kych

OAuth 2.0 API for Swiyu to enable Taler integration of Swiyu for KYC (experimental)
Log | Files | Refs
commit 1e1b7469f38554b2e5c871071bc25df2bbedb0bb
parent 93f90f6d4994f4a976b170ecda88d511c3276724
Author: Henrique Chan Carvalho Machado <henriqueccmachado@tecnico.ulisboa.pt>
Date:   Tue, 21 Oct 2025 14:46:12 +0200

sequence diagram: browser can be dangling, changed QR code to Verification URL

Diffstat:

Mdocumentation/swiyu_taler_sequence_diagram.txt | 11++++++-----


1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/documentation/swiyu_taler_sequence_diagram.txt b/documentation/swiyu_taler_sequence_diagram.txt
@@ -17,18 +17,21 @@ Browser->Exchange: Select verification method (Swiyu)
 note over Exchange,Oauth2Gateway: Exchange initiates KYC verification process
 Exchange->Oauth2Gateway: POST /setup/$CLIENT_ID;
 Oauth2Gateway->Exchange: $NONCE
-Exchange->Browser: open /authorize endpoint
+Exchange->Browser: Send /authorize endpoint
 Browser->Oauth2Gateway: GET /authorize/$NONCE...
 Oauth2Gateway->SwiyuVerifier: POST /management/api/verifications
 SwiyuVerifier->Oauth2Gateway: $VERIFICATION_URL, $REQUEST_ID
-Oauth2Gateway->Browser: Open $VERIFICATION_URL QR code
-Browser->SwiyuWallet: Open QR code
+Oauth2Gateway->Browser: Send $VERIFICATION_URL
+Browser->SwiyuWallet: Open $VERIFICATION_URL
+Browser->Oauth2Gateway: Poll Verification Status
+SwiyuWallet->SwiyuWallet: Grant Permission
 SwiyuWallet->SwiyuVerifier: GET /oid4vp/api/request-object/{request_id}
 SwiyuVerifier->SwiyuWallet: OID4VP Request Object (DCQL query)
 SwiyuWallet->SwiyuVerifier: POST /oid4vp/api/request-object/{request_id}/response-data (VP Token)
 
 note over Oauth2Gateway,Exchange: Oauth2Gateway notifies Exchange asynchronously via webhook
 SwiyuVerifier->Oauth2Gateway: Webhook (verification complete) [POST /notification/{request_id}/
+Oauth2Gateway->Browser: Notify success 
 Oauth2Gateway->Exchange: POST /oauth2gw/kyc/notify/$CLIENT_ID
 
 note over Exchange,Oauth2Gateway: Exchange retrieves the final proof (Verifiable Credential)
@@ -39,8 +42,6 @@ Oauth2Gateway->SwiyuVerifier: GET /management/api/verifications/{verificationId}
 SwiyuVerifier->Oauth2Gateway: Send proof (Verifiable Credential)
 Oauth2Gateway->Exchange: Send proof (in response body)
 
-Exchange->Browser: Notify success (KYC page)
 Exchange->TalerWallet: Notify success
 TalerWallet->Exchange: Retry original operation
 
-