From f752956f25f9de7e7b1203052d260b14a84d10c3 Mon Sep 17 00:00:00 2001 From: mehmet-yoti <111424390+mehmet-yoti@users.noreply.github.com> Date: Wed, 31 Jul 2024 11:28:09 +0300 Subject: [PATCH] Release/4.3.0 (#364) * SDK-2241 Create Session * SDK-2244 Retrieve Session * SDK-2250 Create QR Code * SDK-2258 Retrieve QR Code * SDK-2265 Retrieve Receipt * SDK-2377 added failure reasons to idv * SDK-2357 added failure receipt error details * Sdk 2420 php add support for advanced identity profiles to share v 2 and examples (#360) * SDK-2371 added advanced identity profile to sharev1,example and updated tests * Added-example-for-DBS-and-updated-failure-details * Updated IDV Example Defaults * Removed unneccessary used libraries --- .gitignore | 1 + README.md | 4 +- composer.json | 4 +- examples/digitalidentity/.env.example | 14 + examples/digitalidentity/.gitignore | 16 + examples/digitalidentity/README.md | 24 + .../digitalidentity/app/Console/Kernel.php | 41 + .../app/Exceptions/Handler.php | 55 ++ .../AdvancedIdentityController.php | 71 ++ .../app/Http/Controllers/DbsController.php | 53 ++ .../Http/Controllers/IdentityController.php | 60 ++ .../Http/Controllers/ReceiptController.php | 136 ++++ examples/digitalidentity/app/Http/Kernel.php | 66 ++ .../app/Http/Middleware/Authenticate.php | 21 + .../Middleware/CheckForMaintenanceMode.php | 17 + .../app/Http/Middleware/EncryptCookies.php | 17 + .../Middleware/RedirectIfAuthenticated.php | 27 + .../app/Http/Middleware/TrimStrings.php | 18 + .../app/Http/Middleware/TrustProxies.php | 23 + .../app/Http/Middleware/VerifyCsrfToken.php | 17 + .../app/Providers/RouteServiceProvider.php | 80 ++ .../YotiDigitalIdentityServiceProvider.php | 29 + .../app/Providers/YotiServiceProvider.php | 29 + examples/digitalidentity/artisan | 53 ++ examples/digitalidentity/bootstrap/app.php | 55 ++ .../bootstrap/cache/.gitignore | 2 + examples/digitalidentity/composer.json | 59 ++ examples/digitalidentity/config/app.php | 229 ++++++ examples/digitalidentity/config/auth.php | 117 +++ .../digitalidentity/config/broadcasting.php | 59 ++ examples/digitalidentity/config/cache.php | 104 +++ examples/digitalidentity/config/cors.php | 34 + examples/digitalidentity/config/database.php | 147 ++++ .../digitalidentity/config/filesystems.php | 84 +++ examples/digitalidentity/config/hashing.php | 52 ++ examples/digitalidentity/config/logging.php | 104 +++ examples/digitalidentity/config/mail.php | 108 +++ examples/digitalidentity/config/queue.php | 89 +++ examples/digitalidentity/config/services.php | 33 + examples/digitalidentity/config/session.php | 199 +++++ examples/digitalidentity/config/view.php | 36 + examples/digitalidentity/config/yoti.php | 8 + examples/digitalidentity/docker-compose.yml | 25 + examples/digitalidentity/keys/.gitignore | 2 + examples/digitalidentity/public/.htaccess | 21 + .../public/assets/css/index.css | 173 +++++ .../public/assets/css/profile.css | 425 +++++++++++ .../public/assets/images/app-store-badge.png | Bin 0 -> 4077 bytes .../assets/images/app-store-badge@2x.png | Bin 0 -> 8819 bytes .../public/assets/images/company-logo.jpg | Bin 0 -> 4682 bytes .../assets/images/google-play-badge.png | Bin 0 -> 4957 bytes .../assets/images/google-play-badge@2x.png | Bin 0 -> 11267 bytes .../public/assets/images/icons/address.svg | 3 + .../public/assets/images/icons/calendar.svg | 5 + .../assets/images/icons/chevron-down-grey.svg | 7 + .../public/assets/images/icons/document.svg | 3 + .../public/assets/images/icons/email.svg | 14 + .../public/assets/images/icons/gender.svg | 5 + .../assets/images/icons/nationality.svg | 3 + .../public/assets/images/icons/phone.svg | 3 + .../public/assets/images/icons/profile.svg | 3 + .../public/assets/images/icons/verified.svg | 6 + .../public/assets/images/logo.png | Bin 0 -> 2988 bytes .../public/assets/images/logo@2x.png | Bin 0 -> 5609 bytes examples/digitalidentity/public/favicon.ico | 0 examples/digitalidentity/public/index.php | 60 ++ examples/digitalidentity/public/robots.txt | 2 + .../views/advancedidentity.blade.php | 89 +++ .../resources/views/dbs.blade.php | 89 +++ .../resources/views/identity.blade.php | 89 +++ .../resources/views/partial/address.blade.php | 8 + .../views/partial/ageverification.blade.php | 14 + .../views/partial/attribute.blade.php | 13 + .../views/partial/documentdetails.blade.php | 18 + .../resources/views/partial/report.blade.php | 54 ++ .../resources/views/receipt.blade.php | 133 ++++ examples/digitalidentity/routes/api.php | 19 + examples/digitalidentity/routes/channels.php | 18 + examples/digitalidentity/routes/console.php | 19 + examples/digitalidentity/routes/web.php | 22 + .../digitalidentity/storage/app/.gitignore | 3 + .../storage/app/public/.gitignore | 2 + .../storage/framework/.gitignore | 8 + .../storage/framework/cache/.gitignore | 3 + .../storage/framework/cache/data/.gitignore | 2 + .../storage/framework/sessions/.gitignore | 2 + .../storage/framework/testing/.gitignore | 2 + .../storage/framework/views/.gitignore | 2 + .../app/Http/Controllers/HomeController.php | 26 +- .../resources/views/success.blade.php | 56 +- .../AdvancedIdentityController.php | 68 ++ .../resources/views/advanced.blade.php | 65 ++ .../resources/views/partial/report.blade.php | 88 ++- examples/profile/routes/web.php | 1 + phpstan-baseline.neon | 3 + src/Constants.php | 8 +- src/DigitalIdentityClient.php | 119 +++ src/DocScan/Session/Create/SdkConfig.php | 2 - .../RequestedTextExtractionTaskBuilder.php | 12 +- .../RequestedTextExtractionTaskConfig.php | 7 +- .../Session/Retrieve/GetSessionResult.php | 6 +- .../Retrieve/IdDocumentResourceResponse.php | 1 - .../IdentityProfile/FailureReasonResponse.php | 25 +- .../RequirementNotMetDetails.php | 75 ++ .../Retrieve/IdentityProfileResponse.php | 6 +- src/Exception/DigitalIdentityException.php | 9 + src/Identity/Constraint/Constraint.php | 8 + src/Identity/Constraint/PreferredSources.php | 54 ++ src/Identity/Constraint/SourceConstraint.php | 43 ++ .../Constraint/SourceConstraintBuilder.php | 46 ++ src/Identity/Content/ApplicationContent.php | 28 + src/Identity/Content/Content.php | 45 ++ src/Identity/Content/UserContent.php | 28 + src/Identity/DigitalIdentityService.php | 170 +++++ src/Identity/ErrorReason.php | 37 + .../Extension/BasicExtensionBuilder.php | 40 + src/Identity/Extension/Extension.php | 38 + .../Extension/ExtensionBuilderInterface.php | 8 + .../Extension/LocationConstraintContent.php | 61 ++ .../LocationConstraintExtensionBuilder.php | 82 ++ .../Extension/ThirdPartyAttributeContent.php | 38 + .../ThirdPartyAttributeExtensionBuilder.php | 66 ++ .../TransactionalFlowExtensionBuilder.php | 35 + src/Identity/Policy/Policy.php | 94 +++ src/Identity/Policy/PolicyBuilder.php | 345 +++++++++ src/Identity/Policy/WantedAnchor.php | 29 + src/Identity/Policy/WantedAnchorBuilder.php | 32 + src/Identity/Policy/WantedAttribute.php | 123 +++ .../Policy/WantedAttributeBuilder.php | 77 ++ src/Identity/Reader/AttributeListReader.php | 7 + src/Identity/Reader/ExtraDataReader.php | 7 + src/Identity/Receipt.php | 106 +++ src/Identity/ReceiptBuilder.php | 108 +++ src/Identity/ReceiptItemKey.php | 46 ++ src/Identity/ReceiptParser.php | 169 +++++ src/Identity/RequirementNotMetDetails.php | 75 ++ src/Identity/ShareSessionCreated.php | 71 ++ src/Identity/ShareSessionCreatedQrCode.php | 48 ++ src/Identity/ShareSessionFetched.php | 117 +++ src/Identity/ShareSessionFetchedQrCode.php | 110 +++ src/Identity/ShareSessionNotification.php | 70 ++ .../ShareSessionNotificationBuilder.php | 65 ++ src/Identity/ShareSessionRequest.php | 110 +++ src/Identity/ShareSessionRequestBuilder.php | 84 +++ src/Identity/Util/IdentityEncryptedData.php | 41 + src/Identity/WrappedReceipt.php | 156 ++++ src/Profile/BaseProfile.php | 12 +- src/Profile/Service.php | 2 +- src/Profile/UserProfile.php | 1 - .../Util/Attribute/AnchorConverter.php | 3 +- src/ShareUrl/Policy/DynamicPolicy.php | 21 +- src/ShareUrl/Policy/DynamicPolicyBuilder.php | 20 +- src/Util/Json.php | 18 +- src/YotiClient.php | 15 +- tests/DigitalIdentityClientTest.php | 174 +++++ tests/DocScan/DocScanClientTest.php | 2 +- .../Session/Retrieve/GetSessionResultTest.php | 10 + .../Retrieve/IdentityProfileResponseTest.php | 23 +- .../Constraint/PreferredSourcesTest.php | 42 ++ .../SourceConstraintsBuilderTest.php | 66 ++ .../Content/ApplicationContentTest.php | 35 + tests/Identity/Content/ContentTest.php | 36 + tests/Identity/Content/UserContentTest.php | 35 + tests/Identity/DigitalIdentityServiceTest.php | 151 ++++ .../Extension/BasicExtensionBuilderTest.php | 40 + .../LocationConstraintContentTest.php | 44 ++ ...LocationConstraintExtensionBuilderTest.php | 164 ++++ .../ThirdPartyAttributeContentTest.php | 42 ++ ...hirdPartyAttributeExtensionBuilderTest.php | 132 ++++ .../TransactionalFlowExtensionBuilderTest.php | 36 + tests/Identity/Policy/PolicyBuilderTest.php | 712 ++++++++++++++++++ .../Policy/WantedAnchorBuilderTest.php | 39 + .../Policy/WantedAttributeBuilderTest.php | 162 ++++ tests/Identity/ReceiptItemKeyTest.php | 37 + tests/Identity/ReceiptTest.php | 114 +++ .../ShareSessionCreatedQrCodeTest.php | 42 ++ tests/Identity/ShareSessionCreatedTest.php | 45 ++ .../ShareSessionFetchedQrCodeTest.php | 76 ++ tests/Identity/ShareSessionFetchedTest.php | 66 ++ .../ShareSessionNotificationBuilderTest.php | 80 ++ .../ShareSessionRequestBuilderTest.php | 100 +++ tests/Profile/ServiceTest.php | 3 +- tests/ShareUrl/DynamicScenarioBuilderTest.php | 3 +- .../Policy/DynamicPolicyBuilderTest.php | 73 +- tests/Util/JsonTest.php | 32 + tests/YotiClientTest.php | 1 + .../sessionResultIdentityProfileResult.json | 13 +- 187 files changed, 9868 insertions(+), 112 deletions(-) create mode 100644 examples/digitalidentity/.env.example create mode 100644 examples/digitalidentity/.gitignore create mode 100644 examples/digitalidentity/README.md create mode 100644 examples/digitalidentity/app/Console/Kernel.php create mode 100644 examples/digitalidentity/app/Exceptions/Handler.php create mode 100644 examples/digitalidentity/app/Http/Controllers/AdvancedIdentityController.php create mode 100644 examples/digitalidentity/app/Http/Controllers/DbsController.php create mode 100644 examples/digitalidentity/app/Http/Controllers/IdentityController.php create mode 100644 examples/digitalidentity/app/Http/Controllers/ReceiptController.php create mode 100644 examples/digitalidentity/app/Http/Kernel.php create mode 100644 examples/digitalidentity/app/Http/Middleware/Authenticate.php create mode 100644 examples/digitalidentity/app/Http/Middleware/CheckForMaintenanceMode.php create mode 100644 examples/digitalidentity/app/Http/Middleware/EncryptCookies.php create mode 100644 examples/digitalidentity/app/Http/Middleware/RedirectIfAuthenticated.php create mode 100644 examples/digitalidentity/app/Http/Middleware/TrimStrings.php create mode 100644 examples/digitalidentity/app/Http/Middleware/TrustProxies.php create mode 100644 examples/digitalidentity/app/Http/Middleware/VerifyCsrfToken.php create mode 100644 examples/digitalidentity/app/Providers/RouteServiceProvider.php create mode 100644 examples/digitalidentity/app/Providers/YotiDigitalIdentityServiceProvider.php create mode 100644 examples/digitalidentity/app/Providers/YotiServiceProvider.php create mode 100644 examples/digitalidentity/artisan create mode 100644 examples/digitalidentity/bootstrap/app.php create mode 100644 examples/digitalidentity/bootstrap/cache/.gitignore create mode 100644 examples/digitalidentity/composer.json create mode 100644 examples/digitalidentity/config/app.php create mode 100644 examples/digitalidentity/config/auth.php create mode 100644 examples/digitalidentity/config/broadcasting.php create mode 100644 examples/digitalidentity/config/cache.php create mode 100644 examples/digitalidentity/config/cors.php create mode 100644 examples/digitalidentity/config/database.php create mode 100644 examples/digitalidentity/config/filesystems.php create mode 100644 examples/digitalidentity/config/hashing.php create mode 100644 examples/digitalidentity/config/logging.php create mode 100644 examples/digitalidentity/config/mail.php create mode 100644 examples/digitalidentity/config/queue.php create mode 100644 examples/digitalidentity/config/services.php create mode 100644 examples/digitalidentity/config/session.php create mode 100644 examples/digitalidentity/config/view.php create mode 100644 examples/digitalidentity/config/yoti.php create mode 100644 examples/digitalidentity/docker-compose.yml create mode 100644 examples/digitalidentity/keys/.gitignore create mode 100644 examples/digitalidentity/public/.htaccess create mode 100644 examples/digitalidentity/public/assets/css/index.css create mode 100644 examples/digitalidentity/public/assets/css/profile.css create mode 100644 examples/digitalidentity/public/assets/images/app-store-badge.png create mode 100644 examples/digitalidentity/public/assets/images/app-store-badge@2x.png create mode 100644 examples/digitalidentity/public/assets/images/company-logo.jpg create mode 100644 examples/digitalidentity/public/assets/images/google-play-badge.png create mode 100644 examples/digitalidentity/public/assets/images/google-play-badge@2x.png create mode 100644 examples/digitalidentity/public/assets/images/icons/address.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/calendar.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/chevron-down-grey.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/document.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/email.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/gender.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/nationality.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/phone.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/profile.svg create mode 100644 examples/digitalidentity/public/assets/images/icons/verified.svg create mode 100644 examples/digitalidentity/public/assets/images/logo.png create mode 100644 examples/digitalidentity/public/assets/images/logo@2x.png create mode 100644 examples/digitalidentity/public/favicon.ico create mode 100644 examples/digitalidentity/public/index.php create mode 100644 examples/digitalidentity/public/robots.txt create mode 100644 examples/digitalidentity/resources/views/advancedidentity.blade.php create mode 100644 examples/digitalidentity/resources/views/dbs.blade.php create mode 100644 examples/digitalidentity/resources/views/identity.blade.php create mode 100644 examples/digitalidentity/resources/views/partial/address.blade.php create mode 100644 examples/digitalidentity/resources/views/partial/ageverification.blade.php create mode 100644 examples/digitalidentity/resources/views/partial/attribute.blade.php create mode 100644 examples/digitalidentity/resources/views/partial/documentdetails.blade.php create mode 100644 examples/digitalidentity/resources/views/partial/report.blade.php create mode 100644 examples/digitalidentity/resources/views/receipt.blade.php create mode 100644 examples/digitalidentity/routes/api.php create mode 100644 examples/digitalidentity/routes/channels.php create mode 100644 examples/digitalidentity/routes/console.php create mode 100644 examples/digitalidentity/routes/web.php create mode 100644 examples/digitalidentity/storage/app/.gitignore create mode 100644 examples/digitalidentity/storage/app/public/.gitignore create mode 100644 examples/digitalidentity/storage/framework/.gitignore create mode 100644 examples/digitalidentity/storage/framework/cache/.gitignore create mode 100644 examples/digitalidentity/storage/framework/cache/data/.gitignore create mode 100644 examples/digitalidentity/storage/framework/sessions/.gitignore create mode 100644 examples/digitalidentity/storage/framework/testing/.gitignore create mode 100644 examples/digitalidentity/storage/framework/views/.gitignore create mode 100644 examples/profile/app/Http/Controllers/AdvancedIdentityController.php create mode 100644 examples/profile/resources/views/advanced.blade.php create mode 100644 src/DigitalIdentityClient.php create mode 100644 src/DocScan/Session/Retrieve/IdentityProfile/RequirementNotMetDetails.php create mode 100644 src/Exception/DigitalIdentityException.php create mode 100644 src/Identity/Constraint/Constraint.php create mode 100644 src/Identity/Constraint/PreferredSources.php create mode 100644 src/Identity/Constraint/SourceConstraint.php create mode 100644 src/Identity/Constraint/SourceConstraintBuilder.php create mode 100644 src/Identity/Content/ApplicationContent.php create mode 100644 src/Identity/Content/Content.php create mode 100644 src/Identity/Content/UserContent.php create mode 100644 src/Identity/DigitalIdentityService.php create mode 100644 src/Identity/ErrorReason.php create mode 100644 src/Identity/Extension/BasicExtensionBuilder.php create mode 100644 src/Identity/Extension/Extension.php create mode 100644 src/Identity/Extension/ExtensionBuilderInterface.php create mode 100644 src/Identity/Extension/LocationConstraintContent.php create mode 100644 src/Identity/Extension/LocationConstraintExtensionBuilder.php create mode 100644 src/Identity/Extension/ThirdPartyAttributeContent.php create mode 100644 src/Identity/Extension/ThirdPartyAttributeExtensionBuilder.php create mode 100644 src/Identity/Extension/TransactionalFlowExtensionBuilder.php create mode 100644 src/Identity/Policy/Policy.php create mode 100644 src/Identity/Policy/PolicyBuilder.php create mode 100644 src/Identity/Policy/WantedAnchor.php create mode 100644 src/Identity/Policy/WantedAnchorBuilder.php create mode 100644 src/Identity/Policy/WantedAttribute.php create mode 100644 src/Identity/Policy/WantedAttributeBuilder.php create mode 100644 src/Identity/Reader/AttributeListReader.php create mode 100644 src/Identity/Reader/ExtraDataReader.php create mode 100644 src/Identity/Receipt.php create mode 100644 src/Identity/ReceiptBuilder.php create mode 100644 src/Identity/ReceiptItemKey.php create mode 100644 src/Identity/ReceiptParser.php create mode 100644 src/Identity/RequirementNotMetDetails.php create mode 100644 src/Identity/ShareSessionCreated.php create mode 100644 src/Identity/ShareSessionCreatedQrCode.php create mode 100644 src/Identity/ShareSessionFetched.php create mode 100644 src/Identity/ShareSessionFetchedQrCode.php create mode 100644 src/Identity/ShareSessionNotification.php create mode 100644 src/Identity/ShareSessionNotificationBuilder.php create mode 100644 src/Identity/ShareSessionRequest.php create mode 100644 src/Identity/ShareSessionRequestBuilder.php create mode 100644 src/Identity/Util/IdentityEncryptedData.php create mode 100644 src/Identity/WrappedReceipt.php create mode 100644 tests/DigitalIdentityClientTest.php create mode 100644 tests/Identity/Constraint/PreferredSourcesTest.php create mode 100644 tests/Identity/Constraint/SourceConstraintsBuilderTest.php create mode 100644 tests/Identity/Content/ApplicationContentTest.php create mode 100644 tests/Identity/Content/ContentTest.php create mode 100644 tests/Identity/Content/UserContentTest.php create mode 100644 tests/Identity/DigitalIdentityServiceTest.php create mode 100644 tests/Identity/Extension/BasicExtensionBuilderTest.php create mode 100644 tests/Identity/Extension/LocationConstraintContentTest.php create mode 100644 tests/Identity/Extension/LocationConstraintExtensionBuilderTest.php create mode 100644 tests/Identity/Extension/ThirdPartyAttributeContentTest.php create mode 100644 tests/Identity/Extension/ThirdPartyAttributeExtensionBuilderTest.php create mode 100644 tests/Identity/Extension/TransactionalFlowExtensionBuilderTest.php create mode 100644 tests/Identity/Policy/PolicyBuilderTest.php create mode 100644 tests/Identity/Policy/WantedAnchorBuilderTest.php create mode 100644 tests/Identity/Policy/WantedAttributeBuilderTest.php create mode 100644 tests/Identity/ReceiptItemKeyTest.php create mode 100644 tests/Identity/ReceiptTest.php create mode 100644 tests/Identity/ShareSessionCreatedQrCodeTest.php create mode 100644 tests/Identity/ShareSessionCreatedTest.php create mode 100644 tests/Identity/ShareSessionFetchedQrCodeTest.php create mode 100644 tests/Identity/ShareSessionFetchedTest.php create mode 100644 tests/Identity/ShareSessionNotificationBuilderTest.php create mode 100644 tests/Identity/ShareSessionRequestBuilderTest.php diff --git a/.gitignore b/.gitignore index 7173c995..b83fe4bd 100755 --- a/.gitignore +++ b/.gitignore @@ -17,3 +17,4 @@ coverage .scannerwork .DS_Store +.php-cs-fixer.cache diff --git a/README.md b/README.md index baf6ffee..36510a9c 100755 --- a/README.md +++ b/README.md @@ -42,13 +42,13 @@ Add the Yoti SDK dependency: ```json "require": { - "yoti/yoti-php-sdk" : "^4.1" + "yoti/yoti-php-sdk" : "^4.2.1" } ``` Or run this Composer command ```console -$ composer require yoti/yoti-php-sdk "^4.1" +$ composer require yoti/yoti-php-sdk "^4.2.1" ``` ## Setup diff --git a/composer.json b/composer.json index 46af649a..420fe8e3 100755 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "yoti/yoti-php-sdk", "description": "Yoti SDK for quickly integrating your PHP backend with Yoti", - "version": "4.2.2", + "version": "4.3.0", "keywords": [ "yoti", "sdk" @@ -66,4 +66,4 @@ "phpstan/extension-installer": true } } -} \ No newline at end of file +} diff --git a/examples/digitalidentity/.env.example b/examples/digitalidentity/.env.example new file mode 100644 index 00000000..72022df2 --- /dev/null +++ b/examples/digitalidentity/.env.example @@ -0,0 +1,14 @@ +# This file is a template for defining the environment variables +# Set the application config values here + +YOTI_SDK_ID=xxxxxxxxxxxxxxxxxxxxx + +# Below is the private key (in .pem format) associated with the Yoti Application you created on Yoti Hub +YOTI_KEY_FILE_PATH=./keys/php-sdk-access-security.pem + +# Laravel config: +APP_NAME=yoti.sdk.digitalidentity.demo +APP_ENV=local +APP_KEY= +APP_DEBUG=true +APP_URL=http://localhost diff --git a/examples/digitalidentity/.gitignore b/examples/digitalidentity/.gitignore new file mode 100644 index 00000000..4bb28b97 --- /dev/null +++ b/examples/digitalidentity/.gitignore @@ -0,0 +1,16 @@ +/node_modules +/public/hot +/public/storage +/storage/*.key +/vendor +.env +.env.backup +.phpunit.result.cache +Homestead.json +Homestead.yaml +npm-debug.log +yarn-error.log + +*.pem +keys/*.pem +sdk diff --git a/examples/digitalidentity/README.md b/examples/digitalidentity/README.md new file mode 100644 index 00000000..8faa9b32 --- /dev/null +++ b/examples/digitalidentity/README.md @@ -0,0 +1,24 @@ +# Digital Identity Example + +## Requirements + +This example requires [Docker](https://docs.docker.com/) + +## Setup + +* Create your application in the [Yoti Hub](https://hub.yoti.com) (this requires having a Yoti account) + * Set the application domain of your app to `localhost:4002` +* Do the steps below inside the [examples/digitalidentity](./) folder +* Put `your-application-pem-file.pem` file inside the [keys](keys) folder, as Docker requires the `.pem` file to reside within the same location where it's run from. +* Copy `.env.example` to `.env` +* Open `.env` file and fill in the environment variable `YOTI_SDK_ID` + * Set `YOTI_KEY_FILE_PATH` to `./keys/your-application-pem-file.pem` +* Install dependencies `docker-compose up composer` +* Run the `docker-compose up --build` command +* Visit [https://localhost:4002](https://localhost:4002) +* Run the `docker-compose stop` command to stop the containers. + +> To see how to retrieve activity details using the one time use token, refer to the [digitalidentity controller](app/Http/Controllers/IdentityController.php) + +## Digital Identity Example +* Visit [/generate-share](https://localhost:4002/generate-share) diff --git a/examples/digitalidentity/app/Console/Kernel.php b/examples/digitalidentity/app/Console/Kernel.php new file mode 100644 index 00000000..69914e99 --- /dev/null +++ b/examples/digitalidentity/app/Console/Kernel.php @@ -0,0 +1,41 @@ +command('inspire')->hourly(); + } + + /** + * Register the commands for the application. + * + * @return void + */ + protected function commands() + { + $this->load(__DIR__.'/Commands'); + + require base_path('routes/console.php'); + } +} diff --git a/examples/digitalidentity/app/Exceptions/Handler.php b/examples/digitalidentity/app/Exceptions/Handler.php new file mode 100644 index 00000000..59c585dc --- /dev/null +++ b/examples/digitalidentity/app/Exceptions/Handler.php @@ -0,0 +1,55 @@ + [(object)[ + + "trust_framework" => "YOTI_GLOBAL", + "schemes" => [(object)[ + + "label" => "identity-AL-L1", + "type" => "IDENTITY", + "objective"=> "AL_L1" + ], + [ + "label" => "identity-AL-M1", + "type" => "IDENTITY", + "objective" => "AL_M1" + ] + ] + ] + ] + ] + ; + + $policy = (new PolicyBuilder()) + ->withAdvancedIdentityProfileRequirements((object)$advancedIdentityProfileJson) + ->build(); + + $redirectUri = 'https://host/redirect/'; + + $shareSessionRequest = (new ShareSessionRequestBuilder()) + ->withPolicy($policy) + ->withRedirectUri($redirectUri) + ->build(); + $session = $client->createShareSession($shareSessionRequest); + return $session->getId(); + } + catch (\Throwable $e) { + Log::error($e->getTraceAsString()); + throw new BadRequestHttpException($e->getMessage()); + } + } + public function show(DigitalIdentityClient $client) + { + try { + return view('advancedidentity', [ + 'title' => 'Digital Identity(Advanced) Complete Example', + 'sdkId' => $client->id + ]); + } catch (\Throwable $e) { + Log::error($e->getTraceAsString()); + throw new BadRequestHttpException($e->getMessage()); + } + } +} diff --git a/examples/digitalidentity/app/Http/Controllers/DbsController.php b/examples/digitalidentity/app/Http/Controllers/DbsController.php new file mode 100644 index 00000000..e8e47e74 --- /dev/null +++ b/examples/digitalidentity/app/Http/Controllers/DbsController.php @@ -0,0 +1,53 @@ +withIdentityProfileRequirements((object)[ + 'trust_framework' => 'UK_TFIDA', + 'scheme' => [ + 'type' => 'DBS', + 'objective' => 'BASIC' + ] + ]) + ->build(); + + $redirectUri = 'https://host/redirect/'; + + $shareSessionRequest = (new ShareSessionRequestBuilder()) + ->withPolicy($policy) + ->withRedirectUri($redirectUri) + ->build(); + $session = $client->createShareSession($shareSessionRequest); + return $session->getId(); + } + catch (\Throwable $e) { + Log::error($e->getTraceAsString()); + throw new BadRequestHttpException($e->getMessage()); + } + } + public function show(DigitalIdentityClient $client) + { + try { + return view('dbs', [ + 'title' => 'Digital Identity DBS Check Example', + 'sdkId' => $client->id + ]); + } catch (\Throwable $e) { + Log::error($e->getTraceAsString()); + throw new BadRequestHttpException($e->getMessage()); + } + } +} diff --git a/examples/digitalidentity/app/Http/Controllers/IdentityController.php b/examples/digitalidentity/app/Http/Controllers/IdentityController.php new file mode 100644 index 00000000..72ba9fc3 --- /dev/null +++ b/examples/digitalidentity/app/Http/Controllers/IdentityController.php @@ -0,0 +1,60 @@ +withFamilyName() + ->withGivenNames() + ->withFullName() + ->withDateOfBirth() + ->withGender() + ->withNationality() + ->withPhoneNumber() + ->withSelfie() + ->withEmail() + ->withDocumentDetails() + ->withDocumentImages() + ->build(); + + $redirectUri = 'https://host/redirect/'; + + $shareSessionRequest = (new ShareSessionRequestBuilder()) + ->withPolicy($policy) + ->withRedirectUri($redirectUri) + ->build(); + $session = $client->createShareSession($shareSessionRequest); + return $session->getId(); + } + catch (\Throwable $e) { + Log::error($e->getTraceAsString()); + throw new BadRequestHttpException($e->getMessage()); + } + } + public function show(DigitalIdentityClient $client) + { + try { + return view('identity', [ + 'title' => 'Digital Identity Complete Example', + 'sdkId' => $client->id + ]); + } catch (\Throwable $e) { + Log::error($e->getTraceAsString()); + throw new BadRequestHttpException($e->getMessage()); + } + } +} diff --git a/examples/digitalidentity/app/Http/Controllers/ReceiptController.php b/examples/digitalidentity/app/Http/Controllers/ReceiptController.php new file mode 100644 index 00000000..cc529386 --- /dev/null +++ b/examples/digitalidentity/app/Http/Controllers/ReceiptController.php @@ -0,0 +1,136 @@ +warning("Unknown Content Type parsing as a String"); + $shareReceipt = $client->fetchShareReceipt($request->query('ReceiptID')); + if ($shareReceipt->getError() != null) + { + error_log($shareReceipt->getErrorReason()->getRequirementNotMetDetails()->getDocumentCountryIsoCode()); + return view('receipt', [ + 'fullName' => null, + 'selfie' => null, + 'profileAttributes' => null, + 'error' => $shareReceipt->getErrorReason() + ]); + } + else { + $profile = $shareReceipt->getProfile(); + return view('receipt', [ + 'fullName' => $profile->getFullName(), + 'selfie' => $profile->getSelfie(), + 'profileAttributes' => $this->createAttributesDisplayList($profile), + 'error' => null + ]); + } + } + + /** + * Create attributes display list. + * + * @param UserProfile $profile + * + * @return array + */ + private function createAttributesDisplayList(UserProfile $profile): array + { + $profileAttributes = []; + foreach ($profile->getAttributesList() as $attribute) { + switch ($attribute->getName()) { + case UserProfile::ATTR_SELFIE: + case UserProfile::ATTR_FULL_NAME: + // Selfie and full name are handled separately. + break; + case UserProfile::ATTR_GIVEN_NAMES: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Given names', 'yoti-icon-profile'); + break; + case UserProfile::ATTR_FAMILY_NAME: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Family names', 'yoti-icon-profile'); + break; + case UserProfile::ATTR_DATE_OF_BIRTH: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Date of Birth', 'yoti-icon-calendar'); + break; + case UserProfile::ATTR_GENDER: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Gender', 'yoti-icon-gender'); + break; + case UserProfile::ATTR_STRUCTURED_POSTAL_ADDRESS: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Structured Postal Address', 'yoti-icon-address'); + break; + case UserProfile::ATTR_POSTAL_ADDRESS: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Address', 'yoti-icon-address'); + break; + case UserProfile::ATTR_PHONE_NUMBER: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Mobile number', 'yoti-icon-phone'); + break; + case UserProfile::ATTR_NATIONALITY: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Nationality', 'yoti-icon-nationality'); + break; + case UserProfile::ATTR_EMAIL_ADDRESS: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Email address', 'yoti-icon-email'); + break; + case UserProfile::ATTR_DOCUMENT_DETAILS: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Document Details', 'yoti-icon-profile'); + break; + case UserProfile::ATTR_DOCUMENT_IMAGES: + $profileAttributes[] = $this->createAttributeDisplayItem($attribute, 'Document Images', 'yoti-icon-profile'); + break; + default: + // Skip age verifications (name containing ":"). + if (strpos($attribute->getName(), ':') === false) { + $profileAttributes[] = $this->createAttributeDisplayItem( + $attribute, + ucwords(str_replace('_', ' ', $attribute->getName())), + 'yoti-icon-profile' + ); + } + } + } + + // Add age verifications. + $ageVerifications = $profile->getAgeVerifications(); + if ($ageVerifications) { + foreach ($ageVerifications as $ageVerification) { + $profileAttributes[] = [ + 'name' => 'Age Verification', + 'obj' => $ageVerification->getAttribute(), + 'age_verification' => $ageVerification, + 'icon' => 'yoti-icon-profile', + ]; + } + } + + return $profileAttributes; + } + + /** + * Create attribute display item. + * + * @param Attribute $attribute + * @param