Is its possible to leave out the personalNumber?

hbldh / pybankid

BankID Relying Party client for Python

https://pybankid.readthedocs.io

MIT License

48 stars 19 forks source link

Is its possible to leave out the personalNumber? #17

Closed sibe7691 closed 5 years ago

sibe7691 commented 5 years ago

pybankid version: pybankid==0.7.0
Python version: Python 3.5.5
Operating System: Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-124-generic x86_64)

Description

Mobile only.

BankID allows authenticating without using a personalNumber. The requirement from BankID is that the BankID app is installed on your mobile device. BankID api then returns an order_ref which can be used to start the bankid app in the mobile phone. When the signature completes, we can poll/collect as usual until the signature is validated.

Is this possible with pybankid or is providing the personalNumber a requirement?

hbldh commented 5 years ago

The default value of personal_number is None in the BankIDJSONClient methods for starting authentication and signing, so if you just don't send anything in you will get a order reference and auto start token to use in the way you require.

See https://github.com/hbldh/pybankid/blob/master/bankid/jsonclient.py#L78 and https://github.com/hbldh/pybankid/blob/master/bankid/jsonclient.py#L126.

Note that this only applies to the BankIDJSONClient, not the BankIDClient (SOAP-based v4) client.

hbldh commented 5 years ago

It was actually documented here as well:

https://github.com/hbldh/pybankid/blob/master/bankid/jsonclient.py#L83-L85 https://github.com/hbldh/pybankid/blob/master/bankid/jsonclient.py#L131-L133

sibe7691 commented 5 years ago

Thanks, you are right! I only looked in client.py and couldn't find it there. Thanks