internal BankIdAuthErrorEvent(SwedishPersonalIdentityNumber?personalIdentityNumber, BankIdApiException bankIdApiException, BankIdSupportedDevice detectedUserDevice)
: base(BankIdEventTypes.AuthErrorEventId, BankIdEventTypes.AuthErrorEventName, BankIdEventSeverity.Error)
{
PersonalIdentityNumber = personalIdentityNumber;
BankIdApiException = bankIdApiException;
DetectedUserDevice = detectedUserDevice;
}
internal BankIdAuthSuccessEvent(SwedishPersonalIdentityNumber?personalIdentityNumber, string orderRef, BankIdSupportedDevice detectedUserDevice)
: base(BankIdEventTypes.AuthSuccessId, BankIdEventTypes.AuthSuccessName, BankIdEventSeverity.Success)
{
PersonalIdentityNumber = personalIdentityNumber;
OrderRef = orderRef;
DetectedUserDevice = detectedUserDevice;
}
private static string GetRedirectUrl(BankIdSupportedDevice device, LaunchUrlRequest request)
{
// Only use redirect url for iOS as recommended in BankID Guidelines 3.1.2
return(device.DeviceOs == BankIdSupportedDeviceOs.Ios
? GetIOsBrowserSpecificRedirectUrl(device, request.RedirectUrl)
: NullRedirectUrl);
}
private static bool CanUseAppLink(BankIdSupportedDevice device)
{
// Only Safari on IOS and Chrome on Android version >= 6 seems to support
// the https://app.bankid.com/ launch url
return(IsSafariOnIos(device) || IsChromeOnAndroid6OrGreater(device));
}
private bool GetDeviceWillReloadPageOnReturnFromBankIdApp(BankIdSupportedDevice detectedDevice)
{
// When returned from the BankID app Safari on iOS will refresh the page/tab.
return(detectedDevice.DeviceOs == BankIdSupportedDeviceOs.Ios &&
detectedDevice.DeviceBrowser == BankIdSupportedDeviceBrowser.Safari);
}
internal BankIdAspNetAuthenticateSuccessEvent(AuthenticationTicket authenticationTicket, SwedishPersonalIdentityNumber personalIdentityNumber, BankIdSupportedDevice detectedUserDevice)
: base(BankIdEventTypes.AspNetAuthenticateSuccessEventId, BankIdEventTypes.AspNetAuthenticateSuccessEventName, BankIdEventSeverity.Success)
{
AuthenticationTicket = authenticationTicket;
PersonalIdentityNumber = personalIdentityNumber;
DetectedUserDevice = detectedUserDevice;
}
private string GetLaunchUrl(BankIdSupportedDevice device, LaunchUrlRequest request)
{
var prefix = GetPrefixPart(device);
var queryString = GetQueryStringPart(device, request);
return($"{prefix}{queryString}");
}
private static string GetRedirectUrl(BankIdSupportedDevice device, LaunchUrlRequest request)
{
// Only use redirect url for iOS as recommended in BankID Guidelines 3.1.2
return(device.IsIos
? request.RedirectUrl
: "null");
}
internal BankIdCancelSuccessEvent(string orderRef, BankIdSupportedDevice detectedUserDevice, BankIdLoginOptions idOptions)
: base(BankIdEventTypes.CancelSuccessId, BankIdEventTypes.CancelSuccessName, BankIdEventSeverity.Success)
{
OrderRef = orderRef;
DetectedUserDevice = detectedUserDevice;
BankIdOptions = idOptions;
}
internal BankIdCollectErrorEvent(string orderRef, BankIdApiException bankIdApiException, BankIdSupportedDevice detectedUserDevice, BankIdLoginOptions idOptions)
: base(BankIdEventTypes.CollectErrorId, BankIdEventTypes.CollectErrorName, BankIdEventSeverity.Error)
{
OrderRef = orderRef;
BankIdApiException = bankIdApiException;
DetectedUserDevice = detectedUserDevice;
BankIdOptions = idOptions;
}
internal BankIdCollectPendingEvent(string orderRef, CollectHintCode hintCode, BankIdSupportedDevice detectedUserDevice, BankIdLoginOptions idOptions)
: base(BankIdEventTypes.CollectPendingId, BankIdEventTypes.CollectPendingName, BankIdEventSeverity.Information)
{
OrderRef = orderRef;
HintCode = hintCode;
DetectedUserDevice = detectedUserDevice;
BankIdOptions = idOptions;
}
internal BankIdCollectFailureEvent(string orderRef, CollectHintCode hintCode, BankIdSupportedDevice detectedUserDevice, BankIdLoginOptions idOptions)
: base(BankIdEventTypes.CollectFailureId, BankIdEventTypes.CollectFailureName, BankIdEventSeverity.Failure)
{
OrderRef = orderRef;
HintCode = hintCode;
DetectedUserDevice = detectedUserDevice;
BankIdOptions = idOptions;
}
internal BankIdCollectCompletedEvent(string orderRef, CompletionData completionData, BankIdSupportedDevice detectedUserDevice, BankIdLoginOptions idOptions)
: base(BankIdEventTypes.CollectCompletedId, BankIdEventTypes.CollectCompletedName, BankIdEventSeverity.Success)
{
OrderRef = orderRef;
CompletionData = completionData;
DetectedUserDevice = detectedUserDevice;
BankIdOptions = idOptions;
}
internal BankIdAuthSuccessEvent(PersonalIdentityNumber?personalIdentityNumber, string orderRef, BankIdSupportedDevice detectedUserDevice, BankIdLoginOptions idOptions)
: base(BankIdEventTypes.AuthSuccessId, BankIdEventTypes.AuthSuccessName, BankIdEventSeverity.Success)
{
PersonalIdentityNumber = personalIdentityNumber;
OrderRef = orderRef;
DetectedUserDevice = detectedUserDevice;
BankIdOptions = idOptions;
}
public string GetLaunchUrl(BankIdSupportedDevice device, LaunchUrlRequest request)
{
if (device.DeviceOs == BankIdSupportedDeviceOs.Ios)
{
return(request.RedirectUrl);
}
return("#");
}
private static bool IsChromeOrEdgeOnAndroid6OrGreater(BankIdSupportedDevice device)
{
return(device.DeviceOs == BankIdSupportedDeviceOs.Android &&
device.DeviceOsVersion.MajorVersion >= 6 &&
(
device.DeviceBrowser == BankIdSupportedDeviceBrowser.Chrome ||
device.DeviceBrowser == BankIdSupportedDeviceBrowser.Edge
));
}
private string GetPrefixPart(BankIdSupportedDevice device)
{
if (device.IsIos)
{
return(IosUrlPrefix);
}
return(BankIdScheme);
}
private string GetPrefixPart(BankIdSupportedDevice device)
{
if (device.IsIos)
{
return("https://app.bankid.com/");
}
return("bankid:///");
}
private void AddUserDeviceProperties(Dictionary <string, string> properties, BankIdSupportedDevice userDevice)
{
if (_options.LogUserDevice)
{
properties.Add(PropertyName_UserDeviceBrowser, userDevice.DeviceBrowser.ToString());
properties.Add(PropertyName_UserDeviceOs, userDevice.DeviceOs.ToString());
properties.Add(PropertyName_UserDeviceType, userDevice.DeviceType.ToString());
properties.Add(PropertyName_UserDeviceOsVersion, userDevice.DeviceOsVersion.ToString());
}
}
private string GetPrefixPart(BankIdSupportedDevice device)
{
// Only Safari on IOS seems to support the app.bankid.com reference
if (device.DeviceOs == BankIdSupportedDeviceOs.Ios &&
device.DeviceBrowser == BankIdSupportedDeviceBrowser.Safari)
{
return(IosUrlPrefix);
}
return(BankIdScheme);
}
private bool GetDeviceMightRequireUserInteractionToLaunchBankIdApp(BankIdSupportedDevice detectedDevice)
{
// On Android, some browsers will (for security reasons) not launching a
// third party app/scheme (BankID) if there is no user interaction.
//
// - Chrome, Edge, Samsung Internet Browser and Brave is confirmed to require User Interaction
// - Firefox and Opera is confirmed to work without User Interaction
return(detectedDevice.DeviceOs == BankIdSupportedDeviceOs.Android &&
detectedDevice.DeviceBrowser != BankIdSupportedDeviceBrowser.Firefox &&
detectedDevice.DeviceBrowser != BankIdSupportedDeviceBrowser.Opera);
}
private bool GetDeviceMightRequireUserInteractionToLaunchBankIdApp(BankIdSupportedDevice detectedDevice)
{
// On Android, some browsers will (for security reasons) not launching a
// third party app/scheme (BankID) if there is no user interaction.
//
// - Chrome and Samsung Internet Browser is confirmed to require User Interaction.
// - Firefox is confirmed to work without.
