Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
MOSIP issues are maintained in Github. File the issue against the right repository.
Check if the issue is already reported.
Check if the issue is already fixed.
If not, just go and file the issue
Template for filing new issues
Describe the issue A clear and concise description of what the bug is.
To Reproduce Steps to reproduce the behavior:
Expected behavior A clear and concise description of what you expected to happen.
Actual behavior A clear and concise description of what you see.
Screenshots If applicable, add screenshots to help explain your problem.
Environment (please complete the following information): Hardware and software details such as client OS, Server OS, Browser details etc
Attach logs Helps in faster resolution of data
Additional context Add any other context about the problem here.
Check if the feature is already reported.
Check if the feature is already fixed.
If not, just go and file the feature request
Template for filing new feature request
What is the current limitation without the feature
Describe the feature request
What would the key benefits of this feature
Do you have any recommendations and solutions that are existing in the field
Any technology/solution recommendation would be highly appreciated
The recommended Github work flow here is for developers to submit code and documentation contributions to MOSIP open source repositories.
Fork MOSIP repository of interest from https://github.com/mosip/
Clone the fork to your local machine. Eg:
Set upstream project as the original from where you forked. Eg:
Make sure you never directly push to upstream.
Confirm the origin and upstream.
Create a new issue in MOSIP Jira.
You may work on master, switch to a branch (like Release branch) or create a new branch.
Make sure you are up-to-date with upstream repo.
Once you are done with the work, commit your changes referring to Jira number in the commit message. Eg:
Once again ensure that you are up-to-date with upstream repo as it may have moved forward.
Build and test your code. Make sure it follows the coding guidelines.
Push to your forked repo (origin).
Create a pull-request on your forked repo. Direct the pull-request to master or any specific branch on upstream (like a Release branch).
Make sure the automatic tests on Github for your pull-request pass.
The pull-request shall be reviewed by reviewers.
The Modular Open Source Identity Platform (MOSIP) effort started about 20 months ago as a response to the technology challenge identified by the ID community. MOSIP has launched the 1.1 version on Github and continues to improve the platform with fixes and enhancements. However, there are several additional important modules that need to be built to shape this open-source layer. The MOSIP team has curated a list of modules/ problems that would require the best minds in the technology world to take up and solve for.
To organize this effort to work with technology enthusiasts from around the world, the MOSIP team is proposing the Technology Contributors Coalition (TCC). The TCC is being set-up as a coalition of individuals and organizations who are keen on shaping the evolution of MOSIP. Organizations can encourage their resources to collaborate on specific projects by contributing code and documentation or second their resources to work full time with the MOSIP team.
TCC contributors will work closely with the MOSIP team on identified modules, features, or problems, or suggest new modules and enhancements to MOSIP. The key areas of contribution will include enhancements related to privacy, security, interoperability, service delivery, improved user experience etc. A suggested set of ideas for collaboration are appended below.
#1. Reporting Framework Mosip in its operation generates system data, seed data and transaction data along with audit logs. Reporting and analytics are required to monitor the operations of the system.
Use cases
Collation of data from numerous sources like master tables, transactional data, audit logs, system health monitors.
Creation of a live stream of data for real time analytics
Creation of a data lake to store data for consumption by presentation tools
Computation and storage of metrics on a periodic basis for trend analysis
Mechanism to archive or purge data based on time
Provide reports to support operations (some indicative reports are given below)
Report the number of new registrations carried out per day
Report the number of UIN update transactions
How many registrations happened per registration center on a given day
Report the number of UINs allocated age-wise and gender wise
How many registrations were approved and rejected end of day centerwise
Given a center, the list of registrations that were rejected along with the reasons for rejecting
Given a date or date range, list of registration packets that failed processing (for administrators)
Packet processing statistical report that includes
Number of new registrations, UIN updates, lost UIN, UIN updates via. Resident Services & Re-Prints done every day.
Number of packets stuck at processing state or failed for a specific date
#2. Registration App on a Tablet The registration services contain the required functionalities to capture and record demographic and biometric details of individuals. A native UI has been provided as a reference implementation for demo and customization. It is required to provide the same functionality on an iOS and Android tablets.
Use cases
Use the inbuilt camera to capture photograph
Work with peripherals for capture of other fingerprint and Iris
Use MDS specifications for interacting with the devices to capture biometrics securely
#3. Resident Portal Resident portal offers residents to avail self-service features for managing their identity data, controlling and viewing usage of their identity. A set of REST API provided by MOSIP is available for the portal to use. A portal is required with a human-centric design.
Use cases
Updating ID data
Managing ID usage (Lock / Unlock)
Generate virtual id
View usage logs
Merge pre-registration features into this portal
CMS integration for country specific content to be presented
Login, session management features
Responsive UI that can work with mobiles and tablets
You can view the features for Resident Services here.
#4. Resident Portal App The resident self-service app offers the same set of features offered in the portal as an app on the phone or tablet. Refer to Problem 3 for use cases.
#5. Log Manager Log manager provides following functionalities:
Create a logging system reference implementation with stacks such as elk, splunk, kafka etc.
Logging features should support
Supports creation of logs without loss of data with log levels
Collates logs from across the application
Store generated logs in configured location
Manages log size, rotation segregation
Support for logger configurations
Support addition log level to a particular logger dynamically
Indexing and searching of log to be supported
Time based purging of log to be supported for different types of log data
These logs come handy for analyzing the system behavior and debugging. More details can be obtained from our Java Coding Standards.
We need a visual dashboard that would display the logs using tools like Kibana.
#6. Consent Framework MOSIP is a custodian of user’s identity data. A user consent framework is needed that allows users to wield varying degrees of control of different types of their data and their uses.
Consent is required from the user for the following:
Verification of user identity by an external application
Verification of user data (Know Your Customer)
Sharing of user data (Know Your Customer)
Seeding of authorized systems (Functional ID Linkage)
Consent can be obtained a-priori or instantly for different nature of transactions. Consent can be provided in multiple ways like:
Authorizing a transaction with authentication (single or multi-factor) (Instant)
Signing the request with a digital certificate (apriori)
Providing an OTP (Instant)
Sharing a generated pass-key (Instant)
Using a challenge-response mechanism (Instant)
No action is taken without user’s continued consent and knowledge.
A data clearinghouse setup can be set up to facilitate the exchange of information between the functional system based on user consent. This will help keep user information current and relevant and avoid sharing of data via third-party agents or an unsecured procurement chain.
#7. Fraud Analytics The objective of a fraud management system is to ensure frauds in various stages are identified and prevented. Some examples of tagging for possibility of frauds are below.
Fake supporting documents such as Proof of Identity, Address proof, age proof etc.
Registration in the name of an individual who is dead
Registration that happens outside the windows of working time of the registration centers
Registering a child with invalid introducer (may be with using the operator’s identity)
Pre-registrations done from outside the country are tagged for fraud analysis.
Pre-registrations done from a single host many times may be tagged for fraud analysis.
A registration operator is taking way more time than the standard time may be tagged for further analysis.
A registration center has been decommissioned however there could be attempted registrations that eventually MOSIP denies, but the data would be useful for further analysis about the activities around the center.
A registration operator has been disabled, but there could be attempted registrations that are denied by MOSIP, but the data would be useful for further analysis.
Frequent registrations happening from one or more centers using manual adjudication process regularly could be a case of possible frauds.
#8. System Health Monitoring Users need to monitor the health of various services running on the MOSIP server to manage them efficiently. The foundational ID Systems needs to run 24x7 for long period of time.
Common health monitoring use cases are,
Health of the services that includes services that are running and the ones that are down
Requests pending in the queues that have not been clearly for a long time
One or more services are not reachable since they are not running
The server may be running but has crashed multiple times over a given period of time rendering the server unhealthy.
The dependent servers/services such as ABIS, authentication servers, eKYC servers etc might be disconnected or not running and hence the server may not be able to fulfil requests completely.
The server may be running at suboptimal performance
Measure system metrics such as network utilization, disk utilization, CPU and memory utilization. The solution would require
Providing health monitoring APIs using which one could create a health monitoring dashboard
Providing alerts via SMS and emails.
Providing mechanisms to register to one or more alerts
All MOSIP services are embedded into various docker containers orchestrated by Kubernetes. Hence it is possible to measure the following
Kubernetes node utilization
Monitoring the running pods
Utilization of network, memory and CPU in individual pods
Tools sets that may be used could be,
Heapster can be used to monitor Kubernetes clusters and collect metrics from it.
InfluxdB can be used to store these collected metrics in time-series database
Grafana or Prometheus to aggregate the collected information
#9. Homomorphic encryptions for offline validation An offline authentication mode is a powerful way to prove identity with very less traceability by a central system. We would like to avoid any card-based technology in performing such authentication as carrying and keeping its pin safe is specific to the culture of the country. The better model would be to print an ID card themselves (like QR code) who can then take it anywhere for validation without losing the privacy. One example use case is defined below.
Login to the MOSIP from a internet connected computer.
Perform a biometric/biographic authentication and receive the ekyc data.
Print the data (VID + demographic + photo) encrypted with homomorphic in QR form.
The data is digitally signed.
Take it to a bank to open an account
The person who carries the QR code print provides VID (one VID per QR) and demographic data.
Bank validates if the homomorphic data contains the given information and the photo matches the person standing in front.
If all is OK then the bank stores the entire QR Code and opens the account.
#10. Transparency of data integrity in custodian’s environment The initial adopters of MOSIP are developing nations with huge aspirations to go digital. While MOSIP plays a vital role in establishing a foundational digital id its essential that MOSIP brings transparency to the demographic and biometric data stored.
We want to ensure that every individual’s record is updated only after his consent.
A means of cryptography through which we could ensure that internal hackers cannot alter records and hide the evidence.
A mechanism for MOSIP to auto-publish a hash (or something similar) which could be used to validate that the data has not tampered.
#11. False Finger/Iris/Face detection While biometric has proven to be unique it also suffers from attacks related to false fingers/non-live photos. It’s important to build a mechanism over which we can detect such fraudulent activities. While the device on the field would bring in liveness validation it would not be enough just to depend on that alone.
All our images are JPEG lossless, so it would be good to have a mechanism to identify false biometrics on the server.
#12. Advanced demographic storage One of the important services in MOSIP is to provide authentication - An online verification. MOSIP plans to federate this service across multiple players. We expect the residents to choose a service provider to whom MOSIP can share data.
MOSIP would like to share this data in an encrypted model where the authentication provider has no access to the original data but still be non-reputable, and is able to provide an online verification service.
Is it possible to use Homomorphic encryption in this case?
Please see the Contributor Guide on how to file bugs, contribute code, and more.
You can join the our developer mailing list to get more updates!
MOSIP is developed as an open source framework project. The code developed complies with the Java standards and best practices.
This document gives various RESTful webservice standards which have to be followed during the MOSIP development.
This document covers the coding standards, which are followed by the RESTful webservice developers.
The syntax of the URL of the RESTful webservice should be as follows for all the modules except Kernel,
https://<IP_ADDRESS>:<PORT>/<MODULE_NAME>/<VERSION>/<RESOURCE_NAME>/<PARAMETERS_AND_VALUES_IF_ANY>
For example,
https://mosip.io/pre-registration/v1/document
Only in case of Kernel modules, the <MODULE_NAME> is not included. The format is as follows,
https://<IP_ADDRESS>:<PORT>/<VERSION>/<RESOURCE_NAME>/<PARAMETERS_AND_VALUES_IF_ANY>
Following URL is an example for Kernel,
https://mosip.io/v1/emailnotifier
The convention is, before <RESOURCE_NAME>, we should have the version number.
