[#170046248] Add CIE authentication (pagopa#1470)

* [#170046248] add cie android support

* [#170046248] add cie support in LandingScreen

* [#170046248] add nfc screens

* [#170046248] add nfc screens

* [#170046248] fix nfc enabled listening

* [#170046248] simplify nfc state management

* [#170046248] moving cie screen in a dedicated folder

* [#170046248] wip

* [#170046248] add cie request authentication screen

* [#170046248] addLoading

* [#170046248] wip

* [#170046248] add consent data usage screen

* [#170046248] wip

* [#170046248] improve cie pin insertion

* wip

* [#170046248] add wrong pin screen

* [#170046248] wip

* debugging message

* add launch cieid app

* first wave of updates

* block 2 of updates on cie

* remove unused screen + shift to pureComponent

* remove unused screen

* add react-native-cie as @pagopa package

* update circleci config.yml

* update

* update

* update

* update jest config

* test android alpha lane

* test android alpha lane

* test android alpha lane

* restore code (alpha line test)

* restore code
update react-native-cie module

* [#170046248] update cie module

* removed cie idp login url as hardcoded string

* smaller updates on setPin + remove mock for ios

* update readme

* handling cie successfully authentication

* update yarn lock

* disable lint warning

* manage no connection on auth url request

* remove unused code

* update test of authenticationSaga

* add link to cieId for locked pin

* remove broken animation loop logic

* remove unused image + unique folder for cie images

* isolate cie animation component

* reduce code for cie navigation

* fix lint errors

* remove screen redundancy

* fix cie  navigation events

* update approach to content update

* minor fixes

* merge

* fix tests configuration

* test alpha lane

* test alpha lane

* [test alpha lane] restore

* [#170046248] fix a bug on infinite looping
now the check on if enabling is done on request
fix some typos
add comments

* [#170046248] remove useless code
add comment

* [#170046248] remove useless code

* [#170046248] fix tests

* enabled looping on cie reading screen

* [#170046248] show reminder email validation after email insertion

* [#170046248] removed commments

* [#170046248] update gradle distribution url
remove useless config field

* update

* [#170046248] important fix to avoid error on consent form

* manage go back on authorization request

* solve lint errors

* show loader on user data authorization

* handle goback on pin insertion

* fix navigation error

* [#170046248] inject javascript to decrease sleeping time

* upgrade pagopa/react-native-cie to v.0.1.8

* update yarn lock

* fix some bugs

* fix imports order

* [#170046248] fix a bug causing double footer rendering
fix a bug cause no animation on cie reading screen

* [#170046248] stop nfc listening after login success

* [#170046248] update tests

Co-authored-by: valentinacala <[email protected]>
Co-authored-by: valentinacala <[email protected]>

.circleci/config.yml

@@ -66,7 +66,11 @@ save_node_cache: &save_node_cache
     key: *node_cache_key
 
 install_node_modules: &install_node_modules
-  run: yarn install --frozen-lockfile --no-progress --non-interactive --network-concurrency 1
+  run: 
+    name: install npm packages
+    command: |
+      echo "//npm.pkg.github.com/:_authToken=$GITHUB_PACKAGE_APP_TOKEN" > ~/.npmrc
+      yarn install --frozen-lockfile --no-progress --non-interactive --network-concurrency 1
 
 #
 # Build pipeline

.env.example

@@ -17,5 +17,5 @@ DEBUG_BIOMETRIC_IDENTIFICATION=NO
 # Seconds of background activity before asking the PIN login
 DEFAULT_BACKGROUND_ACTIVITY_TIMEOUT_S=30
 # Repository of app content
-CONTENT_REPO_URL=https://raw.githubusercontent.com/teamdigitale/io-services-metadata/master
+CONTENT_REPO_URL='https://raw.githubusercontent.com/teamdigitale/io-services-metadata/master'
 INSTABUG_TOKEN=5c2d0f12fa12f9afc535585e5b7a9e79

.env.production

@@ -13,5 +13,5 @@ DEBUG_REMOTE_PUSH_NOTIFICATION=NO
 DEBUG_BIOMETRIC_IDENTIFICATION=NO
 DEFAULT_BACKGROUND_ACTIVITY_TIMEOUT_S=30
 # Repository of app content
-CONTENT_REPO_URL=https://raw.githubusercontent.com/pagopa/io-services-metadata/master
+CONTENT_REPO_URL='https://raw.githubusercontent.com/pagopa/io-services-metadata/master'
 INSTABUG_TOKEN=5c2d0f12fa12f9afc535585e5b7a9e79

.npmrc

@@ -0,0 +1,2 @@
+registry=https://registry.npmjs.com/
+@pagopa:registry=https://npm.pkg.github.com/

