trustdevice

The verification service uses the device fingerprint to detect whether it is a risky device. This document describes how to integrate the device fingerprint plug-in and verification plug-in.

# Add plug-in on the Alipay Open Platform

  • Login to Alipay Open Platform https://open.alipay.com/develop/manage, select the mini program that needs to integrate the plug-in
  • Enter the mini program management page, click on the left Development-Plugin Service menu
  • Click Order other plug-ins to enter the plug-in market
  • Search for 设备指纹插件 , select the plug-in and click Order. In the same way, search for 小盾智能验证, select the plugin, and then complete the order

# Mini program code integration

# 1. Declare plug-ins in app.json

{
   "plugins": {
      "tdfp-plugin": {
          "version": "*",
          "provider": "2021003160688029"
       },
      "tdcaptcha-plugin": {
          "version": "*",
          "provider": "2021003157639024"
      }
   }
}

# 2. Get the blackbox

Import plug-ins in the page that requires the device fingerprint, such as pages/index/index.js:

const plugin = requirePlugin('tdfp-plugin')

Then get the blackbox in the onLoad method, the blackbox only needs to get once:

// Example
onLoad: function() {
    var that = this
    // partnerCode-Partner identifier, assigned by the TD, appName-Application identifier, assigned by TD
    var fmagent = new plugin.FMAgent({partnerCode:"", appName:"", env: "PRODUCTION"})
  
    fmagent.getInfo({
      page: that,
      mode:'plugin',
      // If unionid is empty or undefined, do not encrypt it, pass an empty string
      // If you have unionid, please pass it with the encrypted form,
      // Please pass the encrypted unionid(ensure that the encrypted unionid is one-to-one corresponding to the original unionid).
      unionid: '', 
      success: function (res) {
        // Get the blackbox success callback, res is the blackbox string
        // You can save it to the page data, and pass to the verification API
        that.setData({blackbox: res});
      }
    })
}

fmagent.getInfo API parameter description

parameters type Required Description Example
mode String Yes integrated mode 'plugin'
page Object Yes current page object or a component object that
unionid String No the encrypted user unionid; you can choose any encryption algorithm, please ensure that the encrypted one-to-one correspondence relationship, we recommend using MD5 or SHA256; if the value is null, please send an empty String ef54040ea***58fe66157
timeout Number No API timeout (2500ms by default) 6000
getcliallowed Boolean No if don't collect the clipboard data (some mobile phones will give a reminder with "get the data of your clipboard").false by default. true
success function yes The callback function, the parameter of the function is the blackbox. function(res){// res is the blackbox}

# 3. Add reference components

Add the tdcaptcha component to the .json file that requires the captcha challenge

{
  "usingComponents": {
    "tdcaptcha": "plugin://tdcaptcha-plugin/tdcaptcha"
  }
}

# 4. Add tdcaptcha dom element

Add the tdcaptcha component node to the .axml file that requires the captcha challenge

<tdcaptcha id="td-captcha" ref="handleRef" />

# 5. Trigger the captcha

Trigger the captcha to verify in the .js file of the page that requires the captcha challenge

// Bind the plugin instance
handleRef(ref) {
   this.td = ref;
},
// Example
triggerCaptcha: function() {
    // Invoke the API and trigger the captcha to pop up
    this.td.captcha.triggerCaptcha({
      partnerCode: '', // Partner identifier, assigned by TD
      appName: '', // Application identifier, assigned by TD
      env: 1, // 1-production, 0-test environment
      blackbox: this.data.blackbox || "", // the blackbox obtained from the fingerprint
      onSuccess: this.onSuccess, 
      onFail: this.onFail, 
      onClose: this.onClose, 
  
    });
},

onSuccess: function(validateToken) {
  // The verification is successful
  // Pass the validateToken to the server for secondary verification
},

onFail: function(msg) {
  // todo
},

# The Captcha API Parameter Description

Parameter Type Description Required
partnerCode String partner identifier, assigned by TD Yes
appName String application identifier, assigned by TD Yes
env Number 1: production environment; 0: test environment No
blackbox String the blackbox obtained from the fingerprint No
maskClose Number 1: the captcha dialog can be closed by clicking the mask layer; 0: can not No
onSuccess Function Callback function after verifying success, the callback parameter isvalidateToken which you need to pass to the backend service to recheck. Yes
onFail Function Callback function after verifying failed. The captcha will refresh after verifying failure, and the callback parameter will return 'opFail', which generally does not need further processing. For other errors, such as too many attempts to, request timeout, we suggest giving a toast to the user. No
onClose Function Callback function after the captcha closed No
mfaId String If you have connected to the MFA product (the parameter can be ignored if the MFA is not connected), please set the mfa_id which is obtained from the MFA process to the configuration parameter No
: 2023/06/07 16:19:48

ByteDance