The URL is the sentence, the resources are nouns and the HTTP methods are verbs. The URL, before the parameters, should contain only spinal case ( - ). The URL, before the parameters, should not contain snake case ( _ ) or camel case. NOTE: The parameters can contain snake case or camel case.
Use nouns for CRUD operations. Resource GET read POST create PUT update DELETE delete /preenrolments Returns list of pre enrolments Creates a new pre enrolment Bulk updates Delete all preenrolments /preenrolments/123 Returns a particular pre enrolment Updates a specific car Deletes a specific car
For operations, wherever applicable the operations can be added as part of the URL itself. For example, /getAllPreenrolments /createNewEnrolment /deleteAllPreenrolments
Use the plural nouns in the resource names if there is CRUD operations. For example,
https://mosip.io/pre-registration/v1/individuals Prefer
https://mosip.io/pre-registration/v1/individual Avoid
In other cases, use singulars in the nouns. For example,
https://mosip.io/pre-registration/v1/OTP
The actions are added in the URL, wherever applicable. For example,
https://mosip.io/pre-registration/v1/OTP/generator
https://mosip.io/pre-registration/v1/OTP/validator
Use only the intended purpose of the HTTP methods. For example, do not use POST to update a resource or PUT to create a resource.
In all the success cases and failure cases, 200 HTTP Status code is returned. Based on the "errors" JSON element in the response, the caller can decide whether the call is success or failure.
When the caller want to identify the resource, the path param is used. For example,
https://mosip.io/pre-registration/v1/individuals/id1234
The filter has to be applied via the URL parameters. For example,
https://mosip.io/pre-registration/v1/individuals/id1234?city=someCityName&pincode=473822
In case if the results have to be sorted, it can be mentioned in the URL parameter named sort. For example,
https://mosip.io/pre-registration/v1/individuals/1234?sort=firstName
In case of pagination, the page number can be mentioned in the parameter by the name “page”. For example,
https://mosip.io/pre-registration/v1/individuals/1234?page=15
Always use SSL for the services. No services should be exposed without SSL.
Always version the service. The version have to be mentioned in the URL of the service after the hostname (and port number, if any). For example,
https://mosip.io/pre-registration/v1/individuals/1234 --> Except Kernel module
https://mosip.io/v1/individuals/1234 --> Kernel module
Always go with the design first approach. First, define the Swagger specification and publish to the Swagger UI after getting it reviewed. The coding should be started after the design is completed and the specification is completed in Swagger.
There are 3 sections in the Request.
15.1. Request headers: This will contain 3 mandatory fields. They are "id", "version" and "requesttime". The "requesttime" have to be in UTC standard ISO8601 format
15.2. Request meta data: This is an optional field. If the service is expecting any metadata, they can be passed here.
15.3. Request payload: This is an optional field. The request payload goes here.
For example,
Request:
There are 4 sections in the Response.
16.1. Response headers: This will contain 3 mandatory fields. They are "id", "version" and "requesttime". The "requesttime" have to be in UTC standard ISO8601 format
16.2. Response meta data: This is an optional field. If the service is expecting any metadata, they can be passed here.
16.3. Response payload: The response payload goes here.
16.4. Errors: The Errors array goes here. Even, in case of single error, the error have to be in an array. This is an optional field. In case if the service doesn't contains error, this element will not be there in the response.
For example,
Response:
In case, there is no request payload or path params or URL params, only the version will be present in the URL.
In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
Examples of behaviour that contributes to creating a positive environment include:
Using welcoming and inclusive language
Being respectful of differing viewpoints and experiences
Gracefully accepting constructive criticism
Focusing on what is best for the community
Showing empathy towards other community members
Examples of unacceptable behaviour by participants include:
The use of sexualised language or imagery and unwelcome sexual attention or advances
Trolling, insulting/derogatory comments, and personal or political attacks
Public or private harassment
Publishing others' private information, such as a physical or electronic address, without explicit permission
Other conduct which could reasonably be considered inappropriate in a professional setting
Project maintainers are responsible for clarifying the standards of acceptable behaviour and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behaviour.
Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviours that they deem inappropriate, threatening, offensive, or harmful.
This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
Instances of abusive, harassing, or otherwise unacceptable behaviour may be reported by contacting the project team at conduct@mosip.io. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
For answers to common questions about this code of conduct, see https://www.contributor-covenant.org/faq
Guidelines to implement Authorization and Authentication techniques in the Angular application are detailed in this document.
Before going in to the components let us discuss the following flows of Authorization and Authentication.
Initially a login request is made passing user credentials to a REST API as specified in the SPECS of that API.
In the response of a successful authentication you will receive user details and an auth_token as the value of the header "Authorization".
Now the received auth token has to be stored and re-used. For example let us use sessionStorage to store the auth_token under the key "TOKEN".
Now any kind of HTTP/HTTPS requests we make from the application has to be sent by adding a header "Authorization" and value of auth_token stored in sessionStorage with key by name "Token" for the purpose of authentication.
If the response comes back with a new token which might be because of previous token getting expired or refresh token mechanisms that happen in the backend, we need to replace the old token with the new one in the session storage.
After successful login the user details are sent to the client(Angular application/ Browser).
Now store the userDetails in the sessionStorage for example under the key "UserDetails".
Now we need to hide some pages/components/user action elements etc. based on the roles that the user possess.
To implement the Authentication and Authorization flows mentioned above, all we need to do is implement an Interceptor and a Directive which were mentioned above and detailed below.
Tasks to be implemented in a Client/UI Http interceptor are:
Append "Authorization" header to the request using the token value stored in the session storage.
Replace/Add the session storage token value with the one received in the response "Authorization" headers.
Below code implements the requirements mentioned above:
Role of the Roles directive is to fetch roles from UserDetails stored in the session storage and verify if the user has required roles to perform some action or read some details and restrict access accordingly.
Below code implements the requirements mentioned above:
Now inject the above interceptor and directive in the app.module.ts as follows
To activate/deactivate => show/hide element all we need to do is add the appRole attribute to the HTML element as shown below:
In the above sample, the add button will only be visible for users with DIVISION_ADMIN or SUPERVISOR role.
Note: Above mentioned code snippets are not the final implementations. Based on the API specs and a few other factors the method implementations might change a bit. However, the component structures remain the same.
In MOSIP, the source code modules are categorized under different repositories:
Commons - This contains common reusable library modules and service modules
Kernel - The collection of common reusable library modules and services
ID-Repo - The ID Repository services used by many of the MOSIP modules
Feature Specific Modules (for example)
registration
registration-processor
pre-registration
id-authentication
If a new source code module is planned to be added, and if it is a reusable library / service on which other modules will be depending on, then it should be added under Commons, otherwise, it can be created as a separate repository.
Source code of any feature in MOSIP will be organized as below:
feature-parent
feature-core - jar
feature-common - jar
feature-service-1 - SpringBoot service
feature-service-2 - SpringBoot service
This should be a POM module that aggregates all the sub-modules. This should contain,
List of all sub-modules
Common properties such as versions used by all sub-modules
Common dependencies used by all of the sub-modules
Common maven-plugins used by all sub modules
There should be a JAR module that defines core source code files such as,
APIs (Application Programming Interfaces)
SPIs (Service Provider Interfaces)
Common Utility classes
Helper classes
DTO classes
Custom Exception classes
There can be a JAR module that provides abstract base implementations or common implementations of the APIs and SPIs. Other modules such as service module will be depending on this module using the API/SPI implementations or extending their base implementations.
Any Service implementation class should have 'Impl' suffix.
A feature can have one or more Spring Boot Service modules, each will have one or more related services.
Each Spring Boot Service Modules will be deployed as a separate deployment unit such as a docker container. So each will contain the separate Dockerfile containing the docker build instructions for that module.
Each Spring Boot Service Modules should be configured with Swagger configuration (except specific cases where) for easy understanding of the feature, easy unit-testing and verification for the developers.
No Spring Boot Service module should be used as a dependency to any other module. Any such code dependency should be going inside the Common Implementation module.
In MOSIP following naming of Class/Interfaces their names should be of Camel cases, without any underscore.
They should have following suffixes in their names and they should be under appropriate package name based on their category,
XyzService - For a Service interface. A service class should not be annotated with @Service. This will be in the core-module. This will be under *.spi.xyz.service package.
XyzServiceImpl - For a Spring Service implementation class. This class should be annotated with @Service. This should not be defined in a core-module. It will be defined in a common or service module. This will be under *.spi.xyz.service.impl package.
XyzRequestDto - For a Request Data Transfer class in a Service. This will be in the core-module. This will be under *.xyz.dto package.
XyzResponseDto - For a Response Data Transfer class in a Service. This will be in the core-module. This will be under *.xyz.dto package.
XyzEntity or XyzDao- For an Entity/ Data Access class, which will use JPA annotations for the entity. This will be in the core-module. This will be under or *.xyz.entity or *.xyz.dao package.
XyzRepository - For a JPA Repository interface, which will be extending the base MOSIP Repository interface io.mosip.kernel.core.dataaccess.spi.repository.BaseRepository. This will be annotated with @Repository annotation. This will be under *.xyz.repository package.
XyzController - For a Spring Controller class, which will be annotated with @Controller annotation. This will be under *.xyz.controller package.
XyzConfiguration - For a Spring configuration, which will be annotated with @Configuration. This will be under *.xyz.config package.
XyzUtil or XyzUtils - For a utility class. This will expose public static utility methods. This will be under *.xyz.util package.
XyzHelper - For a helper class. This will be a Spring Component class annotated with @Component. This will expose public instance helper methods. This will be under *.xyz.helper package.
XyzManager - For any management class. Also for any class that will connect external module using REST service calls. This will be a Spring Component class annotated with @Component.
XyzConstants - For file storing constants. Please prefer to have a Constants file to define common and related constants used across the classes in a feature. This can be inside the core-module or common-module. This will be under *.xyz.constant package.
XyzException - For a custom exception, which will be extending io.mosip.kernel.core.exception.BaseCheckedException and io.mosip.kernel.core.exception.BaseUncheckedException. This will be defined in a core-module. This will be under *.xyz.exception package.
XyzExceptionHandler - For the centralized exception handler class in a service-module, annotated with @ControllerAdvice or @RestControllerAdvice annotation. This will be under *.xyz.exception package.
XyzFactory - For any class/interface defining Factory design pattern. This will be under *.xyz.factory package.
Xyzbuilder - For any class/interface defining Builder design pattern. This will be under *.xyz.builder package.
XyzFacade - For any class/interface defining Facade design pattern.
XyzImpl - For any implementation class that extends an API/SPI interface.
A service implementation should be always with a combination of Service Interface and its Spring Service Implementation Class. It should not be without a Service Interface defined in core-module.
Any Spring Component will be annotated with @Component. A component may or may not be implementing an interface.
Any dependency injection of a Spring Service should only to be assigned to a variable of its Service Interface type but not to its Implementation class type.
For dependency injection of a Spring Component should be assigned to a variable its Interface type if any, otherwise to the class type.
