{"id":25944966,"url":"https://github.com/path-check/who-verifier-app","last_synced_at":"2025-03-04T08:20:21.173Z","repository":{"id":46757216,"uuid":"429944299","full_name":"Path-Check/who-verifier-app","owner":"Path-Check","description":null,"archived":false,"fork":false,"pushed_at":"2023-10-13T16:28:49.000Z","size":11203,"stargazers_count":5,"open_issues_count":0,"forks_count":3,"subscribers_count":7,"default_branch":"main","last_synced_at":"2024-04-25T03:47:55.902Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Path-Check.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-11-19T21:55:37.000Z","updated_at":"2024-01-12T18:24:26.000Z","dependencies_parsed_at":"2023-01-29T04:01:33.411Z","dependency_job_id":null,"html_url":"https://github.com/Path-Check/who-verifier-app","commit_stats":null,"previous_names":[],"tags_count":22,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Path-Check%2Fwho-verifier-app","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Path-Check%2Fwho-verifier-app/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Path-Check%2Fwho-verifier-app/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Path-Check%2Fwho-verifier-app/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Path-Check","download_url":"https://codeload.github.com/Path-Check/who-verifier-app/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241810052,"owners_count":20023888,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-03-04T08:20:20.222Z","updated_at":"2025-03-04T08:20:21.157Z","avatar_url":"https://github.com/Path-Check.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# World Health Organization's DDCC Verifier App\n\n\u003cimg align=\"right\" src=\"./docs/screenshots/3.Results.png\" data-canonical-src=\"./docs/screenshots/3.Results.png\" width=\"350px\"/\u003e\n\nCOVID-19 Credential Verifier app for Android using the WHO's Digital Documentation of COVID-19 Certificates. The app scans a QR code for a credential/pass, cryptographically verifies it and displays the results on the phone. No information is transmitted anywhere. Our goal is to make a Verifier App with the widest possible verification capabilities.\n\n# Current Features\n\n1. Decodes QR Codes\n2. Cryptographically Verifies the information following the specifications of\n   1. W3C VC\n   2. Smart Health Cards \n   3. EU DCC, WHO DCC and LAC PASS DCC \n   4. ICAO Visible Digital Seals\n3. Verifies the issuer's trust using a [DID-Based](https://www.w3.org/TR/did-core/) Trust List from the [DDCC repo](https://github.com/WorldHealthOrganization/ddcc-trust)\n4. Transform the QR Payload using the DDCC [FHIR Structure Maps](https://worldhealthorganization.github.io/ddcc/)\n5. Calculates the assessment of the health information using CQL Libraries from subscribed IGs\n6. Displays the medical information, the credential information, the issuer information and the assessment results in the screen.\n\n# Development Overview\n\n## Setup\n\nMake sure to have the following pre-requisites installed:\n1. Java 11\n2. Android Studio Artic Fox+\n3. Android 7.0+ Phone or Emulation setup\n\nFork and clone this repository and import into Android Studio\n```bash\ngit clone https://github.com/WorldHealthOrganization/ddcc-validator.git\n```\n\nUse one of the Android Studio builds to install and run the app in your device or a simulator.\n\n## Building\nBuild the app:\n```bash\n./gradlew assembleDebug\n```\n\n## Testing\n```bash\n./gradlew test\n./gradlew connectedAndroidTest\n```\n\n## Installing on device\n```bash\n./gradlew installDebug\n```\n\n## KeyCloak instructions\n\nFollow server setup [here](https://www.keycloak.org/getting-started/getting-started-zip): \n1. Download Keycloak\n2. Start Keycloak\n3. Create an admin user\n4. Login to the admin console\n5. Create a realm\n6. Create a user (which we will connect from the app)\n8. Create a client with: \n  - Client Id: verifier-app \n  - Client Protocol: openid-connect\n  - Redirect URIs: org.who.ddccverifier:/redirect\n\nStart keycloak with the local network's IP a phone can reach:\n```bash\nbin/standalone.sh -b \u003cYOUR LOCAL IP\u003e\n```\n\nAndroid will connect with your local IP. Just make sure the phone is in the same WIFI as the dev's computer\n\n## Screen + Class flow overview\n\n```\n┌──────────────────────────────────────────────────┐      ┌────────────────┐   ┌────────────┐\n│                  MainActivity                    │      │ TrustRegistry  │   │ IgRegistry │\n└──────────────────────────────────────────────────┘      └─────────────╥──┘   └─────╥──────┘\n┌──────────────┐ ┌──────────────┐ ┌────────────────┐                    ║            ║\n│ HomeFragment ├→┤ ScanFragment ├→┤ ResultFragment │←─DDCC UI Card──────╫─────────┐  ║\n└──────────────┘ └─────┬──▲─────┘ └────────┬───────┘                    ║         │  ║\n                  Image│  │QRContent       │QRContent                   ║         │  ║\n                 ┌─────▼──┴─────┐     ┌────▼───────┐                    ║         │  ║\n                 │   QRFinder   │     │ QRDecoder  │         IssuerData ║         │  ║\n                 └──────────────┘     └────┬───────┘         PublicKeys ║         │  ║\n                                           │QRContent                   ║         │  ║\n            ┌─────────────────┬────────────┴─────┬───────────────────┐  ║         │  ║\n ╔══════════╪═════════════════╪══════════════════╪═══════════════════╪══╩══════╗  │  ║\n ║ ┌────────▼───────┐  ┌──────▼──────┐   ┌───────▼───────┐   ┌───────▼───────┐ ║  │  ║\n ║ │  HCertVerifier │  │ ShcVerifier │   │ DivocVerifier │   │ IcaoVerifier  │ ║  │  ║\n ║ └────┬───────────┘  └──────┬──────┘   └───────┬───────┘   └───────┬───────┘ ║  │  ║\n ╚══════╪═════════════════════╪══════════════════╪═══════════════════╪═════════╝  │  ║\n        │HCERT CBOR           │JWT JSON          │JSONLD W3C VC      │iJSON       │  ║\n   ┌────▼───────────┐  ┌──────▼──────┐    ┌──────▼──────┐     ┌──────▼──────┐     │  ║\n   │   CBORParser   │  │ JSON Parser │    │ JSON Parser │     │ JSON Parser │     │  ║\n   └──┬──────────┬──┘  └──────┬──────┘    └──────┬──────┘     └──────┬──────┘     │  ║\n      │WhoModel  │DccModel    │ShcModel          │DivocModel         │IcaoModel   │  ║\n╔═════╪══════════╪════════════╪══════════════════╪═══════════════════╪═════════╗  │  ║ StructureMaps\n║ ┌───▼───────┐┌─▼─────────┐┌─▼─────────┐  ┌─────▼───────┐ ┌─────────▼───────┐ ║  │  ║ \n║ │ WHOMapper ││ DCCMapper ││ JWTMapper │  │ DivocMapper │ │   IJsonMapper   │ ║══│══╝\n║ └───┬───────┘└──┬────────┘└─┬─────────┘  └─────┬───────┘ └─────────┬───────┘ ║  │  ║\n╚═════╪═══════════╪═══════════╪══════════════════╪═══════════════════╪═════════╝  │  ║\n      └───────────┴───────────┴────────────┬─────┴───────────────────┘            │  ║\n                                           │FHIR Bundle                           │  ║\n                                 ┌─────────▼───────────┐                          │  ║\n                                 │ Android Fhir Engine │                          │  ║\n                                 │  (Save to Database) │                          │  ║\n                                 └─────────┬───────────┘                          │  ║\n                                           │Patient ID                            │  ║\n                 ┌─────────────────────┬───┴────────────────────┐                 │  ║\n   ╔═════════════╪═════════════════════╪════════════════════════╪══════════════╗  │  ║                 \n   ║   ┌─────────▼──────────┐┌─────────▼──────────┐   ┌─────────▼──────────┐   ║  │  ║  \n   ║   │    Compile IG #1   ││    Compile IG #2   │...│    Compile IG #n   │   ║  │  ║ CQL Libraries \n   ║   │ (Assessment Rules) ││ (Assessment Rules) │   │ (Assessment Rules) │   ║══│══╝\n   ║   └─────────┬──────────┘└─────────┬──────────┘   └─────────┬──────────┘   ║  │    \n   ╚═════════════╪═════════════════════╪════════════════════════╪══════════════╝  │                \n                 └─────────────────────┴───┬────────────────────┘                 │                                                                               \n                                           │Patient ID, Rule ID                   │\n                                 ┌─────────▼──────────────┐                       │\n                                 │  Android Fhir Workflow │                       │\n                                 │ (Evaluate DDCC Status) │                       │  \n                                 └─────────┬──────────────┘                       │\n                                           │DDCC Composite, DDCC Status           │\n                                    ┌──────▼─────────┐                            │\n                                    │ DDCCFormatter  ├→─ DDCC UI Card ────────────┘\n                                    └────────────────┘\n```\n\n## How to Deploy\n\n1. Generate a new signing key \n```\nkeytool -genkey -v -keystore \u003cmy-release-key.keystore\u003e -alias \u003calias_name\u003e -keyalg RSA -keysize 2048 -validity 10000\n```\n2. Create 4 Secret Key variables on your GitHub repository and fill in with the signing key information\n   - `KEY_ALIAS` \u003c- `\u003calias_name\u003e`\n   - `KEY_PASSWORD` \u003c- `\u003cyour password\u003e`\n   - `KEY_STORE_PASSWORD` \u003c- `\u003cyour key store password\u003e`\n   - `SIGNING_KEY` \u003c- the data from `\u003cmy-release-key.keystore\u003e`\n3. Change the `versionCode` and `versionName` on `app/build.gradle`\n4. Commit and push. \n5. Tag the commit with `v{x.x.x}`\n6. Let the [Create Release GitHub Action](https://github.com/WorldHealthOrganization/ddcc-validator/actions/workflows/create-release.yml) build a new `aab` file. \n7. Add your CHANGE LOG to the description of the new release\n8. Download the `aab` file and upload it to the` PlayStore. \n\n# Contributing\n\n[Issues](https://github.com/WorldHealthOrganization/ddcc-validator/issues) and [pull requests](https://github.com/WorldHealthOrganization/ddcc-validator/pulls) are very welcome.\n\n# License\n\nCopyright 2021 PathCheck Inc\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpath-check%2Fwho-verifier-app","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpath-check%2Fwho-verifier-app","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpath-check%2Fwho-verifier-app/lists"}