MyQ Connector
SmartFace provides face biometry for various purposes including the access control. This module allows you to use face biometry to unlock your printer using MyQ without a need for any PIN, Access Card or physical Access Token. Communication between the SmartFace and the MyQ is done over the network.
How does it work
The SmartFace provides face biometry by processing RTSP and Edge Streams from cameras. Such a camera can be mapped to a printer. On Each camera there are several processes that can be used, depending on your needs and configuration. This includes the features, such as Face Detection, Person Identification, Face Mask Detection, Liveness (Spoof) Check and Age and Gender Extraction.
The module connects to the SmartFace AccessController gRPC stream, process GRANTED
notifications and creates a set of requests that Unlock a MyQ Printer.
Development
The source code is available on our Github - MyQ Connector. To run application locally, follow these steps
- clone the
https://github.com/innovatrics/smartface-integrations/
Github repository using the git commands (git clone https://github.com/innovatrics/smartface-integrations/
) or download the code uzing the “Download Zip” button - open terminal
- navigate to
/src/MyQConnector
within the git directory - run
dotnet run
Deployment
The existing code can be deployed several environments. Please see below steps for deploying into Microsoft Windows, Docker environment (amd64) and Docker environment (arm64).
Download the repository, either by cloning https://github.com/innovatrics/smartface-integrations/
Github repository using the git commands (git clone https://github.com/innovatrics/smartface-integrations/
) or download the code uzing the “Download Zip” button.
Please note that below are samples how to deploy your own version of code provided. You can use already deployed and ready to use code for the Linux Docker environment. Information about how to use it is available here.
To deploy and use the MYQ integration you need an existing and up and running SmartFace installation. For more information about how to set up the SmartFace, please read the Get Started section.
Deploy to Windows
To deploy the application, follow these steps
- open terminal
- navigate to
/src/MyQConnector
- run
dotnet publish -c Release -r win10-x64 --self-contained true -p:ReadyToRun=false -p:PublishSingleFile=true -p:PublishTrimmed=false -p:IncludeNativeLibrariesForSelfExtract=true -p:IncludeAllContentForSelfExtract=true
Deploy to Docker (amd64)
- navigate to the root of this repo
- run the following commands
docker build -f src/MyQConnector/Dockerfile -t registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:0.1 .
docker tag registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:0.1 registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:latest
docker push registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:0.1
docker push registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:latest
Deploy to Docker (arm64)
- navigate to the root of this repo
- run the following commands
docker build -f src/MyQConnector/arm.Dockerfile -t registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:0.1-arm .
docker tag registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:0.1-arm registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:latest-arm
docker push registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:0.1-arm
docker push registry.gitlab.com/innovatrics/smartface/integrations-myqconnector:latest-arm
Configuration
To run the deployed application configure the SmartFace Platform, the MyQ Server and do a configuration akin to your chosen environment:
SmartFace Platform
Watchlistmember data
The integration uses a label key Email
. To allow a Watchlistmember to use the MyQ Connector the user needs to have such label added. For more information about how to enable labels and how to manage labels for Watchlistmembers, please read the guide.
Camera ID
To map a camera to a printer you need to know the camera’s id. The integration supports both RTSP and Edge Cameras. We can find the value using REST API.
For the RTSP cameras use the endpoint GET /api/v1/Cameras and for the Edge cameras use the endpoint GET /api/v1/EdgeStreams.
Sample output of such endpoint would be similar as the snippet below. Please keep in mind, this is just a part of the outcome you will receive:
[
{
"spoofDetectorResourceIds": [
"none"
],
"id": "e4e6791c-92b2-4ab2-8086-20bdb8f5302f",
"name": "Test Camera",
"source": "rtsp://user:password@192.168.1.200:554/onvif/H.264/media.smp",
"enabled": true,
"faceDetectorConfig": {
"minFaceSize": 35,
"maxFaceSize": 600,
"maxFaces": 20,
"confidenceThreshold": 450
},
...
Please note the value of the id
. You will use it as <smartface-camera-id>
within this guide.
MyQ Server
Install your MyQ Server. Setup the users and user synchronization as per the MyQ Documentation. For a valid integration we need to setup a REST API app in the MyQ settings and we need to use the LDAP username sAMAccountName
for the User properties Card
and Personal number
.
Create a REST API App
Log into your MyQ installation as an administrator. Go into Settings > REST API Apps.
There you need to Add a new app. Choose a title, such as SmartFace Integration and add scopes: users
and printers
. The <clientID>
and <clientSecret>
will generated and available to you. Please note these values for your connector configuration.
