I have the following scenario for the API integration guide:
As its goal is the process of verifying the user who logs into the portal using his ID number, the client will enter his ID number in the text box, and then will click on the login button, after that the portal will send the ID number that was entered by the user using the API to another external system called (NAFATH System) that is hosting in external server and not locally, then that NAFATH system will response and send a random number to a special mobile application (NAFATH App).
The developer will show the random number on the login page in the portal and through the NAFATH App, the user will select the desired number from three random numbers shown in the NAFATH App, as only one of them is the correct random number.
The NAFATH system then will check the selected random number from the user and if the selected random number is right and true, then the NAFATH system will send the response to the call-back page in the portal with the callback URL.
We have two parts:
The first part needs to be implemented to complete the authorization request flow. This flow initiates a new request within the NAFATH app for the targeted User.
The Sample Request Body is like:
{“id": "1000062537",
"action": "SpRequest",
"service": "Login”}
And the Sample Response like:
{“transId": "3136fd60-3f89-4d24-a92f-b9c63a53807f",
"random": "38”}
transId : A transaction ID, it's a unique identifying number.
random: The number should be displayed to the user so he can click on the Mobile app.
The second part needs to be implemented to complete the NAFATH App Authorization Request Flow.
The portal must provide a destination URL (h t t p s : //mysite.com/iam-callback) that should be published on the internet using a fully qualified domain name (FQDN) where the NAFATH system’s response will be posted.
The portal should check the response and if the user is authenticated, it will redirect the user to another page inside the portal, which means the user is authenticated.
For Sample Response Body:
The NAFATH system will send an acknowledgment response to the portal in two cases:
COMPLETED: successful transaction (within the time frame and correct random)
REJECTED: The user rejects the transaction.
For Sample COMPLETED Body like:
{"response":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySW5mbyI6eyJpZCI6MTAwMDAwMDQ0NiwiaWRWZXJzaW9uIjoxLCJhckZpcnN0Ijoi2KfYrdmF2K8iLCJhckZhdGhlciI6ItmB2YfYryIsImFyR3JhbmQiOiLZhdit2YXYryIsImFyRmFtaWx5Ijoi2KfZhNiu2KfZhNivIiwiZW5GaXJzdCI6IkFITUVEIiwiZW5GYXRoZXIiOiJGQUhBRCIsImVuR3JhbmQiOiJNT0hBTU1FRCIsImVuRmFtaWx5IjoiU0FVRCIsImFyVHdvTmFtZXMiOiLYp9it2YXYryDYp9mE2K7Yp9mE2K8iLCJlblR3b05hbWVzIjoiQUhNRUQgU0FVRCIsImFyRnVsbE5hbWUiOiLYp9it2YXYryDZgdmH2K8g2YXYrdmF2K8g2KfZhNiu2KfZhNivIiwiZW5GdWxsTmFtZSI6IkFITUVEIEZBSEFEIE1PSEFNTUVEIFNBVUQiLCJnZW5kZXIiOiJNIiwiaWRJc3N1ZURhdGVHIjoiMjAxNS0wMC0xNiIsImlkSXNzdWVEYXRlSCI6MTQzNjA3MjgsImlkRXhwaXJ5RGF0ZUciOiIyMDM0LTAwLTEwIiwiaWRFeHBpcnlEYXRlSCI6MTQ1NjA3MjgsIm5hdGlvbmFsaXR5IjoxMTMsImxhbmd1YWdlIjoiQSIsImFyTmF0aW9uYWxpdHkiOiLYp9mE2LnYsdio2YrYqSDYp9mE2LPYudmI2K_ZitipIiwiZW5OYXRpb25hbGl0eSI6IlNhdWRpIEFyYWJpYSIsImRvYkciOiIxOTc5LTAwLTI3IiwiZG9iSCI6MTM5OTA3MDEsImFyQ2FyZElzc3VlUGxhY2UiOiLYp9it2YjYp9mEINin2YTYsdmK2KfYtiIsImVuQ2FyZElzc3VlUGxhY2UiOiJQZXJzb25hbCBTdGF0dXMgQWRtaW5pc3RyYXRpb24sIFJpeWFkaCJ9LCJhdWQiOiJUQ0NfU1BfVEVTVCIsImV4cCI6MTY3MzQyNzk2NiwiaXNzIjoiTmFmYXRoIEFwcCBUZXN0IiwiaWF0IjoxNjczNDI3MzY2LCJuYmYiOjE2NzM0MjczNjZ9.JvwBxO2ynUv1OXqp-4m8-CDeu9C2MsWKs5EskqLcq9xfv0hBzlsW5bTo7-aRG6VWpv04odYDp_OS6sS8iAf5rY4mq5zQtYs4Pksee47k_1guTqRw8_7tJKOGh_TTWSsmP_4KvkOsuH2fhRevVASIAw0xLRdOBazSMf4H-b-ddyPSeGL3bcDIcjq5qlXw9tHBVyzIxj-_XYhBNgkWJBXxkySEwtxfgUZ4J_UcYIWWQKeaqzDPPMjcj510a4ZBv5ulAX7ig0ez9U7ABMFytyI_vaHnqte9n615lP418_br-TNyWYxB88qcjdGhaPT1ijnUhzjJfP_s2pIT43aKFPplg",
"status":"COMPLETED",
"transId":"b1d64420-9fa9-475e-ad13-864cba704078",
"serviceName":"Login"}
Which Completed Response Elements like:
response { "userInfo":{ "id":1000000446, "idVersion":1, "NameFirst":"Mark", "NameFather":"Sari","gender":"M",
"IdIssueDateG":"2015-00-16", "idExpiryDateG":"2034-00-10", "idExpiryDateH":14560728, "nationality":113},
"aud":"TCC_SP_TEST",
"exp":1671726627,
"iss":"App Test",
"iat":1671726027,
"nbf":1671726027}
How I can implement that scenario using my project which is created by Visual Studio with .Net Core and have the following projects inside the solution: