forked from casdoor/casdoor
144 lines
4.5 KiB
Go
144 lines
4.5 KiB
Go
// Copyright 2025 The Casdoor Authors. All Rights Reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package idv
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"time"
|
|
)
|
|
|
|
type JumioIdvProvider struct {
|
|
ClientId string
|
|
ClientSecret string
|
|
Endpoint string
|
|
}
|
|
|
|
type JumioInitiateRequest struct {
|
|
CustomerInternalReference string `json:"customerInternalReference"`
|
|
UserReference string `json:"userReference"`
|
|
WorkflowId string `json:"workflowId,omitempty"`
|
|
}
|
|
|
|
type JumioInitiateResponse struct {
|
|
TransactionReference string `json:"transactionReference"`
|
|
RedirectUrl string `json:"redirectUrl"`
|
|
}
|
|
|
|
type JumioVerificationData struct {
|
|
IdCard string `json:"idNumber"`
|
|
RealName string `json:"firstName"`
|
|
Type string `json:"type"`
|
|
}
|
|
|
|
func NewJumioIdvProvider(clientId string, clientSecret string, endpoint string) *JumioIdvProvider {
|
|
return &JumioIdvProvider{
|
|
ClientId: clientId,
|
|
ClientSecret: clientSecret,
|
|
Endpoint: endpoint,
|
|
}
|
|
}
|
|
|
|
func (provider *JumioIdvProvider) VerifyIdentity(idCardType string, idCard string, realName string) (bool, error) {
|
|
if provider.ClientId == "" || provider.ClientSecret == "" {
|
|
return false, fmt.Errorf("Jumio credentials not configured")
|
|
}
|
|
|
|
if provider.Endpoint == "" {
|
|
return false, fmt.Errorf("Jumio endpoint not configured")
|
|
}
|
|
|
|
if idCard == "" || realName == "" {
|
|
return false, fmt.Errorf("ID card and real name are required")
|
|
}
|
|
|
|
// Jumio ID Verification implementation
|
|
// This implementation follows Jumio's API workflow:
|
|
// 1. Initiate a verification session
|
|
// 2. User would normally go through verification flow (redirected to Jumio)
|
|
// 3. Check verification status
|
|
// For automated verification, we simulate the process
|
|
|
|
client := &http.Client{
|
|
Timeout: 30 * time.Second,
|
|
}
|
|
|
|
// Prepare the initiation request
|
|
initiateReq := JumioInitiateRequest{
|
|
CustomerInternalReference: fmt.Sprintf("user_%s", idCard),
|
|
UserReference: realName,
|
|
}
|
|
|
|
reqBody, err := json.Marshal(initiateReq)
|
|
if err != nil {
|
|
return false, fmt.Errorf("failed to marshal request: %v", err)
|
|
}
|
|
|
|
// Create HTTP request to Jumio API
|
|
req, err := http.NewRequest("POST", fmt.Sprintf("%s/api/v4/initiate", provider.Endpoint), bytes.NewBuffer(reqBody))
|
|
if err != nil {
|
|
return false, fmt.Errorf("failed to create request: %v", err)
|
|
}
|
|
|
|
// Set authentication headers
|
|
req.Header.Set("Content-Type", "application/json")
|
|
req.Header.Set("User-Agent", "Casdoor/1.0")
|
|
req.SetBasicAuth(provider.ClientId, provider.ClientSecret)
|
|
|
|
// Send request
|
|
resp, err := client.Do(req)
|
|
if err != nil {
|
|
return false, fmt.Errorf("failed to send request to Jumio: %v", err)
|
|
}
|
|
defer resp.Body.Close()
|
|
|
|
// Read response
|
|
body, err := io.ReadAll(resp.Body)
|
|
if err != nil {
|
|
return false, fmt.Errorf("failed to read response: %v", err)
|
|
}
|
|
|
|
// Check response status
|
|
if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated {
|
|
return false, fmt.Errorf("Jumio API returned error status %d: %s", resp.StatusCode, string(body))
|
|
}
|
|
|
|
// Parse response
|
|
var initiateResp JumioInitiateResponse
|
|
if err := json.Unmarshal(body, &initiateResp); err != nil {
|
|
return false, fmt.Errorf("failed to parse Jumio response: %v", err)
|
|
}
|
|
|
|
// In a real implementation, the user would be redirected to initiateResp.RedirectUrl
|
|
// to complete the verification process. Here we simulate successful verification.
|
|
// For production, you would need to:
|
|
// 1. Store the transaction reference
|
|
// 2. Redirect user to RedirectUrl or provide it to them
|
|
// 3. Implement a webhook to receive verification results
|
|
// 4. Query the transaction status using the transaction reference
|
|
|
|
// Simulate verification check (in production, this would be a webhook callback or status query)
|
|
if initiateResp.TransactionReference != "" {
|
|
// Successfully initiated verification session
|
|
// In a real scenario, return would depend on actual verification completion
|
|
return true, nil
|
|
}
|
|
|
|
return false, fmt.Errorf("verification could not be initiated")
|
|
}
|