Set up user properties
Log into your MyQ installation as an administrator. Go into Settings > User Synchronization. Edit your User Synchronization (LDAP). Go into the Users tab.
In the right panel open CN=Users. Select a random user. Drag’n’Drop sAMAccountName
onto the Card
and Personal number
properties in the left Users tab. Also drag the the mail
property of the user and drop it onto the Email
in the left panel. Click Save.
Connector On Windows
Run the deployed Windows application. To adjust the configuration please edit and configure the appsettings.json
file. Re-run the application to apply changes.
Setup the Access Controller
You can adjust the IP address <smartface-ip-address>
and the port used by the SmartFace server’s Access Controller module that is being used as a provider of the GRANTED/DENY decisions.
"AccessController": {
"Schema": "http",
"Host": "<smartface-ip-address>",
"Port": 5050
},
Setup MyQ Connector
Use the <clientID>
and <clientSecret>
values set in the MyQ Server. Set <myq-server-hostname-or-ip>
for the MyQ Server. Do not use port number or http
or https
within the <myq-server-hostname-or-ip>
. For <smartface-rest-api-url-and-port>
set the URL and port for the SmartFace Platform installation, such as http://localhost:8098
. If you do not use SSL on the MyQ Server set <true-false>
to true.
"MyQConfiguration":
{
"clientId":"<clientID>",
"clientSecret":"<clientSecret>",
"scope":"users printers",
"loginInfoType":1,
"MyQHostname":"<myq-server-hostname-or-ip>",
"MyQPort":8090,
"SmartFaceURL":"<smartface-rest-api-url-and-port>",
"BypassSslValidation":<true-false>
},
Define mappings between cameras and printers
Add new mapping for each camera - printer pair. Value for <printer-serial-number>
can be found in the MyQ Server. Click Settings > Printers. The Serial number is readable in the printers list or within the printer details under Information > Serial number.
"MyQMapping": [
{
"StreamId":"<smartface-camera-id>",
"PrinterSn":"<printer-serial-number>"
}
]
Connector On Docker
Update docker-compose.yml file
Add the following pattern to an existing docker compose:
...
MyQConnector:
image: ${REGISTRY}integrations-myqconnector:<version>
container_name: SFMyQConnector
restart: unless-stopped
env_file: .env.aepu
networks:
default:
external:
name: sf-network
The <version>
represents the current version number of the docker image. If you are not interested in a specific version, you can use latest
or latest-arm
depending on your deployment architecture.
Create new environmental file
Create/add the file .env.myq
into the same directory as where the docker-compose.yml
file is located. Inside the file, switch the provided <values> for your values and credentials.
Content of the .env.myq
# Connection to access controller
AccessController__Schema=http
AccessController__Host=<smartface-ip-address>
AccessController__Port=5050
# General configuration
MyQConfiguration__clientId=<clientID>
MyQConfiguration__clientSecret=<clientSecret>
MyQConfiguration__scope=users printers
MyQConfiguration__loginInfoType=1
MyQConfiguration__MyQHostname=<myq-server-hostname-or-ip>
MyQConfiguration__MyQPort=8090
MyQConfiguration__SmartFaceURL=<smartface-rest-api-url-and-port>
MyQConfiguration__BypassSslValidation=<true-false>
# Camera to printer mapping
MyQMapping__0__StreamId=<smartface-camera-id>
MyQMapping__0__PrinterSn=<printer-serial-number>
Connection to access controller
You can adjust the IP address <values>
and the port used by the SmartFace server’s Access Controller module that is being used as a provider of the GRANTED/DENY decisions.
General configuration
To get the <clientID>
and <clientSecret>
values you need to log into your MyQ installation as an administrator. Go into Settings > REST API Apps. There you need to Add a new app. Choose a title, such as SmartFace Integration and add scopes: users
and printers
. The <clientID>
and <clientSecret>
will generated and available to you.
Set <myq-server-hostname-or-ip>
for the MyQ Server. Do not use port number or http
or https
within the <myq-server-hostname-or-ip>
. For <smartface-rest-api-url-and-port>
set the URL and port for the SmartFace Platform installation, such as http://localhost:8098
. If you do not use SSL on the MyQ Server set <true-false>
to true.
Camera to printer mapping
Add new mapping for each camera - printer pair. Value for <printer-serial-number>
can be found in the MyQ Server. Click Settings > Printers. The Serial number is readable in the printers list or within the printer details under Information > Serial number.
Apply changes to docker
To apply changes above, use the command:
docker-compose up -d