Oracle Banking Digital Experience Mobile Application Builder

Transcription

Mobile Application Builder-Android GuideOracle Banking Digital ExperienceRelease 20.1.0.0.0Part No. F30659-01May 2020

Mobile Application Builder-Android GuideMay 2020Oracle Financial Services Software LimitedOracle ParkOff Western Express HighwayGoregaon (East)Mumbai, Maharashtra 400 063IndiaWorldwide Inquiries:Phone: 91 22 6718 3000Fax: 91 22 6718 3001www.oracle.com/financialservices/Copyright 2006, 2020, Oracle and/or its affiliates. All rights reserved.Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respectiveowners.U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programsinstalled on the hardware, and/or documentation, delivered to U.S. Government end users are “commercial computersoftware” pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such,use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integratedsoftware, any programs installed on the hardware, and/or documentation, shall be subject to license terms and licenserestrictions applicable to the programs. No other rights are granted to the U.S. Government.This software or hardware is developed for general use in a variety of information management applications. It is notdeveloped or intended for use in any inherently dangerous applications, including applications that may create a risk ofpersonal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take allappropriate failsafe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliatesdisclaim any liability for any damages caused by use of this software or hardware in dangerous applications.This software and related documentation are provided under a license agreement containing restrictions on use anddisclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement orallowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform,publish or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of thissoftware, unless required by law for interoperability, is prohibited.The information contained herein is subject to change without notice and is not warranted to be error-free. If you find anyerrors, please report them to us in writing.This software or hardware and documentation may provide access to or information on content, products and services fromthird parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kindwith respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible forany loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.

Table of Contents1.2.3.Preface . 1–11.1Intended Audience . 1–11.2Documentation Accessibility . 1–11.3Access to Oracle Support . 1–11.4Structure . 1–11.5Related Information Sources . 1–1OBDX Servicing Application . 2–12.1Prerequisites . 2–12.2Create project using Remote UI . 2–32.3Local UI . 2–42.4Importing in Android Studio . 2–5FCM Setup Configurations . 3–13.1Safety Net . 3–13.2For Push Notifications. 3–44.Build Release Artifacts . 4–15.OBDX Authenticator Application . 5–15.1Authenticator UI . 5–15.2Authenticator Application Workspace Setup . 5–26.Application Security Configuration . 6–17.Live Experience Integration . 7–18.Adding Custom Cordova Plugin . 8–19.ODA Chatbot Inclusion. 9–4

Preface1. Preface1.1Intended AudienceThis document is intended for the following audience:1.2 Customers PartnersDocumentation AccessibilityFor information about Oracle's commitment to accessibility, visit the Oracle Accessibility Programwebsite at http://www.oracle.com/pls/topic/lookup?ctx acc&id docacc .1.3Access to Oracle SupportOracle customers have access to electronic support through My Oracle Support. For ookup?ctx acc&id info or visithttp://www.oracle.com/pls/topic/lookup?ctx acc&id trs if you are hearing impaired.1.4StructureThis manual is organized into the following categories:Preface gives information on the intended audience. It also describes the overall structure of theUser Manual.The subsequent chapters describes following details:1.5 Introduction Preferences & Database Configuration / Installation.Related Information SourcesFor more information on Oracle Banking Digital Experience Release 20.1.0.0.0, refer to thefollowing documents: Oracle Banking Digital Experience Installation Manuals1–1

OBDX Servicing Application2. OBDX Servicing Application2.1PrerequisitesOBDX Android App is supported on Q (Android 10) and P (Android 9) releases of Android only.However all features work on Android 6, 7 and 8 as well.App will not work for Android 5 and below versionsa. Download and Install node Js (will be downloaded to default path)b. Install node js from https://nodejs.orgc.DOWNLOAD AND INSTALL ANDROID STUDIOd. Download and install Android Studio le. Download and Install Android platformsf.Update Android SDK to latest API Level.g. Cordova Version: 6.xh. Gradle Version: gradle-4.6i.Android Gradle Plugin Version (3.4.0): 'com.android.tools.build:gradle:3.4.0' or abovej.Set Environment variablesk.Set following system variables:1.Click on Windows key and type Environment Variables.2.A dialog box will appear. Click on the Environment Variables button as shown below2–1

OBDX Servicing Application3.l.NODEJS nodejs path Example: “C:\Program Files\nodejs\”.Add the above variables in “PATH” system variable.2–2

