Summary:
Decrypting URL Parameters (PII) from the Launch Link and using those decrypted values to pre-populate a form within that experience.
This has been explicitly asked for by Nestle, but I can imagine would certainly be utilized by other Clients.
Scoping ticket:
https://jebbit.atlassian.net/browse/CORE-15741
Details:
The Client passes the encrypted query parameters in a URL string. Example:
(FirstName=aZlBrEBus3qlBc/PUZ2jcg==&LastName=4K9n4fnWnMh4/JEeSYWklQ==&email=dYl1fvdxtQyg2XABgCVXs1As4g7Fz0qxXOa/18Sb3Q8=)*
*The Client will not always choose to use this option
We use their specific encryption key to decrypt the values.
We have already built the ability to do so in terms of sending these decrypted values after the user takes the experience:
INTEG-3859: Nestle File Decryption Testing (AES w/ Initialization Vector and Salt)DONE
Where the engineering effort comes in is that they want these decrypted values to be available for pre-populating a form in that same experience, to mimic a logged in state the best they can.
I tried to solve for this use-case through Custom JS alone, but the JS exposes the decryption method and could be manipulated by an outside source.
As a result, we would need a means of decrypting the values from our back-end, and having those values available on the front-end simultaneously.
In terms of scalability, we would want to have the encryption key populated as a Custom Field from the Jebbit UI.
It is a similar concept to how we build in-experience SSO (using back-end code to manipulate the front-end), but I don’t think it should be as involved.
For security reasons this was decided against.