblue.svg';
40 |
41 | const Guide = ({
42 | children,
43 | status,
44 | className,
45 | onBackClick,
46 | }) => {
47 | const { translate } = useLocalization();
48 | const navigate = useNavigate();
49 |
50 | const handleBackClick = () => {
51 | if (typeof onBackClick === 'function') onBackClick();
52 | navigate(-1);
53 | };
54 |
55 | return (
56 |
57 |
68 |
69 | {children}
70 |
71 | );
72 | };
73 |
74 | export default Guide;
75 |
--------------------------------------------------------------------------------
/client/src/components/HelpText/HelpText.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useLocalization } from '../../contexts/localization/Localization';
36 | import arrowImage from '../../styling/images/MarkerArrow.svg';
37 |
38 | const HelpText = () => {
39 | const { translate } = useLocalization();
40 |
41 | return (
42 |
43 |
48 |
{translate('help-text')}
49 |
50 | );
51 | };
52 |
53 | export default HelpText;
54 |
--------------------------------------------------------------------------------
/client/src/components/MainContent/MainContent.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | const MainContent = ({ children }) => (
36 |
37 | { children }
38 |
39 | );
40 |
41 | export default MainContent;
42 |
--------------------------------------------------------------------------------
/client/src/components/QRCode/QRCode.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useEffect, useState } from 'react';
36 | /**
37 | * Here we've decided to use a library for creating the QR images. At the time of
38 | * writing this library is safe to use. But you should always do your research
39 | * and not use libraries you do not trust.
40 | */
41 | import QRLib from 'qrcode';
42 | import { useLocalization } from '../../contexts/localization/Localization';
43 |
44 | const qrCodeOptions = {
45 | width: 200,
46 | margin: 3,
47 | errorCorrectionLevel: 'L',
48 | };
49 |
50 | const QrCode = ({ qrCode }) => {
51 | const { translate } = useLocalization();
52 | const [qrImage, setQrImage] = useState();
53 |
54 | useEffect(() => {
55 | QRLib.toDataURL(qrCode, qrCodeOptions)
56 | .then((url) => {
57 | setQrImage(url);
58 | })
59 | .catch(() => {
60 | setQrImage(undefined);
61 | });
62 | }, [qrCode]);
63 |
64 | if (!qrImage) {
65 | return null;
66 | }
67 |
68 | return (
69 |
70 | );
71 | };
72 |
73 | export default QrCode;
74 |
--------------------------------------------------------------------------------
/client/src/components/StartButton/StartButton.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { URLS } from '../../constants';
36 | import { useSidebar } from '../../contexts/sidebar/Sidebar';
37 | import useDevice from '../../hooks/useDevice';
38 | import Button from '../Button/Button';
39 |
40 | const StartButton = ({
41 | testingType,
42 | text,
43 | buttonType = 'primary',
44 | disabled,
45 | title,
46 | }) => {
47 | const {
48 | isMobileOrTablet,
49 | } = useDevice();
50 | const { close: closeSidebar } = useSidebar();
51 |
52 | const url = isMobileOrTablet ? URLS.openMobileApp : URLS.scanQr;
53 |
54 | const handleClick = (e) => {
55 | if (disabled) {
56 | e.preventDefault();
57 | return;
58 | }
59 |
60 | closeSidebar();
61 | };
62 |
63 | return (
64 |
73 | );
74 | };
75 |
76 | export default StartButton;
77 |
--------------------------------------------------------------------------------
/client/src/constants.js:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | export const URLS = {
36 | start: '/',
37 | scanQr: '/scan-qr',
38 | openDesktopApp: '/open-desktop-app',
39 | openMobileApp: '/open-mobile-app',
40 | resultSuccess: '/result-success',
41 | resultFailed: '/result-failed',
42 | about: '/about',
43 | };
44 |
45 | export const GITHUB_URL = 'https://www.github.com/bankid';
46 |
--------------------------------------------------------------------------------
/client/src/contexts/Contexts.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import Localization from './localization/Localization';
36 | import Sidebar from './sidebar/Sidebar';
37 |
38 | const Contexts = ({ children }) => (
39 |
40 |
41 | {children}
42 |
43 |
44 | );
45 |
46 | export default Contexts;
47 |
--------------------------------------------------------------------------------
/client/src/contexts/sidebar/Sidebar.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import {
36 | createContext,
37 | useState,
38 | useMemo,
39 | useContext,
40 | } from 'react';
41 |
42 | const defaultContext = {
43 | isOpen: false,
44 | open: () => {},
45 | close: () => {},
46 | toggle: () => {},
47 | };
48 |
49 | const SidebarContext = createContext(defaultContext);
50 |
51 | const Sidebar = ({ children }) => {
52 | const [isOpen, setIsOpen] = useState(false);
53 |
54 | const contextValue = useMemo(() => {
55 | const open = () => {
56 | setIsOpen(true);
57 | };
58 |
59 | const close = () => {
60 | setIsOpen(false);
61 | };
62 |
63 | const toggle = () => {
64 | setIsOpen(!isOpen);
65 | };
66 |
67 | return {
68 | isOpen,
69 | open,
70 | close,
71 | toggle,
72 | };
73 | }, [isOpen]);
74 |
75 | return (
76 |
77 | {children}
78 |
79 | );
80 | };
81 |
82 | export default Sidebar;
83 |
84 | export const useSidebar = () => useContext(SidebarContext);
85 |
--------------------------------------------------------------------------------
/client/src/hooks/useDevice.js:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | /**
36 | * Here we've decided to outsource the detection of desktop/mobile for our redirect
37 | * to the library 'is-mobile'. At the time of writing this library is safe to use.
38 | * But you should always do your research and not use libraries you do not trust.
39 | */
40 | import isMobileLib from 'is-mobile';
41 |
42 | const useDevice = () => {
43 | const isMobileOrTablet = isMobileLib({ tablet: true, featureDetect: true });
44 | const isChromeOnAppleDevice = Boolean(navigator.userAgent.match(/CriOS/));
45 | const isFirefoxOnAppleDevice = Boolean(navigator.userAgent.match(/FxiOS/));
46 | const isOperaTouchOnAppleDevice = Boolean(navigator.userAgent.match(/OPT/));
47 |
48 | return {
49 | isMobileOrTablet,
50 | isChromeOnAppleDevice,
51 | isFirefoxOnAppleDevice,
52 | isOperaTouchOnAppleDevice,
53 | };
54 | };
55 |
56 | export default useDevice;
57 |
--------------------------------------------------------------------------------
/client/src/hooks/useHash.js:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useCallback, useEffect, useState } from 'react';
36 |
37 | const getHashParams = (hash) => {
38 | if (!hash) {
39 | return {};
40 | }
41 |
42 | const params = new URLSearchParams(hash.substring(1));
43 |
44 | return [...params.entries()].reduce((acc, curr) => ({
45 | ...acc,
46 | [curr[0]]: curr[1],
47 | }), {});
48 | };
49 |
50 | const useHash = () => {
51 | const [hash, setHash] = useState(window.location.hash);
52 |
53 | const hashChangeHandler = useCallback(() => {
54 | setHash(window.location.hash);
55 | }, []);
56 |
57 | useEffect(() => {
58 | window.addEventListener('hashchange', hashChangeHandler);
59 |
60 | return () => {
61 | window.removeEventListener('hashchange', hashChangeHandler);
62 | };
63 | }, []); // eslint-disable-line react-hooks/exhaustive-deps
64 |
65 | return {
66 | hash,
67 | hashParams: getHashParams(hash),
68 | };
69 | };
70 |
71 | export default useHash;
72 |
--------------------------------------------------------------------------------
/client/src/logo.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/main.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import React from 'react'
36 | import ReactDOM from 'react-dom/client'
37 |
38 | import './styling/index.css';
39 | import App from './App'
40 |
41 | const root = ReactDOM.createRoot(document.getElementById('root'));
42 | root.render(
43 | ,
44 | );
45 |
--------------------------------------------------------------------------------
/client/src/pages/About/About.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useNavigate } from 'react-router-dom';
36 | import Button from '../../components/Button/Button';
37 | import { useLocalization } from '../../contexts/localization/Localization';
