QR Registration Example
This shows some capabilities of the Extension Engine and how you might implement a QR registration. The scripts are based on the following flow:
- User logs in on the website or portal with their credentials
- Website calls the Token Server on the backchannel endpoint
- Token Server triggers the backchannel script for this Identity Provider and returns the result to the website.
- Website generates a QR code based on the response
- User scans this QR code with the mobile app
- Mobile app calls the Token Server on the complete endpoint
- Token Server triggers the complete script and returns the result to the mobile app
- User is logged in with the mobile app if the result is successful
Backchannel Script
A userId is passed in the requestPayload
Example request :
{
"data": "{\"userId\":\"exampleUserId\"}"
}
Script
function execute(requestPayload){
var userId = JSON.parse(requestPayload).userId;
var identifier = java.util.UUID.randomUUID().toString();
// Store any data you need
CACHE.store(identifier, userId);
LOG.info("storing userId: {}", userId);
return {
status: 2000,
responsePayload: identifier
};
}
Example response
You'll get this type of a response back which you can parse and then embed the generated identifier into the QR code.
{
"data": "e2048242-085f-4210-93ff-84df1fcd8ce2",
"status": 2000
}
Complete Script
You'll need to pass the identifier with the complete request so it can be used to fetch the user information that was stored in the backchannel script.
Example request
{
"data": "{\"identifier\":\"e2048242-085f-4210-93ff-84df1fcd8ce2\"}"
}
Script
function execute(requestPayload){
var identifier = JSON.parse(requestPayload).identifier;
var userId = CACHE.fetch(identifier);
LOG.info("retrieved from cache: {}", userId);
// You may want to delete the entry so the same request cannot be made again
var status = 2000;
if (userId){
CACHE.delete(identifier);
} else {
status = 5000;
}
return {
status: status,
user: {
id: userId
}
};
}