All data classes such as DTOs, Entity classes use Lombok annotations to automatically create appropriate constructors, getters and setters.
Make sure to setup the IDE used for the development for using Lombok.
Any JPA repository created in MOSIP should be extending the base MOSIP Repository interface io.mosip.kernel.core.dataaccess.spi.repository.BaseRepository.
Appropriate database configurations properties should be added to the app configuration file.
MOSIP has many common libraries and services implemented under Commons/Kernel repository.
Kernel-Core module contains may common utility classes such as Loggers, DateUtils, StringUtils and Crypto-Core etc… Also many utility services such as Kernel-KeyManager, Kernel-CryptoService, Kernel-Audit-Service, Kernel-Auth-Service, etc... .
If any common utility needs to be implemented, first check Commons/Kernel if such utility is already present and make sure it is not already implemented in Commons/Kernel. It is always welcomed to contribute any new features/ bug fixes for the existing utilities, instead of creating a new utility.
Any request and response content in a service in MOSIP should be of application/json content type.
Any byte arrays to be returned in response should be Base-64-URL encoded within the response.
If any sensitive information is getting transferred in the request/response, the request/response block should be encrypted using the MOSIP public key.
Any service in MOSIP should never return error code other than 200. One or more errors to be reported in the response be returned as an array as part of "errors" attribute.
Each of the "error" attribute should under "errors" should have "errorCode", "errorMessage" and an optional "actionMessage". * For any service, possible "errorCode", "errorMessage" and the optional "actionMessage" should be properly listed documented in its API specification.
Any request/response body should have proper meta-data such as "id, "version" and "requestTime"/"responseTime", etc... .
For example:
The number of lines in the Java files is restricted to 2000 lines. Beyond 2000 lines, the java file is refactored into multiple files.
Each java file contains one public class or interface.
When some private classes and interfaces are associated, this can be in the same file.
Declare the public class and interface as the first declaration in the file.
When a java file is written, the following order is maintained,
The beginning comment should be in a C-style comment. Following is the format of the comment.
The first non-comment line is the package statement.
After a line-break below the package statement, import statements are placed. The import statements are grouped and segregated by a line-break. For example,
Do not use asterisk symbol while importing packages.
This comment will be going in to the Javadocs
Then the public class or interface is defined.
Then other private class or interface are followed.
Following is the order of elements inside the class declaration
Constant fields (static and final fields) should be on the top inside a Class
Then any non-final static fields are followed
The public class variables are followed by the protected and the private variables. These can be final or non-final fields.
Initializing Fields in a class
Do not initialize non-primitive fields with null in a Class;
Always initialize non-static fields from constructors in a Class.
Avoid using static non-final fields in a class. If it required for any specific reason, avoid initializing it in a constructor or a post-construct method.
Avoid using static initializers to initialize static final/non-final fields, instead create private static methods and call it for initializing static fields.
The constructor declarations ordered by the number of parameters.
The methods are ordered by the functionality. The methods need not to be in the order of scope or accessibility.
The indentation unit it TAB.
The number of characters in a line should not exceed 80 characters
When the number of characters exceed the limit, the line should be broken into multiple lines. The following standard is used during the line breaks,
Break the line after the comma
Break before the operator
From higher-level breaks go to the lower-level breaks.
Align the new line with the beginning of the expression at the same level on the previous line.
There are two types of comments in Java.
Implementation comments
Documentation comments
Both the comment types are used in the source code of MOSIP.
This is the comment type used for better understanding of the code. Most of the times, the source code will be maintained by different people. The programmer writes these comments so that the other programmers will come to know the functionality of the code in plain English language. Following lines are used.
Java source code can have their implementation comments in various parts of code blocks/lines with appropriate description about what the code block or line is doing.
Specifically the if-else if-else conditions can have their descriptions about their various conditional expressions.
Any complex piece of code such as a regular expression / mathematical expression can be described with appropriate descriptions about it.
When the developer needs to explain in detail about some functionality, block comments are used. Block comments are used anywhere in the code. It can be for the class or interface declarations or it can be within the java methods also. Example of block comments:
Single line comments are used for short description. For example,
Trailing comments are given in the same line where the source code resides. For example,
The end-of-line comments are also used in the source file. For example,
Documentation comments are used to generate the javadoc files.
Every source code file in Java should have proper Java Documentation such as description, Author and Version.
All Classes, Interfaces, Methods, Fields should have appropriate clear description about each.
A method documentation should have description about all parameters, exceptions thrown and return value.
Documentation comments can be of two kinds:
Single line documentation comment: /** COMMENT */
Multi-line documentation comment:
Example:
One variable is declared per line.
Variables are declared at the beginning of the code block. For example,
No space between a method name and the parenthesis "(" starting its parameter list
Open brace "{" appears at the end of the same line as the declaration statement
Closing brace "}" starts a line by itself indented to match its corresponding opening statement,
Except when it is a null statement the "}" should appear immediately after the "{"
An empty line is there in between the method declarations.
A method should follow the "Single Responsibility" principle that will perform only one task. If it seems to do multiple sub-tasks, each sub-tasks should be created as a new method and then be invoked in that method.
If there is a logic even of a single line getting repeated in more than one place, it should be made as a separate method.
A method line count should not exceed 80 lines. If required break the blocks of code in the method to separate methods.
Methods are separated by a blank line.
Never re-assign a parameter value. This may lead to unpredictable bugs.
Don't use too many number of parameters. Keep the maximum number of method parameters to 5 for simplicity.
Prefer method parameter type to be more generic such as a Super Interface or Super Class. For example, List instead of ArrayList.
Never return null for an Array return type. Return an empty array of 0 like return new String[0].
Never return null for a Set/List/Map collection return types. Return corresponding empty values such as Collections.emptySet(), Collections.emptyList() or Collections.emptyMap();
Prefer method return type to be more generic such as a Super Interface or Super Class. For example, List instead of ArrayList.
Avoid having multiple return statements in a method. Prefer to provide a single point of exit to a method. For example:
Use Optional return type to avoid null checking. When there is possible to return null for a method, return Optional.empty().
Use OptionalInt, OptionalLong return types for a method when there is an unknown value of Integer/Long to be returned like -1;
Each line should contain at most one statement. Example:
Compound statements are statements that contain lists of statements enclosed in braces
The enclosed statements should be indented one more level than the compound statement.
The opening brace should be at the end of the line that begins the compound statement; the closing brace should begin a line and be indented to the beginning of the compound statement.
Braces are used around all statements, even single statements, when they are part of a control structure, such as an if-else or for statement. This makes it easier to add statements without accidentally introducing bugs due to forgetting to add braces. For example:
A return statement with a value should not use parentheses unless they make the return value more obvious in some way. Example:
Always curly braces are used in the if-else statements. Even though there is a single statement below the if-else statement, curly braces is used. For example,
If there is a Boolean value to be returned in a method or assigned to a variable based on an if-else condition, the condition itself should be returned or assigned instead of true or false for the condition. For example,
Prefer "switch" statement when possible over having multiple “if-else if-else if-else” statements.
If any binary operator is used before "?" in the ternary operator, then parentheses is used.
Prefer if-else statement over conditional expressions if it gets complex with the condition or the statements.
Avoid using nested conditional expressions for better readability.
A switch statement should have the following form:
Every time a case falls through (doesn't include a break statement), add a comment where the break statement would normally be. This is shown in the preceding code example with the /* falls through */ comment.
Every switch statement should include a default case. The break in the default case is redundant, but it prevents a fall-through error if later another case is added.
Only for the following situations 2 blank lines are used,
Between 2 different sections of the source file
If you have more than one class or interface, use 2 blank lines
Only for the following situations, 1 blank line is used,
Between method declarations.
Between the variable declarations and the method code.
Before the block comment or line comment.
To provide a better readability in between logical blocks, an empty line are used, wherever applicable.
Under the following circumstances, blank space are used,
When a keyword followed by parenthesis, a blank space should be given after the keyword. For example,
In the argument list, the parameters are given a space after comma.
The method names are always verbs and in camel case. For example
The variable names are short and meaningful. Any new observer can understand the meaning of the variable. No single letter variable names are used. Camel case is used when declaring variables.
The constants are given the name in capital letters. The words in the names are separated by underscore.
String literals should not be used in the code directly. Declare them as constant in the class.
Magic Numbers should not be used in code, they should be declared as constants.
Create XyzConstants class to group related and reused constants within a module/feature.
The instance variables should not be made public unless you have a specific reason.
Provide the most restrictive access to the fields, methods and Inner Classes such as private, default or protected. Avoid giving public access to them unless it is really required. Avoid using public non-final fields in a Class.
Always use the class name to call the static method. For example,
Numerical values should not be used in the code directly. Declare them and use it in the code. For example,
Avoid multiple assignments in the same line. For example,
Prefer primitive type variables over boxed types wherever possible. For example, prefer int, boolean and long over their Boxed counterparts such as Integer, Boolean and Long.
Prefer variable type to be more generic such as a Super Interface or Super Class. For example, List instead of ArrayList.
Use Optional return type in a method to avoid null checking. When there is possible to return null for a method, return Optional.empty().
Use OptionalInt or OptionalLong return type in a method when there is an unknown value of Integer/Long to be returned like -1;
Avoid getting value from Optional using Optional.get() without checking for Optional.isPresent() condition, otherwise use Optional.orElse() .
Use primitive optional classes such as OptionalInt or OptionalLong over Optional<Integer> or Optional<Long>.
Prefer Method Reference over a Lambda Expression
Keep Lambda Expressions Short and Self-explanatory so that it is easy to understand. . Provide clear understandable name to the parameters in Lambda Expressions.
Always use parameter type inference. For example,
Do not use the parenthesis for a single parameter lambda expression.
Use “Effectively Final” Variables in Lambda Expressions. It is not required to mark every target variable as final.
Avoid mutating Object Variables in Lambda Expression.
Avoid using the block lambdas wherever an expression lambda are used. For example:
Prefer Standard Functional Interfaces over creating a similar one unless it is really required. Use Standard Functional interfaces, which are gathered in the java.util.function package, satisfy most developers' needs in providing target types for lambda expressions and method references.
On a new Functional Interface declaration always use @FunctionalInterface annotation. This is not only for the documentation purpose but also to avoid accidentally breaking the Functional Interface behavior.
Instantiate Functional Interfaces with Lambda Expressions instead of creating anonymous inner class instances for that.
Whenever calling the functional interface, place them at last in the parameter list.
For example:
Prefer Streams over for loops. Streams are more readable and functional than the "for" loops, as they support operations such as map, flatMap, filter, reduce and collect.
Exception handling in the streams are carefully handled.
Avoid mutating objects within Collection.forEach() or Stream.forEach(), use Stream.collect() instead. For example use Stream.collect(Collectors.toList()) instead of mutating a list for collecting elements to a list.
Use parallel streams where ever possible to boost performance, whenever it does not involve sort/order/limit intermediate operations.
MOSIP applications should never allow to exit abruptly because of a critical error. Even if there is a critical error there should be a graceful exit with proper information about the error.
Each feature should be defining their own Checked and Unchecked Exceptions by extending io.mosip.kernel.core.exception.BaseCheckedException and io.mosip.kernel.core.exception.BaseUncheckedException .
The Checked and Unchecked exceptions should be used appropriately as needed. Make sure which one to use when based on the exception handling requirement.
