Skip to content

Commit

Permalink
Fix #907: Innovatrics DocumentVerificationProvider (#938)
Browse files Browse the repository at this point in the history 
* Fix #907: Innovatrics DocumentVerificationProvider

* Merge providers

* Do not check consistency of each attribute of a document
  • Loading branch information
@jnpsk
jnpsk authored Dec 14, 2023
1 parent ad8bf89 commit 34a30ab
Show file tree
Hide file tree
Showing 26 changed files with 1,568 additions and 179 deletions.
28 changes: 15 additions & 13 deletions docs/onboarding/Configuration-Properties.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,19 +137,21 @@ The Onboarding Server uses the following public configuration properties:

## Innovatrics Configuration

| Property | Default | Note |
|--------------------------------------------------------------------------------------------------|---------------------------|--------------------------------------------------------------------------------|
| `enrollment-server-onboarding.provider.innovatrics.serviceBaseUrl` | | Base REST service URL for Innovatrics. |
| `enrollment-server-onboarding.provider.innovatrics.serviceToken` | | Authentication token for Innovatrics. |
| `enrollment-server-onboarding.provider.innovatrics.serviceUserAgent` | `Wultra/OnboardingServer` | User agent to use when making HTTP calls to Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.presenceCheck.score` | 0.875 | Presence check minimal score threshold. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.acceptInvalidSslCertificate` | `false` | Whether invalid SSL certificate is accepted when calling Zen ID REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.maxInMemorySize` | `10485760` | Maximum in memory size of HTTP requests when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyEnabled` | `false` | Whether proxy server is enabled when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyHost` | | Proxy host to be used when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyPort` | 0 | Proxy port to be used when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyUsername` | | Proxy username to be used when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyPassword` | | Proxy password to be used when calling Innovatrics REST service. |
| Property | Default | Note |
|---------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `enrollment-server-onboarding.provider.innovatrics.serviceBaseUrl` | | Base REST service URL for Innovatrics. |
| `enrollment-server-onboarding.provider.innovatrics.serviceToken` | | Authentication token for Innovatrics. |
| `enrollment-server-onboarding.provider.innovatrics.serviceUserAgent` | `Wultra/OnboardingServer` | User agent to use when making HTTP calls to Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.presenceCheckConfiguration.score` | 0.875 | Presence check minimal score threshold. |
| `enrollment-server-onboarding.provider.innovatrics.documentVerificationConfiguration.documentCountries` | `CZE` | List of expected countries of issue of identification documents as three-letter country codes, i.e. ISO 3166-1 alpha-3. If empty, all countries of issue known to Innovatrics are considered during classification, which may have negative impact on performance. |
| `enrollment-server-onboarding.provider.innovatrics.document-verification-configuration.crucialFields` | `documentNumber`, `dateOfIssue`, `dateOfExpiry`, `surname`, `dateOfBirth`, `personalNumber`, `givenNames` | Set of fields in camelCase that are cross-validated between the machine-readable zone and visual zone. Only those specified fields that are actually extracted from a document are considered. If empty, no inconsistencies will be checked. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.acceptInvalidSslCertificate` | `false` | Whether invalid SSL certificate is accepted when calling Zen ID REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.maxInMemorySize` | `10485760` | Maximum in memory size of HTTP requests when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyEnabled` | `false` | Whether proxy server is enabled when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyHost` | | Proxy host to be used when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyPort` | 0 | Proxy port to be used when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyUsername` | | Proxy username to be used when calling Innovatrics REST service. |
| `enrollment-server-onboarding.provider.innovatrics.restClientConfig.proxyPassword` | | Proxy password to be used when calling Innovatrics REST service. |

See [Innovatrics documentation](https://developers.innovatrics.com/digital-onboarding/docs/functionalities/face/active-liveness-check/#magnifeye-liveness) for details how the score affects false acceptances (FAR) and false rejections (FRR).

Expand Down
2 changes: 2 additions & 0 deletions docs/onboarding/Configuration-Verification-Providers.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ This document describes configuration of providers for personal identity documen

The document verification process is currently supported for following providers:
- [ZenID](https://zenid.trask.cz/) - use value `zenid` in configuration
- [Innovatrics](https://www.innovatrics.com/) - use value `innovatrics` in configuration
- Mock - useful for simple testing and local runs - use value `mock` in configuration

### ZenID
Expand Down Expand Up @@ -35,6 +36,7 @@ When calling `document-verification/init-sdk` following implementation fields ar

The document verification process is currently supported for following providers:
- [iProov](https://www.iproov.com/) - use value `iproov` in configuration
- [Innovatrics](https://www.innovatrics.com/) - use value `innovatrics` in configuration
- Mock - useful for simple testing and local runs - use value `mock` in configuration

#### Configuration
Expand Down
20 changes: 17 additions & 3 deletions ...api/src/main/java/com/wultra/app/onboardingserver/api/provider/PresenceCheckProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,13 +44,13 @@ public interface PresenceCheckProvider {
void initPresenceCheck(OwnerId id, Image photo) throws PresenceCheckException, RemoteCommunicationException;

/**
* A feature flag whether the trusted photo of the user should be passed to {@link #initPresenceCheck(OwnerId, Image)}.
* Configuration flag setting where the provider implementation expects the trusted photo of the user.
* <p>
* Some implementation may require specific source to be called by Onboarding server, some providers may handle it internally.
*
* @return {@code true} if the trusted photo should be provided, {@code false} otherwise.
* @return Source where the trusted photo is expected.
*/
boolean shouldProvideTrustedPhoto();
TrustedPhotoSource trustedPhotoSource();

/**
* Starts the presence check process. The process has to be initialized before this call.
Expand Down Expand Up @@ -82,4 +82,18 @@ public interface PresenceCheckProvider {
*/
void cleanupIdentityData(OwnerId id, SessionInfo sessionInfo) throws PresenceCheckException, RemoteCommunicationException;

/**
* Return type for {@link #trustedPhotoSource()}.
*/
enum TrustedPhotoSource {
/**
* If the trusted photo should be passed in {@link #initPresenceCheck}
*/
IMAGE,

/**
* If the trusted photo is passed via reference in {@link SessionInfo}
*/
REFERENCE
}
}
5 changes: 5 additions & 0 deletions ...in-model/src/main/java/com/wultra/app/enrollmentserver/model/integration/SessionInfo.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,11 @@
@Data
public class SessionInfo {

public static final String ATTRIBUTE_TIMESTAMP_LAST_USED = "timestampLastUsed";
public static final String ATTRIBUTE_IMAGE_UPLOADED = "imageUploaded";
public static final String ATTRIBUTE_PRIMARY_DOCUMENT_REFERENCE = "primaryDocumentReference";
public static final String ATTRIBUTE_OTHER_DOCUMENTS_REFERENCES = "otherDocumentsReferences";

private Map<String, Object> sessionAttributes = new LinkedHashMap<>();

}
12 changes: 12 additions & 0 deletions enrollment-server-onboarding-provider-innovatrics/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,18 @@
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>

<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>mockwebserver</artifactId>
<scope>test</scope>
</dependency>

<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<scope>test</scope>
</dependency>
</dependencies>

<build>
Expand Down
Loading

0 comments on commit 34a30ab

Please sign in to comment.