Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1787610

Timestamp:

12/15/2017 12:54:20 PM (8 years ago)

Author:

yotiwordpress

Message:

Integrate the new inline QR style for Yoti button

Location:

Files:

: 10 edited

README.md (modified) (2 diffs)
YotiAdmin.php (modified) (3 diffs)
YotiHelper.php (modified) (1 diff)
YotiWidget.php (modified) (5 diffs)
assets/styles.css (modified) (1 diff)
readme.txt (modified) (2 diffs)
sdk/Yoti/YotiClient.php (modified) (2 diffs)
views/admin-options.php (modified) (3 diffs)
views/profile.php (modified) (1 diff)
yoti.php (modified) (9 diffs)

Legend:

: Unmodified
: Added
: Removed

yoti/trunk/README.md

-                      r1760739
+                      r1787610
 # Yoti Wordpress SDK #
+# Yoti WordPress Plugin
+Welcome to the Yoti Wordpress SDK. This repo contains the tools you need to quickly integrate your Wordpress back-end with Yoti, so that your users can share their identity details with your application in a secure and trusted way.
+## Table of Contents
+) [An Architectural view](#an-architectural-view) -
+High level overview of integration
+) [References](#references)-
+Guides before you start
+) [Requirements](#requirements)-
+Everything you need to get started
+) [Installing the SDK](#installing-the-sdk)-
+How to install our SDK
+) [Plugin Setup](#plugin-setup)-
+How to set up the plugin in Wordpress
+) [Setting up your Yoti Application](#setting-up-your-yoti-application)-
+Setting up your Yoti Application in Wordpress
+) [Allowing new registrations](#allowing-new-registrations)-
+Extra features in WordPress
+) [Linking existing accounts to use Yoti authentication](#linking-existing-accounts-to-use-yoti-authentication)
+) [API Coverage](#api-coverage)-
+Attributes defined
+) [Support](#support)-
+Please feel free to reach out
+## An Architectural view
+Before you start your integration, here is a bit of background on how the integration works. To integrate your application with Yoti, your back-end must expose a GET endpoint that Yoti will use to forward tokens.
+The endpoint can be configured in the Yoti Dashboard when you create/update your application. For more information on how to create an application please check our [developer page](https://www.yoti.com/developers/documentation/#login-button-setup).
+The image below shows how your application back-end and Yoti integrate into the context of a Login flow.
+Yoti SDK carries out for you steps 6, 7 and the profile decryption in step 8.
+![alt text](/login_flow.png "Login flow")
+Yoti also allows you to enable user details verification from your mobile app by means of the Android (TBA) and iOS (TBA) SDKs. In that scenario, your Yoti-enabled mobile app is playing both the role of the browser and the Yoti app. Your back-end doesn't need to handle these cases in a significantly different way. You might just decide to handle the `User-Agent` header in order to provide different responses for desktop and mobile clients.
+## References
+* [AES-256 symmetric encryption][]
+* [RSA pkcs asymmetric encryption][]
+* [Protocol buffers][]
+* [Base64 data][]
+[AES-256 symmetric encryption]:   https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
+[RSA pkcs asymmetric encryption]: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
+[Protocol buffers]:               https://en.wikipedia.org/wiki/Protocol_Buffers
+[Base64 data]:                    https://en.wikipedia.org/wiki/Base64
+This repository contains the tools you need to quickly integrate your WordPress backend with Yoti, so that your users can share their identity details with your application in a secure and trusted way. The plugin uses the Yoti PHP SDK. If you're interested in finding out more about the SDK, click [here](https://github.com/getyoti/yoti-php-sdk).
 ## Requirements
 This SDK works with the WordPress business plan package.
+This SDK works with the WordPress Business Plan package.
 ## Installing the SDK
 You can install the Yoti SDK in two ways:
 ### By importing the Yoti SDK inside your project:
+### By importing the Yoti SDK inside your project
 ) Log on to the admin console of your Wordpress website. e.g. Https://www.wordpressurl.org.uk/wp-admin
 ) Navigate to at `Plugins > Add New`.
 ) Search for Yoti and install and activate the plug in.
+. Log on to your Wordpress Admin Dashboard e.g. https://www.wordpressurl.org.uk/wp-admin
+. Navigate to `Plugins > Add New`
+. Search for Yoti, install and activate the plugin
 ### By using this repos (For Mac & Linux users)
+### By using this repository (For MacOS and Linux users)
 ) Download and unzip this repository, or, clone this repository
 ) Run `./pack-plugin.sh`. This will download the Yoti PHP SDK, and place it within the plugin directory.
 ) On completion of step 2, you will have a file called `yoti-wordpress-(version)-edge.zip`.
 ) Upload this file on WordPress at `Plugins > Add New`, then click `Upload Plugin`.
 ) Once installed, click `Activate Plugin`.
+. Clone this repository
+. Run `./pack-plugin.sh`. This will download the Yoti PHP SDK and place it in the plugin directory
+. On completion of step 2, you will have a file called `yoti-wordpress-edge.zip`.
+. Upload this file in your Wordpress Admin Dashboard at `Plugins > Add New`, then click `Upload Plugin`.
+. Once installed, click on `Activate Plugin`.
 ## Plugin Setup
 To set things up, navigate on WordPress to `Settings > Yoti`.
+ Here you will be asked to add the following information:
+Yoti App ID
+Yoti Scenario ID
+You will be asked to add the following information:
+Yoti SDK ID
+* `Yoti App ID` is the unique identifier of your specific application.
+* `Yoti Scenario ID` is used to render the inline QR code.
+* `Yoti SDK ID` is the SDK identifier generated by Yoti Dashboard in the Key tab when you create your app. Note this is not your Application Identifier, which is needed by your client-side code.
+* `Company Name` will replace WordPress wording in the warning message displayed on the custom login form.
+* `Yoti PEM File` is the application pem file. It can be downloaded only once from the Keys tab in your Yoti Dashboard.
+Company Name
+Yoti PEM File
+Where:
+- `Yoti App ID` is unique identifier for your specific application.
+- `Yoti Scenario ID` is used to render the inline QR code.
+- `Yoti SDK ID` is the SDK identifier generated by Yoti Dashboard in the Key tab when you create your app. Note this is not your Application Identifier which is needed by your client-side code.
+- `Company Name` this will replace WordPress wording in the warning message which is displayed on the custom login form.
+- `Yoti PEM File` is the application pem file. It can be downloaded only once from the Keys tab in your Yoti Dashboard.
+Please do not open the pem file as this might corrupt the key and you will need to create a new application.
+Please do not open the .pem file as this might corrupt the key and you will need to create a new application.
 ## Setting up your Yoti Application
 Specify the basic details of your application such as the name, description and optional logo. These details can be whatever you like and will not affect the plugins functionality.
+Specify the basic details of your application such as the name, description and optional logo. These details can be whatever you like and will not affect the plugin's functionality.
 The `Data` tab - Specify any attributes you like, at this time, you must choose at least one. It is recommend you choose `Given Name(s)`, `Family Name` and `Email Address` at a minimum, if you plan to allow new user registrations.
+The `Data` tab - Specify any attributes you'd like users to share. You must select at least one. If you plan to allow new user registrations, we recommended choosing `Given Name(s)`, `Family Name` and `Email Address` at a minimum.
 The `Integration` tab - Here is where you specify the callback URL. This is found on your WordPress settings page. __NOTE__: If you get redirected to your WordPress frontpage instead of the Admin area, simply add `/wp-admin` to the URL.
+The `Integration` tab - Here is where you specify the callback URL. This can be found on your Yoti settings page in your WordPress Admin Dashboard. **NOTE**: If you get redirected to your WordPress frontpage instead of the Admin area, simply add `/wp-admin` to the URL.
 ## Allowing new registrations
-By default, this is not enabled for security. Ticking the box and saving your changes allows a new user to Register and Log in by using thier Yoti.
-A new user who registeres this way will be set to the `Subscriber` role in WordPress.
-If left disabled, if a new user tries to scan the Yoti QR code, they will be redirected back to the login page with an error message displayed.
+## API Coverage
+`Only allow existing Wordpress users to link their Yoti account` - This setting allows a new user to Register and Log in by using their Yoti. A new user who registeres this way will be set to the `Subscriber` role in WordPress. If enabled, when a new user tries to scan the Yoti QR code, they will be redirected back to the login page with an error message displayed.
+* Activity Details
+    * [X] User ID `user_id`
+    * [X] Profile
+        * [X] Photo `selfie`
+        * [X] Given Names `given_names`
+        * [X] Family Name `family_name`
+        * [X] Mobile Number `phone_number`
+        * [X] Email address `email_address`
+        * [X] Date of Birth `date_of_birth`
+        * [X] Address `postal_address`
+        * [X] Gender `gender`
+        * [X] Nationality `nationality`
+`Attempt to link Yoti email address with Wordpress account for first time users` - This setting enables linking a Yoti account to a WordPress user if the email from both platforms is identical.
+## Docker
+We provide a WordPress Docker container that includes the Yoti plugin.
+### Setup
+To try out our Docker container, clone this repository and run the following commands:
+Go to the directory where the repo was cloned:
+```shell
+cd yoti-wordpress
+```
+Rebuild the images if you have modified the `docker-compose.yml` file:
+```shell
+docker-compose build --no-cache
+```
+Build the containers:
+```shell
+docker-compose up -d
+```
+After the command has finished running, go to [http://localhost:7000](http://localhost:7000) and follow the instructions.
+The Yoti plugin will be installed alongside WordPress. Activate it and follow our [plugin setup process](#plugin-setup).
+### Removing the Docker containers
+Run the following commands to remove docker containers:
+```shell
+docker-compose stop
+docker-compose rm
+```
 ## Support
 …
 Please provide the following the get you up and working as quick as possible:
+- Computer Type
+- OS Version
+- Screenshot
+* Computer Type
+* OS Version
+* Screenshot