string $displayName + * @param string $iconClass + * + * @return array + */ + private function createAttributeDisplayItem(Attribute $attribute, string $displayName, string $iconClass): array + { + return [ + 'name' => $displayName, + 'obj' => $attribute, + 'icon' => $iconClass, + ]; + } +} diff --git a/examples/digitalidentity/app/Http/Kernel.php b/examples/digitalidentity/app/Http/Kernel.php new file mode 100644 index 00000000..c3640f30 --- /dev/null +++ b/examples/digitalidentity/app/Http/Kernel.php @@ -0,0 +1,66 @@ + [ + \App\Http\Middleware\EncryptCookies::class, + \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, + \Illuminate\Session\Middleware\StartSession::class, + // \Illuminate\Session\Middleware\AuthenticateSession::class, + \Illuminate\View\Middleware\ShareErrorsFromSession::class, + \App\Http\Middleware\VerifyCsrfToken::class, + \Illuminate\Routing\Middleware\SubstituteBindings::class, + ], + + 'api' => [ + 'throttle:60,1', + \Illuminate\Routing\Middleware\SubstituteBindings::class, + ], + ]; + + /** + * The application's route middleware. + * + * These middleware may be assigned to groups or used individually. + * + * @var array + */ + protected $routeMiddleware = [ + 'auth' => \App\Http\Middleware\Authenticate::class, + 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, + 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, + 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, + 'can' => \Illuminate\Auth\Middleware\Authorize::class, + 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, + 'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class, + 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class, + 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, + 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, + ]; +} diff --git a/examples/digitalidentity/app/Http/Middleware/Authenticate.php b/examples/digitalidentity/app/Http/Middleware/Authenticate.php new file mode 100644 index 00000000..704089a7 --- /dev/null +++ b/examples/digitalidentity/app/Http/Middleware/Authenticate.php @@ -0,0 +1,21 @@ +expectsJson()) { + return route('login'); + } + } +} diff --git a/examples/digitalidentity/app/Http/Middleware/CheckForMaintenanceMode.php b/examples/digitalidentity/app/Http/Middleware/CheckForMaintenanceMode.php new file mode 100644 index 00000000..35b9824b --- /dev/null +++ b/examples/digitalidentity/app/Http/Middleware/CheckForMaintenanceMode.php @@ -0,0 +1,17 @@ +check()) { + return redirect(RouteServiceProvider::HOME); + } + + return $next($request); + } +} diff --git a/examples/digitalidentity/app/Http/Middleware/TrimStrings.php b/examples/digitalidentity/app/Http/Middleware/TrimStrings.php new file mode 100644 index 00000000..5a50e7b5 --- /dev/null +++ b/examples/digitalidentity/app/Http/Middleware/TrimStrings.php @@ -0,0 +1,18 @@ +mapApiRoutes(); + + $this->mapWebRoutes(); + + // + } + + /** + * Define the "web" routes for the application. + * + * These routes all receive session state, CSRF protection, etc. + * + * @return void + */ + protected function mapWebRoutes() + { + Route::middleware('web') + ->namespace($this->namespace) + ->group(base_path('routes/web.php')); + } + + /** + * Define the "api" routes for the application. + * + * These routes are typically stateless. + * + * @return void + */ + protected function mapApiRoutes() + { + Route::prefix('api') + ->middleware('api') + ->namespace($this->namespace) + ->group(base_path('routes/api.php')); + } +} diff --git a/examples/digitalidentity/app/Providers/YotiDigitalIdentityServiceProvider.php b/examples/digitalidentity/app/Providers/YotiDigitalIdentityServiceProvider.php new file mode 100644 index 00000000..f0d3ffa2 --- /dev/null +++ b/examples/digitalidentity/app/Providers/YotiDigitalIdentityServiceProvider.php @@ -0,0 +1,29 @@ +app->singleton(DigitalIdentityClient::class, function ($app) { + $config = $app['config']['yoti']; + return new DigitalIdentityClient($config['client.sdk.id'], $config['pem.file.path']); + }); + } + + /** + * @return array + */ + public function provides() + { + return [DigitalIdentityClient::class]; + } +} diff --git a/examples/digitalidentity/app/Providers/YotiServiceProvider.php b/examples/digitalidentity/app/Providers/YotiServiceProvider.php new file mode 100644 index 00000000..4c357610 --- /dev/null +++ b/examples/digitalidentity/app/Providers/YotiServiceProvider.php @@ -0,0 +1,29 @@ +app->singleton(YotiClient::class, function ($app) { + $config = $app['config']['yoti']; + return new YotiClient($config['client.sdk.id'], $config['pem.file.path']); + }); + } + + /** + * @return array + */ + public function provides() + { + return [YotiClient::class]; + } +} diff --git a/examples/digitalidentity/artisan b/examples/digitalidentity/artisan new file mode 100644 index 00000000..5c23e2e2 --- /dev/null +++ b/examples/digitalidentity/artisan @@ -0,0 +1,53 @@ +#!/usr/bin/env php +make(Illuminate\Contracts\Console\Kernel::class); + +$status = $kernel->handle( + $input = new Symfony\Component\Console\Input\ArgvInput, + new Symfony\Component\Console\Output\ConsoleOutput +); + +/* +|-------------------------------------------------------------------------- +| Shutdown The Application +|-------------------------------------------------------------------------- +| +| Once Artisan has finished running, we will fire off the shutdown events +| so that any final work may be done by the application before we shut +| down the process. This is the last thing to happen to the request. +| +*/ + +$kernel->terminate($input, $status); + +exit($status); diff --git a/examples/digitalidentity/bootstrap/app.php b/examples/digitalidentity/bootstrap/app.php new file mode 100644 index 00000000..037e17df --- /dev/null +++ b/examples/digitalidentity/bootstrap/app.php @@ -0,0 +1,55 @@ +singleton( + Illuminate\Contracts\Http\Kernel::class, + App\Http\Kernel::class +); + +$app->singleton( + Illuminate\Contracts\Console\Kernel::class, + App\Console\Kernel::class +); + +$app->singleton( + Illuminate\Contracts\Debug\ExceptionHandler::class, + App\Exceptions\Handler::class +); + +/* +|-------------------------------------------------------------------------- +| Return The Application +|-------------------------------------------------------------------------- +| +| This script returns the application instance. The instance is given to +| the calling script so we can separate the building of the instances +| from the actual running of the application and sending responses. +| +*/ + +return $app; diff --git a/examples/digitalidentity/bootstrap/cache/.gitignore b/examples/digitalidentity/bootstrap/cache/.gitignore new file mode 100644 index 00000000..d6b7ef32 --- /dev/null +++ b/examples/digitalidentity/bootstrap/cache/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore diff --git a/examples/digitalidentity/composer.json b/examples/digitalidentity/composer.json new file mode 100644 index 00000000..f2b24247 --- /dev/null +++ b/examples/digitalidentity/composer.json @@ -0,0 +1,59 @@ +{ + "name": "yoti/yoti-php-sdk-example-digital-identity", + "description": "Yoti SDK Digital Identity Demo", + "license": "MIT", + "require": { + "php": "^8.0", + "fideloper/proxy": "^4.2", + "fruitcake/laravel-cors": "^1.0", + "guzzlehttp/guzzle": "^6.4 || ^7.0", + "laravel/framework": "^8.0", + "laravel/tinker": "^2.3.0", + "yoti/yoti-php-sdk": "^4.0" + }, + "require-dev": { + "facade/ignition": "^2.0" + }, + "config": { + "optimize-autoloader": true, + "preferred-install": "dist", + "sort-packages": true + }, + "extra": { + "laravel": { + "dont-discover": [] + } + }, + "autoload": { + "psr-4": { + "App\\": "app/" + } + }, + "minimum-stability": "dev", + "prefer-stable": true, + "scripts": { + "post-autoload-dump": [ + "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump", + "@php artisan package:discover --ansi" + ], + "post-update-cmd": "@php artisan key:generate --ansi", + "copy-sdk": "grep -q 'yoti-php-sdk' ../../composer.json && rm -fr ./sdk && cd ../../ && git archive --prefix=sdk/ --format=tar HEAD | (cd - && tar xf -) || echo 'Could not install SDK from parent directory'", + "install-local": [ + "@copy-sdk", + "composer install" + ], + "update-local": [ + "@copy-sdk", + "composer update" + ] + }, + "repositories": [ + { + "type": "path", + "url": "./sdk", + "options": { + "symlink": true + } + } + ] +} diff --git a/examples/digitalidentity/config/app.php b/examples/digitalidentity/config/app.php new file mode 100644 index 00000000..1a57883e --- /dev/null +++ b/examples/digitalidentity/config/app.php @@ -0,0 +1,229 @@ + env('APP_NAME', 'Laravel'), + + /* + |-------------------------------------------------------------------------- + | Application Environment + |-------------------------------------------------------------------------- + | + | This value determines the "environment" your application is currently + | running in. This may determine how you prefer to configure various + | services the application utilizes. Set this in your ".env" file. + | + */ + + 'env' => env('APP_ENV', 'production'), + + /* + |-------------------------------------------------------------------------- + | Application Debug Mode + |-------------------------------------------------------------------------- + | + | When your application is in debug mode, detailed error messages with + | stack traces will be shown on every error that occurs within your + | application. If disabled, a simple generic error page is shown. + | + */ + + 'debug' => (bool) env('APP_DEBUG', false), + + /* + |-------------------------------------------------------------------------- + | Application URL + |-------------------------------------------------------------------------- + | + | This URL is used by the console to properly generate URLs when using + | the Artisan command line tool. You should set this to the root of + | your application so that it is used when running Artisan tasks. + | + */ + + 'url' => env('APP_URL', 'http://localhost'), + + 'asset_url' => env('ASSET_URL', null), + + /* + |-------------------------------------------------------------------------- + | Application Timezone + |-------------------------------------------------------------------------- + | + | Here you may specify the default timezone for your application, which + | will be used by the PHP date and date-time functions. We have gone + | ahead and set this to a sensible default for you out of the box. + | + */ + + 'timezone' => 'UTC', + + /* + |-------------------------------------------------------------------------- + | Application Locale Configuration + |-------------------------------------------------------------------------- + | + | The application locale determines the default locale that will be used + | by the translation service provider. You are free to set this value + | to any of the locales which will be supported by the application. + | + */ + + 'locale' => 'en', + + /* + |-------------------------------------------------------------------------- + | Application Fallback Locale + |-------------------------------------------------------------------------- + | + | The fallback locale determines the locale to use when the current one + | is not available. You may change the value to correspond to any of + | the language folders that are provided through your application. + | + */ + + 'fallback_locale' => 'en', + + /* + |-------------------------------------------------------------------------- + | Faker Locale + |-------------------------------------------------------------------------- + | + | This locale will be used by the Faker PHP library when generating fake + | data for your database seeds. For example, this will be used to get + | localized telephone numbers, street address information and more. + | + */ + + 'faker_locale' => 'en_US', + + /* + |-------------------------------------------------------------------------- + | Encryption Key + |-------------------------------------------------------------------------- + | + | This key is used by the Illuminate encrypter service and should be set + | to a random, 32 character string, otherwise these encrypted strings + | will not be safe. Please do this before deploying an application! + | + */ + + 'key' => env('APP_KEY'), + + 'cipher' => 'AES-256-CBC', + + /* + |-------------------------------------------------------------------------- + | Autoloaded Service Providers + |-------------------------------------------------------------------------- + | + | The service providers listed here will be automatically loaded on the + | request to your application. Feel free to add your own services to + | this array to grant expanded functionality to your applications. + | + */ + + 'providers' => [ + + /* + * Laravel Framework Service Providers... + */ + Illuminate\Auth\AuthServiceProvider::class, + Illuminate\Broadcasting\BroadcastServiceProvider::class, + Illuminate\Bus\BusServiceProvider::class, + Illuminate\Cache\CacheServiceProvider::class, + Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class, + Illuminate\Cookie\CookieServiceProvider::class, + Illuminate\Database\DatabaseServiceProvider::class, + Illuminate\Encryption\EncryptionServiceProvider::class, + Illuminate\Filesystem\FilesystemServiceProvider::class, + Illuminate\Foundation\Providers\FoundationServiceProvider::class, + Illuminate\Hashing\HashServiceProvider::class, + Illuminate\Mail\MailServiceProvider::class, + Illuminate\Notifications\NotificationServiceProvider::class, + Illuminate\Pagination\PaginationServiceProvider::class, + Illuminate\Pipeline\PipelineServiceProvider::class, + Illuminate\Queue\QueueServiceProvider::class, + Illuminate\Redis\RedisServiceProvider::class, + Illuminate\Auth\Passwords\PasswordResetServiceProvider::class, + Illuminate\Session\SessionServiceProvider::class, + Illuminate\Translation\TranslationServiceProvider::class, + Illuminate\Validation\ValidationServiceProvider::class, + Illuminate\View\ViewServiceProvider::class, + + /* + * Package Service Providers... + */ + + /* + * Application Service Providers... + */ + App\Providers\YotiServiceProvider::class, + App\Providers\YotiDigitalIdentityServiceProvider::class, + App\Providers\RouteServiceProvider::class, + ], + + /* + |-------------------------------------------------------------------------- + | Class Aliases + |-------------------------------------------------------------------------- + | + | This array of class aliases will be registered when this application + | is started. However, feel free to register as many as you wish as + | the aliases are "lazy" loaded so they don't hinder performance. + | + */ + + 'aliases' => [ + + 'App' => Illuminate\Support\Facades\App::class, + 'Arr' => Illuminate\Support\Arr::class, + 'Artisan' => Illuminate\Support\Facades\Artisan::class, + 'Auth' => Illuminate\Support\Facades\Auth::class, + 'Blade' => Illuminate\Support\Facades\Blade::class, + 'Broadcast' => Illuminate\Support\Facades\Broadcast::class, + 'Bus' => Illuminate\Support\Facades\Bus::class, + 'Cache' => Illuminate\Support\Facades\Cache::class, + 'Config' => Illuminate\Support\Facades\Config::class, + 'Cookie' => Illuminate\Support\Facades\Cookie::class, + 'Crypt' => Illuminate\Support\Facades\Crypt::class, + 'DB' => Illuminate\Support\Facades\DB::class, + 'Eloquent' => Illuminate\Database\Eloquent\Model::class, + 'Event' => Illuminate\Support\Facades\Event::class, + 'File' => Illuminate\Support\Facades\File::class, + 'Gate' => Illuminate\Support\Facades\Gate::class, + 'Hash' => Illuminate\Support\Facades\Hash::class, + 'Http' => Illuminate\Support\Facades\Http::class, + 'Lang' => Illuminate\Support\Facades\Lang::class, + 'Log' => Illuminate\Support\Facades\Log::class, + 'Mail' => Illuminate\Support\Facades\Mail::class, + 'Notification' => Illuminate\Support\Facades\Notification::class, + 'Password' => Illuminate\Support\Facades\Password::class, + 'Queue' => Illuminate\Support\Facades\Queue::class, + 'Redirect' => Illuminate\Support\Facades\Redirect::class, + 'Redis' => Illuminate\Support\Facades\Redis::class, + 'Request' => Illuminate\Support\Facades\Request::class, + 'Response' => Illuminate\Support\Facades\Response::class, + 'Route' => Illuminate\Support\Facades\Route::class, + 'Schema' => Illuminate\Support\Facades\Schema::class, + 'Session' => Illuminate\Support\Facades\Session::class, + 'Storage' => Illuminate\Support\Facades\Storage::class, + 'Str' => Illuminate\Support\Str::class, + 'URL' => Illuminate\Support\Facades\URL::class, + 'Validator' => Illuminate\Support\Facades\Validator::class, + 'View' => Illuminate\Support\Facades\View::class, + + ], + +]; diff --git a/examples/digitalidentity/config/auth.php b/examples/digitalidentity/config/auth.php new file mode 100644 index 00000000..aaf982bc --- /dev/null +++ b/examples/digitalidentity/config/auth.php @@ -0,0 +1,117 @@ + [ + 'guard' => 'web', + 'passwords' => 'users', + ], + + /* + |-------------------------------------------------------------------------- + | Authentication Guards + |-------------------------------------------------------------------------- + | + | Next, you may define every authentication guard for your application. + | Of course, a great default configuration has been defined for you + | here which uses session storage and the Eloquent user provider. + | + | All authentication drivers have a user provider. This defines how the + | users are actually retrieved out of your database or other storage + | mechanisms used by this application to persist your user's data. + | + | Supported: "session", "token" + | + */ + + 'guards' => [ + 'web' => [ + 'driver' => 'session', + 'provider' => 'users', + ], + + 'api' => [ + 'driver' => 'token', + 'provider' => 'users', + 'hash' => false, + ], + ], + + /* + |-------------------------------------------------------------------------- + | User Providers + |-------------------------------------------------------------------------- + | + | All authentication drivers have a user provider. This defines how the + | users are actually retrieved out of your database or other storage + | mechanisms used by this application to persist your user's data. + | + | If you have multiple user tables or models you may configure multiple + | sources which represent each model / table. These sources may then + | be assigned to any extra authentication guards you have defined. + | + | Supported: "database", "eloquent" + | + */ + + 'providers' => [ + 'users' => [ + 'driver' => 'eloquent', + 'model' => App\User::class, + ], + + // 'users' => [ + // 'driver' => 'database', + // 'table' => 'users', + // ], + ], + + /* + |-------------------------------------------------------------------------- + | Resetting Passwords + |-------------------------------------------------------------------------- + | + | You may specify multiple password reset configurations if you have more + | than one user table or model in the application and you want to have + | separate password reset settings based on the specific user types. + | + | The expire time is the number of minutes that the reset token should be + | considered valid. This security feature keeps tokens short-lived so + | they have less time to be guessed. You may change this as needed. + | + */ + + 'passwords' => [ + 'users' => [ + 'provider' => 'users', + 'table' => 'password_resets', + 'expire' => 60, + 'throttle' => 60, + ], + ], + + /* + |-------------------------------------------------------------------------- + | Password Confirmation Timeout + |-------------------------------------------------------------------------- + | + | Here you may define the amount of seconds before a password confirmation + | times out and the user is prompted to re-enter their password via the + | confirmation screen. By default, the timeout lasts for three hours. + | + */ + + 'password_timeout' => 10800, + +]; diff --git a/examples/digitalidentity/config/broadcasting.php b/examples/digitalidentity/config/broadcasting.php new file mode 100644 index 00000000..3bba1103 --- /dev/null +++ b/examples/digitalidentity/config/broadcasting.php @@ -0,0 +1,59 @@ + env('BROADCAST_DRIVER', 'null'), + + /* + |-------------------------------------------------------------------------- + | Broadcast Connections + |-------------------------------------------------------------------------- + | + | Here you may define all of the broadcast connections that will be used + | to broadcast events to other systems or over websockets. Samples of + | each available type of connection are provided inside this array. + | + */ + + 'connections' => [ + + 'pusher' => [ + 'driver' => 'pusher', + 'key' => env('PUSHER_APP_KEY'), + 'secret' => env('PUSHER_APP_SECRET'), + 'app_id' => env('PUSHER_APP_ID'), + 'options' => [ + 'cluster' => env('PUSHER_APP_CLUSTER'), + 'useTLS' => true, + ], + ], + + 'redis' => [ + 'driver' => 'redis', + 'connection' => 'default', + ], + + 'log' => [ + 'driver' => 'log', + ], + + 'null' => [ + 'driver' => 'null', + ], + + ], + +]; diff --git a/examples/digitalidentity/config/cache.php b/examples/digitalidentity/config/cache.php new file mode 100644 index 00000000..4f41fdf9 --- /dev/null +++ b/examples/digitalidentity/config/cache.php @@ -0,0 +1,104 @@ + env('CACHE_DRIVER', 'file'), + + /* + |-------------------------------------------------------------------------- + | Cache Stores + |-------------------------------------------------------------------------- + | + | Here you may define all of the cache "stores" for your application as + | well as their drivers. You may even define multiple stores for the + | same cache driver to group types of items stored in your caches. + | + */ + + 'stores' => [ + + 'apc' => [ + 'driver' => 'apc', + ], + + 'array' => [ + 'driver' => 'array', + 'serialize' => false, + ], + + 'database' => [ + 'driver' => 'database', + 'table' => 'cache', + 'connection' => null, + ], + + 'file' => [ + 'driver' => 'file', + 'path' => storage_path('framework/cache/data'), + ], + + 'memcached' => [ + 'driver' => 'memcached', + 'persistent_id' => env('MEMCACHED_PERSISTENT_ID'), + 'sasl' => [ + env('MEMCACHED_USERNAME'), + env('MEMCACHED_PASSWORD'), + ], + 'options' => [ + // Memcached::OPT_CONNECT_TIMEOUT => 2000, + ], + 'servers' => [ + [ + 'host' => env('MEMCACHED_HOST', '127.0.0.1'), + 'port' => env('MEMCACHED_PORT', 11211), + 'weight' => 100, + ], + ], + ], + + 'redis' => [ + 'driver' => 'redis', + 'connection' => 'cache', + ], + + 'dynamodb' => [ + 'driver' => 'dynamodb', + 'key' => env('AWS_ACCESS_KEY_ID'), + 'secret' => env('AWS_SECRET_ACCESS_KEY'), + 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), + 'table' => env('DYNAMODB_CACHE_TABLE', 'cache'), + 'endpoint' => env('DYNAMODB_ENDPOINT'), + ], + + ], + + /* + |-------------------------------------------------------------------------- + | Cache Key Prefix + |-------------------------------------------------------------------------- + | + | When utilizing a RAM based store such as APC or Memcached, there might + | be other applications utilizing the same cache. So, we'll specify a + | value to get prefixed to all our keys so we can avoid collisions. + | + */ + + 'prefix' => env('CACHE_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_cache'), + +]; diff --git a/examples/digitalidentity/config/cors.php b/examples/digitalidentity/config/cors.php new file mode 100644 index 00000000..558369dc --- /dev/null +++ b/examples/digitalidentity/config/cors.php @@ -0,0 +1,34 @@ + ['api/*'], + + 'allowed_methods' => ['*'], + + 'allowed_origins' => ['*'], + + 'allowed_origins_patterns' => [], + + 'allowed_headers' => ['*'], + + 'exposed_headers' => [], + + 'max_age' => 0, + + 'supports_credentials' => false, + +]; diff --git a/examples/digitalidentity/config/database.php b/examples/digitalidentity/config/database.php new file mode 100644 index 00000000..b42d9b30 --- /dev/null +++ b/examples/digitalidentity/config/database.php @@ -0,0 +1,147 @@ + env('DB_CONNECTION', 'mysql'), + + /* + |-------------------------------------------------------------------------- + | Database Connections + |-------------------------------------------------------------------------- + | + | Here are each of the database connections setup for your application. + | Of course, examples of configuring each database platform that is + | supported by Laravel is shown below to make development simple. + | + | + | All database work in Laravel is done through the PHP PDO facilities + | so make sure you have the driver for your particular database of + | choice installed on your machine before you begin development. + | + */ + + 'connections' => [ + + 'sqlite' => [ + 'driver' => 'sqlite', + 'url' => env('DATABASE_URL'), + 'database' => env('DB_DATABASE', database_path('database.sqlite')), + 'prefix' => '', + 'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true), + ], + + 'mysql' => [ + 'driver' => 'mysql', + 'url' => env('DATABASE_URL'), + 'host' => env('DB_HOST', '127.0.0.1'), + 'port' => env('DB_PORT', '3306'), + 'database' => env('DB_DATABASE', 'forge'), + 'username' => env('DB_USERNAME', 'forge'), + 'password' => env('DB_PASSWORD', ''), + 'unix_socket' => env('DB_SOCKET', ''), + 'charset' => 'utf8mb4', + 'collation' => 'utf8mb4_unicode_ci', + 'prefix' => '', + 'prefix_indexes' => true, + 'strict' => true, + 'engine' => null, + 'options' => extension_loaded('pdo_mysql') ? array_filter([ + PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'), + ]) : [], + ], + + 'pgsql' => [ + 'driver' => 'pgsql', + 'url' => env('DATABASE_URL'), + 'host' => env('DB_HOST', '127.0.0.1'), + 'port' => env('DB_PORT', '5432'), + 'database' => env('DB_DATABASE', 'forge'), + 'username' => env('DB_USERNAME', 'forge'), + 'password' => env('DB_PASSWORD', ''), + 'charset' => 'utf8', + 'prefix' => '', + 'prefix_indexes' => true, + 'schema' => 'public', + 'sslmode' => 'prefer', + ], + + 'sqlsrv' => [ + 'driver' => 'sqlsrv', + 'url' => env('DATABASE_URL'), + 'host' => env('DB_HOST', 'localhost'), + 'port' => env('DB_PORT', '1433'), + 'database' => env('DB_DATABASE', 'forge'), + 'username' => env('DB_USERNAME', 'forge'), + 'password' => env('DB_PASSWORD', ''), + 'charset' => 'utf8', + 'prefix' => '', + 'prefix_indexes' => true, + ], + + ], + + /* + |-------------------------------------------------------------------------- + | Migration Repository Table + |-------------------------------------------------------------------------- + | + | This table keeps track of all the migrations that have already run for + | your application. Using this information, we can determine which of + | the migrations on disk haven't actually been run in the database. + | + */ + + 'migrations' => 'migrations', + + /* + |-------------------------------------------------------------------------- + | Redis Databases + |-------------------------------------------------------------------------- + | + | Redis is an open source, fast, and advanced key-value store that also + | provides a richer body of commands than a typical key-value system + | such as APC or Memcached. Laravel makes it easy to dig right in. + | + */ + + 'redis' => [ + + 'client' => env('REDIS_CLIENT', 'phpredis'), + + 'options' => [ + 'cluster' => env('REDIS_CLUSTER', 'redis'), + 'prefix' => env('REDIS_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_database_'), + ], + + 'default' => [ + 'url' => env('REDIS_URL'), + 'host' => env('REDIS_HOST', '127.0.0.1'), + 'password' => env('REDIS_PASSWORD', null), + 'port' => env('REDIS_PORT', '6379'), + 'database' => env('REDIS_DB', '0'), + ], + + 'cache' => [ + 'url' => env('REDIS_URL'), + 'host' => env('REDIS_HOST', '127.0.0.1'), + 'password' => env('REDIS_PASSWORD', null), + 'port' => env('REDIS_PORT', '6379'), + 'database' => env('REDIS_CACHE_DB', '1'), + ], + + ], + +]; diff --git a/examples/digitalidentity/config/filesystems.php b/examples/digitalidentity/config/filesystems.php new file mode 100644 index 00000000..cd9f0962 --- /dev/null +++ b/examples/digitalidentity/config/filesystems.php @@ -0,0 +1,84 @@ + env('FILESYSTEM_DRIVER', 'local'), + + /* + |-------------------------------------------------------------------------- + | Default Cloud Filesystem Disk + |-------------------------------------------------------------------------- + | + | Many applications store files both locally and in the cloud. For this + | reason, you may specify a default "cloud" driver here. This driver + | will be bound as the Cloud disk implementation in the container. + | + */ + + 'cloud' => env('FILESYSTEM_CLOUD', 's3'), + + /* + |-------------------------------------------------------------------------- + | Filesystem Disks + |-------------------------------------------------------------------------- + | + | Here you may configure as many filesystem "disks" as you wish, and you + | may even configure multiple disks of the same driver. Defaults have + | been setup for each driver as an example of the required options. + | + | Supported Drivers: "local", "ftp", "sftp", "s3" + | + */ + + 'disks' => [ + + 'local' => [ + 'driver' => 'local', + 'root' => storage_path('app'), + ], + + 'public' => [ + 'driver' => 'local', + 'root' => storage_path('app/public'), + 'url' => env('APP_URL').'