The scope of testing is to verify fitment to the specification from the perspective of:
Functionality
Deployability
Configurability
Customizability
Verification is performed not only from the end-user perspective but also from the System Integrator (SI) point of view. Hence, the configurability and extensibility of the software is also assessed. This ensures readiness of software for use in multiple countries. Since MOSIP is an “API First” product platform, verification scope required comprehensive automation testing for all the MOSIP APIs. An automation Test Rig is created for the same.
The Inji Wallet
testing scope revolves around the following flows:
Biometric unlock
Passcode unlock
VC download via MOSIP
VC download via eSignet
Retrieving UIN/VID via AID
Pinning a VC
Normal VC sharing with VID
Deleting VC
Face Auth on Resident's phone with VID
Multi language support
Wallet binding
QR code Login
Logout
Persona based approach has been adopted to perform the IV&V(Independent Verification and Validation) by simulating the test scenarios that resemble a real-time implementation.
A Persona is a fictional character/ user profile created to represent a user type that might use a product/ or a service in a similar way. Persona based testing is a software testing technique that puts software testers in the customer's shoes, assesses their needs from the software and thereby determines use cases/ scenarios that the customers will execute. The persona needs may be addressed through any of the following:
Functionality
Deployability
Configurability
Customizability
The verification methods may differ based on how the need was addressed.
For regression check, MOSIP Test Rig
, an automation testing suite is indigenously designed and developed for supporting persona based testing. MOSIP Test Rig covers the end-to-end test execution and reporting. The end-to-end functional test scenarios are written starting from pre-registration, to creation of packet in registration center, processing the packet through the registration processor, generating UIN and authenticating identity using IDA through various permutation and combinations of cases being covered. MOSIP Test Rig will be an open source artifact which can also be enhanced and used by countries to validate the SI deliveries before going live. Persona classes include both negative and positive personas. Negative persona classes include users like Bribed Registration Office, Malicious Insider etc. The needs of positive persona classes must be met, whereas the needs of negative persona classes must be effectively restricted by the software.
Verification is performed on various configurations as mentioned below:
Default configuration - with 3 languages
Virtual countries
1 Lang configuration
2 Lang configuration
3 Lang configuration
Below are the test metrics for Inji Wallet by performing functional testing using mockMDS
and mockABIS
. The process followed was black box testing which based its test cases on the specifications of the software component under test. Functional test was performed in combination of individual module testing as well as integration testing. Test data were prepared inline with the user stories. Expected results were monitored by examining the user interface. The coverage includes GUI testing, System testing, End-To-End flows across multiple languages and configurations. The testing cycle included simulation of multiple identity schema and respective UI schema configurations.
Test Rate: 96% with Pass Rate: 86%
Here is the detailed breakdown of metrics:
Total Test cases: 733
Passed: 625
Failed: 76
Skipped: 32
Total Test cases: 661
Passed: 541
Failed: 100
Skipped: 20
Below section provides details on API test metrics by executing MOSIP functional automation Framework. All external API test executions were performed at module level isolation. Each endpoint is tested with the test data and expectations of each test data are mapped to assert the test case.
Test Rate: 100% with Pass Rate: 98.34%
Here is the detailed breakdown of metrics:
Note:
Functional and test rig code base branch which is used for the above metrics is:
Commit Sha: 6641489c9ea2129daaf6989c7e6d73bae528a4c0
Below section provides details on UI test metrics by executing MOSIP UI Automation Framework. Test executions were performed at module level isolation. Each end point is tested with the test data and expectations of each test data are mapped to assert the test case.
Here is the detailed breakdown of metrics:
Below are the test metrics by performing VC Sharing functionality on various device combinations.
Test Rate: 100% with Pass Rate: 100%
Below are the detailed test metrics by performing manual/ automation testing. The project metrics are derived from Defect density, Test coverage, Test execution coverage, test tracking and efficiency.
The various metrics that assist in test tracking and efficiency are as follows:
Passed Test Cases Coverage: It measures the percentage of passed test cases. (Number of passed tests / Total number of tests executed) x 100
Failed Test Case Coverage: It measures the percentage of all the failed test cases. (Number of failed tests / Total number of test cases executed) x 100
Link for the detailed test report.