yoti/trunk/YotiAdmin.php

-                      r1760739
+                      r1787610
         // Check curl has preliminary extensions to run
         $errors = array();
+        $errors = [];
         if (!function_exists('curl_version'))
+        {
 …
      * @return null
      */
     protected function postVar($var, $default = null)
+    protected function postVar($var, $default = NULL)
+    {
         return array_key_exists($var, $_POST) ? $_POST[$var] : $default;
 …
     /**
      * @param $var
      * @param null $default
      * @return null
+     * @param NULL $default
+     * @return NULL
      */
     protected function filesVar($var, $default = null)
+    protected function filesVar($var, $default = NULL)
+    {
         return (array_key_exists($var, $_FILES) && !empty($_FILES[$var]['name'])) ? $_FILES[$var] : $default;

yoti/trunk/YotiHelper.php

-                      r1760739
+                      r1787610
      */
     const YOTI_CONFIG_OPTION_NAME = 'yoti_config';
+    /**
+     * Yoti SDK javascript library.
+     */
+    const YOTI_SDK_JAVASCRIPT_LIBRARY = 'https://sdk.yoti.com/clients/browser.2.0.1.js';
     /**

yoti/trunk/YotiWidget.php

-                      r1760739
+                      r1787610
 class YotiWidget extends WP_Widget
+{
+    const YOTI_WIDGET_DEFAULT_TITLE = 'Authenticate with Yoti';
     /**
      * Register widget with WordPress.
 …
     public function __construct()
+    {
+        $widget_options = ['classname' => 'yoti_widget', 'description' => __('Yoti button')];
         parent::__construct(
             'yoti_widget', // Base ID
+            'yoti-widget', // Base ID
             esc_html__('Yoti Widget'), // Name
             ['description' => 'Yoti button']
+            $widget_options
         );
+    }
 …
     public function widget($args, $instance)
+    {
+        if ( ! isset( $args['widget_id'] ) ) {
+            $args['widget_id'] = $this->id;
+        }
+        $title = (!empty( $instance['title'])) ? $instance['title'] : __(self::YOTI_WIDGET_DEFAULT_TITLE);
+        $title = apply_filters('widget_title', $title, $instance, $this->id_base);
         wp_enqueue_style('yoti-asset-css', plugin_dir_url(__FILE__) . 'assets/styles.css');
         $config = YotiHelper::getConfig();
+        $widgetTitleHtml = '';
+        $widgetContent = '<strong>Yoti not configured.</strong>';
+        // Apply widget title html
+        if(!empty($title)){
+            $widgetTitleHtml = $args['before_title'] . $title . $args['after_title'];
+        }
         if (!empty($config['yoti_sdk_id']) && !empty($config['yoti_pem']['contents'])) {
             echo '<div class="yoti-connect-button">' . YotiButton::render(NULL, TRUE) . '</div>';
+            $widgetContent = YotiButton::render(NULL, TRUE);
+        }
         else {
             echo '<div class="yoti-missing-config"><p><strong>Yoti Connect not configured.</strong></p></div>';
+        }
+        echo $args['before_widget'];
+        echo $widgetTitleHtml . "<ul><li>$widgetContent</li></ul>";
+        echo $args['after_widget'];
+    }
 …
     public function form($instance)
