How to set up e-signet in development purpose

montana.bae · August 14, 2023, 12:48am

I attached my request header and response heder below

And I’ll check the postman collection as you said

Thank you as always for kind and quick replies.

== Request header ===
Accept:
application/json, text/plain, /
Accept-Encoding:
gzip, deflate, br
Accept-Language:
ko,ko-KR;q=0.9,en-US;q=0.8,en;q=0.7
Connection:
keep-alive
Content-Length:
680
Content-Type:
application/json
Host:
localhost:8088
Origin:
http://localhost:3000
Referer:
http://localhost:3000/
Sec-Ch-Ua:
“Not/A)Brand”;v=“99”, “Google Chrome”;v=“115”, “Chromium”;v=“115”
Sec-Ch-Ua-Mobile:
?0
Sec-Ch-Ua-Platform:
“Windows”
Sec-Fetch-Dest:
empty
Sec-Fetch-Mode:
cors
Sec-Fetch-Site:
same-site
User-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36
X-Xsrf-Token:
8da4eae9-3246-4ed2-87b6-90f82ecd24ca

== Response Header ==
Access-Control-Allow-Origin:
*
Cache-Control:
no-cache, no-store, max-age=0, must-revalidate
Connection:
keep-alive
Content-Type:
application/json
Date:
Mon, 14 Aug 2023 00:37:07 GMT
Expires:
0
Keep-Alive:
timeout=60
Pragma:
no-cache
Set-Cookie:
XSRF-TOKEN=75ab4af6-644d-42bf-ac30-864f79bc20c6; Path=/
Transfer-Encoding:
chunked
Vary:
Access-Control-Request-Headers
Vary:
Access-Control-Request-Method
Vary:
Origin
X-Content-Type-Options:
nosniff
X-Frame-Options:
DENY
X-Xss-Protection:
1; mode=block

montana.bae · August 14, 2023, 9:08am

Hello @Anusha_sunkadh ,

I tested some of postman collections and attached the results,

Only some get method APIs and mock identity related APIs seems work,

Please take a look and let me know what I missed.

Best regards,

Get CSRF token API

result :
{
“token”: “4a2d832e-6b7f-42b2-a0de-562626ab64b7”,
“parameterName”: “_csrf”,
“headerName”: “X-XSRF-TOKEN”
}

Get JWKS API

result :
{
“keys”: [
{
“kty”: “RSA”,
“x5t#S256”: “QbxvJi_9x6aC7i9RvkbJDmrtkK4pF-EG2GzidM60-lU”,
“e”: “AQAB”,
“use”: “sig”,
“kid”: “YQjhzZV_aWnVtPzYNGLglP1f4CbB1E3kJVn4e-QyJk8”,
“x5c”: [
:
}
]
}

Get Mock Identity API

result :
{
“responseTime”: “2023-08-14T08:54:05.394Z”,
“response”: {
“individualId”: “8267411571”,
“pin”: “111111”,
“fullName”: [
{
“language”: “eng”,
“value”: “Siddharth K Mansour”
}
],
:
}

Create Mock Identity

result :
{
“responseTime”: “2023-08-14T08:55:37.102Z”,
“response”: {
“status”: “mock identity data created successfully”
},
“errors”:
}

Get Tokens

result :
{
“error”: “invalid_auth_code”,
“error_description”: “invalid_auth_code”
}

Authentication User

result :
{“responseTime”:“2023-08-14T08:57:42.677Z”,“response”:null,“errors”:[{“errorCode”:“invalid_transaction”,“errorMessage”:“invalid_transaction”}]}

Anusha_sunkadh · August 14, 2023, 12:34pm

Hi @montana.bae

Order of execution in postman script for OIDC flow (OTP based auth) is:

Get CSRF token API
Create identity (Only 1 time)
Create OIDC client (Only 1 time)
Authorize / OAuthdetails request
Send OTP
Authenticate user
Authorization Code
Get Tokens
Get Userinfo

montana.bae · August 15, 2023, 3:01am

Hi @Anusha_sunkadh

I followed the sequence above but still not working.

Create OIDC Client

result :
401 unauthorized error

test function also failed
Validate clientId | JSONError: No data, empty input at 1:1

Authorize / OAuthdeails request

result :
{
“responseTime”: “2023-08-14T21:23:33.820Z”,
“response”: null,
“errors”: [
{
“errorCode”: “invalid_client_id”,
“errorMessage”: “invalid_client_id”
}
]
}

montana.bae · August 16, 2023, 12:43am

Hi @Anusha_sunkadh ,

Below image is my postman environment variables after executing “Create OIDC Client”,

Please take a look,

Anusha_sunkadh · October 17, 2023, 8:51am

Hi @montana.bae ,

Sorry for the long delay. Can you please let us know if you are still facing the issue?

Based on the previous posts, it 401 error on “Create OIDC client”
can you confirm on the below properties

github.com

mosip/esignet/blob/develop/esignet-service/src/main/resources/application-local.properties#L28-L40


      
          mosip.esignet.security.auth.post-urls={}
          mosip.esignet.security.auth.put-urls={}
          mosip.esignet.security.auth.get-urls={}
          
          mosip.esignet.security.ignore-csrf-urls=${server.servlet.path}/oidc/**,${server.servlet.path}/oauth/**,\
            ${server.servlet.path}/actuator/**,/favicon.ico,${server.servlet.path}/error,\
            ${server.servlet.path}/swagger-ui/**,${server.servlet.path}/v3/api-docs/**,\
            ${server.servlet.path}/vci/**
          
          mosip.esignet.security.ignore-auth-urls=${server.servlet.path}/csrf/**,${server.servlet.path}/authorization/**,\
            ${server.servlet.path}/linked-authorization/**,${server.servlet.path}/oidc/**,${server.servlet.path}/oauth/**,\
            ${server.servlet.path}/actuator/**,/favicon.ico,${server.servlet.path}/error,${server.servlet.path}/swagger-ui/**,\
            ${server.servlet.path}/v3/api-docs/**,${server.servlet.path}/client-mgmt/**,${server.servlet.path}/vci/**

thanks & regards,
Anusha

Topic		Replies	Views
How to integrate esignet with Mosip IDA e-Signet	5	237	April 22, 2024
Setting up demo to test full system functionality	2	103	April 23, 2024
Esignet deployment guide Support	5	165	March 12, 2024
Questions on setting up test environment for esignet & mosip Support	9	194	August 19, 2024
Mosip deployment	13	439	January 8, 2024

How to set up e-signet in development purpose

Get CSRF token API

Get JWKS API

Get Mock Identity API

Create Mock Identity

Generate Link code

Get Tokens

Authentication User

Link auth code request

Create OIDC Client

Authorize / OAuthdeails request

How to set up e-signet in development purpose

Get CSRF token API

Get JWKS API

Get Mock Identity API

Create Mock Identity

Generate Link code

Get Tokens

Authentication User

Link auth code request

Create OIDC Client

Authorize / OAuthdeails request

Related topics