Throw specific exceptions in a method, rather than generic exceptions. For example,
The exceptions are documented clearly. For example,
Always prefer to use try-with-resource block when applicable like instantiating a Input or Output stream/reader or Connection, which are AutoCloseable.
The following example uses a try-with-resources statement to automatically close a java.sql.Statement object:
A try-with-resources statement can have catch and finally blocks just like an ordinary try statement.
Always catch specific exceptions over a more generic exceptions like Exception/Throwable class. For example,
Never leave a catch block empty. Either handle the exception, or say proper reason for doing nothing in it.
Use multi-catch blocks wherever possible to club common handling of multiple exceptions.
Always log exceptions to file in a catch block for debugging purpose.
Error and Throwable are never caught in MOSIP.
Any service module should handle their exceptions in a common place such as a common Exception Handler which can be annotated with @ControllerAdvice or @RestControllerAdvice
Any service in MOSIP should never return error code other than 200. One or more errors to be reported in the response be returned as an array as part of "errors" attribute.
Logs are classified and logged accordingly. Following are the various log levels used in the MOSIP application.
TRACE
DEBUG
INFO
WARN
ERROR
The log levels are configured according to the environment such as Development, Testing, UAT or Production. For example, the log levels in production is from WARN. Whereas in Development and Testing environment, it is from TRACE.
MOSIP's log component from the core-kernel is used to log entries. The log module in the core-kernel is used to log all the log entries.
First create a logger utility class under the core module of the feature like below:
To log any information/error/debug in a class,
create a logger instance in that class as below: private static Logger mosipLogger = XYZLogger.getLogger(MyClass.class);
In appropriate places invoke the appropriate log method of mosipLogger such as error, debug or info with appropriate parameters passed to it.
Every log entry contains the following format,
For example,
Never log any sensitive information such as user credentials, individual identity information to the log, mask the data if required before logging.
Care should be taken, not to log any sensitive information is logged. Modules leads to review the code to ensure that no sensitive information is logged.
Any service in MOSIP should invoke Kernel's AuditManager REST Service for audit logging of the status of the services such as
Success
Failure
Exception occurred - the error codes and error messages.
Define the appropriate Audit Modules and Audit Events for any feature and use pass them appropriately in the Audit Parameters while invoking the Audit REST service.
Make sure to invoke the Audit REST service Asynchronously to prevent any time lagging in response because of the Audit REST service call.
Apache Commons is used to handle the common utilities like StringUtil, FileUtil, Hashcode, toString, null check etc., are
In case if Apache Commons doesn't have the necessary utilities, the util project from mosip-core is used.
Following are the miscellaneous practices which are followed in MOSIP.
Parenthesis are used in the code liberally to improve the readability and for precedence clarity.
Never type cast a variable without doing instanceof checking.
Avoid unnecessary type casting when the type of the value/expression is already assigned to a correct variable type/return type.
Avoid using Generic classes without Parameter types. For example:
Use diamond operator while constructing Generic objects. For example:
While chaining multiple method calls, keep one method call per line for better clarity and easy debugging of any issue (especially to get line number in exception stack trace where exactly is the error/exception occurs). For example:
Special comments are used to give a hint for further development. Following are the special comments used in the MOSIP project,
TODO
FIXME
NOTE
OPTIMIZE
It should be made sure to track the above comments, perform action accordingly, and remove them when they become irrelevant.
Refer to '' for a comprehensive overview of foundational ID systems and MOSIP.
Get to know the
Get to know the
If you do not have a GitHub account, create one .
Deploy and try MOSIP using the .
The has some basic ethics that must while operating within the MOSIP community. Make sure you read it completely. If you have any queries/suggestions, direct them to .
If you are a developer willing to contribute to MOSIP, take a look at .
Congratulations! You've successfully bootstrapped yourself into the world of MOSIP. Welcome aboard!
Curious about where you can contribute? There are plenty of ways to get involved with MOSIP :
Requirements and Design
Share new requirements and ideas
Review and provide feedback on design and architecture
Coding
Fix issues and enhance features
Review code contributions
Triage and resolve bugs
Testing
Run tests on unstable builds
Create and add new tests
Fix test scripts and generate test data
Documentation
Correct and improve documentation
Test documentation and report any issues
Fix documentation issues
Localize documents (French, Arabic, and Spanish are currently in high demand!)
We're here to assist you every step of the way!
This document lists out the instructions on how to use the in a Spring Boot application.
Step 1:
Step 2:
Step 3:
Add the Auth Adapter module to your project as a maven dependency
Add ComponentScan annotation as shown below to your project. This is to create auth adapter bean.
To restrict access to your endpoints, you need to add the @PreAuthorize annotation. Look at the below example for reference.
Note: Now we support only hasRole and hasAnyRole methods.
To make any kind of HTTP or HTTPS calls to a mosip's micro service that also injected the Auth Adapter, use the standard RestTemplate capabilities as shown below.
Intially autowire the RestTemplate in the class where you are going to make an API call.
Now make the call using the autowired restTemplate as shown in the sample below:
Note: Do not create a new instance of the RestTemplate instead use the autowired one.
The MOSIP architecture mainly consists of the following functional blocks/modules
Pre-Registration - Web application designed in Angular JS A resident can provide his demographic details in this web application and book an appointment for his future registration at a registration center
Registration Client - A Desktop thick client application developed in JavaFX. A resident is registered through the Registration Client software to generate get a unique identification number. The software captures demographic and biometrics information of the residents. It is connected to scanner devices (finger print, iris), camera and printer to capture resident biometrics information
Registration Processor - A back-end server application developed using SEDA framework It processes the client packets and generates UIN based on de-dupuplication information from ABIS (Automated Biometrics Identification System)
IDA (ID Authentication) - A back-end authentication server developed using spring family. It authenticates the resident based on registered set of biometric and demographic information
Test automation is the key to the success of comprehensive test coverage and test data. However in the context of MOSIP testing, where there are external devices and integration with third party software, test automation cannot be exhaustive and comprehensive test coverage can be achieved by testing driven by manual intervention, along with test automation.
In this document we will also talk about utilities for test data generation, tools for test automation and test strategy in general.
Each of the modules has the following building blocks which are the testable entities, at the module level
System Integration Testing - This involves testing functional work-flows across the modules, starting from Pre-Reg and ending in IDA
Test Automation - tools, approach, test code configuration management process, regular usage
Data utility tools - approach, usage
Each module is tested, both manually and through automation software for effective test coverage.
A progressively evolving test approach is being adopted in both cases.
Manual Testing starts with module level functional coverage followed by --> integration across modules --> End to end workflow testing
Automation Testing starts with the fundamental building blocks like APIs, and grows up the stack.
Individual API verification is followed by --> API Integration testing --> integration across modules --> End to end workflow testing
A critical interface module of MOSIP, Kernel is the core package on which MOSIP services are built upon and is a platform, which provides higher-level services and functions that shall be reused by other modules of MOSIP.
Kernel provides a foundation to build and run the services by providing several significant necessary technical functions. Kernel makes it easy to build the higher-level services (domain services, batch services and core services) by taking care of fundamental features so that individual services are concerned with specific business functions. Kernel provides an active framework that ensures structure and rules within which the higher-level services operate.
Kernel automation works with Restful and Java API’s.
The test execution module of the Kernel module involving API’s is as depicted below
Knowledge on Java 8
Basic knowledge on Rest assured tool
Knowledge on Maven
Knowledge on TestNg framework
Knowledge on GitHub
Good analytical and debugging skill
Create a workspace in the local system
Open git bash in the workspace
Enter the command :- git clone https://github.com/mosip/mosip-functional-tests.git
MOSIP project shall be cloned
Import the “automationtests” project into the eclipse.
None
From the automationtests project, the test suites and cases can be located in the folder [src/main/resources]
Every API tests structure (model, api name and test case) are stored in a folder/sub-folder approach. Let us take an example of “Email Notification service” and explain how to add a new test
Every test case will have 2 json files named [request.json and response.json] in its sub-folder as shown below
In the request.json file, we need to mention the input that needs to be send to the API and response.json file contains the expected result for that particular input.
Based on the test cases, we need to add the test case folders with request and response files.
The readTestCases method from TestCaseReader class will read the folder names and give the test case names and readRequestResponseJson method from TestCaseReader class will read the request and response files from the tests.
To run the automation suite of Kernel you will need an xml file named [testngKernel.xml], which will be available under [src/main/resources].
Add what are the test need to run in that xml file.
Add the path of the xml file in pom.xml file under maven surefire plugin.
Right click project
Select “Run as configuration”
Under configuration select Maven build and create new maven build
Select current project as workspace
Pass the below commands in the Goals:
Command: clean install -Denv.user= <required environment> -Denv.endpoint=<application URL> -Denv.testLevel=<test level>
where,
Required Environment- In which environment the suite needs to run. (Ex: qa, dev, int)
Test Level- Type of tests like (Ex: smoke, regression, smokeAndRegression)
Here regression means all tests other than smoke tests.
Select or Click the button “RUN”
Once the execution is completed, Test report will be generated in target/surefire-reports folder with the name MOSIP_ModuleLevelAutoRun_TestNGReport.html
Open the report in Internet Explorer
The report will give the module name, total number of test case execution with pass, skipped and fail count
Report will provide the build version and also execution time
Report will show API name and corresponding test case names with execution time
For failed test cases, it will show the cause of failure
This is the web channel of MOSIP, which facilitates capturing individual information, relevant documents and booking an appointment with a registration center. This helps to reduce registration time and optimize the process. The current web application is highly modular by design and with multi language support. This UI can be customized or modified as per the country's requirements. A country can also build a new web/mobile application on top of the back end services that MOSIP provides.
Knowledge on Java 8
Knowledge on Rest services
Knowledge on maven
Good analytical and debugging skill
Navigate to git repository.
Copy URI
Open Git Bash
Clone repository(git clone “URI”)
None
From the code repository of the module, the test suites and cases can be located in the folder [src/main/resources]
To add new test case we need to create a folder inside test suite folder. You can give folder name same as test case name
In the Create_PreRegistartionRequest.json file, we need to mention all folder name(Test Case Name). When we run any class, then it will pick request body from folder and it will pick expected response. We will take request body, as input and it will give response (Actual Response). For Validation, we are doing JSON to JSON comparison.
In Pre-Registration module, we have created on class called PreRegistrationLibrary, which is present in io.mosip.util package. In this class, we have created all reusable method, which is used, in Pre-Registration module.
E.g. To book an appointment first we need to create an application, upload document, and then book appointment. Here for each operation we have created one method.
To run the automation suite of Pre-Registration module you will need an xml file named [Pre-Registration_TestNG.xml], which will be available under [src/main/resources]. In this xml file we need to add class name which we want to run.
Procedure to execute the [Reg-automation-service_TestNG.xml] xml File:
Right click the xml file Pre-Registration_TestNG.xml
Select “Run as configuration”
Run as Maven
Select workspace(${workspace_loc:/automationtests})
Here,
Denv.user indicates environment name.
Denv.endpoint indicates base URI
Denv.testLevel indicates types of test case we want to run
Select or Click the button “RUN”
Test Suites execution will commence.
Test report will be stored in [surefire-report] folder under the base directory/project
Right click on class, which you want to run.
Click on run as
Click on testing
Select class
In VM argument pass -Denv.user=qa -Denv.endpoint="eg:https://testenvname.mosip.io" -Denv.testLevel=smokeAndRegression
Once run is complete, then refresh project and go to target/surefire folder.