+    {
         $title = !empty($instance['title']) ? $instance['title'] : esc_html__('New title', 'text_domain');
+        $title     = isset( $instance['title'] ) ? esc_attr( $instance['title'] ) : '';
         ?>
       <p>
         <label for="<?php echo esc_attr($this->get_field_id('title')); ?>"><?php esc_attr_e('Title:', 'text_domain'); ?></label>
         <input class="widefat" id="<?php echo esc_attr($this->get_field_id('title')); ?>" name="<?php echo esc_attr($this->get_field_name('title')); ?>" type="text" value="<?php echo esc_attr($title); ?>">
+        <label for="<?php echo esc_attr($this->get_field_id('title')); ?>"><?php esc_attr_e('Title:'); ?></label>
+        <input class="widefat" id="<?php echo esc_attr($this->get_field_id('title')); ?>" name="<?php echo esc_attr($this->get_field_name('title')); ?>" type="text" value="<?php echo $title; ?>">
         </p>
         <?php
 …
+    {
         $instance = [];
         $instance['title'] = (!empty($new_instance['title'])) ? strip_tags($new_instance['title']) : '';
+        $instance['title'] = sanitize_text_field($new_instance['title']);
         return $instance;

yoti/trunk/assets/styles.css

-                      r1760739
+                      r1787610
+.yoti-connect {
+     margin-bottom: 10px;
+/* ------------ WP default widget ------------- */
+.yoti_widget ul {
+    list-style: none;
+    margin: 0;
+}
+/* ------------ Yoti Button -------------------- */
 .yoti-connect .yoti-connect-button {
     text-align: center;
     display: inline-block;
     padding: 5px 10px;
-    border: 1px solid #ccc;
     background: #0085ba;
     border-radius: 3px;

yoti/trunk/readme.txt

-                      r1765116
+                      r1787610
 Tags: identity, verification, login, form, 2 factor, 2 step authentication, 2FA, access, privacy, authentication, security, sign in, two factor
 Requires at least: 3.0.1
 Tested up to: 4.8.1
 Stable tag: 1.1.4
+Tested up to: 4.9.1
+Stable tag: 1.1.5
 License: GNU v3
 License URI: https://www.gnu.org/licenses/gpl.txt
 …
     Version     Date            Changes
+.1.5       2017/04/14      Integrate the new inline QR style for Yoti button.
+                                Apply WordPress widget style to Yoti button widget.
 .1.4       2017/08/11      Integrate SDK identifier to track plugin usage.
                                 Apply Yoti style to the unlink button.

yoti/trunk/sdk/Yoti/YotiClient.php

-                      r1760739
+                      r1787610
     const DASHBOARD_URL = 'https://www.yoti.com/dashboard';
+    // Accepted HTTP header values for X-Yoti-SDK header
+    const YOTI_ACCEPTED_SDK_IDENTIFIERS = [
+    /**
+     * Accepted HTTP header values for X-Yoti-SDK header.
+     *
+     * @var array
+     */
+    protected $acceptedSDKIdentifiers = [
         'PHP',
         'WordPress',
 …
     private function isValidSdkIdentifier($providedHeader)
+    {
         if(in_array($providedHeader, self::YOTI_ACCEPTED_SDK_IDENTIFIERS, TRUE)) {
+        if(in_array($providedHeader, $this->acceptedSDKIdentifiers, TRUE)) {
             return TRUE;
+        }