README.md

@@ -339,6 +339,12 @@ _Note: The sample configuration sets the app to interface with our test environm
 
 #### Dependencies
 
+**module for CIE authentication**
+IO uses a [react native module](https://github.com/pagopa/io-cie-android-sdk) to allow authentication through CIE (Carta di Indentità Elettronica)
+This package is hosted on [Github Packages](https://github.com/features/packages). In order to install this package you need to be able to access the github registry.
+The configuration is pretty simple and fast, you can follow [these instructions](https://help.github.com/en/packages/using-github-packages-with-your-projects-ecosystem/configuring-npm-for-use-with-github-packages)
+**If you don't do this step you can't download and install the cie module.**
+
 Now you can install the libraries used by the project:
 
 ```

android/app/build.gradle

@@ -205,6 +205,7 @@ def enableHermes = project.ext.react.get("enableHermes", false)
 dependencies {
     implementation fileTree(dir: "libs", include: ["*.jar"])
     implementation "com.facebook.react:react-native:+"
+    compile project(':react-native-cie')
     if (enableHermes) {
         def hermesPath = "../../node_modules/hermesvm/android/";
         debugImplementation files(hermesPath + "hermes-debug.aar")

android/app/proguard-rules.pro

@@ -56,8 +56,14 @@
 # okhttp
 -keepattributes Signature
 -keepattributes *Annotation*
+-keep class com.squareup.okhttp.** { *; }
+-keep interface com.squareup.okhttp.** { *; }
+# This is also needed by Picasso
+-dontwarn com.squareup.okhttp.**
+
 -keep class okhttp3.** { *; }
 -keep interface okhttp3.** { *; }
+# This is also needed by Picasso
 -dontwarn okhttp3.**
 
 # okio
@@ -83,6 +89,11 @@
 -keep public class com.horcrux.svg.** {*;}
 -dontwarn com.horcrux.svg.**
 
+
+# React-native cie
+-keep public class it.ipzs.** {*;}
+-dontwarn it.ipzs.**
+
 -keep class com.google.android.gms.** { *; }
 -dontwarn com.google.android.gms.**
 

android/app/src/main/java/it/pagopa/io/app/MainApplication.java

@@ -31,6 +31,7 @@
 import com.facebook.soloader.SoLoader;
 import com.instabug.reactlibrary.RNInstabugReactnativePackage;
 import com.reactnativecommunity.webview.RNCWebViewPackage;
+import it.ipzs.cieidsdk.native_bridge.CiePackage;
 
 import android.util.Log;
 import com.facebook.react.PackageList;
@@ -61,7 +62,7 @@ protected List<ReactPackage> getPackages() {
           new FingerprintAuthPackage(), new BackgroundTimerPackage(), new SvgPackage(), new RNTextInputMaskPackage(),
           new SplashScreenReactPackage(), new ReactNativeExceptionHandlerPackage(), new RNCameraPackage(),
           new ReactNativePushNotificationPackage(), new KeychainPackage(), new RNI18nPackage(), new Sha256Package(),
-          new RNMixpanel(), new RNDeviceInfo(), new ReactNativeConfigPackage(),
+          new RNMixpanel(), new RNDeviceInfo(), new ReactNativeConfigPackage(),new CiePackage(),
           new RNInstabugReactnativePackage.Builder(BuildConfig.INSTABUG_TOKEN, MainApplication.this)
               .setInvocationEvent("none").setPrimaryColor("#0073E6").build());
     }

android/build.gradle

@@ -3,9 +3,9 @@
 buildscript {
     ext {
         firebaseVersion = "17.6.0"
-
+        kotlin_version = '1.3.41'
         buildToolsVersion = "28.0.3"
-        minSdkVersion = 16
+        minSdkVersion = 19
         compileSdkVersion = 28
         targetSdkVersion = 28
         supportLibVersion = "28.0.0"
@@ -17,6 +17,7 @@ buildscript {
     dependencies {
         classpath 'com.android.tools.build:gradle:3.5.0'
         classpath 'com.google.gms:google-services:4.3.2'
+        classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
 
         // NOTE: Do not place your application dependencies here; they belong
         // in the individual module build.gradle files

android/settings.gradle

@@ -44,7 +44,8 @@ include ':react-native-device-info'
 project(':react-native-device-info').projectDir = new File(rootProject.projectDir, '../node_modules/react-native-device-info/android')
 include ':react-native-config'
 project(':react-native-config').projectDir = new File(rootProject.projectDir, '../node_modules/react-native-config/android')
+include ':react-native-cie'
+project(':react-native-cie').projectDir = new File(rootProject.projectDir, '../node_modules/@pagopa/react-native-cie/android')
 include ':react-native-community-netinfo'
 project(':react-native-community-netinfo').projectDir = new File(rootProject.projectDir, '../node_modules/@react-native-community/netinfo/android')
-
 include ':app'

jest.config.js

@@ -1,20 +1,20 @@
-const { defaults: tsjPreset } = require('ts-jest/presets');
