Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added support of QR Code & Deeplink - Proximity check #122

Merged
merged 26 commits into from
Nov 10, 2023
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
737cdaa
Added support of QR Code & Deeplink - Proximity check
Hopsaheysa Oct 25, 2023
5223bdc
Return incorrectly removed init for backward compatibility
Hopsaheysa Oct 27, 2023
ded75b2
Rename otp to totp
Hopsaheysa Oct 27, 2023
9ce0f4c
Fix networking serialization tests
Hopsaheysa Oct 27, 2023
3428508
Add offline totp
Hopsaheysa Oct 27, 2023
a5489a3
Test totp authorization
Hopsaheysa Oct 27, 2023
916845c
Fix lint and missing file
Hopsaheysa Oct 27, 2023
b7a909e
Implement remarks
Hopsaheysa Oct 31, 2023
11897f2
Add `TOTPParserTests`
Hopsaheysa Oct 31, 2023
f25cf71
Minor fixes
Hopsaheysa Oct 31, 2023
5a63912
Fix incorrect name of otp in `WMTProximityCheckData`
Hopsaheysa Nov 2, 2023
82e752a
Bump networking dependency to 1.2.0.
Hopsaheysa Nov 7, 2023
89e91ef
Remove Package.swift from repo
Hopsaheysa Nov 8, 2023
e4bf607
Implement remarks
Hopsaheysa Nov 8, 2023
b6a4c03
Remove unused host in TOTPUtils
Hopsaheysa Nov 8, 2023
8b61768
Comment changed
Hopsaheysa Nov 8, 2023
60ae1bd
Bump Networking version to 1.2.0.
Hopsaheysa Nov 8, 2023
48d3114
Increase minimal ios version to 12 + Fix comment on WMTOperationTOTPData
Hopsaheysa Nov 9, 2023
5d33384
Minor naming changes
Hopsaheysa Nov 9, 2023
bd1699d
Remove `Packege.resolved` add `Package`
Hopsaheysa Nov 10, 2023
5fda458
Remove duplicated empty lines
Hopsaheysa Nov 10, 2023
0ef03b0
Update podspec
Hopsaheysa Nov 10, 2023
de3bf05
Add docs
Hopsaheysa Nov 10, 2023
0af2e57
Fix placement of the TOTP WMPTProximityCheck
Hopsaheysa Nov 10, 2023
d6ec093
Remove unnecessary info from docs
Hopsaheysa Nov 10, 2023
fd8b80e
Add info to PowerAuth compatibility table in SDK-Integration.md
Hopsaheysa Nov 10, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Package.swift
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import PackageDescription
let package = Package(
name: "WultraMobileTokenSDK",
platforms: [
.iOS(.v11)
.iOS(.v12)
],
products: [
.library(name: "WultraMobileTokenSDK", targets: ["WultraMobileTokenSDK"])
Expand Down
1 change: 1 addition & 0 deletions docs/Error-Handling.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ Every error produced by this library is of a `WMTError` type. This error contain
|`operationAlreadyFailed`|Operation is already failed|
|`operationAlreadyCancelled`|Operation is canceled|
|`operationExpired`|Operation is expired|
|`operationFailed`|Default operation action failure|

## WMTErrorReason

Expand Down
13 changes: 7 additions & 6 deletions docs/SDK-Integration.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## Requirements

- iOS 10.0+
- iOS 12.0+
- [PowerAuth Mobile SDK](https://github.com/wultra/powerauth-mobile-sdk) needs to be available in your project

## Swift Package Manager
Expand All @@ -17,7 +17,7 @@ import PackageDescription
let package = Package(
name: "YourLibrary",
platforms: [
.iOS(.v11)
.iOS(.v12)
],
products: [
.library(
Expand All @@ -26,7 +26,7 @@ let package = Package(
),
],
dependencies: [
.package(url: "https://github.com/wultra/mtoken-sdk-ios.git", .from("1.4.1"))
.package(url: "https://github.com/wultra/mtoken-sdk-ios.git", .from("1.7.0"))
],
targets: [
.target(
Expand All @@ -39,15 +39,16 @@ let package = Package(

## Cocoapods

Ddd the following dependencies to your Podfile:
Add the following dependencies to your Podfile:

```rb
pod 'WultraMobileTokenSDK/Operations'
pod 'WultraMobileTokenSDK/Push'
pod 'WultraMobileTokenSDK/Inbox'
```

<!-- begin box info -->
Note: If you want to use only operations, you can omit the Push dependency.
Note: If you want to use only operations, you can omit the Push dependency & Inbox dependency.
<!-- end -->

## Guaranteed PowerAuth Compatibility
Expand All @@ -60,4 +61,4 @@ Note: If you want to use only operations, you can omit the Push dependency.

