Merge pull request #115 from wultra/develop

Prepare release 0.23.0

.travis.yml

@@ -0,0 +1,24 @@
+language: java
+jdk:
+  - openjdk11
+script: mvn -f powerauth-data-adapter/pom.xml clean package
+branches:
+  only:
+    - master
+    - coverity_scan
+env:
+  global:
+    - secure: "ZeE+S5KU4rA0zta+udAFBIEETAqTg5SExaFtoNur/2DG79hcGGO/nC1VouwbwYnR81xNc3A5LniTsqwYjzFFstCRUPR7zjeYIq4B9v5bdNqdLiRvY/Re9Rk9f4hVf3039SnKGaEC+iCMzs/BxFW5+y68Oe1RKGh9yI0I2WKglkIw3NHLx+qI4HBhWwgso2USBNGGfEPOwJAR0940DxLywOxNFPUuMjYIFXY7Yx6Hko0L7BX+TRERmJuxK+cwoTWkFdmAzNIsau2WpSHN2/V+kIP8sr9eeUc33pY9ztW+oir3kteDhNjPeg9NA+FG6bGC8D8hPzNIMEED/OPs/Zj3G0oOLLTS/fjulSAiTAK6afkEyffNjVfh7dJQxvfGhHBJs1PDD0+a7sYogmf/eisxO6qYI+hRZMpkjjJL590Ovk6do9anzzmJ8lSSH6r8NVCANt2q5fnjp5BOOPFWGolWMvH2r699TiL3azBM1lWz3spvvk11DbtWqDJCOFmtD4SluTFAKuZjageQY69nPpB/w3Q+ThpYJqTNNrHD1i/b5daAi8aIGZud5vvwTUC5ItGzSGhjizTFxps7FOa77P//YIQhdirURvgIkuCf0A5vGBABuyeVOmz3pkx36sO4va1ZqNNYY9tbv5rdCBynU0KgmrOr6J3Q6IwMSxrc85ykSlI="
+
+before_install:
+  - echo -n | openssl s_client -connect https://scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
+
+addons:
+  coverity_scan:
+    project:
+      name: "wultra/powerauth-webflow-customization"
+      description: "Build submitted via Travis CI"
+    notification_email: [email protected]
+    build_command_prepend: "mvn -f powerauth-data-adapter/pom.xml clean"
+    build_command: "mvn -DskipTests=true -f powerauth-data-adapter/pom.xml compile"
+    branch_pattern: coverity_scan

README.md

@@ -6,7 +6,7 @@ and other changes required for customizing Web Flow for clients.
 
 ## Documentation
 
-For the most recent documentation and tutorials, please visit [PowerAuth Web Flow Customization Documentation](./docs/Home.md).
+For the most recent documentation and tutorials, please visit [PowerAuth Web Flow Customization Documentation](https://developers.wultra.com/docs/develop/powerauth-webflow-customization/).
 
 ## License
 

docs/Customizing-Web-Flow-Appearance.md

@@ -8,7 +8,7 @@ Web Flow resources which can be customized are available in the ext-resources fo
 
 The general process of updating Web Flow resources:
 
-- Clone project [powerauth-webflow-customization](https://github.com/wultra/powerauth-webflow-customization) from GitHub.
+- Clone project [powerauth-webflow-customization](https://github.com/wultra/powerauth-webflow-customization#docucheck-keep-link) from GitHub.
 - Update Web Flow resources by overriding existing texts, CSS, fonts and images or by adding additional resources.
 - When deploying Web Flow, configure the following Spring Boot property:
 
@@ -58,3 +58,53 @@ Additional fonts for Web Flow can be stored in `ext-resources/fonts` folder, see
 - [ext-resources/fonts](../ext-resources/fonts)
 