38 | import backgroundImage from '../../styling/images/eid-still.png';
39 | import { URLS } from '../../constants';
40 |
41 | const Start = () => {
42 | const { translate } = useLocalization();
43 | const navigate = useNavigate();
44 |
45 | const handleBackClick = (e) => {
46 | e.preventDefault();
47 | navigate(-1);
48 | };
49 |
50 | return (
51 | <>
52 |
53 |
54 | {translate('about-title')}
55 |
56 |
57 |
58 | {translate('about-subtitle')}
59 |
60 |
61 |
{translate('about-paragraphs-title-1')}
62 |
{translate('about-paragraphs-body-1')}
63 |
64 |
{translate('about-paragraphs-title-2')}
65 |
{translate('about-paragraphs-body-2')}
66 |
67 |
{translate('about-paragraphs-title-3')}
68 |
{translate('about-paragraphs-body-3')}
69 |
70 |
76 |
77 |
78 |
79 |
80 |
85 |
86 |
87 | );
88 | };
89 |
90 | export default Start;
91 |
--------------------------------------------------------------------------------
/client/src/pages/Error/Error.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { Link } from 'react-router-dom';
36 |
37 | import { useLocalization } from '../../contexts/localization/Localization';
38 | import backgroundImage from '../../styling/images/eid-still.png';
39 | import { URLS } from '../../constants';
40 |
41 | const Start = () => {
42 | const { translate } = useLocalization();
43 |
44 | return (
45 | <>
46 |
70 |
71 |
72 | );
73 | };
74 |
75 | export default Start;
76 |
--------------------------------------------------------------------------------
/client/src/pages/Start/Start.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import StartButton from '../../components/StartButton/StartButton';
36 | import githubLogo from '../../styling/images/github.svg';
37 | import { useLocalization } from '../../contexts/localization/Localization';
38 | import backgroundImage from '../../styling/images/eid-still.png';
39 | import { GITHUB_URL } from '../../constants';
40 |
41 | const Start = () => {
42 | const { translate } = useLocalization();
43 |
44 | return (
45 | <>
46 |
87 |
88 | );
89 | };
90 |
91 | export default Start;
92 |
--------------------------------------------------------------------------------
/client/src/router.jsx:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { useEffect } from 'react';
36 | import { Route, Routes, useLocation } from 'react-router-dom';
37 |
38 | import { URLS } from './constants';
39 | import Start from './pages/Start/Start';
40 | import ScanQR from './pages/ScanQR/ScanQR';
41 | import OpenDesktopApp from './pages/OpenDesktopApp/OpenDesktopApp';
42 | import OpenMobileApp from './pages/OpenMobileApp/OpenMobileApp';
43 | import ResultSuccess from './pages/ResultSuccess/ResultSuccess';
44 | import ResultFailed from './pages/ResultFailed/ResultFailed';
45 | import About from './pages/About/About';
46 | import Error from './pages/Error/Error';
47 |
48 | const Router = () => {
49 | const location = useLocation();
50 |
51 | useEffect(() => {
52 | window.scrollTo({ top: 0 });
53 | }, [location.pathname]);
54 |
55 | return (
56 |
57 | } />
58 | } />
59 | } />
60 | } />
61 | } />
62 | } />
63 | } />
64 | } />
65 |
66 | );
67 | };
68 |
69 | export default Router;
70 |
--------------------------------------------------------------------------------
/client/src/styling/fonts/Caveat-Regular.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/src/styling/fonts/Caveat-Regular.woff
--------------------------------------------------------------------------------
/client/src/styling/fonts/Caveat-Regular.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/src/styling/fonts/Caveat-Regular.woff2
--------------------------------------------------------------------------------
/client/src/styling/fonts/Inter-Bold.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/src/styling/fonts/Inter-Bold.woff
--------------------------------------------------------------------------------
/client/src/styling/fonts/Inter-Bold.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/src/styling/fonts/Inter-Bold.woff2
--------------------------------------------------------------------------------
/client/src/styling/fonts/Inter-Regular.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/src/styling/fonts/Inter-Regular.woff
--------------------------------------------------------------------------------
/client/src/styling/fonts/Inter-Regular.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/src/styling/fonts/Inter-Regular.woff2
--------------------------------------------------------------------------------
/client/src/styling/images/MarkerArrow.svg:
--------------------------------------------------------------------------------
1 |
10 |
--------------------------------------------------------------------------------
/client/src/styling/images/angle-down-solid-darkblue.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/angle-down-solid-white.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/arrow-left-solid-darkblue.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/arrow-right-from-bracket-solid.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/check-solid.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/eid-still.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/client/src/styling/images/eid-still.png
--------------------------------------------------------------------------------
/client/src/styling/images/en.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/exclamation-solid.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/gear-solid.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/github.svg:
--------------------------------------------------------------------------------
1 |
4 |
--------------------------------------------------------------------------------
/client/src/styling/images/logo-bank-id.svg:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/client/src/styling/images/sv.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/client/src/styling/images/system-external-link.svg:
--------------------------------------------------------------------------------
1 |
6 |
--------------------------------------------------------------------------------
/client/src/utils.js:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | export const getTextOptions = (testingType, activeLanguage, translate) => {
36 | const text = testingType === 'identify'
37 | ? (sessionStorage.getItem(`${testingType}.text.${activeLanguage}`) ?? translate(`default-${testingType}-text`))
38 | : (sessionStorage.getItem(`${testingType}.text.${activeLanguage}`) || translate(`default-${testingType}-text`));
39 |
40 | const textIsFormatted = sessionStorage.getItem(`${testingType}.text.formatted`)
41 | ? sessionStorage.getItem(`${testingType}.text.formatted`) === 'true'
42 | : true;
43 |
44 | return {
45 | text,
46 | textIsFormatted,
47 | };
48 | };
49 |
--------------------------------------------------------------------------------
/client/vite.config.js:
--------------------------------------------------------------------------------
1 | /*
2 |
3 | BSD 3-Clause License
4 |
5 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without
9 | modification, are permitted provided that the following conditions are met:
10 |
11 | 1. Redistributions of source code must retain the above copyright notice, this
12 | list of conditions and the following disclaimer.
13 |
14 | 2. Redistributions in binary form must reproduce the above copyright notice,
15 | this list of conditions and the following disclaimer in the documentation
16 | and/or other materials provided with the distribution.
17 |
18 | 3. Neither the name of the copyright holder nor the names of its
19 | contributors may be used to endorse or promote products derived from
20 | this software without specific prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
25 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
26 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 |
33 | */
34 |
35 | import { defineConfig, loadEnv } from 'vite';
36 | import react from '@vitejs/plugin-react'
37 | import basicSsl from '@vitejs/plugin-basic-ssl'
38 |
39 | // https://vitejs.dev/config/