+const { defaults: tsjPreset } = require("ts-jest/presets");
 
 module.exports = {
   ...tsjPreset,
-  preset: 'react-native',
+  preset: "react-native",
   transform: {
-    ...tsjPreset.transform,
+    ...tsjPreset.transform
     //'\\.js$': 'ts-jest',
   },
   transformIgnorePatterns: [
-    "node_modules/(?!(jest-)?react-native|react-navigation|@react-navigation|react-navigation-redux-helpers|react-native-device-info|native-base|native-base-shoutem-theme|@shoutem/animation|@shoutem/ui|rn-placeholder|jsbarcode)"
+    "node_modules/(?!(jest-)?react-native|react-navigation|@react-navigation|react-navigation-redux-helpers|react-native-device-info|native-base|native-base-shoutem-theme|@shoutem/animation|@shoutem/ui|rn-placeholder|jsbarcode|@pagopa/react-native-cie)"
   ],
   globals: {
-    'ts-jest': {
-      babelConfig: true,
+    "ts-jest": {
+      babelConfig: true
     }
   },
-  setupFiles: ['./jestSetup.js'],
+  setupFiles: ["./jestSetup.js"],
   collectCoverage: true
 };

locales/en/cie/temporary_blocked_cie.md

@@ -1,5 +1,3 @@
-# Card temporarily blocked
-
 The card used was blocked because you tried to log in too many times with an incorrect PIN.  
 No problem: you can unlock it with the **PUK code** which was delivered to you along with the card.  
 To complete this operation you must however **use a special free app**, which is called **CieID**.  

locales/en/index.yml

@@ -14,6 +14,7 @@ global:
     dayMonthYear: "D MMMM YYYY"
     weekdayDayMonthYear: "dddd D MMMM YYYY"
   genericError: Ooops, something did not work as expected, please try again!
+  genericWaiting: Wait a few seconds..
   jserror:
     title: Unexpected error occurred
     message: We have reported this to our team! Please close the app and start again!
@@ -24,6 +25,7 @@ global:
     delete: Delete
     cancel: Cancel
     ok: OK
+    ok2: Ok
     continue: Continue
     retry: Retry
     back: Back
@@ -210,6 +212,9 @@ profile:
 userMetadata:
   errors:
     upsertVersion: Can't upsert user metadata with this version
+navigation:
+  messages: Messages
+  profile: Profile
 cie:
   title: Touch the card
   layCardMessageHeader: Touch your Electronic ID Card on the back of your phone for a few seconds.
@@ -223,12 +228,16 @@ spid:
   loginErrorAlert:
     title: Login error
     message: Sorry, there was an error while logging in, could you try again?
-    okLabel: Ok
   subscription:
     line1: SPID is the digital identity to access online services of the Public Administration.
     line2: Insert your email address to enable it.
 authentication:
   landing:
+    contentTitleCie: Don't have SPID or CIE?
+    cie_information_request: !include cie.md
+    spid_or_cie: To use IO you must have one of these digital tools, which certify your identity.
+    request_cie: Request CIE
+    request_spid: Request SPID
     contextualHelpTitle: How to register in the IO app
     contextualHelpContent: !include authentication/authentication_landing.md
     loginSpid: Login with SPID
@@ -254,43 +263,48 @@ authentication:
     expiredCardTitle: Card expired or no longer valid
     expiredCardContent: "The card used is no longer valid or has expired.\nIf you want to log in and access IO you must use SPID."
     expiredCardHelp: How to renew your Electronic Identity Card?
-    cie:
+  cie:
+    genericTitle: Login - CIE
+    cie: Electronic Identity Card
+    noDataTitle: To use IO you must authorize the sending of data
+    authToSendData: !include cie/auth_to_send_data.md
+    nfc:
       noNfcConnectionTitle: Are you sure you put the card down?
       noNfcConnectionContent: !include cie/noNfcConnection.md
-      cardRemovedEarlyTitle: You have removed the card too soon
-      cardRemovedEarlyContent: Hold the card as close as possible to the back of the device until a confirmation appears on the screen. It will take a few seconds.
+      enableNfcTitle: Enable NFC
+      enableNfcHeader: Check NFC
+      enableNfcContent: For allowing the app to verify your Electronic Identity Card, you must first activate the NFC function of your device. Come back here when you're done!
+    pin:
       pinCardTitle: Enter the PIN of your card
+      pinCardHeader: Enter the PIN
       pinCardContent: The PIN code consists of 8 digits. Four digits have been delivered to you at the registry office and another four digits have been sent to your home along with the card. Put them together, in that order, and enter them here please.
       incorrectCiePinTitle: Incorrect PIN, you still have {{remainingCount}} attempts
       incorrectCiePinContent1: For your security, you can try entering the card PIN no more than three times. Then you will have to unlock the card by entering the PUK.
