[MS-1087] Add external CoSync biometric models

[BurningAXE]

JIRA ticket
Will be released in: version

Root cause analysis (for bugfixes only)

First known affected version: version

• Describe how the issue was found and what causes it
• Include images to better illustrate the issue

Notable changes

• Describe the main changes in the PR with the reasons why they are required
• Include images to better illustrate the changes

Testing guidance

• Describe how the reviewers can verify that issue is fixed

Additional work checklist

• Effect on other features and security has been considered
• Design document marked as "In development" (if applicable)
• External (Gitbook) and internal (Confluence) Documentation is up to date (or ticket created)
• Test cases in Testiny are up to date (or ticket created)
• Other teams notified about the changes (if applicable)

[Copilot]

Pull request overview

This PR introduces a versioned external schema (V1) for CoSync biometric models, decoupling the external API contract from internal domain models. This enables stable data exchange with CommCare while allowing internal models to evolve independently.

Key Changes:

• Created V1 external schema models with dedicated serialization/deserialization logic for backward and forward compatibility
• Implemented conversion functions between internal domain models and V1 external schemas
• Added comprehensive test coverage for serialization roundtrips and backward compatibility scenarios

Reviewed changes

Copilot reviewed 22 out of 22 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
TokenizableStringV1.kt	V1 external schema for tokenizable strings with custom serialization
TokenizableStringV1Serialization.kt	Custom Jackson serializers/deserializers supporting backward compatibility with plain strings
SampleIdentifierV1.kt	V1 external schema for fingerprint sample identifiers
TemplateV1.kt	V1 schemas for face and fingerprint biometric templates
BiometricReferenceV1.kt	V1 polymorphic schema for face and fingerprint references
ExternalCredentialV1.kt	V1 schema for external credentials (e.g., ID cards)
ExternalCredentialTypeV1.kt	V1 enum for external credential types
CoSyncEnrolmentRecordEventsV1.kt	Top-level V1 wrapper with schema version field
CoSyncEnrolmentRecordEventV1.kt	V1 polymorphic base for enrolment record events
CoSyncEnrolmentRecordCreationEventV1.kt	V1 schema for enrolment record creation events
CoSyncEnrolmentRecordCreationEventV1Deserializer.kt	Custom deserializer handling legacy plain string format
EnrolmentRecordEvents.kt	New internal domain wrapper for enrolment record events
SerializationRoundtripTest.kt	Tests for JSON serialization/deserialization roundtrips and backward compatibility
CoSyncEnrolmentRecordEventsV1Test.kt	Tests for V1 wrapper conversion logic
CoSyncEnrolmentRecordCreationEventV1Test.kt	Tests for creation event conversion and null handling
CoSyncEnrolmentRecordCreationEventV1DeserializerTest.kt	Tests for custom deserializer with various JSON formats
BiometricReferenceV1Test.kt	Tests for biometric reference conversion preserving metadata and identifiers
CommCareEventDataSource.kt	Updated to use V1 schemas with conversion to domain models
CommCareIdentityDataSource.kt	Updated to use V1 schemas with conversion to domain models
GetEnrolmentCreationEventForSubjectUseCase.kt	Updated to serialize using V1 external schema
CoSyncEnrolmentRecordEvents.kt (deleted)	Removed old unversioned external schema
CoSyncEnrolmentRecordCreationEventDeserializer.kt (deleted)	Replaced with V1-specific deserializer

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.

[Copilot]

The documentation states "Any json object without the explicit className specification will be resolved as [TokenizableStringV1.Raw]" but the code on line 75 actually defaults to Raw for any className that is not "TokenizableString.Tokenized". Consider clarifying the documentation to specify that unknown className values (not just missing className) also default to Raw.

[Copilot]

The comment on line 8 says "V1 external schema for external credentials (e.g., MFID)." However, looking at the ExternalCredentialTypeV1 enum, the actual types are NHISCard, GhanaIdCard, and QRCode. Consider updating this example to use one of these actual types instead of "MFID" for clarity.

Suggested change

	* V1 external schema for external credentials (e.g., MFID).
	* V1 external schema for external credentials (e.g., GhanaIdCard).

[Copilot]

The equals() method (lines 45-49) compares TokenizableStringV1 instances only by their value field, ignoring whether they are Raw or Tokenized. This means TokenizableStringV1.Raw("test") equals TokenizableStringV1.Tokenized("test"), which may not be the intended behavior. Consider whether the type distinction should be part of the equality check to avoid potential bugs when comparing tokenized vs raw values.

Suggested change

	return other is TokenizableStringV1 && other.value == value
	}
	override fun hashCode(): Int = value.hashCode()
	if (other == null || this::class != other::class) return false
	return (other as TokenizableStringV1).value == value
	}
	override fun hashCode(): Int = 31 * this::class.hashCode() + value.hashCode()

[Copilot]

The toDomain() function casts value.toDomain() to TokenizableString.Tokenized. However, this cast could fail at runtime if the V1 value is not actually of type TokenizableStringV1.Tokenized. Since the ExternalCredentialV1.value field is already typed as TokenizableStringV1.Tokenized, this cast should be safe, but it's redundant. Consider removing the explicit cast since the type is already guaranteed by the field definition.

Suggested change

	value = value.toDomain() as com.simprints.core.domain.tokenization.TokenizableString.Tokenized,
	value = value.toDomain(),

[Copilot]

The deserializer catches all exceptions with catch (_: Exception) when trying to parse TokenizableStringV1. While this provides backward compatibility, it silently swallows all exceptions including unexpected ones (like OutOfMemoryError or other serious issues). Consider catching more specific exceptions (e.g., JsonProcessingException or JsonMappingException) to avoid masking unexpected errors.

[Copilot]

The deserializer catches all exceptions with catch (_: Exception) when trying to parse TokenizableStringV1. While this provides backward compatibility, it silently swallows all exceptions including unexpected ones. Consider catching more specific exceptions (e.g., JsonProcessingException or JsonMappingException) to avoid masking unexpected errors.

[sonarqubecloud]

Quality Gate failed

Failed conditions
B Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

[meladRaouf]

@BurningAXE I don't yet understand why we are exporting the TokenizableString class info to the calling apps

[BurningAXE]

Because properties in the model are using it? :D If we strip it we'll have to guess about the tokenization state of those fields. Which is already the case with some historical data but does not need to continue.
Do you see any issues with it?

[meladRaouf]

I just see that tokenization handling adds a lot of it complexity