40 | export default ({ mode }) => {
41 | process.env = {...process.env, ...loadEnv(mode, process.cwd())};
42 |
43 | return defineConfig({
44 | plugins: [
45 | react(),
46 | basicSsl(),
47 | ],
48 |
49 | server: {
50 | proxy: {
51 | '/api': {
52 | target: 'https://localhost:8443/',
53 | changeOrigin: true,
54 | secure: false,
55 | },
56 | },
57 | },
58 |
59 | build: {
60 | outDir: 'build',
61 | },
62 |
63 | base: process.env.VITE_PUBLIC_URL || '/'
64 | });
65 | };
66 |
--------------------------------------------------------------------------------
/server/README.md:
--------------------------------------------------------------------------------
1 | # BankID Demo Server
2 |
3 | This is the server part of the BankID Demo.
4 |
5 | ## Important classes
6 |
7 | ### [RpApi](src/main/java/com/bankid/codefront/bankid/relyingparty/RpApi.java)
8 | Implementation of communication with the BankID relying party api.
9 |
10 | ### [BankIDService](src/main/java/com/bankid/codefront/service/BankIDService.java)
11 | The business logic for using the BankID integration.
12 |
13 | ### [TransactionController](src/main/java/com/bankid/codefront/rest/controller/TransactionController.java)
14 | Client api for BankID authentication and sign.
15 |
16 | ## Spring profiles
17 |
18 | | name | description |
19 | |-------------|---------------------------------------------------|
20 | | default | https and redis as session store. |
21 | | dev | BankID test and uses in-memory store for sessions |
22 | | prod | BankID production, placeholder |
23 | | redis | enables redis for sessions. |
24 | | dev-log | log as text instead of json-format |
25 | | tlsdisabled | disable tls, used for tests |
26 |
27 | ## Directories
28 |
29 | | name | description |
30 | |----------------------------------------------------|-----------------------------------------------------------------------------------------|
31 | | [certificates/production](certificates/production) | contains truststore with the public key for BankID in production. |
32 | | [certificates/test](certificates/test) | contains truststore with the public key for BankID in test and the test FP certificate. |
33 |
34 |
--------------------------------------------------------------------------------
/server/certificates/localhost-cert.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIEhzCCAm+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UEBhMCU0Ux
3 | FzAVBgNVBAoMDkRldmVsb3BtZW50IENBMR8wHQYDVQQDDBZGb3JzZXRpIERldmVs
4 | b3BtZW50IENBMB4XDTE3MTIwMTA4NTMyNFoXDTE4MTIxMTA4NTMyNFowOjELMAkG
5 | A1UEBhMCU0UxFzAVBgNVBAoMDkRldmVsb3BtZW50IENBMRIwEAYDVQQDDAlsb2Nh
6 | bGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPwUue0flYSYti
7 | 3kFqXCY5Hxy6bj7Wlt0f2Ma7rEflHSkbotnOMrwOP7bGCYQN4DtG4ICxac5J4h1g
8 | LbS6PthZy/7auATbQ+PecCyUjGZFVFx4GNcew+ag3v2Zyg5X8J0Jor45MDnGjFk0
9 | qMOi1mOlEyMkj/F3q1mVgTpkqdaIE/7M4rhyrA7h+/okj9Ko7BhUFcDBzJUwsCnO
10 | wjbhWbUGPV8tTmbw+3GOvJ37IZDz0B+IKFblOU8BzQPQSyLnUUvotvK0/kH9NVCf
11 | Phgd5BD5nwZjifLC7Fjg4DF2MhzemZy7a303WV91glQmcEEPbgQ/xNopxVVfKhNx
12 | VeWJGf2jAgMBAAGjgYkwgYYwCQYDVR0TBAIwADAdBgNVHQ4EFgQUVRuSAJpPOkLR
13 | hfBvlj/ja3cZyGMwHwYDVR0jBBgwFoAUAFIWb/X/JJ+JoQYSPlEgDcS+PHkwDgYD
14 | VR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBQGA1UdEQQNMAuCCWxv
15 | Y2FsaG9zdDANBgkqhkiG9w0BAQsFAAOCAgEAE5z+0sFk3GU0Amg/OXN/EQQi3Bps
16 | YtV6TDshGvtjIIdz6h9JQX7lmc6l8c0wHnp24FqG9lgpxFN+YvU42X4Ub5NlrQcz
17 | TnEhAbhfVGceAZQs4Rj0eDTluG4hIX0LrrlssyFFZRlKML29iva4AG/Fy0MeiywS
18 | QQiTthkzZ6PRcR5xBYcQ1ZSU8ElAakgdHshEoc3ezfju1mRhHGXtiPsAhxIFOmWY
19 | QEi/dGlD5seutQ6tJCjxY/7MEI+D9c3x8YtX2U3kAeauY9/GgW6J+uU1D2jID7Y/
20 | E32qTCMrBhzIn8Ooa/ncuQ3jIflwQMuWaKWJrTOiYnJomA7rQgXSsJUUh6CBAkCS
21 | ZXDSqYt4QGx5+09fwPmQPrNpjrOE4iaISE0y6dPHHjGLJlqvAVopqJG74xIBhYUg
22 | 1JF3EgTWjJ2iBK5ZXChjTHnbcZ/4gVfIQuz93wSFrlJZ1i8PEa3G0QVkgosMV4rT
23 | T54nVpQprvqRYEta3klZht3dqsccXbSvT7Yp0O8RdUxYY5uzsXeCtuQyVxWu3sbd
24 | xJoqZm/X1Ad5BzHN0050UmBZLmIlNkbXVh7geIiOzd+WwafZdFFFlFeUdGR1VLJs
25 | Hsr071zkZjzhTByq8VEELQnim03+WoogzFjxQ0y+HXLXPVK/9Im8tZyEQX7G8/ro
26 | hxcChUsfIru0g8Y=
27 | -----END CERTIFICATE-----
28 |
--------------------------------------------------------------------------------
/server/certificates/localhost-key.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN PRIVATE KEY-----
2 | MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDPwUue0flYSYti
3 | 3kFqXCY5Hxy6bj7Wlt0f2Ma7rEflHSkbotnOMrwOP7bGCYQN4DtG4ICxac5J4h1g
4 | LbS6PthZy/7auATbQ+PecCyUjGZFVFx4GNcew+ag3v2Zyg5X8J0Jor45MDnGjFk0
5 | qMOi1mOlEyMkj/F3q1mVgTpkqdaIE/7M4rhyrA7h+/okj9Ko7BhUFcDBzJUwsCnO
6 | wjbhWbUGPV8tTmbw+3GOvJ37IZDz0B+IKFblOU8BzQPQSyLnUUvotvK0/kH9NVCf
7 | Phgd5BD5nwZjifLC7Fjg4DF2MhzemZy7a303WV91glQmcEEPbgQ/xNopxVVfKhNx
8 | VeWJGf2jAgMBAAECggEANvswyBdJpdPQz5mCNmOsufFB6RTEDIZgfs0fywsM+9V7
9 | y5SNj8RdgGfcNwzNpd5x0ZAYfttBfMwaehmeequnFhymlbudjWmqJHQLWETPzAlH
10 | b4EjbUDrCCf7dXfD1AIZjTNEpF3e7Gy4Lvd6zt1uAYHPCx4NCV6PlsFccsd/vwMR
11 | Liqc1kCYkrUB3ldi+gGrb2CjyMZy+Y711NN28yvz2xac3y6FuzpHJeKVpAy2Q6im
12 | lH/t1WvH9q8RXBkbEZ08IFpooRqBO2+so824cn5vWPYyz0q2xWO5rfLMRkVPLO1w
13 | CsJKWz3sLs2RZDWcAP5i+suTlYlf0E/irnWMqMFIAQKBgQD6qTMkWwECA/EzwRoK
14 | NZl/l9C4y0oT695+q6kx9NVx7g3/+D4ADXGv/iDNSC/Gg9fe7qFSrQVbR0XuSd9d
15 | hpwCEhGnpL03YmV4HSIbFv8+56d4vfVcScEzrT6Sphgp39U1Y7xB+reRvgKGWdSs
16 | X/HCq1dwIXiJbAwyxf7bPP9o8QKBgQDULiObowq2nozVN6Ipfh4WmDHa8/9C6/5P
17 | 7Cu9CFdJmmRkFMceeq6P9+d0BoLg3gmTxVuHNe+A6tZQ34kvfhsblhOvQzgIZD65
18 | DByEG8+J7nX2a/5MjY9Kug9I870Ol9mz+WvZgIZMlZWHKRR+JxD61OvI9AjwaXBB
19 | DEf/dXZv0wKBgQDL2aK/5EqziuU0Q8yblO+atqqGPr2l6eLufUiCWizkFMfJ7ebu
20 | QAC/MhsXF6fS+BItOUB1bkS28QXMPsOq2fgyLuOwxOclDZ6byoWcJl26mMa4CTRr
21 | s4euMSx8MxvfoitQ2iWWOwHjQvXmsVOmQ/jnalUX2gCfMgHRoPgc8ER+4QKBgF3C
22 | hbmgsntAVLtjeiUbtfAGEQHQEFxiLF7k3e8KYIgF0ZboF5VAYSL9SSncNrlnZJQI
23 | Agodq1gsbcgO/3AdKZ1nFAu+iGQs6Aqdb3xxTaSF21qpHhZ193vt/BMgocpxD6KX
24 | 9TCHutDcyNaRMJ0OZlJxBEAolkqmTRRxeN9J6KxBAoGAF3OS8ZmA7n1EnFRXUMLp
25 | A7duyUNZimf9+yeos075pRZctADbHfnnUFB6hIW/MBtoQhlkqx/4+Ngj/bmuGj4c
26 | 9O3QPOtOHkTOLhQtjR/GNDecQBaoiEBlRXOAdCUtsdCni773Q/wVEAXrxGzm9wsx
27 | 8W+WRVPFbTmPIzq1HfPqFvA=
28 | -----END PRIVATE KEY-----
29 |
--------------------------------------------------------------------------------
/server/certificates/production/truststore.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/server/certificates/production/truststore.p12
--------------------------------------------------------------------------------
/server/certificates/production/truststore.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIFvjCCA6agAwIBAgIITyTh/u1bExowDQYJKoZIhvcNAQENBQAwYjEkMCIGA1UE
3 | CgwbRmluYW5zaWVsbCBJRC1UZWtuaWsgQklEIEFCMRowGAYDVQQLDBFJbmZyYXN0
4 | cnVjdHVyZSBDQTEeMBwGA1UEAwwVQmFua0lEIFNTTCBSb290IENBIHYxMB4XDTEx
5 | MTIwNzEyMzQwN1oXDTM0MTIzMTEyMzQwN1owYjEkMCIGA1UECgwbRmluYW5zaWVs
6 | bCBJRC1UZWtuaWsgQklEIEFCMRowGAYDVQQLDBFJbmZyYXN0cnVjdHVyZSBDQTEe
7 | MBwGA1UEAwwVQmFua0lEIFNTTCBSb290IENBIHYxMIICIjANBgkqhkiG9w0BAQEF
8 | AAOCAg8AMIICCgKCAgEAwVA4snZiSFI3r64LvYu4mOsI42A9aLKEQGq4IZo257iq
9 | vPH82SMvgBJgE52kCx7gQMmZ7iSm39CEA19hlILh8JEJNTyJNxMxVDN6cfJP1jMH
10 | JeTES1TmVbWUqGyLpyT8LCJhC9Vq4W3t/O1svGJNOUQIQL4eAHSvWTVoalxzomJh
11 | On97ENjXAt4BLb6sHfVBvmB5ReK0UfwpNACFM1RN8btEaDdWC4PfA72yzV3wK/cY
12 | 5h2k1RM1s19PjoxnpJqrmn4qZmP4tN/nk2d7c4FErJAP0pnNsll1+JfkdMfiPD35
13 | +qcclpspzP2LpauQVyPbO21Nh+EPtr7+Iic2tkgz0g1kK0IL/foFrJ0Ievyr3Drm
14 | 2uRnA0esZ45GOmZhE22mycEX9l7w9jrdsKtqs7N/T46hil4xBiGblXkqKNG6TvAR
15 | k6XqOp3RtUvGGaKZnGllsgTvP38/nrSMlszNojrlbDnm16GGoRTQnwr8l+Yvbz/e
16 | v/e6wVFDjb52ZB0Z/KTfjXOl5cAJ7OCbODMWf8Na56OTlIkrk5NyU/uGzJFUQSvG
17 | dLHUipJ/sTZCbqNSZUwboI0oQNO/Ygez2J6zgWXGpDWiN4LGLDmBhB3T8CMQu9J/
18 | BcFvgjnUyhyim35kDpjVPC8nrSir5OkaYgGdYWdDuv1456lFNPNNQcdZdt5fcmMC
19 | AwEAAaN4MHYwHQYDVR0OBBYEFPgqsux5RtcrIhAVeuLBSgBuRDFVMA8GA1UdEwEB
20 | /wQFMAMBAf8wHwYDVR0jBBgwFoAU+Cqy7HlG1ysiEBV64sFKAG5EMVUwEwYDVR0g
21 | BAwwCjAIBgYqhXBOAQQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBDQUAA4IC
22 | AQAJOjUOS2GJPNrrrqf539aN1/EbUj5ZVRjG4wzVtX5yVqPGcRZjUQlNTcfOpwPo
23 | czKBnNX2OMF+Qm94bb+xXc/08AERqJJ3FPKu8oDNeK+Rv1X4nh95J4RHZcvl4AGh
24 | ECmGMyhyCea0qZBFBsBqQR7oC9afYOxsSovaPqX31QMLULWUYoBKWWHLVVIoHjAm
