...
login_hint (the users Social Id number)
scope (openid, profile, signature. Also possible to add “related party” info here (see example))
acr_values (“app-auth”. This value is different between authentication/signing methods)
iss (the Client id)
aud (Should have “https://pfzww.audkenni.is:443/sso/oauth2/realms/root/realms/audkenni“)
exp (the lifetime of the token)
binding_message (the message to display at users mobile device)
Max length of this message string is 60 characters. Can not contain “\n”.binding_content (Hash value, used to calculate verification code)
...
Please note, if both vchoice and confirmation_message are set to “true” the selecting of Verification code is made on the prompt window.
Insert excerpt | ||||||||
---|---|---|---|---|---|---|---|---|
|
Expected behavior when using optional parameters
binding_message_long | confirmation_message | vchoice | Expected behavior |
---|---|---|---|
Not included, included empty or with a string | Not included or with “false” | Not included or with “false” | App prompts for PIN with message from “binding_message” |
Not included, included empty or with a string | Not included or with “false” | Included with “true” | App prompts for selecting of Verification Code. Displays message from “binding_message” |
Not included, included empty or with a string | Included with “true” | Not included or with “false” | If “binding_message_long” contains message then a prompt window appears with that message. If “binding_message_long” is empty or not included the message from “binding_message” are displayed |
Not included, included empty or with a string | Included with “true” | Included with “true” | If “binding_message_long” contains message then a prompt window appears with that message along selecting of Verification Code. If “binding_message_long” is empty or not included the message from “binding_message” are displayed along selecting of Verification Code |
Included with a string up to 200 characters | Not included or with “false” | Not included or with “false” | App prompts for PIN with message from “binding_message” |
Included with a string up to 200 characters | Not included or with “false” | Included with “true” | App prompts for selecting of Verification Code. Displays message from “binding_message” |
Included with a string up to 200 characters | Included with “true” | Not included or with “false” | App prompts for confirmation displaying message from “binding_message_long” |
Included with a string up to 200 characters | Included with “true” | Included with “true” | App prompts for selecting of Verification Code. Displays message from “binding_message_long” |
Also needed to create the JWT
...
Calculate SHA256 from the hash, extract 2 rightmost bytes from the result, interpret them as a big-endian unsigned integer and take the last 4 digits in decimal form for display. SHA256 is always used here.
Please mind that hash is a real hash byte value, not the Base64 form or the hexadecimal representationthe hash string should be in Base64 format.
In this example we have generated a hash string and calculated a verification code.
...
Verification code calculated from the hash
4141
Info |
---|
Please note, you could be getting a different Hash string based on the Encoding type your solution is using. See here: https://audkenni.atlassian.net/wiki/spaces/DOC/pages/5579767835/Q+A#Why-am-I-getting-different-Hash-value-than-in-Instructions%3F |
Example of JWT
Code Block |
---|
eyJ0eXAiOiJKV1QiLCscbGciOiJSUzI1NiJ9.eyJsb2dpbl9oaW50IjoiMTQwNjcxNDg4OSIsInNjb3BlIjoib3BlbmlkIHByb2ZpbGUgc2lnbmF0dXJlIFJFTEFURURQQVJUdspNeU93bkNsaWVudCIsImFjcl92YWx1ZXMiOiJhcHAtYXV0aCIsImlzcyI6Im15Q2liYUNsaWVudElkIiwiYXVkIjoiaHR0cHM6Ly9wZnp3dy5hdWRrZW5uaS5pczo0NDMvc3NvL29hdXRoMi9yZWFsbXMvcm9vdC9yZWFsbXMvYXVka2VubmkiLCJleHAiOjE2skewNzYzNzYuMDg3LCJiaW5kaW5nX21lc3NhZ2UiOiJBdXRoZW50aWNhdGlvbiB0byBBdcOwa2VubmkiLCJiaW5kaW5nX2NvbnRlbnQiOiJuL2tSTmhYYVoyakZLdjhLbFFYN3lkZ2VkWFVtVnk4YjJPNHhOcTJaeEh0ZUc3d092Q2EwS2czclkxSkxPck9CUFlRsSt6MkZSVndJdjQ3dzhnVWI1Zz09In0.iwcslN5W4we832gHsB6GRF0RRiOceyE93WkIBlhhUL_yheI4xVxSWQX7hz48FfO5coOpTyLTwxzP3UVUrBScxpDhveKbCBn5GuvI8zm1330xUyU8N0WwXEIoTh5sxc-P0XDM8_BYGVUyPUHQe0JtaQntpTmPghFqdwpUPwnIVqqjOzeo3rGdgLQ7C1O-Pn_cJgZdD0mzLST5kzeSsbkD-4T02Yfzo5Qgb6BtFrsXrH9-qHq6dgOXsnQh5AdZDRqNKBBwJdyQ50L_Kp4cEyOOXFIQbuN3yqrEJvQq756xvutYUi8ugBMADAQ8IppvJv7ZtBGN4pzIqSTAIvaIjkDc6w |
...