Merge branch 'main' of https://github.com/ActiveLogin/ActiveLogin.Aut…

…hentication

BREAKINGCHANGES.md

@@ -30,8 +30,6 @@ We have renamed these things as a result of that:
 * `AddCustomAppCallback` becomes `AddCustomBrowser`
 * `AddCustomAppCallbackByUserAgent` becomes `AddCustomBrowserByUserAgent`
 
-Also, the return URL is now only applied on iOS, as the expected behaviour on Android is to apply null so that Android automatically can return to the previous app.
-
 ### Upgrade to .NET 7
 
 We now require .NET 8 - so this requires you to upgrade your website that uses Active Login.

README.md

@@ -8,10 +8,12 @@
 [![Twitter Follow](https://img.shields.io/badge/Twitter-@ActiveLoginSE-blue.svg?logo=twitter)](https://twitter.com/ActiveLoginSE)
 
 
-ActiveLogin.Authentication enables an application to support Swedish BankID (svenskt BankID) authentication in .NET. Built on NET Standard and packaged as NuGet-packages they are easy to install and use on multiple platforms. Active Login is not a product created by BankID. Rather, it is an unofficial project that was developed by Active Solution.
+ActiveLogin.Authentication enables an application to support Swedish BankID (svenskt BankID) authentication in .NET.
 
-Free to use, [commercial support and training](#support--training) is available if you need assistance or a quick start.
+[Active Login is licensed](LICENSE.md) is provided under the very permissive [MIT license](https://opensource.org/licenses/MIT) for you to be able to use it in commercial or non-commercial applications without many restrictions.
+Active Login is provided "as is", without any warrany of any kind. If you need support, [commercial support and training](#support--training) is available.
 
+Active Login is not a product created by BankID. It is an unofficial project that was developed by Active Solution. All trademarks are the property of their respective owners.
 
 ## Features
 
@@ -23,7 +25,7 @@ Free to use, [commercial support and training](#support--training) is available
 - :checkered_flag: Supports BankID animated QR code (Secure start)
 - :cloud: Designed with Microsoft Azure in mind (KeyVault, Monitor, Application Insights, AD B2C etc.)
 - :earth_americas: Multi language support with English and Swedish out of the box
-- :wrench: Customizable ánd extensible
+- :wrench: Customizable and extensible
 - :diamond_shape_with_a_dot_inside: Can be used as a [Custom Identity Provider for Azure AD B2C](#how-do-i-use-active-login-to-get-support-for-bankid-in-azure-ad-active-directory-b2c)
 
 
@@ -156,10 +158,10 @@ For commercial / business related questions, see the [FAQ at ActiveLogin.net](ht
 
 The API-wrapper (ActiveLogin.Authentication.BankId.Api) target .NET Standard 2.0, so it can be used from .NET >= 5.0, .NET Core >= 2.0 and .NET Framework >= 4.6.1, [see full reference here](https://docs.microsoft.com/en-us/dotnet/standard/net-standard#net-implementation-support). The package that target .NET Standard is strong named as it can be used from .NET Framework where strong naming can be relevant.
 
-The authentication module (*.AspNetCore), depend on ASP.NET 7 and therefore requires .NET 7.
-The core module (*.Core), and related packages, depend on and requires .NET 7.
+The authentication module (*.AspNetCore), depend on ASP.NET 8 and therefore requires .NET 8.
+The core module (*.Core), and related packages, depend on and requires .NET 8.
 
-Our samples target .NET 7 and follow the conventions used there.
+Our samples target .NET 8 and follow the conventions used there.
 
 
 ### How do I build the solution locally?

docs/articles/bankid.md

@@ -1081,9 +1081,9 @@ The default implementation provided in `ActiveLogin.Authentication.BankId.AspNet
 
 If you want to support your custom app, or a third party app (like the built in browsers in Instagram, Facebook etc.) we've made it simple to support those scenarios by allowing you to specify a custom browser config.
 
-The most common scenario is that you will set the schema for the app as return URL if you detect a specific User Agent, so for that scenario we've made an extension method.
+The most common scenario is that you will set the schema for the app as return URL if you detect a specific User Agent.
 
-Note: The return url will onlt by applied on iOS, as Android will return the user to the app automatically.
+The `AddCustomBrowserByUserAgent` extension method is a shorthand for adding a custom browser config for a specific user agent that overrides the return url regardless of device.
 
 In the sample below we add support for Instagram and Facebook:
 

src/ActiveLogin.Authentication.BankId.Core/Flow/BankIdFlowService.cs

@@ -154,7 +154,7 @@ private SignRequest GetSignRequest(BankIdFlowOptions flowOptions, BankIdSignData
     {
         var endUserIp = _bankIdEndUserIpResolver.GetEndUserIp();
         var certificatePolicies = flowOptions.CertificatePolicies.Any() ? flowOptions.CertificatePolicies : null;
-        var requestRequirement = new Requirement(certificatePolicies, flowOptions.RequirePinCode, flowOptions.RequireMrtd);
+        var requestRequirement = new Requirement(certificatePolicies, flowOptions.RequirePinCode, flowOptions.RequireMrtd, flowOptions.RequiredPersonalIdentityNumber?.To12DigitString());
 
         return new SignRequest(
             endUserIp,

src/ActiveLogin.Authentication.BankId.Core/Launcher/BankIdLauncher.cs

@@ -136,6 +136,12 @@ private string GetQueryStringPart(BankIdSupportedDevice device, LaunchUrlRequest
 