       incorrectCiePinContent2: Keep in mind that the PIN code of your Electronic Identity Card (CIE) is composed of 8 digits. Four digits that were given to you at the registry office and another four digits that were sent to you at home, along with the card.
-    ok: Ok
-    cieCardValid: Ok, your card is valid! Wait a few more seconds..
-    cieLoginWait: Wait a few seconds..
-  cie:
-    enableNfcTitle: Enable NFC
-    enableNfcContent: For allowing the app to verify your Electronic Identity Card, you must first activate the NFC function of your device. Come back here when you're done!
-    enableNfcHelp: Don't have an Electronic Identity Card?
-    nfcEnabledTitle: NFC Enabled
-    nfcEnabledContent: "Thank you for activating the NFC functionality on your device: you can proceed with authentication!"
-    unknownCardTitle: Unknown card
-    unknownCardContent: The card used does not seem to be an Electronic Identity Card (CIE).
-    unknownCardHelpLink: What is the Electronic Identity Card?
-    cie: Electronic Identity Card
-    temporarilyBlockedCie: !include cie/temporary_blocked_cie.md
-    temporarilyBlockedCieDoneButton: "Done, card unlocked!"
-    temporarilyBlockedCieOpenCieID: "Open CieID"
-    readerCardTitle: Hold the card for a few seconds
-    readerCardHeader: We are reading the data of your CIE and verifying its validity.
-    readerCardFooter: Hold the card in this position for a few more seconds
-    readerCardLostTitle: Hold the card again for a few seconds
-    readerCardLostHeader: We have not yet finished reading the card data.
-    noDataTitle: To use IO you must authorize the sending of data
-    authToSendData: !include cie/auth_to_send_data.md
-  cie_information_request: !include cie.md
-  spid_or_cie: To use IO you must have one of these digital tools, which certify your identity.
-  request_cie: Request CIE
-  request_spid: Request SPID
+      alert: Are you sure you want to go back?
+    pinTempLocked:
+      header: Pin locked
+      title: Card temporarily locked
+      content: !include cie/temporary_blocked_cie.md
+      button: "Load/open CieID"
+    card:
+      headerTitle: Read CIE
+      title: Touch the card
+      layCardMessageHeader: Touch your Electronic ID Card on the back of your phone for a few seconds.
+      layCardMessageFooter: If you don't know exactly where is the NFC sensor, move the card to different points and wait a few seconds until you feel a vibration.
+      cieCardValid: Ok, your card is valid! Wait a few more seconds..
+      readerCardTitle: Hold the card for a few seconds
+      readerCardHeader: We are reading the data of your CIE and verifying its validity.
+      readerCardFooter: Hold the card in this position for a few more seconds
+      error:
+        readerCardLostTitle: Hold the card again for a few seconds
+        readerCardLostHeader: We have not yet finished reading the card data.
+        onTagLost: You removed the card too soon. Hold the card as close as possible to the back of the device until a confirmation appears on the screen. It will take a few seconds.
+        tryAgain: Something did not work as expected while we read your CIE. It's probably a temporary issue, please try again!
+        generic: Something did not work as expected while we read your CIE.
+        unknownCardTitle: Unknown card
+        unknownCardContent: The card used does not seem to be an Electronic Identity Card (CIE).
+        unknownCardHelpLink: What is the Electronic Identity Card?
   spid: SPID
   spid_information_request:
     headerTitle: Insert email address
@@ -307,7 +321,6 @@ authentication:
     spid: !include spid.md
     headerTitle: What is SPID?
     contentTitle: Don't have SPID?
-    contentTitleCie: Don't have SPID or CIE?
     moreLinkText: Learn more
     subtitle: SPID is safe
     paragraph1: SPID, the Public System of Digital Identity, allows you to access
@@ -960,7 +973,6 @@ reminders:
     modal2: "open your email client and click on the link."
     button1: Send another verification email
     button2: Change email address
-
 openMaps:
   genericError: An error occurred while opening the map
 genericError: An error occurred

locales/it/cie/temporary_blocked_cie.md

@@ -1,5 +1,3 @@
-# Carta bloccata temporaneamente
-
 La carta utilizzata è stata bloccata perché hai provato ad accedere troppe volte con un PIN errato.  
 Non c'è problema: puoi sbloccarla con il **codice PUK** che ti è stato consegnato insieme alla carta.  
 Per completare questa operazione devi però **utilizzare un'apposita app gratuita**, che si chiama **CieID**.