Skip to content
/ viisp-auth-helper Public

This helper is used to generate/sign tickets & validate/get data after successful login through VIISP

epaslaugos.lt/

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AplinkosMinisterija/viisp-auth-helper

BranchesTags

Repository files navigation

VIISP authentication helper

This helper is used to generate/sign tickets & validate/get data after successful login through VIISP (https://epaslaugos.lt).

How it works?

  1. Send request to this handler to create a new ticket.
  2. Redirect user to epaslaugos.lt
  3. After successful login, user is redirected to login.biip.lt (POST request - check handler)
  4. Login handler redirects user by customData.host prop to some other url
  5. That endpoint extracts data through API and this handler.

Endpoints

Endpoint Description Params Info Returns
POST /auth/sign Generates new ticket host (required)
optionally - pass any data and it will be returned in customData afterwards		 host param needed for login.biip.lt to redirect signed in user JSON that contains:
1. ticket - generated ticket ID.
2. host - epaslaugos url
3. url - concatinated url to redirect user
GET /auth/data?ticket=... Gets signed in user/company data. Valid to call after successful sign in. ticket (required) ticket has to be previously generated ticket ID. All avilable data such as firstName, lastName, lt-personal-code, etc as JSON.

Environment variables

Variable name Description
VIISP_PID VIISP unique service ID, e.g. VSID000000000000
VIISP_POSTBACK_URL VIISP postback URL, e.g. https://website.com/
KEYSTORE_BASE64 JKS keystore encoded as base64
KEYSTORE_PASSWORD JKS keystore password

Keep in mind:

After ticket is generated you can:

  1. Create a form that redirects user to sign in. In example bellow - underscored variables are results from the request.
<form method="POST" action="_host_">
  <input type="hidden" value="_ticket_" name="ticket" />
  <button type="submit">Sign In</button>
</form>
  1. Redirect user directly to url endpoint.

After successfull sign in user is redirected to some specific url. This is done by login.biip.lt by customData.host prop. ticket and customData are stored as query parameters after redirect.

Development

  docker-compose up --build
  // OR
  mvn spring-boot:run // needs setup to work properly (or hacks)

Useful info

  1. EPaslaugos website (LT)
  2. To understand how it works (LT)
  3. Certificates are valid up until 2121

Converting jks to base64

💡 Note: replace all <...> variables with your own.

  1. Convert jks to p12.
keytool -importkeystore -srckeystore <keystore.jks> -destkeystore <keystore.p12> -srcstoretype JKS -deststoretype PKCS12 -deststorepass <p12_password>
  1. Convert p12 to base64
base64 -i <keystore.p12>
  1. Congrats! 🎉 Now use this base64 value as KEYSTORE_BASE64 and <p12_password> as KEYSTORE_PASSWORD

About

This helper is used to generate/sign tickets & validate/get data after successful login through VIISP

epaslaugos.lt/

Topics

viisp viisp-api evartai evartai-json

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 5

1.2.1 Latest
Aug 1, 2024
+ 4 releases

Packages

 
 
 

Contributors 4

  •  
  •  
  •  
  •  

Languages