     private static string GetRedirectUrl(BankIdSupportedDevice device, LaunchUrlRequest request, BankIdLauncherCustomBrowserConfig? customBrowserConfig)
     {
+        // Allow for easy override of callback url
+        if (customBrowserConfig != null && customBrowserConfig.ReturnUrl != null)
+        {
+            return customBrowserConfig.ReturnUrl;
+        }
+
         // Only use redirect url for iOS as recommended in BankID Guidelines 3.1.2
         return device.DeviceOs == BankIdSupportedDeviceOs.Ios
             ? GetIOsBrowserSpecificRedirectUrl(device, request.RedirectUrl, customBrowserConfig)
@@ -144,12 +150,6 @@ private static string GetRedirectUrl(BankIdSupportedDevice device, LaunchUrlRequ
 
     private static string GetIOsBrowserSpecificRedirectUrl(BankIdSupportedDevice device, string redirectUrl, BankIdLauncherCustomBrowserConfig? customBrowserConfig)
     {
-        // Allow for easy override of callback url
-        if (customBrowserConfig != null && customBrowserConfig.IosReturnUrl != null)
-        {
-            return customBrowserConfig.IosReturnUrl;
-        }
-
         // If it is a third party browser, don't specify the return URL, just the browser scheme.
         // This will launch the browser with the last page used (the Active Login status page).
         // If a URL is specified these browsers will open that URL in a new tab and we will lose context.

src/ActiveLogin.Authentication.BankId.Core/Launcher/BankIdLauncherCustomBrowserConfig.cs

@@ -2,9 +2,9 @@ namespace ActiveLogin.Authentication.BankId.Core.Launcher;
 
 public class BankIdLauncherCustomBrowserConfig
 {
-    public BankIdLauncherCustomBrowserConfig(string? iosReturnUrl, BrowserReloadBehaviourOnReturnFromBankIdApp browserReloadBehaviourOnReturnFromBankIdApp = BrowserReloadBehaviourOnReturnFromBankIdApp.Default, BrowserMightRequireUserInteractionToLaunch browserMightRequireUserInteractionToLaunch = BrowserMightRequireUserInteractionToLaunch.Default)
+    public BankIdLauncherCustomBrowserConfig(string? returnUrl, BrowserReloadBehaviourOnReturnFromBankIdApp browserReloadBehaviourOnReturnFromBankIdApp = BrowserReloadBehaviourOnReturnFromBankIdApp.Default, BrowserMightRequireUserInteractionToLaunch browserMightRequireUserInteractionToLaunch = BrowserMightRequireUserInteractionToLaunch.Default)
     {
-        IosReturnUrl = iosReturnUrl;
+        ReturnUrl = returnUrl;
         BrowserReloadBehaviourOnReturnFromBankIdApp = browserReloadBehaviourOnReturnFromBankIdApp;
         BrowserMightRequireUserInteractionToLaunch = browserMightRequireUserInteractionToLaunch;
     }
@@ -15,7 +15,7 @@ public BankIdLauncherCustomBrowserConfig(string? iosReturnUrl, BrowserReloadBeha
     /// Set to empty string to not launch any URL, and instead the BanKID app will ask the user to open the last app.
     /// This will only be applied to iOS as Android automatically launches the previous app.
     /// </summary>
-    public string? IosReturnUrl { get; set; }
+    public string? ReturnUrl { get; set; }
 
     /// <summary>
     /// The reload behaviour of the browser when returning from the BankID app.

src/ActiveLogin.Authentication.BankId.Core/Models/BankIdFlowOptions.cs

@@ -1,3 +1,5 @@
+using ActiveLogin.Identity.Swedish;
+
 namespace ActiveLogin.Authentication.BankId.Core.Models;
 
 public class BankIdFlowOptions
@@ -6,19 +8,24 @@ public BankIdFlowOptions(
         List<string> certificatePolicies,
         bool sameDevice,
         bool requirePinCode,
-        bool requireMrtd)
+        bool requireMrtd,
+        PersonalIdentityNumber? requiredPersonalIdentityNumber = null)
     {
         CertificatePolicies = certificatePolicies;
         SameDevice = sameDevice;
         RequirePinCode = requirePinCode;
         RequireMrtd = requireMrtd;
+        RequiredPersonalIdentityNumber = requiredPersonalIdentityNumber;
     }
 
     public List<string> CertificatePolicies { get; }
-        
+
     public bool SameDevice { get; }
 
     public bool RequirePinCode { get; }
 
     public bool RequireMrtd { get; }
+
+    public PersonalIdentityNumber? RequiredPersonalIdentityNumber { get; }
+
 }

src/Directory.Build.props

@@ -15,7 +15,7 @@
         <PackageId>$(AssemblyName)</PackageId>
 
         <VersionPrefix>8.0.0</VersionPrefix>
-        <VersionSuffix>beta-1</VersionSuffix>
+        <!--<VersionSuffix>beta-1</VersionSuffix>-->
         <AssemblyVersion>8.0.0.0</AssemblyVersion>
         <FileVersion Condition="'$(BUILD_BUILDNUMBER)' == ''">$(VersionPrefix).0</FileVersion>
         <FileVersion Condition="'$(BUILD_BUILDNUMBER)' != ''">$(VersionPrefix).$(BUILD_BUILDNUMBER)</FileVersion>