/storage', + 'visibility' => 'public', + ], + + 's3' => [ + 'driver' => 's3', + 'key' => env('AWS_ACCESS_KEY_ID'), + 'secret' => env('AWS_SECRET_ACCESS_KEY'), + 'region' => env('AWS_DEFAULT_REGION'), + 'bucket' => env('AWS_BUCKET'), + 'url' => env('AWS_URL'), + ], + + ], + + /* + |-------------------------------------------------------------------------- + | Symbolic Links + |-------------------------------------------------------------------------- + | + | Here you may configure the symbolic links that will be created when the + | `storage:link` Artisan command is executed. The array keys should be + | the locations of the links and the values should be their targets. + | + */ + + 'links' => [ + public_path('storage') => storage_path('app/public'), + ], + +]; diff --git a/examples/digitalidentity/config/hashing.php b/examples/digitalidentity/config/hashing.php new file mode 100644 index 00000000..84257708 --- /dev/null +++ b/examples/digitalidentity/config/hashing.php @@ -0,0 +1,52 @@ + 'bcrypt', + + /* + |-------------------------------------------------------------------------- + | Bcrypt Options + |-------------------------------------------------------------------------- + | + | Here you may specify the configuration options that should be used when + | passwords are hashed using the Bcrypt algorithm. This will allow you + | to control the amount of time it takes to hash the given password. + | + */ + + 'bcrypt' => [ + 'rounds' => env('BCRYPT_ROUNDS', 10), + ], + + /* + |-------------------------------------------------------------------------- + | Argon Options + |-------------------------------------------------------------------------- + | + | Here you may specify the configuration options that should be used when + | passwords are hashed using the Argon algorithm. These will allow you + | to control the amount of time it takes to hash the given password. + | + */ + + 'argon' => [ + 'memory' => 1024, + 'threads' => 2, + 'time' => 2, + ], + +]; diff --git a/examples/digitalidentity/config/logging.php b/examples/digitalidentity/config/logging.php new file mode 100644 index 00000000..088c204e --- /dev/null +++ b/examples/digitalidentity/config/logging.php @@ -0,0 +1,104 @@ + env('LOG_CHANNEL', 'stack'), + + /* + |-------------------------------------------------------------------------- + | Log Channels + |-------------------------------------------------------------------------- + | + | Here you may configure the log channels for your application. Out of + | the box, Laravel uses the Monolog PHP logging library. This gives + | you a variety of powerful log handlers / formatters to utilize. + | + | Available Drivers: "single", "daily", "slack", "syslog", + | "errorlog", "monolog", + | "custom", "stack" + | + */ + + 'channels' => [ + 'stack' => [ + 'driver' => 'stack', + 'channels' => ['single'], + 'ignore_exceptions' => false, + ], + + 'single' => [ + 'driver' => 'single', + 'path' => storage_path('logs/laravel.log'), + 'level' => 'debug', + ], + + 'daily' => [ + 'driver' => 'daily', + 'path' => storage_path('logs/laravel.log'), + 'level' => 'debug', + 'days' => 14, + ], + + 'slack' => [ + 'driver' => 'slack', + 'url' => env('LOG_SLACK_WEBHOOK_URL'), + 'username' => 'Laravel Log', + 'emoji' => ':boom:', + 'level' => 'critical', + ], + + 'papertrail' => [ + 'driver' => 'monolog', + 'level' => 'debug', + 'handler' => SyslogUdpHandler::class, + 'handler_with' => [ + 'host' => env('PAPERTRAIL_URL'), + 'port' => env('PAPERTRAIL_PORT'), + ], + ], + + 'stderr' => [ + 'driver' => 'monolog', + 'handler' => StreamHandler::class, + 'formatter' => env('LOG_STDERR_FORMATTER'), + 'with' => [ + 'stream' => 'php://stderr', + ], + ], + + 'syslog' => [ + 'driver' => 'syslog', + 'level' => 'debug', + ], + + 'errorlog' => [ + 'driver' => 'errorlog', + 'level' => 'debug', + ], + + 'null' => [ + 'driver' => 'monolog', + 'handler' => NullHandler::class, + ], + + 'emergency' => [ + 'path' => storage_path('logs/laravel.log'), + ], + ], + +]; diff --git a/examples/digitalidentity/config/mail.php b/examples/digitalidentity/config/mail.php new file mode 100644 index 00000000..cfef410f --- /dev/null +++ b/examples/digitalidentity/config/mail.php @@ -0,0 +1,108 @@ + env('MAIL_MAILER', 'smtp'), + + /* + |-------------------------------------------------------------------------- + | Mailer Configurations + |-------------------------------------------------------------------------- + | + | Here you may configure all of the mailers used by your application plus + | their respective settings. Several examples have been configured for + | you and you are free to add your own as your application requires. + | + | Laravel supports a variety of mail "transport" drivers to be used while + | sending an e-mail. You will specify which one you are using for your + | mailers below. You are free to add additional mailers as required. + | + | Supported: "smtp", "sendmail", "mailgun", "ses", + | "postmark", "log", "array" + | + */ + + 'mailers' => [ + 'smtp' => [ + 'transport' => 'smtp', + 'host' => env('MAIL_HOST', 'smtp.mailgun.org'), + 'port' => env('MAIL_PORT', 587), + 'encryption' => env('MAIL_ENCRYPTION', 'tls'), + 'username' => env('MAIL_USERNAME'), + 'password' => env('MAIL_PASSWORD'), + ], + + 'ses' => [ + 'transport' => 'ses', + ], + + 'mailgun' => [ + 'transport' => 'mailgun', + ], + + 'postmark' => [ + 'transport' => 'postmark', + ], + + 'sendmail' => [ + 'transport' => 'sendmail', + 'path' => '/usr/sbin/sendmail -bs', + ], + + 'log' => [ + 'transport' => 'log', + 'channel' => env('MAIL_LOG_CHANNEL'), + ], + + 'array' => [ + 'transport' => 'array', + ], + ], + + /* + |-------------------------------------------------------------------------- + | Global "From" Address + |-------------------------------------------------------------------------- + | + | You may wish for all e-mails sent by your application to be sent from + | the same address. Here, you may specify a name and address that is + | used globally for all e-mails that are sent by your application. + | + */ + + 'from' => [ + 'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'), + 'name' => env('MAIL_FROM_NAME', 'Example'), + ], + + /* + |-------------------------------------------------------------------------- + | Markdown Mail Settings + |-------------------------------------------------------------------------- + | + | If you are using Markdown based email rendering, you may configure your + | theme and component paths here, allowing you to customize the design + | of the emails. Or, you may simply stick with the Laravel defaults! + | + */ + + 'markdown' => [ + 'theme' => 'default', + + 'paths' => [ + resource_path('views/vendor/mail'), + ], + ], + +]; diff --git a/examples/digitalidentity/config/queue.php b/examples/digitalidentity/config/queue.php new file mode 100644 index 00000000..00b76d65 --- /dev/null +++ b/examples/digitalidentity/config/queue.php @@ -0,0 +1,89 @@ + env('QUEUE_CONNECTION', 'sync'), + + /* + |-------------------------------------------------------------------------- + | Queue Connections + |-------------------------------------------------------------------------- + | + | Here you may configure the connection information for each server that + | is used by your application. A default configuration has been added + | for each back-end shipped with Laravel. You are free to add more. + | + | Drivers: "sync", "database", "beanstalkd", "sqs", "redis", "null" + | + */ + + 'connections' => [ + + 'sync' => [ + 'driver' => 'sync', + ], + + 'database' => [ + 'driver' => 'database', + 'table' => 'jobs', + 'queue' => 'default', + 'retry_after' => 90, + ], + + 'beanstalkd' => [ + 'driver' => 'beanstalkd', + 'host' => 'localhost', + 'queue' => 'default', + 'retry_after' => 90, + 'block_for' => 0, + ], + + 'sqs' => [ + 'driver' => 'sqs', + 'key' => env('AWS_ACCESS_KEY_ID'), + 'secret' => env('AWS_SECRET_ACCESS_KEY'), + 'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'), + 'queue' => env('SQS_QUEUE', 'your-queue-name'), + 'suffix' => env('SQS_SUFFIX'), + 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), + ], + + 'redis' => [ + 'driver' => 'redis', + 'connection' => 'default', + 'queue' => env('REDIS_QUEUE', 'default'), + 'retry_after' => 90, + 'block_for' => null, + ], + + ], + + /* + |-------------------------------------------------------------------------- + | Failed Queue Jobs + |-------------------------------------------------------------------------- + | + | These options configure the behavior of failed queue job logging so you + | can control which database and table are used to store the jobs that + | have failed. You may change them to any database / table you wish. + | + */ + + 'failed' => [ + 'driver' => env('QUEUE_FAILED_DRIVER', 'database'), + 'database' => env('DB_CONNECTION', 'mysql'), + 'table' => 'failed_jobs', + ], + +]; diff --git a/examples/digitalidentity/config/services.php b/examples/digitalidentity/config/services.php new file mode 100644 index 00000000..2a1d616c --- /dev/null +++ b/examples/digitalidentity/config/services.php @@ -0,0 +1,33 @@ + [ + 'domain' => env('MAILGUN_DOMAIN'), + 'secret' => env('MAILGUN_SECRET'), + 'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'), + ], + + 'postmark' => [ + 'token' => env('POSTMARK_TOKEN'), + ], + + 'ses' => [ + 'key' => env('AWS_ACCESS_KEY_ID'), + 'secret' => env('AWS_SECRET_ACCESS_KEY'), + 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), + ], + +]; diff --git a/examples/digitalidentity/config/session.php b/examples/digitalidentity/config/session.php new file mode 100644 index 00000000..d0ccd5a8 --- /dev/null +++ b/examples/digitalidentity/config/session.php @@ -0,0 +1,199 @@ + env('SESSION_DRIVER', 'file'), + + /* + |-------------------------------------------------------------------------- + | Session Lifetime + |-------------------------------------------------------------------------- + | + | Here you may specify the number of minutes that you wish the session + | to be allowed to remain idle before it expires. If you want them + | to immediately expire on the browser closing, set that option. + | + */ + + 'lifetime' => env('SESSION_LIFETIME', 120), + + 'expire_on_close' => false, + + /* + |-------------------------------------------------------------------------- + | Session Encryption + |-------------------------------------------------------------------------- + | + | This option allows you to easily specify that all of your session data + | should be encrypted before it is stored. All encryption will be run + | automatically by Laravel and you can use the Session like normal. + | + */ + + 'encrypt' => false, + + /* + |-------------------------------------------------------------------------- + | Session File Location + |-------------------------------------------------------------------------- + | + | When using the native session driver, we need a location where session + | files may be stored. A default has been set for you but a different + | location may be specified. This is only needed for file sessions. + | + */ + + 'files' => storage_path('framework/sessions'), + + /* + |-------------------------------------------------------------------------- + | Session Database Connection + |-------------------------------------------------------------------------- + | + | When using the "database" or "redis" session drivers, you may specify a + | connection that should be used to manage these sessions. This should + | correspond to a connection in your database configuration options. + | + */ + + 'connection' => env('SESSION_CONNECTION', null), + + /* + |-------------------------------------------------------------------------- + | Session Database Table + |-------------------------------------------------------------------------- + | + | When using the "database" session driver, you may specify the table we + | should use to manage the sessions. Of course, a sensible default is + | provided for you; however, you are free to change this as needed. + | + */ + + 'table' => 'sessions', + + /* + |-------------------------------------------------------------------------- + | Session Cache Store + |-------------------------------------------------------------------------- + | + | When using the "apc", "memcached", or "dynamodb" session drivers you may + | list a cache store that should be used for these sessions. This value + | must match with one of the application's configured cache "stores". + | + */ + + 'store' => env('SESSION_STORE', null), + + /* + |-------------------------------------------------------------------------- + | Session Sweeping Lottery + |-------------------------------------------------------------------------- + | + | Some session drivers must manually sweep their storage location to get + | rid of old sessions from storage. Here are the chances that it will + | happen on a given request. By default, the odds are 2 out of 100. + | + */ + + 'lottery' => [2, 100], + + /* + |-------------------------------------------------------------------------- + | Session Cookie Name + |-------------------------------------------------------------------------- + | + | Here you may change the name of the cookie used to identify a session + | instance by ID. The name specified here will get used every time a + | new session cookie is created by the framework for every driver. + | + */ + + 'cookie' => env( + 'SESSION_COOKIE', + Str::slug(env('APP_NAME', 'laravel'), '_').'_session' + ), + + /* + |-------------------------------------------------------------------------- + | Session Cookie Path + |-------------------------------------------------------------------------- + | + | The session cookie path determines the path for which the cookie will + | be regarded as available. Typically, this will be the root path of + | your application but you are free to change this when necessary. + | + */ + + 'path' => '/', + + /* + |-------------------------------------------------------------------------- + | Session Cookie Domain + |-------------------------------------------------------------------------- + | + | Here you may change the domain of the cookie used to identify a session + | in your application. This will determine which domains the cookie is + | available to in your application. A sensible default has been set. + | + */ + + 'domain' => env('SESSION_DOMAIN', null), + + /* + |-------------------------------------------------------------------------- + | HTTPS Only Cookies + |-------------------------------------------------------------------------- + | + | By setting this option to true, session cookies will only be sent back + | to the server if the browser has a HTTPS connection. This will keep + | the cookie from being sent to you if it can not be done securely. + | + */ + + 'secure' => env('SESSION_SECURE_COOKIE'), + + /* + |-------------------------------------------------------------------------- + | HTTP Access Only + |-------------------------------------------------------------------------- + | + | Setting this value to true will prevent JavaScript from accessing the + | value of the cookie and the cookie will only be accessible through + | the HTTP protocol. You are free to modify this option if needed. + | + */ + + 'http_only' => true, + + /* + |-------------------------------------------------------------------------- + | Same-Site Cookies + |-------------------------------------------------------------------------- + | + | This option determines how your cookies behave when cross-site requests + | take place, and can be used to mitigate CSRF attacks. By default, we + | do not enable this as other CSRF protection services are in place. + | + | Supported: "lax", "strict", "none", null + | + */ + + 'same_site' => 'lax', + +]; diff --git a/examples/digitalidentity/config/view.php b/examples/digitalidentity/config/view.php new file mode 100644 index 00000000..22b8a18d --- /dev/null +++ b/examples/digitalidentity/config/view.php @@ -0,0 +1,36 @@ + [ + resource_path('views'), + ], + + /* + |-------------------------------------------------------------------------- + | Compiled View Path + |-------------------------------------------------------------------------- + | + | This option determines where all the compiled Blade templates will be + | stored for your application. Typically, this is within the storage + | directory. However, as usual, you are free to change this value. + | + */ + + 'compiled' => env( + 'VIEW_COMPILED_PATH', + realpath(storage_path('framework/views')) + ), + +]; diff --git a/examples/digitalidentity/config/yoti.php b/examples/digitalidentity/config/yoti.php new file mode 100644 index 00000000..d5f6e761 --- /dev/null +++ b/examples/digitalidentity/config/yoti.php @@ -0,0 +1,8 @@ + env('YOTI_SDK_ID'), + 'pem.file.path' => (function($filePath) { + return strpos($filePath, '/') === 0 ? $filePath : base_path($filePath); + })(env('YOTI_KEY_FILE_PATH')), +]; diff --git a/examples/digitalidentity/docker-compose.yml b/examples/digitalidentity/docker-compose.yml new file mode 100644 index 00000000..7b5d8840 --- /dev/null +++ b/examples/digitalidentity/docker-compose.yml @@ -0,0 +1,25 @@ +version: '3' + +services: + web: + build: ../docker + ports: + - "4002:443" + volumes: + - ./:/usr/share/nginx/html + links: + - php + + php: + build: + context: ../docker + dockerfile: php.dockerfile + volumes: + - ./:/usr/share/nginx/html + + composer: + image: composer + volumes: + - ../../:/usr/share/yoti-php-sdk + working_dir: /usr/share/yoti-php-sdk/examples/digitalidentity + command: update-local diff --git a/examples/digitalidentity/keys/.gitignore b/examples/digitalidentity/keys/.gitignore new file mode 100644 index 00000000..d6b7ef32 --- /dev/null +++ b/examples/digitalidentity/keys/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore diff --git a/examples/digitalidentity/public/.htaccess b/examples/digitalidentity/public/.htaccess new file mode 100644 index 00000000..3aec5e27 --- /dev/null +++ b/examples/digitalidentity/public/.htaccess @@ -0,0 +1,21 @@ + + + Options -MultiViews -Indexes + + + RewriteEngine On + + # Handle Authorization Header + RewriteCond %{HTTP:Authorization} . + RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] + + # Redirect Trailing Slashes If Not A Folder... + RewriteCond %{REQUEST_FILENAME} !-d + RewriteCond %{REQUEST_URI} (.+)/$ + RewriteRule ^ %1 [L,R=301] + + # Send Requests To Front Controller... + RewriteCond %{REQUEST_FILENAME} !-d + RewriteCond %{REQUEST_FILENAME} !-f + RewriteRule ^ index.php [L] + diff --git a/examples/digitalidentity/public/assets/css/index.css b/examples/digitalidentity/public/assets/css/index.css new file mode 100644 index 00000000..14a2bc8c --- /dev/null +++ b/examples/digitalidentity/public/assets/css/index.css @@ -0,0 +1,173 @@ +.yoti-body { + margin: 0; +} + +.yoti-top-section { + display: flex; + flex-direction: column; + + padding: 38px 0; + + background-color: #f7f8f9; + + align-items: center; +} + +.yoti-logo-section { + margin-bottom: 25px; +} + +.yoti-logo-image { + display: block; +} + +.yoti-top-header { + font-family: Roboto, sans-serif; + font-size: 40px; + font-weight: 700; + line-height: 1.2; + margin-top: 0; + margin-bottom: 80px; + text-align: center; + + color: #000; +} + +@media (min-width: 600px) { + .yoti-top-header { + line-height: 1.4; + } +} + +.yoti-sdk-integration-section { + margin: 30px 0; +} + +#yoti-share-button { + width: 250px; + height: 45px; +} + +.yoti-login-or-separator { + text-transform: uppercase; + font-family: Roboto; + font-size: 16px; + font-weight: bold; + line-height: 1.5; + text-align: center; + margin-top: 30px; +} + +.yoti-login-dialog { + display: grid; + + box-sizing: border-box; + width: 100%; + padding: 35px 38px; + + border-radius: 5px; + background: #fff; + + grid-gap: 25px; +} + +@media (min-width: 600px) { + .yoti-login-dialog { + width: 560px; + padding: 35px 88px; + } +} + +.yoti-login-dialog-header { + font-family: Roboto, sans-serif; + font-size: 24px; + font-weight: 700; + line-height: 1.1; + + margin: 0; + + color: #000; +} + +.yoti-input { + font-family: Roboto, sans-serif; + font-size: 16px; + line-height: 1.5; + + box-sizing: border-box; + padding: 12px 15px; + + color: #000; + border: solid 2px #000; + border-radius: 4px; + background-color: #fff; +} + +.yoti-login-actions { + display: flex; + + justify-content: space-between; + align-items: center; +} + +.yoti-login-forgot-button { + font-family: Roboto, sans-serif; + font-size: 16px; + + text-transform: capitalize; +} + +.yoti-login-button { + font-family: Roboto, sans-serif; + font-size: 16px; + + box-sizing: border-box; + width: 145px; + height: 50px; + + text-transform: uppercase; + + color: #fff; + border: 0; + background-color: #000; +} + +.yoti-sponsor-app-section { + display: flex; + flex-direction: column; + + padding: 70px 0; + + align-items: center; +} + +.yoti-sponsor-app-header { + font-family: Roboto, sans-serif; + font-size: 20px; + font-weight: 700; + line-height: 1.2; + + margin: 0; + + text-align: center; + + color: #000; +} + +.yoti-store-buttons-section { + margin-top: 40px; + display: grid; + grid-gap: 10px; + grid-template-columns: 1fr; +} + +@media (min-width: 600px) { + .yoti-store-buttons-section { + grid-template-columns: 1fr 1fr; + grid-gap: 25px; + } +} + +.yoti-app-button-link { + text-decoration: none; +} \ No newline at end of file diff --git a/examples/digitalidentity/public/assets/css/profile.css b/examples/digitalidentity/public/assets/css/profile.css new file mode 100644 index 00000000..9d43066d --- /dev/null +++ b/examples/digitalidentity/public/assets/css/profile.css @@ -0,0 +1,425 @@ +.yoti-html { + height: 100%; +} + +.yoti-body { + margin: 0; + height: 100%; +} + +.yoti-icon-profile, +.yoti-icon-phone, +.yoti-icon-email, +.yoti-icon-calendar, +.yoti-icon-verified, +.yoti-icon-address, +.yoti-icon-gender, +.yoti-icon-nationality { + display: inline-block; + height: 28px; + width: 28px; + flex-shrink: 0; +} + +.yoti-icon-profile { + background: no-repeat url('/assets/images/icons/profile.svg'); +} + +.yoti-icon-phone { + background: no-repeat url('/assets/images/icons/phone.svg'); +} + +.yoti-icon-email { + background: no-repeat url('/assets/images/icons/email.svg'); +} + +.yoti-icon-calendar { + background: no-repeat url('/assets/images/icons/calendar.svg'); +} + +.yoti-icon-verified { + background: no-repeat url('/assets/images/icons/verified.svg'); +} + +.yoti-icon-address { + background: no-repeat url('/assets/images/icons/address.svg'); +} + +.yoti-icon-gender { + background: no-repeat url('/assets/images/icons/gender.svg'); +} + +.yoti-icon-nationality { + background: no-repeat url('/assets/images/icons/nationality.svg'); +} + +.yoti-profile-layout { + display: grid; + grid-template-columns: 1fr; +} + +@media (min-width: 1100px) { + .yoti-profile-layout { + grid-template-columns: 360px 1fr; + height: 100%; + } +} + +.yoti-profile-user-section { + display: flex; + align-items: center; + justify-content: space-between; + flex-direction: column; + padding: 40px 0; + background-color: #f7f8f9; +} + +@media (min-width: 1100px) { + .yoti-profile-user-section { + display: grid; + grid-template-rows: repeat(3, min-content); + align-items: center; + justify-content: center; + position: relative; + } +} + +.yoti-profile-picture-image { + width: 220px; + height: 220px; + border-radius: 50%; +} + +.yoti-profile-picture-powered, +.yoti-profile-picture-account-creation { + font-family: Roboto; + font-size: 14px; + color: #b6bfcb; +} + +.yoti-profile-picture-powered-section { + display: flex; + flex-direction: column; + text-align: center; + align-items: center; +} + +@media (min-width: 1100px) { + .yoti-profile-picture-powered-section { + align-self: start; + } +} + +.yoti-profile-picture-powered { + margin-bottom: 20px; +} + +.yoti-profile-picture-section { + display: flex; + flex-direction: column; + align-items: center; +} + +@media (min-width: 1100px) { + .yoti-profile-picture-section { + position: absolute; + top: 50%; + transform: translateY(-50%); + width: 100%; + } +} + +.yoti-logo-image { + margin-bottom: 25px; +} + +.yoti-profile-picture-area { + position: relative; + display: inline-block; +} + +.yoti-profile-picture-verified-icon { + display: block; + background: no-repeat url("/assets/images/icons/verified.svg"); + background-size: cover; + height: 40px; + width: 40px; + position: absolute; + top: 10px; + right: 10px; +} + +.yoti-profile-name { + margin-top: 20px; + font-family: Roboto, sans-serif; + font-size: 24px; + text-align: center; + color: #333b40; +} + +.yoti-attributes-section { + display: flex; + flex-direction: column; + justify-content: start; + align-items: center; + + width: 100%; + padding: 40px 0; +} + +.yoti-attributes-section.-condensed { + padding: 0; +} + +@media (min-width: 1100px) { + .yoti-attributes-section { + padding: 60px 0; + align-items: start; + overflow-y: scroll; + } + + .yoti-attributes-section.-condensed { + padding: 0; + } +} + +.yoti-company-logo { + margin-bottom: 40px; +} + +@media (min-width: 1100px) { + .yoti-company-logo { + margin-left: 130px; + } +} + +/* extended layout list */ +.yoti-attribute-list-header, +.yoti-attribute-list-subheader { + display: none; +} + +@media (min-width: 1100px) { + .yoti-attribute-list-header, + .yoti-attribute-list-subheader { + width: 100%; + + display: grid; + grid-template-columns: 200px 1fr 1fr; + grid-template-rows: 40px; + + align-items: center; + text-align: center; + + font-family: Roboto; + font-size: 14px; + color: #b6bfcb; + } +} + +.yoti-attribute-list-header-attribute, +.yoti-attribute-list-header-value { + justify-self: start; + padding: 0 20px; +} + +.yoti-attribute-list-subheader { + grid-template-rows: 30px; +} + +.yoti-attribute-list-subhead-layout { + grid-column: 3; + display: grid; + grid-template-columns: 1fr 1fr 1fr; +} + +.yoti-attribute-list { + display: grid; + width: 100%; +} + +.yoti-attribute-list-item:first-child { + border-top: 2px solid #f7f8f9; +} + +.yoti-attribute-list-item { + display: grid; + grid-template-columns: 1fr 1fr; + grid-template-rows: minmax(60px, auto); + border-bottom: 2px solid #f7f8f9; + border-right: none; + border-left: none; +} + +.yoti-attribute-list-item.-condensed { + grid-template-columns: 50% 50%; + padding: 5px 35px; +} + +@media (min-width: 1100px) { + .yoti-attribute-list-item { + display: grid; + grid-template-columns: 200px 1fr 1fr; + grid-template-rows: minmax(80px, auto); + } + + .yoti-attribute-list-item.-condensed { + grid-template-columns: 200px 1fr; + padding: 0 75px; + } +} + +.yoti-attribute-cell { + display: flex; + align-items: center; +} + +.yoti-attribute-name { + grid-column: 1 / 2; + + display: flex; + align-items: center; + justify-content: center; + + border-right: 2px solid #f7f8f9; + + padding: 20px; +} + +@media (min-width: 1100px) { + .yoti-attribute-name { + justify-content: start; + } +} + +.yoti-attribute-name.-condensed { + justify-content: start; +} + +.yoti-attribute-name-cell { + display: flex; + align-items: center; +} + +.yoti-attribute-name-cell-text { + font-family: Roboto, sans-serif; + font-size: 16px; + color: #b6bfcb; + margin-left: 12px; +} + +.yoti-attribute-value-text table { + font-size: 14px; + border-spacing: 0; +} + +.yoti-attribute-value-text table td:first-child { + font-weight: bold; +} + +.yoti-attribute-value-text table td { + border-bottom: 1px solid #f7f8f9; + padding: 5px; +} + +.yoti-attribute-value-text img { + width: 100%; +} + +.yoti-attribute-value { + grid-column: 2 / 3; + + display: flex; + align-items: center; + justify-content: center; + + padding: 20px; +} + +@media (min-width: 1100px) { + .yoti-attribute-value { + justify-content: start; + } +} + +.yoti-attribute-value.-condensed { + justify-content: start; +} + +.yoti-attribute-value-text { + font-family: Roboto, sans-serif; + font-size: 18px; + color: #333b40; + word-break: break-word; +} + +.yoti-attribute-anchors-layout { + grid-column: 1 / 3; + grid-row: 2 / 2; + + display: grid; + grid-template-columns: 1fr 1fr 1fr; + grid-auto-rows: minmax(40px, auto); + font-family: Roboto, sans-serif; + font-size: 14px; + + background-color: #f7f8f9; +} + +@media (min-width: 1100px) { + .yoti-attribute-anchors-layout { + grid-column: 3 / 4; + grid-row: 1 / 2; + } +} + +.yoti-attribute-anchors-head { + border-bottom: 1px solid #dde2e5; + display: flex; + align-items: center; + justify-content: center; +} + +@media (min-width: 1100px) { + .yoti-attribute-anchors-head { + display: none; + } +} + +.yoti-attribute-anchors { + display: flex; + align-items: center; + justify-content: center; +} + +.yoti-attribute-anchors-head.-s-v { + grid-column-start: span 1 s-v; +} +.yoti-attribute-anchors-head.-value { + grid-column-start: span 1 value; +} +.yoti-attribute-anchors-head.-subtype { + grid-column-start: span 1 subtype; +} + +.yoti-attribute-anchors.-s-v { + grid-column-start: span 1 s-v; +} + +.yoti-attribute-anchors.-value { + grid-column-start: span 1 value; +} + +.yoti-attribute-anchors.-subtype { + grid-column-start: span 1 subtype; +} + +.yoti-edit-section { + padding: 50px 20px; +} + +@media (min-width: 1100px) { + .yoti-edit-section { + padding: 75px 110px; + } +} diff --git a/examples/digitalidentity/public/assets/images/app-store-badge.png b/examples/digitalidentity/public/assets/images/app-store-badge.png new file mode 100644 index 0000000000000000000000000000000000000000..3ec996cc6288d68279c1d735c9d627c64d8a48c6 GIT binary patch literal 4077 zcmVPx^r%6OXRCodHoClB;`CE6}@@ zbT~+!4mo#RbXTl^t$>GL7J>giBe41An=j}26y5zFu0UIetjS@= z9d~rkKmWY@;fEh`8GEIbR&u-Ux~toN|NY%oTW#eQS!9u1`mNN-S!bQ4V^*qHP5HX( zuIui-_ugu%=2GX@TW@unZn|kMeO2nDNr|jgt5$C4(4p?}#~*h+d-ilc{q$2M{HiKH z>ZqgK)mLBbHrs47chX5Gxk-~IxkC>uY*}1r~6ncHez>*REZ=&_0=H)25AsOVf6qdFBbl^Ugc3Zh)P4-q|g<;DRBa z#0DE|pg1qQ@WLhe$&Zy+URm)6XM@(QTWi1I#Js6f4jAK>TW)bX?X;6)9e@@sTIl?? z-g;}d`R1Ezp8Ww|2!8wRw|AuTfV^!ZW&2xet+o8$fB)?be*5h=zwENhmaQw3sww~S z%P;qL-g#$9n{ngD`D2bbM)UUEb5H-}mtXopg9iC2Q>OSc&pcD}2MieCpL^~(O_TTi z_uqRVEH8xO-+%vo%|GFU6a4t`(_f5R73oP* zr?ww7ZGC>=7*09ml&r{y_T`9d?|Spjv;29d__DXU_D(1^g$L@1bpA06;R#+yBRwiB-7gjqEGoFbD9F0pXv4rFO)?06B9pO}Ayf}dpv*@CW2K=7H!S8&|)ddg>`XTJDGAhp7`EJUODD&*;{W;QpX(fIAt(r+c~t^7Asgtt_uktJ(ppb;pXc})F=B+WZ{_v!2RY~T z(@*yz6o>u<`>N9%m(!+A^TMt4$hrIOyS;F)&|Wx`|LUu+R3;MQ3vvl#h>)&mh|sU~ zk&Td_Y<%z?J$iKbmJQ)W_1EwCxRf7I<+fK}eO2W?(RM={+H;gKZ}7CS4m|KcJ+5UF zc;TXY4BEKynzC5uLoi;XS@L6b~g+jU2vo{;h@C6U+D>+B%Q!d=M-oC8Q zD&Ezzh94)<_47(Smio9U( z;K6mw9%=fmHsdIY86<1XA4dxU%72Jz2z8Gv@jfTK~ z)N!hvDURsexELKt6hbOIWX($2;Yo-=oY*Dh$@)$Cjdq8YT@JA7o4cwhacY9G(sMFV zg$2L-084rvfD;_R;ER=A+%`2ER`b9k*#{9Q_uqfN6ZewhhEWzT1lD}4?Ql2@#|DHi ziHj&WzVSHB&5&xRpL*)4IVAF1bYGy$J8Y z?Gu9-G1Wx_2gRp|i-z|2?(hK;R5@kJl(>nyrbOX!61|{hn{2X)21&w&L~+qJF*k}E zTSyUk;#G)?>ZEtuZMWb{q!8|mn-2F9uCW-z>8;^Hgz(_QWbXJPV}PS~@7~=_pFZ7* z1>cEb*opIAIs7xvJQJ$IRdJ0G8iebOv1)a%h0YR*RJ#O^ex5+c3f6MLE%k%j29StV z?E}LuVBt7%-?)YV#w9JstA5)b!e+#OSAxsaPd}~2csK~pNdn(HcEh8sQZ^8gManvSp%JfalR?_Wbi%{u}Ysd`4gs4#e$}6u_e26VewwK)+aQ*JP z?>zp)lTSWbeSgG-8JM4v_QYNR5G00UacpaB7k)tl2r)U9eLwctV^&T5oPGNA2`(Y4 z!yDxVU#7u1=bWP($HIcBLs$}k!a!Uc{!NJ2AoiU~aDZkrPu2o)0+Uhy{{0nK2oIMZ z>xURbC=($+_)CHF&p*H3ImLL_lg>tDIK=aYx8Hu-OY~>WlOpI2h-EMd#}4R8m~=^> z#CI7GpcuQdh#RwA&5vn|2PZKg{>$=tDU&r-c7T%w7o772k#}n9P&kAmRvjRY9R-31A(z-Fz)TzZk@!L zceEC!2aKkGEV#ZAtdsF_5@8zz`bw8eh+#v(=HiP5Q=WbH*{WFR02TgNoWJ21SI2Zi zEFEBX98iV~P+DR@2{2$@C_?tc7kw~tr-e*Giv+?+=&s{}NM69iu>RKqT+ooP6>UPW zAWstTP!J(&!HRKtl3*wk4i>5;%Z=DVg?|#(rdpd8mtVNTM}#igEgRvbmtIPCTj!fi z1&9D&r;H3aDmCAT%id%Px79NHgGOn9MxLCjl@TbJ7BUeTgI;&tb?(R`k5sidEfR4% zkqcDSj`J#|F}MN}cvt5hBqj$_!}$>j$xZ_1j3gL0Vk3!`T2fpt!W52&0TmD}uB3iL zA4JF!QVmxlB)b}*f6NkwW88+2ZsR&c1XltJ-KL%>95vxysqeVF(ZidzMSiTk8Ih4s_%ezQ<`NVKBlP-A7+kYMW91eUF>`33+@LaI<~m#) ziHaG)fK5P{I5>klTB>Qkm?XHZL>}SX5FWtQJez;4T_%Z)I{o_fv!VQuAw$$|$Q3_q zp$8v)aLF22pEbPmBQgeMCnSL#1t;MS9~z)7PF#-#CIGSq#6w-~TLKMfq^Rr$W*dr$ zZ20iuC3ixp3qdATdLuFjqnx7~Q-~-D0k?QQ7(VL*?2YBzY8ZE8h>fS1XJUI^T#xz0 zA>-ni2*u@y3_Q_@>kE$;8M*A7;`ud@PVZKdPV0cMYA1Fj4Q1il7BZ4prClsEBD-)i z2RTZP0Vg|A<+`+5DmQqzz9oj-I`~)yvWb`^^a`5XH?ZvR=C(N+E$$rLO5E7tc9k5J zp-!AYj-u}I#~<%dD7bBfJLkq5Z&b}Ju4`%jZw7+?cH3>IG7|v?xUX<`F*X`q68Qff z+@umt<-}Iy0Fl0~fe7$+-dpQ@&PGp&=&PL`Fri}uZ91u_|9o5vCr zv&^~zneAj*5%{m#izKYK*BQS)17s36jGUsqIc#SIRKEiF8<0f`C|01cR$wy6Vd}*k zn_>mV${=0gWYgs7CQrf9WDyF;Wd%?shso1Ro>~7!v(4$7Sd%XD-U|N%-&FVw!KnL!00000NkvXXu0mjfVQU1@ literal 0 HcmV?d00001 diff --git a/examples/digitalidentity/public/assets/images/app-store-badge@2x.png b/examples/digitalidentity/public/assets/images/app-store-badge@2x.png new file mode 100644 index 0000000000000000000000000000000000000000..84b34068fc22aa74f388f6db1a583ac6592f5420 GIT binary patch literal 8819 zcmXY11yoeu^CtwPMd=g?0YMs(F3AO?JC{_tq(d5(&K2nvBp0L?cIoa;>8_>gzkYxJ zGv~bb&O2xBotgXIy)&QBM1EG0!^fe-K|w*mSCE%cM?pd5K|UKk$3$KaRX-XaZ>X;7 za#AQ2!_>PdC~r6vWF$2`Q4ce*@2xd%dg2O=qTeV`=6+I(Q8!DDBsD1OSS^$(`V{?H z);45(OUs5$sX#XICB?ubAi2nr{Zne*=aa>hf_7l#>#5h-p#Xji|8&fSNm+~dB+kMtJ3J2N!;+SG~2W{F42 zs2UEtR@@EI}$!1_PufBa|7i_fN%AiIm#JQ%MqULuA06^3?rLSxE6-{i^U z^nY%n$_1sES`g}cjwfXyat?j=JoDN$^V<70N_ksvYyL*P`(giQX}aa&wwIRm_`=Y>G0XImejb7B#9$55#2 zgV5gy2D^m{=;Q5hoqZnUY5A(n`tEY7(%+r!!u~Wlt(W#RLN0whPJH>G?e3^hwMYE% zG)~>nfT*mzCh8+%RQl`K)5cqIZo2zbtf5dcW8Dl+Cb0(Ac0jOmz;@<0F`MVyh3*z{ z{)qgco9%2mOLLL6>_o7N`&)fi8pVw&@nNCq1 z*y&;BaxJfl|s7{g91MAjw5kTRLJ@BVJ(sos)6XyLO9^jw-$!;F8y1}It}R)@)NQmW!E+J zKMAJWaKCa59ye-Iu3ZbG((k$>(J?gJzuPzYy`8GAW#G_QIOl(NIHZw%tJxeMEOl3q zq{1^ElX}(^!BIa8Q*7O@gtj$a&VL=UEzY#MTOGf9F!4F88!FeUwR-|Dk8RZs3k~?E z!vI$JDm@GuuiN|x@bML zcO0l){IJDmb5e{X}oXTN?s;Cma^gd_V8O5Eh%A0u?f?`dv4zFWn=YfHj?*;D?NJ zozXhRM(8)e-8h7eK#U~Yd6?Z0{|p3ga7?PHPDFgO?QZFKzJSyJG}^0$5hqPF7`y7n zp3_gH^8$w_aKe#w`J@ft`f=;kGGJV%9!?-^A$-&TWXA64MlNu`Fzr=C4@v(dcg@4) z!bs}6<(zf4ACCffuA9p7r;*2;rI%l4qsM7wsYg+0yxly+Hq}hYySELw&&}O)g`{Zf zm&Rvn*fCXY2S;iV#oTtbf3TjZu_J3$Wmk-B9oj~(dd;`Otr zOkh}nsl{#-r)Za)3D8wc_mc7i`NxV)xUs1Qa|=EnlKVvtKDgzXbDT48nH9_8pVo!* z=)4qv*i|JPzxO?&Rp>zFY>M7~B7T<*07n zZom1g|J}K#6Ks}Ro#ZhofCD#@mJrOo(?>y1PiV$4P54ICklx#mS%itn=Pc6l)8 zC2}2ah&sQqzODCk=onCIn_*wCM?W<3A?&V8LuC$nvz0;R$05@!xPxnrz=(aT@?F=B z3q=Tj#n)nM5G+8Onas%GbL>9~McEM?#rPN>V(F+y^XU&}4sd+Hl&`LK?XdptX`N~m zZ1yH^H`F```SQUBv7`Yun(+h}rtGz}YZvtrv{pfPY zdQ|(5nJDylQ(vhFcI>4aqTPyOfd~;A5;h=Q<*}p-bn`Rq5gBljs@TV3EHfKv>Z&nW zDm}{iK!56`=lOEy9luLH6lR#z_dR?fGqM;p6B;GvCcFcNxRtWo3G9qqJCR`ynMVlV z`x$0%Z6-gk_yXH=ZhGa!%qw+oEh2rod9%zi*jkgv5aY||=0ccc8g@^Yf1pFnJ<&nx zRIiUK10KExr-;&_`2CJye0#o5_cY74V-~@(fZD?XCmUvdJjPP;q|5mTLS?=wkrVA# z{nZj)ipI`Z)lT$%-{ksxaBzJ!5FO>%|Qi+jQB zjz-_)eXN4C{@SZN=!oID6b;lFk=Rx_ewkQ3&J6e{+l`BI^5(3DcgkGh<4=b=1%#w? zE%gW)rNV)0_MM?Iz8?^q&Ne1(PMOIlEUjfDXr0`2PprKcnLJ$S$!@ki&Qn^}a>WEE zbcmFa)ne@i-v5<`ejCqAKDW9>>@w97&5%Lq093YgfeMjHo~9w(5>it7GHk&?@O$6q z#oGS*2gXg3Uq2Bhb@54h|B({F1EaDZf`7!lTy(4ZbsW691(p}LElyaQr7UPuOWr-6 z;Ef{XD^J1-J}Q`*d3nce_rsI5juJR5xDG;l1w5&-CCwxZR>4`*&(w!+#qd#eSK6KU z!Ks!_PmviwHkXc(yB2Ek#J;I?Sjgt;Xex4V@@@uaR8@*k;N%XN+gBN)_y}S-uqlw2 z5>kC!MW?$C9E+-K-Nq6UEW0)a4v~EK@?ED|sgktY@vUT&uN7oPk$M2fP@lz3_*C;+ z=&lx=_+2f{90^irx56umho-_57jK&^kA1g=4_z9PK{ru2N{i)>)b5jN9({(LCFSr! zvuFl}F2J}R^O*5^#q)HY9gLbX-f~Ez%liG54oCHILe0Dbr8UVo$Nm%2+J1zK+(Hjd zB6;8;dA-F(Qh}v?TZBcITGLM(J?^`ouV)=^9z5I=B|(t*t+P{+z*)sNWk3{r=bM{K z{W?ZvT)dles}$wIj%g0og=r>CgA%1dArm!{;1MpO>+2qI2c1fOjv7l?eeK!aIO5E} zJKLq7by`+&Jd5KzT>L&au*WgLbL1R8_-qy2icA(pbR&~rE_FX3qd%yda52#Om!z`F z_Fm+sPxXC4bsGLg@iW`k9u>O9wLpMYRmhS_)c-XH64R0jf!2duP}>FoOXM8rk0jok7h63<-*+W4w>tQ&OLGg26QaW zkDO4#Q8c*fN=RoN7EqJC72VhZppg3B=u7_cS?ZtU`PiFaAf$qNi#$CF<=djOTqy`n zcGnZqvF3Vl8fRARxVPFL`#r&yOvXVB&B5-5TI>EpR^=6k)wDfL|T79yrX zfw7#=5c=1&KzahoH81;I(>U~W3j_vJQ6)J9^<$^Z_}KfPFfjEzkj^^d=^ za_k+x;6LB)Bhvvbgf9jxnsE?Yc#jzrC&rlBqkr_OVn)Mh`F z4-5h9m54n*YrJ;g7GzGeQM4tg21?C*piIskuK#rmE0xHT$ZMZv8J+*dL}gQFCte?W z8U4H`S~o#>ebj%T`2Jtf3e0a$oMyjUc{utO_d6~4wYjUExq0yC_bCd*A%WX6+6#LJr*C#W?Y~;~>~ju@rFceNGmdUx z_%iOi!@JZ|-JI}1Cc&nbXG1I~G|nXv{;5Lef0 zRq8QYuX5k)ZZ45p^h9F;fo->ywY~i>j)k%#Ea|3tf6KFH8MX#0@-V4%(Z)0LguVe; zH}UP@Anhbb+#z|V3%QIAY8;i3PdfFE8U_#HuAxt}l=z{~AVfz%JU%}v%uEDx^wI0N z(XQ$jxlJr6O|Y&n^c%@f@!|@IDlMnW)ljv-u6(twThuFzDvji~B+b|@bl+D+#v6Y) zs1IMcPcsJe^ZMdI@))8U$!Ps&Fw4fSM!9tH;T)k!P$8@UL8?wo8TBqFBGt2bMm?%b zcfCCfp)R_I9l2>QhGnjk*dV#*)I@(VNStV0ltNpdBfe7i=jIKHZA zpkZ{2@jF`|hraP6gI(9XR2Ft^ME9bxR}sC?{Fd?L$_z}KU-U3YCv5`uyS&-OTye`q zm!8r7iRBW{DYqTTIyL?(z-wp1_j%l^>qXI1b&JyBPA_8ftVg2wh*0FDeO^*zIH(Vo zVqCGz;bty2)+twR#JRpYx@-GW_NM~<1tm;>miLek4$gCOXfmVdO z-=E9gIlMFwix;)tJ@oA~qp02~YgM24v&J=*iQ{+{4VJ}z(n7UtM&5+&;Iw(6%t@KO zqd(=scAY8BCotSY4y=Uh_BBRNMj8wW+}K&FLMfkFK|VkB1emx%P4aB+bCIg1iE`N~ z_Pyh89rz>Fo}q_-7E5klOfN*$KnFm0-})N*2*97@8`Q$N1O2ATjI|`-UP&mJ&Ho~d zYb$Trpyhz}^F5Q1X;wu89525l1$aj9>RghqZA~W{1siqKPGo|h(&YYGI0X2b6 zQotgws>P!7eU@+x&4<7At9dk6J7Uy62i2EVK=Jo2+b9+`OivG~YVBMoc&^SGLkYg) z(WHx7;qDD5N6p6$^>bEKWRQmKk!(k}FQ`DE`mOoebOzxofJXTE#tocGY)|+Ql0*|; z_Pbs`3qaAGM;$w_(a$$DJTc!=`r}(H`y;Z_A=JXl#Br4frj;+7i4{K5&5P8K%HJR3 ztBv1IK3t4EXEuLzL;89cRds5y!uJX=W}_W?@Ldh!u-7m-l=v0;_}BwZB1o_ z&I{;F$%$aKBX9-rfB#CFXmZQ*$!Dwn3XkT2l>LhHQ~{i=4f2jaZrmNDY+K^vCc4Zo zb|X5=hdsu6B*h4fBByw}8$6O9ZogbZb~gML%F-HUE+xmc&8j+$wb^Gg@MyhgPs{2- zk?R|a2_~VPQ7GH*oB#$SZB8H1ib;aj&jvUvORA}taOFrGc1Z_PSY^i*n0ISxhO{n- z!~wG1V{S(_%{J2S-cX?Pkd@kr%Rz3cY{v2ciJC>|cK18?V%@!h%$yz;=Ef{8(hov8 zMKwn5ZZzup!XQ9#%Z4?M?9O;3i?N7TmHpBnOR#Kol`5WnclNB`!AfiHm!~rH5F85uw}qgz!jvXzUeYQvVD2XEGPBzC_jX}vMh9&^AuJ>=pM z>c$;+A3e1OgP3|A1IhX5O+D5KpEKfqdtE*dEwi~@+O!SoVQYU>#Hdr{Hvn^;B$ z@b_?Oy2xlW!f8Bo={ZrwD!9F4=qp5JyGtjNP-oMB^P=_K2C4|{7NFS*h6oCf!+eQd zydk>&WPcVMno0J)p{g)ge_1;VeJXi2Iur6j_+C3|n=1o97>G=xQv|sb-QSkoksLH` zXQf!eJes($R=dfAOgIx?j61MoHVBzN1@rI})zklUpVq5;km@2rOXTt{ud>f2K1c)3 zM~*q_c86LI{n)hrbJcoz>T*&`NbPX2M|B?H0|JES-SX`qL^-F`9>j zO;xvO0t<5J%>JTz0fgg!U{Bc$P4-hmt-Op#J>w>E_#SNQ_FVqER#Wb;`X5xt+mM6G0^Z1QEn;f?c?QlF4|GCAwt zLl~9Nqrc{w7z9#8AYv{k-7B^ABM{-lU)sgU8l!AO97XTUxkHAvZ0Hwnv4(Zm z7M|PZoY(5MTJv!yCs+|tq%LA@gJTcz9RCpe3$2>0W!C{6l)w~3p}c@I1)TjA8ZQ!S zO$WP}F`<)9fzfC71#%y~4qUUR8f9Z>-b^*XGht$lUfA(55xl86O`&9RN|j_$UNhc` zV2Itp8bIZ^|= zwa=>8D~C8I@Aj;VB|!bfxI{98beNOrJ_;NKnuH?v_lQnC03Kr*Us-qj^jm^o*9XO%+_oUwxO#s?`Bu|@1#dXDOT_8L ztA8BGm^N4bZxzvjB-G;<%7JnCJ*7A8X$C$l4<$Q(8q@%|#g{;pHb6{8OzM*Mas zKm787N;}Ey#rkN>*m8Wr>EAOgJ2YQ4Fy&1Shpcx0#rob6kW+~rdQe?{MPe-K`MefZS{+Q*!cT%*O>5A=RZ5Lt@8{k?C50eu?Q)1!KRtoI4u3<>I+ zO}3k*+m<-QJ0sdJ>a?ng*D@#tQbo>&=g$v1Mo}C!&G5LK>v&?@YL^(F;orA8h2I^N z951XqdO%{+CE0IIOVnmeK*m7X!n>np$5KNQ0z4I;wbA6TE#jQv30Yk_ZA7B!m(y!Y zu1CBe0eM*DG||FRU=KcY_=Gm!@DdajXmG?;NoU3I%~K4;y%SXMv7al1xtYJcIL=C! z510X7NhMhM^L37n0Wd||`Z7h1x}$qu_fD25d?xC}iNz@4`}(GkcH9@WVU^}Qp6>BO z`ja(A$OPh3+>6j96{fiS!usj8)$%^_q!L(%zq}y|e<4=J@+s{bTcNTA9(cE>NKhxi zQRW9nVbtSh^A{Po_j=lNkyacF=T0W|U8iVhV)JT;)vn_j6IHBTmWePCJ9G-XC z^1R#X)%^Ks$^Ko$L{m@i4p+D>1Y4e`wZ0VZyu;9Yx3KW2-_Lyoonh-1gAm8epe!Bq z_1WE#sX)U|$?n=)$lOIU8H6Oh`S00-ViL{Nykn^-fUBFrIt*2}<4(J_D8 z75P_7tlMes6>yj!O=Me0o#gR!=ew))PFI+J+R6iOk*O5@YA#wBeQ2BI2^ZHb`;=@t zKio9}&rHcZn1MOvgQZ2X_*Obl@j606Xfr<$!BU%yR}`+wU++f~aDO_z0(Skmdn>f{ zRu8y4^kGa(%K02jV-)6JU z1L6HqTssX8#Y8;st*TFTaOcZ3)o=FUn7U?(FrJ<_iM`I-HDmN?+aT!bJr7=Tfkn|g zb~AmUYVD0l>7-t4LPGp$mvy1nVH5-@_mfK-fwQ_)RpB_2v^*f=60RoVZZdJ)_sT&e zTj?*GD()$)f0`ktDhJf%fn5zI6KU=;-T9<*sJ zZuT!%qULr6b(BVRw|(zXF27D^GI8(xD*VbQ%t_99@MV?efNXYqff>^EiE8ar5QVT^ zN*sEH(dDwwFF8LQC^t2rktIAWOo)0X^q0uUB}_@kThfWoxojwpz#oD@ zjov%lJFzX~ZAKDeerL#VvZ-lh*)r2|?-lT}0i7`vn)}%4-8fZl{EJfk4NhIY^U+Pv zsaK-6{Qav=W&0Tun(}b5PuuZe?g9SZG7)H$V2tNeE@~p#_)fq(my+t$Z6+|ELqL%{ z`wOKxv`xs)qFgb4u*)|dpSi^QSs%$SWyOSQ+;VZz50~ahug0K-`&)Q)SEK0uA^)0&uGcd zw(h}ChG63-5C%Xahi+k6(3)i3_+YkS7Ch03C?dTgt-N( zq&n9>O8!jkHFr(l)u4LxKVBUThf$XF1>=7lJ2M@|ONI>J5%xO4e`+}rZ|@T@>=iqR zG*HMSbF*vG-)%2A$ulx2Q{8G9}sQ*Z^o8%f+ZW+uu1seE8<@9Wwg=j-Wh5I30l z(Imhe|39UieBuVx!yozk&t}B36P7A_UEPd|aQp1=jj;c9BD};%jk7ezCDqAR#NViv&gC MlZs4*lPCscyWU2PMP1t zz5I@yb@e?jt|hLv6AkqOJ%D6kS$^Qb3O^_g6pEDBO9&%d5`BbJYkj|(Fp$d47=faSw3D?uRPHLR$0DAYPEHzzmt|2?1=fR_WD0*gq5 z1YqGsAbAl`6%d0-q7YvOSRDu!7$X}y$2v48{6YSDz=A*`Sy++FsNt_K!SjHX7qwx_ zE?u^b7RT5nys*13$E0#d?tN0hXW2@X+H>4HWF4AcKu~DY)@|FRWn>kVlvPyK)b;l1 z8{iF%jI9nHvbH&FYj@)0sngCbu4jCF{RsX6=P!i*9u^+)$Cb#~xa&9K6B2JGrKM+N zX5GDa|H0E|dHDr}e-{fZT27f-2BId zPm9aE5CFMC3x2N<`-vAX%!`GU70JrJ%nQNd4-1l)6}4p-+Xh_=_G4ZfC3aut!0wGn zeNwSba*rjI@3?m>nqNwhyp^_0?F+O2j9AEj#q2AwZ@hW{7ZL$G56KH~U z^q{Z*Owx@TZ@iAl~1j2~U5YRRChXA_(j^Q9i&7Fe4m`n}?1}X0$a5d*nBpAh!o!&yA#mWH! z71hlU5Wq9!KI0bAZsiNAMG&A&-c1WuBQ4m>6Y1D4BGt-B(Pe zfvYa?{oV$v>VI*7gSHD6(eShVesV#VnSsl9K3?14|L}2C3%g|CpvmF0cVmrnfIzn+1kV|Z76;vE_!5C0%Ml1e`4WL3EmC?_GS6psyMBz1 zPf$5m;X^R)t(FXKi|LS_c47IzcVNcu@#C_*XGJC9!X;1jOL+!0GyHlqC^>#9ERoW% z$VocVJg$*_@o(}q+~EDrnTm4_=you%h+O?sF50rK3=2-9j0x+H6Ul+K(Yu`PP2e`Y znOj{for0vL{n=rT(8qq09#}8BCz%lnhuCBs1SD-8VZAXMD~a>m1rTU8u`5nsgnIm& zNgcj2F$mOZ9D=~(=MZ3C*YcfPq5s1H{6c+vd0YF4Y7E+llFWtcZfdlvs2+(*fAISD z<%K~~m5q~Or7Zql3Wlw<)J-|nXL}XrlG?Pwhzs3az?3_rEqU(Rowvs;wQushvt5{} zQdcg?><)N{&wCbnFs`nk`0?%9`#Vma!&^QHjilz zm3B2ktsc|vF^8`FvrkVvd4HFN56#DlKZw^&o_9yC-)GmYCcX(CHRc>bxXLCYt;=bX zFGS^@l+om~NP$^dq@2dBRk8LDZw@-!tD38-&1uPwhEWI1+h#6uDi-qR6mw@&?O9LP zKg(*d8X2Ff2L2cJC&anN=ibxXEYP^=X4;iPS#34&k#EFl9i0;++`kZ7t=?B^7oWBm zRq$l%>xd%(?ZO9T21SX@N>hBJ2?H30J~?;2(?l6phy0dMbE5j>{tj$n)L(t**>w=m zdW>jy>|P+g;J3^DL$dwRRDo_W#l$7#*@O2;WK=BihPNfdm}VW9SxFJGsU)-n5KN;e z!m(ZE2376^`=fK4(Qopocdsx^GTf}Sca%SIJF=je_#toXPjTG9yLWN7&-t`iD|KDI z=$Yg4B*6Jl2R$|Qp5bU|A^!7znv9^m*!7K<;}~Ns(|2i@DwR9Zor+F8WApx5F9khN zjSVB%^pvwld5oIaTSlKsF4W~Vl6##tVlYQ)$ip#PN}P+d2_MKp(I3$+sHsvCWE2GhZ7i}+zy0p{uDDh=(M>*N7j*QFex%50kVcWZYYc8g< zL(zE6fjk7UimBO|&2VLpP&Ad`-b8U89g48b%1AzYbZr<+6{A< zDnMfBk*&zReI^D+RQH`JL!PPAr({Vo&pxkIa_K~?FE?vRiYMzk#S z6swQj5!*+Nef>kTdy@N7L^FKo*0{9SWg?e|yYumZjdOP;9P`ymaT>5I2<)bUIjzKN5$=p@DQ7>18llI-R9ivT*))S$M4v0BL{H zzhypsmd6Y)$;!b#uc6cUBQiH_4{&H;#9P=#_!=0ylT1hvcQ(h{ZZZ;mCDHU=>aX-z zQ)f3P0bd6(tKugnm++Rc4U`E}?T&hpqG^$59f7BVH7;7%XFa58=(I6#C$cZypZ<`0 z>r@8eo}+E==LgTdHQo!}yQoDoF{Fv+^Tc3PI+Jd_YRk_bDY`PmNqQbPpm{B*>nBA?i6-=`7xweRpC&ngMm z2deDqbF#BjjHm9L5Lzl3QgW^$V(AzzlhX-4CR<7iRFp^iwJ3*bfr5Hm%w-*sOMI`+ z5cw3JD<76`YqlycjqOvo)AqWfPKx(&?QSme1$v{ewg`=z6zQ9&B(LtN-g$N~CWJ#( zR(DKy2#fGoeAR22AKNqCukr9ao2ZQW?!pey{M`@I!VaMy>;z*dc`UHdhh+iol(7D3 zk>JsNxE3kTFpF@rN;d|P5WsE^Uw}ZOdm%H@?o9_=sfGO@V4wVHQyrC!NM@xDEQPw4 z(=A(2#0Ut?^1LBV?IJ=T6XT%eBeq=Fg}*QC7vMmR{305yaMc9ao{Tw~6 zBhPMZP!#&DngdujVi6+=FOR(<1y zj6GG)=-uiY%K9Ln-cs19py@!1*q>y&ZBjqdRDvR1)}87h=!}XCAq1OkUhKNJK-w!R z+16i|>#0a>$lm@Wv066TrxIO5Ev&pH#&ss{%;|Xu9O@V*)qQqMKX=NPq}Edws)(p? zxe#75IDo1j9M{}JBnDlPFBMR(edMZMq)PA(a(Z4XIh%`LAd){ZC9I7rP&5WgBlDAOv2g2p&OgDYjr77IkeD=Dt%{AfA0)Oe@p&&ul z$ek9EIZ)Hdeu$zZp3SP4IEM}&tjMs)JRU!Avd zC)5d960t&goZ&Y3Lp_%I){a`RgB?q9!+KQaRl=ygMf8Zj@0f(=7ZvTPRS^|Rq)P$A zxty{Uhc7#R&uZ6%ayMb>7COz;a7UwR7&A{4HC+~jk)K=O(=@dA^1yfjJUUixn|qGMMAwegzS|~Lp&gPAPJaupsTp z#Np@hSBYaM+smou1B@W}05NN69>n33?GX6#59ud`aJRS=Lm5~UQiK2ls{#SBl<}1< z%>MH&>S!*i5coZAZ3*tF<`D?!ZA*raRyYKP=oUKcKj2zM@t$d5s_~8K##J5zUuc-X zpqgP&Gb@;2XTUn`h@;=}Ao3GoyAZ#aPp>8KgQD?i ZenM;Sr^Md!<6%u2&LYxj!8qvczW`OzPx|7fD1xRCodHT?cqnbrPQ>OEw9;1woJ^0xG?T^dePy5kV0Y&_hs9@#Nq{@dRw2 z;;En?AVsA2E?t3y5IUg*2%S)ap_@iBH@`{V-rLO*vP<+5ee?0(*XI4pym`}KAaVv@ zIebdmdTDGmiv}L@z)HbyEbXrFs9aem&0;Q#2KUPY%Y~218Jy;mwgU!RE$t!Wg0;0M zaGw;2lKWdpJLM-oHfgh^RhMRgMS-lMKw;?!(rg|iSu<%HrCDH6Agd{mEFIQ`B>P^P zLw{!VC{}-eX$ruRjDsYDk(ccufByXR{PWLK`SRuI+_`f!XU-hm7AjPTx_9qR0RaKz z8;6s}{w_$5XCcx#-TFJ2Z3VOuBjVCgshWml`!{q zTeN5qMMp2-|t{`>FiwY1x8NfW2@OO`C*0Rskbn>KBD>(;Ft78b_EiWOsFT;8%}3k!2Q;hV?(3-2HO z->WNB$c_LtSgBGa8aZ;LP7nJvYu2RXjg&)f+Z6ATJ~ zO8)xmuL(>Ibqo8?0{0Zi_DqI{w{PD*Wu~{@dW+VrTc-`S6eJO@M@2=^mtTJAeuZ9~ z-M@c7!L}2%sJ0-wfK(J!Nwa6qRz?F8f}!7g?>(9_WeQ!objiVhUJUuCz9ri;8K{p3 z3C|8~`}Xbh$Rm%aK@Vdbo?YF#b!ptVaVp79oH(IQ0q%nubd^Yuc6PfRmldEc!9ZrX zb?cU@KuD^VEnCus3m2$$>(;8CXUv$P-Yo6|K$5LrznJ>iy^wSR83+Gm>SfNX7*sviTJ$h8}j5R|-i8DYOHf$iM#p>0o z)9u^0RT>&N#m}~AS%Z&nf1VOECr%GR+qkhHmcC$Z&a*OUW%L}(j@X&j$OSq@jr$FFh)M`WT;&E z3R20=Lnwd6Dpa>mV=DAu5xRQ(EXCirTHyB$41rK zRHUjM8jDLGKrvBgC@DVS4~DYJgbDY7c9bczgo-< zr)=Z~Q`U36$s4%qveo>_v4#Af=*2wl!gBuCnz3A`LqnGEL6)XjB$K8>-WT$WIbbUl0{(2!+K4V4jnpZKj=$5V@DJ3n8o|$zJ2>T^)2BR#b35; znbY~-bFFUrKI&D1+$Wb0`S|;guQXeL4_&-rr@bfgkWJoH|CBf?U$YFoK6MBUUpSJg zG_ES+-aqu~*N-F@sS*KUim$%e-tU%d9(YZ|LUyi4+sgtSn00>tJpH**5soB0|2 zpf6O9AP|iPNr|eHX_EFb(r@S=ct-PPysWy%WABng!TS39Duc-$`3Rf($+>ek0%-dw zqUIH@lbsS(KGtqgnQAqzMBA5#(}J;!=~%=`ujY-i8U$OR8WHgyIB;M(@jrh2c#X(| z_=tgJM-cg&CDTGF6J9Qu2>?mbYZV9r#>n9!PPl8=E=O=UtH$+q@}4u9j06ehCyd6F zB1|S6Cjb0od-`S|g`D=Gw&i2VZc8CbP9Q%CjJJNi9yM)Woz~9YLi4^@M$xA(WqQ7N z`=tUybA?DRAwiAgwLAF!d(>b4`2n^aQfb$(U)RMRKYpBEc;N+-$`N|-!3Wh|1(Rh2 z$cDhaMPI-E`l|+}Gs3^0Yo0S1B$=p7U%Tu;lBI4mrQ;`3?ZoZev?1DuI+u$fdulZe z`6eZhe?c3)A|a0?siTH7iX?%Hd)z_s;>D>!g9eH#HX}(1kk-86L4pA?k|a=b zQ18G2lSD*BxEmtfIak#S>4vHhFj>)}MbqIMCy?o4lLZxltHa~}O zn@u6yc5^7V4Ux7rlv{>wpea`ZZHpO zSBHb_{uz${=9_N{{h7skV$^xb0-T!I94u;-h3HNV=fs9_;7W3x&!0c9eHlMu+p!cp zIyor97+Sj~s>ndoEynNPzrUkDV;--*`YKDB%L#Ym#*HjxNGuP5CC|$8K=itJfeypJ zh|p20d(|*EZWgbTMeVbcC#4$)<8|!VQBkoDsX}qWsa&}-8*_g9?YH%s6j>_1s82l> z@02CaY7CcdD>j|h+10LH+i^|oU8ixRvY5}FJ*(FxjpnG!Gw9)F>v=tynEa_WnO&rq z^hly6VV8+eOOZ7DCr_TN*I#+%75etuZ*?D127|!Qyi=tYY`UdOmud+U&V$BA*aZax zs8q%}KL7l4ovYD*Mq4LN6~qjW1Bw>qR%_RA`yJb)g>i>n(sqY&$GzLQQ^Ypzd?1`V z9}4F#k=waV)E@rq;4;25=UwJ$Lz!ob6k8zMrSCBRByGL4ZNr(j595lZ3%eZ`m8*d8 z@Nl=+r7A00=cme9TFbL4vhv)k?2pUQL@eb*yW|2$A$@AZp!l z-gqX4Br|Yaw~&;*di8SL=PJpJejr(;gq+*9ZOg(mx^~bPfVBV*b2P#v&6_uO^eGIi zc&ILhwlMn4VC%UggZP3y<|mSj(hPq{GIan{nx#s%WPcl#`1Jf#8BzMNi42?iZImYN%tvS~tnKEfAf7&dH}+E}u3$7xin zqV^v(UP2)K5ajgf)9Qi2`veFBsHDS3D5$o@MEUc%ms~*%4EV|vY%}Cqe541QLnMoY%hG{cPU6Syc)ak1vN1sxSi3E=ER@8}^ zAu%ygBk*7{M8~0S04Q2?1u!fOYs>@c!l+4u(Ht8a>x2$msCRg8u7C$yqC^QjjRy@! z0nCcIO`kqp3m`*6LNZiCa6s_Il`$?M~@R-TKLF{^7IT}re!7W@M_r*ryVTJ8 z+@V{$V=2&{M1kE(($<4#XpAt|s*ro9I#3UWuZDW}?oFajlrRSl9JuTH5GMj7fT_SN z@RR`XC?Opn1_3wJ8z}QVr)QpN$G$i>D5w!>HJiSW5DTUKG_T zUO}MUpLT6JO)m^yK+Oiu%@l(fLt~)`BOn9;BN=a&t3eIb^zp|ZlXzBo8;nxCjgSgZ zjWG24OUbqw@JSntdOS3|)ld-t`ASKRa5F9paxfo^W~dRdVN^vTe+qSC28;t~=gQE) z!Mu%NG5P}Tr=Nc6U@$l-VtZw%F42#n>ad?#C|tO(qC(P|8LUf}E)Gd%?hA~JECK-Y zf|&q`3#Y{s@K}_-<4_ z@6(qGFCRQeWK-M$m`uV*`t2&NL){v7vOD~{orA@k=@wKxn0ubx!Y{_{mlnY~0MBzGWhD9Z=E zPH`{vC+dsw?WQ{rHN_$Y9rJ@Xx^m^pbg1wY#ny9pr|1{oSqd|!!$nL@-gxy=F=r|9 zRvdV)@&}O+Ip=t^nH&QU#tVqUZ2TSFKv*_@2`hAN|7f1TMTq%mWSy>@pbDP&-h! zFwP+fjd&mII@|{%9)CUoP5>m#p+kpUhtOk4ahM8FS+L;@kJc@+oCJ;F)S%1<^9Mj$ z!=pw_4u5_DV?rXs?m~dp+%&fWibUg{%E#=T><@_>{>+>Z~6 z1l!9~`z+!$wWji#2H*0S$NF*Qe5r4%jOi)Y=NNpki8TI&i~%C)=Cz8dQz?e1zt}-e z*UWf1VPEV}7Dq>=oct{kZ`R^PoJ=SKND%|pekqA+4ZTc74kXdOq+_(;CE3kz zek~@FC-n{CFDs7Yrom0v=9AurkO_IzcTU5X(i%pT9e}ME#4IXIkCD$5b)KWwFX0(S zRzpHV-mc{+7}KMhZFvH@`>NUeLGNYUzEF1#vSp1?@98|U3%&$Y8Hr*T>;MUnGX5|N z(l*&;j^54#e_RGd1QM%cs7){X@!as2fhfp7ANeLS-J+W~v_L3;xEPFg82Jcx{uuz- z6NEMpZ}c?qYg+#?kG)IN&DO3(fy_`qYy4Av+svR_I2Hvwr@#_OG9>pxq+#Czivn3m zfh6gywy*qzOZzD+d$#(rD3C^hg|gjmNUw5ofd4Gwk+h4}#-hOeQecmC&`#O~qcRTP zR;`d$S{fJ)63zmP0^U#ng>Cbsy(mrHY(tXCu>z>*?w4l+bkvvYiHeZ^%MHN=BKrYQ zH9>X&0I+n(OTE|dL^#PpgKG3Y4hDFj$*M{82SvPo^#=ddoA<9~5Xm5AmKN;BW=Kp(6z^iHdVGW#!XAWJgPSoyI-jw(! z@GXg2Ej0Z{VI_{0vX-(PU2o@x4*aG-q<^B6jzrq{dC(?9f}AbhZRYVH<6IT>e_AcR z7Ci6Na*i+3jIf@XjmJ$ZpX*HfF=65Xol6dLWhtfF z3Il!b)zlKa=_3}>D9Rqc1XnGj9Q6nERfFXR^CX)FByk*N@$Psg)gC5eGFw6@DE}h@6p;@>qg18n{jS&|NmD!^sle<2t*CTriP$ zv+L^WhK^4CkkD{>z20cdT%I<-m3NmHYt7(QEf$N9!FXbVT1G|``fcv^$9)7UG3|T5 z;VJ?P3l+Kq>Hw8pH7fqZg0fVZ4-XR_ok{I7cXH+*{jN2SuNOYz0d>P}KW|7b7BxiQ z+DTMgf>iwk9Y>goBgz7}O@1H?9aYpzX%;kW)wnsG6sAE2+UT#SW49IL1XS%$BbiC{ zi9@!v2`UL7~M{=GYKGCwZ-pRz0SQPZwR<+2~ zY`p9#B^+po@pEax-r{9MfY4f_6T_hC4t9-&`@_qM)>U}13Z>9_HiAcdi)f6f&kb+3v_MXoW8Q$%tw#RIS>u9{jC1ePo1GL_mZAwPub-iW1r8gX zKm1M|B>qZ5M4tZq+QAF>6KuTaQr)%_^4J|{AczlTC1jtA51&E;=Hl6iD-2hJ9KEyCZ%BqOYB@m#>XNcq0(LbS-|oF?<4NN~42BB9{CHDYP{ppw$0i?0FH!BVT5R5%G$2F%x^2>*-$(0JF z&-XvWDKmu09lH^P=3?Us_J75Re;JEYI``f$qjlaVaBTk`PL2upRrc4ajhcVP{xAeCv3V6!Bi zsK(8j$3}%pHxsA%5I({~U4H?B(Za`ojss-&u7}HSMwUA^-_s+J5Qey&ic~b zs{fhGh999D>dF82e&hKw;Ow}5@+~>BT0SkczV6TE<|L%|jbm^h*-*Nz$J}rVZW-TM z4iXW5c00omD*S`0p1eBO1IS%Jhkt@AHdW*Mm%TRKdPr+-o9wppVt`a>pd8IOpP5Gi zp_;DNIEh{fNS+9KnGB6&UfT)I!=SYE1SBZ2drgMb&Pa+(|HEX!Q<6r#Z7YKT9@)82 zJkYR`u-8e{Q^K`VBvq|2o#@qRs)lGZ(@^2L4hZNY#) z`3u3Z^RHF%M)cXJ7h8>Cb z?WxlJpc(spr@B!SKZ~^>ugfQb$)Pgo1D-;DL;lc=e<+970+-Wc^gOI;v&rXoT2-+D z`?$wGYa98Jwl{^Cl%Cc3ew5Hvf$5__uNO%xMef5tS3jPJq=FJVo$L$~BAD@MR0u)gzLm*FT(-DUODTY~FSXvcEO9 zGfF9G0go)aDOJ#=J6X|IsMQ!s75U845%*4~^|&#-;>owP;$draJm>l+;XlB#9gT#7 zSV!R_-zIu9t)MNh=9Cbmo4}r^#!C8ntZAc3A>)mvEvJ5C!`Za_jj&~e>;AHQ>bNfB zQKw!?HRUqhD0M_~;4X3pH;(GJf1?+6GPX8pPbG2JFW3ZeZ8`jc&(}1&>P9B}LYO;z zJ}1urQR-t!3rchoev97WAMjOljd@z-fr&+xwb+d;PgjzkIV}@m5Vszj`aB>~`AUPe z*#LxF=c_z=WY{MeY#BfeuH}CntqKCNc|FaaCuFnOv$_I0``y9-foIoN{=u`Z}VK0X6{hYB~Hc zW;lQiWVQOS`WRT}0)+|ae1d}pIu1YlI4uo2IieZdeVp431S3o^>pwr;c8$}p!A>o( zIe_n=mXS+xI>$Tua-qa|$d0*sB=_kGdeY1(u!3))7hSL_yCy4LEU!Jd7IRI%#(0eU zm1!cox|Sg*g>=+na9w0rsQE#U-RpdEW^dD9>B*3*hbG!}_D$cPK-QFjI-3gN5M~la z5wyJH7%`~_q~#h9`kwH<c-X8x375V73NI2-CLvp@z7>Q_#Qn`vqlI7J4{bIVT*-FMa2*j}by z^^EvtZXm2JNICr!Pyf@lTm>6>l=>NN!?IrDZ3h5B{?9abV-7;+@}~r*4O7 zqmezC>1Xx=t{ecnWk?pcMN|OOPC5(%yQd6hyLnRtwbTT8Z*TU4P3Gvm0MOca9$TXC z-%#RB8a|ODuZtwMC@wyw>!uf8AxgV^qmr=fR?N|`(@>mZ#08@!xOVB_Shh}Qd4e*J za40!!E5rN~g4?PSffKY1#Q4!j#COq}+Lc-&Jz6Wxsr6Owbi=aTYu@qOdH|YD^jaTlC;v`iiQV-&S z53WgW2&1@0&gw?lnd069MRtQ8v!_-kw6pk% z!1lU9VJ_2}02lGt`t52IpRkx#t&um*J}WIni%yl_rSpM@#3X9KlE_H`#hlB8ycaG% z*DP{TBJOKJRZ?8ele?Gcp6QGQkTcK|LvMWR!%9u&+PPv^ucUktd*|scnUYY3#y6#2 zA@%a>dIkZR(*nPk=@)Q7RsGjsQ9wyU*cq#XSyOLoMTBk6g`&JBd~t%2-^mDRoUVw` zW1m`d=j$ch!eFv_`;4GyL1m^X@vgn z=bz**Z6%n4E(Yji@bR0tT=!M;Qx|0<9IDG-!wOe*w0W3snDsmE(uplYJ>F;*YnE%# zLt!cN*64i`7Ig>~ENQ5Gj++ufTM@J|wV8WU5;}!sduWlr{BD*QmWZt6465U16@4it zx0ggtzvo*oo<~S)WP9xrd)=Qj*K4-*R9)Qrm7TQJ-Cljsc_0c`Uum*GIoMA9ruPB* zf~m!M5JNpYUyjwVGdh^OhfdP<4=fHaaq0OGZQM{l;m2dk=+!}%QO4+O(XQ!u&pmBJ zH_gi6uzU(td@7`zC@%>27gnP;zglWN3t^_rFqq^MokT2-zv3M4&iIZEhkCql9o!ko z)PTz(AZe|nqVS`(!foW0d2~Ms&ISala-H!+@6GU89641n&M7FLzLVNR*;`Vpk|j>N zfFgkF(yYr7V}+=+c7M? zBywC6Y~a-Y#?o(saf*uZIxgTLpR1DqqP{Q4-sMv8)Pikz8Nl$%OHKWvWKW?TZGAY- z|95_J0uXSY^Yoj6@2+H=;eB80<1fnRk_7RJ(2>?kb}qe8KDDd&TBW11y2PV3WfrT8 zajr#13Q4Y%Ol%1?`JmftvK#K>PxD-=We=I1d0AkCRihJA5}*79g=<3I1vYnXiK^?r zQGyYE2>>oYvJ_Zv4)tKQQ=>|>4P0d8()3lhAt#xezKkLyHrMa|h6x1DPJ8}Tv=rNZGzM2 z;g;{1ob=LRH+tktOa@#dJD;}i32>l`VZ^WB$wz&~9vA|VlN7R0ieR#i-|R@jJ~fyCSN2>lwt9K37Mf zL?TWc<)wm6hJv!|nPNr#mgl>3k52z8*qS~hDz>bf}N;K-k zzTbGCrt@VP>Z#U@Jl5P~eye1UnV_BDkA8eIjp+bnsPO)-H5)9tF7g+9PS54%MK&!! zCyk&n%~$R5dy?MSA!C6pqzStpGnPog0IRC6~h?k3-mDqOf)T|Z_w>I zexMat3uDi|PooE?Q&m`gBt2ZH&Y4pC!yEAAYlbChFJrhMouMRK_xyBUY`#NI!(@iE zdmkduI#h=s)A?Reu74J0yutXv{<8(t??VMNtemy!{e zQe+Ufu^TuwCV9H~rQqH%-6KnN;7M~;;zk-C~9E0?qJY>CUd()bb z!_j)i%-W)BY7$Z>Kla+c!Z?pF@iCQbRH*~HbQuh!7EpFvGI8T&+jx@w=-IArBS;w5 z3f}8$tNQ}fFtf{#!HuZ9rDmd;hQBh|Zw~3h-C&Ks=%7jYNmSF<94yL)IrROlh3Te9 zscpD%&e3Na*6$1?rj%qK8vE8QB$Vd5|M)+A#Yj|I>@#R1sx^0NBe^~5tcCTTu}wc( zvPGF^l)-jxIg;lUfmEox0t@C%m`0Wxp9%I_ER#B_)UmJE3u7A`79bqE%D${(KOaX@ z40^4rZsR9W6iFD2cY%~6g=t0^$e>#i^?pwA3=Y4a*&dnz%k%T2!E_ZmCc-|urA3kW z5nmNbNxS_FhFiD(X&It=z}O&j$GQ zD6|-VyRv)`+|zFP10?O#y3Y9#ORhl$^{;4Uh|aqcx_t_G%!tV7QH~A9_6B~x_ZJMY zWyq&kWcK4r<8E_1O4U+2?e{qa_MT>YA2Qu)blh4`;HY4x%}+VdvGp+(FdJ*!A_&(f zK{c;(9oe16DOkw*uMWMA?W3ZdE0&v=Ma328$=Vwm4%TEisJyK6Sh)+187A%)&WRdW z6P`QIbA4;US;&o4MvU;%?-yK8(UV$aqFFu;8b)-)$GnTItV?&p`xiCk-=*S6`5f2A zk?^PGR7nko(W%<@vVFku+f%ucYx*(5kqexp2#LJd1uTcCxn<|M`H2#PlmWg90QxTp z{{X-4oUyOQ}wXx zebk4sallj0@%}{Evr>ixBQ?I|i~B44ion~H`7DPb4q@s;i74Q zA1~F%cJz>EOW}naHh(r8=UJYCx=@R8k|Y%NM-yfmVwZOQBoT?|_h35m;~0ErPxC-A*yX6c)KY>x7b@}Cc)|Ks;4O`H3$jZ5G3=B~pMD0Dxl?>2-ABd#Mr}cD zC*O2v)j8ta1LS<0(S;ZPc$wD4>n`Af^HPzPUlbjWUt$+X72%!j@N#NriulGo0N{SI zb?#yIXGi$FtM?ErAU;1{&QPYN(g^JxY^OmQ?4o^BIIgi@#>-_h%1};N-=NpDs2_|` zo-p7l;?0Px7#B0giv8+%pPAGS0G6wB^E(3 zje;_Q975&&K|62D!2XztmyB=-AVVibBI?^D)%$5a%pgK0@?^M@XTT`tnXW5*aClST zv}7+ny!6`MFbj}ap-GAXy9n2uruS{+rF3IKk0+jjoHIhG^6k^ptNm8ax_QWl6Rs0+f zMMLzsEJe97SW$nEdzi+k+p+VVXZX!hNx?OWl)jddJ|Jg`B*!z(lk$RuyM^H_EK(G9 zk8Mw*PXbrLGQ)T22V8 zEFSt3t9l~kl}9HH2RO&Uq4G8rDqn!94UxbpXs#YE(t!8gm8AdZFBEdwr7NVBfa1Y5 zNsk@rZnMGn{zkLJF&&+H!E`%lPnOI{S5+i~T+~beM9L0_;8LZQPW9kA7iv2X_B-Pd zzJi#0w@bwjTorvs>q&8bUBN@LFxZIT^TU<;?r#Q46V8xBDMIMZVT8;S|_4ya@dfN~> z?mHTg8a7?3k=Hi1^nEj@lOMSeOFSD0R%Q%SY^O!Ey3n{Mf9>T`Tid#` z)B2H!N?k4LJhGu+Q;JBs7IhR+52`tW4?3N$l`TLz^H;g?`y*LuDyK%)Jmw%p&*KbR znihv<@~dtcvb-MKeJ8HM-g$#U?7Xf+e19BXSDQNUU_dNS_J&J@of^c|fTp5mh;GJ= zGYX0+{655nV8uT$n4Pap=lhMGhSF@)V2c*bad#q%*3sSi&D2)7DKd z?~^-5CQbHOM#QGF#b#Zah8e$K3pgg_)drF8t6ki2k&D@%Ki!}VJ)+DkLfv2CEPC!Db zmnQ0UAL^HE(7ouN1Pzu=6LFrzw5Q8I^9p7)AI_!&*cvyhd8e)&C?`{U(nQ&5=hC}u zPQw0PG9NvbD0zmbqx=AAG{1PXRpiW8cXoleuDI}6K~BWie)oj0)}b+qPxw^F;w26K zyp298&7ar6cU68!fLuGyyx(OPIVsSNbc6r`XpHo9w()a1#Z z-P{UH1YD@FPfywE?L@)E07fLN)SQ`^)Jpfe2*SC_S;7_%7=5X)c=btXVt$aD{OEAy zuY!fTY?sEeCHvS&q9AZLbPHNp&n0da#+v~Yt8;~E{G7(#cGD7R1y(%o<5`@ciK+Ga zM+OniHFg*37t}~KAOq$<(AqAP_dlOb?u~FcbkftJ$4>PtU`j9Q5P8V-x?ynASYla+ z6O+XUo%15nKoQ+J+byM331Z`lV~oZbpcdOh2~XB=xKo^Bh#>xGsPO)BuqVYKI}V%@ zT`4BDtqNd#816)sg5cgMfQg1My*4|23jkK{lqH=Hd-Ryy|G<)wbneM)MWQz-FXy$q z`@u?FH5gMDIhW^h{+?2kkd&ae4bc8C31+0xD}JMpmeX`x)P&Oaup}EH+5VC^ffUW; zuFLg-E0sT)+RZmUaLLtox(u=f*~To`%RzLkJ-G+`Q5Z#PX~wwI`|{t!jdA@+USv>? z!H@KB4xsTn%dAY)i6r@Zp)3p`LL)m89e>kZ=Jq)HDUB^Lb8kFRKzmMfg2BjU?K$tm zDzR5{H-kOE$Z1D2);xZbC^AoIxT`Zpt*!vX_2p{kox+&j9z!l-x>)v zn>W5i#W5t4;gvXzKN?M@_Djpp)+BKXObG6!$;e|V?jgxi(#c(vbQl~F+_Hr(XSweY zLPFxcvD5B2larc=#cV&wAch)ZAo}wl2K|&Js!k|DF!kIE<^$rm_2@S<;gf$6=Rq-f z@5w?u-kq+}DI%jc`$_o@EfR>n%;;?>>iTlAsV`SGpXeF-q5ZfN=wuR#)~ zso&=uTAx@L?cCy!6pj&wd<><-z(j_fC%5A3@2Nv4SL>;JX>1w@Y=MsEc65lY@!mwV z5oJ3BkXJ^c8})m8^@GSJG#KWjF}OMjX!kJN$)CD%-UZ;0jPR9rHXmNx`Gs)_IXiWs z@zl7CoDnv{B}n7+?sAl4r=os>8d>~8A7b7ts%XfFOn+2oD+a69|z-qn8NwWWMFH>9ASfD)>#`@ zTMY>LyH6MMG#1}O_u#WGr1E$5LU)GVQi7HJ3$a_BRDTQP8h4ESBa^o8JLw5upLVcb z(>Hl&x}Qmi8D}{PlH<`bDfJ0e==5fNV7ecDU?%p&jlI>4_w3v2V5pARUvQrTfUdq2 z@2LYSq>PJb#`7xdQ#a>=F21UdAE|j!U452p7IL~R4;Z!d^#Og7B-No;QLsC^d16x* zYvc0u=v7>T)dgf%cqq#u#sn-^#eTQbx^OJkI~mb&h2ge}t8`VpbM>85qDY0Q$EDO* z6EVUBO|by@<|JB;kB>U`y4^PLcdL@&bxGa>#Ll=(ysp~gKq_k7+`3ZqKzt_uT*6Z*cT#JPlnS7)}{uFvfo8kWjxnX}z5H2DdiOlV&UPSLJHjH&ON^Ql(`e7RJhQ1GZmXU#ZOqJLscF zj`$0Pe4O9o)n0K{zjbFm=2$eS;kf9*#|mQ}KntZyjl-jeW2#rihljF-;6=p|x4kLl z2S$!EV*eV;imL}8af^yOeS!je)ANo!Pak17YF;%9_@~ege5%@CoRJZO?|<;r@ag3x zaQmYFXzD+6BgKtnDGOY=U&`CMG6-W;L(5iVfL2Zjq_^G9HNj7m@F$c63&=*)tS62j->fIJjwQ|k3IV2 zwLd@SzwDZ!e<1evLx}y?Be*}_z+an`KJOS^){f6c-xBo-N!k%=JrTRh%DPfZM>i7C z-YO@=&Cffu>+7NXh?Lm_Y^o6~s>-7dBAL&l%0(a`bhMNe#Xd<2{KDKEA4oj{>Y*F` zL7b`xBDz1p<0{J&HO>Uop5C&itU2h}wP*B2I_1KayQ4I!ea&{zF1v&Fw#QR)zI%i{ zjzf{;P{(+*iVoSDI_z$E{n@i2Sf*rV^^#FIv){?63{V*&6y?I)bYBm!<@4X8pwuNt zfg~zcI#|q`NjrHVFbudVz_tju%wQ{?GWb?0d3ba^afHZdR3Z}#P1OsAin@}1?aU>K zWE|%GTH2EzHrxX`c6vHzz4cz?z(zyQzv#FMG5Et3fuo!GqCDJR0?-hZ8xkbePB zC`+7#pmbqUyTDw5C)d5x>#&#c#1prrX^A74W(`y&oziL_cqbRuQ8(!ovEJppyS@|D z)#!1=f<+(oLPJu*a6INUj(spZ4d)>&G0AsP?c7$&&Wl5#$y(9C?2WYKRsL5j{2hJ{P+%6}`CIuOS(Z&X6_bEHmP(N3<_`*p( zzJ<%9%owFAZ@`Jp_C!;nNyMnMa;Vq-QZja=-6Z#yTaJp98>Pn1UE^UEtV(3!p$U7O z+M(JK;73Q5R`$ivbgzFfwx#Yc&cxFu-Ayyz{-gy&Z1qw>o&Xw;(xJ4(AP>1zViMqI z?kR+C{bM{Lq8Z?hF-OFX`I#=_{YTjx68Og>%FNGg|CiAJ;L;6tDCsc>{9k2$UEHzv zG+1h(naB57Z~lFtiu(>Heyy767NZ(*J7UH$1r@43MLn4!Zi#u@YHs!B(SKurry zI)e6`0t_a$7jDu&QQz&hsa!41*j1OuGCvNeh$O~V-`n0)_>UaW9az+husbHM0+-SU z5e^9oXcElm!swqfvN2x^;=jmL37G`2O#+VenJusT&|>^NwWx#7L + + diff --git a/examples/digitalidentity/public/assets/images/icons/calendar.svg b/examples/digitalidentity/public/assets/images/icons/calendar.svg new file mode 100644 index 00000000..4f6b9bb7 --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/calendar.svg @@ -0,0 +1,5 @@ + + + + + diff --git a/examples/digitalidentity/public/assets/images/icons/chevron-down-grey.svg b/examples/digitalidentity/public/assets/images/icons/chevron-down-grey.svg new file mode 100644 index 00000000..6753becb --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/chevron-down-grey.svg @@ -0,0 +1,7 @@ + + + + + + + diff --git a/examples/digitalidentity/public/assets/images/icons/document.svg b/examples/digitalidentity/public/assets/images/icons/document.svg new file mode 100644 index 00000000..4c41271e --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/document.svg @@ -0,0 +1,3 @@ + + + diff --git a/examples/digitalidentity/public/assets/images/icons/email.svg b/examples/digitalidentity/public/assets/images/icons/email.svg new file mode 100644 index 00000000..c4582d6e --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/email.svg @@ -0,0 +1,14 @@ + + + + + + + + + + + + + + diff --git a/examples/digitalidentity/public/assets/images/icons/gender.svg b/examples/digitalidentity/public/assets/images/icons/gender.svg new file mode 100644 index 00000000..af5c5772 --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/gender.svg @@ -0,0 +1,5 @@ + + + + + diff --git a/examples/digitalidentity/public/assets/images/icons/nationality.svg b/examples/digitalidentity/public/assets/images/icons/nationality.svg new file mode 100644 index 00000000..e57d7522 --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/nationality.svg @@ -0,0 +1,3 @@ + + + diff --git a/examples/digitalidentity/public/assets/images/icons/phone.svg b/examples/digitalidentity/public/assets/images/icons/phone.svg new file mode 100644 index 00000000..b19cce04 --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/phone.svg @@ -0,0 +1,3 @@ + + + diff --git a/examples/digitalidentity/public/assets/images/icons/profile.svg b/examples/digitalidentity/public/assets/images/icons/profile.svg new file mode 100644 index 00000000..5c514fc1 --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/profile.svg @@ -0,0 +1,3 @@ + + + diff --git a/examples/digitalidentity/public/assets/images/icons/verified.svg b/examples/digitalidentity/public/assets/images/icons/verified.svg new file mode 100644 index 00000000..7ca4dbb3 --- /dev/null +++ b/examples/digitalidentity/public/assets/images/icons/verified.svg @@ -0,0 +1,6 @@ + + + + + + diff --git a/examples/digitalidentity/public/assets/images/logo.png b/examples/digitalidentity/public/assets/images/logo.png new file mode 100644 index 0000000000000000000000000000000000000000..c60227fabf339e9540e5daac4d2d25e121137752 GIT binary patch literal 2988 zcmV;d3sdxoP)Px=W=TXrRCodHTYGR+)fxZo?%mzIkYEDgl?2c#&jJBdpehy$GAM{5Z>ZDhIR0T< zrqk);pUyZ_ZKvZnw&RQ)|DY&n)lw083ql|vQW+vbK|*+g3C}zrktF-L{eI`>ZtmV} z$nIuCHZwUhH@o-lIp6ut_dDP7+&Csoou;FwC4~f>Nx?-A6G{R-U?kB-(CobEdU9GV zhrICZDzqkf|atnLVsfw< zJE-K})_NScO(0!)+XF^dO5ZkjD>G&LJ>sny*@SF(#9pl*#xss%=(NqTA*$j_Eao=! zxXmv#&57E2G>z7v(@vYe#bG{U27^NJ2mA>5gGlju5R5X!B)@@R0DfNpDJkB_en9$I zo2F^XX;)QMqp7K>1rXuEQTrYA%)x*+RS3%{t8lDD_+2J40>=4bxc9#axP-R95y4^8 z;G6YFz!%#jQG-E&a(8arvK2-9OVp0_ie}88`!viQ+}6|tv9PEZ+ji_!AinoO16D3w zDuDE91qf+XR90f+=B+3@S*}2FIwcGgfLfYp#_ei2>aPKpkHS^H9f1euATWM8^pswa z0SSs^eDxwge+!v-zKM1tV3V@sJ@9=m^U9}yp{_V+N2Rj_!Y3NBe#2+jSF~RV-|cpz z_{#(MRD{M*SS4c-7|=8q4t#YGo40O<-|vUV*5byEs<3hFd!pa;!Fi7q$Lcnhw>@58v8RR6$kxjrnwD3UE<^` zOQC)73j8x)MX>k4a1HTfK<}Mrm?<)^97*%12;M=PZ#o`_q+=W}JerTli)zwWPt7#% z68aex7!(N2$NafZ$p&zssJKM!R%(pP<-o4OLiK#klP!R-|2IdD;-mHdQRNI12>OEi zh7H9F%a@=}AHz(M&h6U`0@`O%@@N5qAW-^k-qm0;7h zZJ>jvro!cg<60S9#cv?^lUD$Dx*<$ah~Uu25F9v8geL%mz~C)S-c7hSzGRpg3R@ho z@A2OQ_Y7zah78d?LRV-exQhy1IIG&wdo{u%Y=_v2;-g2tFrpyY>_+^TqFMX5ZiadKDg?G*LaX{>jT7 zj0xk%;mMiP@#7WltMoiYE2?Zgc z5)cBj{qtQ|y>=aHYiq+aVn|*dRxDl|283cjz&LmQ0xB0nu|HIPgwH8ZUTl7U0R3dwE?cq? zIeoJ&W<>q0{*cb4?y@5v@Ii1JYT;la)=gT6z~CAw^z@8$JUwSNva(uA927GBO1}6CnyR)M%^OXd zLPNeY+fJ1dOFWG=FQ=KQ3%HJem@MI=yR;62!G#hKuQ+v&TQXuxqsicJcWN|f42eyl z@ldO(Mhb6nw3?b)16Ym~5OjB%pc^S2kAwJK7?Kb$jJ3<+ZM)EZA89>w^qHBx)mYm7 z#>OT|7LP^h+U_%!P-<`9G=c|$k%821euqOyBx60`iW@^UGoY={L5Y}vjOhrT|nav){$ z+)~;fD4DyIYr0G8axmyq@^f=VJ0#+2cJ$PiHS0c*y3>xR&fl?xXyDS;9U9$vjBHK)^O&SKf(=h0V6DE3w- zukftjuo0`@U5A^uZW*}=3w=_b@)xX-f}R8hca9(IB)jy!%faC4sS(Umj-Mz~r+aQm z{8&<_GhegzeeBx32S1uJ8DmC`L}u^aAP7A7;Cafa(`QszY$S=|93-y@7W@>!Jjvj@ z5fGF^Qh=ct5#h5$Un}A1DJhSz{zVPpRZ)2v|N3}6)-g<05u5Rnf=kXYLMMQt5s*{3 z;OGSij9W^Q-L56nXV3v#uUMoJ5JC6J%#_l}B8(g{Tt!7@jzU1_*jW$bnLCp^kH_5% zglGekJ8{_lhhBtl^2?H6FmH)vcJ}1}>vgxsCs;GMn<+46!9gj1m^G?sm&Ni*KdE8; zY~^z7lM}=eF+&V-36v%@!{{+|WuT-7bwqDLp4GX}x_a^+1ykoklrN*=lV6~(Ng5%z+jCfe0pylj_%`67Z* zV3Vw0z>y%L%_gim&;M7>?0*|JM?!suSG2;~2yQ&hG*6jgwq`u>I3_64>5LEz9eAvcZJXBC+WsuM8C-H(z6GQ zBtoi{&tMY8Y}Vn3J(}u_buqFs_^}oI=rnm$VSC&eJS3bZRe=24TG$hYjeCpsfs($l-MB=CRu-jS!@!@-~c0000Px~qe(O+IO{fBm{`nU}JlXu>r@}X6&&uGc~CxPbCji z$vpTa?|IK#UQ)@!B$Jv{C85e=Yz78q@G=-1n?VQxS`b>%u5N9ued)gW{v#w>;-1?r z^`h;ZsxDpK( ze1&Nh73GJsM%##D5|^J*2N9-#Cx&!>2N0;tic%iTsH3j!SPCd$?ATYY25v?H1q?Il zsB1fx0ty&A_SLI_n^8ak!;CuW+K#1w0>+Mg^=jZ|6i~o0qmH_^V=173v14Do8n_t+ z6fn%Fqps~(3MgRg*jKLxZbkv~kPx#c*LZDcWSAzWCTU_~ns%3$AzsB#=)@Z9H@f|C zcMlB=4$|JL-4q`ehbRE^FaV=E{GFSgnW6EC3F_|d6#;}jJ?61e)`m|>@4HKSYAJcs z%ZL&(iLBB7nhE&2#obL>&mGdx#-=JMMWkm|lE?9aVYe(3{iKa{lGc3H@H(H=QHSU7 zhtlhzybuv!jJe0@!M%EN4G+=m{5;u{5=F#rOf*8U!&F+^I}qjCLOs2GG&wm%$BrH$ z8)BI>EqEsBMOgXp=m>Q_?xK;gQF6Q8G&(XyE|-fYCMQitqzyHbHrY=!+)9@II{-!w z>GA30O#?_$9Hd)XTIF*)lV)KmY!Al7#1l$V=_FSw2DcB}uOJ3mdVzN{nOeg0T zZEd5z{sD42hpD8vka9A!C?*Eru&j@B@LG%cxjAsYY3k^BOt)^=kkd5;jxoNv8`A$R zZg3R-Jt;g{bbB6A@hhZ*bLh4da1eYj__vOtdl5=KJ4V_#z_*Etjt>CM$v+ypcV1jK z?RR2!#6}cWU@$1UAkLis_;*5#@_H9jSY5tyg>Q6|+1W)l|K>hniYi z=-TIB(eUsv&CJd$RU5j$ys~V1m@E&@6UAo`6+BP+{-2UJ&W?TtFaCwDqdTLfumEFt zbd*}#+NtSbGr7mcu-x-0D3-`NIW+~*YJh6)+@*M1Jf$Wl2esy-8{*odM=b&vOPpe< zE&j{PO^1d@i5E8BskuW(o;yqlHk)5SG6(AE>7|;QTETf{X6DGN%a^YDwz=kG)T_-- z5P28K(su{z1`JqPyc0(z@ zTlat-cXiVgQ($e>ZFYVmy9Q27+Y6dVmIv-1KWiG-Ba!uV`nwppt>$9ad z0*!(5H8eF--TenNH9ZqPQ22IaeugYVEo5o>jI0CoWSJO%NhVBS^leuiFH;~az`$oY zprV75OifSHC!bstrcM@j)>`J~=Bf7HJ^JFS>%^8Qe}yGF4|A{p`q+m0YHI5s_TBJT zZRoGFXf@>`OUJ1ZM<{Z&IzYPm<4ptCU5UHjro zp%}mUS7#_aB{d++(V){w?XV7A{^Oqju<7M0Wd}BhZ25V)boPzYl%A0$wTQ9xiAA$7 zzrGGJs!vv(;rVEopcA3Ll$VxJD#j5PA4k#AQ8YO*MGX9o&MtC~PrxwXzrWmoHa#kQ z68iOjCjIq)B0ZLu#mcQ}S}d$uS=Hcd!2YuJjqk@dQ22597(YJdL*3`RXP&Grm+|F* zg~+H_tmG+rnaGxgXV>P3(v$PyyD2fMbyJ=T3otlwLV7wAPp1Rb)pWnUUWiouwKgiO zn6s}#>+Pl6kmX-|{wO6TCP4m|6W;|TxCP=`L*qmEDPRVa)VEr$*>t{R90l6v(qxK;eMRdzvgG9i%`0hCC%Fh@#~Bh7M)jlT}4p zLI&x}!_$C+#eZ1GS~^}FIiFv=ra^?$+pZ!>fH5$1ybo`7HBo92aJDw5Bm-KHg&|>! zl&}DU#~vRaPwc>Z?#N-GLyWn{Xko!v-{AXM7a4_aQd4`EN{R}=JsctlgJt=v$9JIs zL<Y1Jj&;P_Zhu+?k!>kzrDHSmH#ff*Uv@JfbKNN^c6$BQ6LjYF*Xhs! zd`SZ+%w3Z0b~<|GkoYw;J*0bZe*Wig{~M-YSj}W?72vRReNWc*>*UQljBt|j09sSG ztd{~|1;$dRD$C1>eF5zqotShtO?3{Q7vtk@y85SU0vK<+afXt>eYlLl^vkmUh0iVu zIbAx5o-`Z<5TvH0(EI1!rX1)y{!-hp)oEbRNwu}L@Yu__8;gqU5Bca4HbQv$K=By1Hp#!08thtnB9HW+8)O0TmzwgyW+Y zEiwijTRx>Drpif!gD%v+d~(GB<0>;FT} zT<81m{g6sw>TN~{$_y-7Mx09)HQfC{c3DoxCM=#UBMC3JmUy6)$pM70ijS zC9)FDI)_Md-R^q@BE}#Zn8^Gta3L z0aGAiqSSJaAday3QC3z$hY#(i`Gbs)8=SX4-HSuA9xhZ@qbjqQRk_xENM8#~%o!vDaAFkoX){ zKA`?vD+R*$hW+#;0hXo=_!de^iYW_nJ1gkxE$r*afhpGEa8Ln$v9YlM=oC*|V{SAG zi`TqNOaqt`;LT4RZ9ibMY$;7Um_Gg~Df)O7eZ#{0l|<)Ubqy0;^$UH@zh z0eRTJaA4manukL9_18DVq8~Gzej&mb zJ@{3UB!omIE6s@BydLT#93?hrWS4v!TG? z4qBlXJa=$EVc#a9bKI(_38dfR9xF`0NlA7n!|%YKP`qe;3i#=#H!{Z}1Hn}uT1u8aX%!@vNHX)HeCwv7rq)L2yGHX~KI&FqW}j7#FFN1w$~ zQU0q+$SJU4I>zdeBtooWAA#^Br>8>aFrS31pt7H$5IO~KY_o1qpd&(;g(+BAzE*b( z{{y>1$KddiNEL1=9(oO1@r(<4Ew;*1z%ZsyaA!B3WBBx+?f8ce9VGY66n+2QEgBga z^|`w8@Z^bC5SHPf^dQ19mTSb^nn89ADaQaHSY(UjCY=oQMEGN*7CYt?3sXR~0><)t z4B^41;TTI}Vsm8)ywzqAuzYV3?ny%&R7eUw&(T`6lZg{mvSt&#Mok`{s{)e2;#Hklhn7i z&>VA{qgbONGYBw&^wIYm3d!KGjCFia+HvlC(ZvL&!OOx2#)B&^a?uP_Yc z=Y_zkFsI1ClGJF4Y1D(2hqrFmiggl^(lh3f=F!{2U?e(ax((0R!)x{SzEY5{*y{Sz%e9^H%Yijc^)Bx$X(9Lutg4S56INXpLok zo1KmJToraMdtpJISHJ)P1;@w*$3S8OGb_)PYoAkHeFH+%XM!ZV{P7tih3i7Ll#743 zD%PJE-l+i;F$q}ry$b+Q9K(=CL7tR}WD?QFSMtX88jd_!vTtMC&WDD6s>1cu`OoS^?z<5G% zj?(3ob37G!9}lC#YtcDf59mcou*8b;e=_w{h$BC zE=q2C`S>x!cO5`l&V{LMTdRS~|V@$`9zmrAy|M6r#?>%a`ddcWxs!P&xhW&;N#Y zSL_NH9PGerZfT|SpIpFp36I3?Pd;6F_7HlINWY0aGZeRYmOP<8qkyrBqP&E4@182U zhkUz_kp|SC1~m9{qcmXt6C>RQOjB`t8p)zd-?G)eGj$D>)x+b@e`>Wb+<- ztOLjjrxo>hWu^MNRYr>A&^iIr^^XoI1OqH z;#9Pa^d#s$j+e*_Gp#C-p@7`{5}EclXDg8B?NFxAy!INMK6w%Wh8rikc*;(br~0Sl z*?o3%(rTObN&&;<#U>{wiJZG1y#KDqZWytptwPaGBF~{;khl6rZH z$MEy^IlWIB0t{aSFj#r!jWjusa29)rb0+qX6mSU6L90h0{wbxH^o$D9E6MWlnMK?3>hwEtorCa=r2GO>B=m92#)I(&R;2e|`5mu3*{WBbneEPc&KQzrP#oK#Dx^S>zHul!z%p`kZwPFWdPyc|}ube|V zX0TshAl566h}CWB;0(LOo_6f8(=&H3?&U3(t8NS^^q6>>|IvSdtj58MB2EjS4M#+; z&YUtSpXQ2RmcP~rMiOs2V6f!CSxml_YJzu;TtSN;hYhC#=HMpi z!`AEqxJM=j9pblC>KmFwCJ{4W=p`pf&pkk1TZmHsEH$qFhLi#d7$GEQVqyZq(9QS7 zV?gK%6d|N~c&geMVKzKtQMD=xgp2|T7$GC2s%Se=KmlVry-hWikWoMZBV?ph6>TR9 zC}3=-x2eVwG72bQgp8D`qU}Th1&r85 zGE%CFwi5+RLqd3=zH4ZhVxptvd%eJ?CnTjg2+SbsWY~Y^|zik&xM6WfW*xV5=0&B&sM1C<^#eAj+fDZ+uUvV?_Z)0iyp0%kz + */ + +define('LARAVEL_START', microtime(true)); + +/* +|-------------------------------------------------------------------------- +| Register The Auto Loader +|-------------------------------------------------------------------------- +| +| Composer provides a convenient, automatically generated class loader for +| our application. We just need to utilize it! We'll simply require it +| into the script here so that we don't have to worry about manual +| loading any of our classes later on. It feels great to relax. +| +*/ + +require __DIR__.'/../vendor/autoload.php'; + +/* +|-------------------------------------------------------------------------- +| Turn On The Lights +|-------------------------------------------------------------------------- +| +| We need to illuminate PHP development, so let us turn on the lights. +| This bootstraps the framework and gets it ready for use, then it +| will load up this application so that we can run it and send +| the responses back to the browser and delight our users. +| +*/ + +$app = require_once __DIR__.'/../bootstrap/app.php'; + +/* +|-------------------------------------------------------------------------- +| Run The Application +|-------------------------------------------------------------------------- +| +| Once we have the application, we can handle the incoming request +| through the kernel, and send the associated response back to +| the client's browser allowing them to enjoy the creative +| and wonderful application we have prepared for them. +| +*/ + +$kernel = $app->make(Illuminate\Contracts\Http\Kernel::class); + +$response = $kernel->handle( + $request = Illuminate\Http\Request::capture() +); + +$response->send(); + +$kernel->terminate($request, $response); diff --git a/examples/digitalidentity/public/robots.txt b/examples/digitalidentity/public/robots.txt new file mode 100644 index 00000000..eb053628 --- /dev/null +++ b/examples/digitalidentity/public/robots.txt @@ -0,0 +1,2 @@ +User-agent: * +Disallow: diff --git a/examples/digitalidentity/resources/views/advancedidentity.blade.php b/examples/digitalidentity/resources/views/advancedidentity.blade.php new file mode 100644 index 00000000..289e9e1e --- /dev/null +++ b/examples/digitalidentity/resources/views/advancedidentity.blade.php @@ -0,0 +1,89 @@ + + + + + + + {{ $title }} + + + + + +
+
+
+ + Yoti + +
+