25 | GtAzMkLwe0/lrVyApr9iyXWhVr+qYGmFGw1+rwmvDmmSLWNWawYgH4NYxTf8z5hB
26 | iDOdAgilvyiAF8Yl0kCKUB2fAPhRNYlEcN+UP/KL24h/pB+hZ9mvR0tM6nW3HVZa
27 | DrvRz4VihZ8vRi3fYnOAkNE6kZdrrdO7LdBc9yYkfQdTcy0N+Aw7q4TkQ8npomrV
28 | mTKaPhtGhA7VICyRNBVcvyoxr+CY7aRQyHn/C7n/jRsQYxs7uc+msq6jRS4HPK8o
29 | lnF9usWZX6KY+8mweJiTE4uN4ZUUBUtt8WcXXDiK/bxEG2amjPcZ/b4LXwGCJb+a
30 | NWP4+iY6kBKrMANs01pLvtVjUS9RtRrY3cNEOhmKhO0qJSDXhsTcVtpbDr37UTSq
31 | QVw83dReiARPwGdURmmkaheH6z4k6qEUSXuFch0w53UAc+1aBXR1bgyFqMdy7Yxi
32 | b2AYu7wnrHioDWqP6DTkUSUeMB/zqWPM/qx6QNNOcaOcjA==
33 | -----END CERTIFICATE-----
34 |
--------------------------------------------------------------------------------
/server/certificates/test/FPTestcert5_20240610.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/server/certificates/test/FPTestcert5_20240610.p12
--------------------------------------------------------------------------------
/server/certificates/test/truststore.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BankID/SampleCode/b6cc93d955ac1012fa9adc9bf265c4b8787a40b0/server/certificates/test/truststore.p12
--------------------------------------------------------------------------------
/server/certificates/test/truststore.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIF0DCCA7igAwIBAgIIIhYaxu4khgAwDQYJKoZIhvcNAQENBQAwbDEkMCIGA1UE
3 | CgwbRmluYW5zaWVsbCBJRC1UZWtuaWsgQklEIEFCMRowGAYDVQQLDBFJbmZyYXN0
4 | cnVjdHVyZSBDQTEoMCYGA1UEAwwfVGVzdCBCYW5rSUQgU1NMIFJvb3QgQ0EgdjEg
5 | VGVzdDAeFw0xNDExMjExMjM5MzFaFw0zNDEyMzExMjM5MzFaMGwxJDAiBgNVBAoM
6 | G0ZpbmFuc2llbGwgSUQtVGVrbmlrIEJJRCBBQjEaMBgGA1UECwwRSW5mcmFzdHJ1
7 | Y3R1cmUgQ0ExKDAmBgNVBAMMH1Rlc3QgQmFua0lEIFNTTCBSb290IENBIHYxIFRl
8 | c3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCAKWsJc/kV/0434d+S
9 | qn19mIr85RZ/PgRFaUplSrnhuzAmaXihPLCEsd3Mh/YErygcxhQ/MAzi5OZ/anfu
10 | WSCwceRlQINtvlRPdMoeZtu29FsntK1Z5r2SYNdFwbRFb8WN9FsU0KvC5zVnuDMg
11 | s5dUZwTmdzX5ZdLP7pdgB3zhTnra5ORtkiWiUxJVev9keRgAo00ZHIRJ+xTfiSPd
12 | Jc314maigVRQZdGKSyQcQMTWi1YLwd2zwOacNxleYf8xqKgkZsmkrc4Dp2mR5Pkr
13 | nnKB6A7sAOSNatua7M86EgcGi9AaEyaRMkYJImbBfzaNlaBPyMSvwmBZzp2xKc9O
14 | D3U06ogV6CJjJL7hSuVc5x/2H04d+2I+DKwep6YBoVL9L81gRYRycqg+w+cTZ1TF
15 | /s6NC5YRKSeOCrLw3ombhjyyuPl8T/h9cpXt6m3y2xIVLYVzeDhaql3hdi6IpRh6
16 | rwkMhJ/XmOpbDinXb1fWdFOyQwqsXQWOEwKBYIkM6cPnuid7qwaxfP22hDgAolGM
17 | LY7TPKUPRwV+a5Y3VPl7h0YSK7lDyckTJdtBqI6d4PWQLnHakUgRQy69nZhGRtUt
18 | PMSJ7I4Qtt3B6AwDq+SJTggwtJQHeid0jPki6pouenhPQ6dZT532x16XD+WIcD2f
19 | //XzzOueS29KB7lt/wH5K6EuxwIDAQABo3YwdDAdBgNVHQ4EFgQUDY6XJ/FIRFX3
20 | dB4Wep3RVM84RXowDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBQNjpcn8UhE
21 | Vfd0HhZ6ndFUzzhFejARBgNVHSAECjAIMAYGBCoDBAUwDgYDVR0PAQH/BAQDAgEG
22 | MA0GCSqGSIb3DQEBDQUAA4ICAQA5s59/Olio4svHXiKu7sPQRvrf4GfGB7hUjBGk
23 | YW2YOHTYnHavSqlBASHc8gGGwuc7v7+H+vmOfSLZfGDqxnBqeJx1H5E0YqEXtNqW
24 | G1JusIFa9xWypcONjg9v7IMnxxQzLYws4YwgPychpMzWY6B5hZsjUyKgB+1igxnf
25 | uaBueLPw3ZaJhcCL8gz6SdCKmQpX4VaAadS0vdMrBOmd826H+aDGZek1vMjuH11F
26 | fJoXY2jyDnlol7Z4BfHc011toWNMxojI7w+U4KKCbSxpWFVYITZ8WlYHcj+b2A1+
27 | dFQZFzQN+Y1Wx3VIUqSks6P7F5aF/l4RBngy08zkP7iLA/C7rm61xWxTmpj3p6SG
28 | fUBsrsBvBgfJQHD/Mx8U3iQCa0Vj1XPogE/PXQQq2vyWiAP662hD6og1/om3l1PJ
29 | TBUyYXxqJO75ux8IWblUwAjsmTlF/Pcj8QbcMPXLMTgNQAgarV6guchjivYqb6Zr
30 | hq+Nh3JrF0HYQuMgExQ6VX8T56saOEtmlp6LSQi4HvKatCNfWUJGoYeT5SrcJ6sn
31 | By7XLMhQUCOXcBwKbNvX6aP79VA3yeJHZO7XParX7V9BB+jtf4tz/usmAT/+qXtH
32 | CCv9Xf4lv8jgdOnFfXbXuT8I4gz8uq8ElBlpbJntO6p/NY5a08E6C7FWVR+WJ5vZ
33 | OP2HsA==
34 | -----END CERTIFICATE-----
35 |
--------------------------------------------------------------------------------
/server/checkstyle.header:
--------------------------------------------------------------------------------
1 | ../checkstyle.header
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/CodeFrontApplication.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront;
35 |
36 | import com.bankid.codefront.config.AppConfig;
37 | import com.bankid.codefront.config.BankIDRelyingPartyConfig;
38 | import com.bankid.codefront.config.HeadersConfig;
39 | import org.springframework.boot.SpringApplication;
40 | import org.springframework.boot.autoconfigure.SpringBootApplication;
41 | import org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration;
42 | import org.springframework.boot.context.properties.EnableConfigurationProperties;
43 | import org.springframework.context.annotation.Bean;
44 | import org.springframework.session.web.http.CookieSerializer;
45 | import org.springframework.session.web.http.DefaultCookieSerializer;
46 |
47 |
48 | /**
49 | * The starting point for our application.
50 | */
51 | @SpringBootApplication(exclude = {UserDetailsServiceAutoConfiguration.class})
52 | @EnableConfigurationProperties({AppConfig.class, BankIDRelyingPartyConfig.class, HeadersConfig.class})
53 | @SuppressWarnings({"FinalClass", "HideUtilityClassConstructor"})
54 | public class CodeFrontApplication {
55 |
56 | /**
57 | * Start our application.
58 | * @param args the startup arguments.
59 | */
60 | public static void main(String[] args) {
61 | SpringApplication.run(CodeFrontApplication.class, args);
62 | }
63 |
64 |
65 | /**
66 | * Set custom session cookie name.
67 | * @return cookie serializer.
68 | */
69 | @Bean
70 | public CookieSerializer cookieSerializer() {
71 | DefaultCookieSerializer serializer = new DefaultCookieSerializer();
72 | serializer.setCookieName("__Host-SESSION_CODE_FRONT");
73 | serializer.setCookiePath("/");
74 | serializer.setSameSite("Strict");
75 | serializer.setUseSecureCookie(true);
76 | return serializer;
77 | }
78 | }
79 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/ServletInitializer.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront;
35 |
36 | import org.springframework.boot.builder.SpringApplicationBuilder;
37 | import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
38 |
39 | /**
40 | * The application start class.
41 | */
42 | public class ServletInitializer extends SpringBootServletInitializer {
43 |
44 | /**
45 | * Creates the SpringApplicationBuilder to start the spring application.
46 | * @param application the existing application.
47 | * @return the new application, augmented with our base class.
48 | */
49 | @Override
50 | protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
51 | return application.sources(CodeFrontApplication.class);
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/bankid/relyingparty/signature/BidSignatureNamespaceContext.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.bankid.relyingparty.signature;
35 |
36 | import javax.xml.XMLConstants;
37 | import javax.xml.namespace.NamespaceContext;
38 | import java.util.Iterator;
39 |
40 | /**
41 | * Implements the namespace context for BID signatures.
42 | */
43 | public class BidSignatureNamespaceContext implements NamespaceContext {
44 | /**
45 | * {@inheritDoc}
46 | */
47 | public String getNamespaceURI(String prefix) {
48 | if (prefix == null) {
49 | throw new NullPointerException("Null prefix");
50 | } else if ("digsig".equals(prefix)) {
51 | return "http://www.w3.org/2000/09/xmldsig#";
52 | } else if ("bidsig".equals(prefix)) {
53 | return "http://www.bankid.com/signature/v1.0.0/types";
54 | } else if ("xml".equals(prefix)) {
55 | return XMLConstants.XML_NS_URI;
56 | }
57 |
58 | return XMLConstants.NULL_NS_URI;
59 | }
60 |
61 | /**
62 | * This method isn't necessary for XPath processing.
63 | * {@inheritDoc}
64 | */
65 | public String getPrefix(String uri) {
66 | throw new UnsupportedOperationException();
67 | }
68 |
69 | /**
70 | * This method isn't necessary for XPath processing.
71 | * {@inheritDoc}
72 | */
73 | public Iterator getPrefixes(String uri) {
74 | throw new UnsupportedOperationException();
75 | }
76 | }
77 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/bankid/relyingparty/signature/SignatureParseException.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.bankid.relyingparty.signature;
35 |
36 | import org.xml.sax.SAXException;
37 |
38 | /**
39 | * A BankID signature could not be parsed.
40 | */
41 | public class SignatureParseException extends Exception {
42 | /**
43 | * Create instance from SAX exception.