OBDX Servicing ApplicationIn 20.1, you can create app in two ways-using local UI or using remote UI (if want to create usingremote go to 2.2 else directly to 2.3)2.2Create project using Remote UIa. Index.html changes(use Android Studio or any other editor)2–3

OBDX Servicing Application1. In var server url ,put the same KEY SERVER URL to be used in app.properties.xml2. In workspace create a copy of index.html in the same folder and rename it to home.html.In index.html/home.html in workspace update jet url “https://static.oracle.com/cdn”3. On the server side where UI is deployed in framework/js/configurations/config.js set Jet“baseUrl” as https://static.oracle.com/cdn/jetAfter this proceed to 2.4 Importing in Android Studio directly.2.3Local UI2.3.1 Adding UI to workspaceUse any 1 option below of a/ba. Building un-built UI (required in case of customizations)(UI is same for internet and mobile, same build process of internet to be followed)b. Using built UI (out of box shipped with installer)Available at -OBDX Installer/installables/ui/deploy (Main release, OBDX installer),OBDX Patch Installer/installables/ui/deploy (Patchsets) Create a copy of index.html in the same folder and rename it to home.html. Copy ws,lzn,home.html,partials,resource, index.html,build.fingerprint) to in/assets/www/)Note: When copying to www, index.html already present in the workspace should be replaced)Ensure webhelp folder is not copied.Download oraclejet-8.2.source zip file1. Unzip & copy js & css folders to workspace as belowa. assets\www\framework\js\libs\oraclejet\8.2.0\jsb. assets\www\framework\js\libs\oraclejet\8.2.0\css2. In config.js update values as highlighted belowa. ejet"3. In index.html update require.js patha. require.js2–4

OBDX Servicing Application2.4Importing in Android StudioOpen Android Studio1. Import zigbank/platforms/android in android studio by clicking on Open an Existing Project.2. For Adding Facebook (Required for social payments only)a. Open facebookconnect.xmlb. Replace FB APP ID with your fb app id generated from facebook developer consolec.Replace FB APP NAME with the App name2–5

OBDX Servicing ApplicationAs shown belowHome2–6

FCM Setup Configurations3. FCM Setup Configurations3.1Safety Neta. Go to URL https://console.developers.google.com/b. Create a new Project and set name of you projectc.Choose ‘API’s & Services’ option from side bar.d. In API’s & Services Dashboard Choose ‘Enable APIS AND SERVICES’.e. This will redirect to ‘Library’ where we need to search ‘Android Device Verification API’.3–1

FCM Setup Configurationsf. Choose ‘Create Credentials’ inside in Android Device Verification APIg. Select ‘API Key’ link from there. It will generate API key for your application.h. Choose ‘RESTRICT KEY’ option.i. Click on ADD AN ITEM.j. Add package name and SHA1 fingerprint of your app.k. In API Restriction Choose Restrict Key and Select Android Device Verification & click save3–2

FCM Setup Configurationsl. copy this API key in Android fest.xml)under safety net attest api tag.m. If the application usage is high, the quota request form needs to be submitted. Search & fillform “SafetyNet Attestation API -- Quota Request”. Select below options in the formEnter the package id,Quota request - Estimated total queries per day * The approximate load, SafetyNetis called once each time the app in openedQuota request - Estimated peak queries per second Leave blank3–3

FCM Setup Configurations3.2For Push Notificationsa.Go to URL https://firebase.google.com/b. Traverse to console and create a projectc. Download google-services.json from below page and save to(zigbank\platforms\android\app) directory.d. Remember to keep the projects package name and firebase package name same.3–4

FCM Setup Configurationse. Traverse to cloud messaging tab and note the server key. Add the key to OBDX table asshown belowf. If proxy address is to be used, provide the same in database as mentioned in point 3.Sr.No.TablePROP IDCATEGORYIDPROP VALUEPurpose1DIGX FW CONFIG ALLBFCMDispatchDetails Server Key Provides key forFCM noted earlier2DIGX FW CONFIG ALLBFCMKeyStoreDispatchDetailsDATABASE orCONNECTORSpecifies whetherto pick server keyfrom database orfromconnector.Default DB (Nochange)3DIGX FW CONFIG ALLBProxyDispatchDetails protocol,proxyaddress Providesproxyaddress, if any, tobe provided whileconnectingtoAPNSserver.Delete row if proxynotrequired.Example:HTTP,148.50.60.83–5