Digital Identity(Advanced) Share Example

+ +
+
+
+ +
+ +
+

The Yoti app is free to download and use:

+ +
+ + Download on the App Store + + + + get it on Google Play + +
+
+
+ + + + diff --git a/examples/digitalidentity/resources/views/dbs.blade.php b/examples/digitalidentity/resources/views/dbs.blade.php new file mode 100644 index 00000000..1359cc7c --- /dev/null +++ b/examples/digitalidentity/resources/views/dbs.blade.php @@ -0,0 +1,89 @@ + + + + + + + {{ $title }} + + + + + +
+
+
+ + Yoti + +
+

Digital Identity DBS Ckeck Example

+ +
+
+
+ +
+ +
+

The Yoti app is free to download and use:

+ +
+ + Download on the App Store + + + + get it on Google Play + +
+
+
+ + + + diff --git a/examples/digitalidentity/resources/views/identity.blade.php b/examples/digitalidentity/resources/views/identity.blade.php new file mode 100644 index 00000000..de3cd057 --- /dev/null +++ b/examples/digitalidentity/resources/views/identity.blade.php @@ -0,0 +1,89 @@ + + + + + + + {{ $title }} + + + + + +
+
+
+ + Yoti + +
+

Digital Identity Share Example

+ +
+
+
+ +
+ +
+

The Yoti app is free to download and use:

+ +
+ + Download on the App Store + + + + get it on Google Play + +
+
+
+ + + + diff --git a/examples/digitalidentity/resources/views/partial/address.blade.php b/examples/digitalidentity/resources/views/partial/address.blade.php new file mode 100644 index 00000000..8e0465c9 --- /dev/null +++ b/examples/digitalidentity/resources/views/partial/address.blade.php @@ -0,0 +1,8 @@ + + @foreach ($address as $key => $value) + + + + + @endforeach +
{{ $key }}{{ $value }}
\ No newline at end of file diff --git a/examples/digitalidentity/resources/views/partial/ageverification.blade.php b/examples/digitalidentity/resources/views/partial/ageverification.blade.php new file mode 100644 index 00000000..e53e1b31 --- /dev/null +++ b/examples/digitalidentity/resources/views/partial/ageverification.blade.php @@ -0,0 +1,14 @@ + + + + + + + + + + + + + +
Check Type{{ $ageVerification->getCheckType() }}
Age{{ $ageVerification->getAge() }}
Result{{ $ageVerification->getResult() ? 'true' : 'false' }}
\ No newline at end of file diff --git a/examples/digitalidentity/resources/views/partial/attribute.blade.php b/examples/digitalidentity/resources/views/partial/attribute.blade.php new file mode 100644 index 00000000..ecfedecd --- /dev/null +++ b/examples/digitalidentity/resources/views/partial/attribute.blade.php @@ -0,0 +1,13 @@ +@if ($value instanceof Yoti\Profile\Attribute\MultiValue) + @foreach ($value as $multiValue) + @include('partial/attribute', ['value' => $multiValue]) + @endforeach +@elseif ($value instanceof \Yoti\Media\Image) + +@elseif ($value instanceof \Yoti\Profile\Attribute\DocumentDetails) + @include('partial/documentdetails', ['documentDetails' => $value]) +@elseif ($value instanceof \DateTime) { + {{ $value->format('d-m-Y') }} +@else + {{ $value }} +@endif \ No newline at end of file diff --git a/examples/digitalidentity/resources/views/partial/documentdetails.blade.php b/examples/digitalidentity/resources/views/partial/documentdetails.blade.php new file mode 100644 index 00000000..6ad2f91f --- /dev/null +++ b/examples/digitalidentity/resources/views/partial/documentdetails.blade.php @@ -0,0 +1,18 @@ + + + + + + + + + + + + + + + + + +
Type{{ $documentDetails->getType() }}
Issuing Country{{ $documentDetails->getIssuingCountry() }}
Document Number{{ $documentDetails->getDocumentNumber() }}
Expiration Date{{ $documentDetails->getExpirationDate()->format('d-m-Y') }}
\ No newline at end of file diff --git a/examples/digitalidentity/resources/views/partial/report.blade.php b/examples/digitalidentity/resources/views/partial/report.blade.php new file mode 100644 index 00000000..ec1dc60d --- /dev/null +++ b/examples/digitalidentity/resources/views/partial/report.blade.php @@ -0,0 +1,54 @@ +@if (isset($key) && is_array($key)) + @foreach ($report as $key => $value) + + + + + + + + @foreach ($value as $name => $result) + @if (isset($result) && is_array($result)) + @foreach ($result as $data => $view) + @if (is_array($view)) + @foreach ($view as $key2 => $value2) + @if (is_array($value2)) + {{json_encode($value2)}} + @else + + + + @endif + @endforeach + @else + + + + @endif + @endforeach + @else + + + + @endif + @endforeach + + +
+

{{ $key }}

+
{{ $key2 }}
{{ $value2 }}
{{ $data }}
{{ $view }}
{{ $name }}
{{ $result }}
+ @endforeach +@else + + @foreach ($report as $key => $value) + + + + @endforeach +
+ {{ $key }}
+
+                        {!! json_encode($value, JSON_PRETTY_PRINT) !!}
+                    
+
+@endif diff --git a/examples/digitalidentity/resources/views/receipt.blade.php b/examples/digitalidentity/resources/views/receipt.blade.php new file mode 100644 index 00000000..b166dbdd --- /dev/null +++ b/examples/digitalidentity/resources/views/receipt.blade.php @@ -0,0 +1,133 @@ + + + + + + Yoti client example + + + + + +
+
+ +
+ Powered by + + + +
+ +
+ @if ($selfie) +
+ Yoti + +
+ @endif + + @if ($fullName) +
+ {{ $fullName->getValue() }} +
+ @endif +
+
+ +
+ + + + + @if ($error) +
+
Errors
+
+
+
+
Audit Id
+
{{ $error->getRequirementNotMetDetails()->getAuditId() }}
+
+
+
Details
+
{{ $error->getRequirementNotMetDetails()->getDetails() }}
+
+
+
Failure Type
+
{{ $error->getRequirementNotMetDetails()->getFailureType() }}
+
+
+
Document Type
+
{{ $error->getRequirementNotMetDetails()->getDocumentType() }}
+
+
+
Country
+
{{ $error->getRequirementNotMetDetails()->getDocumentCountryIsoCode() }}
+
+ + @endif +
+
Attribute
+
Value
+
Anchors
+
+ +
+
+
S / V
+
Value
+
Sub type
+
+
+ +
+ @if(@$profileAttributes) + @foreach($profileAttributes as $item) + @if ($item['obj']) +
+
+
+ + {{ $item['name'] }} +
+
+
+
+ @switch ($item['name']) + @case ('Age Verification') + @include('partial/ageverification', ['ageVerification' => $item['age_verification']]) + @break + @case ('Structured Postal Address') + @include('partial/address', ['address' => $item['obj']->getValue()]) + @break + @case ('Identity Profile Report') + @include('partial/report', ['report' => $item['obj']->getValue()]) + @break + @default + @include('partial/attribute', ['value' => $item['obj']->getValue()]) + @endswitch +
+
+
+
S / V
+
Value
+
Sub type
+ + @foreach($item['obj']->getAnchors() as $anchor) +
{{ $anchor->getType() }}
+
{{ $anchor->getValue() }}
+
{{ $anchor->getSubType() }}
+ @endforeach + +
+
+ @endif + @endforeach + @endif +
+
+
+ + + diff --git a/examples/digitalidentity/routes/api.php b/examples/digitalidentity/routes/api.php new file mode 100644 index 00000000..bcb8b189 --- /dev/null +++ b/examples/digitalidentity/routes/api.php @@ -0,0 +1,19 @@ +get('/user', function (Request $request) { + return $request->user(); +}); diff --git a/examples/digitalidentity/routes/channels.php b/examples/digitalidentity/routes/channels.php new file mode 100644 index 00000000..963b0d21 --- /dev/null +++ b/examples/digitalidentity/routes/channels.php @@ -0,0 +1,18 @@ +id === (int) $id; +}); diff --git a/examples/digitalidentity/routes/console.php b/examples/digitalidentity/routes/console.php new file mode 100644 index 00000000..da55196d --- /dev/null +++ b/examples/digitalidentity/routes/console.php @@ -0,0 +1,19 @@ +comment(Inspiring::quote()); +})->describe('Display an inspiring quote'); diff --git a/examples/digitalidentity/routes/web.php b/examples/digitalidentity/routes/web.php new file mode 100644 index 00000000..3fb377e7 --- /dev/null +++ b/examples/digitalidentity/routes/web.php @@ -0,0 +1,22 @@ +withSources($searchProfileSources) ->withShareUrl(false) ->withRemoveDeceased(true) - ->withApiKey('qiKTHG7Mgqj31mK2d21F7QPpaVBp9zKc') + ->withApiKey('api-key') ->withClientRef("string") ->withMonitoring(true) ->withTags(['tag1']) @@ -77,18 +77,30 @@ public function show(Request $request, DocScanClient $client) ->withRemoveDeceased(true) ->build(); + //Identity Profile Requeirements Object + /*$identityProfileRequirements = (object)[ + 'trust_framework' => 'UK_TFIDA', + 'scheme' => [ + 'type' => 'DBS', + 'objective' => 'BASIC' + ] + ];*/ $sessionSpec = (new SessionSpecificationBuilder()) ->withClientSessionTokenTtl(600) - ->withResourcesTtl(90000) + ->withResourcesTtl(604800) ->withUserTrackingId('some-user-tracking-id') + //For Identity Profile Requirements Object + //->withBlockBiometricConsent(false) //User needs to provide consent for the liveness detection + //->withIdentityProfileRequirements($identityProfileRequirements) ->withRequestedCheck( (new RequestedDocumentAuthenticityCheckBuilder()) ->build() ) ->withRequestedCheck( (new RequestedLivenessCheckBuilder()) - ->forZoomLiveness() + ->forStaticLiveness() + ->withMaxRetries(3) ->build() ) ->withRequestedCheck( @@ -98,7 +110,7 @@ public function show(Request $request, DocScanClient $client) ) ->withRequestedCheck( (new RequestedFaceMatchCheckBuilder()) - ->withManualCheckAlways() + ->withManualCheckFallback() ->build() ) ->withRequestedCheck( @@ -116,20 +128,20 @@ public function show(Request $request, DocScanClient $client) ) ->withRequestedTask( (new RequestedTextExtractionTaskBuilder()) - ->withManualCheckAlways() + ->withManualCheckFallback() ->withChipDataDesired() ->withCreateExpandedDocumentFields(true) ->build() ) ->withRequestedTask( (new RequestedSupplementaryDocTextExtractionTaskBuilder()) - ->withManualCheckAlways() + ->withManualCheckFallback() ->build() ) ->withSdkConfig( (new SdkConfigBuilder()) ->withAllowsCameraAndUpload() - ->withPrimaryColour('#2d9fff') + ->withPrimaryColour('#2875BC') ->withSecondaryColour('#FFFFFF') ->withFontColour('#FFFFFF') ->withLocale('en-GB') diff --git a/examples/doc-scan/resources/views/success.blade.php b/examples/doc-scan/resources/views/success.blade.php index 0e49c218..63b0b486 100644 --- a/examples/doc-scan/resources/views/success.blade.php +++ b/examples/doc-scan/resources/views/success.blade.php @@ -293,7 +293,61 @@ @endif - + @if (isset($sessionResult)) + @if ($sessionResult->getIdentityProfile() != null) + @if ($sessionResult->getIdentityProfile()->getFailureReason() != null) + @if ($sessionResult->getIdentityProfile()->getFailureReason()->getReasonCode()) +
+
+

Identity Result Error

+
+
+ @if ($sessionResult->getIdentityProfile()->getFailureReason()->getReasonCode()) + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Reason Code + {{$sessionResult->getIdentityProfile()->getFailureReason()->getReasonCode()}} +
Failure Type + {{$sessionResult->getIdentityProfile()->getFailureReason()->getRequirementNotMetDetails()->getFailureType()}} +
Details + {{$sessionResult->getIdentityProfile()->getFailureReason()->getRequirementNotMetDetails()->getDetails()}} +
Audit Id + {{$sessionResult->getIdentityProfile()->getFailureReason()->getRequirementNotMetDetails()->getAuditId()}} +
Country ISO Code + {{$sessionResult->getIdentityProfile()->getFailureReason()->getRequirementNotMetDetails()->getDocumentCountryIsoCode()}} +
Document Type + {{$sessionResult->getIdentityProfile()->getFailureReason()->getRequirementNotMetDetails()->getDocumentType()}} +
+ @endif + @endif + @endif + @endif + @endif @if (count($sessionResult->getResources()->getIdDocuments()) > 0)
diff --git a/examples/profile/app/Http/Controllers/AdvancedIdentityController.php b/examples/profile/app/Http/Controllers/AdvancedIdentityController.php new file mode 100644 index 00000000..25596559 --- /dev/null +++ b/examples/profile/app/Http/Controllers/AdvancedIdentityController.php @@ -0,0 +1,68 @@ + [(object)[ + + "trust_framework" => "YOTI_GLOBAL", + "schemes" => [(object)[ + + "label" => "identity-AL-L1", + "type" => "IDENTITY", + "objective" => "AL_L1" + ], + [ + "label" => "identity-AL-M1", + "type" => "IDENTITY", + "objective" => "AL_M1" + ] + ] + ] + ] + ] + ; + + $policy = (new DynamicPolicyBuilder()) + ->withAdvancedIdentityProfileRequirements($advancedIdentityProfileJson) + ->build(); + + $dynamicScenario = (new DynamicScenarioBuilder()) + ->withCallbackEndpoint("/profile") + ->withPolicy($policy) + ->withSubject((object)[ + 'subject_id' => "some_subject_id_string" + ]) + ->build(); + + return view('advanced', [ + 'title' => 'Advanced Identity Share Example', + 'buttonConfig' => [ + 'elements' => [ + [ + 'domId' => 'yoti-share-button', + 'clientSdkId' => config('yoti')['client.sdk.id'], + 'shareUrl' => $client->createShareUrl($dynamicScenario)->getShareUrl(), + 'button' => [ + 'label' => 'Use Yoti', + 'align' => 'center', + 'width' => 'auto', + 'verticalAlign' => 'top' + ], + 'type' => 'modal' + ] + ] + ] + ]); + } +} diff --git a/examples/profile/resources/views/advanced.blade.php b/examples/profile/resources/views/advanced.blade.php new file mode 100644 index 00000000..f158d88b --- /dev/null +++ b/examples/profile/resources/views/advanced.blade.php @@ -0,0 +1,65 @@ + + + + + + + {{ $title }} + + + + + +
+
+
+ + Yoti + +
+ +

{{ $title }}

+ +
+
+
+ + + + +
+ +
+

The Yoti app is free to download and use:

+ +
+ + Download on the App Store + + + + Yoti + +
+
+
+ + + + + + \ No newline at end of file diff --git a/examples/profile/resources/views/partial/report.blade.php b/examples/profile/resources/views/partial/report.blade.php index 707abe99..d3466436 100644 --- a/examples/profile/resources/views/partial/report.blade.php +++ b/examples/profile/resources/views/partial/report.blade.php @@ -1,40 +1,54 @@ -@foreach ($report as $key => $value) - - - - - - - - @if (isset($value) && is_array($value)) - @foreach ($value as $name => $result) - @if (is_array($result)) - @foreach ($result as $data => $view) - @if (is_array($view)) - @foreach ($view as $key2 => $value2) - @if (is_array($value2)) - {{json_encode($value2)}} - @else - - - - @endif - @endforeach - @else - - - - @endif - @endforeach - @else - +@if (isset($key) && is_array($key)) + @foreach ($report as $key => $value) +
-

{{ $key }}

-
{{ $key2 }}
{{ $value2 }}
{{ $data }}
{{ $view }}
+ + + + + + + @foreach ($value as $name => $result) + @if (isset($result) && is_array($result)) + @foreach ($result as $data => $view) + @if (is_array($view)) + @foreach ($view as $key2 => $value2) + @if (is_array($value2)) + {{json_encode($value2)}} + @else + + + + @endif + @endforeach + @else + + + + @endif + @endforeach + @else + - - @endif + + @endif + @endforeach + + +
+