Open MOSIP_ModuleLevelAutoRun_TestNGReport.html report.
To analyze failure test case check exception message.
An important client interface module of MOSIP, which captures the Biometric and Demographic information of the Individual resident. This module also stores supporting information such as proof documents and information about the guardian or introducer as per the configuration set by the Admin. The packet creation is finished in this module in a secure way using sophisticated encryption algorithm and later send to the server for online mode of processing. The registration client test suites comprises of tests related to UI and Java API’s.
The test execution module of the Registration client module involving Java API’s is as depicted below
Knowledge on Java 8
Basic knowledge on Spring services and should know annotations
Knowledge on maven
Good analytical and debugging skill
Instruction to checkout code from GitHub using Eclipse.
Open eclipse
Go to quick access and search “clone git”
None
From the code repository of the module, the test suites and cases can be located in the folder [src/test/resources]
Based on values set inside the condition.properties file test cases will fetch the data from yaml file and then call a data generator code internally which shall add meaningful right or incorrect values as test data into these variables. More information on the Yaml file can be found under appendix
To run the automation suite of Registration Client module you will need an xml file named [Reg-automation-service_TestNG.xml], which will be available under [src/test/resources].
Procedure to execute the [Reg-automation-service_TestNG.xml] xml File:
Right click the xml file Reg-automation-service_TestNG.xml
Select “Run as configuration”
Under configuration select [TestNG] and pass the VM argument as
Select or Click the button “RUN” Test Suites execution will commence.
Test report will be stored in [test-output] folder under the base directory/project
1. Java API
Java application programming interface (API) is a list of all classes that are part of the Java development kit (JDK). An application-programming interface (API), in the context of Java, is a collection of prewritten packages, classes, and interfaces with their respective methods, fields and constructors.
2. Yaml master data file
3. How to increase the data coverage inside Yaml file?
To increase the data coverage we can add as many as test data’s into the Yaml file
4. Any dependencies of values in the Database
None
Registration Processor processes the data (demographic and biometric) of an Individual for quality and uniqueness and then issues a Unique Identification Number (UIN). The source of data are primarily from
MOSIP Registration Client
Existing ID system(s) of a country
Knowledge on Core Java
Basic knowledge on Rest assured library
Knowledge on Maven
Knowledge on TestNg framework
Knowledge on Keyword, Data Driven and Hybrid methodology
Knowledge on GitHub
Good analytical and debugging skill
Launch eclipse with new or existing workspace
Import the automationtests project into the eclipse.
Case 1: For API Level Testing
From the automationtests project, the testdata can be located in the folder [src/main/resources]
Case 2: For Stage Level Testing
From the automationtests project, the testdata can be located in the folder [src/main/resources]
The reg proc automation suite will tweak the values in a valid packet and will generate packets for the above attributes sequentially.
There is one more file “StageBits.properties” which has a stage string. The string is used to construct the status string for a packet. For eg if stage string is “111110000” it means that packet should go through first five stage and should fail for last 4 stages.
To run the automation suite of Reg-Proc, build the project and get the uber jar generated under target.
Run the jar using the command line “java -Denv.user= -Denv.endpoint= -Denv.testLevel= -jar ”
Example: java -Denv.user=qa -Denv.endpoint="eg:https://testenvname.mosip.io" -Denv.testLevel=smokeandregression -jar automationtests-refactor-0.9.1-jar-with-dependencies.jar
Note: env = qa,dev,int | testLevel=smoke,regression,smokeandregression
Report will be generated under “< workspace >/testing-report.
Report can be opened in any Web browser (i.e. Internet Explorer)
The report will consist of module name, total number of test case executed with status as either pass, skipped and fail and their count.
Report will also display API name and corresponding test case names with execution time along with build version and execution time.
For detailed analysis, refer logs or default testing-report and for failed test cases, the related cause of failure will be highlighted.
MOSIP ID Authentication provides an API based authentication mechanism for entities to validate Individuals. ID Authentication is the primary mode for entities to validate an Individual before providing any service.
Knowledge on Core Java
Basic knowledge on Rest assured library
Knowledge on Maven
Knowledge on TestNg framework
Knowledge on Keyword, Data Driven and Hybrid methodology
Knowledge on GitHub
Good analytical and debugging skill
Launch eclipse with new or existing workspace
Import the automationtests project into the eclipse.
From the automationtests project, the testdata can be located in the folder [src/main/resources]
Pre-requisites: open runConfiguration.properties file
Add the following two lines which represents your test case; one for the folder location and another on the test data as below, the array [X], where “X” represents the number of times this tests shall be repeated with different test data
An example: DemographicAuthentication.testDataPath[6]=ida/TestData/Demo/Name/
DemographicAuthentication.testDataFileName[6]=testdata.ida.Demo.Name.mapping.yml
If you want to remove a test, kindly comment the relevant line in this file before the execution of TestNG runner class
Please use the TestData keyword defined under in appendix for creating your request.json file. The provided keywords are sufficient for testing the ID Authentication module, however If you ever need you can add an additional attribute to the end of this list
Sample structure of the request.JSON file, which is being created at run time using the attributes defined in the TestData, which reads from the Yaml data file:
To run the automation suite of ID-Authentication, build the project and get the uber jar generated under target.
Run the jar using the command line “java -Denv.user= -Denv.endpoint= -Denv.testLevel= -jar ”
Example: java -Denv.user=qa -Denv.endpoint="eg:https://testenvname.mosip.io" -Denv.testLevel=smokeandregression -jar automationtests-refactor-0.9.1-jar-with-dependencies.jar
Note: env = qa,dev,int | testLevel=smoke,regression,smokeandregression
Report will be generated under “/testing-report
Report can be opened in any Web browser (i.e. Internet Explorer)
The report will consist of module name, total number of test case executed with status as either pass, skipped and fail and their count.
Report will also display API name and corresponding test case names with execution time along with build version and execution time.
For detailed analysis, refer logs or default testing-report and for failed test cases, the related cause of failure will be highlighted.
Yaml Test Data Format:
The sample structure should be like below:
TestData Keyword repository:
End to end system level Test Rig covers the functionality across the modules starting with Pre-Registration and ending in Registration Processor or IDA.
The below diagram depicts the overall design of the end to end suite.
Knowledge on Core Java
Basic knowledge on Rest assured library
Knowledge on Maven
Knowledge on TestNg framework
Knowledge on Keyword, Data Driven and Hybrid methodology
Knowledge on GitHub
Good analytical and debugging skill
Launch eclipse with new or existing workspace
Import the e2etestrig project into the eclipse.
The E2E rig is a basic parent child maven project
It contains 5 child project which are as follows:
Pre Registration which will generate list of Pre-IDs
Registration Client which will generate list of packets.
Registration Processor which will generate UIN for the packets.
IDA to perform authentication.
E2E to consume the above projects
A basic code structure looks as follows:
4.6.4.1 A Code Structure For E2E run
The E2E code has the following prerequisite
Under src/test/resources we should have an input.json which contains a data to generate the list of preIDs.
All the module level suites should be up and running.
A sample pom for e2e looks like the following:
The pre Reg Automation has the following pre Requisite :
It should have an input.json file which will conation info about the adults and children against whom the preIDs are being generated.
The Reg Client Automation has the following pre Requisite:
The pre Reg Automation Should have run.
A json file with a list of preIds must have been generated.
The reg Proc Automation has the following pre Requisite:
The reg Client and pre Reg automation should have run.
A list of packets must have been generated.
The IDA automation has the following pre Requisite :
The regProc,reg Client,Pre Reg automation should have run.
A list of uin should be present as a property file under src/main/resources which is generated by regProc.
To run the automation suite simply select the “EndToEndRun.java” class under the package “io.mosip.e2e.runner”.
Report will be generated under “/testing-report.
Report can be opened in any Web browser (i.e. Internet Explorer)
The report will consist of total number of test case executed with status as either pass, skipped and fail and their count.
Report will also display applicant type and corresponding test case names with execution time along with build version and execution time.
For detailed analysis, refer logs or default testing-report and for failed test cases, the related cause of failure will be highlighted.
The rig is designed to run for only 5 packets.
The rig should run on a particular version of each module.
Courtesy : Sasikumar Ganesan
Test Rig represents a one click automation to build, deploy and test a software module. Successful execution of test rig would ascertain complete setup of the MOSIP platform.
Test-Rig comprises of multiple components starting from:
Kubernetes env setup
Pulling the source code from the GIT repository
Running sonarqube tests for static code analysis
Building the application using maven
Automated application deployment using Kubernetes
Running automated unit tests
Running automated tests to verify and validate the application build against the given requirements.
MOSIP platform architecture is mainly based on Micro services and SEDA architecture. Therefore it predominantly comprises of Rest & JAVA APIs. Therefore test automation best serves the purpose of detailed API level testing. Test automation is the key to the successful testing of individual APIs and their interrelation with interdependent APIs. It ensures comprehensive test coverage and test data.
Automation deliverables mainly comprises of individual module level suites for the individual MOSIP modules:
Pre-Registration
Registration Client
Registration Processor
IDA
Kernel
Additionally there will be an end to end, system level test suite that will cut across all modules covering the functionality
The below diagram depicts the various building blocks of the module level suite.
Salient features
The automation suite is configurable to selectively execute tests such as Sanity or/and Regression
Each module level suite covers API and inter API automation
The individual module level test suites and the end to end suite are triggered via the CI/CD pipeline and run post application deployment
The user guides listed below detail the usage of individual module level automation suites
End to end system level Test Rig covers the functionality across the modules starting with Pre-Registration and ending in Registration Processor or IDA.
The below diagram depicts the overall design of the end to end suite.
You may also be interested in joining our community room on Gitter via where you could get some great community support.
This Code of Conduct is adapted from the , version 1.4, available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
Refer to for more information.
All the package name in MOSIP application starts with io.mosip. Refer to section for various kinds or classes and the package names under which they should be kept.
The names given to classes are always nouns and in camel case. Refer to section for various kinds or classes and their names.
The names given to interface is always noun and in camel case. Refer to section for various kinds or interfaces and their names.
Fantastic! Submit a pull request by following our .
Fantastic! We'd love to hear your feedback. If you've discovered an issue or have an idea for an enhancement, please submit it to our . Be sure to follow the to help us address it efficiently. Your contributions are invaluable in helping us improve!
For the quality gurus and the testing geeks! Join the MOSIP testers group where you get to contribute towards improving the quality of MOSIP releases making it stable and better adoptable. Lots of material about the such as building and running the test rig, documentation to modify code, test scripts, and test data generation have been made available.
Join the : Stay up-to-date with the latest announcements, discussions, and support from the MOSIP developer community.
Join Our Community Room via : Connect with fellow community members, ask questions, and get support from experienced developers. It's a great place to collaborate and learn from others!
There are few more methods available apart from hasAnyRole like hasRole. Look in to the documentation for more details.
The test execution work-flow for the module Pre-Registration involving Rest API’s is as depicted below:
Every API tests structure (test suite and test case) are stored in a folder/sub-folder approach. Let us take an example of “Create_PreRegistration” and Here you can see Create_PreRegistration is the suite name and inside that we have list of test cases.