FCM Setup ConfigurationsIf CONNECTOR is selected in Step 2 update password as belowHome3–6

Build Release Artifacts4. Build Release Artifacts1. Clean and Rebuild your project in Android Studio.2. In Android Studio, on the menu bar Click on Build - Edit Build Types - select release3. Set Minify Enabled - True & click on Proguard File selection - Navigate to proguardrules.pro (zigbank\platforms\android\app)4–1

Build Release Artifacts4. Click on OK - again click on OK.5. Adding URLs to app.properties.xml (customizations/src/main/res/values/)a. NONOAM (DB Authenticator setup)SERVER TYPENONOAMKEY SERVER URLEg. https://mumaa012.in.oracle.com:18443WEB URLEg. https://mumaa012.in.oracle.com:18443SERVER CERTIFICATE KEYRefer point 6.7b. OAM Setup (Refer to installer pre requisite documents for OAuth configurations)SERVER TYPEOAMKEY SERVER URLEg. https://mumaa012.in.oracle.com:18443(This URL must be of OHS without webgate)WEB URLEg. https://mumaa012.in.oracle.com:18443KEY OAUTH PROVIDER /tokenAPP CLIENT ID Base64 of clientid:secret of Mobile App clientAPP DOMAINOBDXMobileAppDomainWATCH CLIENT ID Base64 of clientid:secret of wearablesWATCH DOMAINOBDXWearDomainSNAPSHOT CLIENT ID Base64 of clientid:secret of snapshotSNAPSHOT DOMAINOBDXSnapshotDomainLOGIN SCOPEOBDXMobileAppResServer.OBDXLoginScopeSERVER CERTIFICATE KEYRefer point 6.74–2

Build Release Artifactsc.IDCS SetupSERVER TYPEIDCSKEY SERVER URLEg. https://mumaa012.in.oracle.com:18443(This URL must be of OHS without webgate)WEB URLEg. https://mumaa012.in.oracle.com:18443KEY OAUTH PROVIDER m/oauth2/v1/tokenAPP CLIENT ID Base64 of clientid:secret of Mobile App clientWATCH CLIENT ID Base64 of clientid:secret of wearablesSNAPSHOT CLIENT ID Base64 of clientid:secret of snapshotLOGIN SCOPEobdxLoginScopeOFFLINE SCOPEurn:opc:idm: myscopes offline accessSERVER CERTIFICATE KEYRefer point 6.76. Adding chatbot support to mobile application (Optional)CHATBOT IDThe tenant IDCHATBOT URLThe URL for the ChatApp application in ODA7. If using http protocol for development add (android:usesCleartextTraffic "true") to applicationtag of AndroidManifest.xml (on app & obdxwear target)4–3

Build Release Artifacts8. For Generating Signed Apk: To Generate release-signed apk as follows:On menu bar click on Build - Generate Signed Apk4–4

Build Release Artifacts9. If you have an existing keystore.jks file then select choose Existing else click on Create New4–5

Build Release Artifacts10. Select Build Type as Release, Signature Version as V1(JAR Signature) and V2(Full APKSignature) and Change APK Destination folder if you want and click on Finish4–6

Build Release Artifacts11. This will generate APK by the given name and destination folder. Default APK Destinationfolder is zigbank\platforms\android\app\release12. Run the App and select Device or Simulator.13. Repeat same steps (From step 8 and obdxwear as module) for OBDX Wear App forRelease Signing. Use proguard-rules.pro fromworkspace installer\zigbank\platforms\android\obdxwear using explorer. The selectobdxwear as the module and follow same signing steps with same keystore.14. The application has a config page at launch to enter the URL of the server (for developmentonly). To remove this page, update the config.xml as shown belowThe application has config page to add URL. This is for development purpose only and can beremoved using below step. (Update content src tag)4–7

Build Release ArtifactsHome4–8

OBDX Authenticator Application5. OBDX Authenticator Application5.1Authenticator UIPlease refer Mobile Application Builder Guide-iOS Guide (4.1) for Authenticator UI buildsteps. UI is same for Android & iOS5–1

OBDX Authenticator Application5.2Authenticator Application Workspace Setup1. Copy UI (Directories – components, css, framework, images, pages, resources)from /distdirectory to workspace/installer/app/src/main/assets/www/In case any popup appears, click replace2. Launch Android Studio and open existing project5–2

