update

README.md

@@ -19,7 +19,7 @@ Here we provide the code used to create the demo site. The code languages used a
 
 ## Help for a full integration
 
-To integrate the BankID infrastructure, it is necessary to set up frontend and backend as well as to have a SSL-certificate. For help with your full integration, check out our [developer section](https://www.bankid.com/en/utvecklare/guider) on our website. 
+To integrate the BankID infrastructure, it is necessary to set up frontend and backend as well as to have a SSL-certificate. For help with your full integration, check out our [developer section](https://developers.bankid.com) on our website. 
 
 ## Disclaimer and terms of use
 

client/package.json

@@ -10,26 +10,26 @@
     "preview": "vite preview"
   },
   "dependencies": {
-    "axios": "^1.6.8",
+    "axios": "^1.7.7",
     "classnames": "^2.5.1",
     "is-mobile": "^4.0.0",
-    "qrcode": "^1.5.3",
+    "qrcode": "^1.5.4",
     "react": "^18.3.1",
     "react-dom": "^18.3.1",
     "react-markdown": "^9.0.1",
-    "react-router-dom": "^6.23.0",
+    "react-router-dom": "^6.26.2",
     "remark-gfm": "^4.0.0"
   },
   "devDependencies": {
     "@types/react": "^18.3.1",
     "@types/react-dom": "^18.3.0",
     "@vitejs/plugin-basic-ssl": "^1.0.2",
-    "@vitejs/plugin-react": "^4.2.1",
-    "eslint": "^8.57.0",
-    "eslint-plugin-react": "^7.34.1",
+    "@vitejs/plugin-react": "^4.3.1",
+    "eslint": "^8.57.1",
+    "eslint-plugin-react": "^7.36.1",
     "eslint-plugin-react-hooks": "^4.6.2",
-    "eslint-plugin-react-refresh": "^0.4.6",
-    "vite": "^5.2.11"
+    "eslint-plugin-react-refresh": "^0.4.12",
+    "vite": "^5.4.6"
   },
   "overrides": {
     "qrcode": {

client/src/App.jsx

@@ -32,7 +32,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 */
 
-import { useEffect } from 'react';
+import { useEffect, useState } from 'react';
 import { BrowserRouter } from 'react-router-dom';
 import Axios from 'axios';
 
@@ -42,13 +42,20 @@ import api from './api';
 import Body from './Body';
 
 const App = () => {
+  const [loaded, setLoaded] = useState(false);
+
   // On launch we call the API to get a CSRF-token.
   useEffect(() => {
     api.start().then((response) => {
       Axios.defaults.headers.common['X-CSRF-TOKEN'] = response.data.csrfToken;
+      setLoaded(true);
     });
   }, []);
 
+  if (!loaded) {
+    return null;
+  }
+
   return (
     <BrowserRouter basename={import.meta.env.VITE_PUBLIC_URL}>
       <Contexts>

client/src/components/Sidebar/Sidebar.jsx

@@ -75,7 +75,7 @@ const Sidebar = () => {
 
         <a
           className='sidebar-footer'
-          href='https://www.bankid.com/utvecklare/guider'
+          href='https://developers.bankid.com'
           target='_blank'
           rel='noreferrer'
         >

client/src/contexts/localization/eng.json

@@ -30,7 +30,7 @@
     "use-formatted-signing-text": "Use formatted text",
 
     "formatting-guide": "Format guide",
-    "formatting-guide-url": "https://www.bankid.com/en/utvecklare/guider/formatera-text",
+    "formatting-guide-url": "https://developers.bankid.com/getting-started/backend/formatting-text/overview",
 
     "start-test": "Start test",
 

client/src/contexts/localization/swe.json

@@ -30,7 +30,7 @@
     "use-formatted-signing-text": "Använd formaterad text",
 
     "formatting-guide": "Formatguide",
-    "formatting-guide-url": "https://www.bankid.com/utvecklare/guider/formatera-text",
+    "formatting-guide-url": "https://developers.bankid.com/getting-started/backend/formatting-text/overview",
 
     "start-test": "Starta testet",
 

server/src/main/java/com/bankid/codefront/models/bankid/relyingparty/StartAuthenticationRequest.java

