Support for animated QR code

[anfly0]

Add support for generating animated QR-codes. 4.2

• Add timestamp to authentication and sign responses to keep track of "the number of seconds since the response from auth or sign was returned"
• For now, only generate the binary needed to create the QR-code.

[Preen]

And do something like this to generate the QR-code?

qrStartSecret = "d28db9a7-4cde-429e-a983-359be676944c"
time = "t=0"
:crypto.hmac(:sha256, qrStartSecret, time) |> Base.encode16(case: :lower)

[anfly0]

I'm not sure that I understand your example 100%, but yes qrAuthCode would have to be computed, and the correct binary would have to be constructed.
Feel free to take a crack at implementing this!

[Preen]

I'm referring to this:

time is the number of seconds since the result from auth or sign was returned
qrAuthCode is computed as HMACSHA256(qrStartSecret, time) where
• time is the number of seconds since the response from auth or sign was returned
• qrStartSecret is from the auth or sign response.

It's a nice library you've built, will see if I get the time to do this :)

[anfly0]

Great, we are on the same page! 👍

[Ineedsolution]

Hi, I want to integrate swedish bankid with wordpress, so that anyone can signup, signin, show interest in custom post using bankid authorization. Could you please help me or tell me the way of solve this issue.

Thanks in advance.

Regares

[carlgleisner]

Hej! I would like to help out on this issue. Will get back to you with a PR.

Great job with this library. I would like to offer more support in development and maintenance going forward, if you don't mind.

Kind regards,
Carl

[carlgleisner]

Hey again 👋🏻

@Preen, I looked into this a while ago (judging by my comment above) and there is no longer a :crypto.hmac/3 function defined. One has to use :crypto.mac/4 instead.

** (UndefinedFunctionError) function :crypto.hmac/3 is undefined or private, use crypto:mac/4 instead
    (crypto 5.3) :crypto.hmac(:sha256, "d28db9a7-4cde-429e-a983-359be676944c", "t=0")

I think that the below would work.

defmodule QRTestModule do
  def generate_qr(qr_start_token, qr_start_secret, time) do
    digest =
      :crypto.mac(:hmac, :sha256, String.to_charlist(qr_start_secret), String.to_charlist(time))
      |> Base.encode16(case: :lower)

    "bankid." <> qr_start_token <> "." <> time <> "." <> digest
  end
end

It would then be used like this using the same numbers as in the documentation that you posted a screenshot of (a few years ago 🙃).

result =
  QRTestModule.generate_qr(
    "67df3917-fa0d-44e5-b327-edcc928297f8",
    "d28db9a7-4cde-429e-a983-359be676944c",
    "0"
  )

expected =
  "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8"

result == expected

Aaand it works on my machine 😇

true