 After you make a copy of the `powerauth-webflow-customization` project, you can add new fonts to the folder `/path/to/your/ext-resources/fonts` and update the `customization.css` file (see above) to use the added fonts in Web Flow.
+
+## Customizing the OAuth 2.0 Consent Form
+
+The OAuth 2.0 consent form used by Web Flow can be customized by implementing following methods from Data Adapter interface:
+
+### Initialize Consent Form
+
+The [initConsentForm](../powerauth-data-adapter/src/main/java/io/getlime/security/powerauth/app/dataadapter/api/DataAdapter.java#L177) method is used to
+allow to decide whether consent form should be displayed for given operation context. Based on values of parameters `userId`, `organizationId`
+and `operationContext` a decision can be made whether to display the consent form or not. In case the consent form is always displayed,
+return true in response unconditionally.
+
+### Create Consent Form 
+The [createConsentForm](../powerauth-data-adapter/src/main/java/io/getlime/security/powerauth/app/dataadapter/api/DataAdapter.java#L189) method is used to specify
+the text of consent form and define options which are available in the options form. The consent form accepts consent text as HTML, scripting of the HTML is not allowed.
+The language of the consent form is specified using parameter `lang`. Each option is identified using an identifier `id`. Individual options in the form can be set as required and their default value can be set.
+The form can use parameters `userId`, `organizationId` and `operationContext` including `name`, `formData` and `applicationContext` to create a customized and personalized consent form for given
+user, operation name, operation parameters and application which initiated the operation. 
+
+The response should contain following data:
+- `consentHtml` - localized HTML text of OAuth 2.0 consent for given operation and its context
+- `options` - list of consent options which should be checked by the user with following parameters:
+  - `id` - identifier of the consent option
+  - `descriptionHtml` - localized HTML text for the description of the consent option
+  - `required` - whether the option must be checked in order to complete the operation
+  - `defaultValue` - default value of the option
+  - `value` - value specified by the user (not used yet)
+
+_Note that the consent texts do not use automatic resource localization because the HTML texts are expected to be complex and dynamically generated._
+
+### Validate Consent Form  
+The [validateConsentForm](../powerauth-data-adapter/src/main/java/io/getlime/security/powerauth/app/dataadapter/api/DataAdapter.java#L203) method is used to validate the OAuth 2.0 consent form options
+before the response is persisted. The identifiers of consent options match identifiers created in the `createConsentForm` step. The error messages produced by this method should
+take into account language specified using parameter `lang`.
+
+The response should contain following data:
+- `consentValidationPassed` - whether the consent validation passed and the operation can be completed
+- `validationErrorMessage` - localized HTML text of error message for overall consent form validation used in case the consent validation failed
+- `optionValidationResults` - result of validation for individual consent options:
+  - `id` - identifier of the consent option
+  - `validationPassed` - whether validation of the consent option passed
+  - `errorMessage` - localized HTML text of error message for consent option, in case validation of consent option value failed
+
+_Note that the texts of error messages do not use automatic resource localization because the HTML texts are expected to be complex and dynamically generated._
+
+### Save Consent Form
+The [saveConsentForm](../powerauth-data-adapter/src/main/java/io/getlime/security/powerauth/app/dataadapter/api/DataAdapter.java#L215) method is used to save the OAuth 2.0 consent form options.
+This method is called only when form validation done in `validateConsentForm` method successfully passes. The sample implementation prints the consent form option values into log.
+It is expected that in the real implementation the consent option values are persisted in a database or any other persistent storage of consent options.
+

docs/Deploying-Wildfly.md

@@ -0,0 +1,93 @@
+# Deploying Data Adapter on JBoss / Wildfly
+
+## JBoss Deployment Descriptor 
+
+Data Adapter contains the following configuration in `jboss-deployment-structure.xml` file for JBoss:
+
+```
+<?xml version="1.0"?>
+<jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.2">
+	<deployment>
+		<exclude-subsystems>
+			<!-- disable the logging subsystem because the application manages its own logging independently -->
+			<subsystem name="logging" />
+		</exclude-subsystems>
+
+		<dependencies>
+			<module name="com.wultra.powerauth.data-adapter.conf" />
+		</dependencies>
+		<local-last value="true" />
+	</deployment>
+</jboss-deployment-structure>
+```
+
+The deployment descriptor requires configuration of the `com.wultra.powerauth.data-adapter.conf` module.
+
+## JBoss Module for Data Adapter Configuration
+
+Create a new module in `PATH_TO_JBOSS/modules/system/layers/base/com/wultra/powerauth/data-adapter/conf/main`.
+
+The files described below should be added into this folder.
+
+### Main Module Configuration
+
+The `module.xml` configuration is used for module registration. It also adds resources from the module folder to classpath:
+```
+<?xml version="1.0" encoding="UTF-8"?>
+<module xmlns="urn:jboss:module:1.3" name="com.wultra.powerauth.data-adapter.conf">
+    <resources>
+        <resource-root path="." />
+    </resources>
+</module>
+```
+
+### Logging Configuration
+
+Use the `logback.xml` file to configure logging, for example:
+```
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration scan="true" scanPeriod="30 seconds">
+
+        <property name="LOG_FILE_DIR" value="/var/log/powerauth" />
+        <property name="LOG_FILE_NAME" value="data-adapter" />
+        <property name="INSTANCE_ID" value="${jboss.server.name}" />
+
+        <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+                <file>${LOG_FILE_DIR}/${LOG_FILE_NAME}-${INSTANCE_ID}.log</file>
+                <immediateFlush>true</immediateFlush>
+                <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+                        <fileNamePattern>${LOG_FILE_DIR}/${LOG_FILE_NAME}-${INSTANCE_ID}-%d{yyyy-MM-dd}-%i.log</fileNamePattern>
+                        <maxFileSize>10MB</maxFileSize>
+                        <maxHistory>5</maxHistory>
+                        <totalSizeCap>100MB</totalSizeCap>
+                </rollingPolicy>
+                <encoder>
+                        <charset>UTF-8</charset>
+                        <pattern>%d{ISO8601} [%thread] %-5level %logger{36} - %msg%n</pattern>
+                </encoder>
+        </appender>
+
+        <logger name="com.wultra" level="INFO" />
+        <logger name="io.getlime" level="INFO" />
+
+        <root level="INFO">
+                <appender-ref ref="FILE" />
+        </root>
+</configuration>
+```
+
+### Application Configuration
+
+The `application-ext.properties` file is used to override default configuration properties, for example:
+```
+powerauth.dataAdapter.service.applicationEnvironment=TEST
+```
+
+Data Adapter Spring application uses the `ext` Spring profile which activates overriding of default properties by `application-ext.properties`.
+
+### Bouncy Castle Installation
+
+The Bouncy Castle module for JBoss / Wildfly needs to be enabled as a global module for Data Adapter.
+
+Follow the instructions in the [Installing Bouncy Castle](https://github.com/wultra/powerauth-server/blob/develop/docs/Installing-Bouncy-Castle.md) chapter of PowerAuth Server documentation. 
+Note that the instructions differ based on Java version and application server type.