OBDX Authenticator Application3. Open OBDX Installer/workspace installer folder in Android Studio.4. Open gradle.properties file and update following properties with relevant proxy address ifrequired5–3

OBDX Authenticator ApplicationsystemProp.http.proxyHost proxy address systemProp.https.proxyPort port number systemProp.https.proxyHost proxy address systemProp.http.proxyPort port number 5. Open “assets\app.properties” file and update following properties as per requirementconnection timeout timeout in milliseconds ssl pinning enabled YES or NO shared server url server url shared oam url oam url otp type HOTP or TOTP 5–4

OBDX Authenticator ApplicationNote: If selected authentication mechanism is not OAM based then remove “shared oam url”property.6. Click Build Clean & Build Rebuild project in Android Studio.7. Click on Build Edit Build Type app releaseEnable minify trueAdd progurard file from workspace installer/proguard-rules.proClick OK8. If using http protocol for development add (android:usesCleartextTraffic "true") to applicationtag of AndroidManifest.xml9. For Generating Signed Apk: To Generate release-signed apk as follows:5–5

OBDX Authenticator Application10. On menu bar click on Build - Generate Signed Apk5–6

OBDX Authenticator ApplicationClick Finish to generate .apkThe application has config page to add URL. This is for development purpose only and can beremoved using below step. (Update content src tag)Home5–7

Application Security Configuration6. Application Security ConfigurationRoot Check Ensure Step 3.1 is completed1. To ensure the application installed in the phone is genuine and not tampered with, we have tomaintain two entries in database –a. Base64 encoded SHA-256 digest of the certificate used to sign the application.b. The package name of the application.2.To calculate certificate digest, please use below command :Note: For Windows, please use cygwin with openssl, xxd & grep packagekeytool -exportcert -alias aliasname -keystore keystore path -storepass keystorepassword openssl sha256 -binary openssl base643.Use the above command to calculate the signing certificate hash. Replace the aliasname with your keystore alias name, keystore path with your actual signing keystore path, keystore password with your keystore password.Example : C:\Users\Sam\Desktop\YOURAPKEYSTORE.jksor /Downloads/YOURAPKEYSTORE.jksPlease add single quote manually for aliasname, keystore path and keystore password.Example : ‘your aliasname’, ‘your keystore path’ and ‘your keystore pass’4.Calculate the certificate hash for both the Servicing app and authenticator app, and committhem in DIGX FW CONFIG ALL B corresponding to the following keys respectively:ANDROID SERVICING CHECKSUM and ANDROID AUTHENTICATOR CHECKSUM5.Similarly, we also have to maintain package names of Servicing and Authenticator app inthe same table, i.e. DIGX FW CONFIG ALL B corresponding to the following keysrespectively:ANDROID SERVICING PACKAGE and ANDROID AUTHENTICATOR PACKAGEAn example query will be:insert into digx fw config all b (PROP ID, CATEGORY ID, PROP VALUE,FACTORY SHIPPED FLAG, PROP COMMENTS, SUMMARY TEXT, CREATED BY,CREATION DATE, LAST UPDATED BY, LAST UPDATED DATE, OBJECT STATUS,OBJECT VERSION NUMBER) values ('ANDROID SERVICING PACKAGE','mobileconfig', 'com.ofss.zigbank', 'N', '', 'Stores device id in OUD', 'ofssuser', sysdate,'ofssuser', sysdate, 'Y', 1,);SSL Pinning6.Get the list of Base 64 encoded SHA256 hashed certificates' public keys of server’s validcertificates. Use below command to generate this hash for your certificate. Replace' certificate.der ' with the path to your certificate.openssl x509 -inform der -in certificate.der -pubkey -noout openssl pkey -pubin outform der openssl dgst -sha256 -binary openssl enc -base647.Add the hashed keys generated in point 6 n\res\values\app.properties.xml filein ‘certificate public keys’ array. Append this key to ‘sha256/’ in an item tag as shown6–1

Application Security Configurationbelow. Multiple certificate keys can be added to ‘certificate public keys’ array by addingthem in item tags.6–2

Application Security ConfigurationEg.: string-array name "certificate public keys" item sha256/5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w /item /string-array Eg. for multiple certificates (In case OAM/IDCS is used): string-array name "certificate public keys" item sha256/5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w /item item w /item /string-array Home6–3