yoti/trunk/views/admin-options.php

-                      r1760739
+                      r1787610
  * @var array $errors
  */
+// Check if linking users by email address is set
+$useEmailAddressCheckBox = !empty($data['yoti_user_email']) ? 'checked="checked"' : '';
+// Check if linking existing users only is set
+$onlyExistingUserCheckBox = !empty($data['yoti_only_existing']) ? 'checked="checked"' : '';
 ?>
 <div class="wrap">
 …
             <th scope="row"></th>
             <td>
               <label><input type="checkbox" name="yoti_only_existing" value="1"<?php if (!empty($data['yoti_only_existing'])) { echo ' checked="checked"'; } ?> /> Only allow existing Wordpress users to link their Yoti account</label>
+              <label><input type="checkbox" name="yoti_only_existing" value="1"<?php echo $onlyExistingUserCheckBox ?> /> Only allow existing Wordpress users to link their Yoti account</label>
             </td>
           </tr>
 …
             <th scope="row"></th>
             <td>
               <label><input type="checkbox" name="yoti_user_email" value="1"<?php if (!empty($data['yoti_user_email'])) { echo ' checked="checked"'; } ?> /> Attempt to link Yoti email address with Wordpress account for first time users</label>
+              <label><input type="checkbox" name="yoti_user_email" value="1" <?php echo $useEmailAddressCheckBox ?> /> Attempt to link Yoti email address with Wordpress account for first time users</label>
             </td>
           </tr>

yoti/trunk/views/profile.php

-                      r1760739
+                      r1787610
 $isAdmin = in_array('administrator', $currentUser->roles, TRUE);
 $userId = (!empty($_GET['user_id'])) ? $_GET['user_id'] : NULL;
+// Set userId if admin user is viewing his own profile
+//   and the userId is NULL
+if(
+    $isAdmin
+    && $profileUserId === $currentUser->ID
+    && is_null($userId)
+) {
+    $userId = $profileUserId;
+}
 if ($profile)

yoti/trunk/yoti.php

-                      r1760739
+                      r1787610
 Plugin URI: https://wordpress.org/plugins/yoti/
 Description: Let Yoti users quickly register on your site.
 Version: 1.1.4
+Version: 1.1.5
 Author: Yoti SDK.
 Author URI: https://yoti.com
 …
     if (!is_dir(YotiHelper::uploadDir()))
+    {
         mkdir(YotiHelper::uploadDir(), 0777, true);
+        mkdir(YotiHelper::uploadDir(), 0777, TRUE);
+    }
+}
 …
             case 'bin-file':
                 $yc->binFile('selfie', !empty($_GET['user_id']) ? $_GET['user_id'] : null);
+                $yc->binFile('selfie', !empty($_GET['user_id']) ? $_GET['user_id'] : NULL);
                 exit;
                 break;
 …
 function yoti_admin_menu()
+{
     wp_enqueue_style('yoti-asset-css', plugin_dir_url(__FILE__) . 'assets/styles.css', false);
+    wp_enqueue_style('yoti-asset-css', plugin_dir_url(__FILE__) . 'assets/styles.css', FALSE);
     add_options_page('Yoti', 'Yoti', 'manage_options', 'yoti', 'YotiAdmin::init');
+}
 …
+    }
     $noLink = (!empty($_POST['yoti_nolink'])) ? 1 : null;
+    $noLink = (!empty($_POST['yoti_nolink'])) ? 1 : NULL;
     echo '<div style="margin: 0 0 25px 0" class="message">
 …
  * @param $user
  */
 function yoti_login($user_login=null, $user=null)
+function yoti_login($user_login=NULL, $user=NULL)
+{
     if (!$user) {
 …
     $yotiId = get_user_meta($user->ID, 'yoti_user.identifier');
     $dbProfile = YotiHelper::getUserProfile($user->ID);
+    $profile = null;
+    $profileUserId = $user->ID;
+    $profile = NULL;
     if ($yotiId && $dbProfile)
+    {
 …
     // Add profile scope
     $show = function () use ($profile, $dbProfile) {
+    $show = function () use ($profile, $dbProfile, $profileUserId) {
         require_once __DIR__ . '/views/profile.php';
     };
 …
 function yoti_enqueue_scripts()
+{
     wp_enqueue_script('yoti-asset-js', 'https://sdk.yoti.com/clients/browser.js', array(), null);
+    wp_enqueue_script('yoti-asset-js', YotiHelper::YOTI_SDK_JAVASCRIPT_LIBRARY, [], NULL);
+}

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Download in other formats: