Skip to content

Latest commit

 

History

History
73 lines (55 loc) · 3.35 KB

README.md

File metadata and controls

73 lines (55 loc) · 3.35 KB

identity-outbound-auth-qrcode

Documentation for building and installing the qr-auth components in the IS.

Stackoverflow Join the chat at https://join.slack.com/t/wso2is/shared_invite/enQtNzk0MTI1OTg5NjM1LTllODZiMTYzMmY0YzljYjdhZGExZWVkZDUxOWVjZDJkZGIzNTE1NDllYWFhM2MyOGFjMDlkYzJjODJhOWQ4YjE License Twitter

Setup and Installing QR Authenticator

Step 1: Cloning the project

Clone the identity-outbound-auth-qrcode repository

Step 2: Building the project

Build the project by running mvn clean install at the root directory

Step 3: Deploying server components

  • Go to identity-outbound-auth-qrcode/components
    • org.wso2.carbon.identity.application.authenticator.qrcodetarget
  • Copy the .jar file
  • Go to <IS_HOME>/repository/components/dropins
  • Paste the .jar file into the dropins directory
  • Alternatively it's possible to drag and drop the .jar file to the dropins directory
  • Similarly, repeat the above steps for the components;
    • org.wso2.carbon.identity.application.authenticator.qrcode.servlet
    • org.wso2.carbon.identity.application.authenticator.qrcode.common

Step 4: Deploying QR Authentication Pages

  • Go to identity-outbound-auth-qrcode/components
    • org.wso2.carbon.identity.application.authenticator.qrcodesrcmainresourcesartifacts
  • Copy qrpage.jsp
  • Go to <IS_HOME>/repository/deployment/server/webappsauthenticationendpoint
  • Paste or drop the JSP files in the authenticationendpoint directory

Step 5:

  • Go to <IS_HOME>/repository/resources/conf/templates/repository/conf/identity
  • Open identity.xml.j2
  • Scroll down to the “ResourceAccessControl” section

The following lines should be added for setting access control for qr-auth endpoints

<ResourceAccessControl>
    <Resource context="(.*)/qr-auth/authenticate" secured="true" http-method="POST" />
    <Resource context="(.*)/qr-auth/check-status" secured="true" http-method="GET" />
</ResourceAccessControl>

Add the following to allow multi-tenant support for endpoints

<TenantContextsToRewrite>
       <Servlet>
           {% for servlet in tenant_context.rewrite.servlets %}
           <Context>{{servlet}}</Context>
           {% endfor %}
           <Context>/qr-auth/(.*)</Context>
       </Servlet>
</TenantContextsToRewrite>

NOTE: In order to communicate with WSO2 IS using a physical device (which will be required for developing an app using the qrcode based authentication SDK), the hostname of the IS should be changed to the IP address of the machine running the server.

Additionally, the keystore of the IS should be updated for the Android device to allow communication between the physical device and WSO2 IS running locally.