{{ $key }}

+
{{ $key2 }}
{{ $value2 }}
{{ $data }}
{{ $view }}
{{ $name }}
{{ $result }}
+ @endforeach +@else + + @foreach ($report as $key => $value) + + + @endforeach - @endif -
+ {{ $key }}
+
+                        {!! json_encode($value, JSON_PRETTY_PRINT) !!}
+                    
+
- @endforeach +@endif \ No newline at end of file diff --git a/examples/profile/routes/web.php b/examples/profile/routes/web.php index 9565f235..4a577e36 100644 --- a/examples/profile/routes/web.php +++ b/examples/profile/routes/web.php @@ -20,3 +20,4 @@ Route::get('/dynamic-share', 'DynamicShareController@show'); Route::get('/dbs-check', 'DbsCheckController@show'); +Route::get('/advanced-identity', 'AdvancedIdentityController@show'); diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon index e69de29b..c369e4e0 100644 --- a/phpstan-baseline.neon +++ b/phpstan-baseline.neon @@ -0,0 +1,3 @@ +parameters: + ignoreErrors: + - '#Variable property access on (.*)#' diff --git a/src/Constants.php b/src/Constants.php index 300def72..b1cb4499 100644 --- a/src/Constants.php +++ b/src/Constants.php @@ -15,6 +15,12 @@ class Constants /** Environment variable to override the default API URL */ public const ENV_API_URL = 'YOTI_API_URL'; + /** Default Digital Identity API URL */ + public const DIGITAL_IDENTITY_API_URL = self::API_BASE_URL . '/share'; + + /** Environment variable to override the default Digital Identity API URL */ + public const ENV_DIGITAL_IDENTITY_API_URL = 'YOTI_DIGITAL_IDENTITY_API_URL'; + /** Default Doc Scan API URL */ public const DOC_SCAN_API_URL = self::API_BASE_URL . '/idverify/v1'; @@ -25,7 +31,7 @@ class Constants public const SDK_IDENTIFIER = 'PHP'; /** Default SDK version */ - public const SDK_VERSION = '4.2.2'; + public const SDK_VERSION = '4.3.0'; /** Base url for connect page (user will be redirected to this page eg. baseurl/app-id) */ public const CONNECT_BASE_URL = 'https://www.yoti.com/connect'; diff --git a/src/DigitalIdentityClient.php b/src/DigitalIdentityClient.php new file mode 100644 index 00000000..0125cd96 --- /dev/null +++ b/src/DigitalIdentityClient.php @@ -0,0 +1,119 @@ + + */ +class DigitalIdentityClient +{ + private DigitalIdentityService $digitalIdentityService; + public string $id = ''; + /** + * DigitalIdentityClient constructor. + * + * @param string $sdkId + * The SDK identifier generated by Yoti Hub when you create your app. + * @param string $pem + * PEM file path or string + * @param array $options (optional) + * SDK configuration options - {@see \Yoti\Util\Config} for available options. + * + * @throws PemFileException + */ + public function __construct( + string $sdkId, + string $pem, + array $options = [] + ) { + Validation::notEmptyString($sdkId, 'SDK ID'); + $pemFile = PemFile::resolveFromString($pem); + + // Set API URL from environment variable. + $options[Config::API_URL] = $options[Config::API_URL] ?? Env::get(Constants::ENV_DIGITAL_IDENTITY_API_URL); + + $config = new Config($options); + + $this->digitalIdentityService = new DigitalIdentityService($sdkId, $pemFile, $config); + $this->id = $sdkId; + } + + /** + * Create a sharing session to initiate a sharing process based on a policy + * + * @throws DigitalIdentityException + * + * Aggregate exception signalling issues during the call + */ + public function createShareSession(ShareSessionRequest $request): Identity\ShareSessionCreated + { + return $this->digitalIdentityService->createShareSession($request); + } + + /** + * Create a sharing session QR code to initiate a sharing process based on a policy + * + * @throws DigitalIdentityException + * + * Aggregate exception signalling issues during the call + */ + public function createShareQrCode(string $sessionId): Identity\ShareSessionCreatedQrCode + { + return $this->digitalIdentityService->createShareQrCode($sessionId); + } + + /** + * Retrieve the sharing session QR code + * + * @throws DigitalIdentityException + * + * Aggregate exception signalling issues during the call + */ + public function fetchShareQrCode(string $qrCodeId): Identity\ShareSessionFetchedQrCode + { + return $this->digitalIdentityService->fetchShareQrCode($qrCodeId); + } + + /** + * Retrieve the sharing session + * + * @throws DigitalIdentityException + * + * Aggregate exception signalling issues during the call + */ + public function fetchShareSession(string $sessionId): Identity\ShareSessionFetched + { + return $this->digitalIdentityService->fetchShareSession($sessionId); + } + + /** + * Retrieve the decrypted share receipt. + * + * @throws DigitalIdentityException + * + * Aggregate exception signalling issues during the call + */ + public function fetchShareReceipt(string $receiptId): Identity\Receipt + { + return $this->digitalIdentityService->fetchShareReceipt($receiptId); + } + + public function getSdkID(): string + { + return $this->id; + } +} diff --git a/src/DocScan/Session/Create/SdkConfig.php b/src/DocScan/Session/Create/SdkConfig.php index 51b85112..a3c8086d 100644 --- a/src/DocScan/Session/Create/SdkConfig.php +++ b/src/DocScan/Session/Create/SdkConfig.php @@ -95,7 +95,6 @@ public function __construct( ?bool $allowHandoff = null, ?array $idDocumentTextDataExtractionRetriesConfig = null, ?string $biometricConsentFlow = null - ) { $this->allowedCaptureMethods = $allowedCaptureMethods; $this->primaryColour = $primaryColour; @@ -111,7 +110,6 @@ public function __construct( $this->attemptsConfiguration = new AttemptsConfiguration($idDocumentTextDataExtractionRetriesConfig); } $this->biometricConsentFlow = $biometricConsentFlow; - } /** diff --git a/src/DocScan/Session/Create/Task/RequestedTextExtractionTaskBuilder.php b/src/DocScan/Session/Create/Task/RequestedTextExtractionTaskBuilder.php index 174828f9..802e1a51 100644 --- a/src/DocScan/Session/Create/Task/RequestedTextExtractionTaskBuilder.php +++ b/src/DocScan/Session/Create/Task/RequestedTextExtractionTaskBuilder.php @@ -62,11 +62,8 @@ public function withManualCheck(string $manualCheck): self * @var bool */ private $createExpandedDocumentFields; - /** - * - * @param string $createExpandedDocumentFields - * + * @param bool $createExpandedDocumentFields * @return $this */ public function withCreateExpandedDocumentFields(bool $createExpandedDocumentFields): self @@ -82,8 +79,11 @@ public function build(): RequestedTextExtractionTask { Validation::notEmptyString($this->manualCheck, 'manualCheck'); - $config = new RequestedTextExtractionTaskConfig($this->manualCheck, $this->chipData, - $this->createExpandedDocumentFields); + $config = new RequestedTextExtractionTaskConfig( + $this->manualCheck, + $this->chipData, + $this->createExpandedDocumentFields + ); return new RequestedTextExtractionTask($config); } } diff --git a/src/DocScan/Session/Create/Task/RequestedTextExtractionTaskConfig.php b/src/DocScan/Session/Create/Task/RequestedTextExtractionTaskConfig.php index 7e5716d1..b124b343 100644 --- a/src/DocScan/Session/Create/Task/RequestedTextExtractionTaskConfig.php +++ b/src/DocScan/Session/Create/Task/RequestedTextExtractionTaskConfig.php @@ -29,8 +29,11 @@ class RequestedTextExtractionTaskConfig implements RequestedTaskConfigInterface * @param string|null $chipData * @param bool|null $createExpandedDocumentFields */ - public function __construct(string $manualCheck, ?string $chipData = null, ?bool $createExpandedDocumentFields = false) - { + public function __construct( + string $manualCheck, + ?string $chipData = null, + ?bool $createExpandedDocumentFields = false + ) { $this->manualCheck = $manualCheck; $this->chipData = $chipData; $this->createExpandedDocumentFields = $createExpandedDocumentFields; diff --git a/src/DocScan/Session/Retrieve/GetSessionResult.php b/src/DocScan/Session/Retrieve/GetSessionResult.php index 919053c3..857e3263 100644 --- a/src/DocScan/Session/Retrieve/GetSessionResult.php +++ b/src/DocScan/Session/Retrieve/GetSessionResult.php @@ -313,7 +313,11 @@ function ($checkResponse) use ($class): bool { public function getIdentityProfile(): ?IdentityProfileResponse { - return $this->identityProfile; + if (isset($this->identityProfile)) { + return $this->identityProfile; + } else { + return null; + } } public function getIdentityProfilePreview(): ?IdentityProfilePreviewResponse diff --git a/src/DocScan/Session/Retrieve/IdDocumentResourceResponse.php b/src/DocScan/Session/Retrieve/IdDocumentResourceResponse.php index 6d9dc824..6a25f006 100644 --- a/src/DocScan/Session/Retrieve/IdDocumentResourceResponse.php +++ b/src/DocScan/Session/Retrieve/IdDocumentResourceResponse.php @@ -54,7 +54,6 @@ public function __construct(array $idDocument) $this->documentFields = isset($idDocument['document_fields']) ? new DocumentFieldsResponse($idDocument['document_fields']) : null; - $this->expandedDocumentFields = isset($idDocument['expanded_document_fields']) ? new ExpandedDocumentFieldsResponse($idDocument['expanded_document_fields']) : null; diff --git a/src/DocScan/Session/Retrieve/IdentityProfile/FailureReasonResponse.php b/src/DocScan/Session/Retrieve/IdentityProfile/FailureReasonResponse.php index f674263d..59026c57 100644 --- a/src/DocScan/Session/Retrieve/IdentityProfile/FailureReasonResponse.php +++ b/src/DocScan/Session/Retrieve/IdentityProfile/FailureReasonResponse.php @@ -7,21 +7,32 @@ class FailureReasonResponse /** * @var string */ - private $stringCode; - + private $reasonCode; + /** + * @var RequirementNotMetDetails + */ + private $requirementsNotMetDetails; /** - * @param string $stringCode + * @param array $data */ - public function __construct(string $stringCode) + public function __construct(array $data) { - $this->stringCode = $stringCode; + $this->reasonCode = $data["reason_code"]; + $this->requirementsNotMetDetails = new RequirementNotMetDetails($data["requirements_not_met_details"]); } /** * @return string */ - public function getStringCode(): string + public function getReasonCode(): string + { + return $this->reasonCode; + } + /** + * @return RequirementNotMetDetails + */ + public function getRequirementNotMetDetails(): RequirementNotMetDetails { - return $this->stringCode; + return $this->requirementsNotMetDetails; } } diff --git a/src/DocScan/Session/Retrieve/IdentityProfile/RequirementNotMetDetails.php b/src/DocScan/Session/Retrieve/IdentityProfile/RequirementNotMetDetails.php new file mode 100644 index 00000000..2f9f4113 --- /dev/null +++ b/src/DocScan/Session/Retrieve/IdentityProfile/RequirementNotMetDetails.php @@ -0,0 +1,75 @@ +> $data + */ + public function __construct(array $data) + { + $this->failureType = $data[0]["failure_type"] ?? ''; + $this->details = $data[0]["details"] ?? ''; + $this->auditId = $data[0]["audit_id"] ?? ''; + $this->documentCountryIsoCode = $data[0]["document_country_iso_code"] ?? ''; + $this->documentType = $data[0]["document_type"] ?? ''; + } + + /** + * @return string + */ + public function getFailureType(): string + { + return $this->failureType; + } + /** + * @return string + */ + public function getDetails(): string + { + return $this->details; + } + /** + * @return string + */ + public function getAuditId(): string + { + return $this->auditId; + } + /** + * @return string + */ + public function getDocumentCountryIsoCode(): string + { + return $this->documentCountryIsoCode; + } + /** + * @return string + */ + public function getDocumentType(): string + { + return $this->documentType; + } +} diff --git a/src/DocScan/Session/Retrieve/IdentityProfileResponse.php b/src/DocScan/Session/Retrieve/IdentityProfileResponse.php index b7eb2fd0..06bea9c2 100644 --- a/src/DocScan/Session/Retrieve/IdentityProfileResponse.php +++ b/src/DocScan/Session/Retrieve/IdentityProfileResponse.php @@ -31,11 +31,11 @@ class IdentityProfileResponse */ public function __construct(array $sessionData) { - $this->subjectId = $sessionData['subject_id']; + $this->subjectId = $sessionData['subject_id'] ?? ''; $this->result = $sessionData['result']; if (isset($sessionData['failure_reason'])) { - $this->failureReason = new FailureReasonResponse($sessionData['failure_reason']['reason_code']); + $this->failureReason = new FailureReasonResponse($sessionData['failure_reason']); } if (isset($sessionData['identity_profile_report'])) { @@ -62,7 +62,7 @@ public function getResult(): string /** * @return FailureReasonResponse */ - public function getFailureReason(): FailureReasonResponse + public function getFailureReason(): ?FailureReasonResponse { return $this->failureReason; } diff --git a/src/Exception/DigitalIdentityException.php b/src/Exception/DigitalIdentityException.php new file mode 100644 index 00000000..5e457c54 --- /dev/null +++ b/src/Exception/DigitalIdentityException.php @@ -0,0 +1,9 @@ +wantedAnchors = $wantedAnchors; + + Validation::isBoolean($softPreference, 'soft_preference'); + $this->softPreference = $softPreference; + } + + public function jsonSerialize(): stdClass + { + return (object)[ + 'anchors' => $this->wantedAnchors, + 'soft_preference' => $this->softPreference, + ]; + } + + /** + * @return WantedAnchor[] + */ + public function getWantedAnchors(): array + { + return $this->wantedAnchors; + } + + /** + * @return bool + */ + public function isSoftPreference(): bool + { + return $this->softPreference; + } +} diff --git a/src/Identity/Constraint/SourceConstraint.php b/src/Identity/Constraint/SourceConstraint.php new file mode 100644 index 00000000..cd903789 --- /dev/null +++ b/src/Identity/Constraint/SourceConstraint.php @@ -0,0 +1,43 @@ +type = 'SOURCE'; + + Validation::isArrayOfType($wantedAnchors, [WantedAnchor::class], 'anchors'); + $this->preferredSources = new PreferredSources($wantedAnchors, $softPreference); + } + + public function getType(): string + { + return $this->type; + } + + public function getPreferredSources(): PreferredSources + { + return $this->preferredSources; + } + + public function jsonSerialize(): object + { + return (object)[ + 'type' => $this->getType(), + 'preferred_sources' => $this->getPreferredSources(), + ]; + } +} diff --git a/src/Identity/Constraint/SourceConstraintBuilder.php b/src/Identity/Constraint/SourceConstraintBuilder.php new file mode 100644 index 00000000..59b62e16 --- /dev/null +++ b/src/Identity/Constraint/SourceConstraintBuilder.php @@ -0,0 +1,46 @@ +wantedAnchors = $wantedAnchors; + + return $this; + } + + public function withWantedAnchor(WantedAnchor $wantedAnchor): self + { + $this->wantedAnchors[] = $wantedAnchor; + + return $this; + } + + public function withSoftPreference(bool $softPreference): self + { + $this->softPreference = $softPreference; + + return $this; + } + + public function build(): SourceConstraint + { + return new SourceConstraint($this->wantedAnchors, $this->softPreference); + } +} diff --git a/src/Identity/Content/ApplicationContent.php b/src/Identity/Content/ApplicationContent.php new file mode 100644 index 00000000..8487fc4a --- /dev/null +++ b/src/Identity/Content/ApplicationContent.php @@ -0,0 +1,28 @@ +profile = $profile; + $this->extraData = $extraData; + } + + public function getProfile(): ?ApplicationProfile + { + return $this->profile; + } + + public function getExtraData(): ?ExtraData + { + return $this->extraData; + } +} diff --git a/src/Identity/Content/Content.php b/src/Identity/Content/Content.php new file mode 100644 index 00000000..9cf61c01 --- /dev/null +++ b/src/Identity/Content/Content.php @@ -0,0 +1,45 @@ +profile = $profile; + $this->extraData = $extraData; + } + + public function getProfile(): ?string + { + if (null !== $this->profile) { + $decoded = base64_decode($this->profile, true); + if ($decoded === false) { + throw new EncryptedDataException('Could not decode data'); + } + + return $decoded; + } + + return null; + } + + public function getExtraData(): ?string + { + if (null !== $this->extraData) { + $decoded = base64_decode($this->extraData, true); + if ($decoded === false) { + throw new EncryptedDataException('Could not decode data'); + } + + return $decoded; + } + + return null; + } +} diff --git a/src/Identity/Content/UserContent.php b/src/Identity/Content/UserContent.php new file mode 100644 index 00000000..a32c2dfd --- /dev/null +++ b/src/Identity/Content/UserContent.php @@ -0,0 +1,28 @@ +profile = $profile; + $this->extraData = $extraData; + } + + public function getProfile(): ?UserProfile + { + return $this->profile; + } + + public function getExtraData(): ?ExtraData + { + return $this->extraData; + } +} diff --git a/src/Identity/DigitalIdentityService.php b/src/Identity/DigitalIdentityService.php new file mode 100644 index 00000000..344b18c7 --- /dev/null +++ b/src/Identity/DigitalIdentityService.php @@ -0,0 +1,170 @@ +sdkId = $sdkId; + $this->pemFile = $pemFile; + $this->config = $config; + } + + public function createShareSession(ShareSessionRequest $shareSessionRequest): ShareSessionCreated + { + $response = (new RequestBuilder($this->config)) + ->withBaseUrl($this->config->getApiUrl() ?? Constants::DIGITAL_IDENTITY_API_URL) + ->withEndpoint(self::IDENTITY_SESSION_CREATION) + ->withHeader('X-Yoti-Auth-Id', $this->sdkId) + ->withPost() + ->withPayload(Payload::fromJsonData($shareSessionRequest)) + ->withPemFile($this->pemFile) + ->build() + ->execute(); + + $httpCode = $response->getStatusCode(); + if ($httpCode < 200 || $httpCode > 299) { + throw new DigitalIdentityException("Server responded with {$httpCode}", $response); + } + + return new ShareSessionCreated(Json::decode((string)$response->getBody())); + } + + public function createShareQrCode(string $sessionId): ShareSessionCreatedQrCode + { + $response = (new RequestBuilder($this->config)) + ->withBaseUrl($this->config->getApiUrl() ?? Constants::DIGITAL_IDENTITY_API_URL) + ->withEndpoint(sprintf(self::IDENTITY_SESSION_QR_CODE_CREATION, $sessionId)) + ->withHeader('X-Yoti-Auth-Id', $this->sdkId) + ->withPost() + ->withPemFile($this->pemFile) + ->build() + ->execute(); + + $httpCode = $response->getStatusCode(); + if ($httpCode < 200 || $httpCode > 299) { + throw new DigitalIdentityException("Server responded with {$httpCode}", $response); + } + + return new ShareSessionCreatedQrCode(Json::decode((string)$response->getBody())); + } + + public function fetchShareQrCode(string $qrCodeId): ShareSessionFetchedQrCode + { + $response = (new RequestBuilder($this->config)) + ->withBaseUrl($this->config->getApiUrl() ?? Constants::DIGITAL_IDENTITY_API_URL) + ->withEndpoint(sprintf(self::IDENTITY_SESSION_QR_CODE_RETRIEVAL, $qrCodeId)) + ->withHeader('X-Yoti-Auth-Id', $this->sdkId) + ->withGet() + ->withPemFile($this->pemFile) + ->build() + ->execute(); + + $httpCode = $response->getStatusCode(); + if ($httpCode < 200 || $httpCode > 299) { + throw new DigitalIdentityException("Server responded with {$httpCode}", $response); + } + + return new ShareSessionFetchedQrCode(Json::decode((string)$response->getBody())); + } + + public function fetchShareSession(string $sessionId): ShareSessionFetched + { + $response = (new RequestBuilder($this->config)) + ->withBaseUrl($this->config->getApiUrl() ?? Constants::DIGITAL_IDENTITY_API_URL) + ->withEndpoint(sprintf(self::IDENTITY_SESSION_RETRIEVAL, $sessionId)) + ->withHeader('X-Yoti-Auth-Id', $this->sdkId) + ->withGet() + ->withPemFile($this->pemFile) + ->build() + ->execute(); + + $httpCode = $response->getStatusCode(); + if ($httpCode < 200 || $httpCode > 299) { + throw new DigitalIdentityException("Server responded with {$httpCode}", $response); + } + + return new ShareSessionFetched(Json::decode((string)$response->getBody())); + } + + /** + * @throws DigitalIdentityException + */ + public function fetchShareReceipt(string $receiptId): Receipt + { + $receiptParser = new ReceiptParser(); + $wrappedReceipt = $this->doFetchShareReceipt($receiptId); + + if (null === $wrappedReceipt->getError()) { + $receiptKey = $this->fetchShareReceiptKey($wrappedReceipt); + + return $receiptParser->createSuccess($wrappedReceipt, $receiptKey, $this->pemFile); + } + + return $receiptParser->createFailure($wrappedReceipt); + } + + private function doFetchShareReceipt(string $receiptId): WrappedReceipt + { + $receiptIdUrl = strtr($receiptId, '+/', '-_'); + $response = (new RequestBuilder($this->config)) + ->withBaseUrl($this->config->getApiUrl() ?? Constants::DIGITAL_IDENTITY_API_URL) + ->withEndpoint(sprintf(self::IDENTITY_SESSION_RECEIPT_RETRIEVAL, $receiptIdUrl)) + ->withHeader('X-Yoti-Auth-Id', $this->sdkId) + ->withGet() + ->withPemFile($this->pemFile) + ->build() + ->execute(); + + $httpCode = $response->getStatusCode(); + if ($httpCode < 200 || $httpCode > 299) { + throw new DigitalIdentityException("Server responded with {$httpCode}", $response); + } + + return new WrappedReceipt(Json::decode((string)$response->getBody())); + } + + private function fetchShareReceiptKey(WrappedReceipt $wrappedReceipt): ReceiptItemKey + { + $response = (new RequestBuilder($this->config)) + ->withBaseUrl($this->config->getApiUrl() ?? Constants::DIGITAL_IDENTITY_API_URL) + ->withEndpoint(sprintf( + self::IDENTITY_SESSION_RECEIPT_KEY_RETRIEVAL, + $wrappedReceipt->getWrappedItemKeyId() + )) + ->withHeader('X-Yoti-Auth-Id', $this->sdkId) + ->withGet() + ->withPemFile($this->pemFile) + ->build() + ->execute(); + + $httpCode = $response->getStatusCode(); + if ($httpCode < 200 || $httpCode > 299) { + throw new DigitalIdentityException("Server responded with {$httpCode}", $response); + } + + return new ReceiptItemKey(Json::decode((string)$response->getBody())); + } +} diff --git a/src/Identity/ErrorReason.php b/src/Identity/ErrorReason.php new file mode 100644 index 00000000..787fbf1e --- /dev/null +++ b/src/Identity/ErrorReason.php @@ -0,0 +1,37 @@ +> $data + */ + public function __construct(array $data) + { + if (isset($data[0])) { + $this->requirementNotMetDetails = new RequirementNotMetDetails($data); + } else { + $this->requirementNotMetDetails = new RequirementNotMetDetails([[ + "failure_type" => '', + "details" => '', + "audit_id" => '', + "document_country_iso_code" => '', + "document_type" => '' + ]]); + } + } + + /** + * @return RequirementNotMetDetails + */ + public function getRequirementNotMetDetails(): RequirementNotMetDetails + { + return $this->requirementNotMetDetails; + } +} diff --git a/src/Identity/Extension/BasicExtensionBuilder.php b/src/Identity/Extension/BasicExtensionBuilder.php new file mode 100644 index 00000000..97d913aa --- /dev/null +++ b/src/Identity/Extension/BasicExtensionBuilder.php @@ -0,0 +1,40 @@ +type = $type; + + return $this; + } + + /** + * @param mixed $content + * + * @return $this + */ + public function withContent($content): self + { + $this->content = $content; + + return $this; + } + + public function build(): Extension + { + return new Extension($this->type, $this->content); + } +} diff --git a/src/Identity/Extension/Extension.php b/src/Identity/Extension/Extension.php new file mode 100644 index 00000000..d7e436b1 --- /dev/null +++ b/src/Identity/Extension/Extension.php @@ -0,0 +1,38 @@ +type = $type; + + Validation::notNull($type, 'content'); + $this->content = $content; + } + + /** + * @return stdClass + */ + public function jsonSerialize(): stdClass + { + return (object)[ + 'type' => $this->type, + 'content' => $this->content, + ]; + } +} diff --git a/src/Identity/Extension/ExtensionBuilderInterface.php b/src/Identity/Extension/ExtensionBuilderInterface.php new file mode 100644 index 00000000..1ab39bd8 --- /dev/null +++ b/src/Identity/Extension/ExtensionBuilderInterface.php @@ -0,0 +1,8 @@ +latitude = $latitude; + + Validation::withinRange($longitude, -180, 180, 'longitude'); + $this->longitude = $longitude; + + Validation::notLessThan($radius, 0, 'radius'); + $this->radius = $radius; + + Validation::notLessThan($maxUncertainty, 0, 'maxUncertainty'); + $this->maxUncertainty = $maxUncertainty; + } + + /** + * @inheritDoc + * + * @return stdClass + */ + public function jsonSerialize(): stdClass + { + return (object)[ + 'expected_device_location' => [ + 'latitude' => $this->latitude, + 'longitude' => $this->longitude, + 'radius' => $this->radius, + 'max_uncertainty_radius' => $this->maxUncertainty, + ] + ]; + } +} diff --git a/src/Identity/Extension/LocationConstraintExtensionBuilder.php b/src/Identity/Extension/LocationConstraintExtensionBuilder.php new file mode 100644 index 00000000..556cd19d --- /dev/null +++ b/src/Identity/Extension/LocationConstraintExtensionBuilder.php @@ -0,0 +1,82 @@ +latitude = $latitude; + return $this; + } + + /** + * Allows you to specify the Longitude of the user's expected location + */ + public function withLongitude(float $longitude): self + { + $this->longitude = $longitude; + return $this; + } + + /** + * Radius of the circle, centred on the specified location coordinates, where the device is + * allowed to perform the share. + * + * If not provided, a default value of 150m will be used. + * + * @param float $radius + * The allowable distance, in metres, from the given lat/long location + */ + public function withRadius(float $radius): self + { + $this->radius = $radius; + return $this; + } + + /** + * Maximum acceptable distance, in metres, of the area of uncertainty associated with the device + * location coordinates. + * + * If not provided, a default value of 150m will be used. + * + * @param float $maxUncertainty + * Maximum allowed measurement uncertainty, in metres + * + * @return $this + */ + public function withMaxUncertainty(float $maxUncertainty): self + { + $this->maxUncertainty = $maxUncertainty; + + return $this; + } + + public function build(): Extension + { + $content = new LocationConstraintContent( + $this->latitude, + $this->longitude, + $this->radius, + $this->maxUncertainty + ); + + return new Extension(self::LOCATION_CONSTRAINT, $content); + } +} diff --git a/src/Identity/Extension/ThirdPartyAttributeContent.php b/src/Identity/Extension/ThirdPartyAttributeContent.php new file mode 100644 index 00000000..0eeec95a --- /dev/null +++ b/src/Identity/Extension/ThirdPartyAttributeContent.php @@ -0,0 +1,38 @@ +expiryDate = $expiryDate; + + Validation::isArrayOfType($definitions, [AttributeDefinition::class], 'definitions'); + $this->definitions = $definitions; + } + + public function jsonSerialize(): stdClass + { + return (object)[ + 'expiry_date' => $this->expiryDate + ->setTimezone(new \DateTimeZone('UTC')) + ->format(\DateTime::RFC3339_EXTENDED), + 'definitions' => $this->definitions, + ]; + } +} diff --git a/src/Identity/Extension/ThirdPartyAttributeExtensionBuilder.php b/src/Identity/Extension/ThirdPartyAttributeExtensionBuilder.php new file mode 100644 index 00000000..132fa720 --- /dev/null +++ b/src/Identity/Extension/ThirdPartyAttributeExtensionBuilder.php @@ -0,0 +1,66 @@ +expiryDate = $expiryDate; + + return $this; + } + + public function withDefinition(string $definition): self + { + $this->definitions[] = new AttributeDefinition($definition); + + return $this; + } + + /** + * @param string[] $definitions + */ + public function withDefinitions(array $definitions): self + { + Validation::isArrayOfStrings($definitions, 'definitions'); + $this->definitions = array_map( + function ($definition): AttributeDefinition { + return new AttributeDefinition($definition); + }, + $definitions + ); + + return $this; + } + + public function build(): Extension + { + return new Extension( + self::THIRD_PARTY_ATTRIBUTE, + new ThirdPartyAttributeContent( + $this->expiryDate, + $this->definitions + ) + ); + } +} diff --git a/src/Identity/Extension/TransactionalFlowExtensionBuilder.php b/src/Identity/Extension/TransactionalFlowExtensionBuilder.php new file mode 100644 index 00000000..22eb5821 --- /dev/null +++ b/src/Identity/Extension/TransactionalFlowExtensionBuilder.php @@ -0,0 +1,35 @@ +content = $content; + + return $this; + } + + /** + * @return Extension with TRANSACTIONAL_FLOW type + */ + public function build(): Extension + { + return new Extension(static::TYPE, $this->content); + } +} diff --git a/src/Identity/Policy/Policy.php b/src/Identity/Policy/Policy.php new file mode 100644 index 00000000..5c54f2fa --- /dev/null +++ b/src/Identity/Policy/Policy.php @@ -0,0 +1,94 @@ +wantedAttributes = $wantedAttributes; + + Validation::isArrayOfIntegers($wantedAuthTypes, 'wantedAuthTypes'); + $this->wantedAuthTypes = $wantedAuthTypes; + + $this->wantedRememberMe = $wantedRememberMe; + $this->wantedRememberMeOptional = $wantedRememberMeOptional; + $this->identityProfileRequirements = $identityProfileRequirements; + $this->advancedIdentityProfileRequirements = $advancedIdentityProfileRequirements; + } + + + public function jsonSerialize(): stdClass + { + return (object)[ + 'wanted' => $this->wantedAttributes, + 'wanted_auth_types' => $this->wantedAuthTypes, + 'wanted_remember_me' => $this->wantedRememberMe, + 'wanted_remember_me_optional' => $this->wantedRememberMeOptional, + 'identity_profile_requirements' => $this->identityProfileRequirements, + 'advanced_identity_profile_requirements' => $this->advancedIdentityProfileRequirements, + ]; + } + + /** + * IdentityProfileRequirements requested in the policy + * + * @return object|null + */ + public function getIdentityProfileRequirements() + { + return $this->identityProfileRequirements; + } + + /** + * AdvancedIdentityProfileRequirements requested in the policy + * + * @return object|null + */ + public function getAdvancedIdentityProfileRequirements() + { + return $this->advancedIdentityProfileRequirements; + } +} diff --git a/src/Identity/Policy/PolicyBuilder.php b/src/Identity/Policy/PolicyBuilder.php new file mode 100644 index 00000000..a3b8f479 --- /dev/null +++ b/src/Identity/Policy/PolicyBuilder.php @@ -0,0 +1,345 @@ +getName(); + + if (null !== $wantedAttribute->getDerivation()) { + $key = $wantedAttribute->getDerivation(); + } + + if (null !== $wantedAttribute->getConstraints()) { + $key .= '-' . hash('sha256', Json::encode($wantedAttribute->getConstraints())); + } + + $this->wantedAttributes[$key] = $wantedAttribute; + + return $this; + } + + /** + * @param Constraint[]|null $constraints + */ + public function withWantedAttributeByName( + string $name, + array $constraints = null, + bool $acceptSelfAsserted = null + ): self { + $wantedAttributeBuilder = (new WantedAttributeBuilder()) + ->withName($name); + + if ($constraints !== null) { + $wantedAttributeBuilder->withConstraints($constraints); + } + + if ($acceptSelfAsserted !== null) { + $wantedAttributeBuilder->withAcceptSelfAsserted($acceptSelfAsserted); + } + + return $this->withWantedAttribute($wantedAttributeBuilder->build()); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withFamilyName(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_FAMILY_NAME, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withGivenNames(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_GIVEN_NAMES, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withFullName(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_FULL_NAME, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withDateOfBirth(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_DATE_OF_BIRTH, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withAgeOver(int $age, array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withAgeDerivedAttribute( + UserProfile::AGE_OVER . $age, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withAgeUnder(int $age, array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withAgeDerivedAttribute( + UserProfile::AGE_UNDER . $age, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withAgeDerivedAttribute( + string $derivation, + array $constraints = null, + bool $acceptSelfAsserted = null + ): self { + $wantedAttributeBuilder = (new WantedAttributeBuilder()) + ->withName(UserProfile::ATTR_DATE_OF_BIRTH) + ->withDerivation($derivation); + + if ($constraints !== null) { + $wantedAttributeBuilder->withConstraints($constraints); + } + + if ($acceptSelfAsserted !== null) { + $wantedAttributeBuilder->withAcceptSelfAsserted($acceptSelfAsserted); + } + + return $this->withWantedAttribute($wantedAttributeBuilder->build()); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withGender(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_GENDER, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withPostalAddress(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_POSTAL_ADDRESS, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withStructuredPostalAddress(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_STRUCTURED_POSTAL_ADDRESS, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withNationality(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_NATIONALITY, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withPhoneNumber(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_PHONE_NUMBER, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withSelfie(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_SELFIE, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withDocumentDetails(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_DOCUMENT_DETAILS, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withDocumentImages(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_DOCUMENT_IMAGES, + $constraints, + $acceptSelfAsserted + ); + } + + /** + * @param Constraint[]|null $constraints + */ + public function withEmail(array $constraints = null, bool $acceptSelfAsserted = null): self + { + return $this->withWantedAttributeByName( + UserProfile::ATTR_EMAIL_ADDRESS, + $constraints, + $acceptSelfAsserted + ); + } + + + public function withSelfieAuthentication(bool $enabled = true): self + { + return $this->withWantedAuthType(self::SELFIE_AUTH_TYPE, $enabled); + } + + + public function withPinAuthentication(bool $enabled = true): self + { + return $this->withWantedAuthType(self::PIN_AUTH_TYPE, $enabled); + } + + public function withWantedAuthType(int $wantedAuthType, bool $enabled = true): self + { + if ($enabled) { + $this->wantedAuthTypes[$wantedAuthType] = $wantedAuthType; + } else { + unset($this->wantedAuthTypes[$wantedAuthType]); + } + + return $this; + } + + + public function withWantedRememberMe(bool $wantedRememberMe): self + { + $this->wantedRememberMe = $wantedRememberMe; + return $this; + } + + public function withWantedRememberMeOptional(bool $wantedRememberMeOptional): self + { + $this->wantedRememberMeOptional = $wantedRememberMeOptional; + return $this; + } + + /** + * Use an Identity Profile Requirement object for the share + * + * @param object $identityProfileRequirements + * @return $this + */ + public function withIdentityProfileRequirements($identityProfileRequirements): self + { + $this->identityProfileRequirements = $identityProfileRequirements; + return $this; + } + + /** + * Use an Advanced Identity Profile Requirement object for the share + * + * @param object $advancedIdentityProfileRequirements + * @return $this + */ + public function withAdvancedIdentityProfileRequirements($advancedIdentityProfileRequirements): self + { + $this->advancedIdentityProfileRequirements = $advancedIdentityProfileRequirements; + return $this; + } + + public function build(): Policy + { + return new Policy( + array_values($this->wantedAttributes), + array_values($this->wantedAuthTypes), + $this->wantedRememberMe, + $this->wantedRememberMeOptional, + $this->identityProfileRequirements, + $this->advancedIdentityProfileRequirements + ); + } +} diff --git a/src/Identity/Policy/WantedAnchor.php b/src/Identity/Policy/WantedAnchor.php new file mode 100644 index 00000000..1714ca8a --- /dev/null +++ b/src/Identity/Policy/WantedAnchor.php @@ -0,0 +1,29 @@ +value = $value; + $this->subType = $subType; + } + + public function jsonSerialize(): stdClass + { + return (object)[ + 'name' => $this->value, + 'sub_type' => $this->subType, + ]; + } +} diff --git a/src/Identity/Policy/WantedAnchorBuilder.php b/src/Identity/Policy/WantedAnchorBuilder.php new file mode 100644 index 00000000..9625445f --- /dev/null +++ b/src/Identity/Policy/WantedAnchorBuilder.php @@ -0,0 +1,32 @@ +value = $value; + return $this; + } + + public function withSubType(string $subType): self + { + $this->subType = $subType; + return $this; + } + + public function build(): WantedAnchor + { + Validation::notNull($this->value, 'value'); + Validation::notNull($this->subType, 'sub_type'); + + return new WantedAnchor($this->value, $this->subType); + } +} diff --git a/src/Identity/Policy/WantedAttribute.php b/src/Identity/Policy/WantedAttribute.php new file mode 100644 index 00000000..dc34da79 --- /dev/null +++ b/src/Identity/Policy/WantedAttribute.php @@ -0,0 +1,123 @@ +name = $name; + + $this->derivation = $derivation; + $this->optional = $optional; + $this->acceptSelfAsserted = $acceptSelfAsserted; + + if (null !== $constraints) { + Validation::isArrayOfType($constraints, [Constraint::class], 'constraints'); + $this->constraints = $constraints; + } + } + + /** + * Name identifying the WantedAttribute + * + * @return string + */ + public function getName(): string + { + return $this->name; + } + + /** + * Additional derived criteria. + * + * @return string + */ + public function getDerivation(): ?string + { + return $this->derivation; + } + + /** + * List of constraints to add to an attribute. + * + * If you do not provide any particular constraints, Yoti will provide you with the + * information from the most recently added source. + * + * @return Constraint[] $constraints + */ + public function getConstraints(): ?array + { + return $this->constraints; + } + + /** + * Accept self asserted attributes. + * + * These are attributes that have been self-declared, and not verified by Yoti. + * + * @return bool|null + */ + public function getAcceptSelfAsserted(): ?bool + { + return $this->acceptSelfAsserted; + } + + /** + * @return bool + */ + public function getOptional(): bool + { + return $this->optional; + } + + public function jsonSerialize(): stdClass + { + $data = new stdClass(); + $data->name = $this->getName(); + $data->optional = $this->getOptional(); + + if (null !== $this->getDerivation()) { + $data->derivation = $this->getDerivation(); + } + + if (null !== $this->getConstraints()) { + $data->constraints = $this->getConstraints(); + } + + if (null !== $this->getAcceptSelfAsserted()) { + $data->accept_self_asserted = $this->getAcceptSelfAsserted(); + } + + return $data; + } +} diff --git a/src/Identity/Policy/WantedAttributeBuilder.php b/src/Identity/Policy/WantedAttributeBuilder.php new file mode 100644 index 00000000..c2a53f1f --- /dev/null +++ b/src/Identity/Policy/WantedAttributeBuilder.php @@ -0,0 +1,77 @@ +name = $name; + + return $this; + } + + public function withDerivation(string $derivation): self + { + $this->derivation = $derivation; + + return $this; + } + + public function withOptional(bool $optional): self + { + $this->optional = $optional; + + return $this; + } + + public function withAcceptSelfAsserted(bool $acceptSelfAsserted): self + { + $this->acceptSelfAsserted = $acceptSelfAsserted; + + return $this; + } + + /** + * @param Constraint[] $constraints + */ + public function withConstraints(array $constraints): self + { + $this->constraints = $constraints; + + return $this; + } + + public function withConstraint(Constraint $constraint): self + { + $this->constraints[] = $constraint; + + return $this; + } + + public function build(): WantedAttribute + { + return new WantedAttribute( + $this->name, + $this->derivation, + $this->optional, + $this->acceptSelfAsserted, + $this->constraints, + ); + } +} diff --git a/src/Identity/Reader/AttributeListReader.php b/src/Identity/Reader/AttributeListReader.php new file mode 100644 index 00000000..641029b2 --- /dev/null +++ b/src/Identity/Reader/AttributeListReader.php @@ -0,0 +1,7 @@ +id = $id; + $this->sessionId = $sessionId; + $this->timestamp = $timestamp; + $this->applicationContent = $applicationContent; + $this->userContent = $userContent; + $this->rememberMeId = $rememberMeId; + $this->parentRememberMeId = $parentRememberMeId; + $this->error = $error; + $this->errorReason = $errorReason; + } + + public function getId(): string + { + return $this->id; + } + + public function getSessionId(): string + { + return $this->sessionId; + } + + public function getTimestamp(): \DateTime + { + return $this->timestamp; + } + + public function getProfile(): ?UserProfile + { + if ($this->userContent !== null) { + return $this->userContent->getProfile(); + } else { + return null; + } + } + + public function getExtraData(): ?ExtraData + { + if ($this->userContent !== null) { + return $this->userContent->getExtraData(); + } else { + return null; + } + } + + public function getApplicationContent(): ?ApplicationContent + { + return $this->applicationContent; + } + + public function getUserContent(): ?UserContent + { + return $this->userContent; + } + + public function getRememberMeId(): ?string + { + return $this->rememberMeId; + } + + public function getParentRememberMeId(): ?string + { + return $this->parentRememberMeId; + } + + public function getError(): ?string + { + return $this->error; + } + + public function getErrorReason(): ?ErrorReason + { + return $this->errorReason; + } +} diff --git a/src/Identity/ReceiptBuilder.php b/src/Identity/ReceiptBuilder.php new file mode 100644 index 00000000..0851a088 --- /dev/null +++ b/src/Identity/ReceiptBuilder.php @@ -0,0 +1,108 @@ +id = $id; + + return $this; + } + + public function withSessionId(string $sessionId): self + { + $this->sessionId = $sessionId; + + return $this; + } + + public function withRememberMeId(string $rememberMeId = null): self + { + $this->rememberMeId = $rememberMeId; + + return $this; + } + + public function withParentRememberMeId(string $parentRememberMeId = null): self + { + $this->parentRememberMeId = $parentRememberMeId; + + return $this; + } + + public function withTimestamp(\DateTime $timestamp): self + { + $this->timestamp = $timestamp; + + return $this; + } + + public function withApplicationContent(ApplicationProfile $profile, ExtraData $extraData = null): self + { + $this->applicationContent = new ApplicationContent($profile, $extraData); + + return $this; + } + + public function withUserContent(UserProfile $profile = null, ExtraData $extraData = null): self + { + $this->userContent = new UserContent($profile, $extraData); + + return $this; + } + + public function withError(string $error = null): self + { + $this->error = $error; + + return $this; + } + + public function withErrorReason(ErrorReason $errorReason = null): self + { + $this->errorReason = $errorReason; + + return $this; + } + + public function build(): Receipt + { + return new Receipt( + $this->id, + $this->sessionId, + $this->timestamp, + $this->applicationContent, + $this->userContent, + $this->rememberMeId, + $this->parentRememberMeId, + $this->error, + $this->errorReason + ); + } +} diff --git a/src/Identity/ReceiptItemKey.php b/src/Identity/ReceiptItemKey.php new file mode 100644 index 00000000..1c8b049a --- /dev/null +++ b/src/Identity/ReceiptItemKey.php @@ -0,0 +1,46 @@ + $sessionData + */ + public function __construct(array $sessionData) + { + $this->id = $sessionData['id']; + $this->iv = $sessionData['iv']; + $this->value = $sessionData['value']; + } + + /** + * @return string + */ + public function getId(): string + { + return $this->id; + } + + /** + * @return string + */ + public function getIv(): string + { + return $this->iv; + } + + /** + * @return string + */ + public function getValue(): string + { + return $this->value; + } +} diff --git a/src/Identity/ReceiptParser.php b/src/Identity/ReceiptParser.php new file mode 100644 index 00000000..904ef7b7 --- /dev/null +++ b/src/Identity/ReceiptParser.php @@ -0,0 +1,169 @@ +logger = $logger ?? new Logger(); + } + + public function createSuccess( + WrappedReceipt $wrappedReceipt, + ReceiptItemKey $wrappedItemKey, + PemFile $pemFile + ): Receipt { + $receiptKey = $this->decryptReceiptKey($wrappedReceipt->getWrappedKey(), $wrappedItemKey, $pemFile); + + $applicationProfile = new ApplicationProfile( + AttributeListConverter::convertToYotiAttributesList($this->parseProfileAttr( + $wrappedReceipt->getProfile(), + $receiptKey, + )) + ); + + $extraData = null !== $wrappedReceipt->getExtraData() ? + $this->parseExtraData($wrappedReceipt->getExtraData(), $receiptKey) : + null; + + $userProfile = null !== $wrappedReceipt->getOtherPartyProfile() ? new UserProfile( + AttributeListConverter::convertToYotiAttributesList( + $this->parseProfileAttr( + $wrappedReceipt->getOtherPartyProfile(), + $receiptKey, + ) + ) + ) : null; + + $otherExtraData = null !== $wrappedReceipt->getOtherPartyExtraData() ? + $this->parseExtraData($wrappedReceipt->getOtherPartyExtraData(), $receiptKey) : + null; + + + $receipt = (new ReceiptBuilder()) + ->withId($wrappedReceipt->getId()) + ->withSessionId($wrappedReceipt->getSessionId()) + ->withTimestamp($wrappedReceipt->getTimestamp()) + ->withApplicationContent( + $applicationProfile, + $extraData + ) + ->withUserContent( + $userProfile, + $otherExtraData + ); + + if (null !