//
// HTML files to try this out is available under /docs/tests
return(detectedDevice.DeviceOs == BankIdSupportedDeviceOs.Android &&
detectedDevice.DeviceBrowser != BankIdSupportedDeviceBrowser.Firefox);
}
private static string GetIOsBrowserSpecificRedirectUrl(BankIdSupportedDevice device, string redirectUrl)
{
// If it is a third party browser, don't specify the return URL, just the browser scheme.
// This will launch the browser with the last page used (the Active Login status page).
// If a URL is specified these browsers will open that URL in a new tab and we will lose context.
return(device.DeviceBrowser switch
{
BankIdSupportedDeviceBrowser.Chrome => IosChromeScheme,
BankIdSupportedDeviceBrowser.Firefox => IosFirefoxScheme,
BankIdSupportedDeviceBrowser.Safari => redirectUrl,
_ => string.Empty // Return empty string so user can go back manually, will catch Edge and other third party browsers
});
private string GetQueryStringPart(BankIdSupportedDevice device, LaunchUrlRequest request)
{
var queryStringParams = new Dictionary <string, string>();
if (!string.IsNullOrWhiteSpace(request.AutoStartToken))
{
queryStringParams.Add("autostarttoken", request.AutoStartToken);
}
if (!string.IsNullOrWhiteSpace(request.RelyingPartyReference))
{
queryStringParams.Add("rpref", Base64Encode(request.RelyingPartyReference));
}
queryStringParams.Add("redirect", GetRedirectUrl(device, request));
return(GetQueryString(queryStringParams));
}
private static string GetIOsBrowserSpecificRedirectUrl(BankIdSupportedDevice device, string redirectUrl)
{
// If it is a third party browser, don't specify the return URL, just the browser scheme.
// This will launch the browser with the last page used (the Active Login status page).
// If a URL is specified these browsers will open that URL in a new tab and we will lose context.
return(device.DeviceBrowser switch
{
// Safari can only be launched by providing redirect url (https://...)
BankIdSupportedDeviceBrowser.Safari => redirectUrl,
// Normally you would supply the URL, but we just want to launch the app again
BankIdSupportedDeviceBrowser.Chrome => IosChromeScheme,
BankIdSupportedDeviceBrowser.Firefox => IosFirefoxScheme,
// Opens a new tab on app launch, so can't launch automatically
BankIdSupportedDeviceBrowser.Edge => string.Empty,
BankIdSupportedDeviceBrowser.Opera => string.Empty,
// Return empty string so user can go back manually, will catch unknown third party browsers
_ => string.Empty
});
private static string GetIOsBrowserSpecificRedirectUrl(BankIdSupportedDevice device, string redirectUrl)
{
if (device.IsChrome || device.IsEdge)
{
var redirectUrlWithoutHttpsScheme = redirectUrl.Substring(8);
if (device.IsChrome)
{
return(IosChromeSchemePrefix + redirectUrlWithoutHttpsScheme);
}
if (device.IsEdge)
{
return(IosEdgeSchemePrefix + redirectUrlWithoutHttpsScheme);
}
}
if (device.IsFirefox)
{
return(IosFirefoxSchemePrefix + Uri.EscapeDataString(redirectUrl));
}
return(redirectUrl);
}
private string GetBankIdRedirectUri(BankIdLoginApiInitializeRequest request, string protectedOrderRef, AuthResponse authResponse, BankIdSupportedDevice detectedDevice)
{
var returnRedirectUri = GetAbsoluteUrl(Url.Action(nameof(BankIdController.Login), "BankId", new
{
returnUrl = request.ReturnUrl,
loginOptions = request.LoginOptions
}));
var launchUrlRequest = new LaunchUrlRequest(returnRedirectUri, authResponse.AutoStartToken);
var bankIdRedirectUri = _bankIdLauncher.GetLaunchUrl(detectedDevice, launchUrlRequest);
return(bankIdRedirectUri);
}
private async Task <HandleRequestResult> HandleRemoteAuthenticateFail(string reason, BankIdSupportedDevice detectedDevice)
{
await _bankIdEventTrigger.TriggerAsync(new BankIdAspNetAuthenticateFailureEvent(reason, detectedDevice));
return(HandleRequestResult.Fail(reason));
}
private static bool IsSafariOnIos(BankIdSupportedDevice device)
{
return(device.DeviceOs == BankIdSupportedDeviceOs.Ios &&
device.DeviceBrowser == BankIdSupportedDeviceBrowser.Safari);
}
private string GetPrefixPart(BankIdSupportedDevice device)
{
return(CanUseAppLink(device)
? BankIdAppLinkPrefix
: BankIdSchemePrefix);
}