Every test case name we need to add Create_PreRegistrationRequest.json file
In Goal Pass environment name,Base URI and type of test case you want to run(smoke or regression)
A pop up will appear in that enter the URI, Host and Repository path as same as below. Pass your GitHub username and password and click on next.
Search the branch name, select it, and then click next. Our latest branch name as .
Browse the directory to pull the code.
Now the code will be in eclipse git repository. Import the required project to the workspace. For registration client automation, we want to import kernel and registration projects.
Every API tests structure (test suite and test case) are stored in a folder/sub-folder approach. Let us take an example of “Email Notification service” and explain how to add a new test
Every test case will have a configuration property file named [condition.properties] in its sub-folder as shown below
In this condition.properties file, we need to mention the parameter type that needs to be sent to the API. [valid] indicates the value passed is a correct/right data and [invalid] indicates the data being sent is an incorrect/wrong data.(we can also check the parameter behavior for the empty and space also, for that we can pass the value as space and empty respectively in condition.properties) This information has to be entered for every field/parameter that the API consists.
For more detail, refer to the
Yaml file is the master data set for testing the API, Sample Mater Data set is as below:
The workflow of testing or running the test suite of the available API’s And Stages is as depicted below
Clone project from
Every API tests structure (model, api name and test case) are stored in a folder/sub-folder approach. Let us take an example of “Sync Api Service” and explain how to add a new test
Every stage can be tested by feeding negative packets to the system and expecting them to fail for the particular stage. Let us take the example of “OSI Validation Stage”
A sample property file looks like as follows:
An example of how this service will work is as depicted below
The workflow of testing or running the test suite of the available API’s is as depicted below
Clone project from
Every API tests structure (model, api name and test case) are stored in a folder/sub-folder approach. Let us take an example of “Demo-Address Authentication service” and explain how to add a new test
Configuration Setup for creating the request Json file:
Clone project from
Pre-Registration
UI REST APIs
UI Functional Testing Individual API testing API level integration testing
Registration Client
Java APIs
UI Functional Testing (with simulators and with devices) Individual API testing API level integration testing
Registration Processor
Java APIs SEDA vert.x stages
Individual API testing Integration work-flow testing including the APIs and vert.x for processing various packet types
IDA
REST APIs
Individual API testing Integration work-flow testing
Kernel
REST APIs
Individual API testing Integration work-flow testing
$TIMESTAMPZ$
To generate current timestamp with UTC format
2019-06-20T16:18:08.008Z
$TIMESTAMP$
To generate current timestamp with timezone format
2019-06-20T16:18:08.008+05:30
$TIMESTAMP$HOUR+24
$TIMESTAMP$HOUR-24
$TIMESTAMP$MINUTE+23
$TIMESTAMP$MINUTW-56
$TIMESTAMP$SECOND+145
$TIMESTAMP$SECOND-123
To generate future or current timestamp
$RANDOM:N:10$
To generate random digit for the given number
$RANDOM:N:10$
$RANDOM:N:3$
$RANDOM:N:14$
$UIN$
To get random UIN number from uin.property file
$UIN$:WITH:Deactivated#
To get uin number from uin.property file where value contains Deactivated
$VID$
To get random VID from vid.property file where type as perpetual and status as ACTIVE
$VID:WITH:Temporary$
$VID:WITH:REVOKE$
To get random VID from vid.property file where value contains Temporary or Revoke
$VID:WHERE:UIN:WITH:VALID$
To get the VID from vid.property where uin.property value contains specified keyword after “WITH:”
$TestData: indvId_Vid_valid$
$TestData: bio_finger_LeftIndex_subType$
$TestData:bio_face_deviceCode$
To get the random value form the list in the authenticationTestData.yml file.
$input.bio-auth-request : AuthReq.transactionID$
To get the already assigned for the files
input.filename1: mappingName1: value1 mappingName2: value2
ouput.filename2: mappingName3:
$ input.filename: mappingName2$
where mappingName3 has set as value2
$errors:RevokedVID:errorCode$
$errors:InactiveVID:errorCode$
Get error code for the mentioned key “RevokedVID” from the errorCodeMsg.yml file.
$errors:InactiveVID:errorMessage$
$errors:RevokedVID:errorMessage$
Get error message for the mentioned key “RevokedVID” from the errorCodeMsg.yml file.
$idrepo ~ $input.bio-auth-request : AuthReq.individualId$ ~ DECODEFILE: individualBiometricsValue ~ //BIR/BDBInfo[Type = 'Finger'][Subtype = 'Left IndexFinger']//following::BDB$
$idrepo ~ $input.bio-auth-request : AuthReq.individualId$ ~ DECODEFILE: individualBiometricsValue ~ //BIR/BDBInfo [Type= 'Face']//following::BDB$
To get biometric value for the UIN using cbeff File. It is combination of above listed keyword.
Where $idrepo -> keyword mandatory at start.
$input.bio-auth-request : AuthReq.individualId$ -> get the value from the previously mentioned field
individualBiometricsValue -> Mapping name in UINMapping/mapping.property
//BIR/BDBInfo[Type = 'Finger'][Subtype = 'Left IndexFinger']//following::BDB -> cbeff xpath, where in this location biovalue will be saved for Left IndexFinger
$idrepo~$input.demo-auth-request: AuthReq.individualId$ ~ valueaddressLine1: langcode: TestData: primary_lang_code$
$idrepo~$input.demo-auth-request: AuthReq.individualId$ ~ valuecity: langcode: TestData: secondary_lang_code$
To get demographic data for the UIN and language.
Where $idrepo -> keyword mandatory at start.
$input.demo-auth-request: AuthReq.individualId$ -> get the value from the previously mentioned field
valueaddressLine1 -> Mapping name in UINMapping/mapping.property
TestData: primary_lang_code -> keyword to get language code from the authenticationTestData.yml
find_sec_bugs
Scans source code for vulnerable code, Has the abilty to integrate into developer machine. Effective with Java
SAST
Open Source
Yes
A SASS based source code review platform. Its free for open source projects. Can do both Java and javascript
SAST
Free
Yes
OWASP Zap proxy
This is the best we have and we should use the ZAP and automate all tests
DAST
Open Source
Yes
MS Baseline security Analyzer
In case we use a windows infrastructure then this tool is usefull.
Hardening
Free
No
Open Scap
We will need to create a custom profile and should be able to scan for hardened OS
Hardening
Free
Yes
Open Scap
Docker scanning
Docker scan
Free
Yes
Nessus Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning
Commercial
No
Kali linux
OS with all the necessary tools to perform a pentest. This would be a lab setup and would be used as part of UAT testing
Penetration Testing
Open Source
No
Skipfish
Hacking tool set from google.
DAST
Open Source
No
Burp suite
A web proxy used for penetration testing of web applications
DAST
Commercial
No
This document guides the developer to find the traceability between UI and the respective controller components. The provided technical classes are available in the package of 'registration-client' module. In this module, the required controllers are bind with the FXML screens.
It doesn't detail about each methods level information since that is covered in Javadoc of each component and Design Documents.
Functionality:
Login with UserName and Password/ OTP/ BIO
Technical Detail:
Login screen with User ID will be loaded initially and after successful valudation of the user id the respective authenitcaiton screen [if multi-factor more than one authenticaiton] will be loaded
FXML and Controller class
RegistrtaionLogin.fxml --> LoginController.java and Authentication.fxml --> AuthenticationController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons,text fields, Radio buttons, On-click events directly mapped to the Controllers of public methods
Functionality:
Officer Information Header Screen
Technical Detail:
After successful login, the Home screen displayed with the officer's information as a header.
FXML and Controller class
Header.fxml --> HeaderController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of public methods.
Functionality:
Main / Home Screen
Technical Detail:
After successful login to the application, the application launches the home screen where the operator can do the new registration/UIN update/ Lost UIN / Pending Approval/ Update operator Bio-metrics operations
FXML and Controller class
RegistrationOfficerLayout.fxml, RegistrationOfficerPacketLayout.fxml --> PacketHandlerController.java. For each controller always the initalization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped ot the Controllers of public methods.
Functionality:
Registration Header Screen
Technical Detail:
On Click of any registration/UIN update or Lost UIN the screen header loaded with Registration Header screen, which indicates to the operator currently which data are we going to capture. It highlights with bold color.
FXML and Controller class
RegistrationHeader.fxml --> RegistrationHeaderController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Demographic Screen
Technical Detail:
This screen helps to capture the demographic information of the Resident like Name,Age/DOB , Address, Parent/Guardian Details,Email ID and Mobile Number
FXML and Controller class
Registration.fxml, DemographicDetail.fxml --> RegistrationController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Fingerprint Capture Screen
Technical Detail:
This screen helps to capture the fingerprint information of the Resident like left slap /Right Slap and two thumbs. Apart from this capture of single fingerprint for the authentication will also be called from here. The operations like Reset/Star Over and Scan methods are applicable to this screen
FXML and Controller class
FingerPrintCapture.fxml --> FingerPrintCaptureController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Iris Capture Screen
Technical Detail:
This screen helps to capture the Iris information of the Resident like left Eye /Right eye. Apart from this capture of single iris for the authentication will also be called from here. The operations like Reset/Star Over and Scan methods are applicable to this screen
FXML and Controller class
IrisCapture.fxml --> IrisCaptureController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Face Capture and Camera popup Screen
Technical Detail:
This screen helps to capture the Face information of the Resident using the ICFO standard. Apart from this capture of face for the authentication will also be called from here. The operations like capture/reset/close methods are applicable to this screen. The pop for the camera will be also part of this controller.
FXML and Controller class
FaceCapture.fxml --> FaceCaptureController.java and WebCamera.fxml --> WebCameraController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Resident capture information Preview Screen
Technical Detail:
This screen helps to preview the captured information of the Resident like Demographic/Bio-metric and Documents scanned. This screen helps to edit the particular section of which we captured.
FXML and Controller class
RegistrationPreview.fxml --> RegistrationPreviewController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Officer/Supervisor Authentication Screen
Technical Detail:
This screen helps to authenticate the officer/supervisor, after capture the all resident information. The authentication can happen base don the configuration like PWD/OTP/Bio-metric.
FXML and Controller class
OperatorAuthentication.fxml --> AuthenticationController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Acknowledgment Screen
Technical Detail:
This screen helps to provide the acknowledgment information of the information captured of the resident. This helps the operator to print the acknowledgment slip and give to the resident.
FXML and Controller class
AckReceipt.fxml --> AckReceiptController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Document Scan Screen & Scan Popup screen
Technical Detail:
This screen helps to scan the required documents which required based on the operations like New Registration/UIN update /Lost UIN. This scan/edit/remove operation of the documents mapped to this controller. For each scan button, the relevant scan pop window will be displayed. The operations capture will be part of the ScanPopupViewController.
FXML and Controller class
DocumentScan.fxml --> DocumentScanController.java and Scan.fxml --> ScanPopUpViewController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Bio-metric Exception Screen
Technical Detail:
This screen helps to mark the bio-metrics which are not available for the resident while capturing the biometric information. By this screen, we can select/deselect the fingers [10] and iris[2]. The operation select/deselect mapped to the controller.
FXML and Controller class
BiometricException.fxml --> BiometricExceptionController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Parent/Guardian Bio-metric Screen
Technical Detail:
This screen helps to capture the anyone of the parent bio-metric for the child registration/UIN update or Lost UIN. This screen provided with the dropdown by selecting the required bio-metric the same thing should be captured by the operator. The operation Reset/StarOver/Scan mapped to the controller.
FXML and Controller class
GuardianBiometrics.fxml --> GuardianBiometricsController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Officer/Supervisor Onboarding Screen
Technical Detail:
This screen helps to Onboard the officer/supervisor to the current machine to create the New Registration/UIN Update and Lost UIN for the residents.
FXML and Controller class
Onboard.fxml, UserOnboard.fxml --> UserOnboardParentController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Officer/Supervisor Fingerprint Capture Screen
Technical Detail:
This screen helps to capture the Officer/Supervisor fingerprint information of the Resident like left slap /Right Slap and two thumbs. Apart from this capture of single fingerprint for the authentication will also be called from here. The operations like Reset/Star Over and Scan methods are applicable to this screen
FXML and Controller class
UserOnboardFPCapture.fxml --> FingerPrintCaptureController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Officer/Supervisor Iris Capture Screen
Technical Detail:
This screen helps to capture the Officer/Supervisor Iris information of the Resident like left Eye /Right eye. Apart from this capture of single iris for the authentication will also be called from here. The operations like Reset/Star Over and Scan methods are applicable to this screen
FXML and Controller class
UserOnboardIrisCapture.fxml --> IrisCaptureController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Officer/Supervisor Face Capture and Camera popup Screen
Technical Detail:
This screen helps to capture the Officer/Supervisor Face information of the Resident using the ICFO standard. Apart from this capture of face for the authentication will also be called from here. The operations like capture/reset/close methods are applicable to this screen. The pop for the camera will be also part of this controller.
FXML and Controller class
UserOnboardWebCamera.fxml --> FaceCaptureController.java and WebCamera.fxml --> WebCameraController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods
Functionality:
Pending Approval Screen
Technical Detail:
This screen helps the supervisor to approve the registration done by the officer. This screen displays the list of the packets with respect to their acknowledgment slip. The operations approve/reject mapped to this controller.
FXML and Controller class
RegistrationPendingApproval.fxml --> RegistrationApprovalController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods.
Functionality:
Pending Approval - Rejection list Screen
Technical Detail:
This screen helps the supervisor to reject the registrations done by the officer. This screen displays the list of the packets with respect to their acknowledgment slip. The operations reject mapped to this controller. On selecting the rejection the drop-down will be displayed with a list of reasons to reject the registrations.
FXML and Controller class
RejectionComment.fxml --> RejectionController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods.
Functionality:
Send Notification[SMS/Email] Screen
Technical Detail:
This screen helps the officer to send the SMS/email to other members. After successful registration of the resident, if the person wants to send the message to more than one person they can send by using this screen.
FXML and Controller class
SendNotification.fxml --> SendNotificationController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods.
Functionality:
UIN - Update Selection Screen
Technical Detail:
This screen helps the officer to select the required fields to be updated as part of the UIN update screen. W.r.t the selection of the relevant fields and screen will be displayed subsequently.
FXML and Controller class
UpdateUIN.fxml --> UpdateUINController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods.
Functionality:
Re-Registration Screen
Technical Detail:
This screen helps the officer to inform/not inform the re-registration status, which comes from the server as response.
FXML and Controller class
ReRegistration.fxml --> ReRegistrationController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods.
Functionality:
Sync Data Screen
Technical Detail:
This screen helps the officer to sync the all required operations manually. Which is available at the Main home screen.
FXML and Controller class
SyncDataProcess.fxml --> SyncDataProcessController.java. For each controller always the initialization() method will be called from the controller to initialize the screen
Input parameter:
The required buttons, text fields, Radio buttons, On-click events directly mapped to the Controllers of the public methods.
This document guide the developer to find the traceability between functionality and the respective technical component. The provided technical classes are available in the package of 'registration-service' module. In this module the required functions are exposed as public method and that can be used to obtain the required features.
It doesn't detail about each methods level information since that are covered in Javadoc of each component.
Functionality:
Login with UserName and Password/ OTP/ BIO
Technical Detail:
Post successful login, session context would be created. That will be used throughout the application at the required places. The user detail and the respective roles are encapsulated inside the context. Without creation of this context object, the packet can't be created.
Main Service class and method:
SessionContext.create(UserDTO userDTO, String loginMethod, boolean isInitialSetUp, boolean isUserNewToMachine, AuthenticationValidatorDTO authenticationValidatorDTO)
Input parameter:
UserDTO – It should contain info of id, name, roles, center-id. loginMethod – possible values are PWD, OTP, FINGERPRINT, FACE, IRIS. isInitialSetUp – true/false, isUserNewToMachine – true/false, AuthenticationValidatorDTO – should contain id, password, otp
Auth:
Not required.
External Connectivity:
Service and DB
Functionality:
Packet Creation - New Registration / Update UIN/ Lost UIN
Technical Detail:
Based on the business need [New Registration / Update UIN/ Lost UIN] this 'RegistrationDTO' object should be populated with the relevant data and also pass the 'RegistrationMetaDataDTO.RegistrationCategory' as [New/ Update/ Lost].
Main Service class and methods
PacketHandlerService.handle(RegistrationDTO registrationDTO)
Input Parameter:
The RegistrationDTO object contains the RID, PRID, registration details of the individual and also contains the officer and supervisor details. This object has the following sub-classes: a. DemographicDTO - Details of the Demographic and Documents, b. BiometricDTO - Biometrics (Fingerprints, Irises, Face and Exception Face) of the individual, parent (or guardian), officer and supervisor, c. RegistrationMetaDataDTO - Metadata related to registration and d. OSIDataDTO - Details of the officer and supervisor who had authenticated the registration.
Auth:
SessionContext is required for creating the packet
External Connectivity
DB, File system
New Registration - Adult
As part of New registration, individual's Demographic, documents[POI and POA] and bio-metric [fingerprint, iris and face] will be captured. If an exception of the bio-metrics is marked, then exception photo will be captured.
New Registration - Child
As part of New registration, individual's Demographic, documents [POI, POA and POR] and anyone of parent's bio-metric [fingerprint/iris/face(if all fingerprint and iris are marked as exception)] along with that Parent's/Guardian's RID/UIN will be captured. If an exception is marked for the parent bio-metrics, an exception photo will be captured for the parent
UIN Update - Adult
As part of UIN Update, individual's will have the option to select the field that would like to update. For Demographic update --> UIN number, Name, Document[only if Name/Address is selected then POI for name and POA for address is mandate], and anyone of the bio-metric will be captured as a mandatory values. For Bio-metric update --> UIN number, Name and Bio-metrics [fingerprint, iris and face] will be captured, if an exception marked then exception photo will be captured
UIN Update-Child
As part of UIN Update, individual's will have the option to select which one they are going to be update. For Demographic update --> UIN Number, Name,POR document along with that Parent/Guardian Name and UIN along with anyone parent bio-metric should be captured; if any exception marked then the exception photo of the Parent/Guardian will be captured.
Lost UIN-Adult
As part of Lost UIN, an individual's all Bio-metrics[fingerprints, iris, and face] will be mandatory to find the lost UIN.
Lost UIN-Child
As part of Lost UIN, Parent/Guardian Bio-metric will be mandatory to find the lost UIN of the child. if an exception marked then the exception photo of the parent/Guardian will be captured.
Functionality:
PACKET SYNC– Sync all the Approved/ Rejected/ Re-Register Approved packets before Uploading to server
Main Service class and method:
PacketSyncServiceImpl.java - packetSync(List packetsToBeSynced)
Input Parameter:
packetsToBeSynced – The packet details which needs to be Synced.
Auth:
Authentication token required.
External Connectivity:
Packet Sync service REST call
Functionality:
Packet Upload
Main Service class and method:
PacketUploadService.pushPacket(File packet)
Input Parameter:
File object, which contains the packet to be uploaded.
Auth:
Authentication token required while doing file upload. Based on the SessionContext object the advice would attach the token and invoke the required service call.
External Connectivity:
Service, DB, File system
Functionality:
Packet Export
Main Service class and method:
PacketExportService.getSyncedRecords() - to fetch the packet to be exported. updateRegistrationStatus(List exportedPackets) - update the status once exported.
Input Parameter:
List of packet object.
Auth:
No.
External Connectivity:
DB, File system
Functionality:
Download Pre-Registration data during New Registration
Technical Detail:
The user provided pre-registration packet id related [demo/ doc] detail would be downloaded from Pre-registration DB using the respective REST service. After downloading the packet, the data would be mapped to the UI object and render the same to UI to display in the screen.
Main Service class and method:
PreRegistrationDataSyncServiceImpl.java - getPreRegistration(String preRegistrationId)
Input Parameter:
preRegistrationId- The pre reg id
Auth:
Authentication token required while downloading the packets. Based on the SessionContext object the advice would attach the token and invoke the required service call.
External Connectivity:
Pre Reg service REST call
Functionality:
EOD APPROVAL – Approve/Reject all the created packets
Main Service class and method:
RegistrationApprovalServiceImpl.java - updateRegistration(String registrationID, String statusComments, String clientStatusCode)
Input Parameter:
registrationID – The registration id of the packet that needs to be updated, statusComments - The comment status that needs to be updated for the given registration id of the packet, clientStatusCode - The status code that needs to be updated for the given registration id of the packet.
Auth:
NA
External Connectivity:
DB
Functionality:
Sync Data from Server to Client and Vice Versa.
Technical Detail:
This functionality will be executed as specified as sync-frequency in local DB. During start of the application, the scheduler would be loaded with the jobs configured in db and trigger the job. The scheduler would trigger the jobs at the configured frequency. While running the jobs, based on the functionality it would invoke the respective services and invoke the required external services to sync the data from server to client and vice versa. Post completion or every state of the job execution, the status would be updated in local db.
Main Service class and methods
Input Parameter:
-
Auth:
Auth token required for external services. This would be automatically taken care within this method. Nothing explicitly to be passed.
External Connectivity:
REST API calls, DB
Functionality:
MDM Integration – Register Device
Technical Detail:
This method automatically scans all devices by connecting to the MDM service, which is running in a particular port and stores it in device registry.
Main Service class and method:
MosipBioDeviceManager - init()
Input Parameter:
No parameter needed.
Auth:
Not required
External Connectivity:
deviceInfo - MDM service REST call
Functionality:
MDM Integration -Capture bio-metric
Main Service class and method:
BioServiceImpl - getFingerPrintImageAsDTOWithMdm(FingerprintDetailsDTO fpDetailsDTO, String fingerType)
Input Parameter:
FingerprintDetailsDTO – dto contains the finger print related details, fingerType – Type of the device like Fingerprint/ Iris/Face etc
Auth:
Not required
External Connectivity:
Capture - MDM service REST call
Functionality:
MDM Integration - Validate bio-metric against the bio value already captured and stored in Database.
Main Service class and method:
BioServiceImpl - validateFingerPrint(String userId) - based on provided user Id the relevant bio information would be fetched from database and same would be validated against the bio data received from MDM service.