@@ -57,6 +57,16 @@ public class StartAuthenticationRequest {
      * <p>Boolean. Default is false
      */
     private Boolean returnRisk;
+    /**
+     * Orders started on the same device (started with autostart token) will call this URL after the order is completed,
+     * ignoring any return URL provided when the app was started.
+     * If the device does not support getting the returnUrl from the server the order will be cancelled.
+     * Using this parameter will make your service more secure and strengthen the channel binding
+     * between you and the user.
+     * Check that cookie/ip has not changed from starting page to returnUrl page.
+     * String 1 - 512 character
+     */
+    private String returnUrl;
     private BankIDRequirements requirement;
     private AdditionalWebData web;
 
@@ -132,6 +142,22 @@ public void setUserNonVisibleData(Base64String userNonVisibleData) {
         this.userNonVisibleData = userNonVisibleData.getValue();
     }
 
+    /**
+     * Returns the return url.
+     * @return the return url.
+     */
+    public String getReturnUrl() {
+        return this.returnUrl;
+    }
+
+    /**
+     * Sets the return url.
+     * @param returnUrl the url.
+     */
+    public void setReturnUrl(String returnUrl) {
+        this.returnUrl = returnUrl;
+    }
+
     /**
      * Returns returnRisk.
      * @return true if risk information should be returned in collect.

server/src/main/java/com/bankid/codefront/rest/model/TransactionResponse.java

@@ -44,7 +44,7 @@ public class TransactionResponse {
     /**
      * Create transaction model.
      * @param transactionId the transaction id.
-     * @param autoStartToken
+     * @param autoStartToken the auto start token.
      */
     public TransactionResponse(String transactionId, String autoStartToken) {
         this.transactionId = transactionId;

server/src/main/resources/application-dev.yaml

@@ -49,7 +49,7 @@ app:
           - "1.2.3.4.25"     # Mobile BankID
           - "1.2.752.71.1.3" # Nordea e-id on file and on smart card
           - "1.2.752.60.1.6" # Test BankID for some BankID Banks
-      client-cert-store-path: certificates/test/FPTestcert4_20220818.p12
+      client-cert-store-path: certificates/test/FPTestcert5_20240610.p12
       client-cert-store-password: qwerty123
       trust-store-path: certificates/test/truststore.p12
       trust-store-password: qwerty123

server/src/test/java/com/bankid/codefront/bankid/relyingparty/RpApiTest.java

@@ -87,7 +87,7 @@ public void setup() {
 
         // Set client certificates
         when(this.settings.getClientCertStorePath()).thenReturn(
-                "certificates/FPTestcert4_20220818.p12");
+                "certificates/FPTestcert5_20240610.p12");
         when(this.settings.getClientCertStorePassword()).thenReturn("qwerty123");
         when(this.settings.getClientCertStoreType()).thenReturn("PKCS12");
 

server/src/test/java/com/bankid/codefront/models/bankid/relyingparty/BankIDRequirementsTest.java

@@ -34,8 +34,9 @@ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 package com.bankid.codefront.models.bankid.relyingparty;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
-import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
+import org.skyscreamer.jsonassert.JSONAssert;
+import org.skyscreamer.jsonassert.JSONCompareMode;
 
 import java.util.Arrays;
 import java.util.Collections;
@@ -59,8 +60,12 @@ public void toJsonRequirementCertificatePolicy() throws Exception {
         String json = mapper.writeValueAsString(requirements);
 
         // Verify
-        String expectedJson = "{\"certificatePolicies\":[\"1.2.752.78.1.5\"]}";
-        Assertions.assertEquals(expectedJson, json);
+        String expectedJson = """
+            {
+                "certificatePolicies": ["1.2.752.78.1.5"]
+            }
+        """;
+        JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
     }
 
     /**
@@ -77,8 +82,12 @@ public void toJsonRequirementCertificatePolicies() throws Exception {
         String json = mapper.writeValueAsString(requirements);
 
         // Verify
-        String expectedJson = "{\"certificatePolicies\":[\"1.2.752.78.1.5\",\"1.2.752.71.1.3\",\"1.2.752.78.1.2\"]}";
-        Assertions.assertEquals(expectedJson, json);
+        String expectedJson = """
+            {
+                "certificatePolicies":["1.2.752.78.1.5", "1.2.752.71.1.3", "1.2.752.78.1.2"]
+            }
+        """;
+        JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
     }
 