44 | * @param e the exception to create this exception from.
45 | */
46 | SignatureParseException(SAXException e) {
47 | super(e);
48 | }
49 |
50 | /**
51 | * Create instance from message.
52 | * @param message the message to create this exception from.
53 | */
54 | SignatureParseException(String message) {
55 | super(message);
56 | }
57 | }
58 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/bankid/relyingparty/signature/XmlParseErrorHandler.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.bankid.relyingparty.signature;
35 |
36 | import org.xml.sax.ErrorHandler;
37 | import org.xml.sax.SAXException;
38 | import org.xml.sax.SAXParseException;
39 |
40 | import java.io.PrintWriter;
41 |
42 | /**
43 | * Error handler for parsing XML.
44 | */
45 | public class XmlParseErrorHandler implements ErrorHandler {
46 |
47 | private PrintWriter out;
48 |
49 | /**
50 | * Create an instance of the error handler.
51 | * @param out the resulting errors.
52 | */
53 | public XmlParseErrorHandler(PrintWriter out) {
54 | this.out = out;
55 | }
56 |
57 | private String getParseExceptionInfo(SAXParseException spe) {
58 | String systemId = spe.getSystemId();
59 | if (systemId == null) {
60 | systemId = "null";
61 | }
62 |
63 | return "URI="
64 | + systemId
65 | + " Line="
66 | + spe.getLineNumber()
67 | + ": "
68 | + spe.getMessage();
69 | }
70 |
71 | /**
72 | * {@inheritDoc}
73 | */
74 | public void warning(SAXParseException spe) {
75 | this.out.println("Warning: " + getParseExceptionInfo(spe));
76 | }
77 |
78 | /**
79 | * {@inheritDoc}
80 | */
81 | public void error(SAXParseException spe) throws SAXException {
82 | String message = "Error: " + getParseExceptionInfo(spe);
83 | throw new SAXException(message);
84 | }
85 |
86 | /**
87 | * {@inheritDoc}
88 | */
89 | public void fatalError(SAXParseException spe) throws SAXException {
90 | String message = "Fatal Error: " + getParseExceptionInfo(spe);
91 | throw new SAXException(message);
92 | }
93 | }
94 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/config/AppConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.config;
35 |
36 | import org.springframework.boot.context.properties.ConfigurationProperties;
37 |
38 | /**
39 | * Represents the general configuration settings.
40 | */
41 | @ConfigurationProperties("app.bankid")
42 | public class AppConfig {
43 |
44 | private String domain;
45 |
46 | /**
47 | * Set the page domain.
48 | * @param domain of the page.
49 | */
50 | public void setDomain(String domain) {
51 | this.domain = domain;
52 | }
53 |
54 | /**
55 | * Returns the domain.
56 | * @return the domain.
57 | */
58 | public String getDomain() {
59 | return this.domain;
60 | }
61 | }
62 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/config/ClockConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.config;
35 |
36 | import org.springframework.context.annotation.Bean;
37 | import org.springframework.context.annotation.Configuration;
38 |
39 | import java.time.Clock;
40 |
41 | /**
42 | * Clock configuration.
43 | */
44 | @Configuration
45 | public class ClockConfig {
46 |
47 | /**
48 | * The clock bean. Used for easier testing.
49 | * @return the clock.
50 | */
51 | @Bean
52 | Clock clock() {
53 | return Clock.systemDefaultZone();
54 | }
55 | }
56 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/config/HeadersConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.config;
35 |
36 | import org.springframework.boot.context.properties.ConfigurationProperties;
37 |
38 | /**
39 | * Represents the configuration settings for the BankID Relying Party API.
40 | */
41 | @ConfigurationProperties("app.bankid.headers")
42 | public class HeadersConfig {
43 | @SuppressWarnings("checkstyle:LineLength")
44 | private static final String DEFAULT_CSP_HEADER = "default-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self';";
45 | private String csp = DEFAULT_CSP_HEADER;
46 |
47 | /**
48 | * Get csp header.
49 | * @return the csp header.
50 | */
51 | public String getCsp() {
52 | return this.csp;
53 | }
54 |
55 | /**
56 | * Set csp header.
57 | * @param csp the csp header.
58 | */
59 | public void setCsp(String csp) {
60 | this.csp = csp;
61 | }
62 | }
63 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/config/Metrics.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.config;
35 |
36 | /**
37 | * Holds metrics configuration.
38 | */
39 | public final class Metrics {
40 | /**
41 | * The base name of all internal metrics.
42 | */
43 | public static final String BASE_METRICS_PREFIX = "bankid.";
44 |
45 | private Metrics() {
46 |
47 | }
48 | }
49 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/config/SessionConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.config;
35 |
36 | import org.springframework.context.annotation.Configuration;
37 | import org.springframework.context.annotation.Profile;
38 | import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
39 | import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer;
40 |
41 | /**
42 | * Setup in redis session repository.
43 | */
44 | @Profile("!dev | redis")
45 | @Configuration
46 | @EnableRedisHttpSession
47 | public class SessionConfig extends AbstractHttpSessionApplicationInitializer {
48 |
49 | }
50 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/config/SessionConfigDev.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.config;
35 |
36 | import org.springframework.context.annotation.Bean;
37 | import org.springframework.context.annotation.Configuration;
38 | import org.springframework.context.annotation.Profile;
39 | import org.springframework.session.MapSessionRepository;
40 | import org.springframework.session.config.annotation.web.http.EnableSpringHttpSession;
41 |
42 | import java.util.concurrent.ConcurrentHashMap;
43 |
44 | /**
45 | * Setup in memory session repository during development.
46 | */
47 | @EnableSpringHttpSession
48 | @Configuration
49 | @Profile("dev & !redis")
50 | public class SessionConfigDev {
51 |
52 | /**
53 | * Create session repository.
54 | * @return returns session repository.
55 | */
56 | @Bean
57 | public MapSessionRepository sessionRepository() {
58 | return new MapSessionRepository(new ConcurrentHashMap<>());
59 | }
60 | }
61 |
62 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/Base64String.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models;
35 |
36 | import org.owasp.encoder.Encode;
37 |
38 | /**
39 | * Represents a validated base64 encoded string.
40 | */
41 | public class Base64String extends ValidatedValue {
42 |
43 | private static final String BASE64_PATTERN = "^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$";
44 | private static final int MINIMUM_LENGTH = 4;
45 |
46 | /**
47 | * Creates an instance base on a base64 encoded string.
48 | * @param str the base64 encoded string.
49 | */
50 | public Base64String(String str) {
51 | this.throwForNull(str);
52 | this.throwForIllegalPattern(str, BASE64_PATTERN);
53 | if (str.length() < MINIMUM_LENGTH) {
54 | throw new IllegalArgumentException(
55 | "Supplied "
56 | + this.getNameOfValue()
57 | + " is too short: '"
58 | + Encode.forJava(str)
59 | + "'.");
60 | }
61 |
62 | this.setValue(str);
63 | }
64 |
65 | @Override
66 | protected String getNameOfValue() {
67 | return "Base64String";
68 | }
69 | }
70 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/bankid/relyingparty/CancelRequest.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | /**
37 | * Request to cancel an ongoing transaction.
38 | */
39 | public class CancelRequest {
40 | private String orderRef;
41 |
42 | /**
43 | * Initialize request from order reference.
44 | * @param orderRef
45 | * The orderRef returned from auth or sign.
46 | */
47 | public CancelRequest(String orderRef) {
48 | this.orderRef = orderRef;
49 | }
50 |
51 | /**
52 | * Returns the orderRef returned from auth or sign.
53 | * @return the orderRef returned from auth or sign.
54 | */
55 | public String getOrderRef() {
56 | return this.orderRef;
57 | }
58 |
59 | /**
60 | * Sets the orderRef returned from auth or sign.
61 | * @param orderRef the orderRef returned from auth or sign.
62 | */
63 | public void setOrderRef(String orderRef) {
64 | this.orderRef = orderRef;
65 | }
66 | }
67 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/bankid/relyingparty/CollectRequest.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | /**
37 | * Represents the request for collecting BankID status.
38 | */
39 | public class CollectRequest {
40 | private final String orderRef;
41 |
42 | /**
43 | * Initialize request from order reference.
44 | * @param orderRef
45 | * The orderRef returned from auth or sign.
46 | */
47 | public CollectRequest(String orderRef) {
48 | this.orderRef = orderRef;
49 | }
50 |
51 | /**
52 | * Returns the order reference.
53 | * @return the order reference.
54 | */
55 | public String getOrderRef() {
56 | return this.orderRef;
57 | }
58 | }
59 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/bankid/relyingparty/DeviceData.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
37 |
38 | import java.io.Serializable;
39 |
40 | /**
41 | * Represents information about the device.
42 | */
43 | @JsonIgnoreProperties(ignoreUnknown = true)
44 | public class DeviceData implements Serializable {
45 | private String ipAddress;
46 | private String uhi;
47 |
48 | /**
49 | * Returns the IP address of the user agent as the BankID server discovers it.
50 | * @return the IP address of the user agent as the BankID server discovers it.
51 | */
52 | public String getIpAddress() {
53 | return this.ipAddress;
54 | }
55 |
56 | /**
57 | * Sets the IP address of the user agent as the BankID server discovers it.
58 | * @param ipAddress - the IP address of the user agent as the BankID server discovers it.
59 | */
60 | public void setIpAddress(String ipAddress) {
61 | this.ipAddress = ipAddress;
62 | }
63 |
64 | /**
65 | * Returns the uhi for the device.
66 | * @return the uhi for the device.
67 | */
68 | public String getUhi() {
69 | return this.uhi;
70 | }
71 |
72 | /**
73 | * Sets the uhi for the device.
74 | * @param uhi - the uhi for the device.
75 | */
76 | public void setUhi(String uhi) {
77 | this.uhi = uhi;
78 | }
79 | }
80 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/bankid/relyingparty/RiskLevel.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | /**
37 | * Indicates the risk level of the transaction based on data available in the order.
