Page tree
Skip to end of metadata
Go to start of metadata

Overview

“Connect your application to Finnish Trust Network” workshop for API Days Finland

TUPAS is expiring at the end of September. If your organization has users living in Finland, your web or mobile application must replace TUPAS with Finnish Trust Network for strong authentication.

In this hands-on workshop you will learn the principles of configuring Finnish Trust Network via OpenID Connect using Ubisecure Identity Platform.

The target audience is developers and architects.

Concept

The environment used for this workshop has two main components:

  1. An Identity Broker.
    Also known as IDP Proxy,  a server operated by a third party that will offer a number of strong authentication methods. There will be two identify brokers:
    a) Telia FTN broker. For more details: https://support.trust.telia.com/tibs/TIBS-Integration-guide.pdf. See the diagram in Page 4, observer the element "Identification broker service"
    b) Ubisecure Identity Broker: https://broker.ubidemo.com/uas
     
  2. An Application.
    Single-page application (SimpleSPA) that emulates a real mobile application.


SimpleSPA

For full details and sample code of the single page application (SimpleSPA) and a simple API (SimpleAPI), visit the article Single Page Application Quickstart.




Step by Step Instructions

 

You will work from your own laptop. In this workshop you will run a single page application (SPA) that will connect to an identity broker ("IDP Proxy" in Finnish Trust Network terminology). There will be two different identity brokers:

  • Telia FTN broker
  • Ubisecure Identity Broker


Part 1: Install Apache HTTP server

For Windows:

  1. Download Apache from https://www.apachelounge.com/download/
  2. First, install installed the latest (14.16.27027.1) C++ Redistributable Visual Studio 2017


  3. Restart your computer as asked by the installer
  4. To complete Apache installation, download https://home.apache.org/~steffenal/VC15/binaries/httpd-2.4.39-win64-VC15.zip to Downloads folder
  5. Unzip the compressed file to the folder \Downloads\Apache24

For Linux:

  1. Install Apache: sudo apt install apache2

For Mac:

1. No installation necessary, pyhton enabled by default

Part 2: Install and start SimpleSPA

Now that you have Apache installed, you can copy the simple page application to your computer

  1. Download the package SimpleSPA from [DOWNLOAD LINK]. In Windows, download it to Downloads\Apache24 folder.
  2. Unzip the compressed file.


For Windows:

  1. Edit the following line on Downloads\Apache24\SimpleSPA\run-apache.cmd so it matches the location of \Apache24 folder

    Downloads\Apache24\SimpleSPA\run-apache.cmd
    ServerRoot=%USERPROFILE%\Downloads\Apache24
  2. Open the command prompt

  3. Run cd %USERPROFILE%\Downloads\Apache24\SimpleSPA

  4. Then execute run-apache.cmd to start Apache HTTP server

For Linux:

  1. Edit the file run-apache.sh if needed
  2. Execute ./run-apache.sh to start Apache HTTP server

For Mac:

In the same directory as the spa.html file, execute:

python -m SimpleHTTPServer 5000


Now the SPA is configured. Open http://localhost:5000/spa.html in a browser


Part 3: Connect with Telia FTN


  1. There are two single page applications on your environment. For Telia FTN, open http://localhost:5000/spa.html in a browser.



  2. Click Login button and you will be redirected to Telia FTN authentication page:



  3. Click on OP button and log in with test account, which credentials will appear pre-filled.
  4. Once the authentication is successful, you will be redirected to the SPA and you will see the ID token as seen below.



  5. Analyze the attributes you see on the text box.
  6. Click Login button again, and try with Nordea.
  7. Once you logged in, analyze the attributes you see on the text box.


Part 4: Connect with Ubisecure Identity Broker

  1. Now let's connect to the other single page application on your environment. For Ubisecure Identity Broker, open http://localhost:5000/spa2.html in a browser.



  2. Click login button and you will be redirected to Ubisecure Identity Broker's authentication page:



  3. Log in with user/password as John Smith:

    run-apache.cmd
    user: john
    password: FTNFTN
  4. Once the authentication is successful, you will be redirected to the SPA and you will see the ID token as seen below.



  5. Analyze the attributes you see on the text box.
  6. Click Login button again, and try with Telia FTN.
  7. Once you logged in, analyze the attributes you see on the text box.





Package:

SimpleSPA.zip


  • No labels