CoreOne Trustee Management Test Application

Owned by Silvan Grüter
Last updated: 25. Sept 2024
2 min read

Introduction

The CoreOne Trustee Management Test Application can be used to demonstrate certain CoreOne Authentication Service features such as permission delegation, record matching and others. The application will be extended step-by-step but is still a work in progress. This page documents the features and the configuration needed.

Datastructure

The data is stored in a SQLite Database and data can currently only be edited with the SQLite DB Browser.

Configuration File

There is an appsettings.json file that contains all the necessary configuration.

{ "Logging": { "LogLevel": { "Default": "Warning" } }, "AllowedHosts": "*", "AuthorizationServer": "https://demo.coreone.ch/", "ClientId": "iam-test-app", "ClientSecret": "myverysecuresecret", "SeedDataIfNewDatabase": true, "DeleteBillLoaAcr": "urn:customer:authentication:loa:2", "SqLiteDbPath": "database.db", "SubjectIdPrefix": "demoid:", "UseMinifiedRoleWithContextClaim": true // Introduced in version 9.1 }

Access Rights

There are a certain amount of access rights that are documented on the home page of the application. You will need to create them as resource objects withing the CoreOne Application Service and provision them to the CoreOne Authentication Service.

Features

Implemented in Version 1.0 (Moléson)

  • Authentication to the secured area with a natural persons (Bills and User Information)

  • Re-authentication with a configurable LoA to delete bills

  • Re-authentication with the clients LoA to approve a bill

  • Re-authentication with the clients LoA MAX to decline a bill

Implemented in Version 1.1 (Moléson)

  • Record matching to existing entries for natural persons

Implemented in Version 1.2 (Altenalptürm)

  • Only see the bills that the user has been granted access to

  • Authentication to the secured area with natural persons including their delegations for other natural persons

  • Authentication to the secured area with natural persons including their delegations for other legal entities

Implemented in Version 1.3 (Pilatus)

  • Allowed customising of customer name and authentication server name using the appsetting.json file

Implemented in Version 1.4 (Stockhorn)

  • Added reauthentication test feature. You now can now specify ACR values from the reauthentication tests tab on the user details page.

Implemented in Version 1.5 (Stockhorn)

  • There is a new application setting to switch between the the new minified roles_with_context claim.

Pitfalls

  • A legal entity in the data structure should not have an Email address set

  • The application is not very robust at the moment. Please enable stdout in the web.config and check the log file

  • I added error messages that should indicate which object is missing in the data structure

© ITSENSE AG. Alle Rechte vorbehalten. ITSENSE und CoreOne sind eingetragene Marken der ITSENSE AG.