38 | */
39 | public enum RiskLevel {
40 | /**
41 | * Low risk transaction.
42 | * No or low risk identified in available order data.
43 | */
44 | LOW,
45 | /**
46 | * Moderate risk orders.
47 | * Might need further action, investigation or follow up by the Relying Party based on order data.
48 | */
49 | MODERATE,
50 | /**
51 | * High risk transaction.
52 | * Transaction should be blocked/cancelled by the Relying Party and
53 | * needs further action, investigation or follow up.
54 | */
55 | HIGH
56 | }
57 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/bankid/relyingparty/RiskRequirement.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | /**
37 | * The acceptable risk level for the transaction.
38 | */
39 | public enum RiskRequirement {
40 | /**
41 | * Only accept low risk transactions.
42 | */
43 | LOW,
44 | /**
45 | * Accept low and moderate risk transactions.
46 | */
47 | MODERATE
48 | }
49 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/bankid/relyingparty/SetUpData.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
37 |
38 | import java.io.Serializable;
39 |
40 | /**
41 | * Information about extra verifications that were part of the transaction.
42 | */
43 | @JsonIgnoreProperties(ignoreUnknown = true)
44 | public class SetUpData implements Serializable {
45 | private Boolean mrtd;
46 |
47 | /**
48 | * true if the mrtd check was performed and passed.
49 | * false if the mrtd check was performed and failed.
50 | * @return the status of mrtd.
51 | */
52 | public Boolean getMrtd() {
53 | return this.mrtd;
54 | }
55 |
56 | /**
57 | * Sets the mrtd status.
58 | * @param mrtd - mrtd status.
59 | */
60 | public void setMrtd(Boolean mrtd) {
61 | this.mrtd = mrtd;
62 | }
63 | }
64 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/bankid/relyingparty/StartSignatureRequest.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | import com.bankid.codefront.models.Base64String;
37 |
38 | /**
39 | * Represents a request to start a BankID RP signature transaction.
40 | */
41 | public class StartSignatureRequest extends StartAuthenticationRequest {
42 |
43 | /**
44 | * Initialize the object.
45 | *
46 | * @param endUserIp the information channel client IP number.
47 | * @param userVisibleData the user visible data.
48 | */
49 | public StartSignatureRequest(String endUserIp, Base64String userVisibleData) {
50 | super(endUserIp);
51 |
52 | this.setUserVisibleData(userVisibleData);
53 | }
54 | }
55 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/service/CompletionResult.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.service;
35 |
36 | /**
37 | * The completion data returned from BankIDService.
38 | */
39 | public class CompletionResult {
40 |
41 | private final String name;
42 | private final String personalNumber;
43 | private final String signedText;
44 |
45 | /**
46 | * Create completion result.
47 | * @param name the name.
48 | * @param personalNumber the personal number.
49 | * @param signedText the text shown to the user when authenticated or signed the transaction.
50 | */
51 | public CompletionResult(String name, String personalNumber, String signedText) {
52 | this.name = name;
53 | this.personalNumber = personalNumber;
54 | this.signedText = signedText;
55 | }
56 |
57 | /**
58 | * Returns the name.
59 | * @return the name.
60 | */
61 | public String getName() {
62 | return this.name;
63 | }
64 |
65 | /**
66 | * Returns the personal number.
67 | * @return the personal number.
68 | */
69 | public String getPersonalNumber() {
70 | return this.personalNumber;
71 | }
72 |
73 | /**
74 | * Returns the signed text.
75 | * @return the signed text.
76 | */
77 | public String getSignedText() {
78 | return this.signedText;
79 | }
80 | }
81 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/models/service/Status.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.service;
35 |
36 | /**
37 | * Transaction Status.
38 | */
39 | public enum Status {
40 | /**
41 | * Transaktion complete.
42 | */
43 | COMPLETE,
44 | /**
45 | * Transaction failed.
46 | */
47 | FAILED,
48 | /**
49 | * Transaction in progress.
50 | */
51 | PENDING;
52 |
53 | /**
54 | * Get status from String.
55 | * @param value string representations of status.
56 | * @return status.
57 | */
58 | public static Status fromString(String value) {
59 |
60 | for (Status s : Status.values()) {
61 | if (s.toString().equalsIgnoreCase(value)) {
62 | return s;
63 | }
64 | }
65 | return PENDING;
66 | }
67 | }
68 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/rest/controller/SpaController.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.rest.controller;
35 |
36 | import org.springframework.boot.web.servlet.error.ErrorController;
37 | import org.springframework.http.HttpMethod;
38 | import org.springframework.http.HttpStatus;
39 | import org.springframework.stereotype.Controller;
40 | import org.springframework.web.bind.annotation.RequestMapping;
41 |
42 | import jakarta.servlet.http.HttpServletRequest;
43 | import jakarta.servlet.http.HttpServletResponse;
44 |
45 | /**
46 | * Controller to handel SPA, all missing pages should be handeld by the SPA.
47 | */
48 | @Controller
49 | public class SpaController implements ErrorController {
50 |
51 | /**
52 | * Request mapping to handle error.
53 | * @param request the request.
54 | * @param response the response.
55 | * @return the error response.
56 | */
57 | @RequestMapping("/error")
58 | public Object error(HttpServletRequest request, HttpServletResponse response) {
59 | // Forward all get not found errors to index.html
60 | if (
61 | response.getStatus() == HttpStatus.NOT_FOUND.value()
62 | && request.getMethod().equalsIgnoreCase(HttpMethod.GET.name())
63 | ) {
64 | response.setStatus(HttpStatus.OK.value());
65 | return "forward:/index.html";
66 | } else {
67 | return response;
68 | }
69 | }
70 | }
71 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/rest/model/ErrorCode.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.rest.model;
35 |
36 | /**
37 | * Error Codes sent to client.
38 | */
39 | public enum ErrorCode {
40 | /**
41 | * BankID transaction already in progress.
42 | */
43 | ALREADY_IN_PROGRESS,
44 | /**
45 | * Unknown error.
46 | */
47 | UNKNOWN,
48 | }
49 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/rest/model/SessionValue.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.rest.model;
35 |
36 | import com.bankid.codefront.models.service.BankIDTransaction;
37 | import com.fasterxml.jackson.databind.annotation.JsonSerialize;
38 | import org.springframework.stereotype.Component;
39 | import org.springframework.web.context.annotation.SessionScope;
40 |
41 | import java.io.Serializable;
42 |
43 | /**
44 | * Value stored in session about the transaction.
45 | */
46 | @Component
47 | @SessionScope
48 | @JsonSerialize
49 | public class SessionValue implements Serializable {
50 | private static final long serialVersionUID = 1L;
51 |
52 | private BankIDTransaction bankIDTransaction;
53 | private boolean authTransaction;
54 |
55 | /**
56 | * Returns the BankID transaction.
57 | * @return the BankID transaction.
58 | */
59 | public BankIDTransaction getBankIDTransaction() {
60 | return this.bankIDTransaction;
61 | }
62 |
63 | /**
64 | * Sets the BankID transaction.
65 | * @param bankIDTransaction the BankID transaction.
66 | */
67 | public void setBankIDTransaction(BankIDTransaction bankIDTransaction) {
68 | this.bankIDTransaction = bankIDTransaction;
69 | }
70 |
71 | /**
72 | * Return true if is an auth transaction.
73 | * @return true if is an auth transaction.
74 | */
75 | public boolean isAuthTransaction() {
76 | return this.authTransaction;
77 | }
78 |
79 | /**
80 | * Set true is auth transaction.
81 | * @param authTransaction true if authentication.
82 | */
83 | public void setAuthTransaction(boolean authTransaction) {
84 | this.authTransaction = authTransaction;
85 | }
86 |
87 | }
88 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/rest/model/SignRequest.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 | package com.bankid.codefront.rest.model;
34 |
35 | /**
36 | * Information to start a sign transaction.
37 | *
38 | *
39 | * OBSERVE: Sent from client only for demonstration purposes,
40 | * the values should be set by the backend in production code.
41 | *
42 | */
43 | public class SignRequest extends AuthenticationRequest {
44 |
45 | private static final int SIGN_VISIBLE_MAX_LENGTH = 40000;
46 | private static final int SIGN_NON_VISIBLE_MAX_LENGTH = 200000;
47 |
48 | /**
49 | * Validate sign request.
50 | *
51 | * @return true if valid.
52 | */
53 | @Override
54 | public boolean validate() {
55 | String userVisibleData = this.getUserVisibleData();
56 | if (userVisibleData == null || userVisibleData.isEmpty()) {
57 | return false;
58 | }
59 |
60 | // Max length visible data
61 | if (base64Encode(userVisibleData).length() > SIGN_VISIBLE_MAX_LENGTH) {
62 | return false;
63 | }
64 |
65 | // Check user non visible data
66 | String userNonVisibleData = this.getUserNonVisibleData();
67 | if (userNonVisibleData != null && !userNonVisibleData.isEmpty()) {
68 | // Max length
69 | if (base64Encode(userNonVisibleData).length() > SIGN_NON_VISIBLE_MAX_LENGTH) {
70 | return false;
71 | }
72 | }
73 |
74 | return true;
75 | }
76 |
77 | }
78 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/rest/model/StartResponse.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 | package com.bankid.codefront.rest.model;
34 |
35 | /**
36 | * Start response model.
37 | */
38 | public class StartResponse {
39 |
40 | private String csrfToken;
41 |
42 | /**
43 | * Empty constructor.
44 | */
45 | public StartResponse() {
46 | }
47 |
48 | /**
49 | * Create start response.
50 | * @param csrfToken csrf token
51 | */
52 | public StartResponse(String csrfToken) {
53 | this.csrfToken = csrfToken;
54 | }
55 |
56 | /**
57 | * Get csrf token.
58 | * @return the csrf token.
59 | */
60 | public String getCsrfToken() {
61 | return this.csrfToken;
62 | }
63 | }
64 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/rest/model/TransactionResponse.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.rest.model;
35 |
36 | /**
37 | * Information needed to start the transaction in the client.
38 | */
39 | public class TransactionResponse {
40 |
41 | private final String transactionId;
42 | private final String autoStartToken;
43 |
44 | /**
45 | * Create transaction model.
46 | * @param transactionId the transaction id.
47 | * @param autoStartToken the auto start token.
48 | */
49 | public TransactionResponse(String transactionId, String autoStartToken) {
50 | this.transactionId = transactionId;
51 | this.autoStartToken = autoStartToken;
52 | }
53 |
54 | /**
55 | * Get transaction id.
56 | * @return the transaction id.
57 | */
58 | public String getTransactionId() {
59 | return this.transactionId;
60 | }
61 |
62 | /**
63 | * Get auto start token.
64 | * @return auto start token returned.
65 | */
66 | public String getAutoStartToken() {
67 | return this.autoStartToken;
68 | }
69 | }
70 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/rest/model/UserVisibleDataFormat.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.rest.model;
35 |
36 | /**
37 | * Format of visible data.
38 | */
39 | public enum UserVisibleDataFormat {
40 | /**
41 | * No format characters.
42 | */
43 | NONE(null),
44 | /**
45 | * Markdown format.
46 | */
47 | SIMPLE_MARKDOWN_V1("simpleMarkdownV1");
48 |
49 | private final String value;
50 |
51 | UserVisibleDataFormat(String value) {
52 | this.value = value;
53 | }
54 |
55 | /**
56 | * Returns the api value for visible data format.
57 | * @return the text value.
58 | */
59 | public String getValue() {
60 | return this.value;
61 | }
62 | }
63 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/service/AuditService.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.service;
35 |
36 | import com.bankid.codefront.models.bankid.relyingparty.CollectResponse;
37 | import org.slf4j.Logger;
38 | import org.slf4j.LoggerFactory;
39 | import org.springframework.stereotype.Service;
40 |
41 | /**
42 | * Placeholder service to handle audit logging.
43 | * Implement your own audit for future references/compliance/audit.
44 | */
45 | @Service
46 | public class AuditService {
47 |
48 | private final Logger logger = LoggerFactory.getLogger(AuditService.class);
49 |
50 | /**
51 | * Audit log collect response.
52 | * Add your own implementation.
53 | * @param collectResponse the successful collect response to log.
54 | */
55 | public void logCollectResponse(CollectResponse collectResponse) {
56 | // Relying party should keep the completion data for future references/compliance/audit.
57 | this.logger.info("Add storage for collectResponse");
58 | }
59 | }
60 |
--------------------------------------------------------------------------------
/server/src/main/java/com/bankid/codefront/utils/CodeFrontWebApplicationException.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.utils;
35 |
36 | import org.springframework.http.HttpStatus;
37 | import org.springframework.web.client.HttpClientErrorException;
38 |
39 | /**
40 | * Represents an application exception which should be thrown to the client.
41 | */
42 | public class CodeFrontWebApplicationException extends HttpClientErrorException {
43 | @SuppressWarnings("unused")
44 | private static final long serialVersionUID = 1L;
45 |
46 | private final String rawMessage;
47 |
48 | /**
49 | * Constructs the web application exception.
50 | *
51 | * @param status the HTTP status code to send
52 | * @param message the error message to send
53 | */
54 | public CodeFrontWebApplicationException(HttpStatus status, String message) {
55 | super(status, message);
56 | this.rawMessage = message;
57 | }
58 |
59 | /**
60 | * Returns the raw message.
61 | * @return the raw message.
62 | */
63 | public String getRawMessage() {
64 | return this.rawMessage;
65 | }
66 | }
67 |
--------------------------------------------------------------------------------
/server/src/main/resources/application-dev.yaml:
--------------------------------------------------------------------------------
1 | server:
2 | ssl:
3 | certificate: certificates/localhost-cert.pem
4 | certificate-private-key: certificates/localhost-key.pem
5 |
6 | logging:
7 | level:
8 | root: info
9 | com:
10 | bankid:
11 | codefront: DEBUG
12 | config: classpath:logback-spring.xml
13 |
14 | management:
15 | endpoint:
16 | health:
17 | group:
18 | readiness:
19 | include: "readinessState"
20 | health:
21 | redis:
22 | enabled: false
23 |
24 | app:
25 | bankid:
26 | # Public url for the site
27 | domain: localhost
28 | ##########################
29 | # BankID Relying Party settings
30 | #
31 | # Url The url to the BankID Relying Party api endpoint.
32 | # This is different between production and "kundtest" environment.
33 | # authentication-requirements The authentication requirements.
34 | # signature-requirements The signature requirements.
35 | ##########################
36 | relying-party:
37 | url: https://appapi2.test.bankid.com/rp/v6.0
38 | authentication-requirements:
39 | certificate-policies:
40 | - "1.2.3.4.5" # BankID on file
41 | - "1.2.3.4.10" # BankID on smart card
42 | - "1.2.3.4.25" # Mobile BankID
43 | - "1.2.752.71.1.3" # Nordea e-id on file and on smart card
44 | - "1.2.752.60.1.6" # Test BankID for some BankID Banks
45 | signing-requirements:
46 | certificate-policies:
47 | - "1.2.3.4.5" # BankID on file
48 | - "1.2.3.4.10" # BankID on smart card
49 | - "1.2.3.4.25" # Mobile BankID
50 | - "1.2.752.71.1.3" # Nordea e-id on file and on smart card
51 | - "1.2.752.60.1.6" # Test BankID for some BankID Banks
52 | client-cert-store-path: certificates/test/FPTestcert5_20240610.p12
53 | client-cert-store-password: qwerty123
54 | trust-store-path: certificates/test/truststore.p12
55 | trust-store-password: qwerty123
56 |
--------------------------------------------------------------------------------
/server/src/main/resources/application-prod.yaml:
--------------------------------------------------------------------------------
1 | app:
2 | bankid:
3 |
4 | ##########################
5 | # BankID Relying Party settings
6 | #
7 | # Url The url to the BankID Relying Party api endpoint.
8 | # This is different between production and "kundtest" environment.
9 | ##########################
10 | relying-party:
11 | url: https://appapi2.bankid.com/rp/v6.0
12 | trust-store-path: certificates/production/truststore.p12
13 | trust-store-password: qwerty123
14 | client-cert-store-path: # Add bankId client key
15 | client-cert-store-password:
16 |
--------------------------------------------------------------------------------
/server/src/main/resources/application-redis.yaml:
--------------------------------------------------------------------------------
1 | management:
2 | endpoint:
3 | health:
4 | group:
5 | readiness:
6 | include: "readinessState,redis"
7 | health:
8 | redis:
9 | enabled: true
10 |
--------------------------------------------------------------------------------
/server/src/main/resources/application-tlsdisabled.yaml:
--------------------------------------------------------------------------------
1 | server:
2 | ssl:
3 | enabled: false
4 |
--------------------------------------------------------------------------------
/server/src/main/resources/application.yaml:
--------------------------------------------------------------------------------
1 | server:
2 | port: 8443
3 | compression:
4 | enabled: false
5 |
6 | # Enabled SSL protocols.
7 | ssl:
8 | enabled-protocols: TLSv1.2
9 |
10 | tomcat:
11 | # Instruct tomcat to handle X-Forwarded-For
12 | remoteip:
13 | remote-ip-header: x-forwarded-for
14 | protocol-header: x-forwarded-proto
15 |
16 | logging:
17 | level:
18 | root: INFO
19 | config: /opt/codefront/default-config/logback-spring.xml
20 |
21 | management:
22 | server:
23 | port: 8081
24 | ssl:
25 | enabled: false
26 |
27 | endpoints:
28 | enabled-by-default: false
29 | web:
30 | exposure:
31 | include: metrics,prometheus,health
32 |
33 | endpoint:
34 | metrics:
35 | enabled: true
36 | prometheus:
37 | enabled: true
38 | health:
39 | group:
40 | readiness:
41 | include: "readinessState,redis"
42 | probes:
43 | enabled: true
44 | enabled: true
45 |
46 | prometheus:
47 | metrics:
48 | export:
49 | enabled: true
50 |
51 | health:
52 | livenessState:
53 | enabled: true
54 | readinessState:
55 | enabled: true
56 | redis:
57 | enabled: true
58 |
59 | spring:
60 | profiles:
61 | active: dev,dev-log
62 | main:
63 | # Get rid of that banner to handle json-formatted logging
64 | banner-mode: 'off'
65 | data:
66 | redis:
67 | host: localhost
68 | port: 6379
69 |
70 | app:
71 | bankid:
72 | # Public domain for the site
73 | domain:
74 | headers:
75 | # CSP Header
76 | csp: "default-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self';"
77 |
78 | ##########################
79 | # BankID Relying Party settings
80 | #
81 | # Url The url to the BankID Relying Party api endpoint.
82 | # This is different between production and "kundtest" environment.
83 | # authentication-requirements The BankID Relying Party authentication requirements.
84 | # Could be different between production and "kundtest" environment.
85 | # signature-requirements The BankID Relying Party signature requirements.
86 | # Could be different between production and "kundtest" environment.
87 | ##########################
88 | relying-party:
89 |
--------------------------------------------------------------------------------
/server/src/main/resources/findbugs-exclude.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/server/src/main/resources/logback-spring.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {"HOSTNAME":"${HOSTNAME}"}
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 | %d [%thread] %level{8} %logger{50} [%X{userIp}] [%X{userId}] %msg%n
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/server/src/test/java/com/bankid/codefront/TestUtils.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront;
35 |
36 | import java.security.SecureRandom;
37 |
38 | /**
39 | * Class with utils used in tests.