     /**
@@ -95,7 +104,12 @@ public void toJsonRequirementCardReader() throws Exception {
         String json = mapper.writeValueAsString(requirements);
 
         // Verify
-        Assertions.assertEquals("{\"cardReader\":\"class2\"}", json);
+        String expectedJson = """
+            {
+                "cardReader":"class2"
+            }
+        """;
+        JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
     }
 
     /**
@@ -112,7 +126,12 @@ public void toJsonRequirementPinCode() throws Exception {
         String json = mapper.writeValueAsString(requirements);
 
         // Verify
-        Assertions.assertEquals("{\"pinCode\":true}", json);
+        String expectedJson = """
+            {
+                "pinCode": true
+            }
+        """;
+        JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
     }
 
     /**
@@ -128,7 +147,10 @@ public void toJsonRequirementEmpty() throws Exception {
         String json = mapper.writeValueAsString(requirements);
 
         // Verify
-        Assertions.assertEquals("{}", json);
+        String expectedJson = """
+            {}
+        """;
+        JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
     }
 
     /**
@@ -145,6 +167,11 @@ public void toJsonRequirementRisk() throws Exception {
         String json = mapper.writeValueAsString(requirements);
 
         // Verify
-        Assertions.assertEquals("{\"risk\":\"LOW\"}", json);
+        String expectedJson = """
+            {
+              "risk": "LOW"
+            }
+        """;
+        JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
     }
 }

server/src/test/java/com/bankid/codefront/models/bankid/relyingparty/CancelRequestTest.java

@@ -35,25 +35,31 @@ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import org.junit.jupiter.api.Assertions;
+import org.json.JSONException;
 import org.junit.jupiter.api.Test;
+import org.skyscreamer.jsonassert.JSONAssert;
+import org.skyscreamer.jsonassert.JSONCompareMode;
 
 /**
  * Test cancel request.
  */
 public class CancelRequestTest {
     /**
      * Test to verify that deserialization works nicely. The json data is taken from
-     * https://www.bankid.com/rp/info
+     * https://developers.bankid.com
      */
     @Test
-    public void serialize() throws JsonProcessingException {
-        String expected = "{\"orderRef\":\"131daac9-16c6-4618-beb0-365768f37288\"}";
+    public void serialize() throws JsonProcessingException, JSONException {
         CancelRequest request = new CancelRequest("131daac9-16c6-4618-beb0-365768f37288");
 
         ObjectMapper mapper = new ObjectMapper();
         String json = mapper.writeValueAsString(request);
 
-        Assertions.assertEquals(expected, json);
+        String expectedJson = """
+            {
+                "orderRef":"131daac9-16c6-4618-beb0-365768f37288"
+            }
+        """;
+        JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
     }
 }

server/src/test/java/com/bankid/codefront/models/bankid/relyingparty/CollectRequestTest.java

@@ -35,8 +35,10 @@ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import org.junit.jupiter.api.Assertions;
+import org.json.JSONException;
 import org.junit.jupiter.api.Test;
+import org.skyscreamer.jsonassert.JSONAssert;
+import org.skyscreamer.jsonassert.JSONCompareMode;
 
 /**
  * Test collect request.
@@ -46,13 +48,17 @@ public class CollectRequestTest {
      * Serialize as simple as it gets.
      */
     @Test
-    public void serialize() throws JsonProcessingException {
-        String expected = "{\"orderRef\":\"131daac9-16c6-4618-beb0-365768f37288\"}";
-
+    public void serialize() throws JsonProcessingException, JSONException {
         CollectRequest request = new CollectRequest("131daac9-16c6-4618-beb0-365768f37288");
         ObjectMapper mapper = new ObjectMapper();
         String json = mapper.writeValueAsString(request);
 
-        Assertions.assertEquals(expected, json);
+        // Verify
+        String expectedJson = """
+            {
+              "orderRef": "131daac9-16c6-4618-beb0-365768f37288"
+            }
+        """;
+        JSONAssert.assertEquals(expectedJson, json, JSONCompareMode.STRICT);
     }
 }