Input Parameter:
mosipBioDeviceManager – scan(String deviceType)
Auth:
Not required
External Connectivity:
DB, Capture - MDM service REST call
Functionality:
MDM Integration - Display video stream
Main Service class and method:
Yet to be implemented
Input Parameter:
Auth:
Not required
External Connectivity:
Functionality:
TPM Public Key Sync
Technical Detail:
This service will be executed during initial set-up of registration client application. This service gets the Public Part of the Key used for signing from the TPM. Uploads this public key along with the machine name to the server. This service returns the key index which will be used for Master Sync Service
Main Service class and method:
TPMPublicKeySyncService.syncTPMPublicKey()
Input Parameter:
NA
Auth:
TPM 2.0 is required for this service
External Connectivity:
TPM, Web Service
The packets are created during individual registration process are structured and secured. The detail of the same can be found in this link.
List of packet status maintained in client db while moving the packet to the different state before and after pushing to the server.
Packet Status Desc
Status in Client
Once Packet Created
REGISTERED
Packet Approved
APPROVED
'Re-Register' packet approved
RE_REGISTER_APPROVED
Packet Rejected
REJECTED
Packet IDs Synced with Server
SYNCED
Packet pushed to Server
PUSHED
Packet exported to device
EXPORTED
Packet Status Desc
Status from Server
Packet in processing state
PROCESSING
UIN generated for the packet
PROCESSED
Unable to process the packet.
REREGISTER
Failed while processing packet due to internal issue
RESEND
Packet is received but not uploaded in LANDING_ZONE
RECEIVED
Duplicate found in abis
REJECTED
Below provided jobs are executed in batch mode through spring batch. The job execution frequencies are mentioned in the DB job related table. These jobs can also be triggered through manual process using 'Sync' option in the Menu, During initial login after successful online authentication and While starting the application if initial sync already completed.
Sl.No:
Service Desc.
Dependent Module
Under 'Sync' Menu
Initial Login
Application Launch
1.
Pre-registration Data Sync
Pre-reg
Y
N
N
2.
Policy Sync
Kernel
Y
N
N
3.
Registration Client Config Sync
Kernel
Y
Y
Y
4.
Registration Packet Status Reader
Reg-Proc
Y
N
N
5.
User Detail/Role Setup Sync
Kernel
Y
Y
Y
6.
Pre Registration Packet Deletion Job
local job
N
N
N
7.
Registration Packet Deletion Job
Local Job
N
N
N
8.
User Machine Mapping Sync Job
Kernel
Y
N
N
9.
Audit Log Deletion Job
Local Job
N
N
N
10.
Registration Packet Sync
Reg-Proc
Y
N
N
11.
Registration Packet Virus Scan
Reg-Proc
N
N
N
12.
Public key Sync service
Kernel
Y
Y
Y
13.
User Salt Sync service
Kernel
Y
Y
Y
As 'configurability' is the one of the major NFR being considered while designing the application, here listed out the required files where the configurations can be modified that will get reflected in application during runtime.
'registration-qa.properties' - Registration application specific configuration.
'application-qa.properties' - Overall application level common configuration.
These configuration would be downloaded to the client machine through the 'config' sync service. If there is any change with respect to 'kernel' properties then after downloading the properties the application will ask for 'restart'.
Age configuration:
Age limit is configurable in the application. User should modify the max age limit in both 'application' and 'registration' properties file.
{application property key : 'mosip.id.validation.identity.age'}
{registration property key : 'mosip.registration.max_age'}
Below find the list of tables used in Registration client application. Based on use cases, the table data gets updated during either sync process or transaction in local machine. There are few jobs are configured to clean the transactions histories from local tables and also pushing the audit data to server.
Sl. No
Table Name
Description
Source
1.
biometric_attribute
It contains the list of biometric attribute description[left slap, right iris..] for each biometric type [Fingerprint, Iris, Photo] with respect to language code
sync from server master table
2.
biometric_type
It contains the list of biometric type[Fingerprint, Iris, Photo] while respect to language code
Sync from server master table
3.
blacklisted_words
It contains the list of words which were not allowed during Registration process with respect to language code
Sync from server master table
4.
device_master
It contains master information related to device with respect to language code
Sync from server master table
5.
device_spec
It contains device specifications like brand, model with respect to language code
Sync from server master table
6.
device_type
It contains types of devices[Fingerprint scanner, camera] and their description with respect to language code
Sync from server master table
7.
doc_category
It contains list of document categories[Proof Of Address, Proof Of Identity...] which will be displayed in UI with respect to language code
Sync from server master table
8.
doc_type
It contains list of document types that are allowed for uploading documents in Registration with respect to language code
Sync from server master table
9.
gender
It contains list of gender types that are being used in Registration with respect to language code
Sync from server master table
10.
id_type
It contains list of Id types [Registration Id, Pre Registration Id] that are being used in Registration with respect to language code
Sync from server master table
11.
language
It contains list of languages that are being used in Registration
Sync from server master table
12.
location
It contains list of locations that are being used in Registration with respect to language code
Sync from server master table
13.
machine_master
It contains list of machine related data[mac address, serial number, machine name...] with respect to language code
Sync from server master table
14.
machine_spec
It contains list of machine specifications[brand, model...] with respect to language code
Sync from server master table
15.
machine_type
It contains list of machine types[Desktop,Laptop...] with respect to language code
Sync from server master table
16.
reason_category
It contains list of reason categories[Client Rejection, Manual Adjudication...] with respect to language code
Sync from server master table
17.
reason_list
It contains list of reasons [Invalid Address, Gender-Photo Mismatch...] that are listed during Registration Approval/Rejection with respect to language code
Sync from server master table
18.
registration_center
It contains list of Registration center ids with respect to language code
Sync from server master table
19.
reg_center_device
It contains list of Registration center ids with respect to language code
Sync from server master table
20.
reg_center_machine
It contains list of machine ids which are mapped to corresponding center id
Sync from server master table
21.
reg_center_machine_device
It is mapping table of center, machine and device
Sync from server master table.
22.
reg_center_type
It contains list of center types with respect to language code
Sync from server master table
23.
reg_center_user
It contains list of user ids that are mapped to corresponding center id
Sync from server master table
24.
reg_center_user_machine
It is a mapping table for center, user and machine
During Onboarding process
25.
template
It contains list of Templates that will be displayed during Registration with respect to language code
Sync from server master table
26.
template_type
It contains list of template types[email template, sms template..] with respect to language code
Sync from server master table
27.
title
It contains list of Titles[Mr, Mrs..] with respect to language code
Sync from server master table
28.
valid_document
It contains list of valid documents allowed for Registration with respect to language code
Sync from server master table
29.
sync_job_def
It contains list of Job details[Master Sync, User Detail Sync..] that are required for sync
Sync from server master table
30.
screen_authorization
It contains list of Screen Ids which are required for accessing features[New Registration, EOD..] with respect to roles
Sync from server master table
31.
role_list
It contains list of roles[Registration Officer, Registration Supervisor..] referred in Registration
Sync from server master table
32.
process_list
It contains list of process[login, eod..] happen during registration
Sync from server master table
33.
app_authentication_method
It contains list if authentication methods[PWD, OTP..] with respect to roles and process[login, eod..]
Sync from server master table
34.
app_detail
It contains list of application details[Pre-Registration, Registration Client] with respect to language code
Sync from server master table
35.
app_role_priority
It contains list of role priority details with respect to Process[login, eod..] and roles
Sync from server master table
36.
GLOBAL_PARAM
It contains list of Configuration related details used in Registration application.
Sync from server configuration [registration.properties, application.properties]
37.
user_detail
It contains list of User details[id,name, email..]
Sync from server master table
38.
user_pwd
It contains User Password details
Sync from server master table
39.
user_role
It contains data of roles which were mapped to the user
Sync from server master table
40.
user_biometric
It contains User biometrics[Fingerprint, Iris..] details[minutia, biometric type..]
During Onboarding Process
41.
key_store
It contains Mosip Public key , Packet creation key
During Public key Sync and Policy sync
42.
sync_control
It contains information about the jobs which are executed successfully along with its last time stamp
During Manual Sync and Scheduled Jobs
43.
sync_transaction
It contains data about all sync transactions
During Manual Sync and Scheduled Jobs
44.
registration
It contains data about Registration Packet[Registration Id, Status..]
During Registration process
45.
registration_transaction
It contains data of all transactions during registration process
During Registration process
46.
pre_registration_list
It contains list of Pre Registration details[Pre Registration Id, Status..]
During Pre Registration Sync
47.
audit_log_control
It contains data of Audit logging[From Time, To Time..]
During local transaction.
The UI specific labels and messages are maintained in the language specific property file. Based on the primary and secondary language the respective bundle would be loaded during runtime and displayed in the screen.
messages_en.properties - Messages are in English language. messages_ar.properties - Messages are in Arabic language. messages_fr.properties - Messages are in French language. labels_en.properties - Labels are in English language. labels_ar.properties - Labels are in Arabic language. labels_fn.properties - Labels are in French language.
Below find the list of error code and description which are thrown from application during the process.
Class Name
Error Codes
Description
GPSFacade
REG-LGE-002
GPS signal is weak please capture again
SyncStatusValidatorService
REG-ICS-006
GPS signal is weak please capture again
SyncStatusValidatorService
REG-ICS-005
GPS device not found. Please connect an on-boarded GPS device.
SyncStatusValidatorService
REG-ICS-005
Please connect the GPS Device
SyncStatusValidatorService
REG-ICS-004
Please insert the GPS device in the Specified Port
RegistrationApprovalController
LGN-UI-SHE
IO Exception
PacketSynchService
REG-PSS
Unable to Sync Packets to the server
PacketUploadService
REG-PUS
Unable to Push Packets to the server
BioService
IRC-IFC
Exception while scanning iris of the individual
BioService
FPC-FCS
Exception while scanning fingerprints of the individual
RestClientAuthAdvice
REG-RCA
Exception while adding authorization token to web-service request
TPMUtil
TPM-UTL-001
Exception while signing the data using TPM
TPMUtil
TPM-UTL-002
Exception while validating the signature provided by TPM
TPMUtil
TPM-UTL-003
Exception while encrypting the data using asymmetric crypto-algorithm through TPM
TPMUtil
TPM-UTL-004
Exception while encrypting the data using asymmetric crypto-algorithm through TPM
TPMUtil
TPM-UTL-005
Exception while getting the public part of the TPM signing key
TPMUtil
TPM-UTL-006
Exception while getting the TPM instance
TPMUtil
TPM-UTL-007
Exception while closing the TPM instance
TPMUtil
TPM-INT-001
Exception while closing the TPM instance
RegIdObjectValidator
REG-IOS-001
Invalid ID Object Schema
RegIdObjectValidator
REG-IOS-002
Invalid ID Object Pattern
RegIdObjectValidator
REG-IOS-003
Invalid Master Data Object Pattern
RestClientAuthAdvice
REG-RCA-001
Generic Exception reported by server, while invoking web-service.
RestClientAuthAdvice
REG-RCA-002
Exception while generating the signature of request body
RestClientAuthAdvice
REG-SDU-004
Response header received from the web-service is not as expected
DemographicDetailController
KER-IDV-102
PRID should not contain any sequential and repeated block of number for 2 or more than two digits
UpdateUINController
KER-IDV-203
UIN length should be as per configured digit.
RegistrationController
KER-TRL-002
Language code not supported
DemographicDetailController
KER-IDV-103
PRID length should be as configured digit
RestClientUtil
RPR-PKR-009
Packet HashSequence did not match
JobConfigurationServiceImpl.executeAllJobs() - This would load all the active jobs from the local db and trigger the jobs.