== $wrappedReceipt->getRememberMeId()) { + $receipt->withRememberMeId($wrappedReceipt->getRememberMeId()); + } + + if (null !== $wrappedReceipt->getParentRememberMeId()) { + $receipt->withParentRememberMeId($wrappedReceipt->getParentRememberMeId()); + } + + return $receipt->build(); + } + + public function createFailure(WrappedReceipt $wrappedReceipt): Receipt + { + return (new ReceiptBuilder()) + ->withId($wrappedReceipt->getId()) + ->withSessionId($wrappedReceipt->getSessionId()) + ->withTimestamp($wrappedReceipt->getTimestamp()) + ->withError($wrappedReceipt->getError()) + ->withErrorReason($wrappedReceipt->getErrorReason()) + ->build(); + } + + private function decryptReceiptKey(?string $wrappedKey, ReceiptItemKey $wrappedItemKey, PemFile $pemFile): string + { + if ($wrappedKey == null) { + throw new EncryptedDataException('Wrapped is null'); + } + // Convert 'iv' and 'value' from base64 to binary + $iv = (string)base64_decode($wrappedItemKey->getIv(), true); + $encryptedItemKey = (string)base64_decode($wrappedItemKey->getValue(), true); + + // Decrypt the 'value' field (encrypted item key) using the private key + $unwrappedKey = ''; + if ( + !openssl_private_decrypt( + $encryptedItemKey, + $unwrappedKey, + (string)$pemFile + ) + ) { + throw new EncryptedDataException('Could not decrypt the item key'); + } + + // Check that 'wrappedKey' is a base64-encoded string + $wrappedKey = base64_decode($wrappedKey, true); + if ($wrappedKey === false) { + throw new EncryptedDataException('wrappedKey is not a valid base64-encoded string'); + } + + // Decompose the 'wrappedKey' into 'cipherText' and 'tag' + $cipherText = substr($wrappedKey, 0, -16); + $tag = substr($wrappedKey, -16); + + // Decrypt the 'cipherText' using the 'iv' and the decrypted item key + $receiptKey = openssl_decrypt( + $cipherText, + 'aes-256-gcm', + $unwrappedKey, + OPENSSL_RAW_DATA, + $iv, + $tag + ); + if ($receiptKey === false) { + throw new EncryptedDataException('Could not decrypt the receipt key'); + } + + return $receiptKey; + } + + private function parseProfileAttr(string $profile, string $wrappedKey): AttributeList + { + $attributeList = new AttributeList(); + + $decryptedData = IdentityEncryptedData::decrypt( + $profile, + $wrappedKey + ); + + $attributeList->mergeFromString($decryptedData); + + return $attributeList; + } + + private function parseExtraData(string $extraData, string $wrappedKey): ExtraData + { + $decryptAttribute = IdentityEncryptedData::decrypt( + $extraData, + $wrappedKey + ); + + return ExtraDataConverter::convertValue( + $decryptAttribute, + $this->logger + ); + } +} diff --git a/src/Identity/RequirementNotMetDetails.php b/src/Identity/RequirementNotMetDetails.php new file mode 100644 index 00000000..bcd3e40e --- /dev/null +++ b/src/Identity/RequirementNotMetDetails.php @@ -0,0 +1,75 @@ +> $data + */ + public function __construct(array $data) + { + $this->failureType = $data[0]["failure_type"] ?? ''; + $this->details = $data[0]["details"] ?? ''; + $this->auditId = $data[0]["audit_id"] ?? ''; + $this->documentCountryIsoCode = $data[0]["document_country_iso_code"] ?? ''; + $this->documentType = $data[0]["document_type"] ?? ''; + } + + /** + * @return string + */ + public function getFailureType(): string + { + return $this->failureType; + } + /** + * @return string + */ + public function getDetails(): string + { + return $this->details; + } + /** + * @return string + */ + public function getAuditId(): string + { + return $this->auditId; + } + /** + * @return string + */ + public function getDocumentCountryIsoCode(): string + { + return $this->documentCountryIsoCode; + } + /** + * @return string + */ + public function getDocumentType(): string + { + return $this->documentType; + } +} diff --git a/src/Identity/ShareSessionCreated.php b/src/Identity/ShareSessionCreated.php new file mode 100644 index 00000000..4bb0f924 --- /dev/null +++ b/src/Identity/ShareSessionCreated.php @@ -0,0 +1,71 @@ +id = $sessionData['id']; + } + + if (isset($sessionData['status'])) { + Validation::isString($sessionData['status'], 'status'); + $this->status = $sessionData['status']; + } + + if (isset($sessionData['expiry'])) { + Validation::isString($sessionData['expiry'], 'expiry'); + $this->expiry = $sessionData['expiry']; + } + } + + /** + * @return string + */ + public function getId(): string + { + return $this->id; + } + + /** + * @return string + */ + public function getStatus(): string + { + return $this->status; + } + + /** + * @return string + */ + public function getExpiry(): string + { + return $this->expiry; + } + + public function jsonSerialize(): object + { + return (object)[ + 'id' => $this->getId(), + 'status' => $this->getStatus(), + 'expiry' => $this->getExpiry(), + ]; + } +} diff --git a/src/Identity/ShareSessionCreatedQrCode.php b/src/Identity/ShareSessionCreatedQrCode.php new file mode 100644 index 00000000..901074b0 --- /dev/null +++ b/src/Identity/ShareSessionCreatedQrCode.php @@ -0,0 +1,48 @@ +id = $sessionData['id']; + } + + if (isset($sessionData['uri'])) { + $this->uri = $sessionData['uri']; + } + } + + public function jsonSerialize(): object + { + return (object)[ + 'id' => $this->id, + 'uri' => $this->uri + ]; + } + + /** + * @return string + */ + public function getId(): string + { + return $this->id; + } + + /** + * @return string + */ + public function getUri(): string + { + return $this->uri; + } +} diff --git a/src/Identity/ShareSessionFetched.php b/src/Identity/ShareSessionFetched.php new file mode 100644 index 00000000..ac171a2f --- /dev/null +++ b/src/Identity/ShareSessionFetched.php @@ -0,0 +1,117 @@ + $sessionData + */ + public function __construct(array $sessionData) + { + if (isset($sessionData['id'])) { + $this->id = $sessionData['id']; + } + if (isset($sessionData['status'])) { + $this->status = $sessionData['status']; + } + if (isset($sessionData['expiry'])) { + $this->expiry = $sessionData['expiry']; + } + if (isset($sessionData['created'])) { + $this->created = $sessionData['created']; + } + if (isset($sessionData['updated'])) { + $this->updated = $sessionData['updated']; + } + if (isset($sessionData['qrCode'])) { + $this->qrCodeId = $sessionData['qrCode']['id']; + } + if (isset($sessionData['receipt'])) { + $this->receiptId = $sessionData['receipt']['id']; + } + } + + public function jsonSerialize(): object + { + return (object)[ + 'id' => $this->id, + 'status' => $this->status, + 'expiry' => $this->expiry, + 'created' => $this->created, + 'updated' => $this->updated, + 'qrCodeId' => $this->qrCodeId, + 'receiptId' => $this->receiptId, + ]; + } + + /** + * @return string + */ + public function getId(): string + { + return $this->id; + } + + /** + * @return string + */ + public function getStatus(): string + { + return $this->status; + } + + /** + * @return string + */ + public function getCreated(): string + { + return $this->created; + } + + /** + * @return string + */ + public function getUpdated(): string + { + return $this->updated; + } + + /** + * @return string + */ + public function getExpiry(): string + { + return $this->expiry; + } + + /** + * @return string + */ + public function getQrCodeId(): string + { + return $this->qrCodeId; + } + + /** + * @return string + */ + public function getReceiptId(): string + { + return $this->receiptId; + } +} diff --git a/src/Identity/ShareSessionFetchedQrCode.php b/src/Identity/ShareSessionFetchedQrCode.php new file mode 100644 index 00000000..1f8aaabf --- /dev/null +++ b/src/Identity/ShareSessionFetchedQrCode.php @@ -0,0 +1,110 @@ + $sessionData + */ + public function __construct(array $sessionData) + { + if (isset($sessionData['id'])) { + $this->id = $sessionData['id']; + } + if (isset($sessionData['expiry'])) { + $this->expiry = $sessionData['expiry']; + } + if (isset($sessionData['policy'])) { + $this->policy = $sessionData['policy']; + } + if (isset($sessionData['extensions'])) { + foreach ($sessionData['extensions'] as $extension) { + $this->extensions[] = new Extension($extension['type'], $extension['content']); + } + } + if (isset($sessionData['session'])) { + $this->session = new ShareSessionCreated($sessionData['session']); + } + if (isset($sessionData['redirectUri'])) { + $this->redirectUri = $sessionData['redirectUri']; + } + } + + public function jsonSerialize(): object + { + return (object)[ + 'id' => $this->id, + 'expiry' => $this->expiry, + 'policy' => $this->policy, + 'extensions' => $this->extensions, + 'session' => $this->session, + 'redirectUri' => $this->redirectUri, + ]; + } + + /** + * @return string + */ + public function getId(): string + { + return $this->id; + } + + /** + * @return string + */ + public function getExpiry(): string + { + return $this->expiry; + } + + /** + * @return string + */ + public function getPolicy(): string + { + return $this->policy; + } + + /** + * @return Extension[] + */ + public function getExtensions(): array + { + return $this->extensions; + } + + /** + * @return ShareSessionCreated + */ + public function getSession(): ShareSessionCreated + { + return $this->session; + } + + /** + * @return string + */ + public function getRedirectUri(): string + { + return $this->redirectUri; + } +} diff --git a/src/Identity/ShareSessionNotification.php b/src/Identity/ShareSessionNotification.php new file mode 100644 index 00000000..5a6fc24f --- /dev/null +++ b/src/Identity/ShareSessionNotification.php @@ -0,0 +1,70 @@ + + */ + private array $headers; + + /** + * @param string[] $headers + */ + public function __construct(string $url, string $method, bool $verifyTls, array $headers) + { + $this->url = $url; + $this->method = $method; + $this->verifyTls = $verifyTls; + $this->headers = $headers; + } + + public function jsonSerialize(): object + { + return (object)[ + 'url' => $this->getUrl(), + 'method' => $this->getMethod(), + 'verifyTls' => $this->isVerifyTls(), + 'headers' => $this->getHeaders(), + ]; + } + + /** + * @return string + */ + public function getUrl(): string + { + return $this->url; + } + + /** + * @return string + */ + public function getMethod(): string + { + return $this->method; + } + + /** + * @return bool + */ + public function isVerifyTls(): bool + { + return $this->verifyTls; + } + + /** + * @return string[] + */ + public function getHeaders(): array + { + return $this->headers; + } +} diff --git a/src/Identity/ShareSessionNotificationBuilder.php b/src/Identity/ShareSessionNotificationBuilder.php new file mode 100644 index 00000000..39d7aba3 --- /dev/null +++ b/src/Identity/ShareSessionNotificationBuilder.php @@ -0,0 +1,65 @@ + + */ + private array $headers; + + public function withUrl(string $url): self + { + $this->url = $url; + + return $this; + } + + public function withMethod(string $method = 'POST'): self + { + $this->method = $method; + + return $this; + } + + public function withVerifyTls(bool $verifyTls = true): self + { + $this->verifyTls = $verifyTls; + + return $this; + } + + /** + * @param string[] $headers + */ + public function withHeaders(array $headers): self + { + $this->headers = $headers; + + return $this; + } + + public function withHeader(string $key, string $header): self + { + $this->headers[$key] = $header; + + return $this; + } + + public function build(): ShareSessionNotification + { + return new ShareSessionNotification( + $this->url, + $this->method, + $this->verifyTls, + $this->headers + ); + } +} diff --git a/src/Identity/ShareSessionRequest.php b/src/Identity/ShareSessionRequest.php new file mode 100644 index 00000000..94e9cadb --- /dev/null +++ b/src/Identity/ShareSessionRequest.php @@ -0,0 +1,110 @@ +|null + */ + private ?array $subject; + + private Policy $policy; + + /** + * @var Extension[]|null + */ + private ?array $extensions = null; + + private string $redirectUri; + + private ?ShareSessionNotification $notification; + + /** + * @param array|null $subject + * @param Policy $policy + * @param Extension[]|null $extensions + * @param string $redirectUri + * @param ShareSessionNotification|null $notification + */ + public function __construct( + Policy $policy, + string $redirectUri, + ?array $extensions = null, + ?array $subject = null, + ?ShareSessionNotification $notification = null + ) { + $this->policy = $policy; + $this->redirectUri = $redirectUri; + + if (null !== $extensions) { + Validation::isArrayOfType($extensions, [Extension::class], 'extensions'); + $this->extensions = $extensions; + } + + $this->subject = $subject; + $this->notification = $notification; + } + + /** + * @return array|null + */ + public function getSubject(): ?array + { + return $this->subject; + } + + /** + * @return Policy + */ + public function getPolicy(): Policy + { + return $this->policy; + } + + /** + * @return Extension[]|null + */ + public function getExtensions(): ?array + { + return $this->extensions; + } + + /** + * @return string + */ + public function getRedirectUri(): string + { + return $this->redirectUri; + } + + /** + * @return ShareSessionNotification|null + */ + public function getNotification(): ?ShareSessionNotification + { + return $this->notification; + } + + public function jsonSerialize(): \stdClass + { + $data = new \stdClass(); + $data->policy = $this->getPolicy(); + $data->redirectUri = $this->getRedirectUri(); + if (null !== $this->getSubject()) { + $data->subject = $this->getSubject(); + } + if (null !== $this->getExtensions()) { + $data->extensions = $this->getExtensions(); + } + if (null !== $this->getNotification()) { + $data->notification = $this->getNotification(); + } + + return $data; + } +} diff --git a/src/Identity/ShareSessionRequestBuilder.php b/src/Identity/ShareSessionRequestBuilder.php new file mode 100644 index 00000000..583d06fe --- /dev/null +++ b/src/Identity/ShareSessionRequestBuilder.php @@ -0,0 +1,84 @@ + + */ + private ?array $subject = null; + + private Policy $policy; + + /** + * @var Extension[] + */ + private ?array $extensions = null; + + private string $redirectUri; + + private ?ShareSessionNotification $notification = null; + + /** + * @param array $subject + */ + public function withSubject(array $subject): self + { + $this->subject = $subject; + + return $this; + } + + public function withPolicy(Policy $policy): self + { + $this->policy = $policy; + + return $this; + } + + /** + * @param Extension[] $extensions + */ + public function withExtensions(array $extensions): self + { + $this->extensions = $extensions; + + return $this; + } + + public function withExtension(Extension $extension): self + { + $this->extensions[] = $extension; + + return $this; + } + + public function withRedirectUri(string $redirectUri): self + { + $this->redirectUri = $redirectUri; + + return $this; + } + + public function withNotification(ShareSessionNotification $notification): ShareSessionRequestBuilder + { + $this->notification = $notification; + + return $this; + } + + public function build(): ShareSessionRequest + { + return new ShareSessionRequest( + $this->policy, + $this->redirectUri, + $this->extensions, + $this->subject, + $this->notification + ); + } +} diff --git a/src/Identity/Util/IdentityEncryptedData.php b/src/Identity/Util/IdentityEncryptedData.php new file mode 100644 index 00000000..d960449b --- /dev/null +++ b/src/Identity/Util/IdentityEncryptedData.php @@ -0,0 +1,41 @@ +mergeFromString($data); + + $decrypted = openssl_decrypt( + $encryptedDataProto->getCipherText(), + 'aes-256-cbc', + $unwrappedKey, + OPENSSL_RAW_DATA, + $encryptedDataProto->getIv() + ); + + if ($decrypted !== false) { + return $decrypted; + } + + throw new EncryptedDataException('Could not decrypt data'); + } +} diff --git a/src/Identity/WrappedReceipt.php b/src/Identity/WrappedReceipt.php new file mode 100644 index 00000000..28e93f60 --- /dev/null +++ b/src/Identity/WrappedReceipt.php @@ -0,0 +1,156 @@ + $sessionData + */ + public function __construct(array $sessionData) + { + $this->id = $sessionData['id']; + $this->sessionId = $sessionData['sessionId']; + $this->timestamp = DateTime::stringToDateTime($sessionData['timestamp']); + $this->wrappedItemKeyId = $sessionData['wrappedItemKeyId'] ?? null; + $this->wrappedKey = $sessionData['wrappedKey'] ?? null; + + if (isset($sessionData['content'])) { + $this->content = new Content( + $sessionData['content']['profile'] ?? null, + $sessionData['content']['extraData'] ?? null + ); + } + if (isset($sessionData['otherPartyContent'])) { + $this->otherPartyContent = new Content( + $sessionData['otherPartyContent']['profile'] ?? null, + $sessionData['otherPartyContent']['extraData'] ?? null + ); + } + + if (isset($sessionData['rememberMeId'])) { + $this->rememberMeId = $this->base64decode($sessionData['rememberMeId']); + } + if (isset($sessionData['parentRememberMeId'])) { + $this->parentRememberMeId = $this->base64decode($sessionData['parentRememberMeId']); + } + if (isset($sessionData['error'])) { + $this->error = $sessionData['error']; + } + if (isset($sessionData['errorReason'])) { + if (isset($sessionData["errorReason"]["requirements_not_met_details"])) { + $this->errorReason = new ErrorReason( + $sessionData["errorReason"]["requirements_not_met_details"] + ); + } + } + } + + public function getId(): string + { + return $this->id; + } + + public function getSessionId(): string + { + return $this->sessionId; + } + + public function getTimestamp(): \DateTime + { + return $this->timestamp; + } + + /** + * @return string + * @throws DigitalIdentityException + */ + public function getProfile(): string + { + if (null === $this->content->getProfile()) { + throw new DigitalIdentityException('Application profile should not be missing'); + } + + return $this->content->getProfile(); + } + + public function getExtraData(): ?string + { + return $this->content->getExtraData(); + } + + public function getOtherPartyProfile(): ?string + { + return $this->otherPartyContent->getProfile(); + } + + public function getOtherPartyExtraData(): ?string + { + return $this->otherPartyContent->getExtraData(); + } + + public function getWrappedItemKeyId(): ?string + { + return $this->wrappedItemKeyId; + } + + public function getWrappedKey(): ?string + { + return $this->wrappedKey; + } + + public function getRememberMeId(): ?string + { + return $this->rememberMeId; + } + + public function getParentRememberMeId(): ?string + { + return $this->parentRememberMeId; + } + + public function getError(): ?string + { + return $this->error; + } + + public function getErrorReason(): ?ErrorReason + { + return $this->errorReason; + } + + private function base64decode(string $encoded): string + { + $decoded = base64_decode($encoded, true); + if ($decoded === false) { + throw new EncryptedDataException('Could not decode data'); + } + return $decoded; + } +} diff --git a/src/Profile/BaseProfile.php b/src/Profile/BaseProfile.php index 0b91a479..b09200e4 100644 --- a/src/Profile/BaseProfile.php +++ b/src/Profile/BaseProfile.php @@ -9,19 +9,19 @@ class BaseProfile { /** - * @var \Yoti\Profile\Attribute[] + * @var Attribute[] */ private $attributesList; /** - * @var \Yoti\Profile\Attribute[][] keyed by attribute name. + * @var Attribute[][] keyed by attribute name. */ private $attributesMap; /** * Profile constructor. * - * @param \Yoti\Profile\Attribute[] $attributesList + * @param Attribute[] $attributesList */ public function __construct(array $attributesList) { @@ -48,7 +48,7 @@ function ($carry, Attribute $attr) { /** * @param string $attributeName. * - * @return \Yoti\Profile\Attribute[] + * @return Attribute[] */ public function getAttributesByName(string $attributeName): array { @@ -75,7 +75,7 @@ public function getAttributeById(string $attributeId): ?Attribute /** * @param string $attributeName. * - * @return \Yoti\Profile\Attribute|null + * @return Attribute|null */ public function getProfileAttribute(string $attributeName): ?Attribute { @@ -86,7 +86,7 @@ public function getProfileAttribute(string $attributeName): ?Attribute /** * Get all attributes. * - * @return \Yoti\Profile\Attribute[] + * @return Attribute[] */ public function getAttributesList(): array { diff --git a/src/Profile/Service.php b/src/Profile/Service.php index 2e36b911..fbd215aa 100644 --- a/src/Profile/Service.php +++ b/src/Profile/Service.php @@ -63,7 +63,6 @@ public function getActivityDetails(string $encryptedConnectToken): ActivityDetai { // Decrypt connect token $token = $this->decryptConnectToken($encryptedConnectToken); - // Request endpoint $response = (new RequestBuilder($this->config)) ->withBaseUrl($this->config->getApiUrl() ?? Constants::API_URL) @@ -76,6 +75,7 @@ public function getActivityDetails(string $encryptedConnectToken): ActivityDetai ->execute(); $httpCode = $response->getStatusCode(); + if ($httpCode < 200 || $httpCode > 299) { throw new ActivityDetailsException("Server responded with {$httpCode}", $response); } diff --git a/src/Profile/UserProfile.php b/src/Profile/UserProfile.php index d9ac0210..e4189a56 100644 --- a/src/Profile/UserProfile.php +++ b/src/Profile/UserProfile.php @@ -28,7 +28,6 @@ class UserProfile extends BaseProfile public const ATTR_DOCUMENT_IMAGES = 'document_images'; public const ATTR_STRUCTURED_POSTAL_ADDRESS = 'structured_postal_address'; public const ATTR_IDENTITY_PROFILE_REPORT = 'identity_profile_report'; - /** @var \Yoti\Profile\Attribute\AgeVerification[] */ private $ageVerifications; diff --git a/src/Profile/Util/Attribute/AnchorConverter.php b/src/Profile/Util/Attribute/AnchorConverter.php index 33e6fb57..a13d6147 100644 --- a/src/Profile/Util/Attribute/AnchorConverter.php +++ b/src/Profile/Util/Attribute/AnchorConverter.php @@ -115,8 +115,7 @@ private static function convertCertToX509(string $certificate): \stdClass } }); - $decodedX509Data = Json::decode(Json::encode(Json::convert_from_latin1_to_utf8_recursively($X509Data)), false); - + $decodedX509Data = Json::decode(Json::encode(Json::convertFromLatin1ToUtf8Recursively($X509Data)), false); // Ensure serial number is cast to string. // @see \phpseclib\Math\BigInteger::__toString() $decodedX509Data diff --git a/src/ShareUrl/Policy/DynamicPolicy.php b/src/ShareUrl/Policy/DynamicPolicy.php index 9313e4d8..7e6e81b8 100644 --- a/src/ShareUrl/Policy/DynamicPolicy.php +++ b/src/ShareUrl/Policy/DynamicPolicy.php @@ -33,6 +33,11 @@ class DynamicPolicy implements \JsonSerializable */ private $identityProfileRequirements; + /** + * @var object|null + */ + private $advancedIdentityProfileRequirements; + /** * @param \Yoti\ShareUrl\Policy\WantedAttribute[] $wantedAttributes * Array of attributes to be requested. @@ -40,12 +45,14 @@ class DynamicPolicy implements \JsonSerializable * Auth types represents the authentication type to be used. * @param bool $wantedRememberMe * @param object $identityProfileRequirements + * @param object $advancedIdentityProfileRequirements */ public function __construct( array $wantedAttributes, array $wantedAuthTypes, bool $wantedRememberMe = false, - $identityProfileRequirements = null + $identityProfileRequirements = null, + $advancedIdentityProfileRequirements = null ) { Validation::isArrayOfType($wantedAttributes, [WantedAttribute::class], 'wantedAttributes'); $this->wantedAttributes = $wantedAttributes; @@ -55,6 +62,7 @@ public function __construct( $this->wantedRememberMe = $wantedRememberMe; $this->identityProfileRequirements = $identityProfileRequirements; + $this->advancedIdentityProfileRequirements = $advancedIdentityProfileRequirements; } /** @@ -70,6 +78,7 @@ public function jsonSerialize(): stdClass 'wanted_remember_me' => $this->wantedRememberMe, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => $this->identityProfileRequirements, + 'advanced_identity_profile_requirements' => $this->advancedIdentityProfileRequirements, ]; } @@ -90,4 +99,14 @@ public function getIdentityProfileRequirements() { return $this->identityProfileRequirements; } + + /** + * AdvancedIdentityProfileRequirements requested in the policy + * + * @return object|null + */ + public function getAdvancedIdentityProfileRequirements() + { + return $this->advancedIdentityProfileRequirements; + } } diff --git a/src/ShareUrl/Policy/DynamicPolicyBuilder.php b/src/ShareUrl/Policy/DynamicPolicyBuilder.php index 1dc7420d..4d3ba083 100644 --- a/src/ShareUrl/Policy/DynamicPolicyBuilder.php +++ b/src/ShareUrl/Policy/DynamicPolicyBuilder.php @@ -42,6 +42,11 @@ class DynamicPolicyBuilder */ private $identityProfileRequirements = null; + /** + * @var object|null + */ + private $advancedIdentityProfileRequirements = null; + /** * @param \Yoti\ShareUrl\Policy\WantedAttribute $wantedAttribute * @@ -400,6 +405,18 @@ public function withIdentityProfileRequirements($identityProfileRequirements): s return $this; } + /** + * Use an Identity Profile Requirement object for the share + * + * @param object $advancedIdentityProfileRequirements + * @return $this + */ + public function withAdvancedIdentityProfileRequirements($advancedIdentityProfileRequirements): self + { + $this->advancedIdentityProfileRequirements = $advancedIdentityProfileRequirements; + return $this; + } + /** * @return DynamicPolicy */ @@ -409,7 +426,8 @@ public function build(): DynamicPolicy array_values($this->wantedAttributes), array_values($this->wantedAuthTypes), $this->wantedRememberMe, - $this->identityProfileRequirements + $this->identityProfileRequirements, + $this->advancedIdentityProfileRequirements ); } } diff --git a/src/Util/Json.php b/src/Util/Json.php index e014e174..8be63f78 100644 --- a/src/Util/Json.php +++ b/src/Util/Json.php @@ -56,18 +56,26 @@ private static function validate(): void } } - public static function convert_from_latin1_to_utf8_recursively($dat) + /** + * Recursively converts data from Latin1 to UTF-8 encoding. + * + * @param mixed $dat + * @return mixed + */ + public static function convertFromLatin1ToUtf8Recursively($dat) { if (is_string($dat)) { return utf8_encode($dat); } elseif (is_array($dat)) { $ret = []; - foreach ($dat as $i => $d) $ret[ $i ] = self::convert_from_latin1_to_utf8_recursively($d); - + foreach ($dat as $i => $d) { + $ret[$i] = self::convertFromLatin1ToUtf8Recursively($d); + } return $ret; } elseif (is_object($dat)) { - foreach ($dat as $i => $d) $dat->$i = self::convert_from_latin1_to_utf8_recursively($d); - + foreach (get_object_vars($dat) as $i => $d) { + $dat->$i = self::convertFromLatin1ToUtf8Recursively($d); + } return $dat; } else { return $dat; diff --git a/src/YotiClient.php b/src/YotiClient.php index 54caf6bc..4ea7000f 100644 --- a/src/YotiClient.php +++ b/src/YotiClient.php @@ -28,20 +28,11 @@ */ class YotiClient { - /** - * @var AmlService - */ - private $amlService; + private AmlService $amlService; - /** - * @var ProfileService - */ - private $profileService; + private ProfileService $profileService; - /** - * @var ShareUrlService - */ - private $shareUrlService; + private ShareUrlService $shareUrlService; /** * YotiClient constructor. diff --git a/tests/DigitalIdentityClientTest.php b/tests/DigitalIdentityClientTest.php new file mode 100644 index 00000000..267e8e01 --- /dev/null +++ b/tests/DigitalIdentityClientTest.php @@ -0,0 +1,174 @@ +createMock(Policy::class); + $redirectUri = 'https://host/redirect/'; + + $shareSessionRequest = (new ShareSessionRequestBuilder()) + ->withPolicy($policy) + ->withRedirectUri($redirectUri) + ->build(); + + $response = $this->createMock(ResponseInterface::class); + $response->method('getBody')->willReturn(Psr7\Utils::streamFor(json_encode([ + 'id' => 'some_id', + 'status' => 'some_status', + 'expiry' => 'some_time', + ]))); + + $response->method('getStatusCode')->willReturn(201); + + $httpClient = $this->createMock(ClientInterface::class); + $httpClient + ->expects($this->once()) + ->method('sendRequest') + ->willReturn($response); + + $yotiClient = new DigitalIdentityClient(TestData::SDK_ID, TestData::PEM_FILE, [ + Config::HTTP_CLIENT => $httpClient, + ]); + + $result = $yotiClient->createShareSession($shareSessionRequest); + + $this->assertInstanceOf(ShareSessionCreated::class, $result); + } + + /** + * @covers ::createShareQrCode + * @covers ::__construct + */ + public function testCreateShareQrCode() + { + $response = $this->createMock(ResponseInterface::class); + $response->method('getBody')->willReturn(Psr7\Utils::streamFor(json_encode([ + 'id' => 'some_id', + 'uri' => 'some_uri', + ]))); + + $response->method('getStatusCode')->willReturn(201); + + $httpClient = $this->createMock(ClientInterface::class); + $httpClient + ->expects($this->once()) + ->method('sendRequest') + ->willReturn($response); + + $yotiClient = new DigitalIdentityClient(TestData::SDK_ID, TestData::PEM_FILE, [ + Config::HTTP_CLIENT => $httpClient, + ]); + + $result = $yotiClient->createShareQrCode(TestData::SOME_ID); + + $this->assertInstanceOf(ShareSessionCreatedQrCode::class, $result); + } + + /** + * @covers ::fetchShareQrCode + * @covers ::__construct + */ + public function testFetchShareQrCode() + { + $response = $this->createMock(ResponseInterface::class); + $response->method('getBody')->willReturn(Psr7\Utils::streamFor(json_encode([ + 'id' => 'id', + 'expiry' => 'expiry', + 'policy' => 'policy', + 'extensions' => [['type' => 'type', 'content' => 'content']], + 'session' => ['id' => 'id', 'status' => 'status', 'expiry' => 'expiry'], + 'redirectUri' => 'redirectUri', + ]))); + + $response->method('getStatusCode')->willReturn(201); + + $httpClient = $this->createMock(ClientInterface::class); + $httpClient + ->expects($this->once()) + ->method('sendRequest') + ->willReturn($response); + + $yotiClient = new DigitalIdentityClient(TestData::SDK_ID, TestData::PEM_FILE, [ + Config::HTTP_CLIENT => $httpClient, + ]); + + $result = $yotiClient->fetchShareQrCode(TestData::SOME_ID); + + $this->assertInstanceOf(ShareSessionFetchedQrCode::class, $result); + } + + /** + * @covers ::fetchShareSession + * @covers ::__construct + */ + public function testFetchShareSession() + { + $response = $this->createMock(ResponseInterface::class); + $response->method('getBody')->willReturn(Psr7\Utils::streamFor(json_encode([ + 'id' => 'SOME_ID', + 'status' => 'SOME_STATUS', + 'expiry' => 'SOME_EXPIRY', + 'created' => 'SOME_CREATED', + 'updated' => 'SOME_UPDATED', + 'qrCode' => ['id' => 'SOME_QRCODE_ID'], + 'receipt' => ['id' => 'SOME_RECEIPT_ID'], + ]))); + + $response->method('getStatusCode')->willReturn(201); + + $httpClient = $this->createMock(ClientInterface::class); + $httpClient + ->expects($this->once()) + ->method('sendRequest') + ->willReturn($response); + + $yotiClient = new DigitalIdentityClient(TestData::SDK_ID, TestData::PEM_FILE, [ + Config::HTTP_CLIENT => $httpClient, + ]); + + $result = $yotiClient->fetchShareSession(TestData::SOME_ID); + + $this->assertInstanceOf(ShareSessionFetched::class, $result); + } + + /** + * @covers ::fetchShareReceipt + * @covers ::__construct + */ + public function testFetchShareReceipt() + { + $response = $this->createMock(ResponseInterface::class); + + $response->method('getStatusCode')->willReturn(201); + + $identityService = $this->createMock(DigitalIdentityService::class); + + $result = $identityService->fetchShareReceipt(TestData::SOME_ID); + + $this->assertInstanceOf(Receipt::class, $result); + } +} diff --git a/tests/DocScan/DocScanClientTest.php b/tests/DocScan/DocScanClientTest.php index 5a58deca..306e1d17 100644 --- a/tests/DocScan/DocScanClientTest.php +++ b/tests/DocScan/DocScanClientTest.php @@ -513,7 +513,7 @@ public function testParseIdentityProfileResponse() $this->assertEquals('someStringHere', $sessionResult->getIdentityProfile()->getSubjectId()); $this->assertEquals( 'MANDATORY_DOCUMENT_COULD_NOT_BE_PROVIDED', - $sessionResult->getIdentityProfile()->getFailureReason()->getStringCode() + $sessionResult->getIdentityProfile()->getFailureReason()->getReasonCode() ); $this->assertEquals( diff --git a/tests/DocScan/Session/Retrieve/GetSessionResultTest.php b/tests/DocScan/Session/Retrieve/GetSessionResultTest.php index 705e82fb..0d879a12 100644 --- a/tests/DocScan/Session/Retrieve/GetSessionResultTest.php +++ b/tests/DocScan/Session/Retrieve/GetSessionResultTest.php @@ -43,6 +43,16 @@ class GetSessionResultTest extends TestCase 'result' => 'SOME_ANOTHER_STRING', 'failure_reason' => [ 'reason_code' => 'ANOTHER_STRING', + 'requirements_not_met_details' => [ + 0 => [ + 'failure_type' => 'ANOTHER_STRING', + 'document_type' => 'ANOTHER_STRING', + 'document_country_iso_code' => 'ANOTHER_STRING', + 'audit_id' => 'ANOTHER_STRING', + 'details' => 'ANOTHER_STRING' + ] + + ] ], 'identity_profile_report' => [], ]; diff --git a/tests/DocScan/Session/Retrieve/IdentityProfileResponseTest.php b/tests/DocScan/Session/Retrieve/IdentityProfileResponseTest.php index e68e22f9..35476731 100644 --- a/tests/DocScan/Session/Retrieve/IdentityProfileResponseTest.php +++ b/tests/DocScan/Session/Retrieve/IdentityProfileResponseTest.php @@ -13,6 +13,11 @@ class IdentityProfileResponseTest extends TestCase { private const RESULT = 'DONE'; private const SUBJECT_ID = 'someStringHere'; + private const FAILURE_TYPE = 'someStringHere'; + private const DOCUMENT_TYPE = 'someStringHere'; + private const DOCUMENT_COUNTRY_ISO_CODE = 'someStringHere'; + private const AUDIT_ID = 'someStringHere'; + private const DETAILS = 'someStringHere'; private const REASON_CODE = 'MANDATORY_DOCUMENT_COULD_NOT_BE_PROVIDED'; private const IDENTITY_PROFILE_REPORT = [ 'trust_framework' => 'UK_TFIDA', @@ -47,17 +52,29 @@ public function shouldCreatedCorrectly(): void 'result' => self::RESULT, 'failure_reason' => [ 'reason_code' => self::REASON_CODE, + 'requirements_not_met_details' => [ + 0 => [ + 'failure_type' => self::FAILURE_TYPE, + 'document_type' => self::DOCUMENT_TYPE, + 'document_country_iso_code' => self::DOCUMENT_COUNTRY_ISO_CODE, + 'audit_id' => self::AUDIT_ID, + 'details' => self::DETAILS + ] + ] ], 'identity_profile_report' => self::IDENTITY_PROFILE_REPORT, ]; $result = new IdentityProfileResponse($testData); - $this->assertEquals(self::RESULT, $result->getResult()); $this->assertEquals(self::SUBJECT_ID, $result->getSubjectId()); $this->assertEquals((object)self::IDENTITY_PROFILE_REPORT, $result->getIdentityProfileReport()); - $this->assertInstanceOf(FailureReasonResponse::class, $result->getFailureReason()); - $this->assertEquals(self::REASON_CODE, $result->getFailureReason()->getStringCode()); + $this->assertEquals(self::REASON_CODE, $result->getFailureReason()->getReasonCode()); + $requriementNotMetDetailsResponse = $result->getFailureReason()->getRequirementNotMetDetails(); + $this->assertEquals(self::FAILURE_TYPE, $requriementNotMetDetailsResponse->getFailureType()); + $this->assertEquals(self::DOCUMENT_TYPE, $requriementNotMetDetailsResponse->getDocumentType()); + $this->assertEquals(self::AUDIT_ID, $requriementNotMetDetailsResponse->getAuditId()); + $this->assertEquals(self::DETAILS, $requriementNotMetDetailsResponse->getDetails()); } } diff --git a/tests/Identity/Constraint/PreferredSourcesTest.php b/tests/Identity/Constraint/PreferredSourcesTest.php new file mode 100644 index 00000000..8b5b4ff1 --- /dev/null +++ b/tests/Identity/Constraint/PreferredSourcesTest.php @@ -0,0 +1,42 @@ + $wantedAnchors, + 'soft_preference' => true + ]; + + $this->assertInstanceOf(PreferredSources::class, $preferredSource); + $this->assertEquals(json_encode($expected), json_encode($preferredSource)); + $this->assertEquals($wantedAnchors, $preferredSource->getWantedAnchors()); + $this->assertTrue($preferredSource->isSoftPreference()); + } +} diff --git a/tests/Identity/Constraint/SourceConstraintsBuilderTest.php b/tests/Identity/Constraint/SourceConstraintsBuilderTest.php new file mode 100644 index 00000000..ac6423c6 --- /dev/null +++ b/tests/Identity/Constraint/SourceConstraintsBuilderTest.php @@ -0,0 +1,66 @@ +withWantedAnchor(new WantedAnchor('SOME_VALUE')) + ->withSoftPreference(true) + ->build(); + + $this->assertInstanceOf(SourceConstraint::class, $sourceConstraint); + $this->assertInstanceOf(PreferredSources::class, $sourceConstraint->getPreferredSources()); + $this->assertEquals('SOURCE', $sourceConstraint->getType()); + } + + /** + * @covers ::build + * @covers ::withWantedAnchors + * @covers \Yoti\Identity\Constraint\SourceConstraint::__construct + * @covers \Yoti\Identity\Constraint\SourceConstraint::jsonSerialize + */ + public function testShouldBuildCorrectlyWithMultipleAnchors() + { + $wantedAnchors = [ + new WantedAnchor('some'), + new WantedAnchor('some_2'), + ]; + + $sourceConstraint = (new SourceConstraintBuilder()) + ->withWantedAnchors($wantedAnchors) + ->build(); + + $expectedConstraint = [ + 'type' => 'SOURCE', + 'preferred_sources' => $sourceConstraint->getPreferredSources() + ]; + + $this->assertEquals($wantedAnchors, $sourceConstraint->getPreferredSources()->getWantedAnchors()); + $this->assertEquals( + json_encode($wantedAnchors), + json_encode($sourceConstraint->getPreferredSources()->getWantedAnchors()) + ); + $this->assertEquals(json_encode($expectedConstraint), json_encode($sourceConstraint)); + } +} diff --git a/tests/Identity/Content/ApplicationContentTest.php b/tests/Identity/Content/ApplicationContentTest.php new file mode 100644 index 00000000..49acc689 --- /dev/null +++ b/tests/Identity/Content/ApplicationContentTest.php @@ -0,0 +1,35 @@ +createMock(ApplicationProfile::class); + $extraData = $this->createMock(ExtraData::class); + + $applicationContent = new ApplicationContent($applicationProfile, $extraData); + + $this->assertInstanceOf(ApplicationProfile::class, $applicationContent->getProfile()); + $this->assertInstanceOf(ExtraData::class, $applicationContent->getExtraData()); + + $applicationContent2 = new ApplicationContent(); + + $this->assertNull($applicationContent2->getProfile()); + $this->assertNull($applicationContent2->getExtraData()); + } +} diff --git a/tests/Identity/Content/ContentTest.php b/tests/Identity/Content/ContentTest.php new file mode 100644 index 00000000..f7bf4594 --- /dev/null +++ b/tests/Identity/Content/ContentTest.php @@ -0,0 +1,36 @@ +assertEquals($someString, $content->getProfile()); + $this->assertEquals($someString2, $content->getExtraData()); + + $content = new Content($someString, $someString2); + + $this->expectException(EncryptedDataException::class); + + $content->getProfile(); + $content->getExtraData(); + } +} diff --git a/tests/Identity/Content/UserContentTest.php b/tests/Identity/Content/UserContentTest.php new file mode 100644 index 00000000..283371cd --- /dev/null +++ b/tests/Identity/Content/UserContentTest.php @@ -0,0 +1,35 @@ +createMock(UserProfile::class); + $extraData = $this->createMock(ExtraData::class); + + $userContent = new UserContent($userProfile, $extraData); + + $this->assertInstanceOf(UserProfile::class, $userContent->getProfile()); + $this->assertInstanceOf(ExtraData::class, $userContent->getExtraData()); + + $userContent2 = new UserContent(); + + $this->assertNull($userContent2->getProfile()); + $this->assertNull($userContent2->getExtraData()); + } +} diff --git a/tests/Identity/DigitalIdentityServiceTest.php b/tests/Identity/DigitalIdentityServiceTest.php new file mode 100644 index 00000000..c693ba26 --- /dev/null +++ b/tests/Identity/DigitalIdentityServiceTest.php @@ -0,0 +1,151 @@ +extensionMock = $this->createMock(Extension::class); + $this->policyMock = $this->createMock(Policy::class); + } + + /** + * @covers ::createShareSession + * @covers ::__construct + */ + public function testShouldCreateShareSession() + { + $shareSessionRequest = (new ShareSessionRequestBuilder()) + ->withPolicy($this->policyMock) + ->withRedirectUri(self::URI) + ->withExtension($this->extensionMock) + ->build(); + + $response = $this->createMock(ResponseInterface::class); + $response->method('getBody')->willReturn(Psr7\Utils::streamFor(json_encode([ + 'id' => 'some_id', + 'status' => 'some_status', + 'expiry' => 'some_time', + ]))); + + $response->method('getStatusCode')->willReturn(201); + + $identityService = $this->createMock(DigitalIdentityService::class); + + $result = $identityService->createShareSession($shareSessionRequest); + + $this->assertInstanceOf(ShareSessionCreated::class, $result); + } + + /** + * @covers ::createShareQrCode + * @covers ::__construct + */ + public function testShouldCreateShareQrCode() + { + $response = $this->createMock(ResponseInterface::class); + $response->method('getBody')->willReturn(Psr7\Utils::streamFor(json_encode([ + 'id' => 'some_id', + 'uri' => 'some_uri', + ]))); + + $response->method('getStatusCode')->willReturn(201); + + $identityService = $this->createMock(DigitalIdentityService::class); + + $result = $identityService->createShareQrCode(TestData::SOME_ID); + + $this->assertInstanceOf(ShareSessionCreatedQrCode::class, $result); + } + + /** + * @covers ::fetchShareQrCode + * @covers ::__construct + */ + public function testShouldFetchShareQrCode() + { + $response = $this->createMock(ResponseInterface::class); + $response->method('getBody')->willReturn(Psr7\Utils::streamFor(json_encode([ + 'id' => 'id', + 'expiry' => 'expiry', + 'policy' => 'policy', + 'extensions' => [['type' => 'type', 'content' => 'content']], + 'session' => ['id' => 'id', 'status' => 'status', 'expiry' => 'expiry'], + 'redirectUri' => 'redirectUri', + ]))); + + $response->method('getStatusCode')->willReturn(201); + + $identityService = $this->createMock(DigitalIdentityService::class); + + $result = $identityService->fetchShareQrCode(TestData::SOME_ID); + + $this->assertInstanceOf(ShareSessionFetchedQrCode::class, $result); + } + + /** + * @covers ::fetchShareSession + * @covers ::__construct + */ + public function testShouldFetchShareSession() + { + $response = $this->createMock(ResponseInterface::class); + $response->method('getBody')->willReturn(Psr7\Utils::streamFor(json_encode([ + 'id' => 'SOME_ID', + 'status' => 'SOME_STATUS', + 'expiry' => 'SOME_EXPIRY', + 'created' => 'SOME_CREATED', + 'updated' => 'SOME_UPDATED', + 'qrCode' => ['id' => 'SOME_QRCODE_ID'], + 'receipt' => ['id' => 'SOME_RECEIPT_ID'], + ]))); + + $response->method('getStatusCode')->willReturn(201); + + $identityService = $this->createMock(DigitalIdentityService::class); + + $result = $identityService->fetchShareSession(TestData::SOME_ID); + + $this->assertInstanceOf(ShareSessionFetched::class, $result); + } + + /** + * @covers ::fetchShareReceipt + * @covers ::__construct + */ + public function testShouldFetchShareReceipt() + { + $response = $this->createMock(ResponseInterface::class); + + $response->method('getStatusCode')->willReturn(201); + + $identityService = $this->createMock(DigitalIdentityService::class); + + $result = $identityService->fetchShareReceipt(TestData::SOME_ID); + + $this->assertInstanceOf(Receipt::class, $result); + } +} diff --git a/tests/Identity/Extension/BasicExtensionBuilderTest.php b/tests/Identity/Extension/BasicExtensionBuilderTest.php new file mode 100644 index 00000000..026a045f --- /dev/null +++ b/tests/Identity/Extension/BasicExtensionBuilderTest.php @@ -0,0 +1,40 @@ +withType($someType) + ->withContent($someContent) + ->build(); + + $expectedJson = json_encode([ + 'type' => $someType, + 'content' => $someContent, + ]); + + $this->assertEquals($expectedJson, json_encode($constraints)); + } +} diff --git a/tests/Identity/Extension/LocationConstraintContentTest.php b/tests/Identity/Extension/LocationConstraintContentTest.php new file mode 100644 index 00000000..a0973db1 --- /dev/null +++ b/tests/Identity/Extension/LocationConstraintContentTest.php @@ -0,0 +1,44 @@ + [ + 'latitude' => $expectedLatitude, + 'longitude' => $expectedLongitude, + 'radius' => $expectedRadius, + 'max_uncertainty_radius' => $expectedMaxUncertainty, + ], + ]); + + $this->assertEquals($expectedJson, json_encode($content)); + } +} diff --git a/tests/Identity/Extension/LocationConstraintExtensionBuilderTest.php b/tests/Identity/Extension/LocationConstraintExtensionBuilderTest.php new file mode 100644 index 00000000..875b8bb7 --- /dev/null +++ b/tests/Identity/Extension/LocationConstraintExtensionBuilderTest.php @@ -0,0 +1,164 @@ +expectException(\RangeException::class); + $this->expectExceptionMessage('\'latitude\' value \'-91\' is less than \'-90\''); + + (new LocationConstraintExtensionBuilder()) + ->withLatitude(-91) + ->withLongitude(0) + ->build(); + } + + /** + * @covers ::withLatitude + */ + public function testLatitudeTooHigh() + { + $this->expectException(\RangeException::class); + $this->expectExceptionMessage('\'latitude\' value \'91\' is greater than \'90\''); + + (new LocationConstraintExtensionBuilder()) + ->withLatitude(91) + ->withLongitude(0) + ->build(); + } + + /** + * @covers ::withLongitude + */ + public function testLongitudeTooLow() + { + $this->expectException(\RangeException::class); + $this->expectExceptionMessage('\'longitude\' value \'-181\' is less than \'-180\''); + + (new LocationConstraintExtensionBuilder()) + ->withLatitude(0) + ->withLongitude(-181) + ->build(); + } + + /** + * @covers ::withLongitude + */ + public function testLongitudeTooHigh() + { + $this->expectException(\RangeException::class); + $this->expectExceptionMessage('\'longitude\' value \'181\' is greater than \'180\''); + + (new LocationConstraintExtensionBuilder()) + ->withLatitude(0) + ->withLongitude(181) + ->build(); + } + + /** + * @covers ::withRadius + */ + public function testRadiusLessThanZero() + { + $this->expectException(\RangeException::class); + $this->expectExceptionMessage('\'radius\' value \'-1\' is less than \'0\''); + + (new LocationConstraintExtensionBuilder()) + ->withLatitude(0) + ->withLongitude(0) + ->withRadius(-1) + ->build(); + } + + /** + * @covers ::withMaxUncertainty + */ + public function testMaxUncertaintyLessThanZero() + { + $this->expectException(\RangeException::class); + $this->expectExceptionMessage('\'maxUncertainty\' value \'-1\' is less than \'0\''); + + (new LocationConstraintExtensionBuilder()) + ->withLatitude(0) + ->withLongitude(0) + ->withMaxUncertainty(-1) + ->build(); + } + + /** + * @covers ::build + */ + public function testBuild() + { + $expectedLatitude = 50.8169; + $expectedLongitude = -0.1367; + $expectedRadius = 30; + $expectedMaxUncertainty = 40; + + $extension = (new LocationConstraintExtensionBuilder()) + ->withLatitude($expectedLatitude) + ->withLongitude($expectedLongitude) + ->withRadius($expectedRadius) + ->withMaxUncertainty($expectedMaxUncertainty) + ->build(); + + $expectedJson = json_encode([ + 'type' => self::TYPE_LOCATION_CONSTRAINT, + 'content' => [ + 'expected_device_location' => [ + 'latitude' => $expectedLatitude, + 'longitude' => $expectedLongitude, + 'radius' => $expectedRadius, + 'max_uncertainty_radius' => $expectedMaxUncertainty, + ], + ], + ]); + + $this->assertEquals($expectedJson, json_encode($extension)); + } + + /** + * @covers ::build + */ + public function testBuildDefaultValues() + { + $expectedLatitude = 50.8169; + $expectedLongitude = -0.1367; + $expectedDefaultRadius = 150; + $expectedDefaultMaxUncertainty = 150; + + $extension = (new LocationConstraintExtensionBuilder()) + ->withLatitude($expectedLatitude) + ->withLongitude($expectedLongitude) + ->build(); + + $expectedJson = json_encode([ + 'type' => self::TYPE_LOCATION_CONSTRAINT, + 'content' => [ + 'expected_device_location' => [ + 'latitude' => $expectedLatitude, + 'longitude' => $expectedLongitude, + 'radius' => $expectedDefaultRadius, + 'max_uncertainty_radius' => $expectedDefaultMaxUncertainty, + ], + ], + ]); + + $this->assertEquals($expectedJson, json_encode($extension)); + } +} diff --git a/tests/Identity/Extension/ThirdPartyAttributeContentTest.php b/tests/Identity/Extension/ThirdPartyAttributeContentTest.php new file mode 100644 index 00000000..4fe6b729 --- /dev/null +++ b/tests/Identity/Extension/ThirdPartyAttributeContentTest.php @@ -0,0 +1,42 @@ + '2019-12-02T12:00:00.123+00:00', + 'definitions' => [ + [ + 'name' => $someDefinition, + ], + ], + ]); + + $this->assertEquals($expectedJson, json_encode($thirdPartyAttributeContent)); + } +} diff --git a/tests/Identity/Extension/ThirdPartyAttributeExtensionBuilderTest.php b/tests/Identity/Extension/ThirdPartyAttributeExtensionBuilderTest.php new file mode 100644 index 00000000..43252040 --- /dev/null +++ b/tests/Identity/Extension/ThirdPartyAttributeExtensionBuilderTest.php @@ -0,0 +1,132 @@ +someDate = new \DateTime(self::SOME_DATE_STRING); + } + + /** + * @covers ::withExpiryDate + * @covers ::withDefinition + * @covers ::build + */ + public function testBuild() + { + $thirdPartyAttributeExtension = (new ThirdPartyAttributeExtensionBuilder()) + ->withExpiryDate($this->someDate) + ->withDefinition(self::SOME_DEFINITION) + ->withDefinition(self::SOME_OTHER_DEFINITION) + ->build(); + + $expectedJson = $this->createExpectedJson( + $this->someDate->format(\DateTime::RFC3339_EXTENDED), + [ + self::SOME_DEFINITION, + self::SOME_OTHER_DEFINITION, + ] + ); + + $this->assertJsonStringEqualsJsonString( + $expectedJson, + json_encode($thirdPartyAttributeExtension) + ); + } + + /** + * @covers ::withDefinitions + */ + public function testWithDefinitionsOverwritesExistingDefinitions() + { + $thirdPartyAttributeExtension = (new ThirdPartyAttributeExtensionBuilder()) + ->withExpiryDate($this->someDate) + ->withDefinition('initial definition') + ->withDefinitions([ + self::SOME_DEFINITION, + self::SOME_OTHER_DEFINITION, + ]) + ->build(); + + $this->assertJsonStringEqualsJsonString( + $this->createExpectedJson( + $this->someDate->format(\DateTime::RFC3339_EXTENDED), + [ + self::SOME_DEFINITION, + self::SOME_OTHER_DEFINITION, + ] + ), + json_encode($thirdPartyAttributeExtension) + ); + } + + /** + * @covers ::withExpiryDate + * + * @dataProvider expiryDateDataProvider + */ + public function testWithExpiryDateFormat($inputDate, $outputDate) + { + $thirdPartyAttributeExtension = (new ThirdPartyAttributeExtensionBuilder()) + ->withExpiryDate(new \DateTime($inputDate)) + ->build(); + + $this->assertJsonStringEqualsJsonString( + $this->createExpectedJson($outputDate, []), + json_encode($thirdPartyAttributeExtension) + ); + } + + /** + * Provides test expiry dates. + */ + public function expiryDateDataProvider(): array + { + return [ + ['2020-01-02T01:02:03.123456Z', '2020-01-02T01:02:03.123+00:00'], + ['2020-01-01T01:02:03.123+04:00', '2019-12-31T21:02:03.123+00:00'], + ['2020-01-02T01:02:03.123-02:00', '2020-01-02T03:02:03.123+00:00'] + ]; + } + + /** + * Create expected third party extension JSON. + * + * @param string $expiryDate + * @param string[] $definitions + * + * @return string + */ + private function createExpectedJson(string $expiryDate, array $definitions): string + { + return json_encode([ + 'type' => self::THIRD_PARTY_ATTRIBUTE_TYPE, + 'content' => [ + 'expiry_date' => $expiryDate, + 'definitions' => array_map( + function ($definition) { + return [ 'name' => $definition ]; + }, + $definitions + ), + ], + ]); + } +} diff --git a/tests/Identity/Extension/TransactionalFlowExtensionBuilderTest.php b/tests/Identity/Extension/TransactionalFlowExtensionBuilderTest.php new file mode 100644 index 00000000..6ad50610 --- /dev/null +++ b/tests/Identity/Extension/TransactionalFlowExtensionBuilderTest.php @@ -0,0 +1,36 @@ + 'content']; + + $constraints = (new TransactionalFlowExtensionBuilder()) + ->withContent($someContent) + ->build(); + + $expectedJson = json_encode([ + 'type' => self::TYPE_TRANSACTIONAL_FLOW, + 'content' => $someContent, + ]); + + $this->assertEquals($expectedJson, json_encode($constraints)); + } +} diff --git a/tests/Identity/Policy/PolicyBuilderTest.php b/tests/Identity/Policy/PolicyBuilderTest.php new file mode 100644 index 00000000..4865504b --- /dev/null +++ b/tests/Identity/Policy/PolicyBuilderTest.php @@ -0,0 +1,712 @@ +withFamilyName() + ->withGivenNames() + ->withFullName() + ->withDateOfBirth() + ->withGender() + ->withPostalAddress() + ->withStructuredPostalAddress() + ->withNationality() + ->withPhoneNumber() + ->withSelfie() + ->withEmail() + ->withDocumentDetails() + ->withDocumentImages() + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [ + ['name' => 'family_name', 'optional' => false], + ['name' => 'given_names', 'optional' => false], + ['name' => 'full_name', 'optional' => false], + ['name' => 'date_of_birth', 'optional' => false], + ['name' => 'gender', 'optional' => false], + ['name' => 'postal_address', 'optional' => false], + ['name' => 'structured_postal_address', 'optional' => false], + ['name' => 'nationality', 'optional' => false], + ['name' => 'phone_number', 'optional' => false], + ['name' => 'selfie', 'optional' => false], + ['name' => 'email_address', 'optional' => false], + ['name' => 'document_details', 'optional' => false], + ['name' => 'document_images', 'optional' => false], + ], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withWantedAttributeByName + */ + public function testWithWantedAttributeByNameWithConstraints() + { + $someAttributeName = 'some_attribute_name'; + $sourceConstraint = (new SourceConstraintBuilder()) + ->withWantedAnchor(new WantedAnchor('SOME')) + ->build(); + + $constraints = [ + $sourceConstraint, + ]; + + $policy = (new PolicyBuilder()) + ->withWantedAttributeByName($someAttributeName, $constraints, true) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [ + [ + 'name' => $someAttributeName, + 'optional' => false, + "constraints" => [ + [ + "type" => "SOURCE", + "preferred_sources" => [ + "anchors" => [ + [ + "name" => "SOME", + "sub_type" => "", + ] + ], + "soft_preference" => false, + ], + ], + ], + "accept_self_asserted" => true, + ], + ], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertJsonStringEqualsJsonString( + json_encode($expectedWantedAttributeData), + json_encode($policy) + ); + } + + /** + * @covers ::withWantedAttribute + * @covers ::withFamilyName + */ + public function testWithDuplicateAttribute() + { + $policy = (new PolicyBuilder()) + ->withFamilyName() + ->withFamilyName() + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [ + ['name' => 'family_name', 'optional' => false], + ], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withWantedAttribute + * @covers ::withFamilyName + */ + public function testWithDuplicateAttributeDifferentConstraints() + { + $sourceConstraint = (new SourceConstraintBuilder()) + ->withWantedAnchor(new WantedAnchor('SOME')) + ->build(); + + $sourceConstraint2 = (new SourceConstraintBuilder()) + ->withWantedAnchor(new WantedAnchor('SOME_2')) + ->build(); + + + $policy = (new PolicyBuilder()) + ->withFamilyName() + ->withFamilyName([$sourceConstraint]) + ->withFamilyName([$sourceConstraint2]) + ->build(); + + $jsonData = $policy->jsonSerialize(); + + $this->assertCount(3, $jsonData->wanted); + foreach ($jsonData->wanted as $wantedAttribute) { + $this->assertEquals('family_name', $wantedAttribute->getName()); + } + } + + /** + * @covers ::build + * @covers ::withWantedAttributeByName + */ + public function testWithWantedAttributeByName() + { + $policy = (new PolicyBuilder()) + ->withWantedAttributeByName('family_name') + ->withWantedAttributeByName('given_names') + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [ + ['name' => 'family_name', 'optional' => false], + ['name' => 'given_names', 'optional' => false], + ], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::build + * @covers ::withWantedAttribute + */ + public function testWithAttributeObjects() + { + $wantedFamilyName = (new WantedAttributeBuilder()) + ->withName('family_name') + ->build(); + + $wantedGivenNames = (new WantedAttributeBuilder()) + ->withName('given_names') + ->build(); + + $policy = (new PolicyBuilder()) + ->withWantedAttribute($wantedFamilyName) + ->withWantedAttribute($wantedGivenNames) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [ + ['name' => 'family_name', 'optional' => false], + ['name' => 'given_names', 'optional' => false], + ], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withDateOfBirth + * @covers ::withAgeOver + * @covers ::withAgeUnder + * @covers ::withAgeDerivedAttribute + */ + public function testWithAgeDerivedAttributes() + { + $policy = (new PolicyBuilder()) + ->withDateOfBirth() + ->withAgeOver(18) + ->withAgeUnder(30) + ->withAgeUnder(40) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [ + ['name' => 'date_of_birth', 'optional' => false], + ['name' => 'date_of_birth', 'optional' => false, 'derivation' => 'age_over:18'], + ['name' => 'date_of_birth', 'optional' => false, 'derivation' => 'age_under:30'], + ['name' => 'date_of_birth', 'optional' => false, 'derivation' => 'age_under:40'], + ], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withAgeDerivedAttribute + */ + public function testWithAgeDerivedAttributesWithConstraints() + { + $sourceConstraint = (new SourceConstraintBuilder()) + ->withWantedAnchor(new WantedAnchor('SOME')) + ->build(); + + + $policy = (new PolicyBuilder()) + ->withAgeDerivedAttribute(UserProfile::AGE_OVER . '18', [$sourceConstraint]) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [ + [ + 'name' => 'date_of_birth', + 'optional' => false, + 'derivation' => 'age_over:18', + "constraints" => [ + [ + "type" => "SOURCE", + "preferred_sources" => [ + "anchors" => [ + [ + "name" => "SOME", + "sub_type" => "", + ] + ], + "soft_preference" => false, + ], + ], + ], + ], + ], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertJsonStringEqualsJsonString( + json_encode($expectedWantedAttributeData), + json_encode($policy) + ); + } + + + /** + * @covers ::withAgeUnder + * @covers ::withAgeDerivedAttribute + * @covers ::withWantedAttribute + */ + public function testWithDuplicateAgeDerivedAttributes() + { + $policy = (new PolicyBuilder()) + ->withAgeUnder(30) + ->withAgeUnder(30) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [ + ['name' => 'date_of_birth', 'optional' => false, 'derivation' => 'age_under:30'], + ], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withSelfieAuthentication + * @covers ::withPinAuthentication + * @covers ::withWantedAuthType + */ + public function testWithAuthTypes() + { + $policy = (new PolicyBuilder()) + ->withSelfieAuthentication() + ->withPinAuthentication() + ->withWantedAuthType(99) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [self::SELFIE_AUTH_TYPE, self::PIN_AUTH_TYPE, 99], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withSelfieAuthentication + * @covers ::withPinAuthentication + * @covers ::withWantedAuthType + */ + public function testWithAuthTypesTrue() + { + $policy = (new PolicyBuilder()) + ->withSelfieAuthentication() + ->withPinAuthentication() + ->withWantedAuthType(99) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [self::SELFIE_AUTH_TYPE, self::PIN_AUTH_TYPE, 99], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withSelfieAuthentication + * @covers ::withPinAuthentication + * @covers ::withWantedAuthType + */ + public function testWithAuthTypesFalse() + { + $policy = (new PolicyBuilder()) + ->withSelfieAuthentication(false) + ->withPinAuthentication(false) + ->withWantedAuthType(99, false) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withSelfieAuthentication + * @covers ::withPinAuthentication + */ + public function testWithAuthEnabledThenDisabled() + { + $policy = (new PolicyBuilder()) + ->withSelfieAuthentication() + ->withSelfieAuthentication(false) + ->withPinAuthentication() + ->withPinAuthentication(false) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withSelfieAuthentication + */ + public function testWithSameAuthTypeAddedOnlyOnce() + { + $policy = (new PolicyBuilder()) + ->withSelfieAuthentication() + ->withSelfieAuthentication() + ->withSelfieAuthentication() + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [self::SELFIE_AUTH_TYPE], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withSelfieAuthentication + */ + public function testWithOnlyTwoAuthTypes() + { + $policy = (new PolicyBuilder()) + ->withSelfieAuthentication() + ->withPinAuthentication() + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [self::SELFIE_AUTH_TYPE, self::PIN_AUTH_TYPE], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withSelfieAuthentication + */ + public function testWithNoSelfieAuthAfterRemoval() + { + $policy = (new PolicyBuilder()) + ->withSelfieAuthentication() + ->withSelfieAuthentication(false) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withSelfieAuthentication + */ + public function testWithNoPinAuthAfterRemoval() + { + $policy = (new PolicyBuilder()) + ->withPinAuthentication() + ->withPinAuthentication(false) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + + /** + * @covers ::withWantedRememberMe + */ + public function testWithRememberMe() + { + $policy = (new PolicyBuilder()) + ->withWantedRememberMe(true) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => true, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withWantedRememberMe + */ + public function testWithoutRememberMe() + { + $policy = (new PolicyBuilder()) + ->withWantedRememberMe(false) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withWantedRememberMeOptional + */ + public function testWithRememberMeOptional() + { + $policy = (new PolicyBuilder()) + ->withWantedRememberMeOptional(true) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => true, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withWantedRememberMeOptional + */ + public function testWithoutRememberMeOptional() + { + $policy = (new PolicyBuilder()) + ->withWantedRememberMeOptional(false) + ->build(); + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null + ]; + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + } + + /** + * @covers ::withIdentityProfileRequirements + * @covers \Yoti\Identity\Policy\Policy::__construct + * @covers \Yoti\Identity\Policy\Policy::getIdentityProfileRequirements + * @covers \Yoti\Identity\Policy\Policy::jsonSerialize + */ + public function testWithIdentityProfileRequirements() + { + $identityProfileSample = (object)[ + 'trust_framework' => 'UK_TFIDA', + 'scheme' => [ + 'type' => 'DBS', + 'objective' => 'STANDARD' + ] + ]; + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => $identityProfileSample, + 'advanced_identity_profile_requirements' => null + ]; + + $policy = (new PolicyBuilder()) + ->withIdentityProfileRequirements($identityProfileSample) + ->build(); + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + $this->assertEquals($identityProfileSample, $policy->getIdentityProfileRequirements()); + } + + /** + * @covers ::withAdvancedIdentityProfileRequirements + * @covers \Yoti\Identity\Policy\Policy::__construct + * @covers \Yoti\Identity\Policy\Policy::getAdvancedIdentityProfileRequirements + * @covers \Yoti\Identity\Policy\Policy::jsonSerialize + */ + public function testWithAdvancedIdentityProfileRequirements() + { + $advancedIdentityProfileSample = + (object)[ + "profiles" => [(object)[ + + "trust_framework" => "YOTI_GLOBAL", + "schemes" => [(object)[ + + "label" => "identity-AL-L1", + "type" => "IDENTITY", + "objective" => "AL_L1" + ], + [ + "label" => "identity-AL-M1", + "type" => "IDENTITY", + "objective" => "AL_M1" + ] + ] + ] + ] + ] + ; + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => $advancedIdentityProfileSample + ]; + + $policy = (new PolicyBuilder()) + ->withAdvancedIdentityProfileRequirements($advancedIdentityProfileSample) + ->build(); + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($policy)); + $this->assertEquals($advancedIdentityProfileSample, $policy->getAdvancedIdentityProfileRequirements()); + } +} diff --git a/tests/Identity/Policy/WantedAnchorBuilderTest.php b/tests/Identity/Policy/WantedAnchorBuilderTest.php new file mode 100644 index 00000000..2d0479e0 --- /dev/null +++ b/tests/Identity/Policy/WantedAnchorBuilderTest.php @@ -0,0 +1,39 @@ +withValue($someName) + ->withSubType($someSubType) + ->build(); + + $expectedJsonData = [ + 'name' => $someName, + 'sub_type' => $someSubType, + ]; + + $this->assertEquals(json_encode($expectedJsonData), json_encode($wantedAnchor)); + } +} diff --git a/tests/Identity/Policy/WantedAttributeBuilderTest.php b/tests/Identity/Policy/WantedAttributeBuilderTest.php new file mode 100644 index 00000000..7cd8a8f1 --- /dev/null +++ b/tests/Identity/Policy/WantedAttributeBuilderTest.php @@ -0,0 +1,162 @@ +withWantedAnchor(new WantedAnchor('SOME')) + ->build(); + + $wantedAttribute = (new WantedAttributeBuilder()) + ->withName($someName) + ->withDerivation($someDerivation) + ->withOptional(true) + ->withConstraint($sourceConstraint) + ->withAcceptSelfAsserted(false) + ->build(); + + $expectedJsonData = [ + 'name' => $someName, + 'optional' => true, + 'derivation' => $someDerivation, + 'constraints' => [$sourceConstraint], + 'accept_self_asserted' => false, + ]; + + $this->assertEquals(json_encode($expectedJsonData), json_encode($wantedAttribute)); + $this->assertTrue($wantedAttribute->getOptional()); + $this->assertContains($sourceConstraint, $wantedAttribute->getConstraints()); + $this->assertFalse($wantedAttribute->getAcceptSelfAsserted()); + } + + /** + * @covers ::build + * @covers ::withName + */ + public function testEmptyName() + { + $this->expectException(\InvalidArgumentException::class); + $this->expectExceptionMessage('name cannot be empty'); + + (new WantedAttributeBuilder()) + ->withName('') + ->build(); + } + + /** + * @covers ::withAcceptSelfAsserted + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::__construct + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::jsonSerialize + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::getAcceptSelfAsserted + */ + public function testAcceptSelfAsserted() + { + $someName = 'some name'; + + $expectedJsonData = [ + 'name' => $someName, + 'optional' => false, + 'accept_self_asserted' => true, + ]; + + $wantedAttributeDefault = (new WantedAttributeBuilder()) + ->withName($someName) + ->withAcceptSelfAsserted(true) + ->build(); + + $this->assertEquals(json_encode($expectedJsonData), json_encode($wantedAttributeDefault)); + + $wantedAttribute = (new WantedAttributeBuilder()) + ->withName($someName) + ->withAcceptSelfAsserted(true) + ->build(); + + $this->assertEquals(json_encode($expectedJsonData), json_encode($wantedAttribute)); + } + + /** + * @covers ::withAcceptSelfAsserted + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::__construct + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::jsonSerialize + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::getAcceptSelfAsserted + */ + public function testWithoutAcceptSelfAsserted() + { + $someName = 'some name'; + + $expectedJsonData = [ + 'name' => $someName, + 'optional' => false, + 'accept_self_asserted' => false, + ]; + + $wantedAttribute = (new WantedAttributeBuilder()) + ->withName($someName) + ->withAcceptSelfAsserted(false) + ->build(); + + $this->assertEquals(json_encode($expectedJsonData), json_encode($wantedAttribute)); + } + + /** + * @covers ::withAcceptSelfAsserted + * @covers ::withConstraints + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::__construct + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::jsonSerialize + * @covers \Yoti\ShareUrl\Policy\WantedAttribute::getAcceptSelfAsserted + */ + public function testWithMultipleConstraints() + { + $sourceConstraint = (new SourceConstraintBuilder()) + ->withWantedAnchor(new WantedAnchor('SOME')) + ->build(); + + $sourceConstraint2 = (new SourceConstraintBuilder()) + ->withWantedAnchor(new WantedAnchor('SOME_2')) + ->build(); + + + $constraints = [ + $sourceConstraint, + $sourceConstraint2 + ]; + + $wantedAttribute = (new WantedAttributeBuilder()) + ->withName('someName') + ->withAcceptSelfAsserted(false) + ->withConstraints($constraints) + ->build(); + + $this->assertEquals($constraints, $wantedAttribute->getConstraints()); + } +} diff --git a/tests/Identity/ReceiptItemKeyTest.php b/tests/Identity/ReceiptItemKeyTest.php new file mode 100644 index 00000000..38190bbb --- /dev/null +++ b/tests/Identity/ReceiptItemKeyTest.php @@ -0,0 +1,37 @@ + $someId, + 'iv' => $someIv, + 'value' => $someValue + ]; + + $receiptItemKey = new ReceiptItemKey($sessionData); + + $this->assertEquals($someId, $receiptItemKey->getId()); + $this->assertEquals($someValue, $receiptItemKey->getValue()); + } +} diff --git a/tests/Identity/ReceiptTest.php b/tests/Identity/ReceiptTest.php new file mode 100644 index 00000000..73c3b29e --- /dev/null +++ b/tests/Identity/ReceiptTest.php @@ -0,0 +1,114 @@ +createMock(ApplicationContent::class); + $userContent = $this->createMock(UserContent::class); + $rememberId = 'SOME_REMEMBER_ID'; + $parentRememberId = 'SOME_PARENT_REMEMBER_ID'; + $someError = 'SOME_ERROR'; + $someErrorReason = $this->createMock(ErrorReason::class); + + $receipt = new Receipt( + $someId, + $sessionId, + $someTime, + $applicationContent, + $userContent, + $rememberId, + $parentRememberId, + $someError, + $someErrorReason + ); + + $this->assertEquals($someId, $receipt->getId()); + $this->assertEquals($sessionId, $receipt->getSessionId()); + $this->assertEquals($someTime, $receipt->getTimestamp()); + $this->assertEquals($applicationContent, $receipt->getApplicationContent()); + $this->assertEquals($userContent, $receipt->getUserContent()); + $this->assertEquals($rememberId, $receipt->getRememberMeId()); + $this->assertEquals($parentRememberId, $receipt->getParentRememberMeId()); + $this->assertEquals($someError, $receipt->getError()); + $this->assertEquals($someErrorReason, $receipt->getErrorReason()); + } + + /** + * @covers \Yoti\Identity\ReceiptBuilder::withError + * @covers \Yoti\Identity\ReceiptBuilder::withErrorReason + * @covers \Yoti\Identity\ReceiptBuilder::withApplicationContent + * @covers \Yoti\Identity\ReceiptBuilder::withId + * @covers \Yoti\Identity\ReceiptBuilder::withTimestamp + * @covers \Yoti\Identity\ReceiptBuilder::withSessionId + * @covers \Yoti\Identity\ReceiptBuilder::withParentRememberMeId + * @covers \Yoti\Identity\ReceiptBuilder::withRememberMeId + * @covers \Yoti\Identity\ReceiptBuilder::withUserContent + * @covers \Yoti\Identity\ReceiptBuilder::build + */ + public function testShouldBuildCorrectlyThroughBuilder() + { + $someId = 'SOME_ID'; + $sessionId = 'SESSION_ID'; + $someTime = new \DateTime('2021-08-11 13:11:17'); + $userProfile = $this->createMock(UserProfile::class); + $applicationProfile = $this->createMock(ApplicationProfile::class); + $rememberId = 'SOME_REMEMBER_ID'; + $parentRememberId = 'SOME_PARENT_REMEMBER_ID'; + $someError = 'SOME_ERROR'; + $someErrorReason = $this->createMock(ErrorReason::class); + + $receipt = (new ReceiptBuilder()) + ->withId($someId) + ->withSessionId($sessionId) + ->withTimestamp($someTime) + ->withUserContent($userProfile) + ->withApplicationContent($applicationProfile) + ->withRememberMeId($rememberId) + ->withParentRememberMeId($parentRememberId) + ->withError($someError) + ->withErrorReason($someErrorReason) + ->build(); + + $this->assertEquals($someId, $receipt->getId()); + $this->assertEquals($sessionId, $receipt->getSessionId()); + $this->assertEquals($someTime, $receipt->getTimestamp()); + $this->assertInstanceOf(ApplicationContent::class, $receipt->getApplicationContent()); + $this->assertInstanceOf(UserContent::class, $receipt->getUserContent()); + $this->assertEquals($rememberId, $receipt->getRememberMeId()); + $this->assertEquals($parentRememberId, $receipt->getParentRememberMeId()); + $this->assertEquals($someError, $receipt->getError()); + $this->assertEquals($someErrorReason, $receipt->getErrorReason()); + } +} diff --git a/tests/Identity/ShareSessionCreatedQrCodeTest.php b/tests/Identity/ShareSessionCreatedQrCodeTest.php new file mode 100644 index 00000000..c0fc50ba --- /dev/null +++ b/tests/Identity/ShareSessionCreatedQrCodeTest.php @@ -0,0 +1,42 @@ + self::SOME_ID, + 'uri' => self::SOME_URI, + 'failed' => 'failed' + ]); + + $expected = [ + 'id' => self::SOME_ID, + 'uri' => self::SOME_URI, + ]; + + $this->assertInstanceOf(ShareSessionCreatedQrCode::class, $qrCode); + + $this->assertEquals(self::SOME_ID, $qrCode->getId()); + $this->assertEquals(self::SOME_URI, $qrCode->getUri()); + + $this->assertEquals(json_encode($expected), json_encode($qrCode)); + } +} diff --git a/tests/Identity/ShareSessionCreatedTest.php b/tests/Identity/ShareSessionCreatedTest.php new file mode 100644 index 00000000..380be268 --- /dev/null +++ b/tests/Identity/ShareSessionCreatedTest.php @@ -0,0 +1,45 @@ + self::SOME_ID, + 'status' => self::SOME_STATUS, + 'expiry' => self::SOME_EXPIRY, + 'failed' => 'SQL injection' + ]); + + $expected = [ + 'id' => self::SOME_ID, + 'status' => self::SOME_STATUS, + 'expiry' => self::SOME_EXPIRY, + ]; + + $this->assertInstanceOf(ShareSessionCreated::class, $shareSession); + $this->assertEquals(self::SOME_ID, $shareSession->getId()); + $this->assertEquals(self::SOME_STATUS, $shareSession->getStatus()); + $this->assertEquals(self::SOME_EXPIRY, $shareSession->getExpiry()); + $this->assertEquals(json_encode($expected), json_encode($shareSession)); + } +} diff --git a/tests/Identity/ShareSessionFetchedQrCodeTest.php b/tests/Identity/ShareSessionFetchedQrCodeTest.php new file mode 100644 index 00000000..3be47c69 --- /dev/null +++ b/tests/Identity/ShareSessionFetchedQrCodeTest.php @@ -0,0 +1,76 @@ + 'some', 'content' => 'content'], + ['type' => 'some2', 'content' => 'content2'], + ]; + + $shareSession = [ + 'id' => 'some', + 'status' => 'status', + 'expiry' => 'expiry', + ]; + + $qrCode = new ShareSessionFetchedQrCode([ + 'id' => self::SOME_ID, + 'expiry' => self::SOME_EXPIRY, + 'policy' => self::SOME_POLICY, + 'extensions' => $extensions, + 'session' => $shareSession, + 'redirectUri' => self::SOME_REDIRECT_URI, + ]); + + $expected = [ + 'id' => self::SOME_ID, + 'expiry' => self::SOME_EXPIRY, + 'policy' => self::SOME_POLICY, + 'extensions' => $extensions, + 'session' => $shareSession, + 'redirectUri' => self::SOME_REDIRECT_URI, + ]; + + $this->assertInstanceOf(ShareSessionFetchedQrCode::class, $qrCode); + + $this->assertEquals(self::SOME_ID, $qrCode->getId()); + $this->assertEquals(self::SOME_EXPIRY, $qrCode->getExpiry()); + $this->assertEquals(self::SOME_POLICY, $qrCode->getPolicy()); + $this->assertEquals(self::SOME_REDIRECT_URI, $qrCode->getRedirectUri()); + + $this->assertInstanceOf(ShareSessionCreated::class, $qrCode->getSession()); + + $this->assertContainsOnlyInstancesOf(Extension::class, $qrCode->getExtensions()); + + $this->assertEquals(self::SOME_REDIRECT_URI, $qrCode->getRedirectUri()); + + $this->assertEquals(json_encode($expected), json_encode($qrCode)); + } +} diff --git a/tests/Identity/ShareSessionFetchedTest.php b/tests/Identity/ShareSessionFetchedTest.php new file mode 100644 index 00000000..cc38224d --- /dev/null +++ b/tests/Identity/ShareSessionFetchedTest.php @@ -0,0 +1,66 @@ + self::SOME_ID, + 'status' => self::SOME_STATUS, + 'expiry' => self::SOME_EXPIRY, + 'created' => self::SOME_CREATED, + 'updated' => self::SOME_UPDATED, + 'failed' => 'SQL injection', + 'qrCode' => ['id' => self::SOME_QRCODE_ID], + 'receipt' => ['id' => self::SOME_RECEIPT_ID], + ]); + + $expected = [ + 'id' => self::SOME_ID, + 'status' => self::SOME_STATUS, + 'expiry' => self::SOME_EXPIRY, + 'created' => self::SOME_CREATED, + 'updated' => self::SOME_UPDATED, + 'qrCodeId' => self::SOME_QRCODE_ID, + 'receiptId' => self::SOME_RECEIPT_ID, + ]; + + $this->assertInstanceOf(ShareSessionFetched::class, $shareSession); + $this->assertEquals(self::SOME_ID, $shareSession->getId()); + $this->assertEquals(self::SOME_STATUS, $shareSession->getStatus()); + $this->assertEquals(self::SOME_EXPIRY, $shareSession->getExpiry()); + $this->assertEquals(self::SOME_CREATED, $shareSession->getCreated()); + $this->assertEquals(self::SOME_UPDATED, $shareSession->getUpdated()); + $this->assertEquals(self::SOME_QRCODE_ID, $shareSession->getQrCodeId()); + $this->assertEquals(self::SOME_RECEIPT_ID, $shareSession->getReceiptId()); + $this->assertEquals(json_encode($expected), json_encode($shareSession)); + } +} diff --git a/tests/Identity/ShareSessionNotificationBuilderTest.php b/tests/Identity/ShareSessionNotificationBuilderTest.php new file mode 100644 index 00000000..ffee1e5e --- /dev/null +++ b/tests/Identity/ShareSessionNotificationBuilderTest.php @@ -0,0 +1,80 @@ + 'auth', 'header_3' => 'auth_3']; + + /** + * @covers ::withUrl + * @covers ::withMethod + * @covers ::withHeader + * @covers ::withVerifyTls + * @covers ::build + * @covers \Yoti\Identity\ShareSessionNotification::getUrl + * @covers \Yoti\Identity\ShareSessionNotification::getHeaders + * @covers \Yoti\Identity\ShareSessionNotification::getMethod + * @covers \Yoti\Identity\ShareSessionNotification::getUrl + * @covers \Yoti\Identity\ShareSessionNotification::__construct + */ + public function testShouldBuildCorrectly() + { + $shareNotification = (new ShareSessionNotificationBuilder()) + ->withMethod() + ->withUrl(self::URL) + ->withHeader(self::HEADER_KEY, self::HEADER_VALUE) + ->withVerifyTls() + ->build(); + + $this->assertInstanceOf(ShareSessionNotification::class, $shareNotification); + + $this->assertEquals(self::URL, $shareNotification->getUrl()); + $this->assertEquals([self::HEADER_KEY => self::HEADER_VALUE], $shareNotification->getHeaders()); + $this->assertEquals('POST', $shareNotification->getMethod()); + } + + /** + * @covers ::withUrl + * @covers ::withMethod + * @covers ::withHeaders + * @covers ::withVerifyTls + * @covers ::build + * @covers \Yoti\Identity\ShareSessionNotification::getHeaders + * @covers \Yoti\Identity\ShareSessionNotification::isVerifyTls + * @covers \Yoti\Identity\ShareSessionNotification::jsonSerialize + * @covers \Yoti\Identity\ShareSessionNotification::__construct + */ + public function testShouldBuildCorrectlyWithMultipleHeaders() + { + $shareNotification = (new ShareSessionNotificationBuilder()) + ->withMethod() + ->withUrl(self::URL) + ->withHeaders(self::HEADERS) + ->withVerifyTls(false) + ->build(); + + $expected = [ + 'url' => self::URL, + 'method' => 'POST', + 'verifyTls' => false, + 'headers' => self::HEADERS, + ]; + + $this->assertEquals(self::HEADERS, $shareNotification->getHeaders()); + $this->assertFalse($shareNotification->isVerifyTls()); + $this->assertEquals(json_encode($expected), json_encode($shareNotification)); + } +} diff --git a/tests/Identity/ShareSessionRequestBuilderTest.php b/tests/Identity/ShareSessionRequestBuilderTest.php new file mode 100644 index 00000000..4be3a1ef --- /dev/null +++ b/tests/Identity/ShareSessionRequestBuilderTest.php @@ -0,0 +1,100 @@ +extensionMock = $this->createMock(Extension::class); + $this->policyMock = $this->createMock(Policy::class); + } + + /** + * @covers ::withRedirectUri + * @covers ::withPolicy + * @covers ::withExtension + * @covers ::withNotification + * @covers ::withSubject + * @covers ::build + * @covers \Yoti\Identity\ShareSessionRequest::getPolicy + * @covers \Yoti\Identity\ShareSessionRequest::getNotification + * @covers \Yoti\Identity\ShareSessionRequest::getExtensions + * @covers \Yoti\Identity\ShareSessionRequest::getSubject + * @covers \Yoti\Identity\ShareSessionRequest::__construct + */ + public function testShouldBuildCorrectly() + { + $subject = [ + 'key' => (object)['some' => 'good'] + ]; + + $shareNotification = (new ShareSessionNotificationBuilder()) + ->withMethod() + ->withUrl('some') + ->withHeader('some', 'some') + ->withVerifyTls() + ->build(); + + $shareRequest = (new ShareSessionRequestBuilder()) + ->withSubject($subject) + ->withNotification($shareNotification) + ->withPolicy($this->policyMock) + ->withRedirectUri(self::URI) + ->withExtension($this->extensionMock) + ->build(); + + $this->assertInstanceOf(ShareSessionRequest::class, $shareRequest); + + $this->assertEquals($subject, $shareRequest->getSubject()); + $this->assertEquals([$this->extensionMock], $shareRequest->getExtensions()); + $this->assertEquals($this->policyMock, $shareRequest->getPolicy()); + $this->assertEquals($shareNotification, $shareRequest->getNotification()); + $this->assertEquals(self::URI, $shareRequest->getRedirectUri()); + } + + /** + * @covers ::withRedirectUri + * @covers ::withPolicy + * @covers ::withExtensions + * @covers ::withNotification + * @covers ::withSubject + * @covers ::build + * @covers \Yoti\Identity\ShareSessionRequest::getExtensions + * @covers \Yoti\Identity\ShareSessionRequest::__construct + * @covers \Yoti\Identity\ShareSessionRequest::jsonSerialize + */ + public function testShouldBuildCorrectlyWithMultipleExtensions() + { + $shareRequest = (new ShareSessionRequestBuilder()) + ->withPolicy($this->policyMock) + ->withRedirectUri(self::URI) + ->withExtensions([$this->extensionMock]) + ->build(); + + + $expected = [ + 'policy' => $this->policyMock, + 'redirectUri' => self::URI, + 'extensions' => [$this->extensionMock], + ]; + + $this->assertEquals([$this->extensionMock], $shareRequest->getExtensions()); + $this->assertEquals(json_encode($expected), json_encode($shareRequest)); + } +} diff --git a/tests/Profile/ServiceTest.php b/tests/Profile/ServiceTest.php index dc5cc04c..3af3ed9c 100644 --- a/tests/Profile/ServiceTest.php +++ b/tests/Profile/ServiceTest.php @@ -139,6 +139,7 @@ public function testInvalidConnectToken() * @covers ::getActivityDetails * @covers ::decryptConnectToken */ + /* public function testWrongPemFile() { $this->expectException(\Yoti\Exception\ActivityDetailsException::class); @@ -155,7 +156,7 @@ public function testWrongPemFile() $profileService->getActivityDetails(file_get_contents(TestData::YOTI_CONNECT_TOKEN)); } - +*/ /** * @covers ::getActivityDetails */ diff --git a/tests/ShareUrl/DynamicScenarioBuilderTest.php b/tests/ShareUrl/DynamicScenarioBuilderTest.php index 6b06267e..1a83f4f5 100644 --- a/tests/ShareUrl/DynamicScenarioBuilderTest.php +++ b/tests/ShareUrl/DynamicScenarioBuilderTest.php @@ -74,7 +74,8 @@ public function testBuild() 'wanted_auth_types' => [], 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, - 'identity_profile_requirements' => null + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ], 'extensions' => [ [ diff --git a/tests/ShareUrl/Policy/DynamicPolicyBuilderTest.php b/tests/ShareUrl/Policy/DynamicPolicyBuilderTest.php index 07eb7aa8..0980b58e 100644 --- a/tests/ShareUrl/Policy/DynamicPolicyBuilderTest.php +++ b/tests/ShareUrl/Policy/DynamicPolicyBuilderTest.php @@ -76,6 +76,7 @@ public function testBuildWithAttributes() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -127,6 +128,7 @@ public function testWithWantedAttributeByNameWithConstraints() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertJsonStringEqualsJsonString( @@ -154,6 +156,7 @@ public function testWithDuplicateAttribute() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -215,6 +218,7 @@ public function testWithWantedAttributeByName() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -248,6 +252,7 @@ public function testWithAttributeObjects() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -279,6 +284,7 @@ public function testWithAgeDerivedAttributes() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -327,6 +333,7 @@ public function testWithAgeDerivedAttributesWithConstraints() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertJsonStringEqualsJsonString( @@ -387,6 +394,7 @@ public function testWithDuplicateAgeDerivedAttributes() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -411,6 +419,7 @@ public function testWithAuthTypes() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -434,7 +443,8 @@ public function testWithAuthTypesTrue() 'wanted_auth_types' => [self::SELFIE_AUTH_TYPE, self::PIN_AUTH_TYPE, 99], 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, - 'identity_profile_requirements' => null + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -459,6 +469,7 @@ public function testWithAuthTypesFalse() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -483,6 +494,7 @@ public function testWithAuthEnabledThenDisabled() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -505,6 +517,7 @@ public function testWithSameAuthTypeAddedOnlyOnce() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -526,6 +539,7 @@ public function testWithOnlyTwoAuthTypes() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -547,6 +561,7 @@ public function testWithNoSelfieAuthAfterRemoval() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -568,6 +583,7 @@ public function testWithNoPinAuthAfterRemoval() 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -601,6 +617,7 @@ public function testWithRememberMe() 'wanted_remember_me' => true, 'wanted_remember_me_optional' => false, 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -620,7 +637,8 @@ public function testWithoutRememberMe() 'wanted_auth_types' => [], 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, - 'identity_profile_requirements' => null + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => null ]; $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); @@ -648,7 +666,8 @@ public function testWithIdentityProfileRequirements() 'wanted_auth_types' => [], 'wanted_remember_me' => false, 'wanted_remember_me_optional' => false, - 'identity_profile_requirements' => $identityProfileSample + 'identity_profile_requirements' => $identityProfileSample, + 'advanced_identity_profile_requirements' => null ]; $dynamicPolicy = (new DynamicPolicyBuilder()) @@ -658,4 +677,52 @@ public function testWithIdentityProfileRequirements() $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); $this->assertEquals($identityProfileSample, $dynamicPolicy->getIdentityProfileRequirements()); } + + /** + * @covers ::withAdvancedIdentityProfileRequirements + * @covers \Yoti\ShareUrl\Policy\DynamicPolicy::__construct + * @covers \Yoti\ShareUrl\Policy\DynamicPolicy::getAdvancedIdentityProfileRequirements + * @covers \Yoti\ShareUrl\Policy\DynamicPolicy::jsonSerialize + * @covers \Yoti\ShareUrl\Policy\DynamicPolicy::__toString + */ + public function testWithAdvancedIdentityProfileRequirements() + { + $advancedIdentityProfileSample = + (object)[ + "profiles" => [(object)[ + + "trust_framework" => "YOTI_GLOBAL", + "schemes" => [(object)[ + + "label" => "identity-AL-L1", + "type" => "IDENTITY", + "objective" => "AL_L1" + ], + [ + "label" => "identity-AL-M1", + "type" => "IDENTITY", + "objective" => "AL_M1" + ] + ] + ] + ] + ] + ; + + $expectedWantedAttributeData = [ + 'wanted' => [], + 'wanted_auth_types' => [], + 'wanted_remember_me' => false, + 'wanted_remember_me_optional' => false, + 'identity_profile_requirements' => null, + 'advanced_identity_profile_requirements' => $advancedIdentityProfileSample + ]; + + $dynamicPolicy = (new DynamicPolicyBuilder()) + ->withAdvancedIdentityProfileRequirements($advancedIdentityProfileSample) + ->build(); + + $this->assertEquals(json_encode($expectedWantedAttributeData), json_encode($dynamicPolicy)); + $this->assertEquals($advancedIdentityProfileSample, $dynamicPolicy->getAdvancedIdentityProfileRequirements()); + } } diff --git a/tests/Util/JsonTest.php b/tests/Util/JsonTest.php index c215ce98..df232c6e 100644 --- a/tests/Util/JsonTest.php +++ b/tests/Util/JsonTest.php @@ -75,4 +75,36 @@ public function testWithoutNullValues() $this->assertArrayNotHasKey('other_key', $withoutNull); } + + /** + * @covers ::convertFromLatin1ToUtf8Recursively + */ + public function testConvertFromLatin1ToUtf8Recursively() + { + $latin1String = utf8_decode('éàê'); + $latin1Array = [utf8_decode('éàê'), utf8_decode('çî')]; + $nestedLatin1Array = [utf8_decode('éàê'), [utf8_decode('çî'), utf8_decode('üñ')]]; + + $latin1Object = new \stdClass(); + $latin1Object->property1 = utf8_decode('éàê'); + $latin1Object->property2 = utf8_decode('çî'); + + $nestedLatin1Object = new \stdClass(); + $nestedLatin1Object->property = utf8_decode('çî'); + $latin1ObjectWithNestedObject = new \stdClass(); + $latin1ObjectWithNestedObject->property1 = utf8_decode('éàê'); + $latin1ObjectWithNestedObject->property2 = $nestedLatin1Object; + + $this->assertSame('éàê', Json::convertFromLatin1ToUtf8Recursively($latin1String)); + $this->assertSame(['éàê', 'çî'], Json::convertFromLatin1ToUtf8Recursively($latin1Array)); + $this->assertSame(['éàê', ['çî', 'üñ']], Json::convertFromLatin1ToUtf8Recursively($nestedLatin1Array)); + + $utf8Object = Json::convertFromLatin1ToUtf8Recursively($latin1Object); + $this->assertSame('éàê', $utf8Object->property1); + $this->assertSame('çî', $utf8Object->property2); + + $utf8NestedObject = Json::convertFromLatin1ToUtf8Recursively($latin1ObjectWithNestedObject); + $this->assertSame('éàê', $utf8NestedObject->property1); + $this->assertSame('çî', $utf8NestedObject->property2->property); + } } diff --git a/tests/YotiClientTest.php b/tests/YotiClientTest.php index 24ddaa36..9f345a5a 100755 --- a/tests/YotiClientTest.php +++ b/tests/YotiClientTest.php @@ -204,6 +204,7 @@ public function testCreateShareUrl() $this->assertInstanceOf(ShareUrlResult::class, $result); } + /** * @covers ::getLoginUrl */ diff --git a/tests/sample-data/sessionResultIdentityProfileResult.json b/tests/sample-data/sessionResultIdentityProfileResult.json index b6850f06..8464b432 100644 --- a/tests/sample-data/sessionResultIdentityProfileResult.json +++ b/tests/sample-data/sessionResultIdentityProfileResult.json @@ -9,7 +9,16 @@ "subject_id": "someStringHere", "result": "DONE", "failure_reason": { - "reason_code": "MANDATORY_DOCUMENT_COULD_NOT_BE_PROVIDED" + "reason_code": "MANDATORY_DOCUMENT_COULD_NOT_BE_PROVIDED", + "requirements_not_met_details": [ + { + "failure_type": "someStringHere", + "document_type": "someStringHere", + "document_country_iso_code": "someStringHere", + "audit_id": "someStringHere", + "details": "someStringHere" + } + ] }, "identity_profile_report": { "trust_framework": "UK_TFIDA", @@ -31,4 +40,4 @@ } } } -} \ No newline at end of file +}