40 | */
41 | public final class TestUtils {
42 |
43 | private static final int STRING_LEFT_LIMIT = 97; // letter 'a'
44 | private static final int STRING_RIGHT_LIMIT = 122; // letter 'z'
45 |
46 | private TestUtils() { }
47 |
48 | /**
49 | * Generate a random string with the provided length.
50 | *
51 | * @param stringLength the length of the generated string.
52 | * @return the generated string.
53 | */
54 | public static String generateString(int stringLength) {
55 | SecureRandom random = new SecureRandom();
56 | StringBuilder buffer = new StringBuilder(stringLength);
57 | for (int i = 0; i < stringLength; i++) {
58 | int randomLimitedInt = STRING_LEFT_LIMIT + (int)
59 | (random.nextFloat() * (STRING_RIGHT_LIMIT - STRING_LEFT_LIMIT + 1));
60 | buffer.append((char) randomLimitedInt);
61 | }
62 | return buffer.toString();
63 | }
64 | }
65 |
--------------------------------------------------------------------------------
/server/src/test/java/com/bankid/codefront/actuator/K8sProbesTest.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.actuator;
35 |
36 | import org.junit.jupiter.api.Test;
37 | import org.springframework.beans.factory.annotation.Autowired;
38 | import org.springframework.boot.test.context.SpringBootTest;
39 | import org.springframework.boot.test.web.client.TestRestTemplate;
40 | import org.springframework.http.HttpStatus;
41 | import org.springframework.http.ResponseEntity;
42 | import org.springframework.test.context.ActiveProfiles;
43 |
44 | import static org.junit.jupiter.api.Assertions.assertEquals;
45 |
46 | /**
47 | * Test k8s probes.
48 | */
49 | @SpringBootTest(
50 | webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
51 | properties = {"management.server.port=9111"}
52 | )
53 | @ActiveProfiles({"dev"})
54 | public class K8sProbesTest {
55 |
56 | private static final String MANAGEMENT_HOST = "http://localhost:9111/";
57 |
58 | @Autowired
59 | private TestRestTemplate restTemplate;
60 |
61 | /**
62 | * Test liviness probe.
63 | */
64 | @Test
65 | public void testLiviness() {
66 | ResponseEntity
67 | startResponse = this.restTemplate.getForEntity(MANAGEMENT_HOST + "/actuator/health/liveness", String.class);
68 |
69 | assertEquals(HttpStatus.OK, startResponse.getStatusCode());
70 | }
71 |
72 | /**
73 | * Test readiness probe.
74 | */
75 | @Test
76 | public void testReadiness() {
77 | ResponseEntity startResponse = this.restTemplate.getForEntity(
78 | MANAGEMENT_HOST + "/actuator/health/readiness",
79 | String.class
80 | );
81 |
82 | assertEquals(HttpStatus.OK, startResponse.getStatusCode());
83 | }
84 | }
85 |
--------------------------------------------------------------------------------
/server/src/test/java/com/bankid/codefront/models/bankid/relyingparty/CancelRequestTest.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | import com.fasterxml.jackson.core.JsonProcessingException;
37 | import com.fasterxml.jackson.databind.ObjectMapper;
38 | import org.json.JSONException;
39 | import org.junit.jupiter.api.Test;
40 | import org.skyscreamer.jsonassert.JSONAssert;
41 | import org.skyscreamer.jsonassert.JSONCompareMode;
42 |
43 | /**
44 | * Test cancel request.
45 | */
46 | public class CancelRequestTest {
47 | /**
48 | * Test to verify that deserialization works nicely. The json data is taken from
49 | * https://developers.bankid.com
50 | */
51 | @Test
52 | public void serialize() throws JsonProcessingException, JSONException {
53 | CancelRequest request = new CancelRequest("131daac9-16c6-4618-beb0-365768f37288");
54 |
55 | ObjectMapper mapper = new ObjectMapper();
56 | String json = mapper.writeValueAsString(request);
57 |
58 | String expectedJson = """
59 | {
60 | "orderRef":"131daac9-16c6-4618-beb0-365768f37288"
61 | }
62 | """;
63 | JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
64 | }
65 | }
66 |
--------------------------------------------------------------------------------
/server/src/test/java/com/bankid/codefront/models/bankid/relyingparty/CollectRequestTest.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.models.bankid.relyingparty;
35 |
36 | import com.fasterxml.jackson.core.JsonProcessingException;
37 | import com.fasterxml.jackson.databind.ObjectMapper;
38 | import org.json.JSONException;
39 | import org.junit.jupiter.api.Test;
40 | import org.skyscreamer.jsonassert.JSONAssert;
41 | import org.skyscreamer.jsonassert.JSONCompareMode;
42 |
43 | /**
44 | * Test collect request.
45 | */
46 | public class CollectRequestTest {
47 | /**
48 | * Serialize as simple as it gets.
49 | */
50 | @Test
51 | public void serialize() throws JsonProcessingException, JSONException {
52 | CollectRequest request = new CollectRequest("131daac9-16c6-4618-beb0-365768f37288");
53 | ObjectMapper mapper = new ObjectMapper();
54 | String json = mapper.writeValueAsString(request);
55 |
56 | // Verify
57 | String expectedJson = """
58 | {
59 | "orderRef": "131daac9-16c6-4618-beb0-365768f37288"
60 | }
61 | """;
62 | JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
63 | }
64 | }
65 |
--------------------------------------------------------------------------------
/server/src/test/java/com/bankid/codefront/rest/contoller/AuthenticationResponse.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.rest.contoller;
35 |
36 | /**
37 | * Information needed to start the transaction in the client.
38 | */
39 | public class AuthenticationResponse {
40 |
41 | private String autoStartToken;
42 |
43 | /**
44 | * Get auto start token.
45 | * @return auto start token returned.
46 | */
47 | public String getAutoStartToken() {
48 | return this.autoStartToken;
49 | }
50 | }
51 |
--------------------------------------------------------------------------------
/server/src/test/java/com/bankid/codefront/rest/contoller/CheckResponse.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.rest.contoller;
35 |
36 | import com.bankid.codefront.models.service.Status;
37 |
38 | /**
39 | * Transaction status.
40 | */
41 | public class CheckResponse {
42 | private String hintCode;
43 | private Status status;
44 | private String qrCode;
45 |
46 | /**
47 | * Returns the hint code.
48 | * @return the hint code.
49 | */
50 | public String getHintCode() {
51 | return this.hintCode;
52 | }
53 |
54 | /**
55 | * Sets the hint code.
56 | * @param hintCode the hint code.
57 | */
58 | public void setHintCode(String hintCode) {
59 | this.hintCode = hintCode;
60 | }
61 |
62 | /**
63 | * Returns the status.
64 | * @return the status.
65 | */
66 | public Status getStatus() {
67 | return this.status;
68 | }
69 |
70 | /**
71 | * Sets the status.
72 | * @param status the status.
73 | */
74 | public void setStatus(Status status) {
75 | this.status = status;
76 | }
77 |
78 | /**
79 | * Returns the qr code.
80 | * @return the qr code.
81 | */
82 | public String getQrCode() {
83 | return this.qrCode;
84 | }
85 |
86 | /**
87 | * Sets qr code.
88 | * @param qrCode the qr code.
89 | */
90 | public void setQrCode(String qrCode) {
91 | this.qrCode = qrCode;
92 | }
93 | }
94 |
--------------------------------------------------------------------------------
/server/src/test/java/com/bankid/codefront/rest/contoller/SpaControllerTest.java:
--------------------------------------------------------------------------------
1 | /*
2 | BSD 3-Clause License
3 |
4 | Copyright (c) 2022, Finansiell ID-Teknik BID AB
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without
8 | modification, are permitted provided that the following conditions are met:
9 |
10 | 1. Redistributions of source code must retain the above copyright notice, this
11 | list of conditions and the following disclaimer.
12 |
13 | 2. Redistributions in binary form must reproduce the above copyright notice,
14 | this list of conditions and the following disclaimer in the documentation
15 | and/or other materials provided with the distribution.
16 |
17 | 3. Neither the name of the copyright holder nor the names of its
18 | contributors may be used to endorse or promote products derived from
19 | this software without specific prior written permission.
20 |
21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
22 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
25 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 |
32 | */
33 |
34 | package com.bankid.codefront.rest.contoller;
35 |
36 | import org.junit.jupiter.api.Test;
37 | import org.springframework.http.HttpEntity;
38 | import org.springframework.http.HttpHeaders;
39 | import org.springframework.http.HttpMethod;
40 | import org.springframework.http.HttpStatus;
41 | import org.springframework.http.ResponseEntity;
42 |
43 | import static org.junit.jupiter.api.Assertions.assertEquals;
44 | import static org.junit.jupiter.api.Assertions.assertNotNull;
45 | import static org.junit.jupiter.api.Assertions.assertTrue;
46 |
47 |
48 | /**
49 | * Test Spa Controller.
50 | */
51 | public class SpaControllerTest extends RestBaseControllerTest {
52 |
53 | /**
54 | * Missing page should return index.html.
55 | */
56 | @Test
57 | public void redirectGetError() {
58 | ResponseEntity
59 | startResponse = this.getRestTemplate().getForEntity("/not_found", String.class);
60 |
61 | assertNotNull(startResponse.getBody());
62 | assertTrue(startResponse.getBody().contains("You need to enable JavaScript to run this app"));
63 | assertEquals(HttpStatus.OK, startResponse.getStatusCode());
64 | }
65 |
66 | /**
67 | * Error on post should return the backend error.
68 | */
69 | @Test
70 | public void postErrorShouldReturnError() {
71 | HttpHeaders headers = getCsrfHeaders();
72 |
73 |
74 | ResponseEntity postResponse = this.getRestTemplate().exchange(
75 | "/not_found",
76 | HttpMethod.POST,
77 | new HttpEntity(headers),
78 | String.class);
79 |
80 | assertEquals(HttpStatus.NOT_FOUND, postResponse.getStatusCode());
81 | }
82 | }
83 |
--------------------------------------------------------------------------------