The demo Application for ID-Authentication, used to demonstrate the ID-Authentication services for some high level scenarios.
Disclaimer: This is not a complete reference implementation for all ID-Authentication scenarios. This is used to demonstrate the authentication services for some high level scenarios only.
This is compatible with SBI v0.9.5 for Authentication Capture of biometrics.
This includes demonstration for below listed ID-Authentication scenarios:
- Single Fingerprint Authentication
- Multiple Fingerprint Authentication
- Single Iris Authentication
- Multiple Iris Authentication
- Face Authentication
- OTP Genaration + Authentication
- Demographic Authentication (uses JSON input)
- Multi-Modality of Biometric Authentication - Fingerprint/Iris/Face
- Multi-factor Authentication - OTP + Biometrics
- EKYC Authentication
This app depends on below MOSIP components:
The following command should be run in the project to build the application -
mvn clean install -Dgpg.skip=true
Update the ID-Authentication-Demo-UI.bat
batch file as below:
java -Dida.request.captureFinger.deviceId=finger-device-id -Dida.request.captureIris.deviceId=iris-device-id -Dida.request.captureFace.deviceId=face-device-id
-Dfinger.device.subid=device-sub-id -DmispLicenseKey=misplkey -DpartnerId=partnerId -DpartnerApiKey=partnerApiKey -DpartnerOrg=partnerOrganization
-Dmosip.base.url=<mosip_base_url> -jar ./target/authentication-demo-ui-x.x.x.jar
Below properties can be given in VM Args or in application properties file.
ida.request.captureFinger.deviceId
: Finger Device IDida.request.captureIris.deviceId
: Iris Device IDida.request.captureFace.deviceId
: Face Device IDmispLicenseKey
: MISP Licenese KeypartnerId
: Partner IDpartnerApiKey
: Partner Api KeypartnerOrg
: Organization value to be used in the partner certificate auto-generation (invoked in case the partner certificate is not present). If not specified, the partner ID will be used as organization. Refer below section on partner keys and certificates.mosip.base.url
: MOSIP hosted urlfinger.device.subid
: Used to support fingerprint slab device
Note: Use -Dfinger.device.subid=1
to support fingerprint slab device. For single fingerprint authentication that argument can be removed.
For example,
java -Dida.request.captureFinger.deviceId=1 -Dida.request.captureIris.deviceId=2 -Dida.request.captureFace.deviceId=2 -Dfinger.device.subid=1 -Dmosip.base.url=https://qa.mosip.io -DmispLicenseKey=UmjbDSra8pzOGd5rVtKekTb9D6VdvOQg4Kmw5TzBdw18mbzzME -DpartnerId=748757 -DpartnerApiKey=9418294 -DpartnerOrg=ABCBank -jar ./target/authentication-demo-ui-1.2.0.jar
Partner private key and partner certificate will be looked up during the application in <Currecnt_Working_Directory>/keys/
folder:
- Private key file name:
<partner_id>-partner.p12
- Partner Certificate file name:
<partner_id>-partner.cer
The partner certificate should have been signed by MOSIP Partner Management Service (PMS).
If the above mentioned partner private key is not available, the application will auto generate the private keys and certificates with Organization value mentioned in partnerOrg
property. It will contain below entries under <Currecnt_Working_Directory>/keys/
folder:
- CA Private key file name:
<partner_id>-ca.p12
- CA Certificate file name:
<partner_id>-ca.cer
- Intermediate Private key file name:
<partner_id>-inter.p12
- Intermedtate Certificate file name:
<partner_id>-inter.cer
- Partner Private key file name:
<partner_id>-partner.p12
- Partner Certificate file name:
<partner_id>-partner.cer
Steps to follow to make the generated partner certificate usable in the authentication demo UI application:
- Create a partner with same partner ID and Organization name as in
partnerId
andpartnerOrg
properties. - Upload the CA Certificate and Intermedtate Certificate to MOSIP-PMS's "Upload CA Certificate" Endpoint.
- Upload the Partner Certificate to MOSIP-PMS's "Upload Partner Certificate" Endpoint with the same
partnerId
andpartnerOrg
property values. This will return the new partner certificate signed by MOSIP PMS. - Replace
<partner_id>-partner.cer
file content with the new PMS signed partner certificate.
- Run the batch file.
Error: java.lang.SecurityException: JCE cannot authenticate the provider BC
Please follow below steps:
- edit jre\lib\security\java.security
- add security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider
- copy bc*.jar to jre\lib\ext
After this stop the application and re-run.
This project is licensed under the terms of Mozilla Public License 2.0.