The PeopleCode language is not known for natively supporting cutting edge technical functionalities. However, it is common for the PeopleSoft Developer to be thrown a technically advanced requirement from time to time. When this sort of occasion arises, I like to extend PeopleCode with Java. The possibilities are practically endless when extending PeopleCode with Java. The problem though, is that the PeopleSoft app server may not be equipped with the proper Java packages to execute the required Java functions. While we have the ability to deploy additional Java classes to the PeopleSoft app server, this practice is not always acceptable. A clever alternative is to use the built-in JavaScript interpreter in Java and write JavaScript to overcome the technical hurdle. In this post, I will demonstrate how I am able to use Java’s ScriptEngineManager class to execute JavaScript to generate QR codes in PeopleSoft.
QR codes are a great way to transport information into a mobile device that would otherwise be tedious to input manually. QR codes have been widely adopted in the marketing space, but there are many other great use cases for QR codes. One use case for QR codes is for transporting secret keys into mobile authenticator applications such as Google Authenticator or Authy. Once the key information has been communicated, the mobile application can begin generating Time-Based One-Time Passwords (TOTPs) for the user.
For demonstration purposes, I created a simple IScript that is capable of returning a QR code for the logged in user. The data inside of the QR code is a 16 character, base32 encoded string. This string is used as the secret key for a mobile authenticator application to generate TOTPs for the user.
CLICK HERE to download the app designer project. Unzip the project from the downloaded file and import the project from file in App Designer. To access the QR code generating IScript, you will need to assign the PSM_QR Permission List to a Role of the users that you want to generate QR codes for.
After performing the security setup, you can login as the privileged user and invoke the IScript. You can point your browser to the following URL to generate a QR code for the user:
<domain>/psc/ps/<portal>/<node>/s/WEBLIB_PSM_QR.ISCRIPT1.FieldFormula.IScript_GenQR
This QR code can be scanned into a mobile authenticator application and it should immediately start generating TOTPs.
QR code generation is a neat functionality, but what I really want to highlight on is how simple the application PeopleCode is behind the IScript. I start off by generating the URL that I want to create the QR code based off of.
/* Generate random 16 character Base32 string */
Local array of string &sBase32Chars = CreateArray("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "2", "3", "4", "5", "6", "7");
Local integer &i;
Local string &sKey;
For &i = 1 To 16
&sKey = &sKey | &sBase32Chars [Int(Rand() * 32) + 1];
End-For;
/* Supply the (arbitrary) domain name for the account to be associated with */
Local string &sHost = "peoplesoftmods.com";
/* Generate the URL to be scanned into the authentication app */
Local string &sQRUrl = "otpauth://totp/" | %UserId | "@" | &sHost | "?secret=" | &sKey;Next, I feed the generated URL into some JavaScript code that is capable of generating QR codes in SVG format. This JavaScript code gets executed by Java’s built-in JavaScript interpreter. After the interpreter executes the script, I am able to reference the SVG image output “qrSvg” variable using the built-in get method.
/* Get the QR Code SVG JS library and the JS command to generate a QR Code from a given value */
Local string &sJSprogram = GetHTMLText(HTML.PSM_QRCODE_SVG) | GetHTMLText(HTML.PSM_QR_CODE, &sQRUrl);
/* Use the Java ScriptEngineManager to run the JavaScript program to create the QR Code */
Local JavaObject &manager = CreateJavaObject("javax.script.ScriptEngineManager");
Local JavaObject &engine = &manager.getEngineByName("JavaScript");
&engine.eval(&sJSprogram);
/* Get the outputted SVG image from the JavaScript variable */
Local string &sSVGImage = &engine.get("qrSvg").toString();Last, I output the SVG QR code and additional details to the screen using the write method of the %Response class.
/* Output the SVG image and the account details */
%Response.Write("<br><b>Scan the QR code or enter the secret key into your authentication app</b><br>");
%Response.Write(&sSVGImage);
%Response.Write("<br>Account Name: " | %UserId | "@" | &sHost);
%Response.Write("<br>Secret Key: " | &sKey);
No comments:
Post a Comment