-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add offline adr #28
Open
dhemutton
wants to merge
3
commits into
master
Choose a base branch
from
feat/add-offline-verification
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
3 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,92 @@ | ||
| # Offline Verifier | ||
|
|
||
| ## Problem | ||
|
|
||
| Currently, after a document has been issued in the Document Creator, the user has to download the file before clicking the Verify Documents tab and uploading the document for verification which may be cumbersome. Created documents can be easily accessed through their `links.self.href` attribute only because the Document creator uses this function to upload the document to a server: | ||
|
|
||
| ```js | ||
| export const uploadToStorage = async ( | ||
| doc: WrappedDocument, | ||
| documentStorage: DocumentStorage | ||
| ): Promise<AxiosResponse> => { | ||
| const qrCodeObj = decodeQrCode(doc.rawDocument.links.self.href); | ||
| const uri = qrCodeObj.payload.uri; | ||
|
|
||
| return axios({ | ||
| method: "post", | ||
| url: uri, | ||
| headers: getHeaders(documentStorage), | ||
| data: { | ||
| document: doc.wrappedDocument, | ||
| }, | ||
| }); | ||
| }; | ||
| ``` | ||
| However, as the user may not have consented to an upload, this poses a problem in our current workflow. The current implementation of easy verification of a document can be found in the [gallery](https://gallery.openattestation.com/). | ||
|
|
||
| ## Goal | ||
|
|
||
| To explore the option of opening a document without uploading it to a server. This will save the step of downloading, opening another window and uploading the document. Possible usecases include: Allowing a user to view a .tt document with .tt files as attachments easily in another tab. | ||
|
|
||
| ## Proposed Solution | ||
|
|
||
| We can use the postMessage method to conduct parent and child communication. To detect the message sent, an eventListener can be added in the DropZone. For example: | ||
|
|
||
| ```js | ||
| window.addEventListener( | ||
| "message", | ||
| (event) => { | ||
| if (event.data.document) { | ||
| updateCertificate(event.data.document); | ||
| } | ||
| }, | ||
| false | ||
| ); | ||
|
|
||
| ``` | ||
|
|
||
| In order for the parent to communicate with its child window, a reference can be saved to the return value of `window.open()`. We will | ||
| also pass in the index of the file as the name of the child window to ensure that the correct inner .tt document is sent to the child window. For example: | ||
|
|
||
| ```js | ||
| const childWin = window.open(url, index); | ||
| ``` | ||
|
|
||
| Once the reference is made, we will establish a 2-way handshake to ensure that messages can be sent from parent to child and child to parent. This is to | ||
| ensure that the parent will send over the document only when the child window is ready to receive it. | ||
|
|
||
| When the child window is ready, it will send a READY message to the parent through: | ||
|
|
||
| ```js | ||
| window.opener.postMessage({ type: "READY" }); | ||
| ``` | ||
|
|
||
| When the parent receives the READY message, he will send out a LOAD_DOCUMENT message to its child which references the inner .tt document in | ||
| the attachments attribute of the parent .tt file: | ||
|
|
||
| ```js | ||
| if (event.data.type == "LOAD_DOCUMENT") { | ||
| childWin.postMessage({ type: "LOAD_DOCUMENT",payload: MY_JSON_FILE.data.attachments[childWin.name].data }); | ||
| } | ||
| ``` | ||
|
|
||
| When the child receives the LOAD_DOCUMENT message, he will retrieve the document and process it to before uploading it to the dropzone for it to be verified: | ||
|
|
||
| ```js | ||
| if (event.data.type == "LOAD_DOCUMENT") { | ||
| const doc = window.atob(event.data.payload.split(":")[2]); | ||
| updateCertificate(JSON.parse(doc)); | ||
| } | ||
| ``` | ||
|
|
||
| ## Alternative Solution | ||
|
|
||
| Other methods we considered were: | ||
|
|
||
| 1. LocalStorage method | ||
|
|
||
| We could store the document data on the user's local storage and upon clicking the Verify Document tab, load the data into the verifier before clearing it. However, this method is not recommended as there is no data protection, creating a security risk. There is also a ~5MB data limit which may be too low to store document data. Objects cannot be stored as well and must be stringified. | ||
|
|
||
| 2. Broadcast Channel API | ||
|
|
||
| We could create a channel to allow a child window to subscribe to, enabling it to receive messages from its parent. More information about the implementation can be found [here](https://dev.to/dcodeyt/send-data-between-tabs-with-javascript-2oa). This method is better than listening to changes on the local storage as it is more secure and full objects can be posted. However, as of November 2020, this method is not supported by Safari, IE and Edge. | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why does push the doc to storage is needed for ? (I'm sorry I cant figure the corect way for this question, can help my englosh ? XD)
For preview ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ohh this is for the QRcode verification of a document! The document creator automatically does this for us so that when we click a link we can easily access the document and send it to the verifier.