Release Name: Inji vDP2
Upgrade From: Inji 0.10.0
Support: Developer Preview Release2
Release Date: 22nd January, 2024
The Developer Preview Version 2 release is an additional release on top of Inji 0.10.0. This release primarily emphasizes:
UI enhancements
Internal enhancements
Security fixes
Bug fixes
Below is the detailed summary of the release.
As a part of the VC sharing feature or listing of VCs for QR login, the Pinned VC will now appear on top of the VC list.
User can now provide one time consent for a selected VC while sharing the claims during QR code login.
Additionally, a search bar has been added to the Add new card
screen to improve user experience by allowing users to search for issuers based on the title.
Furthermore, any rendering issues in the user interface have been resolved.
Secure KeyStore and Tuvali have been integrated as independent NPM modules within the INJI framework. For further information, please refer to the provided documentation.
Additionally, all image assets have been converted from png
to svg
format. This transition ensures the presence of a single asset set, and the color of the icons will now be dynamically rendered based on the application's theme.
The critical vulnerabilities identified by OWASP dependency check have been addressed:
The expo-app-loading package has been replaced with expo-splash-screen for the purpose of app loading.
In order to enhance security for devices without hardware backed keystore, the crypto-js
package has been substituted with node-forge for encryption, decryption, and HMAC generation.
Efforts have been made to improve the security of data in the default file located in the mmkv
folder under the INJI-467 task.
To know more about Inji, watch the video!
Total
Passed
Failed
Skipped
1394
1166
176
52
Total
Passed
Failed
Skipped
1268
1247
17
4
Total
Passed
Failed
Skipped
154
152
2
0
Total
Passed
Failed
Skipped
1114
1095
15
4
Total
Passed
Failed
Skipped
102
61
41
0
Total
Passed
Failed
Skipped
52
36
16
0
Total
Passed
Failed
Skipped
50
25
25
0
Total
Passed
Failed
Skipped
152
152
0
0
Issue ID
Description
Unable to get error message when download retry count is updated to 10.
iOS - app data erased when we logout in offline.
We are not able to scan the e-signet QR code In iOS device.
App resets on re-launch after VC activation in iOS.
Logout not working in iOS version of Inji.
iOS - language preference is again asked when we logged out of the app.
UIN of previously downloaded VC is wrongly pre-filled in AID screen.
VC sharing is failing intermittently on Android.
Pinned VC's audit logs are missing.
Issue ID
Description
Android - app crashing while saving VC from eSignet, if the hardware keystore is rejected by user.
Android- The Inji app is crashing intermediately.
Issue ID
Description
Android - specific verifier is not connecting with wallet.
Cross-platform - App couldn't recognize if the Bluetooth is turned off while in connection state.
Android - We are able to receive VC even if we turned off Bluetooth in specific devices.
Handle timeout during VC share via BLE.
Issue ID
Description
The app couldn't recognize resident face when there are changes.
Issue ID
Description
iOS- once we share VC through share with selfie, we are not getting successful screen in the wallet.
iOS - Loading Screen is missing after Face Auth.
Button name in "Status" page is not matching as per the requirement provided.
The navigation button to go back from the ID details page is missing, not matching the wireframe provided.
While logging out for the first time the language selection and tour guide show up.
There is no popup to cancel the download card.
The back button is not working on few places of the app.
While sharing the VC, if we click on scan icon, application displays the camera.
Issue ID
Description
UI - text search field in Add new card screen does not match wireframe.
Not getting "setting up" message under loading screen (intermittent screen).
'+' icon used for downloading VC is occupying three dots ellipses of last VC.
The face authentication button is not as per the theme color.
A page from wireframe is missing in the application.
On 'Received Card' screen expanded view of VC is not working.
The successful QR code login audit is not matching the wireframe.
There are few elements still in color, orange in the purple theme.
The app is not aligned properly with the smaller display phone.
Share button is not aligned properly in iOS and Android.
"It is necessary" text in consent screen is getting overlapped with page slider in smaller devices.
Try again button is not aligned properly upon change language to Tamil (when no internet connection).
Intermittent: Getting double toaster message on home screen.
Capture button text is not getting displayed completely.
In the connecting page user is getting some orange color box.
The error pop-up is not user friendly and not matching the UI.
The Download pop-up should stay longer.
Time stamp should be removed in OTP screen once it is expired.
Repositories
Tags Released
Inji
config