Handle Auth Error condition for the other user selfie (aws-samples#38)

* Auth error handling for different user selfie provided

* Update StateMachine for Auth Error payload check

* Update CF template

---------

Co-authored-by: Vineet <[email protected]>

Riv-Prod.template.json

@@ -6531,7 +6531,7 @@
                                     "Arn"
                                 ]
                             },
-                            "\",\"Payload.$\":\"$\",\"InvocationType\":\"RequestResponse\"}},\"Check-SearchResults\":{\"Type\":\"Choice\",\"Choices\":[{\"Variable\":\"$.compare.Payload.TopMatch.IsCallerUser\",\"BooleanEquals\":false,\"Next\":\"InvalidCredentials\"}],\"Default\":\"Auth-Complete\"},\"Auth-Complete\":{\"Type\":\"Pass\",\"Parameters\":{\"UserId.$\":\"$.inputRequest.UserId\",\"Status\":\"Verified\"},\"End\":true},\"InvalidCredentials\":{\"Type\":\"Fail\",\"Error\":\"UserAccessDenied\",\"Cause\":\"The wrong person is in the photo.\"}},\"TimeoutSeconds\":30}"
+                            "\",\"Payload.$\":\"$\",\"InvocationType\":\"RequestResponse\"}},\"Check-SearchResults\":{\"Type\":\"Choice\",\"Choices\":[{\"Variable\":\"$.compare.Payload.IsMatch\",\"BooleanEquals\":false,\"Next\":\"InvalidCredentials\"}],\"Default\":\"Auth-Complete\"},\"Auth-Complete\":{\"Type\":\"Pass\",\"Parameters\":{\"UserId.$\":\"$.inputRequest.UserId\",\"Status\":\"Verified\"},\"End\":true},\"InvalidCredentials\":{\"Type\":\"Fail\",\"Error\":\"UserAccessDenied\",\"Cause\":\"The wrong person is in the photo.\"}},\"TimeoutSeconds\":30}"
                         ]
                     ]
                 },

infra/userportal/states/auth.py

@@ -71,7 +71,7 @@ def __init__(self, scope: Construct, id: builtins.str, riv_stack: IVpcRivStack,
     '''
     is_calleruser = sf.Choice(self,'Check-SearchResults')
     is_calleruser.when(
-      condition= sf.Condition.boolean_equals('$.compare.Payload.TopMatch.IsCallerUser',False),
+      condition= sf.Condition.boolean_equals('$.compare.Payload.IsMatch',False),
       next= sf.Fail(self,'InvalidCredentials',
         error='UserAccessDenied',
         cause='The wrong person is in the photo.'))

src/frontend/src/Error.js

@@ -1,9 +1,10 @@
 const ErrorMessage = {
- 'UserAlreadyExists' : 'The user already exists. Delete the user first to try out this feature.',
- 'FaceNotMatchWithIDCard':'The image from the camera and ID card don’t match. Please use your valid ID documents.',
-'GenericError': 'An error occurred while submitting the form. Please try again later.',
-'ValueError': 'The user does not exist. Please register the user first.',
-'LiveNessResultThreshold':'The Face Liveness confidence score is less than the user-selected confidence threshold. Please reattempt the face liveness check again.'
+    'UserAlreadyExists': 'The user already exists. Delete the user first to try out this feature.',
+    'FaceNotMatchWithIDCard': 'The image from the camera and ID card don’t match. Please use your valid ID documents.',
+    'GenericError': 'An error occurred while submitting the form. Please try again later.',
+    'ValueError': 'The user does not exist. Please register the user first.',
+    'LiveNessResultThreshold': 'The Face Liveness confidence score is less than the user-selected confidence threshold. Please reattempt the face liveness check again.',
+    'UserAccessDenied': 'Access Denied. The wrong person is in the photo.'
 }
 
 export default ErrorMessage;

src/frontend/src/Pages/SignIn.js

@@ -47,15 +47,15 @@ const SignIn = () => {
 
     const getReferenceImage = (image) => {
         setHasFormError('')
-        if (!errorCheck() && image !== null  && image.ReferenceImage) {
+        if (!errorCheck() && image !== null && image.ReferenceImage) {
             setreferenceImage(image.ReferenceImage)
             setLivenessImageData(image)
             setJsonResponse(image)
             if (image.Confidence >= image.userSelectedConfidence) {
                 setFormSubmit(false)
             }
 
-        }else if(image.error){
+        } else if (image.error) {
             setHasFormError(ErrorMessage['GenericError'])
         }
     }
@@ -76,8 +76,8 @@ const SignIn = () => {
         if (!errorCheck()) {
             setHasFormError('')
             const requestData = {
-                body: { "UserId": id }, 
-                headers: { "Content-Type": "application/json" }, 
+                body: { "UserId": id },
+                headers: { "Content-Type": "application/json" },
             };
             API.post("identityverification", "check-userid", requestData).then(response => {
                 let responseData = response;
@@ -118,14 +118,18 @@ const SignIn = () => {
         API.post("identityverification", "auth", requestData).then(response => {
             let responseData = response;
             setJsonResponse(responseData)
+            console.log(responseData)
             if (responseData.status === "SUCCEEDED") {
                 let responseSuccessData = JSON.parse(responseData.output)
                 console.log(responseSuccessData)
                 localStorage.removeItem("userSelectedConfidence")
-                setregisterSuccess({ "label": responseSuccessData.UserId ,"responseData":responseData })
-                
+                setregisterSuccess({ "label": responseSuccessData.UserId, "responseData": responseData })
+
             } else if (responseData.error === 'ValueError') {
                 setHasFormError(ErrorMessage['ValueError'])
+            }
+            else if (responseData.error === 'UserAccessDenied') {
+                setHasFormError(ErrorMessage['UserAccessDenied'])
             } else {
                 setHasFormError(ErrorMessage['GenericError'])
             }
@@ -250,20 +254,20 @@ const SignIn = () => {
                 </Navigate >}
 
             </Form>
-        {jsonResponse &&
-        <>
-        <Heading
-                    level={5}
-                    color="black"
-                    marginTop={tokens.space.large}
-                    marginBottom={tokens.space.large}
-                >
-                    Response:
-                </Heading>
-            <JSONTree data={jsonResponse} 
-            valueRenderer={(raw) => raw.length > 200  ? (<span style={{whiteSpace: 'nowrap',display:'inline-block',maxWidth: '100%',overflow:'hidden',textOverflow: 'ellipsis',verticalAlign:'middle'}} >{raw}</span>) : raw } />
-            </>
-        }
+            {jsonResponse &&
+                <>
+                    <Heading
+                        level={5}
+                        color="black"
+                        marginTop={tokens.space.large}
+                        marginBottom={tokens.space.large}
+                    >
+                        Response:
+                    </Heading>
+                    <JSONTree data={jsonResponse}
+                        valueRenderer={(raw) => raw.length > 200 ? (<span style={{ whiteSpace: 'nowrap', display: 'inline-block', maxWidth: '100%', overflow: 'hidden', textOverflow: 'ellipsis', verticalAlign: 'middle' }} >{raw}</span>) : raw} />
+                </>
+            }
         </>
     );
 }