## Xcode Compatibility

We recommend using Xcode version 13.2 or newer.
We recommend using Xcode version 14.3 or newer.
63 changes: 62 additions & 1 deletion docs/Using-Operations-Service.md
Original file line number Diff line number Diff line change
Expand Up @@ -436,6 +436,9 @@ class WMTUserOperation: WMTOperation {
///
/// Additional UI data such as Pre-Approval Screen or Post-Approval Screen should be presented.
public let ui: WMTOperationUIData?

/// Proximity Check Data to be passed when OTP is handed to the app
public var proximityCheck: WMTProximityCheck?
}
```

Expand Down Expand Up @@ -492,7 +495,7 @@ PreApprovalScreen types:

- `WARNING`
- `INFO`
- `QR_SCAN`
- `QR_SCAN` this type indicates that the `WMTProximityCheck` must be used
- `UNKNOWN`

PostApprovalScreen types:
Expand All @@ -502,6 +505,50 @@ PostApprovalScreen types:
- `REDIRECT` providing text for button, countdown, and redirection URL
- `GENERIC` may contain any object

Definition of `WMTProximityCheck`:

```swift
public class WMTProximityCheck: Codable {
/// Tha actual Time-based one time password
public let totp: String
/// Type of the Proximity check
public let type: WMTProximityCheckType
/// Timestamp when the operation was scanned (QR Code) or delivered to the device (Deeplink)
public let timestampRequested: Date
}
```

WMTProximityCheckType types:

- `qrCode` TOTP was scanned from QR code
- `deeplink` TOTP was delivered to the app via Deeplink


## TOTP WMTProximityCheck

Two-Factor Authentication (2FA) using Time-Based One-Time Passwords (TOTP) in the Operations Service is facilitated through the use of WMTProximityCheck. This allows secure approval of operations through QR code scanning or deeplink handling.

This TOTP-based WMTProximityCheck enhances the security of the approval process, providing a robust mechanism for 2FA in the Operations Service.

- QR Code Flow:

When the `WMTUserOperation` contains a `WMTPreApprovalScreen.qr`, the app should open the camera to scan the QR code before confirming the operation. Use the camera to scan the QR code containing the necessary data payload for the operation.

- Deeplink Flow:

When the app is launched via a deeplink, preserve the data from the deeplink to extract the relevant information. When operations are loaded compare the operation ID from the deeplink data to the operations within the app to find a match.

- Assign TOTP and Type for the Operation
Once the QR code is scanned or match from deeplink is found, create a `WMTProximityCheck` with:
- `totp`: The actual Time-Based One-Time Password.
- `type`: Set to `WMTProximityCheckType.qrCode` or `WMTProximityCheckType.deeplink`.
- `timestampRequested`: The timestamp when the QR code was scanned (by default, it is created as the current timestamp).

- Authorizing the WMTProximityCheck
When authorization, the SDK will by default add `timestampSigned` to the `WMTProximityCheck` object. This timestamp indicates when the operation was signed.

This TOTP-based WMTProximityCheck enhances the security of the approval process, providing a robust mechanism for 2FA in the Operations Service.
Hopsaheysa marked this conversation as resolved.
Show resolved Hide resolved

### Subclassing WMTUserOperation

`WMTUserOperation` class is `open` and can be subclassed. This is useful when your backend adds additional properties to operations retrieved via the `getOperations` API.
Expand Down Expand Up @@ -561,6 +608,20 @@ public protocol WMTOperation {

/// Data for signing
var data: String { get }

/// Additional information with proximity check data
var proximityCheck: WMTProximityCheck? { get }
}
```

### Utilizing the Proximity Check
When creating custom operations, you can now include proximity check data by conforming to the updated WMTOperation protocol. This enables you to enhance the security of your operations by considering proximity information during the authorization process.

To maintain backward compatibility, a public extension has been added to the WMTOperation protocol. If your existing codebase does not require the use of the proximity check feature, the extension ensures seamless integration:

```swift
public extension WMTOperation {
var proximityCheck: WMTProximityCheck? { nil }
}
```

Expand Down
Loading