The django backend needs a view which redirects the user to the eID-Client (Ausweisapp) with a GET argument called tcTokenUrl. The address of the eID-Client is retrieved using the client checker ( #3 ). The client checker sends a GET request to the django view with the argument protocol and host. The view returns a redirect to protocol://host:24727?tcTokenUrl=https://eid.local/api/getTcToken?tcTokenId=... only if host and protocol are vaild. If they are missing it redirects to a default url.
2. Step: c17ae1dd98d56d2ea99e552ff68d3a48a8b7e62e
The tcTokenUrl must contain a valid tcTokenId meaning some identifier for recognising the client. Therefore, I added a model to django AuthenticationRequest containg a tcTokenId, a sessionId as required and a refreshId for the refreshAdress. The getTcToken returns the xml containg the required tcToken.
BenjaminKeller
commented
7 years ago
1. Step: fc7de9d6f83e669ce6a4ce9e0a0105878debc4b3
The django backend needs a view which redirects the user to the eID-Client (Ausweisapp) with a GET argument called
tcTokenUrl. The address of the eID-Client is retrieved using the client checker ( #3 ). The client checker sends a GET request to the django view with the argumentprotocolandhost. The view returns a redirect toprotocol://host:24727?tcTokenUrl=https://eid.local/api/getTcToken?tcTokenId=...only if host and protocol are vaild. If they are missing it redirects to a default url.2. Step: c17ae1dd98d56d2ea99e552ff68d3a48a8b7e62e
The tcTokenUrl must contain a valid tcTokenId meaning some identifier for recognising the client. Therefore, I added a model to django
AuthenticationRequestcontaing a tcTokenId, a sessionId as required and a refreshId for the refreshAdress. ThegetTcTokenreturns the xml containg the required tcToken.See here for the specification.