Live Experience Integration7. Live Experience Integration1. Download live experience android sdk from below download -live-experience-downloads.html2. Add libs folder at zigbank\platforms\android\app and copy below jars from downloaded sdkfolder in SNAPSHOT.jarii.peerconnection iv.oracle.live.api-release.aar3. Add Live Experience Client ID and Cloud Address in below two properties customizations\src\main\res\values) string name "LX CLIENT ID" @@CLIENT ID /string string name "LX ADDRESS" @@ADDRESS /string 4. Un-comment the Live Experience SDK’s from zigbank\platforms\android\app\build.gradle.7–1

Live Experience Integration5. Un-comment the gradle maven files for Live Experience from zigbank\platforms\android\build.gradle6. Add LiveExperienceActivtiy.java folder from AppExtensions\ekyc\java\com\ofss\live ofss\digx\mobile\android7–2

Live Experience Integration7. Un-comment LiveExperienceActivity and NetverifyActivity Manifest.xmlHome7–3

Adding Custom Cordova Plugin8. Adding Custom Cordova PluginStep 1 Create java folder and add yout package under app(zigbank\platforms\android\app)Create java file under your package which will extends CordovaPluginOverride execute method with JsonArray as a parameterRetrive jsonobject from JsonArray and get the data which passed from js fileExample:public class GetDirectionMapPlugin extends CordovaPlugin {@Overridepublic boolean execute(String action, JSONArray args, CallbackContext callbackContext)throws JSONException {try{JSONObject object args.getJSONObject(0);String yourKey object.getString("your key");}catch (Exception e){Log.e(TAG,e.getMessage());}return true;}}Step 2 –Create plugin file under plugins folder fine("cordova-plugin-getdirection", function(require, exports, module) {var exec cordova.require('cordova/exec');exports.navigate function(args, successCallback, errorCallback) {cordova.exec(successCallback, errorCallback, "GetDirectionMapPlugin", "direction",8–1

Adding Custom Cordova DirectionPlugin - user defined id fromcordova ace\app\src\main\assets\www\cordova plugin.js)GetDirectionMapPlugin- name of java plugin classdirection - actionnavigate - this can be use in js file to this functionStep 3 –Make entry of plugin incordova www) as below - Example:{"id": "cordova-plugin-getdirection.getDirectionPlugin", - user defined id"file": ection.js", - path of plugin jsfile"pluginId": "cordova-plugin-getdirection","clobbers": ["window.getDirection" - this can be used in js file to call plugin]}Step 4 Make entry of java plugin class xml) file of app as below Example:8–2

Adding Custom Cordova Plugin feature name "GetDirectionMapPlugin" param name "android-package" value "Your Plugin Java Class Path" / /feature GetDirectionMapPlugin - Name of java plugin classStep 5 Plugin calling in js file - : origin,destinationLatLng: location})window.getDirection - clobber define in the cordova plugin.js filenavigate - name of the function defined in plugin js fileHome8–3

ODA Chatbot Inclusion9. ODA Chatbot InclusionTo enable ODA Chatbot services in the mobile app, the following changes needs to be made:1. Copy ODAPlugin.java from workspace installer/AppExtension/oda toworkspace ava/com/ofss/digx/mobile/android/plugins/2. Download ODA Android sdk from below wnloads.html3. Add libs folder at zigbank\platforms\android\app and copy below files fromdownloaded sdk folder in it.a. com.oracle.bots.client.sdk.android.core-xx.aarb. �4

ODA Chatbot Inclusion4. In Android Studio follow below stepsFile - Project Structure - Dependencies5. Click on " " icon and select JR/AAR Dependency and select app module and clickOk.9–5

ODA Chatbot Inclusion6. Add both .aar file paths from step3. Then click Apply and Ok.7. Add Chatbot ID and Chatbot URL tomizations\src\main\res\values) string name "CHATBOT ID" @@CHATBOT ID /string string name "CHATBOT URL" @@CHATBOT URL /string 9–6

OBDX Android App is supported on Q (Android 10) and P (Android 9) releases of Android only. However all features work on Android 6, 7 and 8 as well. App will not work for Android 5 and below versions a. Download and Install node Js (will be downloaded to default path) b. Install node js from https://nodejs.org c. DOWNLOAD AND INSTALL ANDROID .